From: Guus Sliepen Date: Tue, 27 Jul 2021 12:52:27 +0000 (+0200) Subject: Avoid trying to send an ANS_KEY request to unreachable nodes. X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=b8495a806b083bdd63a5ed3ef35e5badb415c7f4;p=tinc Avoid trying to send an ANS_KEY request to unreachable nodes. We could have a REQ_KEY coming from a node that is not reachable; either because DEL_EDGEs have overtaken the REQ_KEY, or perhaps if TunnelServer is used and some nodes have a different view of reachability. --- diff --git a/src/protocol_key.c b/src/protocol_key.c index 6140a532..d4a0b174 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -131,6 +131,12 @@ bool req_key_h(connection_t *c) { /* Check if this key request is for us */ if(to == myself) { /* Yes, send our own key back */ + if(!from->status.reachable) { + logger(LOG_WARNING, "Got %s from %s (%s) origin %s which is not reachable", + "REQ_KEY", c->name, c->hostname, from_name); + return true; + } + if(!send_ans_key(from)) { return false; }