Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-12-28 00:49:28 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

refusing connections from banned peers

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8293 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2015-05-25 16:51:15 +00:00
parent 79882695b7
commit 482c488b46
3 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libretroshare/src/pqi/p3netmgr.cc
View File

@ -74,6 +74,10 @@ const uint32_t MIN_TIME_BETWEEN_NET_RESET = 5;
* #define NETMGR_DEBUG_TICK 1
* #define NETMGR_DEBUG_STATEBOX 1
***/
// #define NETMGR_DEBUG 1
// #define NETMGR_DEBUG_RESET 1
// #define NETMGR_DEBUG_TICK 1
// #define NETMGR_DEBUG_STATEBOX 1
pqiNetStatus::pqiNetStatus()
:mLocalAddrOk(false), mExtAddrOk(false), mExtAddrStableOk(false),

9
libretroshare/src/pqi/p3peermgr.cc
View File

@ -47,6 +47,7 @@ const int p3peermgrzone = 9531;
#include "retroshare/rsiface.h" // Needed for rsicontrol (should remove this dependancy)
#include "retroshare/rspeers.h" // Needed for Group Parameters.
#include "retroshare/rsdht.h" // Needed for banned IPs
/* Network setup States */
@ -274,7 +275,7 @@ bool p3PeerMgrIMPL::setOwnVisState(uint16_t vs_disc, uint16_t vs_dht)
void p3PeerMgrIMPL::tick()
{
static const time_t INTERVAL_BETWEEN_LOCATION_CLEANING = 600 ; // Remove unused locations and clean IPs every 10 minutes.
static const time_t INTERVAL_BETWEEN_LOCATION_CLEANING = 300 ; // Remove unused locations and clean IPs every 10 minutes.
static time_t last_friends_check = time(NULL) ; // first cleaning after 1 hour.
@ -993,6 +994,12 @@ bool p3PeerMgrIMPL::UpdateOwnAddress(const struct sockaddr_storage &localAddr,
std::cerr << ")" << std::endl;
#endif
if(rsDht->isAddressBanned(localAddr))
{
std::cerr << "(SS) Trying to set own IP to a banned IP " << sockaddr_storage_iptostring(localAddr) << ". Attack?" << std::endl;
return false ;
}
{
RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/

7
libretroshare/src/pqi/pqissl.cc
View File

@ -39,6 +39,7 @@
#include "pqi/p3linkmgr.h"
#include <retroshare/rspeers.h>
#include <retroshare/rsdht.h>
const int pqisslzone = 37714;
@ -1309,6 +1310,12 @@ int pqissl::Authorise_SSL_Connection()
bool res = AuthSSL::getAuthSSL()->CheckCertificate(PeerId(), peercert);
bool certCorrect = true; /* WE know it okay already! */
if(rsDht->isAddressBanned(remote_addr))
{
std::cerr << "(SS) connection attempt from banned IP address. Refusing it. Attack??" << std::endl;
reset_locked();
return 0 ;
}
// check it's the right one.
if (certCorrect)
{