diff options
Diffstat (limited to 'src/transport/gnunet-service-transport_validation.c')
-rw-r--r-- | src/transport/gnunet-service-transport_validation.c | 110 |
1 files changed, 71 insertions, 39 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index 50626eaa6..666892e6e 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c | |||
@@ -178,6 +178,11 @@ struct ValidationEntry | |||
178 | const void *addr; | 178 | const void *addr; |
179 | 179 | ||
180 | /** | 180 | /** |
181 | * Handle to the blacklist check (if we're currently in it). | ||
182 | */ | ||
183 | struct GST_BlacklistCheck *bc; | ||
184 | |||
185 | /** | ||
181 | * Public key of the peer. | 186 | * Public key of the peer. |
182 | */ | 187 | */ |
183 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; | 188 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded public_key; |
@@ -483,6 +488,15 @@ cleanup_validation_entry (void *cls, | |||
483 | { | 488 | { |
484 | struct ValidationEntry *ve = value; | 489 | struct ValidationEntry *ve = value; |
485 | 490 | ||
491 | if (NULL != ve->bc) | ||
492 | { | ||
493 | GST_blacklist_test_cancel (ve->bc); | ||
494 | ve->bc = NULL; | ||
495 | } | ||
496 | GNUNET_break (GNUNET_OK == | ||
497 | GNUNET_CONTAINER_multihashmap_remove (validation_map, | ||
498 | &va->pid.hashPubKey, | ||
499 | va)); | ||
486 | GNUNET_free (ve->transport_name); | 500 | GNUNET_free (ve->transport_name); |
487 | if (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) | 501 | if (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) |
488 | { | 502 | { |
@@ -528,19 +542,14 @@ static void | |||
528 | timeout_hello_validation (void *cls, | 542 | timeout_hello_validation (void *cls, |
529 | const struct GNUNET_SCHEDULER_TaskContext *tc) | 543 | const struct GNUNET_SCHEDULER_TaskContext *tc) |
530 | { | 544 | { |
531 | struct ValidationEntry *va = cls; | 545 | struct ValidationEntry *ve = cls; |
532 | 546 | ||
533 | va->timeout_task = GNUNET_SCHEDULER_NO_TASK; | 547 | ve->timeout_task = GNUNET_SCHEDULER_NO_TASK; |
534 | GNUNET_STATISTICS_update (GST_stats, | 548 | GNUNET_STATISTICS_update (GST_stats, |
535 | gettext_noop ("# address records discarded"), | 549 | gettext_noop ("# address records discarded"), |
536 | 1, | 550 | 1, |
537 | GNUNET_NO); | 551 | GNUNET_NO); |
538 | GNUNET_break (GNUNET_OK == | 552 | cleanup_validation_entry (NULL, &ve->pid.hashPubKey, ve); |
539 | GNUNET_CONTAINER_multihashmap_remove (validation_map, | ||
540 | &va->pid.hashPubKey, | ||
541 | va)); | ||
542 | GNUNET_free (va->transport_name); | ||
543 | GNUNET_free (va); | ||
544 | } | 553 | } |
545 | 554 | ||
546 | 555 | ||
@@ -772,26 +781,19 @@ struct ValidateAddressContext | |||
772 | 781 | ||
773 | 782 | ||
774 | /** | 783 | /** |
775 | * Iterator callback to go over all addresses and try to validate them | 784 | * Function called with the result from blacklisting. |
776 | * (unless blocked or already validated). | 785 | * Send a PING to the other peer if a communication is allowed. |
777 | * | 786 | * |
778 | * @param cls pointer to a 'struct ValidateAddressContext' | 787 | * @param cls ou r'struct ValidationEntry' |
779 | * @param tname name of the transport | 788 | * @param pid identity of the other peer |
780 | * @param expiration expiration time | 789 | * @param result GNUNET_OK if the connection is allowed, GNUNET_NO if not |
781 | * @param addr the address | ||
782 | * @param addrlen length of the address | ||
783 | * @return GNUNET_OK (keep the address) | ||
784 | */ | 790 | */ |
785 | static int | 791 | static void |
786 | validate_address (void *cls, | 792 | transmit_ping_if_allowed (void *cls, |
787 | const char *tname, | 793 | const struct GNUNET_PeerIdentity *pid, |
788 | struct GNUNET_TIME_Absolute expiration, | 794 | int result) |
789 | const void *addr, | ||
790 | uint16_t addrlen) | ||
791 | { | 795 | { |
792 | const struct ValidateAddressContext *vac = cls; | 796 | struct ValidationEntry *ve = cls; |
