* Enabled Relays by default.

- This will only effect people who upgrade from a very old version.
 	- Other people will have to switch it on manually.
	- Default is 0 friends, 1 FOF & 1 General @ 1kb/s... max 4kb/s usage per peer.
 * Switched off lots of debugging.
 * Bugfix for natassist (zeroconf returns 0.0.0.0:0 when its doesn't work).
 * Logged IP Addresses for Failed incoming connections.
 * Hacked IP address into the NewsFeed notifications (ugly).



git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4827 b45a01b8-16f6-495d-af2f-9b41ad6348cc

libretroshare/src/dht/p3bitdht_peers.cc

@@ -148,9 +148,10 @@ bool 	p3BitDht::dropPeer(std::string pid)
 		DhtPeerDetails *dpd = findInternalRsPeer_locked(pid);
 		if (!dpd)
 		{
-			/* ERROR */
+#ifdef DEBUG_BITDHT
 			std::cerr << "p3BitDht::dropPeer(" << pid << ") HACK TO INCLUDE FRIEND AS NON-ACTIVE PEER";
 			std::cerr << std::endl;
+#endif
 	
 			//addFriend(pid);
 			dpd = addInternalPeer_locked(pid, RSDHT_PEERTYPE_FOF);
@@ -551,26 +552,26 @@ int p3BitDht::lookupRsId_locked(const bdNodeId *id, std::string &pid)
 
 int p3BitDht::storeTranslation_locked(const std::string pid)
 {
+#ifdef DEBUG_BITDHT_TRANSLATE
 	std::cerr << "p3BitDht::storeTranslation_locked(" << pid << ")";
 	std::cerr << std::endl;
-#ifdef DEBUG_BITDHT_TRANSLATE
 #endif
 
 	bdNodeId nid;
 	calculateNodeId(pid, &nid);
 
+#ifdef DEBUG_BITDHT_TRANSLATE
 	std::cerr << "p3BitDht::storeTranslation_locked() Converts to NodeId: ";
 	bdStdPrintNodeId(std::cerr, &(nid));
 	std::cerr << std::endl;
-#ifdef DEBUG_BITDHT_TRANSLATE
 #endif
 
 	mTransToNodeId[pid] = nid;
 	mTransToRsId[nid] = pid;
 
+#ifdef DEBUG_BITDHT_TRANSLATE
 	std::cerr << "p3BitDht::storeTranslation_locked() Success";
 	std::cerr << std::endl;
-#ifdef DEBUG_BITDHT_TRANSLATE
 #endif
 
 	return 1;

libretroshare/src/dht/p3bitdht_relay.cc

@@ -38,8 +38,7 @@
 
 int p3BitDht::setupRelayDefaults()
 {
-	//uint32_t mode = RSDHT_RELAY_ENABLED | RSDHT_RELAY_MODE_OFF;
-	uint32_t mode = RSDHT_RELAY_MODE_OFF;
+	uint32_t mode = RSDHT_RELAY_ENABLED | RSDHT_RELAY_MODE_OFF;
 	setRelayMode(mode);
 	
 	return 1;

libretroshare/src/pqi/authssl.cc

@@ -830,7 +830,10 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
 	{
 		/* Process as FAILED Certificate */
 		/* Start as INCOMING, as outgoing is already captured */
-		AuthSSL::getAuthSSL()->FailedCertificate(X509_STORE_CTX_get_current_cert(ctx), true); 
+		struct sockaddr_in addr;
+		sockaddr_clear(&addr);
+		
+		AuthSSL::getAuthSSL()->FailedCertificate(X509_STORE_CTX_get_current_cert(ctx), addr, true); 
 	}
 
         return verify;
@@ -1142,7 +1145,7 @@ bool    AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen)
 /********************************************************************************/
 
 /* store for discovery */
-bool    AuthSSLimpl::FailedCertificate(X509 *x509, bool incoming)
+bool    AuthSSLimpl::FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming)
 {
         std::string peerId = "UnknownSSLID";
 	if(!getX509id(x509, peerId)) 
@@ -1167,6 +1170,13 @@ bool    AuthSSLimpl::FailedCertificate(X509 *x509, bool incoming)
 	std::cerr << "GpgId: " << gpgid << " SSLcn: " << sslcn << " peerId: " << peerId;
 	std::cerr << std::endl;
 
