diff options
author | Matthias Wachs <wachs@net.in.tum.de> | 2014-03-25 16:40:41 +0000 |
---|---|---|
committer | Matthias Wachs <wachs@net.in.tum.de> | 2014-03-25 16:40:41 +0000 |
commit | f76eed6fcd00a1f693d9279a9ac14a200eaf87d2 (patch) | |
tree | c6f79c623185b6496de7f2e66eab0fda0bc68421 /src/transport | |
parent | bf638cabbe348680e7132eafb1091dfca2c0b8a5 (diff) | |
download | gnunet-f76eed6fcd00a1f693d9279a9ac14a200eaf87d2.tar.gz gnunet-f76eed6fcd00a1f693d9279a9ac14a200eaf87d2.zip |
Do blacklist checks on CONNECT before giving CONNECT to neighbours.
If peer is blacklisted we do not need to to anything, this simplifies the state machine:
If peer is blacklisted: CONNECT is not given to neighbours
If address is blacklisted: address is not given to ATS and will therefore not be suggested
So neighbour can use this information without additional blacklist checks
Diffstat (limited to 'src/transport')
-rw-r--r-- | src/transport/gnunet-service-transport.c | 176 | ||||
-rw-r--r-- | src/transport/gnunet-service-transport_neighbours.c | 131 |
2 files changed, 265 insertions, 42 deletions
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c index 0be5b4391..f4878a54f 100644 --- a/src/transport/gnunet-service-transport.c +++ b/src/transport/gnunet-service-transport.c | |||
@@ -71,6 +71,21 @@ struct SessionKiller | |||
71 | GNUNET_SCHEDULER_TaskIdentifier task; | 71 | GNUNET_SCHEDULER_TaskIdentifier task; |
72 | }; | 72 | }; |
73 | 73 | ||
74 | struct BlacklistCheckContext | ||
75 | { | ||
76 | struct BlacklistCheckContext *prev; | ||
77 | struct BlacklistCheckContext *next; | ||
78 | |||
79 | |||
80 | struct GST_BlacklistCheck *blc; | ||
81 | |||
82 | struct GNUNET_HELLO_Address *address; | ||
83 | struct Session *session; | ||
84 | struct GNUNET_MessageHeader *msg; | ||
85 | struct GNUNET_ATS_Information *ats; | ||
86 | uint32_t ats_count; | ||
87 | }; | ||
88 | |||
74 | /* globals */ | 89 | /* globals */ |
75 | 90 | ||
76 | /** | 91 | /** |
@@ -128,6 +143,10 @@ static struct SessionKiller *sk_head; | |||
128 | */ | 143 | */ |
129 | static struct SessionKiller *sk_tail; | 144 | static struct SessionKiller *sk_tail; |
130 | 145 | ||
146 | struct BlacklistCheckContext *bc_head; | ||
147 | struct BlacklistCheckContext *bc_tail; | ||
148 | |||
149 | |||
131 | /** | 150 | /** |
132 | * Transmit our HELLO message to the given (connected) neighbour. | 151 | * Transmit our HELLO message to the given (connected) neighbour. |
133 | * | 152 | * |
@@ -264,6 +283,86 @@ kill_session (const char *plugin_name, struct Session *session) | |||
264 | } | 283 | } |
265 | 284 | ||
266 | /** | 285 | /** |
286 | * Black list check result for try_connect call | ||
287 | * If connection to the peer is allowed request adddress and | ||
288 | * | ||
289 | * @param cls blc_ctx bl context | ||
290 | * @param peer the peer | ||
291 | * @param result the result | ||
292 | */ | ||
293 | static void | ||
294 | connect_address_bl_check_cont (void *cls, | ||
295 | const struct GNUNET_PeerIdentity *peer, int result) | ||
296 | { | ||
297 | struct BlacklistCheckContext *blctx = cls; | ||
298 | |||
299 | if (GNUNET_OK == result) | ||
300 | { | ||
301 | GST_ats_add_address (blctx->address, blctx->session, NULL, 0); | ||
302 | } | ||
303 | else | ||
304 | { | ||
305 | kill_session (blctx->address->transport_name, blctx->session); | ||
306 | } | ||
307 | |||
308 | GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx); | ||
309 | GNUNET_HELLO_address_free (blctx->address); | ||
