improved voting for extr address, and make sure DHTStunner does not return a banned IP

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8408 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-06-06 21:58:57 -04:00 · 2015-06-10 19:15:07 +00:00 · 2015-06-10 19:15:07 +00:00 · 91bf1d6cb2
commit 91bf1d6cb2
parent b9a620ee39
1 changed files with 93 additions and 75 deletions
--- a/libretroshare/src/pqi/p3netmgr.cc
+++ b/libretroshare/src/pqi/p3netmgr.cc
@ -44,6 +44,7 @@ const int p3netmgrzone = 7563;
 #include "serialiser/rsconfigitems.h"
 #include "retroshare/rsiface.h"
 #include "retroshare/rsconfig.h"
 #include "retroshare/rsbanlist.h"
 /* Network setup States */
@ -708,27 +709,32 @@ void p3NetMgrIMPL::netExtCheck()
 			/* net Assist */
 			if (netAssistExtAddress(tmpip))
-			{
+            {
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
-				std::cerr << "p3NetMgrIMPL::netExtCheck() Ext supplied from netAssistExternalAddress()" << std::endl;
+                std::cerr << "p3NetMgrIMPL::netExtCheck() Ext supplied from netAssistExternalAddress()" << std::endl;
 #endif
-				if (sockaddr_storage_isValidNet(tmpip))
+                if(sockaddr_storage_isValidNet(tmpip))
-				{
+                {
-					// must be stable???
+                    if(rsBanList->isAddressAccepted(tmpip,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
-					isStable = true;
+                    {
-					mNetFlags.mExtAddr = tmpip;
+                        // must be stable???
-					mNetFlags.mExtAddrOk = true;
+                        isStable = true;
-                    mNetFlags.mExtAddrStableOk = isStable;
+                        mNetFlags.mExtAddr = tmpip;
                        mNetFlags.mExtAddrOk = true;
                        mNetFlags.mExtAddrStableOk = isStable;
-                    address_votes[tmpip].n++ ;
+                        address_votes[tmpip].n++ ;
-				}	
+                    }
-				else
+                    else
-				{
+                        std::cerr << "(SS) netAssisExternalAddress returned wrong own IP " << sockaddr_storage_iptostring(tmpip) << " (banned). Rejecting." << std::endl;
                }
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
-					std::cerr << "p3NetMgrIMPL::netExtCheck() Bad Address supplied from netAssistExternalAddress()" << std::endl;
+                else
                {
                    std::cerr << "p3NetMgrIMPL::netExtCheck() Bad Address supplied from netAssistExternalAddress()" << std::endl;
                }
 #endif
-				}
+            }
 			}
 		}
@ -744,22 +750,27 @@ void p3NetMgrIMPL::netExtCheck()
 			if (mDhtStunner)
 			{
        			/* input network bits */
-       				if (mDhtStunner->getExternalAddr(tmpaddr, isstable))
+                    if (mDhtStunner->getExternalAddr(tmpaddr, isstable))
-				{
+                {
-					// must be stable???
+                    if(rsBanList->isAddressAccepted(tmpaddr,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
-					isStable = (isstable == 1);
+                    {
-					mNetFlags.mExtAddr = tmpaddr;
+                        // must be stable???
-					mNetFlags.mExtAddrOk = true;
+                        isStable = (isstable == 1);
-					mNetFlags.mExtAddrStableOk = isStable;
+                        mNetFlags.mExtAddr = tmpaddr;
-			
+                        mNetFlags.mExtAddrOk = true;
-                    address_votes[tmpaddr].n++ ;
+                        mNetFlags.mExtAddrStableOk = isStable;
                        address_votes[tmpaddr].n++ ;
 #ifdef	NETMGR_DEBUG_STATEBOX
-					std::cerr << "p3NetMgrIMPL::netExtCheck() From DhtStunner: ";
+                        std::cerr << "p3NetMgrIMPL::netExtCheck() From DhtStunner: ";
-					std::cerr << sockaddr_storage_tostring(tmpaddr);
+                        std::cerr << sockaddr_storage_tostring(tmpaddr);
-					std::cerr << " Stable: " << (uint32_t) isstable;
+                        std::cerr << " Stable: " << (uint32_t) isstable;
-					std::cerr << std::endl;
+                        std::cerr << std::endl;
 #endif
-				}
+                    }
                    else
                        std::cerr << "(SS) DHTStunner returned wrong own IP " << sockaddr_storage_iptostring(tmpaddr) << " (banned). Rejecting." << std::endl;
                }
 			}
 		}
@ -772,7 +783,7 @@ void p3NetMgrIMPL::netExtCheck()
 				std::cerr << "p3NetMgrIMPL::netExtCheck() checking ExtAddrFinder" << std::endl;
 #endif
 				bool extFinderOk = mExtAddrFinder->hasValidIP(tmpip);
-				if (extFinderOk)
+                if (extFinderOk)
 				{
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
 					std::cerr << "p3NetMgrIMPL::netExtCheck() Ext supplied by ExtAddrFinder" << std::endl;
@ -788,7 +799,6 @@ void p3NetMgrIMPL::netExtCheck()
 					mNetFlags.mExtAddr = tmpip;
 					mNetFlags.mExtAddrOk = true;
 					mNetFlags.mExtAddrStableOk = isStable;
                    address_votes[tmpip].n++ ;
@ -808,76 +818,84 @@ void p3NetMgrIMPL::netExtCheck()
            // look at votes.
