mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-29 01:16:20 -05:00
* Enabled Relays by default.
- This will only effect people who upgrade from a very old version. - Other people will have to switch it on manually. - Default is 0 friends, 1 FOF & 1 General @ 1kb/s... max 4kb/s usage per peer. * Switched off lots of debugging. * Bugfix for natassist (zeroconf returns 0.0.0.0:0 when its doesn't work). * Logged IP Addresses for Failed incoming connections. * Hacked IP address into the NewsFeed notifications (ugly). git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@4827 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
f08bcc153e
commit
87944f251e
@ -148,9 +148,10 @@ bool p3BitDht::dropPeer(std::string pid)
|
||||
DhtPeerDetails *dpd = findInternalRsPeer_locked(pid);
|
||||
if (!dpd)
|
||||
{
|
||||
/* ERROR */
|
||||
#ifdef DEBUG_BITDHT
|
||||
std::cerr << "p3BitDht::dropPeer(" << pid << ") HACK TO INCLUDE FRIEND AS NON-ACTIVE PEER";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
//addFriend(pid);
|
||||
dpd = addInternalPeer_locked(pid, RSDHT_PEERTYPE_FOF);
|
||||
@ -551,26 +552,26 @@ int p3BitDht::lookupRsId_locked(const bdNodeId *id, std::string &pid)
|
||||
|
||||
int p3BitDht::storeTranslation_locked(const std::string pid)
|
||||
{
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
std::cerr << "p3BitDht::storeTranslation_locked(" << pid << ")";
|
||||
std::cerr << std::endl;
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
#endif
|
||||
|
||||
bdNodeId nid;
|
||||
calculateNodeId(pid, &nid);
|
||||
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
std::cerr << "p3BitDht::storeTranslation_locked() Converts to NodeId: ";
|
||||
bdStdPrintNodeId(std::cerr, &(nid));
|
||||
std::cerr << std::endl;
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
#endif
|
||||
|
||||
mTransToNodeId[pid] = nid;
|
||||
mTransToRsId[nid] = pid;
|
||||
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
std::cerr << "p3BitDht::storeTranslation_locked() Success";
|
||||
std::cerr << std::endl;
|
||||
#ifdef DEBUG_BITDHT_TRANSLATE
|
||||
#endif
|
||||
|
||||
return 1;
|
||||
|
@ -38,8 +38,7 @@
|
||||
|
||||
int p3BitDht::setupRelayDefaults()
|
||||
{
|
||||
//uint32_t mode = RSDHT_RELAY_ENABLED | RSDHT_RELAY_MODE_OFF;
|
||||
uint32_t mode = RSDHT_RELAY_MODE_OFF;
|
||||
uint32_t mode = RSDHT_RELAY_ENABLED | RSDHT_RELAY_MODE_OFF;
|
||||
setRelayMode(mode);
|
||||
|
||||
return 1;
|
||||
|
@ -830,7 +830,10 @@ static int verify_x509_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
||||
{
|
||||
/* Process as FAILED Certificate */
|
||||
/* Start as INCOMING, as outgoing is already captured */
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(X509_STORE_CTX_get_current_cert(ctx), true);
|
||||
struct sockaddr_in addr;
|
||||
sockaddr_clear(&addr);
|
||||
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(X509_STORE_CTX_get_current_cert(ctx), addr, true);
|
||||
}
|
||||
|
||||
return verify;
|
||||
@ -1142,7 +1145,7 @@ bool AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen)
|
||||
/********************************************************************************/
|
||||
|
||||
/* store for discovery */
|
||||
bool AuthSSLimpl::FailedCertificate(X509 *x509, bool incoming)
|
||||
bool AuthSSLimpl::FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming)
|
||||
{
|
||||
std::string peerId = "UnknownSSLID";
|
||||
if(!getX509id(x509, peerId))
|
||||
@ -1167,6 +1170,13 @@ bool AuthSSLimpl::FailedCertificate(X509 *x509, bool incoming)
|
||||
std::cerr << "GpgId: " << gpgid << " SSLcn: " << sslcn << " peerId: " << peerId;
|
||||
std::cerr << std::endl;
|
||||
|
||||
{
|
||||
// Hacky - adding IpAddress to SSLId.
