mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-29 09:26:18 -05:00
refusing connections from banned peers
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8293 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
79882695b7
commit
482c488b46
@ -74,6 +74,10 @@ const uint32_t MIN_TIME_BETWEEN_NET_RESET = 5;
|
|||||||
* #define NETMGR_DEBUG_TICK 1
|
* #define NETMGR_DEBUG_TICK 1
|
||||||
* #define NETMGR_DEBUG_STATEBOX 1
|
* #define NETMGR_DEBUG_STATEBOX 1
|
||||||
***/
|
***/
|
||||||
|
// #define NETMGR_DEBUG 1
|
||||||
|
// #define NETMGR_DEBUG_RESET 1
|
||||||
|
// #define NETMGR_DEBUG_TICK 1
|
||||||
|
// #define NETMGR_DEBUG_STATEBOX 1
|
||||||
|
|
||||||
pqiNetStatus::pqiNetStatus()
|
pqiNetStatus::pqiNetStatus()
|
||||||
:mLocalAddrOk(false), mExtAddrOk(false), mExtAddrStableOk(false),
|
:mLocalAddrOk(false), mExtAddrOk(false), mExtAddrStableOk(false),
|
||||||
|
@ -47,6 +47,7 @@ const int p3peermgrzone = 9531;
|
|||||||
|
|
||||||
#include "retroshare/rsiface.h" // Needed for rsicontrol (should remove this dependancy)
|
#include "retroshare/rsiface.h" // Needed for rsicontrol (should remove this dependancy)
|
||||||
#include "retroshare/rspeers.h" // Needed for Group Parameters.
|
#include "retroshare/rspeers.h" // Needed for Group Parameters.
|
||||||
|
#include "retroshare/rsdht.h" // Needed for banned IPs
|
||||||
|
|
||||||
/* Network setup States */
|
/* Network setup States */
|
||||||
|
|
||||||
@ -274,7 +275,7 @@ bool p3PeerMgrIMPL::setOwnVisState(uint16_t vs_disc, uint16_t vs_dht)
|
|||||||
|
|
||||||
void p3PeerMgrIMPL::tick()
|
void p3PeerMgrIMPL::tick()
|
||||||
{
|
{
|
||||||
static const time_t INTERVAL_BETWEEN_LOCATION_CLEANING = 600 ; // Remove unused locations and clean IPs every 10 minutes.
|
static const time_t INTERVAL_BETWEEN_LOCATION_CLEANING = 300 ; // Remove unused locations and clean IPs every 10 minutes.
|
||||||
|
|
||||||
static time_t last_friends_check = time(NULL) ; // first cleaning after 1 hour.
|
static time_t last_friends_check = time(NULL) ; // first cleaning after 1 hour.
|
||||||
|
|
||||||
@ -993,6 +994,12 @@ bool p3PeerMgrIMPL::UpdateOwnAddress(const struct sockaddr_storage &localAddr,
|
|||||||
std::cerr << ")" << std::endl;
|
std::cerr << ")" << std::endl;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if(rsDht->isAddressBanned(localAddr))
|
||||||
|
{
|
||||||
|
std::cerr << "(SS) Trying to set own IP to a banned IP " << sockaddr_storage_iptostring(localAddr) << ". Attack?" << std::endl;
|
||||||
|
return false ;
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
|
RsStackMutex stack(mPeerMtx); /****** STACK LOCK MUTEX *******/
|
||||||
|
|
||||||
|
@ -39,6 +39,7 @@
|
|||||||
|
|
||||||
#include "pqi/p3linkmgr.h"
|
#include "pqi/p3linkmgr.h"
|
||||||
#include <retroshare/rspeers.h>
|
#include <retroshare/rspeers.h>
|
||||||
|
#include <retroshare/rsdht.h>
|
||||||
|
|
||||||
const int pqisslzone = 37714;
|
const int pqisslzone = 37714;
|
||||||
|
|
||||||
@ -1309,6 +1310,12 @@ int pqissl::Authorise_SSL_Connection()
|
|||||||
bool res = AuthSSL::getAuthSSL()->CheckCertificate(PeerId(), peercert);
|
bool res = AuthSSL::getAuthSSL()->CheckCertificate(PeerId(), peercert);
|
||||||
bool certCorrect = true; /* WE know it okay already! */
|
bool certCorrect = true; /* WE know it okay already! */
|
||||||
|
|
||||||
|
if(rsDht->isAddressBanned(remote_addr))
|
||||||
|
{
|
||||||
|
std::cerr << "(SS) connection attempt from banned IP address. Refusing it. Attack??" << std::endl;
|
||||||
|
reset_locked();
|
||||||
|
return 0 ;
|
||||||
|
}
|
||||||
// check it's the right one.
|
// check it's the right one.
|
||||||
if (certCorrect)
|
if (certCorrect)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user