+	{
+		// Hacky - adding IpAddress to SSLId.
+		std::ostringstream out;
+		out << "/" << rs_inet_ntoa(addr.sin_addr) << ":" << ntohs(addr.sin_port);
+		peerId += out.str();
+	}
+
 	uint32_t notifyType = 0;
 
 	/* if auths -> store */

libretroshare/src/pqi/authssl.h

@@ -152,7 +152,7 @@ virtual bool 	ValidateCertificate(X509 *x509, std::string &peerId) = 0; /* valid
 virtual SSL_CTX *getCTX() = 0;
 
 /* Restored these functions: */
-virtual bool 	FailedCertificate(X509 *x509, bool incoming) = 0;     /* store for discovery */
+virtual bool    FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming) = 0; /* store for discovery */
 virtual bool 	CheckCertificate(std::string peerId, X509 *x509) = 0; /* check that they are exact match */
 };
 
@@ -226,7 +226,7 @@ virtual bool 	ValidateCertificate(X509 *x509, std::string &peerId); /* validate
 virtual SSL_CTX *getCTX();
 
 /* Restored these functions: */
-virtual bool 	FailedCertificate(X509 *x509, bool incoming);     /* store for discovery */
+virtual bool    FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming); /* store for discovery */
 virtual bool 	CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */
 
 

libretroshare/src/pqi/pqissl.cc

@@ -1229,7 +1229,7 @@ int 	pqissl::Extract_Failed_SSL_Certificate()
 	// we actually connected to remote_addr, 
 	// 	which could be 
 	//      (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
-        AuthSSL::getAuthSSL()->FailedCertificate(peercert, false);
+        AuthSSL::getAuthSSL()->FailedCertificate(peercert, remote_addr, false);
 
 	return 1;
 }

libretroshare/src/pqi/pqissllistener.cc

@@ -500,7 +500,7 @@ int pqissllistenbase::closeConnection(int fd, SSL *ssl)
 
 
 
-int 	pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in */*inaddr*/)
+int 	pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *addr)
 {
   	pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, 
 	  "pqissllistenbase::Extract_Failed_SSL_Certificate()");
@@ -513,23 +513,34 @@ int 	pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
 
 	if (peercert == NULL)
 	{
-		std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() ERROR, Peer didn't give Cert!";
-		std::cerr << std::endl;
+		std::ostringstream out;
+		out << "pqissllistenbase::Extract_Failed_SSL_Certificate() from: ";
+		out << rs_inet_ntoa(addr->sin_addr) << ":" << ntohs(addr->sin_port); 
+		out << " ERROR Peer didn't give Cert!";
+		std::cerr << out.str() << std::endl;
 
-  		pqioutput(PQL_WARNING, pqissllistenzone, 
-		  "pqissllistenbase::Extract_Failed_SSL_Certificate() Peer Didnt Give Cert");
+  		pqioutput(PQL_WARNING, pqissllistenzone, out.str());
 		return -1;
 	}
 
   	pqioutput(PQL_DEBUG_BASIC, pqissllistenzone, 
 	  "pqissllistenbase::Extract_Failed_SSL_Certificate() Have Peer Cert - Registering");
 
-	std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() Passing Cert to AuthSSL() for analysis";
-	std::cerr << std::endl;
+	{
+		std::ostringstream out;
+
+		out << "pqissllistenbase::Extract_Failed_SSL_Certificate() from: ";
+		out << rs_inet_ntoa(addr->sin_addr) << ":" << ntohs(addr->sin_port); 
+		out << " Passing Cert to AuthSSL() for analysis";
+		out << std::endl;
+		std::cerr << out.str() << std::endl;
+
+  		pqioutput(PQL_WARNING, pqissllistenzone, out.str());
+	}
 
 	// save certificate... (and ip locations)
 	// false for outgoing....
-        AuthSSL::getAuthSSL()->FailedCertificate(peercert, true);
+        AuthSSL::getAuthSSL()->FailedCertificate(peercert, *addr, true);
 
 	return 1;
 }

libretroshare/src/services/p3banlist.cc

@@ -330,9 +330,9 @@ int p3BanList::condenseBanSources_locked()
 #ifdef DEBUG_BANLIST
 	std::cerr << "p3BanList::condenseBanSources_locked() Printing New Set:";
 	std::cerr << std::endl;
-#endif
 
 	printBanSet_locked(std::cerr);
+#endif
 
 	return true ;
 }
@@ -354,11 +354,13 @@ int	p3BanList::sendPackets()
 
