mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-27 00:19:25 -05:00
removed BanList service from Retro-Tor version
This commit is contained in:
parent
2c10f4f340
commit
fcc3995d87
@ -718,7 +718,7 @@ void p3NetMgrIMPL::netExtCheck()
|
|||||||
#endif
|
#endif
|
||||||
if(sockaddr_storage_isValidNet(tmpip))
|
if(sockaddr_storage_isValidNet(tmpip))
|
||||||
{
|
{
|
||||||
if(rsBanList->isAddressAccepted(tmpip,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
if( (rsBanList==NULL) || rsBanList->isAddressAccepted(tmpip,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
||||||
{
|
{
|
||||||
// must be stable???
|
// must be stable???
|
||||||
isStable = true;
|
isStable = true;
|
||||||
@ -761,7 +761,7 @@ void p3NetMgrIMPL::netExtCheck()
|
|||||||
/* input network bits */
|
/* input network bits */
|
||||||
if (mDhtStunner->getExternalAddr(tmpaddr, isstable))
|
if (mDhtStunner->getExternalAddr(tmpaddr, isstable))
|
||||||
{
|
{
|
||||||
if(rsBanList->isAddressAccepted(tmpaddr,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
if((rsBanList == NULL) || rsBanList->isAddressAccepted(tmpaddr,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
||||||
{
|
{
|
||||||
// must be stable???
|
// must be stable???
|
||||||
isStable = (isstable == 1);
|
isStable = (isstable == 1);
|
||||||
|
@ -1218,7 +1218,7 @@ bool p3PeerMgrIMPL::UpdateOwnAddress(const struct sockaddr_storage &localAddr,
|
|||||||
std::cerr << ")" << std::endl;
|
std::cerr << ")" << std::endl;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(!rsBanList->isAddressAccepted(localAddr, RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
if((rsBanList != NULL) && !rsBanList->isAddressAccepted(localAddr, RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
||||||
{
|
{
|
||||||
std::cerr << "(SS) Trying to set own IP to a banned IP " << sockaddr_storage_iptostring(localAddr) << ". This probably means that a friend in under traffic re-routing attack." << std::endl;
|
std::cerr << "(SS) Trying to set own IP to a banned IP " << sockaddr_storage_iptostring(localAddr) << ". This probably means that a friend in under traffic re-routing attack." << std::endl;
|
||||||
return false ;
|
return false ;
|
||||||
@ -1357,7 +1357,7 @@ bool p3PeerMgrIMPL::setExtAddress(const RsPeerId &id, const struct sockaddr_s
|
|||||||
bool changed = false;
|
bool changed = false;
|
||||||
uint32_t check_res = 0 ;
|
uint32_t check_res = 0 ;
|
||||||
|
|
||||||
if(!rsBanList->isAddressAccepted(addr,RSBANLIST_CHECKING_FLAGS_BLACKLIST,&check_res))
|
if(rsBanList!=NULL && !rsBanList->isAddressAccepted(addr,RSBANLIST_CHECKING_FLAGS_BLACKLIST,&check_res))
|
||||||
{
|
{
|
||||||
std::cerr << "(SS) trying to set external contact address for peer " << id << " to a banned address " << sockaddr_storage_iptostring(addr )<< std::endl;
|
std::cerr << "(SS) trying to set external contact address for peer " << id << " to a banned address " << sockaddr_storage_iptostring(addr )<< std::endl;
|
||||||
return false ;
|
return false ;
|
||||||
@ -1531,7 +1531,7 @@ bool p3PeerMgrIMPL::addCandidateForOwnExternalAddress(const RsPeerId &from, cons
|
|||||||
|
|
||||||
// Notify for every friend that has reported a wrong external address, except if that address is in the IP whitelist.
|
// Notify for every friend that has reported a wrong external address, except if that address is in the IP whitelist.