310 | GNUNET_free (blctx); | ||
311 | } | ||
312 | |||
313 | /** | ||
314 | * Black list check result for try_connect call | ||
315 | * If connection to the peer is allowed request adddress and | ||
316 | * | ||
317 | * @param cls blc_ctx bl context | ||
318 | * @param peer the peer | ||
319 | * @param result the result | ||
320 | */ | ||
321 | static void | ||
322 | connect_bl_check_cont (void *cls, | ||
323 | const struct GNUNET_PeerIdentity *peer, int result) | ||
324 | { | ||
325 | struct BlacklistCheckContext *blctx = cls; | ||
326 | struct BlacklistCheckContext *blctx_address; | ||
327 | struct GST_BlacklistCheck *blc; | ||
328 | if (GNUNET_OK == result) | ||
329 | { | ||
330 | /* Check if incoming address can be used to communicate */ | ||
331 | blctx_address = GNUNET_new (struct BlacklistCheckContext); | ||
332 | blctx_address->address = GNUNET_HELLO_address_copy (blctx->address); | ||
333 | blctx_address->session = blctx->session; | ||
334 | |||
335 | GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx_address); | ||
336 | if (NULL != (blc = GST_blacklist_test_allowed (&blctx_address->address->peer, | ||
337 | blctx_address->address->transport_name, | ||
338 | &connect_address_bl_check_cont, blctx_address))) | ||
339 | { | ||
340 | blctx_address->blc = blc; | ||
341 | } | ||
342 | |||
343 | /* Blacklist allows to speak to this peer, forward CONNECT to neighbours */ | ||
344 | if (GNUNET_OK != GST_neighbours_handle_connect (blctx->msg, | ||
345 | &blctx->address->peer, blctx->address, blctx->session)) | ||
346 | { | ||
347 | kill_session (blctx->address->transport_name, blctx->session); | ||
348 | } | ||
349 | } | ||
350 | else | ||
351 | { | ||
352 | /* Blacklist denies to speak to this peer */ | ||
353 | GNUNET_break (0); | ||
354 | kill_session (blctx->address->transport_name, blctx->session); | ||
355 | GNUNET_break (0); | ||
356 | } | ||
357 | |||
358 | GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx); | ||
359 | if (NULL != blctx->address) | ||
360 | GNUNET_HELLO_address_free (blctx->address); | ||
361 | GNUNET_free (blctx->msg); | ||
362 | GNUNET_free (blctx); | ||
363 | } | ||
364 | |||
365 | /** | ||
267 | * Function called by the transport for each received message. | 366 | * Function called by the transport for each received message. |
268 | * | 367 | * |
269 | * @param cls closure, const char* with the name of the plugin we received the message from | 368 | * @param cls closure, const char* with the name of the plugin we received the message from |
@@ -284,6 +383,8 @@ GST_receive_callback (void *cls, | |||
284 | { | 383 | { |
285 | const char *plugin_name = cls; | 384 | const char *plugin_name = cls; |
286 | struct GNUNET_TIME_Relative ret; | 385 | struct GNUNET_TIME_Relative ret; |
386 | struct BlacklistCheckContext *blctx; | ||
387 | struct GST_BlacklistCheck *blc; | ||
287 | uint16_t type; | 388 | uint16_t type; |
288 | 389 | ||
289 | ret = GNUNET_TIME_UNIT_ZERO; | 390 | ret = GNUNET_TIME_UNIT_ZERO; |
@@ -328,16 +429,22 @@ GST_receive_callback (void *cls, | |||
328 | } | 429 | } |
329 | break; | 430 | break; |
330 | case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT: | 431 | case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT: |
331 | if (GNUNET_OK | 432 | /* Do blacklist check if communication with this peer is allowed */ |
332 | != GST_neighbours_handle_connect (message, &address->peer, address, session)) | 433 | blctx = GNUNET_new (struct BlacklistCheckContext); |