|
||||
std::ostringstream out;
|
||||
out << "/" << rs_inet_ntoa(addr.sin_addr) << ":" << ntohs(addr.sin_port);
|
||||
peerId += out.str();
|
||||
}
|
||||
|
||||
uint32_t notifyType = 0;
|
||||
|
||||
/* if auths -> store */
|
||||
|
@ -152,7 +152,7 @@ virtual bool ValidateCertificate(X509 *x509, std::string &peerId) = 0; /* valid
|
||||
virtual SSL_CTX *getCTX() = 0;
|
||||
|
||||
/* Restored these functions: */
|
||||
virtual bool FailedCertificate(X509 *x509, bool incoming) = 0; /* store for discovery */
|
||||
virtual bool FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming) = 0; /* store for discovery */
|
||||
virtual bool CheckCertificate(std::string peerId, X509 *x509) = 0; /* check that they are exact match */
|
||||
};
|
||||
|
||||
@ -226,7 +226,7 @@ virtual bool ValidateCertificate(X509 *x509, std::string &peerId); /* validate
|
||||
virtual SSL_CTX *getCTX();
|
||||
|
||||
/* Restored these functions: */
|
||||
virtual bool FailedCertificate(X509 *x509, bool incoming); /* store for discovery */
|
||||
virtual bool FailedCertificate(X509 *x509, const struct sockaddr_in &addr, bool incoming); /* store for discovery */
|
||||
virtual bool CheckCertificate(std::string peerId, X509 *x509); /* check that they are exact match */
|
||||
|
||||
|
||||
|
@ -1229,7 +1229,7 @@ int pqissl::Extract_Failed_SSL_Certificate()
|
||||
// we actually connected to remote_addr,
|
||||
// which could be
|
||||
// (pqissl's case) sslcert->serveraddr or sslcert->localaddr.
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(peercert, false);
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(peercert, remote_addr, false);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
@ -500,7 +500,7 @@ int pqissllistenbase::closeConnection(int fd, SSL *ssl)
|
||||
|
||||
|
||||
|
||||
int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in */*inaddr*/)
|
||||
int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_in *addr)
|
||||
{
|
||||
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone,
|
||||
"pqissllistenbase::Extract_Failed_SSL_Certificate()");
|
||||
@ -513,23 +513,34 @@ int pqissllistenbase::Extract_Failed_SSL_Certificate(SSL *ssl, struct sockaddr_
|
||||
|
||||
if (peercert == NULL)
|
||||
{
|
||||
std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() ERROR, Peer didn't give Cert!";
|
||||
std::cerr << std::endl;
|
||||
std::ostringstream out;
|
||||
out << "pqissllistenbase::Extract_Failed_SSL_Certificate() from: ";
|
||||
out << rs_inet_ntoa(addr->sin_addr) << ":" << ntohs(addr->sin_port);
|
||||
out << " ERROR Peer didn't give Cert!";
|
||||
std::cerr << out.str() << std::endl;
|
||||
|
||||
pqioutput(PQL_WARNING, pqissllistenzone,
|
||||
"pqissllistenbase::Extract_Failed_SSL_Certificate() Peer Didnt Give Cert");
|
||||
pqioutput(PQL_WARNING, pqissllistenzone, out.str());
|
||||
return -1;
|
||||
}
|
||||
|
||||
pqioutput(PQL_DEBUG_BASIC, pqissllistenzone,
|
||||
"pqissllistenbase::Extract_Failed_SSL_Certificate() Have Peer Cert - Registering");
|
||||
|
||||
std::cerr << "pqissllistenbase::Extract_Failed_SSL_Certificate() Passing Cert to AuthSSL() for analysis";
|
||||
std::cerr << std::endl;
|
||||
{
|
||||
std::ostringstream out;
|
||||
|
||||
out << "pqissllistenbase::Extract_Failed_SSL_Certificate() from: ";
|
||||
out << rs_inet_ntoa(addr->sin_addr) << ":" << ntohs(addr->sin_port);
|
||||
out << " Passing Cert to AuthSSL() for analysis";
|
||||
out << std::endl;
|
||||
std::cerr << out.str() << std::endl;
|
||||
|
||||
pqioutput(PQL_WARNING, pqissllistenzone, out.str());
|
||||
}
|
||||
|
||||
// save certificate... (and ip locations)
|
||||
// false for outgoing....