|
||||||
|
|
||||||
if((!rsBanList->isAddressAccepted(addr_filtered,RSBANLIST_CHECKING_FLAGS_WHITELIST)) && (!sockaddr_storage_sameip(own_addr,addr_filtered)))
|
if((rsBanList!=NULL && !rsBanList->isAddressAccepted(addr_filtered,RSBANLIST_CHECKING_FLAGS_WHITELIST)) && (!sockaddr_storage_sameip(own_addr,addr_filtered)))
|
||||||
{
|
{
|
||||||
std::cerr << " Peer " << from << " reports a connection address (" << sockaddr_storage_iptostring(addr_filtered) <<") that is not your current external address (" << sockaddr_storage_iptostring(own_addr) << "). This is weird." << std::endl;
|
std::cerr << " Peer " << from << " reports a connection address (" << sockaddr_storage_iptostring(addr_filtered) <<") that is not your current external address (" << sockaddr_storage_iptostring(own_addr) << "). This is weird." << std::endl;
|
||||||
|
|
||||||
@ -2774,7 +2774,7 @@ bool p3PeerMgrIMPL::removeBannedIps()
|
|||||||
if(cleanIpList(it->second.ipAddrs.mExt.mAddrs,it->first,mLinkMgr)) changed = true ;
|
if(cleanIpList(it->second.ipAddrs.mExt.mAddrs,it->first,mLinkMgr)) changed = true ;
|
||||||
if(cleanIpList(it->second.ipAddrs.mLocal.mAddrs,it->first,mLinkMgr)) changed = true ;
|
if(cleanIpList(it->second.ipAddrs.mLocal.mAddrs,it->first,mLinkMgr)) changed = true ;
|
||||||
|
|
||||||
if(!rsBanList->isAddressAccepted(it->second.serveraddr,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
if(rsBanList!=NULL && !rsBanList->isAddressAccepted(it->second.serveraddr,RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
||||||
{
|
{
|
||||||
sockaddr_storage_clear(it->second.serveraddr) ;
|
sockaddr_storage_clear(it->second.serveraddr) ;
|
||||||
std::cerr << "(SS) Peer " << it->first << " has a banned server address. Wiping it out." << std::endl;
|
std::cerr << "(SS) Peer " << it->first << " has a banned server address. Wiping it out." << std::endl;
|
||||||
|
@ -1321,14 +1321,14 @@ int pqissl::Authorise_SSL_Connection()
|
|||||||
if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
|
if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
|
||||||
checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
|
checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
|
||||||
|
|
||||||
if(!rsBanList->isAddressAccepted(remote_addr,checking_flags,&check_result))
|
if(rsBanList!=NULL && !rsBanList->isAddressAccepted(remote_addr,checking_flags,&check_result))
|
||||||
{
|
{
|
||||||
std::cerr << "(SS) refusing connection attempt from IP address " << sockaddr_storage_iptostring(remote_addr) << ". Reason: " <<
|
std::cerr << "(SS) refusing connection attempt from IP address " << sockaddr_storage_iptostring(remote_addr) << ". Reason: " <<
|
||||||
((check_result == RSBANLIST_CHECK_RESULT_NOT_WHITELISTED)?"not whitelisted (peer requires whitelist)":"blacklisted") << std::endl;
|
((check_result == RSBANLIST_CHECK_RESULT_NOT_WHITELISTED)?"not whitelisted (peer requires whitelist)":"blacklisted") << std::endl;
|
||||||
|
|
||||||
RsServer::notify()->AddFeedItem(RS_FEED_ITEM_SEC_IP_BLACKLISTED, PeerId().toStdString(), sockaddr_storage_iptostring(remote_addr), "", "", check_result);
|
RsServer::notify()->AddFeedItem(RS_FEED_ITEM_SEC_IP_BLACKLISTED, PeerId().toStdString(), sockaddr_storage_iptostring(remote_addr), "", "", check_result);
|
||||||
reset_locked();
|
reset_locked();
|
||||||
return 0 ;
|
return 0 ;
|
||||||
}
|
}
|
||||||
// check it's the right one.
|
// check it's the right one.
