diff options
author | Matthias Wachs <wachs@net.in.tum.de> | 2013-03-28 12:15:08 +0000 |
---|---|---|
committer | Matthias Wachs <wachs@net.in.tum.de> | 2013-03-28 12:15:08 +0000 |
commit | 03daaebff579d25715c3db30e5076f5ae87bca9e (patch) | |
tree | e79d34e5f166df9612fa955614868c9fb369ad7a /src/transport/gnunet-service-transport_blacklist.c | |
parent | 9c841f1b0de6569cef5047e8ee49f47f808b3eae (diff) | |
download | gnunet-03daaebff579d25715c3db30e5076f5ae87bca9e.tar.gz gnunet-03daaebff579d25715c3db30e5076f5ae87bca9e.zip |
fixes to blacklisting
Diffstat (limited to 'src/transport/gnunet-service-transport_blacklist.c')
-rw-r--r-- | src/transport/gnunet-service-transport_blacklist.c | 51 |
1 files changed, 39 insertions, 12 deletions
diff --git a/src/transport/gnunet-service-transport_blacklist.c b/src/transport/gnunet-service-transport_blacklist.c index 3f9616e91..b1a0047f7 100644 --- a/src/transport/gnunet-service-transport_blacklist.c +++ b/src/transport/gnunet-service-transport_blacklist.c | |||
@@ -589,16 +589,21 @@ GST_blacklist_add_peer (const struct GNUNET_PeerIdentity *peer, | |||
589 | const char *transport_name) | 589 | const char *transport_name) |
590 | { | 590 | { |
591 | char * transport = NULL; | 591 | char * transport = NULL; |
592 | 592 | if (NULL != transport_name) | |
593 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 593 | { |
594 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
594 | "Adding peer `%s' with plugin `%s' to blacklist\n", | 595 | "Adding peer `%s' with plugin `%s' to blacklist\n", |
595 | GNUNET_i2s (peer), transport_name); | 596 | GNUNET_i2s (peer), transport_name); |
597 | transport = GNUNET_strdup (transport_name); | ||
598 | } | ||
599 | else | ||
600 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
601 | "Adding peer `%s' with all plugins to blacklist\n", | ||
602 | GNUNET_i2s (peer)); | ||
596 | if (blacklist == NULL) | 603 | if (blacklist == NULL) |
597 | blacklist = | 604 | blacklist = |
598 | GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE, | 605 | GNUNET_CONTAINER_multihashmap_create (TRANSPORT_BLACKLIST_HT_SIZE, |
599 | GNUNET_NO); | 606 | GNUNET_NO); |
600 | if (NULL != transport_name) | ||
601 | transport = GNUNET_strdup (""); | ||
602 | 607 | ||
603 | GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey, | 608 | GNUNET_CONTAINER_multihashmap_put (blacklist, &peer->hashPubKey, |
604 | transport, | 609 | transport, |
@@ -621,16 +626,30 @@ test_blacklisted (void *cls, const struct GNUNET_HashCode * key, void *value) | |||
621 | const char *transport_name = cls; | 626 | const char *transport_name = cls; |
622 | char *be = value; | 627 | char *be = value; |
623 | 628 | ||
624 | /* blacklist check for specific no specific transport*/ | 629 | /* Blacklist entry be: |
625 | if (transport_name == NULL) | 630 | * (NULL == be): peer is blacklisted with all plugins |
626 | return GNUNET_NO; | 631 | * (NULL != be): peer is blacklisted for a specific plugin |
627 | /* all plugins for this peer were blacklisted */ | 632 | * |
633 | * If (NULL != transport_name) we look for a transport specific entry: | ||
634 | * if (transport_name == be) forbidden | ||
635 | * | ||
636 | */ | ||
637 | |||
638 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