434 | blctx->address = GNUNET_HELLO_address_copy (address); | ||
435 | blctx->session = session; | ||
436 | blctx->msg = GNUNET_malloc (ntohs(message->size)); | ||
437 | memcpy (blctx->msg, message, ntohs(message->size)); | ||
438 | GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx); | ||
439 | if (NULL != (blc = GST_blacklist_test_allowed (&address->peer, NULL, | ||
440 | &connect_bl_check_cont, blctx))) | ||
333 | { | 441 | { |
334 | GNUNET_break_op(0); | 442 | blctx->blc = blc; |
335 | kill_session (plugin_name, session); | ||
336 | } | 443 | } |
337 | break; | 444 | break; |
338 | case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT_ACK: | 445 | case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT_ACK: |
339 | if (GNUNET_OK | 446 | if (GNUNET_OK != GST_neighbours_handle_connect_ack (message, |
340 | != GST_neighbours_handle_connect_ack (message, &address->peer, address, session)) | 447 | &address->peer, address, session)) |
341 | { | 448 | { |
342 | kill_session (plugin_name, session); | 449 | kill_session (plugin_name, session); |
343 | } | 450 | } |
@@ -611,6 +718,37 @@ plugin_env_update_metrics (void *cls, | |||
611 | } | 718 | } |
612 | 719 | ||
613 | /** | 720 | /** |
721 | * Black list check result for try_connect call | ||
722 | * If connection to the peer is allowed request adddress and | ||
723 | * | ||
724 | * @param cls blc_ctx bl context | ||
725 | * @param peer the peer | ||
726 | * @param result the result | ||
727 | */ | ||
728 | static void | ||
729 | plugin_env_session_start_bl_check_cont (void *cls, | ||
730 | const struct GNUNET_PeerIdentity *peer, int result) | ||
731 | { | ||
732 | struct BlacklistCheckContext *blctx = cls; | ||
733 | |||
734 | if (GNUNET_OK == result) | ||
735 | { | ||
736 | GST_ats_add_address (blctx->address, blctx->session, | ||
737 | blctx->ats, blctx->ats_count); | ||
738 | } | ||
739 | else | ||
740 | { | ||
741 | kill_session (blctx->address->transport_name, blctx->session); | ||
742 | } | ||
743 | |||
744 | GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx); | ||
745 | GNUNET_HELLO_address_free (blctx->address); | ||
746 | GNUNET_free_non_null (blctx->ats); | ||
747 | GNUNET_free (blctx); | ||
748 | } | ||
749 | |||
750 | |||
751 | /** | ||
614 | * Plugin tells transport service about a new inbound session | 752 | * Plugin tells transport service about a new inbound session |
615 | * | 753 | * |
616 | * @param cls unused | 754 | * @param cls unused |
@@ -624,6 +762,10 @@ plugin_env_session_start (void *cls, struct GNUNET_HELLO_Address *address, | |||
624 | struct Session *session, const struct GNUNET_ATS_Information *ats, | 762 | struct Session *session, const struct GNUNET_ATS_Information *ats, |
625 | uint32_t ats_count) | 763 | uint32_t ats_count) |
626 | { | 764 | { |
765 | struct BlacklistCheckContext *blctx; | ||
766 | struct GST_BlacklistCheck *blc; | ||
767 | int c; | ||
768 | |||
627 | if (NULL == address) | 769 | if (NULL == address) |
628 | { | 770 | { |
629 | GNUNET_break(0); | 771 | GNUNET_break(0); |
@@ -640,7 +782,27 @@ plugin_env_session_start (void *cls, struct GNUNET_HELLO_Address *address, | |||
640 | GNUNET_HELLO_address_check_option (address, | 782 | GNUNET_HELLO_address_check_option (address, |
641 | GNUNET_HELLO_ADDRESS_INFO_INBOUND) ? "inbound" : "outbound", | 783 | GNUNET_HELLO_ADDRESS_INFO_INBOUND) ? "inbound" : "outbound", |
642 | session, GNUNET_i2s (&address->peer), GST_plugins_a2s (address)); | 784 | session, GNUNET_i2s (&address->peer), GST_plugins_a2s (address)); |
