aboutsummaryrefslogtreecommitdiff
path: root/src/p2p
diff options
context:
space:
mode:
Diffstat (limited to 'src/p2p')
-rw-r--r--src/p2p/net_node.h4
-rw-r--r--src/p2p/net_node.inl108
-rw-r--r--src/p2p/net_node_common.h4
-rw-r--r--src/p2p/net_peerlist.cpp13
-rw-r--r--src/p2p/net_peerlist.h2
5 files changed, 80 insertions, 51 deletions
diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h
index 87fec9994..f13b36a82 100644
--- a/src/p2p/net_node.h
+++ b/src/p2p/net_node.h
@@ -149,7 +149,7 @@ namespace nodetool
{
config_t()
: m_net_config(),
- m_peer_id(crypto::rand<uint64_t>()),
+ m_peer_id(1),
m_support_flags(0)
{}
@@ -287,7 +287,7 @@ namespace nodetool
uint32_t get_max_out_public_peers() const;
void change_max_in_public_peers(size_t count);
uint32_t get_max_in_public_peers() const;
- virtual bool block_host(const epee::net_utils::network_address &adress, time_t seconds = P2P_IP_BLOCKTIME);
+ virtual bool block_host(epee::net_utils::network_address address, time_t seconds = P2P_IP_BLOCKTIME);
virtual bool unblock_host(const epee::net_utils::network_address &address);
virtual bool block_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds = P2P_IP_BLOCKTIME);
virtual bool unblock_subnet(const epee::net_utils::ipv4_network_subnet &subnet);
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
index adb07466f..8000835c4 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@@ -139,7 +139,9 @@ namespace nodetool
if (storage)
m_peerlist_storage = std::move(*storage);
- m_network_zones[epee::net_utils::zone::public_].m_config.m_support_flags = P2P_SUPPORT_FLAGS;
+ network_zone& public_zone = m_network_zones[epee::net_utils::zone::public_];
+ public_zone.m_config.m_support_flags = P2P_SUPPORT_FLAGS;
+ public_zone.m_config.m_peer_id = crypto::rand<uint64_t>();
m_first_connection_maker_call = true;
CATCH_ENTRY_L0("node_server::init_config", false);
@@ -224,7 +226,7 @@ namespace nodetool
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
- bool node_server<t_payload_net_handler>::block_host(const epee::net_utils::network_address &addr, time_t seconds)
+ bool node_server<t_payload_net_handler>::block_host(epee::net_utils::network_address addr, time_t seconds)
{
if(!addr.is_blockable())
return false;
@@ -237,7 +239,8 @@ namespace nodetool
limit = std::numeric_limits<time_t>::max();
else
limit = now + seconds;
- m_blocked_hosts[addr.host_str()] = limit;
+ const std::string host_str = addr.host_str();
+ m_blocked_hosts[host_str] = limit;
// drop any connection to that address. This should only have to look into
// the zone related to the connection, but really make sure everything is
@@ -253,17 +256,18 @@ namespace nodetool
}
return true;
});
- for (const auto &c: conns)
- zone.second.m_net_server.get_config_object().close(c);
-
- conns.clear();
peerlist_entry pe{};
pe.adr = addr;
zone.second.m_peerlist.remove_from_peer_white(pe);
+
+ for (const auto &c: conns)
+ zone.second.m_net_server.get_config_object().close(c);
+
+ conns.clear();
}
- MCLOG_CYAN(el::Level::Info, "global", "Host " << addr.host_str() << " blocked.");
+ MCLOG_CYAN(el::Level::Info, "global", "Host " << host_str << " blocked.");
return true;
}
//-----------------------------------------------------------------------------------
@@ -796,7 +800,8 @@ namespace nodetool
{
return {
"xwvz3ekocr3dkyxfkmgm2hvbpzx2ysqmaxgter7znnqrhoicygkfswid.onion:18083",
- "4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083"
+ "4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083",
+ "zbjkbsxc5munw3qusl7j2hpcmikhqocdf4pqhnhtpzw5nt5jrmofptid.onion:18083",
};
}
case epee::net_utils::zone::i2p:
@@ -1132,11 +1137,12 @@ namespace nodetool
pi = context.peer_id = rsp.node_data.peer_id;
context.m_rpc_port = rsp.node_data.rpc_port;
context.m_rpc_credits_per_hash = rsp.node_data.rpc_credits_per_hash;
- network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
+ const auto azone = context.m_remote_address.get_zone();
+ network_zone& zone = m_network_zones.at(azone);
zone.m_peerlist.set_peer_just_seen(rsp.node_data.peer_id, context.m_remote_address, context.m_pruning_seed, context.m_rpc_port, context.m_rpc_credits_per_hash);
// move
- if(rsp.node_data.peer_id == zone.m_config.m_peer_id)
+ if(azone == epee::net_utils::zone::public_ && rsp.node_data.peer_id == zone.m_config.m_peer_id)
{
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
hsh_result = false;
@@ -1228,50 +1234,51 @@ namespace nodetool
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::is_peer_used(const peerlist_entry& peer)
{
- for(const auto& zone : m_network_zones)
- if(zone.second.m_config.m_peer_id == peer.id)
- return true;//dont make connections to ourself
+ const auto zone = peer.adr.get_zone();
+ const auto server = m_network_zones.find(zone);
+ if (server == m_network_zones.end())
+ return false;
+
+ const bool is_public = (zone == epee::net_utils::zone::public_);
+ if(is_public && server->second.m_config.m_peer_id == peer.id)
+ return true;//dont make connections to ourself
bool used = false;
- for(auto& zone : m_network_zones)
+ server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
{
- zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
+ if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
{
- if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
- {
- used = true;
- return false;//stop enumerating