            std::cerr << "Figuring out ext addr from voting:" << std::endl;
-            uint32_t max = 0 ;
+            uint32_t admax = 0 ;
            for(std::map<sockaddr_storage,ZeroInt>::const_iterator it(address_votes.begin());it!=address_votes.end();++it)
            {
-                std::cerr << "  Vote 1: " << sockaddr_storage_iptostring(it->first) << " : " << it->second.n << " votes." << std::endl;
+                std::cerr << "  Vote: " << sockaddr_storage_iptostring(it->first) << " : " << it->second.n << " votes." ;
-                if(it->second.n > max)
+                if(it->second.n > admax)
                {
                    mNetFlags.mExtAddr = it->first ;
                    admax = it->second.n ;
                    std::cerr << " Kept!" << std::endl;
                }
                else
                    std::cerr << " Discarded." << std::endl;
            }
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
-			std::cerr << "p3NetMgrIMPL::netExtCheck() ";
+            std::cerr << "p3NetMgrIMPL::netExtCheck() ";
-			std::cerr << "ExtAddr: " << sockaddr_storage_tostring(mNetFlags.mExtAddr);
+            std::cerr << "ExtAddr: " << sockaddr_storage_tostring(mNetFlags.mExtAddr);
-			std::cerr << std::endl;
+            std::cerr << std::endl;
 #endif
-			//update ip address list
+            //update ip address list
            mExtAddr = mNetFlags.mExtAddr;
-			mNetStatus = RS_NET_DONE;
+            mNetStatus = RS_NET_DONE;
-			netSetupDone = true;
+            netSetupDone = true;
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
-			std::cerr << "p3NetMgrIMPL::netExtCheck() Ext Ok: RS_NET_DONE" << std::endl;
+            std::cerr << "p3NetMgrIMPL::netExtCheck() Ext Ok: RS_NET_DONE" << std::endl;
 #endif
-			if (!mNetFlags.mExtAddrStableOk)
+            if (!mNetFlags.mExtAddrStableOk)
-			{
+            {
 #if defined(NETMGR_DEBUG_TICK) || defined(NETMGR_DEBUG_RESET)
-				std::cerr << "p3NetMgrIMPL::netUdpCheck() UDP Unstable :( ";
+                std::cerr << "p3NetMgrIMPL::netUdpCheck() UDP Unstable :( ";
-				std::cerr <<  std::endl;
+                std::cerr <<  std::endl;
                std::cerr << "p3NetMgrIMPL::netUdpCheck() We are unreachable";
-				std::cerr <<  std::endl;
+                std::cerr <<  std::endl;
-				std::cerr << "netMode =>  RS_NET_MODE_UNREACHABLE";
+                std::cerr << "netMode =>  RS_NET_MODE_UNREACHABLE";
-				std::cerr <<  std::endl;
+                std::cerr <<  std::endl;
 #endif
-				// Due to the new UDP connections - we can still connect some of the time!
+                // Due to the new UDP connections - we can still connect some of the time!
-				// So limit warning!
+                // So limit warning!
-				//mNetMode &= ~(RS_NET_MODE_ACTUAL);
+                //mNetMode &= ~(RS_NET_MODE_ACTUAL);
-				//mNetMode |= RS_NET_MODE_UNREACHABLE;
+                //mNetMode |= RS_NET_MODE_UNREACHABLE;
-				/* send a system warning message */
+                /* send a system warning message */
-				//pqiNotify *notify = getPqiNotify();
+                //pqiNotify *notify = getPqiNotify();
-				//if (notify)
+                //if (notify)
-				{
+                {
-					std::string title = 
+                    std::string title =
-						"Warning: Bad Firewall Configuration";
+                                    "Warning: Bad Firewall Configuration";
-					std::string msg;
+                    std::string msg;
-					msg +=  "               **** WARNING ****     \n";
+                    msg +=  "               **** WARNING ****     \n";
-					msg +=  "Retroshare has detected that you are behind";
+                    msg +=  "Retroshare has detected that you are behind";
-					msg +=  " a restrictive Firewall\n";
+                    msg +=  " a restrictive Firewall\n";
-					msg +=  "\n";
+                    msg +=  "\n";
-					msg +=  "You will have limited connectivity to other firewalled peers\n";
+                    msg +=  "You will have limited connectivity to other firewalled peers\n";
-					msg +=  "\n";
+                    msg +=  "\n";
-					msg +=  "You can fix this by:\n";
+                    msg +=  "You can fix this by:\n";
-					msg +=  "   (1) opening an External Port\n";
+                    msg +=  "   (1) opening an External Port\n";
-					msg +=  "   (2) enabling UPnP, or\n";
+                    msg +=  "   (2) enabling UPnP, or\n";
-					msg +=  "   (3) get a new (approved) Firewall/Router\n";
+                    msg +=  "   (3) get a new (approved) Firewall/Router\n";
-					//notify->AddSysMessage(0, RS_SYS_WARNING, title, msg);
+                    //notify->AddSysMessage(0, RS_SYS_WARNING, title, msg);
-					std::cerr << msg << std::endl;
+                    std::cerr << msg << std::endl;
-				}
+                }
-			}
+            }
-		}
+        }
 		if (mNetFlags.mExtAddrOk)
 		{