mirror of
https://github.com/monero-project/monero.git
synced 2025-01-12 05:44:49 +00:00
Do not use peer_id tracking method over i2p/tor
This commit is contained in:
parent
0833680c74
commit
37bb59485f
2 changed files with 51 additions and 40 deletions
|
@ -149,7 +149,7 @@ namespace nodetool
|
||||||
{
|
{
|
||||||
config_t()
|
config_t()
|
||||||
: m_net_config(),
|
: m_net_config(),
|
||||||
m_peer_id(crypto::rand<uint64_t>()),
|
m_peer_id(1),
|
||||||
m_support_flags(0)
|
m_support_flags(0)
|
||||||
{}
|
{}
|
||||||
|
|
||||||
|
|
|
@ -139,7 +139,9 @@ namespace nodetool
|
||||||
if (storage)
|
if (storage)
|
||||||
m_peerlist_storage = std::move(*storage);
|
m_peerlist_storage = std::move(*storage);
|
||||||
|
|
||||||
m_network_zones[epee::net_utils::zone::public_].m_config.m_support_flags = P2P_SUPPORT_FLAGS;
|
network_zone& public_zone = m_network_zones[epee::net_utils::zone::public_];
|
||||||
|
public_zone.m_config.m_support_flags = P2P_SUPPORT_FLAGS;
|
||||||
|
public_zone.m_config.m_peer_id = crypto::rand<uint64_t>();
|
||||||
m_first_connection_maker_call = true;
|
m_first_connection_maker_call = true;
|
||||||
|
|
||||||
CATCH_ENTRY_L0("node_server::init_config", false);
|
CATCH_ENTRY_L0("node_server::init_config", false);
|
||||||
|
@ -1135,11 +1137,12 @@ namespace nodetool
|
||||||
pi = context.peer_id = rsp.node_data.peer_id;
|
pi = context.peer_id = rsp.node_data.peer_id;
|
||||||
context.m_rpc_port = rsp.node_data.rpc_port;
|
context.m_rpc_port = rsp.node_data.rpc_port;
|
||||||
context.m_rpc_credits_per_hash = rsp.node_data.rpc_credits_per_hash;
|
context.m_rpc_credits_per_hash = rsp.node_data.rpc_credits_per_hash;
|
||||||
network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
|
const auto azone = context.m_remote_address.get_zone();
|
||||||
|
network_zone& zone = m_network_zones.at(azone);
|
||||||
zone.m_peerlist.set_peer_just_seen(rsp.node_data.peer_id, context.m_remote_address, context.m_pruning_seed, context.m_rpc_port, context.m_rpc_credits_per_hash);
|
zone.m_peerlist.set_peer_just_seen(rsp.node_data.peer_id, context.m_remote_address, context.m_pruning_seed, context.m_rpc_port, context.m_rpc_credits_per_hash);
|
||||||
|
|
||||||
// move
|
// move
|
||||||
if(rsp.node_data.peer_id == zone.m_config.m_peer_id)
|
if(azone == epee::net_utils::zone::public_ && rsp.node_data.peer_id == zone.m_config.m_peer_id)
|
||||||
{
|
{
|
||||||
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
||||||
hsh_result = false;
|
hsh_result = false;
|
||||||
|
@ -1231,50 +1234,51 @@ namespace nodetool
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::is_peer_used(const peerlist_entry& peer)
|
bool node_server<t_payload_net_handler>::is_peer_used(const peerlist_entry& peer)
|
||||||
{
|
{
|
||||||
for(const auto& zone : m_network_zones)
|
const auto zone = peer.adr.get_zone();
|
||||||
if(zone.second.m_config.m_peer_id == peer.id)
|
const auto server = m_network_zones.find(zone);
|
||||||
|
if (server == m_network_zones.end())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
const bool is_public = (zone == epee::net_utils::zone::public_);
|
||||||
|
if(is_public && server->second.m_config.m_peer_id == peer.id)
|
||||||
return true;//dont make connections to ourself
|
return true;//dont make connections to ourself
|
||||||
|
|
||||||
bool used = false;
|
bool used = false;
|
||||||
for(auto& zone : m_network_zones)
|
server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
|
||||||
{
|
{
|
||||||
zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
|
if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||||
{
|
|
||||||
if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
|
||||||
{
|
{
|
||||||
used = true;
|
used = true;
|
||||||
return false;//stop enumerating
|
return false;//stop enumerating
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
|
return used;
|
||||||
if(used)
