Added new (optional) callback to libbitdht to ask upper layer if an IP is banned.

In case this callback is implemented it will be used in favour of the built-in ban list.

libbitdht/src/bitdht/bdfilter.cc

@@ -26,6 +26,7 @@
 
 
 #include "bitdht/bdfilter.h"
+#include "bitdht/bdmanager.h"
 #include "util/bdfile.h"
 
 #include <stdlib.h>
@@ -39,7 +40,7 @@
 **/
 #define BDFILTER_ENTRY_DROP_PERIOD	(7 * 24 * 3600)
 
-bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid,  uint32_t filterFlags, bdDhtFunctions *fns)
+bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid,  uint32_t filterFlags, bdDhtFunctions *fns, bdNodeManager *manager)
 {
 	/* */
     mOwnId = *ownid;
@@ -49,6 +50,7 @@ bdFilter::bdFilter(const std::string &fname, const bdNodeId *ownid,  uint32_t fi
     loadBannedIpFile() ;
 
     mFilterFlags = filterFlags;
+    mNodeManager = manager;
 }
 
 void bdFilter::writeBannedIpFile()
@@ -220,16 +222,28 @@ void bdFilter::getFilteredPeers(std::list<bdFilteredPeer>& peers)
 /* fast check if the addr is in the structure */
 int bdFilter::addrOkay(struct sockaddr_in *addr)
 {
-    std::map<uint32_t,bdFilteredPeer>::const_iterator it = mFiltered.find(addr->sin_addr.s_addr);
+	// first check upper layer
+	bool isAvailable, isBanned;
+	mNodeManager->doIsBannedCallback(addr, &isAvailable, &isBanned);
 
-    if (it == mFiltered.end())
-        return 1; // Address is Okay!
+	if(isAvailable) {
+#ifdef DEBUG_FILTER
+		std::cerr << "bdFilter::addrOkay addr: " << inet_ntoa(addr->sin_addr) << " result from upper layer: " << (isBanned ? "banned" : "ok") << std::endl;
+#endif
+		return !isBanned;
+	} else {
+		// fallback to own ban list
+
+		std::map<uint32_t,bdFilteredPeer>::const_iterator it = mFiltered.find(addr->sin_addr.s_addr);
+		if (it == mFiltered.end())
+			return 1; // Address is Okay
+	}
 
 #ifdef DEBUG_FILTER
-    std::cerr << "Detected Packet From Banned Ip Address: " << inet_ntoa(addr->sin_addr);
-    std::cerr << std::endl;
+	std::cerr << "Detected Packet From Banned Ip Address: " << inet_ntoa(addr->sin_addr);
+	std::cerr << std::endl;
 #endif
-    return 0;
+	return 0;
 }
 
 

libbitdht/src/bitdht/bdfilter.h

@@ -47,10 +47,12 @@ class bdFilteredPeer
     time_t mLastSeen;
 };
 
+class bdNodeManager;
+
 class bdFilter
 {
 	public:
-    bdFilter(const std::string& fname,const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns);
+    bdFilter(const std::string& fname, const bdNodeId *ownid, uint32_t filterFlags, bdDhtFunctions *fns, bdNodeManager *manager);
 
 	// get the answer.
 //bool	filtered(std::list<bdFilteredPeer> &answer);
@@ -77,9 +79,12 @@ bool	isOwnIdWithoutBitDhtFlags(const bdId *id, uint32_t peerFlags);
 	bdNodeId mOwnId;
 	uint32_t mFilterFlags;
 
-    std::map<uint32_t,bdFilteredPeer> mFiltered;
-    bdDhtFunctions *mFns;
-    std::string mFilename ;
+	std::map<uint32_t,bdFilteredPeer> mFiltered;
+	bdDhtFunctions *mFns;
+	std::string mFilename ;
+
+	// have access to the manager for isBanned callback
+	bdNodeManager* mNodeManager;
 };
 
 

libbitdht/src/bitdht/bdiface.h

@@ -337,20 +337,25 @@ class BitDhtCallback
 	public:
 //        ~BitDhtCallback();
 