|
||||||
if (certCorrect)
|
if (certCorrect)
|
||||||
@ -1371,12 +1371,12 @@ int pqissl::accept_locked(SSL *ssl, int fd, const struct sockaddr_storage &forei
|
|||||||
if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
|
if (rsPeers->servicePermissionFlags(PeerId()) & RS_NODE_PERM_REQUIRE_WL)
|
||||||
checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
|
checking_flags |= RSBANLIST_CHECKING_FLAGS_WHITELIST;
|
||||||
|
|
||||||
if(!rsBanList->isAddressAccepted(foreign_addr,checking_flags,&check_result))
|
if(rsBanList!=NULL && !rsBanList->isAddressAccepted(foreign_addr,checking_flags,&check_result))
|
||||||
{
|
{
|
||||||
std::cerr << "(SS) refusing incoming SSL connection from blacklisted foreign address " << sockaddr_storage_iptostring(foreign_addr)
|
std::cerr << "(SS) refusing incoming SSL connection from blacklisted foreign address " << sockaddr_storage_iptostring(foreign_addr)
|
||||||
<< ". Reason: " << check_result << "." << std::endl;
|
<< ". Reason: " << check_result << "." << std::endl;
|
||||||
RsServer::notify()->AddFeedItem(RS_FEED_ITEM_SEC_IP_BLACKLISTED, PeerId().toStdString(), sockaddr_storage_iptostring(foreign_addr), "", "", check_result);
|
RsServer::notify()->AddFeedItem(RS_FEED_ITEM_SEC_IP_BLACKLISTED, PeerId().toStdString(), sockaddr_storage_iptostring(foreign_addr), "", "", check_result);
|
||||||
reset_locked();
|
reset_locked();
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (waiting != WAITING_NOT)
|
if (waiting != WAITING_NOT)
|
||||||
|
@ -1518,9 +1518,14 @@ int RsServer::StartupRetroShare()
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
// new services to test.
|
// new services to test.
|
||||||
|
#ifndef RETROTOR
|
||||||
p3BanList *mBanList = new p3BanList(serviceCtrl, mNetMgr);
|
p3BanList *mBanList = new p3BanList(serviceCtrl, mNetMgr);
|
||||||
rsBanList = mBanList ;
|
rsBanList = mBanList ;
|
||||||
pqih -> addService(mBanList, true);
|
pqih -> addService(mBanList, true);
|
||||||
|
#else
|
||||||
|
rsBanList = NULL ;
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef RS_USE_BITDHT
|
#ifdef RS_USE_BITDHT
|
||||||
mBitDht->setupPeerSharer(mBanList);
|
mBitDht->setupPeerSharer(mBanList);
|
||||||
#endif
|
#endif
|
||||||
@ -1589,7 +1594,9 @@ int RsServer::StartupRetroShare()
|
|||||||
mConfigMgr->addConfiguration("p3History.cfg", mHistoryMgr);
|
mConfigMgr->addConfiguration("p3History.cfg", mHistoryMgr);
|
||||||
mConfigMgr->addConfiguration("p3Status.cfg", mStatusSrv);
|
mConfigMgr->addConfiguration("p3Status.cfg", mStatusSrv);
|
||||||
mConfigMgr->addConfiguration("turtle.cfg", tr);
|
mConfigMgr->addConfiguration("turtle.cfg", tr);
|
||||||
|
#ifndef RETROTOR
|
||||||
mConfigMgr->addConfiguration("banlist.cfg", mBanList);
|
mConfigMgr->addConfiguration("banlist.cfg", mBanList);
|
||||||
|
#endif
|
||||||
mConfigMgr->addConfiguration("servicecontrol.cfg", serviceCtrl);
|
mConfigMgr->addConfiguration("servicecontrol.cfg", serviceCtrl);
|
||||||
mConfigMgr->addConfiguration("reputations.cfg", mReputations);
|
mConfigMgr->addConfiguration("reputations.cfg", mReputations);
|
||||||
#ifdef ENABLE_GROUTER
|
#ifdef ENABLE_GROUTER
|
||||||
|
@ -225,9 +225,10 @@ void AWidget::initImages()
|
|||||||
//p.drawPixmap(QRect(10, 10, width()-10, 60), image);
|
//p.drawPixmap(QRect(10, 10, width()-10, 60), image);
|
||||||
|
|
||||||
/* Draw RetroShare version */