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(peercert, true);
|
||||
AuthSSL::getAuthSSL()->FailedCertificate(peercert, *addr, true);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
@ -330,9 +330,9 @@ int p3BanList::condenseBanSources_locked()
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << "p3BanList::condenseBanSources_locked() Printing New Set:";
|
||||
std::cerr << std::endl;
|
||||
#endif
|
||||
|
||||
printBanSet_locked(std::cerr);
|
||||
#endif
|
||||
|
||||
return true ;
|
||||
}
|
||||
@ -354,11 +354,13 @@ int p3BanList::sendPackets()
|
||||
|
||||
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
|
||||
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << "p3BanList::sendPackets() Regular Broadcast";
|
||||
std::cerr << std::endl;
|
||||
|
||||
printBanSources_locked(std::cerr);
|
||||
printBanSet_locked(std::cerr);
|
||||
#endif
|
||||
|
||||
mSentListTime = now;
|
||||
}
|
||||
|
@ -62,6 +62,9 @@ UdpRelayReceiver::UdpRelayReceiver(UdpPublisher *pub)
|
||||
}
|
||||
|
||||
setRelayTotal(UDP_RELAY_DEFAULT_COUNT_ALL);
|
||||
setRelayClassMax(UDP_RELAY_CLASS_FRIENDS, UDP_RELAY_DEFAULT_FRIEND, UDP_RELAY_DEFAULT_BANDWIDTH);
|
||||
setRelayClassMax(UDP_RELAY_CLASS_FOF, UDP_RELAY_DEFAULT_FOF, UDP_RELAY_DEFAULT_BANDWIDTH);
|
||||
setRelayClassMax(UDP_RELAY_CLASS_GENERAL, UDP_RELAY_DEFAULT_GENERAL, UDP_RELAY_DEFAULT_BANDWIDTH);
|
||||
|
||||
/* only allocate this space once */
|
||||
mTmpSendPkt = malloc(MAX_RELAY_UDP_PACKET_SIZE);
|
||||
|
@ -92,10 +92,17 @@ std::ostream &operator<<(std::ostream &out, const UdpRelayEnd &ure);
|
||||
* 20 x 2 x 1Kb/s => 40Kb/s Huge.
|
||||
*/
|
||||
|
||||
#define UDP_RELAY_DEFAULT_COUNT_ALL 10
|
||||
#define UDP_RELAY_FRAC_GENERAL (0.2)
|
||||
#define UDP_RELAY_DEFAULT_COUNT_ALL 2
|
||||
#define UDP_RELAY_DEFAULT_FRIEND 0
|
||||
#define UDP_RELAY_DEFAULT_FOF 1
|
||||
#define UDP_RELAY_DEFAULT_GENERAL 1
|
||||
#define UDP_RELAY_DEFAULT_BANDWIDTH 1024
|
||||
|
||||
#define UDP_RELAY_FRAC_GENERAL (0.5)
|
||||
#define UDP_RELAY_FRAC_FOF (0.5)
|
||||
#define UDP_RELAY_FRAC_FRIENDS (0.3)
|
||||
#define UDP_RELAY_FRAC_FRIENDS (0.0)
|
||||
|
||||
|
||||
|
||||
/**** DEFINED IN EXTERNAL HEADER FILE ***/
|
||||
#define UDP_RELAY_NUM_CLASS RSDHT_RELAY_NUM_CLASS
|
||||
|
@ -31,7 +31,7 @@
|
||||
#include <sstream>
|
||||
#include <iostream>
|
||||
|
||||
#define DEBUG_ZCNATASSIST 1
|
||||
//#define DEBUG_ZCNATASSIST 1
|
||||
|
||||
|
||||
p3zcNatAssist::p3zcNatAssist()
|
||||
@ -386,6 +386,17 @@ void p3zcNatAssist::callbackMapping(DNSServiceRef sdRef, DNSServiceFlags flags,
|
||||
return;
|
||||
}
|
||||
|
||||
if ((externalAddress == 0) && (externalPort == 0))
|
||||
{
|
||||
/* failed :( */
|
||||
mMapped = false;
|
||||
|
||||
std::cerr << "p3zcNatAssist::callbackMapping() ZeroAddress ... Mapping not possible";
|
||||
std::cerr << std::endl;
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
mMapped = true;
|
||||
mExternalAddress.sin_addr.s_addr = externalAddress;
|
||||
mExternalAddress.sin_port = externalPort;
|
||||
|
@ -41,7 +41,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
#define DEBUG_ZEROCONF 1
|
||||
//#define DEBUG_ZEROCONF 1
|
||||
|
||||
#define ZC_MAX_QUERY_TIME 30
|
||||
#define ZC_MAX_RESOLVE_TIME 30
|
||||
|
Loading…
Reference in New Issue
Block a user