643 | GST_ats_add_address (address, session, ats, ats_count); | 785 | |
786 | /* Do blacklist check if communication with this peer is allowed */ | ||
787 | blctx = GNUNET_new (struct BlacklistCheckContext); | ||
788 | blctx->address = GNUNET_HELLO_address_copy (address); | ||
789 | blctx->session = session; | ||
790 | if (ats_count > 0) | ||
791 | { | ||
792 | blctx->ats = GNUNET_malloc (ats_count * sizeof (struct GNUNET_ATS_Information)); | ||
793 | for (c = 0; c < ats_count; c++) | ||
794 | { | ||
795 | blctx->ats[c].type = ats[c].type; | ||
796 | blctx->ats[c].value = ats[c].value; | ||
797 | } | ||
798 | } | ||
799 | |||
800 | GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx); | ||
801 | if (NULL != (blc = GST_blacklist_test_allowed (&address->peer, address->transport_name, | ||
802 | &plugin_env_session_start_bl_check_cont, blctx))) | ||
803 | { | ||
804 | blctx->blc = blc; | ||
805 | } | ||
644 | } | 806 | } |
645 | 807 | ||
646 | /** | 808 | /** |
diff --git a/src/transport/gnunet-service-transport_neighbours.c b/src/transport/gnunet-service-transport_neighbours.c index 5ce09223c..258967261 100644 --- a/src/transport/gnunet-service-transport_neighbours.c +++ b/src/transport/gnunet-service-transport_neighbours.c | |||
@@ -1673,7 +1673,6 @@ send_session_connect_cont (void *cls, | |||
1673 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_INIT_ATS, | 1673 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_INIT_ATS, |
1674 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); | 1674 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); |
1675 | return; | 1675 | return; |
1676 | |||
1677 | } | 1676 | } |
1678 | 1677 | ||
1679 | /** | 1678 | /** |
@@ -1750,6 +1749,55 @@ send_session_connect (struct NeighbourAddress *na) | |||
1750 | } | 1749 | } |
1751 | 1750 | ||
1752 | 1751 | ||
1752 | static void | ||
1753 | send_session_connect_ack_cont (void *cls, | ||
1754 | const struct GNUNET_PeerIdentity *target, | ||
1755 | int result, | ||
1756 | size_t size_payload, | ||
1757 | size_t size_on_wire) | ||
1758 | { | ||
1759 | struct NeighbourMapEntry *n; | ||
1760 | |||
1761 | n = lookup_neighbour (target); | ||
1762 | if (NULL == n) | ||
1763 | { | ||
1764 | /* CONNECT_ACK continuation was called after neighbor was freed, | ||
1765 | * for example due to a time out for the state or the session | ||
1766 | * used was already terminated: nothing to do here... */ | ||
1767 | return; | ||
1768 | } | ||
1769 | |||
1770 | if (GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK != n->state) | ||
1771 | { | ||
1772 | /* CONNECT_ACK continuation was called after neighbor changed state, | ||
1773 | * for example due to a time out for the state or the session | ||
1774 | * used was already terminated: nothing to do here... */ | ||
1775 | return; | ||
1776 | } | ||
1777 | if (GNUNET_OK == result) | ||
1778 | return; | ||
1779 | |||
1780 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1781 | _("Failed to send CONNECT_ACK message to peer `%s' using address `%s' session %p\n"), | ||
1782 | GNUNET_i2s (target), | ||
1783 | GST_plugins_a2s (n->primary_address.address), | ||
1784 | n->primary_address.session); | ||
1785 | |||
1786 | /* Failed to send CONNECT_ACK message with this address */ | ||
1787 | GNUNET_ATS_address_destroyed (GST_ats, n->primary_address.address, | ||
1788 | n->primary_address.session); | ||
1789 | GNUNET_ATS_address_destroyed (GST_ats, n->primary_address.address, | ||
1790 | NULL); | ||