-		// dummy cos not needed for standard dht behaviour;
-virtual int dhtNodeCallback(const bdId *  /*id*/, uint32_t /*peerflags*/)  { return 0; } 
+	// dummy cos not needed for standard dht behaviour;
+	virtual int dhtNodeCallback(const bdId *  /*id*/, uint32_t /*peerflags*/)  { return 0; }
 
-		// must be implemented.
-virtual int dhtPeerCallback(const bdId *id, uint32_t status) = 0;
-virtual int dhtValueCallback(const bdNodeId *id, std::string key, uint32_t status) = 0;
+	// must be implemented.
+	virtual int dhtPeerCallback(const bdId *id, uint32_t status) = 0;
+	virtual int dhtValueCallback(const bdNodeId *id, std::string key, uint32_t status) = 0;
 
-		// connection callback. Not required for basic behaviour, but forced for initial development.
-virtual int dhtConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId, 
-			uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode) = 0; /*  { return 0; }  */
+	// connection callback. Not required for basic behaviour, but forced for initial development.
+	virtual int dhtConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId,
+	uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode) = 0; /*  { return 0; }  */
 
-		// Generic Info callback - initially will be used to provide bad peers.	
-virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info) = 0;
+	// Generic Info callback - initially will be used to provide bad peers.
+	virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info) = 0;
 
+	// ask upper layer whether an IP is banned or not
+	// must not be implemented
+	// when set it will be used instead of the own ban list
+	// return code is used to express availability/absence
+	virtual int dhtIsBannedCallback(const sockaddr_in */*addr*/, bool */*isBanned*/) { return 0;}
 };
 
 

libbitdht/src/bitdht/bdmanager.cc

@@ -69,7 +69,7 @@
 
 
 bdNodeManager::bdNodeManager(bdNodeId *id, std::string dhtVersion, std::string bootfile, const std::string& filterfile,bdDhtFunctions *fns)
-    :bdNode(id, dhtVersion, bootfile, filterfile, fns)
+    :bdNode(id, dhtVersion, bootfile, filterfile, fns, this)
 {
 	mMode = BITDHT_MGR_STATE_OFF;
 	mFns = fns;
@@ -1179,10 +1179,9 @@ void bdNodeManager::doPeerCallback(const bdId *id, uint32_t status)
 
 void bdNodeManager::doValueCallback(const bdNodeId *id, std::string key, uint32_t status)
 {
+#ifdef DEBUG_MGR
 	std::cerr << "bdNodeManager::doValueCallback()";
 	std::cerr << std::endl;
-
-#ifdef DEBUG_MGR
 #endif
         /* search list */
         std::list<BitDhtCallback *>::iterator it;
@@ -1196,10 +1195,9 @@ void bdNodeManager::doValueCallback(const bdNodeId *id, std::string key, uint32_
 
 void bdNodeManager::doInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info)
 {
+#ifdef DEBUG_MGR
 	std::cerr << "bdNodeManager::doInfoCallback()";
 	std::cerr << std::endl;
-
-#ifdef DEBUG_MGR
 #endif
         /* search list */
         std::list<BitDhtCallback *>::iterator it;
@@ -1210,6 +1208,28 @@ void bdNodeManager::doInfoCallback(const bdId *id, uint32_t type, uint32_t flags
         return;
 }
 
+void bdNodeManager::doIsBannedCallback(const sockaddr_in *addr, bool *isAvailable, bool *isBanned)
+{
+#ifdef DEBUG_MGR
+	std::cerr << "bdNodeManager::doIsBannedCallback()";
+	std::cerr << std::endl;
+#endif
+	/* search list */
+	std::list<BitDhtCallback *>::iterator it;
+	*isBanned = false;
+	*isAvailable = false;
+	for(it = mCallbacks.begin(); it != mCallbacks.end(); it++)
+	{
+		// set isBanned to true as soon as one callback answers with true
+		bool banned;
+		if((*it)->dhtIsBannedCallback(addr, &banned))
+		{
+			*isBanned = *isBanned || banned;
+			*isAvailable = true;
+		}
+	}
+}
+
 
