mirror of
https://github.com/RetroShare/RetroShare.git
synced 2025-06-06 21:58:57 -04:00
p3Banlist fail gracefully if IPv6 address get into
Translate IPv4 mapped to plain IPv4 before processing Fail gracefully if the address is IPv6
This commit is contained in:
Gioacchino Mazzurco
parent
b4ccfe91f8
commit
f4e110ed0e
2 changed files with 86 additions and 37 deletions
|
|
@ -306,16 +306,14 @@ bool p3BanList::acceptedBanRanges_locked(const BanListPeer& blp)
|
||||||
}
|
}
|
||||||
return false ;
|
return false ;
|
||||||
}
|
}
|
||||||
bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checking_flags,uint32_t *check_result)
|
bool p3BanList::isAddressAccepted(const sockaddr_storage &dAddr, uint32_t checking_flags,uint32_t *check_result)
|
||||||
{
|
{
|
||||||
if(check_result != NULL)
|
sockaddr_storage addr; sockaddr_storage_copy(dAddr, addr);
|
||||||
*check_result = RSBANLIST_CHECK_RESULT_NOCHECK ;
|
|
||||||
|
|
||||||
if(sockaddr_storage_isLoopbackNet(addr))
|
if(!mIPFilteringEnabled) return true;
|
||||||
return true ;
|
if(check_result != NULL) *check_result = RSBANLIST_CHECK_RESULT_NOCHECK;
|
||||||
|
if(!sockaddr_storage_ipv6_to_ipv4(addr)) return true;
|
||||||
if(!mIPFilteringEnabled)
|
if(sockaddr_storage_isLoopbackNet(addr)) return true;
|
||||||
return true ;
|
|
||||||
|
|
||||||
#ifdef DEBUG_BANLIST
|
#ifdef DEBUG_BANLIST
|
||||||
std::cerr << "isAddressAccepted(): tested addr=" << sockaddr_storage_iptostring(addr) << ", checking flags=" << checking_flags ;
|
std::cerr << "isAddressAccepted(): tested addr=" << sockaddr_storage_iptostring(addr) << ", checking flags=" << checking_flags ;
|
||||||
|
|
@ -453,9 +451,20 @@ void p3BanList::getBannedIps(std::list<BanListPeer> &lst)
|
||||||
lst.push_back(it->second) ;
|
lst.push_back(it->second) ;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool p3BanList::removeIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type)
|
bool p3BanList::removeIpRange( const struct sockaddr_storage& dAddr,
|
||||||
|
int masked_bytes, uint32_t list_type )
|
||||||
{
|
{
|
||||||
RS_STACK_MUTEX(mBanMtx) ;
|
sockaddr_storage addr; sockaddr_storage_copy(dAddr, addr);
|
||||||
|
if(!sockaddr_storage_ipv6_to_ipv4(addr))
|
||||||
|
{
|
||||||
|
std::cerr << __PRETTY_FUNCTION__ << " Cannot handle "
|
||||||
|
<< sockaddr_storage_tostring(dAddr)
|
||||||
|
<< " IPv6 not implemented yet!"
|
||||||
|
<< std::endl;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
RS_STACK_MUTEX(mBanMtx);
|
||||||
|
|
||||||
bool changed = false;
|
bool changed = false;
|
||||||
std::map<sockaddr_storage,BanListPeer>::iterator it ;
|
std::map<sockaddr_storage,BanListPeer>::iterator it ;
|
||||||
|
|
@ -485,9 +494,20 @@ bool p3BanList::removeIpRange(const struct sockaddr_storage& addr,int masked_byt
|
||||||
return changed;
|
return changed;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,uint32_t list_type,const std::string& comment)
|
bool p3BanList::addIpRange( const sockaddr_storage &dAddr, int masked_bytes,
|
||||||
|
uint32_t list_type, const std::string& comment )
|
||||||
{
|
{
|
||||||
RS_STACK_MUTEX(mBanMtx) ;
|
sockaddr_storage addr; sockaddr_storage_copy(dAddr, addr);
|
||||||
|
if(!sockaddr_storage_ipv6_to_ipv4(addr))
|
||||||
|
{
|
||||||
|
std::cerr << __PRETTY_FUNCTION__ << " Cannot handle "
|
||||||
|
<< sockaddr_storage_tostring(dAddr)
|
||||||
|
<< " IPv6 not implemented yet!"
