Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-01-14 00:49:41 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

disallow double tunnels (encrypted+clear) in Accepted mode, since it is not needed

Browse Source
This commit is contained in:
mr-alice 2016-11-01 14:13:43 +01:00
parent ffdac640d8
commit 6a3610e6cb
2 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libretroshare/src/ft/ftcontroller.cc
View File

@ -979,16 +979,20 @@ bool ftController::FileRequest(const std::string& fname, const RsFileHash& hash
if(alreadyHaveFile(hash, info)) if(alreadyHaveFile(hash, info))
return false ; return false ;
// the strategy for requesting encryption is the following:
//
// if policy is STRICT
// - disable clear, enforce encryption
// else
// - if not specified, use clear
//
if(mDefaultEncryptionPolicy == RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT) if(mDefaultEncryptionPolicy == RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT)
{ {
flags |= RS_FILE_REQ_ENCRYPTED ; flags |= RS_FILE_REQ_ENCRYPTED ;
flags &= ~RS_FILE_REQ_UNENCRYPTED ; flags &= ~RS_FILE_REQ_UNENCRYPTED ;
} }
else else if(!(flags & ( RS_FILE_REQ_ENCRYPTED | RS_FILE_REQ_UNENCRYPTED )))
{
flags |= RS_FILE_REQ_ENCRYPTED ;
flags |= RS_FILE_REQ_UNENCRYPTED ; flags |= RS_FILE_REQ_UNENCRYPTED ;
}
if(size == 0) // we treat this special case because if(size == 0) // we treat this special case because
{ {

9
libretroshare/src/ft/ftserver.cc
View File

@ -269,7 +269,6 @@ bool ftServer::activateTunnels(const RsFileHash& hash,TransferRequestFlags flags
#ifdef SERVER_DEBUG #ifdef SERVER_DEBUG
FTSERVER_DEBUG() << "Activating tunnels for hash " << hash << std::endl; FTSERVER_DEBUG() << "Activating tunnels for hash " << hash << std::endl;
#endif #endif
if(flags & RS_FILE_REQ_ENCRYPTED) if(flags & RS_FILE_REQ_ENCRYPTED)
{ {
#ifdef SERVER_DEBUG #ifdef SERVER_DEBUG
@ -277,7 +276,7 @@ bool ftServer::activateTunnels(const RsFileHash& hash,TransferRequestFlags flags
#endif #endif
mTurtleRouter->monitorTunnels(hash_of_hash,this,true) ; mTurtleRouter->monitorTunnels(hash_of_hash,this,true) ;
} }
if(flags & RS_FILE_REQ_UNENCRYPTED) if((flags & RS_FILE_REQ_UNENCRYPTED) && (mFtController->defaultEncryptionPolicy() != RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT))
{ {
#ifdef SERVER_DEBUG #ifdef SERVER_DEBUG
FTSERVER_DEBUG() << " flags require no end-to-end encryption. Requesting hash " << hash << std::endl; FTSERVER_DEBUG() << " flags require no end-to-end encryption. Requesting hash " << hash << std::endl;
@ -599,6 +598,12 @@ bool ftServer::handleTunnelRequest(const RsFileHash& hash,const RsPeerId& peer_i
} }
} }
if(mFtController->defaultEncryptionPolicy() == RS_FILE_CTRL_ENCRYPTION_POLICY_STRICT && hash == real_hash)
{
std::cerr << "(WW) rejecting file transfer for hash " << hash << " because the hash is not encrypted and encryption policy requires it." << std::endl;
return false ;
}
#ifdef SERVER_DEBUG #ifdef SERVER_DEBUG
FTSERVER_DEBUG() << "ftServer: performing local hash search for hash " << hash << std::endl; FTSERVER_DEBUG() << "ftServer: performing local hash search for hash " << hash << std::endl;