From 6f9d875fc69fab52b20e5f886fc614949d937250 Mon Sep 17 00:00:00 2001
From: sehraf <sehraf42@gmail.com>
Date: Wed, 5 Feb 2020 20:11:53 +0100
Subject: [PATCH] * unify CONFIG option for DHT stunner * implement optional
 (turned off by default) usage of dht stunner to determin external ip (this
 can be usefull for some corner case setups)

---
 libretroshare/src/pqi/p3netmgr.cc |  6 ++++--
 retroshare.pri                    | 21 ++++++++++++++++++---
 2 files changed, 22 insertions(+), 5 deletions(-)

diff --git a/libretroshare/src/pqi/p3netmgr.cc b/libretroshare/src/pqi/p3netmgr.cc
index 8eebd4c1e..89ff6f0cd 100644
--- a/libretroshare/src/pqi/p3netmgr.cc
+++ b/libretroshare/src/pqi/p3netmgr.cc
@@ -712,8 +712,10 @@ void p3NetMgrIMPL::netExtCheck()
 		}
 
 #ifdef ALLOW_DHT_STUNNER
-        // (cyril) I disabled this because it's pretty dangerous. The DHT can report a wrong address quite easily
-        // if the other DHT peers are not collaborating.
+		// (cyril) I disabled this because it's pretty dangerous. The DHT can report a wrong address quite easily
+		// if the other DHT peers are not collaborating.
+		// (sehraf) For the record: The udp stunner uses multiple (as for now: two) peers to ensure that the IP recieved is the correct one, see UdpStunner::locked_checkExternalAddress()
+		// Nevertheless this stays a more risky method to determine the external ip address.
         
 		/* Next ask the DhtStunner */
 		{
diff --git a/retroshare.pri b/retroshare.pri
index fedd39e6a..565324259 100644
--- a/retroshare.pri
+++ b/retroshare.pri
@@ -113,9 +113,16 @@ no_bitdht:CONFIG -= bitdht
 
 # The DHT stunner is used to determine the NAT type using other RS DHT peers and the STUN (Session Traversal Utilities for NAT) protocol.
 # To disable DHT stunner append the following assignation to qmake command line
-# "CONFIG+=no_useDhtStunner"
-CONFIG *= useDhtStunner
-no_useDhtStunner:CONFIG -= useDhtStunner
+# "CONFIG+=no_use_dht_stunner"
+CONFIG *= use_dht_stunner
+no_use_dht_stunner:CONFIG -= use_dht_stunner
+
+# The DHT stunner can be used to figure out our external IP. As this purely relying on random DHT peers that answer our request, it can easily be abused
+# Therefore, it is turned off by default.
+# To enable external ip determination (additionally) based on the dht stunner append the following assignation to qmake
+# command line "CONFIG+=rs_async_chat"
+CONFIG *= no_use_dht_stunner_ext_ip
+use_dht_stunner_ext_ip:CONFIG -= no_use_dht_stunner_ext_ip
 
 # To select your MacOsX version append the following assignation to qmake
 # command line "CONFIG+=rs_macos10.11" where 10.11 depends your version
@@ -498,6 +505,14 @@ rs_gxs_trans {
 
 bitdht {
     DEFINES *= RS_USE_BITDHT
+
+    use_dht_stunner {
+        CONFIG *= useDhtStunner
+
+        use_dht_stunner_ext_ip {
+            DEFINES *= ALLOW_DHT_STUNNER
+        }
+    }
 }
 
 direct_chat {