|
/* Draw RetroShare version */
|
||||||
p.drawText(QPointF(10, 50), QString("%1 : %2").arg(tr("Retroshare version"), Rshare::retroshareVersion(true)));
|
|
||||||
#ifdef RS_ONLYHIDDENNODE
|
#ifdef RS_ONLYHIDDENNODE
|
||||||
p.drawText(QPointF(10, 70), QString("Only Hidden Node"));
|
p.drawText(QPointF(10, 50), QString("%1 : %2 (With embedded Tor)").arg(tr("Retroshare version"), Rshare::retroshareVersion(true)));
|
||||||
|
#else
|
||||||
|
p.drawText(QPointF(10, 50), QString("%1 : %2").arg(tr("Retroshare version"), Rshare::retroshareVersion(true)));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Draw Qt's version number */
|
/* Draw Qt's version number */
|
||||||
|
@ -195,6 +195,10 @@ GenCertDialog::GenCertDialog(bool onlyGenerateIdentity, QWidget *parent)
|
|||||||
ui.nodeType_CB->setCurrentIndex(1);
|
ui.nodeType_CB->setCurrentIndex(1);
|
||||||
ui.nodeType_CB->setEnabled(false);
|
ui.nodeType_CB->setEnabled(false);
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef RETROTOR
|
||||||
|
ui.adv_checkbox->setChecked(false);
|
||||||
|
ui.adv_checkbox->setVisible(true);
|
||||||
|
#endif
|
||||||
|
|
||||||
initKeyList();
|
initKeyList();
|
||||||
setupState();
|
setupState();
|
||||||
@ -255,10 +259,16 @@ void GenCertDialog::setupState()
|
|||||||
{
|
{
|
||||||
bool adv_state = ui.adv_checkbox->isChecked();
|
bool adv_state = ui.adv_checkbox->isChecked();
|
||||||
|
|
||||||
|
#ifdef RETROTOR
|
||||||
|
bool retrotor = true ;
|
||||||
|
#else
|
||||||
|
bool retrotor = false ;
|
||||||
|
#endif
|
||||||
|
|
||||||
if(!adv_state)
|
if(!adv_state)
|
||||||
{
|
{
|
||||||
ui.reuse_existing_node_CB->setChecked(false) ;
|
ui.reuse_existing_node_CB->setChecked(false) ;
|
||||||
ui.nodeType_CB->setCurrentIndex(0) ;
|
ui.nodeType_CB->setCurrentIndex(retrotor?1:0) ;
|
||||||
ui.keylength_comboBox->setCurrentIndex(0) ;
|
ui.keylength_comboBox->setCurrentIndex(0) ;
|
||||||
}
|
}
|
||||||
bool hidden_state = ui.nodeType_CB->currentIndex()==1;
|
bool hidden_state = ui.nodeType_CB->currentIndex()==1;
|
||||||
@ -271,8 +281,8 @@ void GenCertDialog::setupState()
|
|||||||
setWindowTitle(generate_new?tr("Create new profile and new Retroshare node"):tr("Create new Retroshare node"));
|
setWindowTitle(generate_new?tr("Create new profile and new Retroshare node"):tr("Create new Retroshare node"));
|
||||||
//ui.headerFrame->setHeaderText(generate_new?tr("Create a new profile and node"):tr("Create a new node"));
|
//ui.headerFrame->setHeaderText(generate_new?tr("Create a new profile and node"):tr("Create a new node"));
|
||||||
|
|
||||||
ui.label_nodeType->setVisible(adv_state) ;
|
ui.label_nodeType->setVisible(adv_state && !retrotor) ;
|
||||||
ui.nodeType_CB->setVisible(adv_state) ;
|
ui.nodeType_CB->setVisible(adv_state && !retrotor) ;
|
||||||
ui.reuse_existing_node_CB->setEnabled(adv_state) ;
|
ui.reuse_existing_node_CB->setEnabled(adv_state) ;
|
||||||
ui.importIdentity_PB->setVisible(adv_state && !generate_new) ;
|
ui.importIdentity_PB->setVisible(adv_state && !generate_new) ;
|
||||||
ui.exportIdentity_PB->setVisible(adv_state && !generate_new) ;
|
ui.exportIdentity_PB->setVisible(adv_state && !generate_new) ;
|
||||||
@ -308,13 +318,13 @@ void GenCertDialog::setupState()
|
|||||||
ui.entropy_bar->setVisible(true);
|
ui.entropy_bar->setVisible(true);
|
||||||
ui.genButton->setVisible(true);
