mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-25 15:39:27 -05:00
Added new (optional) callback to libbitdht to ask upper layer if an IP is banned.
In case this callback is implemented it will be used in favour of the built-in ban list.
This commit is contained in:
parent
ddce43b282
commit
3bb03ff89d
@ -26,6 +26,7 @@
|
||||
|
||||
|
||||
#include "bitdht/bdfilter.h"
|
||||
#include "bitdht/bdmanager.h"
|
||||
#include "util/bdfile.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -39,7 +40,7 @@
|
||||
**/
|
||||
#define BDFILTER_ENTRY_DROP_PERIOD (7 * 24 * 3600)
|
||||
|
||||
bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns)
|
||||
bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns, bdNodeManager *manager)
|
||||
{
|
||||
/* */
|
||||
mOwnId = *ownid;
|
||||
@ -49,6 +50,7 @@ bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid, uint32_t fi
|
||||
loadBannedIpFile() ;
|
||||
|
||||
mFilterFlags = filterFlags;
|
||||
mNodeManager = manager;
|
||||
}
|
||||
|
||||
void bdFilter::writeBannedIpFile()
|
||||
@ -220,16 +222,28 @@ void bdFilter::getFilteredPeers(std::list<bdFilteredPeer>& peers)
|
||||
/* fast check if the addr is in the structure */
|
||||
int bdFilter::addrOkay(struct sockaddr_in *addr)
|
||||
{
|
||||
std::map<uint32_t,bdFilteredPeer>::const_iterator it = mFiltered.find(addr->sin_addr.s_addr);
|
||||
// first check upper layer
|
||||
bool isAvailable, isBanned;
|
||||
mNodeManager->doIsBannedCallback(addr, &isAvailable, &isBanned);
|
||||
|
||||
if (it == mFiltered.end())
|
||||
return 1; // Address is Okay!
|
||||
if(isAvailable) {
|
||||
#ifdef DEBUG_FILTER
|
||||
std::cerr << "bdFilter::addrOkay addr: " << inet_ntoa(addr->sin_addr) << " result from upper layer: " << (isBanned ? "banned" : "ok") << std::endl;
|
||||
#endif
|
||||
return !isBanned;
|
||||
} else {
|
||||
// fallback to own ban list
|
||||
|
||||
std::map<uint32_t,bdFilteredPeer>::const_iterator it = mFiltered.find(addr->sin_addr.s_addr);
|
||||
if (it == mFiltered.end())
|
||||
return 1; // Address is Okay
|
||||
}
|
||||
|
||||
#ifdef DEBUG_FILTER
|
||||
std::cerr << "Detected Packet From Banned Ip Address: " << inet_ntoa(addr->sin_addr);
|
||||
std::cerr << std::endl;
|
||||
std::cerr << "Detected Packet From Banned Ip Address: " << inet_ntoa(addr->sin_addr);
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
return 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
@ -47,10 +47,12 @@ class bdFilteredPeer
|
||||
time_t mLastSeen;
|
||||
};
|
||||
|
||||
class bdNodeManager;
|
||||
|
||||
class bdFilter
|
||||
{
|
||||
public:
|
||||
bdFilter(const std::string& fname,const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns);
|
||||
bdFilter(const std::string& fname, const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns, bdNodeManager *manager);
|
||||
|
||||
// get the answer.
|
||||
//bool filtered(std::list<bdFilteredPeer> &answer);
|
||||
@ -77,9 +79,12 @@ bool isOwnIdWithoutBitDhtFlags(const bdId *id, uint32_t peerFlags);
|
||||
bdNodeId mOwnId;
|
||||
uint32_t mFilterFlags;
|
||||
|
||||
std::map<uint32_t,bdFilteredPeer> mFiltered;
|
||||
bdDhtFunctions *mFns;
|
||||
std::string mFilename ;
|
||||
std::map<uint32_t,bdFilteredPeer> mFiltered;
|
||||
bdDhtFunctions *mFns;
|
||||
std::string mFilename ;
|
||||
|
||||
// have access to the manager for isBanned callback
|
||||
bdNodeManager* mNodeManager;
|
||||
};
|
||||
|
||||
|
||||
|
@ -337,20 +337,25 @@ class BitDhtCallback
|
||||
public:
|
||||
// ~BitDhtCallback();
|
||||
|
||||
// dummy cos not needed for standard dht behaviour;
|
||||
virtual int dhtNodeCallback(const bdId * /*id*/, uint32_t /*peerflags*/) { return 0; }
|
||||
// dummy cos not needed for standard dht behaviour;
|
||||
virtual int dhtNodeCallback(const bdId * /*id*/, uint32_t /*peerflags*/) { return 0; }
|
||||
|
||||
// must be implemented.
