Changeset 72527f4


Ignore:
Timestamp:
Dec 1, 2015 8:11:07 PM (5 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
348805f0
Parents:
dfbbe3e
Message:

SSU: Allow IP and port in relay request if it matches the source

File:
1 edited

Legend:

Unmodified
Added
Removed
  • router/java/src/net/i2p/router/transport/udp/IntroductionManager.java

    rdfbbe3e r72527f4  
    44import java.net.UnknownHostException;
    55import java.util.ArrayList;
     6import java.util.Arrays;
    67import java.util.Collections;
    78import java.util.HashSet;
     
    441442        // FIXME implement for getting Alice's IPv4 in RelayRequest sent over IPv6?
    442443        // or is that just too easy to spoof?
    443         if (!isValid(alice.getIP(), alice.getPort()) || ipSize != 0 || port != 0) {
    444             if (_log.shouldLog(Log.WARN)) {
    445                 byte ip[] = new byte[ipSize];
    446                 rrReader.readIP(ip, 0);
    447                 _log.warn("Bad relay req from " + alice + " for " + Addresses.toString(ip, port));
    448             }
     444        byte[] aliceIP = alice.getIP();
     445        int alicePort = alice.getPort();
     446        if (!isValid(alice.getIP(), alice.getPort())) {
     447            if (_log.shouldWarn())
     448                _log.warn("Bad relay req from " + alice + " for " + Addresses.toString(aliceIP, alicePort));
     449            _context.statManager().addRateData("udp.relayBadIP", 1);
     450            return;
     451        }
     452        // prior to 0.9.24 we rejected any non-zero-length ip
     453        // here we reject anything different
     454        // TODO relay request over IPv6
     455        if (ipSize != 0) {
     456            byte ip[] = new byte[ipSize];
     457            rrReader.readIP(ip, 0);
     458            if (!Arrays.equals(aliceIP, ip)) {
     459                if (_log.shouldWarn())
     460                    _log.warn("Bad relay req from " + alice + " for " + Addresses.toString(ip, port));
     461                _context.statManager().addRateData("udp.relayBadIP", 1);
     462                return;
     463            }
     464        }
     465        // prior to 0.9.24 we rejected any nonzero port
     466        // here we reject anything different
     467        // TODO relay request over IPv6
     468        if (port != 0 && port != alicePort) {
     469            if (_log.shouldWarn())
     470                _log.warn("Bad relay req from " + alice + " for " + Addresses.toString(aliceIP, port));
    449471            _context.statManager().addRateData("udp.relayBadIP", 1);
    450472            return;
Note: See TracChangeset for help on using the changeset viewer.