793 | const struct GNUNET_PeerIdentity *pid = &vac->pid; | ||
794 | struct ValidationEntry *ve; | ||
795 | struct TransportPingMessage ping; | 797 | struct TransportPingMessage ping; |
796 | struct GNUNET_TRANSPORT_PluginFunctions *papi; | 798 | struct GNUNET_TRANSPORT_PluginFunctions *papi; |
797 | const struct GNUNET_MessageHeader *hello; | 799 | const struct GNUNET_MessageHeader *hello; |
@@ -800,20 +802,7 @@ validate_address (void *cls, | |||
800 | size_t slen; | 802 | size_t slen; |
801 | uint16_t hsize; | 803 | uint16_t hsize; |
802 | 804 | ||
803 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) | 805 | ve->bc = NULL; |
804 | return GNUNET_OK; /* expired */ | ||
805 | ve = find_validation_entry (&vac->public_key, pid, tname, addr, addrlen); | ||
806 | if (GNUNET_TIME_absolute_get_remaining (ve->validation_block).rel_value > 0) | ||
807 | return GNUNET_OK; /* blocked */ | ||
808 | if ( (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) && | ||
809 | (GNUNET_TIME_absolute_get_remaining (ve->valid_until).rel_value > 0) ) | ||
810 | return GNUNET_OK; /* revalidation task already scheduled & still valid */ | ||
811 | ve->validation_block = GNUNET_TIME_relative_to_absolute (HELLO_REVALIDATION_START_TIME); | ||
812 | if (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) | ||
813 | GNUNET_SCHEDULER_cancel (ve->timeout_task); | ||
814 | ve->timeout_task = GNUNET_SCHEDULER_add_delayed (HELLO_REVALIDATION_START_TIME, | ||
815 | &timeout_hello_validation, | ||
816 | ve); | ||
817 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 806 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
818 | "Transmitting plain PING to `%s'\n", | 807 | "Transmitting plain PING to `%s'\n", |
819 | GNUNET_i2s (pid)); | 808 | GNUNET_i2s (pid)); |
@@ -872,6 +861,49 @@ validate_address (void *cls, | |||
872 | 1, | 861 | 1, |
873 | GNUNET_NO); | 862 | GNUNET_NO); |
874 | } | 863 | } |
864 | } | ||
865 | |||
866 | |||
867 | /** | ||
868 | * Iterator callback to go over all addresses and try to validate them | ||
869 | * (unless blocked or already validated). | ||
870 | * | ||
871 | * @param cls pointer to a 'struct ValidateAddressContext' | ||
872 | * @param tname name of the transport | ||
873 | * @param expiration expiration time | ||
874 | * @param addr the address | ||
875 | * @param addrlen length of the address | ||
876 | * @return GNUNET_OK (keep the address) | ||
877 | */ | ||
878 | static int | ||
879 | validate_address (void *cls, | ||
880 | const char *tname, | ||
881 | struct GNUNET_TIME_Absolute expiration, | ||
882 | const void *addr, | ||
883 | uint16_t addrlen) | ||
884 | { | ||
885 | const struct ValidateAddressContext *vac = cls; | ||
886 | const struct GNUNET_PeerIdentity *pid = &vac->pid; | ||
887 | struct ValidationEntry *ve; | ||
888 | |||
889 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) | ||
890 | return GNUNET_OK; /* expired */ | ||
891 | ve = find_validation_entry (&vac->public_key, pid, tname, addr, addrlen); | ||
892 | if (GNUNET_TIME_absolute_get_remaining (ve->validation_block).rel_value > 0) | ||
893 | return GNUNET_OK; /* blocked */ | ||
894 | if ( (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) && | ||
895 | (GNUNET_TIME_absolute_get_remaining (ve->valid_until).rel_value > 0) ) | ||
896 | return GNUNET_OK; /* revalidation task already scheduled & still valid */ | ||
897 | ve->validation_block = GNUNET_TIME_relative_to_absolute (HELLO_REVALIDATION_START_TIME); | ||
898 | if (GNUNET_SCHEDULER_NO_TASK != ve->timeout_task) | ||
899 | GNUNET_SCHEDULER_cancel (ve->timeout_task); | ||
900 | ve->timeout_task = GNUNET_SCHEDULER_add_delayed (HELLO_REVALIDATION_START_TIME, | ||
901 | &timeout_hello_validation, | ||
902 | ve); | ||
903 | ve->bc = GST_blacklist_test_allowed (pid, | ||
904 | tname, | ||
905 | &transmit_ping_if_allowed, | ||
906 | ve); | ||
875 | return GNUNET_OK; | 907 | return GNUNET_OK; |
876 | } | 908 | } |
877 | 909 | ||