|
||||
virtual int dhtPeerCallback(const bdId *id, uint32_t status) = 0;
|
||||
virtual int dhtValueCallback(const bdNodeId *id, std::string key, uint32_t status) = 0;
|
||||
// must be implemented.
|
||||
virtual int dhtPeerCallback(const bdId *id, uint32_t status) = 0;
|
||||
virtual int dhtValueCallback(const bdNodeId *id, std::string key, uint32_t status) = 0;
|
||||
|
||||
// connection callback. Not required for basic behaviour, but forced for initial development.
|
||||
virtual int dhtConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId,
|
||||
uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode) = 0; /* { return 0; } */
|
||||
// connection callback. Not required for basic behaviour, but forced for initial development.
|
||||
virtual int dhtConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId,
|
||||
uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode) = 0; /* { return 0; } */
|
||||
|
||||
// Generic Info callback - initially will be used to provide bad peers.
|
||||
virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info) = 0;
|
||||
// Generic Info callback - initially will be used to provide bad peers.
|
||||
virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info) = 0;
|
||||
|
||||
// ask upper layer whether an IP is banned or not
|
||||
// must not be implemented
|
||||
// when set it will be used instead of the own ban list
|
||||
// return code is used to express availability/absence
|
||||
virtual int dhtIsBannedCallback(const sockaddr_in */*addr*/, bool */*isBanned*/) { return 0;}
|
||||
};
|
||||
|
||||
|
||||
|
@ -69,7 +69,7 @@
|
||||
|
||||
|
||||
bdNodeManager::bdNodeManager(bdNodeId *id, std::string dhtVersion, std::string bootfile, const std::string& filterfile,bdDhtFunctions *fns)
|
||||
:bdNode(id, dhtVersion, bootfile, filterfile, fns)
|
||||
:bdNode(id, dhtVersion, bootfile, filterfile, fns, this)
|
||||
{
|
||||
mMode = BITDHT_MGR_STATE_OFF;
|
||||
mFns = fns;
|
||||
@ -1179,10 +1179,9 @@ void bdNodeManager::doPeerCallback(const bdId *id, uint32_t status)
|
||||
|
||||
void bdNodeManager::doValueCallback(const bdNodeId *id, std::string key, uint32_t status)
|
||||
{
|
||||
#ifdef DEBUG_MGR
|
||||
std::cerr << "bdNodeManager::doValueCallback()";
|
||||
std::cerr << std::endl;
|
||||
|
||||
#ifdef DEBUG_MGR
|
||||
#endif
|
||||
/* search list */
|
||||
std::list<BitDhtCallback *>::iterator it;
|
||||
@ -1196,10 +1195,9 @@ void bdNodeManager::doValueCallback(const bdNodeId *id, std::string key, uint32_
|
||||
|
||||
void bdNodeManager::doInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info)
|
||||
{
|
||||
#ifdef DEBUG_MGR
|
||||
std::cerr << "bdNodeManager::doInfoCallback()";
|
||||
std::cerr << std::endl;
|
||||
|
||||
#ifdef DEBUG_MGR
|
||||
#endif
|
||||
/* search list */
|
||||
std::list<BitDhtCallback *>::iterator it;
|
||||
@ -1210,6 +1208,28 @@ void bdNodeManager::doInfoCallback(const bdId *id, uint32_t type, uint32_t flags
|
||||
return;
|
||||
}
|
||||
|
||||
void bdNodeManager::doIsBannedCallback(const sockaddr_in *addr, bool *isAvailable, bool *isBanned)
|
||||
{
|
||||
#ifdef DEBUG_MGR
|
||||
std::cerr << "bdNodeManager::doIsBannedCallback()";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
/* search list */
|
||||
std::list<BitDhtCallback *>::iterator it;
|
||||
*isBanned = false;
|
||||
*isAvailable = false;
|
||||
for(it = mCallbacks.begin(); it != mCallbacks.end(); it++)
|
||||
{
|
||||
// set isBanned to true as soon as one callback answers with true
|
||||
bool banned;
|
||||
if((*it)->dhtIsBannedCallback(addr, &banned))
|
||||
{
|
||||
*isBanned = *isBanned || banned;
|
||||
*isAvailable = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
#define BITDHT_IDENTITY_STRING_V1 "d1:"
|
||||
#define BITDHT_IDENTITY_SIZE_V1 3
|
||||
|
@ -153,6 +153,9 @@ virtual void callbackConnect(bdId *srcId, bdId *proxyId, bdId *destId,
|
||||
|
||||
int isBitDhtPacket(char *data, int size, struct sockaddr_in &from);
|
||||
|
||||
// this function is used by bdFilter (must be public!)
