zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

SSU: Use same valid IP criteria for sending relay request as for

Browse Source 
receiving relay response
This commit is contained in:
zzz
2020-01-22 20:48:32 +00:00
parent 23d24a48b5
commit 98f7f30864
3 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java
View File

@@ -941,7 +941,7 @@ class EstablishmentManager {
state.setIntroNonce(nonce);
}
_context.statManager().addRateData("udp.sendIntroRelayRequest", 1);
List<UDPPacket> requests = _builder.buildRelayRequest(_transport, state, _transport.getIntroKey());
List<UDPPacket> requests = _builder.buildRelayRequest(_transport, this, state, _transport.getIntroKey());
if (requests.isEmpty()) {
// FIXME need a failed OB state
if (_log.shouldLog(Log.WARN))
@@ -1045,9 +1045,9 @@ class EstablishmentManager {
* Are IP and port valid? This is only for checking the relay response.
* Reject all IPv6, for now, even if we are configured for it.
* Refuse anybody in the same /16
* @since 0.9.3
* @since 0.9.3, pkg private since 0.9.45 for PacketBuider
*/
private boolean isValid(byte[] ip, int port) {
boolean isValid(byte[] ip, int port) {
return TransportUtil.isValidPort(port) &&
ip != null && ip.length == 4 &&
_transport.isValid(ip) &&

2
router/java/src/net/i2p/router/transport/udp/IntroductionManager.java
View File

@@ -206,7 +206,7 @@ class IntroductionManager {
_context.banlist().isBanlisted(cur.getRemotePeer()) ||
_transport.wasUnreachable(cur.getRemotePeer())) {
if (_log.shouldLog(Log.INFO))
_log.info("Peer is failing, shistlisted or was unreachable: " + cur);
_log.info("Peer is failing, blocklisted or was unreachable: " + cur);
continue;
}
// Try to pick active peers...

18
router/java/src/net/i2p/router/transport/udp/PacketBuilder.java
View File

@@ -1214,9 +1214,12 @@ class PacketBuilder {
/**
* build intro packets for each of the published introducers
*
* @param emgr only to call emgr.isValid()
* @return empty list on failure
*/
public List<UDPPacket> buildRelayRequest(UDPTransport transport, OutboundEstablishState state, SessionKey ourIntroKey) {
public List<UDPPacket> buildRelayRequest(UDPTransport transport, EstablishmentManager emgr,
OutboundEstablishState state, SessionKey ourIntroKey) {
UDPAddress addr = state.getRemoteAddress();
int count = addr.getIntroducerCount();
List<UDPPacket> rv = new ArrayList<UDPPacket>(count);
@@ -1228,16 +1231,17 @@ class PacketBuilder {
long tag = addr.getIntroducerTag(i);
long exp = addr.getIntroducerExpiration(i);
// let's not use an introducer on a privileged port, sounds like trouble
if (ikey == null || !TransportUtil.isValidPort(iport) ||
if (ikey == null ||
iaddr == null || tag <= 0 ||
// must be IPv4 for now as we don't send Alice IP/port, see below
iaddr.getAddress().length != 4 ||
(!_transport.isValid(iaddr.getAddress())) ||
// we must use the same isValid() as EstablishmentManager.receiveRelayResponse().
// If an introducer isn't valid, we shouldn't send to it
!emgr.isValid(iaddr.getAddress(), iport) ||
(exp > 0 && exp < cutoff) ||
// FIXME this will have already failed in isValid() above, right?
(Arrays.equals(iaddr.getAddress(), _transport.getExternalIP()) && !_transport.allowLocal())) {
if (_log.shouldLog(Log.WARN))
_log.warn("Cannot build a relay request to " + state.getRemoteIdentity().calculateHash()
+ ", as their UDP address is invalid: addr=" + addr + " index=" + i);
_log.warn("Cannot build a relay request for " + state.getRemoteIdentity().calculateHash()
+ ", as the introducer address is invalid: " + iaddr + ':' + iport);
// TODO implement some sort of introducer banlist
continue;
}