Do not use peer_id tracking method over i2p/tor
This commit is contained in:
parent
8b3b106ad1
commit
13350f79df
|
@ -149,7 +149,7 @@ namespace nodetool
|
|||
{
|
||||
config_t()
|
||||
: m_net_config(),
|
||||
m_peer_id(crypto::rand<uint64_t>()),
|
||||
m_peer_id(1),
|
||||
m_support_flags(0)
|
||||
{}
|
||||
|
||||
|
|
|
@ -127,7 +127,9 @@ namespace nodetool
|
|||
if (storage)
|
||||
m_peerlist_storage = std::move(*storage);
|
||||
|
||||
m_network_zones[epee::net_utils::zone::public_].m_config.m_support_flags = P2P_SUPPORT_FLAGS;
|
||||
network_zone& public_zone = m_network_zones[epee::net_utils::zone::public_];
|
||||
public_zone.m_config.m_support_flags = P2P_SUPPORT_FLAGS;
|
||||
public_zone.m_config.m_peer_id = crypto::rand<uint64_t>();
|
||||
m_first_connection_maker_call = true;
|
||||
|
||||
CATCH_ENTRY_L0("node_server::init_config", false);
|
||||
|
@ -1057,11 +1059,12 @@ namespace nodetool
|
|||
pi = context.peer_id = rsp.node_data.peer_id;
|
||||
context.m_rpc_port = rsp.node_data.rpc_port;
|
||||
context.m_rpc_credits_per_hash = rsp.node_data.rpc_credits_per_hash;
|
||||
network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
|
||||
const auto azone = context.m_remote_address.get_zone();
|
||||
network_zone& zone = m_network_zones.at(azone);
|
||||
zone.m_peerlist.set_peer_just_seen(rsp.node_data.peer_id, context.m_remote_address, context.m_pruning_seed, context.m_rpc_port, context.m_rpc_credits_per_hash);
|
||||
|
||||
// move
|
||||
if(rsp.node_data.peer_id == zone.m_config.m_peer_id)
|
||||
if(azone == epee::net_utils::zone::public_ && rsp.node_data.peer_id == zone.m_config.m_peer_id)
|
||||
{
|
||||
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
||||
hsh_result = false;
|
||||
|
@ -1153,50 +1156,51 @@ namespace nodetool
|
|||
template<class t_payload_net_handler>
|
||||
bool node_server<t_payload_net_handler>::is_peer_used(const peerlist_entry& peer)
|
||||
{
|
||||
for(const auto& zone : m_network_zones)
|
||||
if(zone.second.m_config.m_peer_id == peer.id)
|
||||
return true;//dont make connections to ourself
|
||||
const auto zone = peer.adr.get_zone();
|
||||
const auto server = m_network_zones.find(zone);
|
||||
if (server == m_network_zones.end())
|
||||
return false;
|
||||
|
||||
const bool is_public = (zone == epee::net_utils::zone::public_);
|
||||
if(is_public && server->second.m_config.m_peer_id == peer.id)
|
||||
return true;//dont make connections to ourself
|
||||
|
||||
bool used = false;
|
||||
for(auto& zone : m_network_zones)
|
||||
server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
|
||||
{
|
||||
zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
|
||||
if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||
{
|
||||
if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||
{
|
||||
used = true;
|
||||
return false;//stop enumerating
|
||||
}
|
||||
return true;
|
||||
});
|
||||
|
||||
if(used)
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
used = true;
|
||||
return false;//stop enumerating
|
||||
}
|
||||
return true;
|
||||
});
|
||||
return used;
|
||||
}
|
||||
//-----------------------------------------------------------------------------------
|
||||
template<class t_payload_net_handler>
|
||||
bool node_server<t_payload_net_handler>::is_peer_used(const anchor_peerlist_entry& peer)
|
||||
{
|
||||
for(auto& zone : m_network_zones) {
|
||||
if(zone.second.m_config.m_peer_id == peer.id) {
|
||||
return true;//dont make connections to ourself
|
||||
}
|
||||
bool used = false;
|
||||
zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
|
||||
const auto zone = peer.adr.get_zone();
|
||||
const auto server = m_network_zones.find(zone);
|
||||
if (server == m_network_zones.end())
|
||||
return false;
|
||||
|
||||
const bool is_public = (zone == epee::net_utils::zone::public_);
|
||||
if(is_public && server->second.m_config.m_peer_id == peer.id)
|
||||
return true;//dont make connections to ourself
|
||||
|
||||
bool used = false;
|
||||
server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
|
||||
{
|
||||
if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||
{
|
||||
if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||
{
|
||||
used = true;
|
||||
return false;//stop enumerating
|
||||
}
|
||||
return true;
|
||||
});
|
||||
if (used)
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
used = true;
|
||||
return false;//stop enumerating
|
||||
}
|
||||
return true;
|
||||
});
|
||||
return used;
|
||||
}
|
||||
//-----------------------------------------------------------------------------------
|
||||
template<class t_payload_net_handler>
|
||||
|
@ -1236,6 +1240,9 @@ namespace nodetool
|
|||
if (zone.m_connect == nullptr) // outgoing connections in zone not possible
|
||||
return false;
|
||||
|
||||
if (zone.m_our_address == na)
|
||||
return false;
|
||||
|
||||
if (zone.m_current_number_of_out_peers == zone.m_config.m_net_config.max_out_connection_count) // out peers limit
|
||||
{
|
||||
return false;
|
||||
|
@ -1514,6 +1521,9 @@ namespace nodetool
|
|||
peerid_to_string(pe.id) << " " << pe.adr.str() << ", pruning seed " << epee::string_tools::to_string_hex(pe.pruning_seed) <<
|
||||
" (stripe " << next_needed_pruning_stripe << " needed)");
|
||||
|
||||
if(zone.m_our_address == pe.adr)
|
||||
continue;
|
||||
|
||||
if(is_peer_used(pe)) {
|
||||
_note("Peer is used");
|
||||
continue;
|
||||
|
@ -2282,11 +2292,12 @@ namespace nodetool
|
|||
return 1;
|
||||
}
|
||||
|
||||
network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
|
||||
const auto azone = context.m_remote_address.get_zone();
|
||||
network_zone& zone = m_network_zones.at(azone);
|
||||
|
||||
// test only the remote end's zone, otherwise an attacker could connect to you on clearnet
|
||||
// and pass in a tor connection's peer id, and deduce the two are the same if you reject it
|
||||
if(arg.node_data.peer_id == zone.m_config.m_peer_id)
|
||||
if(azone == epee::net_utils::zone::public_ && arg.node_data.peer_id == zone.m_config.m_peer_id)
|
||||
{
|
||||
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
||||
drop_connection(context);
|
||||
|
|
Loading…
Reference in New Issue