package/wireguard-go
1
0
Fork 0
mirror of https://git.zx2c4.com/wireguard-go synced 2025-10-16 05:30:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

uapi: skip peers with invalid keys

Browse Source
This commit is contained in:
Jason A. Donenfeld
2019-08-05 16:57:41 +02:00
parent b4010123f7
commit 4e3018a967
2 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
device/peer.go
View File

@@ -68,7 +68,6 @@ type Peer struct {
}
func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
if device.isClosed.Get() {
return nil, errors.New("device closed")
}
@@ -103,20 +102,28 @@ func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
if ok {
return nil, errors.New("adding existing peer")
}
device.peers.keyMap[pk] = peer
// pre-compute DH
handshake := &peer.handshake
handshake.mutex.Lock()
handshake.remoteStatic = pk
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
ssIsZero := isZero(handshake.precomputedStaticStatic[:])
handshake.remoteStatic = pk
handshake.mutex.Unlock()
// reset endpoint
peer.endpoint = nil
// conditionally add
if !ssIsZero {
device.peers.keyMap[pk] = peer
} else {
return nil, nil
}
// start peer
if peer.device.isUp.Get() {