|
ui.genButton->setVisible(true);
|
||||||
|
|
||||||
ui.hiddenaddr_input->setVisible(hidden_state);
|
ui.hiddenaddr_input->setVisible(hidden_state && !retrotor);
|
||||||
ui.hiddenaddr_label->setVisible(hidden_state);
|
ui.hiddenaddr_label->setVisible(hidden_state && !retrotor);
|
||||||
|
|
||||||
ui.hiddenport_label->setVisible(hidden_state);
|
ui.hiddenport_label->setVisible(hidden_state && !retrotor);
|
||||||
ui.hiddenport_spinBox->setVisible(hidden_state);
|
ui.hiddenport_spinBox->setVisible(hidden_state && !retrotor);
|
||||||
|
|
||||||
ui.cbUseBob->setVisible(hidden_state);
|
ui.cbUseBob->setVisible(hidden_state && !retrotor);
|
||||||
|
|
||||||
if(!mAllFieldsOk)
|
if(!mAllFieldsOk)
|
||||||
{
|
{
|
||||||
|
@ -487,6 +487,9 @@ void ServerPage::toggleIpFiltering(bool b)
|
|||||||
|
|
||||||
void ServerPage::loadFilteredIps()
|
void ServerPage::loadFilteredIps()
|
||||||
{
|
{
|
||||||
|
if(rsBanList == NULL)
|
||||||
|
return ;
|
||||||
|
|
||||||
if(rsBanList->ipFilteringEnabled())
|
if(rsBanList->ipFilteringEnabled())
|
||||||
{
|
{
|
||||||
whileBlocking(ui.denyAll_CB)->setChecked(true) ;
|
whileBlocking(ui.denyAll_CB)->setChecked(true) ;
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
<item>
|
<item>
|
||||||
<widget class="QTabWidget" name="tabWidget">
|
<widget class="QTabWidget" name="tabWidget">
|
||||||
<property name="currentIndex">
|
<property name="currentIndex">
|
||||||
<number>2</number>
|
<number>0</number>
|
||||||
</property>
|
</property>
|
||||||
<widget class="QWidget" name="tabNetConf">
|
<widget class="QWidget" name="tabNetConf">
|
||||||
<attribute name="title">
|
<attribute name="title">
|
||||||
|
@ -3,7 +3,10 @@
|
|||||||
CONFIG *= retroshare_gui
|
CONFIG *= retroshare_gui
|
||||||
no_retroshare_gui:CONFIG -= retroshare_gui
|
no_retroshare_gui:CONFIG -= retroshare_gui
|
||||||
|
|
||||||
# To build the RetroTor executable, just uncomment the following option
|
# To build the RetroTor executable, just uncomment the following option.
|
||||||
|
# RetroTor is a version of RS that automatically configures Tor for its own usage
|
||||||
|
# using only hidden nodes. It will not start if Tor is not working.
|
||||||
|
|
||||||
# CONFIG *= retrotor
|
# CONFIG *= retrotor
|
||||||
|
|
||||||
# To disable RetroShare-nogui append the following
|
# To disable RetroShare-nogui append the following
|
||||||
@ -231,6 +234,10 @@ rs_autologin {
|
|||||||
warning("You have enabled RetroShare auto-login, this is discouraged. The usage of auto-login on some linux distributions may allow someone having access to your session to steal the SSL keys of your node location and therefore compromise your security")
|
warning("You have enabled RetroShare auto-login, this is discouraged. The usage of auto-login on some linux distributions may allow someone having access to your session to steal the SSL keys of your node location and therefore compromise your security")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
retrotor {
|
||||||
|
DEFINES *= RS_ONLYHIDDENNODE
|
||||||
|
}
|
||||||
|
|
||||||
rs_onlyhiddennode {
|
rs_onlyhiddennode {
|
||||||
DEFINES *= RS_ONLYHIDDENNODE
|
DEFINES *= RS_ONLYHIDDENNODE
|
||||||
warning("QMAKE: You have enabled only hidden node.")
|
warning("QMAKE: You have enabled only hidden node.")
|
||||||
|
Loading…
Reference in New Issue
Block a user