 		RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
 
+#ifdef DEBUG_BANLIST
 		std::cerr << "p3BanList::sendPackets() Regular Broadcast";
 		std::cerr << std::endl;
 
 		printBanSources_locked(std::cerr);
 		printBanSet_locked(std::cerr);
+#endif
 
 		mSentListTime = now;
 	}

libretroshare/src/tcponudp/udprelay.cc

@@ -62,6 +62,9 @@ UdpRelayReceiver::UdpRelayReceiver(UdpPublisher *pub)
 	}
 
 	setRelayTotal(UDP_RELAY_DEFAULT_COUNT_ALL);
+	setRelayClassMax(UDP_RELAY_CLASS_FRIENDS, UDP_RELAY_DEFAULT_FRIEND, UDP_RELAY_DEFAULT_BANDWIDTH);
+	setRelayClassMax(UDP_RELAY_CLASS_FOF,     UDP_RELAY_DEFAULT_FOF, UDP_RELAY_DEFAULT_BANDWIDTH);
+	setRelayClassMax(UDP_RELAY_CLASS_GENERAL, UDP_RELAY_DEFAULT_GENERAL, UDP_RELAY_DEFAULT_BANDWIDTH);
 
 	/* only allocate this space once */
 	mTmpSendPkt = malloc(MAX_RELAY_UDP_PACKET_SIZE);

libretroshare/src/tcponudp/udprelay.h

@@ -92,10 +92,17 @@ std::ostream &operator<<(std::ostream &out, const UdpRelayEnd &ure);
  * 20 x 2 x 1Kb/s => 40Kb/s Huge.
  */
 
-#define UDP_RELAY_DEFAULT_COUNT_ALL	10 
-#define UDP_RELAY_FRAC_GENERAL		(0.2)
+#define UDP_RELAY_DEFAULT_COUNT_ALL	2
+#define UDP_RELAY_DEFAULT_FRIEND	0
+#define UDP_RELAY_DEFAULT_FOF		1
+#define UDP_RELAY_DEFAULT_GENERAL	1
+#define UDP_RELAY_DEFAULT_BANDWIDTH	1024
+
+#define UDP_RELAY_FRAC_GENERAL		(0.5)
 #define UDP_RELAY_FRAC_FOF		(0.5)
-#define UDP_RELAY_FRAC_FRIENDS		(0.3)
+#define UDP_RELAY_FRAC_FRIENDS		(0.0)
+
+
 
 /**** DEFINED IN EXTERNAL HEADER FILE ***/
 #define UDP_RELAY_NUM_CLASS		RSDHT_RELAY_NUM_CLASS

libretroshare/src/zeroconf/p3zcnatassist.cc

@@ -31,7 +31,7 @@
 #include <sstream>
 #include <iostream>
 
-#define DEBUG_ZCNATASSIST	1
+//#define DEBUG_ZCNATASSIST	1
 
 
 p3zcNatAssist::p3zcNatAssist()
@@ -386,6 +386,17 @@ void p3zcNatAssist::callbackMapping(DNSServiceRef sdRef, DNSServiceFlags flags,
 		return;
 	}
 
+	if ((externalAddress == 0) && (externalPort == 0))
+	{
+		/* failed :( */
+		mMapped = false;
+
+		std::cerr <<  "p3zcNatAssist::callbackMapping() ZeroAddress ... Mapping not possible";
+		std::cerr << std::endl;
+		return;
+	}
+
+
 	mMapped = true;
 	mExternalAddress.sin_addr.s_addr = externalAddress;
 	mExternalAddress.sin_port = externalPort;

libretroshare/src/zeroconf/p3zeroconf.cc

@@ -41,7 +41,7 @@
  *
  */
 
-#define DEBUG_ZEROCONF	1
+//#define DEBUG_ZEROCONF	1
 
 #define ZC_MAX_QUERY_TIME	30
 #define ZC_MAX_RESOLVE_TIME	30