639 | "Comparing BL request for peer `%4s':`%s' with BL entry: `%s'\n", | ||
640 | GNUNET_h2s (key), | ||
641 | (NULL == transport_name) ? "unspecified" : transport_name, | ||
642 | (NULL == be) ? "all plugins" : be); | ||
643 | /* all plugins for this peer were blacklisted: disallow */ | ||
628 | if (NULL == value) | 644 | if (NULL == value) |
629 | return GNUNET_NO; | 645 | return GNUNET_NO; |
630 | 646 | ||
631 | /* blacklist check for specific transport */ | 647 | /* blacklist check for specific transport */ |
632 | if (0 == strcmp (transport_name, be)) | 648 | if ((NULL != transport_name) && (NULL != value)) |
633 | return GNUNET_NO; /* abort iteration! */ | 649 | { |
650 | if (0 == strcmp (transport_name, be)) | ||
651 | return GNUNET_NO; /* plugin is blacklisted! */ | ||
652 | } | ||
634 | return GNUNET_OK; | 653 | return GNUNET_OK; |
635 | } | 654 | } |
636 | 655 | ||
@@ -653,17 +672,23 @@ GST_blacklist_test_allowed (const struct GNUNET_PeerIdentity *peer, | |||
653 | struct GST_BlacklistCheck *bc; | 672 | struct GST_BlacklistCheck *bc; |
654 | 673 | ||
655 | GNUNET_assert (peer != NULL); | 674 | GNUNET_assert (peer != NULL); |
675 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Blacklist check for peer `%s':%s\n", | ||
676 | GNUNET_i2s (peer), (NULL != transport_name) ? transport_name : "unspecified"); | ||
656 | 677 | ||
678 | /* Check local blacklist by iterating over hashmap | ||
679 | * If iteration is aborted, we found a matching blacklist entry */ | ||
657 | if ((blacklist != NULL) && | 680 | if ((blacklist != NULL) && |
658 | (GNUNET_SYSERR == | 681 | (GNUNET_SYSERR == |
659 | GNUNET_CONTAINER_multihashmap_get_multiple (blacklist, &peer->hashPubKey, | 682 | GNUNET_CONTAINER_multihashmap_get_multiple (blacklist, &peer->hashPubKey, |
660 | &test_blacklisted, | 683 | &test_blacklisted, |
661 | (void *) transport_name))) | 684 | (void *) transport_name))) |
662 | { | 685 | { |
663 | /* disallowed by config, disapprove instantly */ | 686 | /* Disallowed by config, disapprove instantly */ |
664 | GNUNET_STATISTICS_update (GST_stats, | 687 | GNUNET_STATISTICS_update (GST_stats, |
665 | gettext_noop ("# disconnects due to blacklist"), | 688 | gettext_noop ("# disconnects due to blacklist"), |
666 | 1, GNUNET_NO); | 689 | 1, GNUNET_NO); |
690 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Disallowing connection to peer `%s' on transport %s\n", | ||
691 | GNUNET_i2s (peer), (NULL != transport_name) ? transport_name : "unspecified"); | ||
667 | if (cont != NULL) | 692 | if (cont != NULL) |
668 | cont (cont_cls, peer, GNUNET_NO); | 693 | cont (cont_cls, peer, GNUNET_NO); |
669 | return NULL; | 694 | return NULL; |
@@ -674,6 +699,8 @@ GST_blacklist_test_allowed (const struct GNUNET_PeerIdentity *peer, | |||
674 | /* no blacklist clients, approve instantly */ | 699 | /* no blacklist clients, approve instantly */ |
675 | if (cont != NULL) | 700 | if (cont != NULL) |
676 | cont (cont_cls, peer, GNUNET_OK); | 701 | cont (cont_cls, peer, GNUNET_OK); |
702 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Allowing connection to peer `%s' %s\n", | ||
703 | GNUNET_i2s (peer), (NULL != transport_name) ? transport_name : ""); | ||
677 | return NULL; | 704 | return NULL; |
678 | } | 705 | } |
679 | 706 | ||