Improvements to BanPeer Code, mainly from a UdpStunner perspective.

* Added UdpStunner::dropStunPeer() code to remove bad peer from stun list. * added calls to UdpStunner::dropStunPeer for BanLists going to/from DHT. * added DEBUG_BANLIST_CONDENSE to remove unnecessary debug. * Improved UdpStunner::status() print out of stunlist. * Added extra check to throw away stun reports where remote_addr == reported ext_addr. - This was causing peers to get the wrong IP addresses. * Modified UdpStunner ExtAddr checks to make sure the IP addresses match. * Changed BANLIST service Id to from Test ID to real ID. NOTE: These are stop-gap methods to avoid the wrong Stun reports. A more robust scheme must be implemented. I'd expect that it would involve a strict initial check to establish your IP address... (e.g. require 4 peers to confirm it, allowing for some fake entries) After this we can have a weaker check ensuring IP address matches. If we detect a likely REAL change of IP address - drop back to requiring a strick check again. git-svn-id: http://svn.code.sf.net/p/retroshare/code/branches/v0.5-dhtmods@4717 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-05-04 15:15:15 -04:00 · 2011-12-08 20:15:08 +00:00 · 2011-12-08 20:15:08 +00:00 · 2048bb5e47
commit 2048bb5e47
parent b6dbdf9396
6 changed files with 139 additions and 18 deletions
--- a/libretroshare/src/services/p3banlist.cc
+++ b/libretroshare/src/services/p3banlist.cc
@ -234,6 +234,10 @@ bool p3BanList::addBanEntry(const std::string &peerId, const struct sockaddr_in
 	return updated;
 }

+/***
+ * EXTRA DEBUGGING.
+ * #define DEBUG_BANLIST_CONDENSE		1
+ ***/

 int p3BanList::condenseBanSources_locked()
 {
@ -250,7 +254,7 @@ int p3BanList::condenseBanSources_locked()
 	{
 		if (now - it->second.mLastUpdate > RSBANLIST_ENTRY_MAX_AGE)
 		{
-#ifdef DEBUG_BANLIST
+#ifdef DEBUG_BANLIST_CONDENSE
 			std::cerr << "p3BanList::condenseBanSources_locked()";
 			std::cerr << " Ignoring Out-Of-Date peer: " << it->first;
 			std::cerr << std::endl;
@ -258,7 +262,7 @@ int p3BanList::condenseBanSources_locked()
 			continue;
 		}

-#ifdef DEBUG_BANLIST
+#ifdef DEBUG_BANLIST_CONDENSE
 		std::cerr << "p3BanList::condenseBanSources_locked()";
 		std::cerr << " Condensing Info from peer: " << it->first;
 		std::cerr << std::endl;
@ -271,7 +275,7 @@ int p3BanList::condenseBanSources_locked()
 			/* check timestamp */
 			if (now - lit->second.mTs > RSBANLIST_ENTRY_MAX_AGE)
 			{
-#ifdef DEBUG_BANLIST
+#ifdef DEBUG_BANLIST_CONDENSE
 				std::cerr << "p3BanList::condenseBanSources_locked()";
 				std::cerr << " Ignoring Out-Of-Date Entry for: ";
 				std::cerr << rs_inet_ntoa(lit->second.addr.sin_addr);
@ -296,7 +300,7 @@ int p3BanList::condenseBanSources_locked()
 				bp.level = lvl;
 				bp.addr.sin_port = 0;
 				mBanSet[lit->second.addr.sin_addr.s_addr] = bp;
-#ifdef DEBUG_BANLIST
+#ifdef DEBUG_BANLIST_CONDENSE
 				std::cerr << "p3BanList::condenseBanSources_locked()";
 				std::cerr << " Added New Entry for: ";
 				std::cerr << rs_inet_ntoa(lit->second.addr.sin_addr);
@ -305,7 +309,7 @@ int p3BanList::condenseBanSources_locked()
 			}
 			else
 			{
-#ifdef DEBUG_BANLIST
+#ifdef DEBUG_BANLIST_CONDENSE
 				std::cerr << "p3BanList::condenseBanSources_locked()";
 				std::cerr << " Merging Info for: ";
 				std::cerr << rs_inet_ntoa(lit->second.addr.sin_addr);