Don't try to forward packets to a node we don't have a key for.
authorGuus Sliepen <guus@tinc-vpn.org>
Sun, 27 Jun 2021 14:19:37 +0000 (16:19 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sun, 27 Jun 2021 14:19:37 +0000 (16:19 +0200)
If we got a packet that's meant to be relayed, don't call
sptps_send_data() if we don't have a valid key yet for the desination
node, but do keep trying to get a working connection to that node. Based
on a patch from thorkill.

src/net_packet.c

index 31c66d3..e0370ed 100644 (file)
@@ -545,7 +545,10 @@ bool receive_tcppacket_sptps(connection_t *c, const char *data, size_t len) {
        /* If we're not the final recipient, relay the packet. */
 
        if(to != myself) {
        /* If we're not the final recipient, relay the packet. */
 
        if(to != myself) {
-               send_sptps_data(to, from, 0, data, len);
+               if(to->status.validkey) {
+                       send_sptps_data(to, from, 0, data, len);
+               }
+
                try_tx(to, true);
                return true;
        }
                try_tx(to, true);
                return true;
        }