|
||||||
|
<< std::endl;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
RS_STACK_MUTEX(mBanMtx);
|
||||||
|
|
||||||
if(getBitRange(addr) > uint32_t(masked_bytes))
|
if(getBitRange(addr) > uint32_t(masked_bytes))
|
||||||
{
|
{
|
||||||
|
|
@ -668,20 +688,31 @@ bool p3BanList::recvBanItem(RsBanListItem *item)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* overloaded from pqiNetAssistSharePeer */
|
/* overloaded from pqiNetAssistSharePeer */
|
||||||
void p3BanList::updatePeer(const RsPeerId& /*id*/, const struct sockaddr_storage &addr, int /*type*/, int /*reason*/, int time_stamp)
|
void p3BanList::updatePeer( const RsPeerId& /*id*/,
|
||||||
|
const sockaddr_storage &dAddr,
|
||||||
|
int /*type*/, int /*reason*/, int time_stamp )
|
||||||
{
|
{
|
||||||
RsPeerId ownId = mServiceCtrl->getOwnId();
|
sockaddr_storage addr; sockaddr_storage_copy(dAddr, addr);
|
||||||
|
if(!sockaddr_storage_ipv6_to_ipv4(addr))
|
||||||
|
{
|
||||||
|
std::cerr << __PRETTY_FUNCTION__ << " Cannot handle "
|
||||||
|
<< sockaddr_storage_tostring(dAddr)
|
||||||
|
<< " IPv6 not implemented yet!"
|
||||||
|
<< std::endl;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
int int_reason = RSBANLIST_REASON_DHT;
|
RsPeerId ownId = mServiceCtrl->getOwnId();
|
||||||
|
|
||||||
addBanEntry(ownId, addr, RSBANLIST_ORIGIN_SELF, int_reason, time_stamp);
|
int int_reason = RSBANLIST_REASON_DHT;
|
||||||
|
|
||||||
/* process */
|
addBanEntry(ownId, addr, RSBANLIST_ORIGIN_SELF, int_reason, time_stamp);
|
||||||
{
|
|
||||||
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
|
|
||||||
|
|
||||||
condenseBanSources_locked();
|
/* process */
|
||||||
}
|
{
|
||||||
|
RS_STACK_MUTEX(mBanMtx);
|
||||||
|
condenseBanSources_locked();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
RsSerialiser *p3BanList::setupSerialiser()
|
RsSerialiser *p3BanList::setupSerialiser()
|
||||||
|
|
@ -882,10 +913,21 @@ bool p3BanList::loadList(std::list<RsItem*>& load)
|
||||||
return true ;
|
return true ;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr,
|
bool p3BanList::addBanEntry( const RsPeerId &peerId,
|
||||||
int level, uint32_t reason, time_t time_stamp)
|
const sockaddr_storage &dAddr,
|
||||||
|
int level, uint32_t reason, time_t time_stamp )
|
||||||
{
|
{
|
||||||
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
|
sockaddr_storage addr; sockaddr_storage_copy(dAddr, addr);
|
||||||
|
if(!sockaddr_storage_ipv6_to_ipv4(addr))
|
||||||
|
{
|
||||||
|
std::cerr << __PRETTY_FUNCTION__ << " Cannot handle "
|
||||||
|
<< sockaddr_storage_tostring(dAddr)
|
||||||
|
<< " IPv6 not implemented yet!"
|
||||||
|
<< std::endl;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
RS_STACK_MUTEX(mBanMtx);
|
||||||
|
|
||||||
time_t now = time(NULL);
|
time_t now = time(NULL);
|
||||||
bool updated = false;
|
bool updated = false;
|
||||||
|
|
|
||||||
|
|
@ -47,27 +47,31 @@ class BanList
|
||||||
std::map<struct sockaddr_storage, BanListPeer> mBanPeers;
|
std::map<struct sockaddr_storage, BanListPeer> mBanPeers;
|
||||||
};
|
};
|
||||||
|
|
||||||
//!The RS BanList service.
