Home Explore Help
Sign In
cpp
/
ZeroTierOne
mirror of https://github.com/zerotier/ZeroTierOne
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Send ACCESS_DENIED if network not found.

Adam Ierymenko 11 years ago
parent
38433e85bf
commit
5336f2600a
1 changed files with 11 additions and 9 deletions
Unified View Show Diff Stats
  1. 11 9
      netconf-service/index.js

+ 11 - 9
netconf-service/index.js
View File 

@@ -291,16 +291,15 @@ function doNetconfRequest(message)
 
 
 
 		// network lookup
 
 		// network lookup
 
 		DB.hgetall(networkKey,function(err,obj) {
 
 		DB.hgetall(networkKey,function(err,obj) {
 
-			if (!obj.id)
 
-				return next(new Error('invalid network record'));
 
-			network = obj;
 
+			if (obj.id === nwid)
 
+				network = obj;
 
 			return next(null);
 
 			return next(null);
 
 		});
 
 		});
 
 
 
 	},function(next) {
 
 	},function(next) {
 
 
 
 		// member lookup
 
 		// member lookup
 
-		if ((!network)||(!('id' in network))||(network['id'] !== nwid))
 
+		if (!network)
 
 			return next(null);
 
 			return next(null);
 
 
 
 		DB.hgetall(memberKey,function(err,obj) {
 
 		DB.hgetall(memberKey,function(err,obj) {
 
@@ -351,7 +350,7 @@ function doNetconfRequest(message)
 
 	},function(next) {
 
 	},function(next) {
 
 
 
 		// Figure out which IP address auto-assignments we need to look up or make
 
 		// Figure out which IP address auto-assignments we need to look up or make
 
-		if (!authorized)
 
+		if ((!network)||(!authorized))
 
 			return next(null);
 
 			return next(null);
 
 
 
 		v4NeedAssign = (network['v4AssignMode'] === 'zt');
 
 		v4NeedAssign = (network['v4AssignMode'] === 'zt');
 
@@ -376,7 +375,7 @@ function doNetconfRequest(message)
 
 	},function(next) {
 
 	},function(next) {
 
 
 
 		// assign IPv4 if needed
 
 		// assign IPv4 if needed
 
-		if ((!authorized)||(!v4NeedAssign)||(v4Assignments.length > 0))
 
+		if ((!network)||(!authorized)||(!v4NeedAssign)||(v4Assignments.length > 0))
 
 			return next(null);
 
 			return next(null);
 
 
 
 		var peerAddress = peerId.address();
 
 		var peerAddress = peerId.address();
 
@@ -461,7 +460,7 @@ function doNetconfRequest(message)
 
 	},function(next) {
 
 	},function(next) {
 
 
 
 		// assign IPv6 if needed -- TODO
 
 		// assign IPv6 if needed -- TODO
 
-		if ((!authorized)||(!v6NeedAssign)||(v6Assignments.length > 0))
 
+		if ((!network)||(!authorized)||(!v6NeedAssign)||(v6Assignments.length > 0))
 
 			return next(null);
 
 			return next(null);
 
 
 
 		return next(null);
 
 		return next(null);
 
@@ -469,6 +468,9 @@ function doNetconfRequest(message)
 
 	},function(next) {
 
 	},function(next) {
 
 
 
 		// Get active bridges
 
 		// Get active bridges
 
+		if ((!network)||(!authorized))
 
+			return next(null);
 
+
 
 		DB.keys('zt1:network:'+nwid+':member:*:~',function(err,keys) {
 
 		DB.keys('zt1:network:'+nwid+':member:*:~',function(err,keys) {
 
 			if (keys) {
 
 			if (keys) {
 
 				async.eachSeries(keys,function(key,nextKey) {
 
 				async.eachSeries(keys,function(key,nextKey) {
 
@@ -501,7 +503,7 @@ function doNetconfRequest(message)
 
 		response.data['type'] = 'netconf-response';
 
 		response.data['type'] = 'netconf-response';
 
 		response.data['requestId'] = requestId;
 
 		response.data['requestId'] = requestId;
 
 
 
-		if (authorized) {
 
+		if ((network)&&(authorized)) {
 
 			var certificateOfMembership = null;
 
 			var certificateOfMembership = null;
 
 			var privateNetwork = ztDbTrue(network['private']);
 
 			var privateNetwork = ztDbTrue(network['private']);
 
 
 
@@ -556,7 +558,7 @@ function doNetconfRequest(message)
 
 
 
 		} else {
 
 		} else {
 
 
 
-			// Peer not authorized to join network
 
+			// Peer not authorized to join network or network not found (right now we always send ACCESS_DENIED)
 
 			response.data['error'] = 'ACCESS_DENIED';
 
 			response.data['error'] = 'ACCESS_DENIED';
 
 			process.stdout.write(response.toString()+'\n');
 
 			process.stdout.write(response.toString()+'\n');