1791 | |||
1792 | /* Remove address and request and additional one */ | ||
1793 | unset_primary_address (n); | ||
1794 | |||
1795 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS, | ||
1796 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); | ||
1797 | return; | ||
1798 | } | ||
1799 | |||
1800 | |||
1753 | /** | 1801 | /** |
1754 | * Send a CONNECT_ACK message via the given address. | 1802 | * Send a CONNECT_ACK message via the given address. |
1755 | * | 1803 | * |
@@ -1795,7 +1843,7 @@ send_connect_ack_message (const struct GNUNET_HELLO_Address *address, | |||
1795 | (const char *) &connect_msg, sizeof (struct SessionConnectMessage), | 1843 | (const char *) &connect_msg, sizeof (struct SessionConnectMessage), |
1796 | UINT_MAX, | 1844 | UINT_MAX, |
1797 | GNUNET_TIME_UNIT_FOREVER_REL, | 1845 | GNUNET_TIME_UNIT_FOREVER_REL, |
1798 | NULL, NULL)) | 1846 | send_session_connect_ack_cont, NULL)) |
1799 | { | 1847 | { |
1800 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1848 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
1801 | _("Failed to transmit CONNECT_ACK message via plugin to %s\n"), | 1849 | _("Failed to transmit CONNECT_ACK message via plugin to %s\n"), |
@@ -1816,13 +1864,11 @@ send_connect_ack_message (const struct GNUNET_HELLO_Address *address, | |||
1816 | GNUNET_ATS_address_destroyed (GST_ats, address, NULL); | 1864 | GNUNET_ATS_address_destroyed (GST_ats, address, NULL); |
1817 | } | 1865 | } |
1818 | else | 1866 | else |
1819 | { | ||
1820 | GNUNET_ATS_address_destroyed (GST_ats, address, session); | 1867 | GNUNET_ATS_address_destroyed (GST_ats, address, session); |
1821 | } | ||
1822 | 1868 | ||
1823 | /* Remove address and request and additional one */ | 1869 | /* Remove address and request and additional one */ |
1824 | unset_primary_address (n); | 1870 | unset_primary_address (n); |
1825 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_INIT_ATS, | 1871 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS, |
1826 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); | 1872 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); |
1827 | return; | 1873 | return; |
1828 | } | 1874 | } |
@@ -2182,6 +2228,7 @@ GST_neighbours_try_connect (const struct GNUNET_PeerIdentity *target) | |||
2182 | case GNUNET_TRANSPORT_PS_DISCONNECT_FINISHED: | 2228 | case GNUNET_TRANSPORT_PS_DISCONNECT_FINISHED: |
2183 | /* should not be possible */ | 2229 | /* should not be possible */ |
2184 | GNUNET_assert (0); | 2230 | GNUNET_assert (0); |
2231 | return; | ||
2185 | default: | 2232 | default: |
2186 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2233 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2187 | "Unhandled state `%s'\n", | 2234 | "Unhandled state `%s'\n", |
@@ -2227,9 +2274,25 @@ handle_connect_blacklist_check_cont (void *cls, | |||
2227 | "Connection to new address of peer `%s' based on blacklist is `%s'\n", | 2274 | "Connection to new address of peer `%s' based on blacklist is `%s'\n", |
2228 | GNUNET_i2s (peer), | 2275 | GNUNET_i2s (peer), |
2229 | (GNUNET_OK == result) ? "allowed" : "FORBIDDEN"); | 2276 | (GNUNET_OK == result) ? "allowed" : "FORBIDDEN"); |
2277 | |||
2278 | if (NULL == (n = lookup_neighbour (peer))) | ||
2279 | { | ||
2280 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2281 | "No neighbor entry for peer `%s', ignoring blacklist result\n", | ||
2282 | GNUNET_i2s (peer)); | ||
2283 | goto cleanup; /* nobody left to care about new address */ | ||
2284 | } | ||