|
/**
|
||||||
/**
|
* The RS BanList service.
|
||||||
*
|
* Exchange list of Banned IPv4 addresses with peers.
|
||||||
* Exchange list of Banned IP addresses with peers.
|
*
|
||||||
*/
|
* @warning IPv4 only, IPv6 not supported yet!
|
||||||
|
*/
|
||||||
class p3BanList: public RsBanList, public p3Service, public pqiNetAssistPeerShare, public p3Config /*, public pqiMonitor */
|
class p3BanList: public RsBanList, public p3Service, public pqiNetAssistPeerShare, public p3Config /*, public pqiMonitor */
|
||||||
{
|
{
|
||||||
public:
|
public:
|
||||||
p3BanList(p3ServiceControl *sc, p3NetMgr *nm);
|
p3BanList(p3ServiceControl *sc, p3NetMgr *nm);
|
||||||
virtual RsServiceInfo getServiceInfo();
|
virtual RsServiceInfo getServiceInfo();
|
||||||
|
|
||||||
/***** overloaded from RsBanList *****/
|
/***** overloaded from RsBanList *****/
|
||||||
|
|
||||||
virtual bool isAddressAccepted(const struct sockaddr_storage& addr, uint32_t checking_flags,uint32_t *check_result=NULL) ;
|
virtual bool isAddressAccepted( const sockaddr_storage& addr,
|
||||||
|
uint32_t checking_flags,
|
||||||
|
uint32_t *check_result=NULL );
|
||||||
|
|
||||||
virtual void getBannedIps(std::list<BanListPeer>& list) ;
|
virtual void getBannedIps(std::list<BanListPeer>& list) ;
|
||||||
virtual void getWhiteListedIps(std::list<BanListPeer>& list) ;
|
virtual void getWhiteListedIps(std::list<BanListPeer>& list) ;
|
||||||
|
|
||||||
virtual bool addIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type,const std::string& comment) ;
|
virtual bool addIpRange( const sockaddr_storage& addr, int masked_bytes,
|
||||||
virtual bool removeIpRange(const sockaddr_storage &addr, int masked_bytes, uint32_t list_type);
|
uint32_t list_type, const std::string& comment );
|
||||||
|
virtual bool removeIpRange( const sockaddr_storage &addr, int masked_bytes,
|
||||||
|
uint32_t list_type );
|
||||||
|
|
||||||
virtual void enableIPFiltering(bool b) ;
|
virtual void enableIPFiltering(bool b) ;
|
||||||
virtual bool ipFilteringEnabled() ;
|
virtual bool ipFilteringEnabled() ;
|
||||||
|
|
@ -86,7 +90,8 @@ public:
|
||||||
|
|
||||||
/***** overloaded from pqiNetAssistPeerShare *****/
|
/***** overloaded from pqiNetAssistPeerShare *****/
|
||||||
|
|
||||||
virtual void updatePeer(const RsPeerId& id, const struct sockaddr_storage &addr, int type, int reason, int time_stamp);
|
virtual void updatePeer( const RsPeerId& id, const sockaddr_storage &addr,
|
||||||
|
int type, int reason, int time_stamp );
|
||||||
|
|
||||||
/*********************** p3config ******************************/
|
/*********************** p3config ******************************/
|
||||||
virtual RsSerialiser *setupSerialiser();
|
virtual RsSerialiser *setupSerialiser();
|
||||||
|
|
@ -108,8 +113,10 @@ public:
|
||||||
int sendPackets();
|
int sendPackets();
|
||||||
bool processIncoming();
|
bool processIncoming();
|
||||||
|
|
||||||
bool recvBanItem(RsBanListItem *item);
|
bool recvBanItem(RsBanListItem *item);
|
||||||
bool addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, int level, uint32_t reason, time_t time_stamp);
|
bool addBanEntry( const RsPeerId &peerId,
|
||||||
|
const sockaddr_storage &addr, int level, uint32_t reason,
|
||||||
|
time_t time_stamp );
|
||||||
void sendBanLists();
|
void sendBanLists();
|
||||||
int sendBanSet(const RsPeerId& peerid);
|
int sendBanSet(const RsPeerId& peerid);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue