fix missed validity check

This commit is contained in:
core 2023-03-29 18:53:56 -04:00
parent 69162cea05
commit 099e157fb2
Signed by: core
GPG Key ID: FDBF740DADDCEECF
4 changed files with 8 additions and 3 deletions

2
Cargo.lock generated
View File

@ -622,7 +622,7 @@ dependencies = [
[[package]] [[package]]
name = "dnapi-rs" name = "dnapi-rs"
version = "0.1.5" version = "0.1.6"
dependencies = [ dependencies = [
"base64 0.21.0", "base64 0.21.0",
"base64-serde", "base64-serde",

View File

@ -1,6 +1,6 @@
[package] [package]
name = "dnapi-rs" name = "dnapi-rs"
version = "0.1.5" version = "0.1.6"
edition = "2021" edition = "2021"
description = "A rust client for the Defined Networking API" description = "A rust client for the Defined Networking API"
license = "AGPL-3.0-or-later" license = "AGPL-3.0-or-later"

View File

@ -159,6 +159,11 @@ impl Client {
return Err("nonce mismatch between request and response".into()) return Err("nonce mismatch between request and response".into())
} }
if result.counter <= creds.counter {
error!("counter in request {} should be less than counter in response {}", creds.counter, result.counter);
return Err("received older config than what we already had".into())
}
let trusted_keys = ed25519_public_keys_from_pem(&result.trusted_keys)?; let trusted_keys = ed25519_public_keys_from_pem(&result.trusted_keys)?;
let new_creds = Credentials { let new_creds = Credentials {

View File

@ -24,7 +24,7 @@ base64 = "0.21.0"
chrono = "0.4.24" chrono = "0.4.24"
ipnet = "2.7.1" ipnet = "2.7.1"
base64-serde = "0.7.0" base64-serde = "0.7.0"
dnapi-rs = { version = "0.1.5", path = "../dnapi-rs" } dnapi-rs = { version = "0.1.6", path = "../dnapi-rs" }
[build-dependencies] [build-dependencies]
serde = { version = "1.0.157", features = ["derive"] } serde = { version = "1.0.157", features = ["derive"] }