I2P Address: [http://git.idk.i2p]

Skip to content

Router: Disable updating the PeerManager when we recieve a router down a client tunnel

Last cycle we basically decided that routerInfos that came down client tunnels were probably malicious and we denied them storage in both subDbs and the main Db. However, it would seem that it's still possible for a RouterInfo that comes down a client tunnel to update the caps in the PeerManager. I don't think this creates an issue in and of itself but it begs the question that if RI's received in this way are presumed malicious in the one context, why not the other? I think that these RI's should also not be allowed to update caps in the peer manager.

Patch is brand new and being run overnight for testing. I only ripped out the bare minimum so far but it looks like no matter what we should just return here?

Edited by idk

Merge request reports