- }
- return true;
- });
-
- if(used)
- return true;
- }
- return false;
+ used = true;
+ return false;//stop enumerating
+ }
+ return true;
+ });
+ return used;
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::is_peer_used(const anchor_peerlist_entry& peer)
{
- for(auto& zone : m_network_zones) {
- if(zone.second.m_config.m_peer_id == peer.id) {
- return true;//dont make connections to ourself
- }
- bool used = false;
- zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
+ const auto zone = peer.adr.get_zone();
+ const auto server = m_network_zones.find(zone);
+ if (server == m_network_zones.end())
+ return false;
+
+ const bool is_public = (zone == epee::net_utils::zone::public_);
+ if(is_public && server->second.m_config.m_peer_id == peer.id)
+ return true;//dont make connections to ourself
+
+ bool used = false;
+ server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
+ {
+ if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
{
- if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
- {
- used = true;
- return false;//stop enumerating
- }
- return true;
- });
- if (used)
- return true;
- }
- return false;
+ used = true;
+ return false;//stop enumerating
+ }
+ return true;
+ });
+ return used;
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
@@ -1311,6 +1318,9 @@ namespace nodetool
if (zone.m_connect == nullptr) // outgoing connections in zone not possible
return false;
+ if (zone.m_our_address == na)
+ return false;
+
if (zone.m_current_number_of_out_peers == zone.m_config.m_net_config.max_out_connection_count) // out peers limit
{
return false;
@@ -1638,6 +1648,9 @@ namespace nodetool
peerid_to_string(pe.id) << " " << pe.adr.str() << ", pruning seed " << epee::string_tools::to_string_hex(pe.pruning_seed) <<
" (stripe " << next_needed_pruning_stripe << " needed)");
+ if(zone.m_our_address == pe.adr)
+ continue;
+
if(is_peer_used(pe)) {
_note("Peer is used");
continue;
@@ -2416,11 +2429,12 @@ namespace nodetool
return 1;
}
- network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
+ const auto azone = context.m_remote_address.get_zone();
+ network_zone& zone = m_network_zones.at(azone);
// test only the remote end's zone, otherwise an attacker could connect to you on clearnet
// and pass in a tor connection's peer id, and deduce the two are the same if you reject it
- if(arg.node_data.peer_id == zone.m_config.m_peer_id)
+ if(azone == epee::net_utils::zone::public_ && arg.node_data.peer_id == zone.m_config.m_peer_id)
{
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
drop_connection(context);
diff --git a/src/p2p/net_node_common.h b/src/p2p/net_node_common.h
index 2ace5987f..f1490a0db 100644
--- a/src/p2p/net_node_common.h
+++ b/src/p2p/net_node_common.h
@@ -58,7 +58,7 @@ namespace nodetool
virtual uint64_t get_public_connections_count()=0;
virtual void for_each_connection(std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
virtual bool for_connection(const boost::uuids::uuid&, std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
- virtual bool block_host(const epee::net_utils::network_address &address, time_t seconds = 0)=0;
+ virtual bool block_host(epee::net_utils::network_address address, time_t seconds = 0)=0;
virtual bool unblock_host(const epee::net_utils::network_address &address)=0;
virtual std::map<std::string, time_t> get_blocked_hosts()=0;
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_blocked_subnets()=0;
@@ -108,7 +108,7 @@ namespace nodetool
{
return false;
}
- virtual bool block_host(const epee::net_utils::network_address &address, time_t seconds)
+ virtual bool block_host(epee::net_utils::network_address address, time_t seconds)
{
return true;
}
diff --git a/src/p2p/net_peerlist.cpp b/src/p2p/net_peerlist.cpp
index ce5c67fe5..42ab9727d 100644
--- a/src/p2p/net_peerlist.cpp
+++ b/src/p2p/net_peerlist.cpp
@@ -288,6 +288,19 @@ namespace nodetool
copy_peers(peers.gray, m_peers_gray.get<by_addr>());
copy_peers(peers.anchor, m_peers_anchor.get<by_addr>());
}
+
+ void peerlist_manager::evict_host_from_white_peerlist(const peerlist_entry& pr)
+ {
+ peers_indexed::index<by_time>::type& sorted_index=m_peers_white.get<by_time>();
+ auto i = sorted_index.begin();
+ while (i != sorted_index.end())
+ {
+ if (i->adr.is_same_host(pr.adr))
+ i = sorted_index.erase(i);
+ else
+ ++i;
+ }
+ }
}
BOOST_CLASS_VERSION(nodetool::peerlist_types, nodetool::CURRENT_PEERLIST_STORAGE_ARCHIVE_VER);
diff --git a/src/p2p/net_peerlist.h b/src/p2p/net_peerlist.h
index 992462d0b..c794b0f3b 100644
--- a/src/p2p/net_peerlist.h
+++ b/src/p2p/net_peerlist.h
@@ -109,6 +109,7 @@ namespace nodetool
bool get_white_peer_by_index(peerlist_entry& p, size_t i);
bool get_gray_peer_by_index(peerlist_entry& p, size_t i);
template<typename F> bool foreach(bool white, const F &f);
+ void evict_host_from_white_peerlist(const peerlist_entry& pr);
bool append_with_peer_white(const peerlist_entry& pr);
bool append_with_peer_gray(const peerlist_entry& pr);
bool append_with_peer_anchor(const anchor_peerlist_entry& ple);
@@ -345,6 +346,7 @@ namespace nodetool
if(by_addr_it_wt == m_peers_white.get<by_addr>().end())
{
//put new record into white list
+ evict_host_from_white_peerlist(ple);
m_peers_white.insert(ple);
trim_white_peerlist();
}else
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-30 03:14:37 +0000