|
||||
void doIsBannedCallback(const sockaddr_in *addr, bool *isAvailable, bool* isBanned);
|
||||
|
||||
private:
|
||||
|
||||
|
||||
|
@ -70,10 +70,10 @@
|
||||
|
||||
#define HISTORY_PERIOD 60
|
||||
|
||||
bdNode::bdNode(bdNodeId *ownId, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile, bdDhtFunctions *fns)
|
||||
bdNode::bdNode(bdNodeId *ownId, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile, bdDhtFunctions *fns, bdNodeManager *manager)
|
||||
:mNodeSpace(ownId, fns),
|
||||
mFilterPeers(filterfile,ownId, BITDHT_FILTER_REASON_OWNID, fns),
|
||||
mQueryMgr(NULL),
|
||||
mFilterPeers(filterfile,ownId, BITDHT_FILTER_REASON_OWNID, fns, manager),
|
||||
mQueryMgr(NULL),
|
||||
mConnMgr(NULL),
|
||||
mOwnId(*ownId), mDhtVersion(dhtVersion), mStore(bootfile, fns), mFns(fns),
|
||||
mFriendList(ownId), mHistory(HISTORY_PERIOD)
|
||||
|
@ -85,6 +85,7 @@ output -> call back to Udp().
|
||||
*********/
|
||||
|
||||
class bdFilteredPeer ;
|
||||
class bdNodeManager;
|
||||
|
||||
class bdNodeNetMsg
|
||||
{
|
||||
@ -122,7 +123,7 @@ class bdNode: public bdNodePublisher
|
||||
public:
|
||||
|
||||
bdNode(bdNodeId *id, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile,
|
||||
bdDhtFunctions *fns);
|
||||
bdDhtFunctions *fns, bdNodeManager* manager);
|
||||
|
||||
void init(); /* sets up the self referential classes (mQueryMgr & mConnMgr) */
|
||||
|
||||
@ -243,7 +244,7 @@ void recvPkt(char *msg, int len, struct sockaddr_in addr);
|
||||
protected:
|
||||
|
||||
bdSpace mNodeSpace;
|
||||
bdFilter mFilterPeers;
|
||||
bdFilter mFilterPeers;
|
||||
|
||||
bdQueryManager *mQueryMgr;
|
||||
bdConnectManager *mConnMgr;
|
||||
|
@ -32,6 +32,8 @@
|
||||
#include "tcponudp/udprelay.h"
|
||||
#include "tcponudp/udpstunner.h"
|
||||
|
||||
#include "retroshare/rsbanlist.h"
|
||||
|
||||
#include <openssl/sha.h>
|
||||
|
||||
|
||||
@ -76,6 +78,27 @@ virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::
|
||||
return mParent->InfoCallback(id, type, flags, info);
|
||||
}
|
||||
|
||||
virtual int dhtIsBannedCallback(const sockaddr_in *addr, bool *isBanned)
|
||||
{
|
||||
// check whether ip filtering is enabled
|
||||
// if not return 0 to signal that no filter is available
|
||||
if(!rsBanList->ipFilteringEnabled())
|
||||
return 0;
|
||||
|
||||
// now check the filter
|
||||
if(rsBanList->isAddressAccepted(*(const sockaddr_storage*)addr, RSBANLIST_CHECKING_FLAGS_BLACKLIST, NULL)) {
|
||||
*isBanned = false;
|
||||
} else {
|
||||
#ifdef DEBUG_BITDHT
|
||||
std::cerr << "p3BitDht dhtIsBannedCallback: peer is banned " << sockaddr_storage_tostring(*(const sockaddr_storage*)addr) << std::endl;
|
||||
#endif
|
||||
*isBanned = true;
|
||||
}
|
||||
|
||||
// return 1 to signal that a filter is available
|
||||
return 1;
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
p3BitDht *mParent;
|
||||
|
Loading…
Reference in New Issue
Block a user