2285 | |||
2286 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
2287 | "Blacklist check after CONNECT for peer `%s' in state %s/%s: %s\n", | ||
2288 | GNUNET_i2s (peer), | ||
2289 | GNUNET_TRANSPORT_ps2s (n->state), | ||
2290 | print_ack_state (n->ack_state), | ||
2291 | (GNUNET_OK == result) ? "OK" : "FAIL"); | ||
2292 | |||
2230 | if (GNUNET_OK == result) | 2293 | if (GNUNET_OK == result) |
2231 | { | 2294 | { |
2232 | /* Blacklist agreed on connecting to a peer with this address */ | 2295 | /* Blacklist agreed on connecting to a peer with this address, notify ATS */ |
2233 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 2296 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, |
2234 | "Notifying ATS peer's `%s' %s address `%s' session %p\n", | 2297 | "Notifying ATS peer's `%s' %s address `%s' session %p\n", |
2235 | GNUNET_i2s (peer), | 2298 | GNUNET_i2s (peer), |
@@ -2239,28 +2302,15 @@ handle_connect_blacklist_check_cont (void *cls, | |||
2239 | GST_ats_add_address (bcc->na.address, bcc->na.session, NULL, 0); | 2302 | GST_ats_add_address (bcc->na.address, bcc->na.session, NULL, 0); |
2240 | } | 2303 | } |
2241 | 2304 | ||
2242 | if (NULL == (n = lookup_neighbour (peer))) | ||
2243 | { | ||
2244 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2245 | "No neighbor entry for peer `%s', ignoring blacklist result\n", | ||
2246 | GNUNET_i2s (peer)); | ||
2247 | goto cleanup; /* nobody left to care about new address */ | ||
2248 | } | ||
2249 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2250 | "Received connect blacklist check result for peer `%s' in state %s/%s\n", | ||
2251 | GNUNET_i2s (peer), | ||
2252 | GNUNET_TRANSPORT_ps2s (n->state), | ||
2253 | print_ack_state (n->ack_state)); | ||
2254 | switch (n->state) | 2305 | switch (n->state) |
2255 | { | 2306 | { |
2256 | case GNUNET_TRANSPORT_PS_NOT_CONNECTED: | 2307 | case GNUNET_TRANSPORT_PS_NOT_CONNECTED: |
2257 | /* this should not be possible */ | 2308 | /* This should not be possible */ |
2258 | GNUNET_break (0); | 2309 | GNUNET_break (0); |
2259 | free_neighbour (n, GNUNET_NO); | 2310 | free_neighbour (n, GNUNET_NO); |
2260 | break; | 2311 | break; |
2261 | case GNUNET_TRANSPORT_PS_INIT_ATS: | 2312 | case GNUNET_TRANSPORT_PS_INIT_ATS: |
2262 | /* waiting on ATS suggestion; still, pass address to ATS as a | 2313 | /* Waiting on ATS suggestion */ |
2263 | possibility */ | ||
2264 | break; | 2314 | break; |
2265 | case GNUNET_TRANSPORT_PS_CONNECT_SENT: | 2315 | case GNUNET_TRANSPORT_PS_CONNECT_SENT: |
2266 | #if 0 | 2316 | #if 0 |
@@ -2284,19 +2334,25 @@ handle_connect_blacklist_check_cont (void *cls, | |||
2284 | * with this peer, request an address from ATS*/ | 2334 | * with this peer, request an address from ATS*/ |
2285 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS, | 2335 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS, |
2286 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); | 2336 | GNUNET_TIME_relative_to_absolute (ATS_RESPONSE_TIMEOUT)); |
2287 | GNUNET_ATS_reset_backoff (GST_ats, peer); | 2337 | |
2288 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2338 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2289 | "Requesting address for peer %s to ATS\n", | 2339 | "Requesting address for peer %s to ATS\n", |
2290 | GNUNET_i2s (peer)); | 2340 | GNUNET_i2s (peer)); |
2291 | if (NULL == n->suggest_handle) | 2341 | if (NULL == n->suggest_handle) |