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::is_peer_used(const anchor_peerlist_entry& peer)
|
bool node_server<t_payload_net_handler>::is_peer_used(const anchor_peerlist_entry& peer)
|
||||||
{
|
{
|
||||||
for(auto& zone : m_network_zones) {
|
const auto zone = peer.adr.get_zone();
|
||||||
if(zone.second.m_config.m_peer_id == peer.id) {
|
const auto server = m_network_zones.find(zone);
|
||||||
|
if (server == m_network_zones.end())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
const bool is_public = (zone == epee::net_utils::zone::public_);
|
||||||
|
if(is_public && server->second.m_config.m_peer_id == peer.id)
|
||||||
return true;//dont make connections to ourself
|
return true;//dont make connections to ourself
|
||||||
}
|
|
||||||
bool used = false;
|
bool used = false;
|
||||||
zone.second.m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
|
server->second.m_net_server.get_config_object().foreach_connection([&, is_public](const p2p_connection_context& cntxt)
|
||||||
{
|
{
|
||||||
if(cntxt.peer_id == peer.id || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
if((is_public && cntxt.peer_id == peer.id) || (!cntxt.m_is_income && peer.adr == cntxt.m_remote_address))
|
||||||
{
|
{
|
||||||
used = true;
|
used = true;
|
||||||
return false;//stop enumerating
|
return false;//stop enumerating
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
if (used)
|
return used;
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
|
@ -1320,6 +1324,9 @@ namespace nodetool
|
||||||
if (zone.m_connect == nullptr) // outgoing connections in zone not possible
|
if (zone.m_connect == nullptr) // outgoing connections in zone not possible
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
if (zone.m_our_address == na)
|
||||||
|
return false;
|
||||||
|
|
||||||
if (zone.m_current_number_of_out_peers == zone.m_config.m_net_config.max_out_connection_count) // out peers limit
|
if (zone.m_current_number_of_out_peers == zone.m_config.m_net_config.max_out_connection_count) // out peers limit
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
|
@ -1647,6 +1654,9 @@ namespace nodetool
|
||||||
peerid_to_string(pe.id) << " " << pe.adr.str() << ", pruning seed " << epee::string_tools::to_string_hex(pe.pruning_seed) <<
|
peerid_to_string(pe.id) << " " << pe.adr.str() << ", pruning seed " << epee::string_tools::to_string_hex(pe.pruning_seed) <<
|
||||||
" (stripe " << next_needed_pruning_stripe << " needed)");
|
" (stripe " << next_needed_pruning_stripe << " needed)");
|
||||||
|
|
||||||
|
if(zone.m_our_address == pe.adr)
|
||||||
|
continue;
|
||||||
|
|
||||||
if(is_peer_used(pe)) {
|
if(is_peer_used(pe)) {
|
||||||
_note("Peer is used");
|
_note("Peer is used");
|
||||||
continue;
|
continue;
|
||||||
|
@ -2420,11 +2430,12 @@ namespace nodetool
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
network_zone& zone = m_network_zones.at(context.m_remote_address.get_zone());
|
const auto azone = context.m_remote_address.get_zone();
|
||||||
|
network_zone& zone = m_network_zones.at(azone);
|
||||||
|
|
||||||
// test only the remote end's zone, otherwise an attacker could connect to you on clearnet
|
// test only the remote end's zone, otherwise an attacker could connect to you on clearnet
|
||||||
// and pass in a tor connection's peer id, and deduce the two are the same if you reject it
|
// and pass in a tor connection's peer id, and deduce the two are the same if you reject it
|
||||||
if(arg.node_data.peer_id == zone.m_config.m_peer_id)
|
if(azone == epee::net_utils::zone::public_ && arg.node_data.peer_id == zone.m_config.m_peer_id)
|
||||||
{
|
{
|
||||||
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
LOG_DEBUG_CC(context, "Connection to self detected, dropping connection");
|
||||||
drop_connection(context);
|
drop_connection(context);
|
||||||
|
|
Loading…
Reference in a new issue