From 099e157fb21f089edc54e0ac47655343136a3aa2 Mon Sep 17 00:00:00 2001 From: core Date: Wed, 29 Mar 2023 18:53:56 -0400 Subject: [PATCH] fix missed validity check --- Cargo.lock | 2 +- dnapi-rs/Cargo.toml | 2 +- dnapi-rs/src/client_blocking.rs | 5 +++++ tfclient/Cargo.toml | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 38e7455..d2384c5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -622,7 +622,7 @@ dependencies = [ [[package]] name = "dnapi-rs" -version = "0.1.5" +version = "0.1.6" dependencies = [ "base64 0.21.0", "base64-serde", diff --git a/dnapi-rs/Cargo.toml b/dnapi-rs/Cargo.toml index 8160729..2991ff6 100644 --- a/dnapi-rs/Cargo.toml +++ b/dnapi-rs/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "dnapi-rs" -version = "0.1.5" +version = "0.1.6" edition = "2021" description = "A rust client for the Defined Networking API" license = "AGPL-3.0-or-later" diff --git a/dnapi-rs/src/client_blocking.rs b/dnapi-rs/src/client_blocking.rs index c0c2cdf..5b372e8 100644 --- a/dnapi-rs/src/client_blocking.rs +++ b/dnapi-rs/src/client_blocking.rs @@ -159,6 +159,11 @@ impl Client { return Err("nonce mismatch between request and response".into()) } + if result.counter <= creds.counter { + error!("counter in request {} should be less than counter in response {}", creds.counter, result.counter); + return Err("received older config than what we already had".into()) + } + let trusted_keys = ed25519_public_keys_from_pem(&result.trusted_keys)?; let new_creds = Credentials { diff --git a/tfclient/Cargo.toml b/tfclient/Cargo.toml index f8d138f..7dce9aa 100644 --- a/tfclient/Cargo.toml +++ b/tfclient/Cargo.toml @@ -24,7 +24,7 @@ base64 = "0.21.0" chrono = "0.4.24" ipnet = "2.7.1" base64-serde = "0.7.0" -dnapi-rs = { version = "0.1.5", path = "../dnapi-rs" } +dnapi-rs = { version = "0.1.6", path = "../dnapi-rs" } [build-dependencies] serde = { version = "1.0.157", features = ["derive"] }