Avoid trying to send an ANS_KEY request to unreachable nodes.

We could have a REQ_KEY coming from a node that is not reachable; either
because DEL_EDGEs have overtaken the REQ_KEY, or perhaps if TunnelServer
is used and some nodes have a different view of reachability.

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 6140a53..d4a0b17 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -131,6 +131,12 @@ bool req_key_h(connection_t *c) {
        /* Check if this key request is for us */
 
        if(to == myself) {                      /* Yes, send our own key back */
+               if(!from->status.reachable) {
+                       logger(LOG_WARNING, "Got %s from %s (%s) origin %s which is not reachable",
+                              "REQ_KEY", c->name, c->hostname, from_name);
+                       return true;
+               }
+
                if(!send_ans_key(from)) {
                        return false;
                }