 #define BITDHT_IDENTITY_STRING_V1  	"d1:"
 #define BITDHT_IDENTITY_SIZE_V1    	3

libbitdht/src/bitdht/bdmanager.h

@@ -153,6 +153,9 @@ virtual void callbackConnect(bdId *srcId, bdId *proxyId, bdId *destId,
 
 int 	isBitDhtPacket(char *data, int size, struct sockaddr_in &from);
 
+	// this function is used by bdFilter (must be public!)
+void	doIsBannedCallback(const sockaddr_in *addr, bool *isAvailable, bool* isBanned);
+
 private:
 
 

libbitdht/src/bitdht/bdnode.cc

@@ -70,10 +70,10 @@
 
 #define HISTORY_PERIOD  60
 
-bdNode::bdNode(bdNodeId *ownId, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile, bdDhtFunctions *fns)
+bdNode::bdNode(bdNodeId *ownId, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile, bdDhtFunctions *fns, bdNodeManager *manager)
     :mNodeSpace(ownId, fns),
-         mFilterPeers(filterfile,ownId, BITDHT_FILTER_REASON_OWNID, fns),
-      mQueryMgr(NULL),
+          mFilterPeers(filterfile,ownId, BITDHT_FILTER_REASON_OWNID, fns, manager),
+          mQueryMgr(NULL),
           mConnMgr(NULL),
           mOwnId(*ownId), mDhtVersion(dhtVersion), mStore(bootfile, fns), mFns(fns),
           mFriendList(ownId), mHistory(HISTORY_PERIOD)

libbitdht/src/bitdht/bdnode.h

@@ -85,6 +85,7 @@ output -> call back to Udp().
  *********/
 
 class bdFilteredPeer ;
+class bdNodeManager;
 
 class bdNodeNetMsg
 {
@@ -122,7 +123,7 @@ class bdNode: public bdNodePublisher
 	public:
 
     bdNode(bdNodeId *id, std::string dhtVersion, const std::string& bootfile, const std::string& filterfile,
-		bdDhtFunctions *fns);	
+		bdDhtFunctions *fns, bdNodeManager* manager);
 
 	void init(); /* sets up the self referential classes (mQueryMgr & mConnMgr) */
 
@@ -243,7 +244,7 @@ void	recvPkt(char *msg, int len, struct sockaddr_in addr);
 	protected:
 
 	bdSpace mNodeSpace;
-    bdFilter mFilterPeers;
+	bdFilter mFilterPeers;
 
 	bdQueryManager *mQueryMgr;
 	bdConnectManager *mConnMgr;

libretroshare/src/dht/p3bitdht.cc

@@ -32,6 +32,8 @@
 #include "tcponudp/udprelay.h"
 #include "tcponudp/udpstunner.h"
 
+#include "retroshare/rsbanlist.h"
+
 #include <openssl/sha.h>
 
 
@@ -76,6 +78,27 @@ virtual int dhtInfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::
 	return mParent->InfoCallback(id, type, flags, info);
 }  
 
+	virtual int dhtIsBannedCallback(const sockaddr_in *addr, bool *isBanned)
+	{
+		// check whether ip filtering is enabled
+		// if not return 0 to signal that no filter is available
+		if(!rsBanList->ipFilteringEnabled())
+			return 0;
+
+		// now check the filter
+		if(rsBanList->isAddressAccepted(*(const sockaddr_storage*)addr, RSBANLIST_CHECKING_FLAGS_BLACKLIST, NULL)) {
+			*isBanned = false;
+		} else {
+#ifdef DEBUG_BITDHT
+			std::cerr << "p3BitDht dhtIsBannedCallback: peer is banned " << sockaddr_storage_tostring(*(const sockaddr_storage*)addr) << std::endl;
+#endif
+			*isBanned = true;
+		}
+
+		// return 1 to signal that a filter is available
+		return 1;
+	}
+
 	private:
 
 	p3BitDht *mParent;