2292 | n->suggest_handle = GNUNET_ATS_suggest_address (GST_ats, peer, | 2342 | n->suggest_handle = GNUNET_ATS_suggest_address (GST_ats, peer, |
2293 | &address_suggest_cont, n); | 2343 | &address_suggest_cont, n); |
2294 | else | 2344 | GNUNET_ATS_reset_backoff (GST_ats, peer); |
2295 | GNUNET_ATS_reset_backoff (GST_ats, peer); | ||
2296 | } | 2345 | } |
2297 | else | 2346 | else |
2298 | { | 2347 | { |
2299 | /* FIXME: state handling required! */ | 2348 | /* We received a CONNECT message from a peer, but blacklist denies to |
2349 | * communicate with this peer and this address | ||
2350 | * - Previous state: NOT_CONNECTED: | ||
2351 | * We can free the neighbour, since the CONNECT created it | ||
2352 | * - Previous state INIT_ATS: | ||
2353 | * | ||
2354 | * */ | ||
2355 | free_neighbour (n, GNUNET_NO); | ||
2300 | } | 2356 | } |
2301 | break; | 2357 | break; |
2302 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: | 2358 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: |
@@ -2343,6 +2399,9 @@ handle_connect_blacklist_check_cont (void *cls, | |||
2343 | if ( (GNUNET_OK == result) && | 2399 | if ( (GNUNET_OK == result) && |
2344 | (ACK_SEND_CONNECT_ACK == n->ack_state) ) | 2400 | (ACK_SEND_CONNECT_ACK == n->ack_state) ) |
2345 | { | 2401 | { |
2402 | /* TODO: Why should this happen? */ | ||
2403 | /* *Debug message: */ GNUNET_break (0); | ||
2404 | |||
2346 | n->ack_state = ACK_SEND_SESSION_ACK; | 2405 | n->ack_state = ACK_SEND_SESSION_ACK; |
2347 | send_connect_ack_message (n->primary_address.address, | 2406 | send_connect_ack_message (n->primary_address.address, |
2348 | n->primary_address.session, | 2407 | n->primary_address.session, |
@@ -2536,10 +2595,11 @@ GST_neighbours_handle_connect (const struct GNUNET_MessageHeader *message, | |||
2536 | n->connect_ack_timestamp = ts; | 2595 | n->connect_ack_timestamp = ts; |
2537 | 2596 | ||
2538 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2597 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2539 | "Received SESSION_CONNECT for peer `%s' in state %s/%s\n", | 2598 | "Received CONNECT for peer `%s' in state %s/%s\n", |
2540 | GNUNET_i2s (peer), | 2599 | GNUNET_i2s (peer), |
2541 | GNUNET_TRANSPORT_ps2s (n->state), | 2600 | GNUNET_TRANSPORT_ps2s (n->state), |
2542 | print_ack_state (n->ack_state)); | 2601 | print_ack_state (n->ack_state)); |
2602 | |||
2543 | switch (n->state) | 2603 | switch (n->state) |
2544 | { | 2604 | { |
2545 | case GNUNET_TRANSPORT_PS_NOT_CONNECTED: | 2605 | case GNUNET_TRANSPORT_PS_NOT_CONNECTED: |
@@ -2552,7 +2612,8 @@ GST_neighbours_handle_connect (const struct GNUNET_MessageHeader *message, | |||
2552 | /* CONNECT message takes priority over us asking ATS for address */ | 2612 | /* CONNECT message takes priority over us asking ATS for address */ |
2553 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND, | 2613 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND, |
2554 | GNUNET_TIME_relative_to_absolute (BLACKLIST_RESPONSE_TIMEOUT)); | 2614 | GNUNET_TIME_relative_to_absolute (BLACKLIST_RESPONSE_TIMEOUT)); |
2555 | /* fallthrough */ | 2615 | connect_check_blacklist (peer, ts, address, session); |
2616 | break; | ||
2556 | case GNUNET_TRANSPORT_PS_CONNECT_SENT: | 2617 | case GNUNET_TRANSPORT_PS_CONNECT_SENT: |
2557 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: | 2618 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: |
2558 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: | 2619 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: |
@@ -2732,24 +2793,24 @@ switch_address_bl_check_cont (void *cls, | |||
