forked from I2P_Developers/i2p.i2p
SSU: Use same valid IP criteria for sending relay request as for
receiving relay response
This commit is contained in:
@@ -941,7 +941,7 @@ class EstablishmentManager {
|
|||||||
state.setIntroNonce(nonce);
|
state.setIntroNonce(nonce);
|
||||||
}
|
}
|
||||||
_context.statManager().addRateData("udp.sendIntroRelayRequest", 1);
|
_context.statManager().addRateData("udp.sendIntroRelayRequest", 1);
|
||||||
List<UDPPacket> requests = _builder.buildRelayRequest(_transport, state, _transport.getIntroKey());
|
List<UDPPacket> requests = _builder.buildRelayRequest(_transport, this, state, _transport.getIntroKey());
|
||||||
if (requests.isEmpty()) {
|
if (requests.isEmpty()) {
|
||||||
// FIXME need a failed OB state
|
// FIXME need a failed OB state
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
@@ -1045,9 +1045,9 @@ class EstablishmentManager {
|
|||||||
* Are IP and port valid? This is only for checking the relay response.
|
* Are IP and port valid? This is only for checking the relay response.
|
||||||
* Reject all IPv6, for now, even if we are configured for it.
|
* Reject all IPv6, for now, even if we are configured for it.
|
||||||
* Refuse anybody in the same /16
|
* Refuse anybody in the same /16
|
||||||
* @since 0.9.3
|
* @since 0.9.3, pkg private since 0.9.45 for PacketBuider
|
||||||
*/
|
*/
|
||||||
private boolean isValid(byte[] ip, int port) {
|
boolean isValid(byte[] ip, int port) {
|
||||||
return TransportUtil.isValidPort(port) &&
|
return TransportUtil.isValidPort(port) &&
|
||||||
ip != null && ip.length == 4 &&
|
ip != null && ip.length == 4 &&
|
||||||
_transport.isValid(ip) &&
|
_transport.isValid(ip) &&
|
||||||
|
|||||||
@@ -206,7 +206,7 @@ class IntroductionManager {
|
|||||||
_context.banlist().isBanlisted(cur.getRemotePeer()) ||
|
_context.banlist().isBanlisted(cur.getRemotePeer()) ||
|
||||||
_transport.wasUnreachable(cur.getRemotePeer())) {
|
_transport.wasUnreachable(cur.getRemotePeer())) {
|
||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Peer is failing, shistlisted or was unreachable: " + cur);
|
_log.info("Peer is failing, blocklisted or was unreachable: " + cur);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
// Try to pick active peers...
|
// Try to pick active peers...
|
||||||
|
|||||||
@@ -1214,9 +1214,12 @@ class PacketBuilder {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* build intro packets for each of the published introducers
|
* build intro packets for each of the published introducers
|
||||||
|
*
|
||||||
|
* @param emgr only to call emgr.isValid()
|
||||||
* @return empty list on failure
|
* @return empty list on failure
|
||||||
*/
|
*/
|
||||||
public List<UDPPacket> buildRelayRequest(UDPTransport transport, OutboundEstablishState state, SessionKey ourIntroKey) {
|
public List<UDPPacket> buildRelayRequest(UDPTransport transport, EstablishmentManager emgr,
|
||||||
|
OutboundEstablishState state, SessionKey ourIntroKey) {
|
||||||
UDPAddress addr = state.getRemoteAddress();
|
UDPAddress addr = state.getRemoteAddress();
|
||||||
int count = addr.getIntroducerCount();
|
int count = addr.getIntroducerCount();
|
||||||
List<UDPPacket> rv = new ArrayList<UDPPacket>(count);
|
List<UDPPacket> rv = new ArrayList<UDPPacket>(count);
|
||||||
@@ -1228,16 +1231,17 @@ class PacketBuilder {
|
|||||||
long tag = addr.getIntroducerTag(i);
|
long tag = addr.getIntroducerTag(i);
|
||||||
long exp = addr.getIntroducerExpiration(i);
|
long exp = addr.getIntroducerExpiration(i);
|
||||||
// let's not use an introducer on a privileged port, sounds like trouble
|
// let's not use an introducer on a privileged port, sounds like trouble
|
||||||
if (ikey == null || !TransportUtil.isValidPort(iport) ||
|
if (ikey == null ||
|
||||||
iaddr == null || tag <= 0 ||
|
iaddr == null || tag <= 0 ||
|
||||||
// must be IPv4 for now as we don't send Alice IP/port, see below
|
// we must use the same isValid() as EstablishmentManager.receiveRelayResponse().
|
||||||
iaddr.getAddress().length != 4 ||
|
// If an introducer isn't valid, we shouldn't send to it
|
||||||
(!_transport.isValid(iaddr.getAddress())) ||
|
!emgr.isValid(iaddr.getAddress(), iport) ||
|
||||||
(exp > 0 && exp < cutoff) ||
|
(exp > 0 && exp < cutoff) ||
|
||||||
|
// FIXME this will have already failed in isValid() above, right?
|
||||||
(Arrays.equals(iaddr.getAddress(), _transport.getExternalIP()) && !_transport.allowLocal())) {
|
(Arrays.equals(iaddr.getAddress(), _transport.getExternalIP()) && !_transport.allowLocal())) {
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Cannot build a relay request to " + state.getRemoteIdentity().calculateHash()
|
_log.warn("Cannot build a relay request for " + state.getRemoteIdentity().calculateHash()
|
||||||
+ ", as their UDP address is invalid: addr=" + addr + " index=" + i);
|
+ ", as the introducer address is invalid: " + iaddr + ':' + iport);
|
||||||
// TODO implement some sort of introducer banlist
|
// TODO implement some sort of introducer banlist
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user