From 74594d5348c22276611cf7f70f560d70534ab44e Mon Sep 17 00:00:00 2001 From: Elliot Lee Date: Tue, 28 Feb 2023 14:12:28 -0800 Subject: [PATCH] Disable duplicate detector: (#4438) Partially revert the functionality introduced with #4195 / 5a15229 (part of 1.10.0-b1). Acknowledgements: Aaron Hook for responsibly disclosing this issue. Bug Bounties and Responsible Disclosures: We welcome reviews of the rippled code and urge researchers to responsibly disclose any issues they may find. To report a bug, please send a detailed report to: bugs@xrpl.org --------- Co-authored-by: Nik Bougalis --- src/ripple/overlay/impl/Handshake.cpp | 33 +++------------------------ 1 file changed, 3 insertions(+), 30 deletions(-) diff --git a/src/ripple/overlay/impl/Handshake.cpp b/src/ripple/overlay/impl/Handshake.cpp index 793dec19ee..9fe025787f 100644 --- a/src/ripple/overlay/impl/Handshake.cpp +++ b/src/ripple/overlay/impl/Handshake.cpp @@ -301,36 +301,6 @@ verifyHandshake( throw std::runtime_error("Bad node public key"); }(); - if (publicKey == app.nodeIdentity().first) - { - auto const peerInstanceID = [&headers]() { - std::uint64_t iid = 0; - - if (auto const iter = headers.find("Instance-Cookie"); - iter != headers.end()) - { - if (!beast::lexicalCastChecked(iid, iter->value().to_string())) - throw std::runtime_error("Invalid instance cookie"); - - if (iid == 0) - throw std::runtime_error("Invalid instance cookie"); - } - - return iid; - }(); - - // Attempt to differentiate self-connections as opposed to accidental - // node identity reuse caused by accidental misconfiguration. When we - // detect this, we stop the process and log an error message. - if (peerInstanceID != app.instanceID()) - { - app.signalStop("Remote server is using our node identity"); - throw std::runtime_error("Node identity reuse detected"); - } - - throw std::runtime_error("Self connection"); - } - // This check gets two birds with one stone: // // 1) it verifies that the node we are talking to has access to the @@ -349,6 +319,9 @@ verifyHandshake( throw std::runtime_error("Failed to verify session"); } + if (publicKey == app.nodeIdentity().first) + throw std::runtime_error("Self connection"); + if (auto const iter = headers.find("Local-IP"); iter != headers.end()) { boost::system::error_code ec;