2732 | GNUNET_TIME_relative_to_absolute (SETUP_CONNECTION_TIMEOUT)); | 2793 | GNUNET_TIME_relative_to_absolute (SETUP_CONNECTION_TIMEOUT)); |
2733 | send_session_connect (&n->primary_address); | 2794 | send_session_connect (&n->primary_address); |
2734 | break; | 2795 | break; |
2796 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: | ||
2797 | /* We received an suggestion while waiting for a CONNECT blacklist check, | ||
2798 | * this suggestion was permitted by a blacklist check, so send ACK*/ | ||
2735 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: | 2799 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ATS: |
2800 | /* We requested an address and ATS suggests one: | ||
2801 | * set primary address and send CONNECT_ACK message*/ | ||
2736 | set_primary_address (n, blc_ctx->address, blc_ctx->session, | 2802 | set_primary_address (n, blc_ctx->address, blc_ctx->session, |
2737 | blc_ctx->bandwidth_in, blc_ctx->bandwidth_out, GNUNET_NO); | 2803 | blc_ctx->bandwidth_in, blc_ctx->bandwidth_out, GNUNET_NO); |
2738 | /* Send an ACK message as a response to the CONNECT msg */ | 2804 | /* Send an ACK message as a response to the CONNECT msg */ |
2739 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK, | 2805 | set_state_and_timeout (n, GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK, |
2740 | GNUNET_TIME_relative_to_absolute (SETUP_CONNECTION_TIMEOUT)); | 2806 | GNUNET_TIME_relative_to_absolute (SETUP_CONNECTION_TIMEOUT)); |
2741 | send_connect_ack_message (n->primary_address.address, | 2807 | send_connect_ack_message (n->primary_address.address, |
2742 | n->primary_address.session, | 2808 | n->primary_address.session, |
2743 | n->connect_ack_timestamp); | 2809 | n->connect_ack_timestamp); |
2744 | if (ACK_SEND_CONNECT_ACK == n->ack_state) | 2810 | if (ACK_SEND_CONNECT_ACK == n->ack_state) |
2745 | n->ack_state = ACK_SEND_SESSION_ACK; | 2811 | n->ack_state = ACK_SEND_SESSION_ACK; |
2746 | 2812 | ||
2747 | break; | 2813 | break; |
2748 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: | ||
2749 | set_timeout (n, GNUNET_TIME_relative_to_absolute (BLACKLIST_RESPONSE_TIMEOUT)); | ||
2750 | /* REMOVE */ connect_check_blacklist (&n->id, n->connect_ack_timestamp, | ||
2751 | blc_ctx->address, blc_ctx->session); | ||
2752 | break; | ||
2753 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST: | 2814 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST: |
2754 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK: | 2815 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_ACK: |
2755 | /* ATS asks us to switch while we were trying to connect; switch to new | 2816 | /* ATS asks us to switch while we were trying to connect; switch to new |
@@ -3161,7 +3222,7 @@ master_task (void *cls, | |||
3161 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: | 3222 | case GNUNET_TRANSPORT_PS_CONNECT_RECV_BLACKLIST_INBOUND: |
3162 | if (0 == delay.rel_value_us) | 3223 | if (0 == delay.rel_value_us) |
3163 | { | 3224 | { |
3164 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3225 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, |
3165 | "Connection to `%s' timed out waiting BLACKLIST to approve address to use for received CONNECT\n", | 3226 | "Connection to `%s' timed out waiting BLACKLIST to approve address to use for received CONNECT\n", |
3166 | GNUNET_i2s (&n->id)); | 3227 | GNUNET_i2s (&n->id)); |
3167 | free_neighbour (n, GNUNET_NO); | 3228 | free_neighbour (n, GNUNET_NO); |