From 2a681608b541ededcf0fd80bfd83e194f02717aa Mon Sep 17 00:00:00 2001 From: zzz Date: Sat, 22 Nov 2014 14:05:06 +0000 Subject: [PATCH] PeerSelector: If non-DSA, don't use incompatible peers for exploratory tunnels or closest-hop in client tunnels --- history.txt | 12 +++++++ .../src/net/i2p/router/RouterVersion.java | 4 +-- .../tunnel/pool/ClientPeerSelector.java | 27 ++++++++++++-- .../tunnel/pool/ExploratoryPeerSelector.java | 7 ++++ .../tunnel/pool/TunnelPeerSelector.java | 35 +++++++++++++++++++ 5 files changed, 80 insertions(+), 5 deletions(-) diff --git a/history.txt b/history.txt index 414e5f39c..8909dcb78 100644 --- a/history.txt +++ b/history.txt @@ -1,3 +1,15 @@ +2014-11-22 zzz + * PeerSelector: If non-DSA, don't use incompatible peers + for exploratory tunnels or closest-hop in client tunnels + +2014-11-17 zzz + * NetDB: Exclude A1/A2 "countries" from auto-floodfill + +2014-11-15 zzz + * I2NP: + - Set lookup type flags even if no reply tunnel specified + - Reduce object churn when writing some messages + 2014-11-13 zzz * I2PTunnel: - Fix bug that left server acceptor thread running after close diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java index fecba78d6..74605163f 100644 --- a/router/java/src/net/i2p/router/RouterVersion.java +++ b/router/java/src/net/i2p/router/RouterVersion.java @@ -18,10 +18,10 @@ public class RouterVersion { /** deprecated */ public final static String ID = "Monotone"; public final static String VERSION = CoreVersion.VERSION; - public final static long BUILD = 7; + public final static long BUILD = 8; /** for example "-test" */ - public final static String EXTRA = ""; + public final static String EXTRA = "-rc"; public final static String FULL_VERSION = VERSION + "-" + BUILD + EXTRA; public static void main(String args[]) { System.out.println("I2P Router version: " + FULL_VERSION); diff --git a/router/java/src/net/i2p/router/tunnel/pool/ClientPeerSelector.java b/router/java/src/net/i2p/router/tunnel/pool/ClientPeerSelector.java index 2e13c4c57..126004c85 100644 --- a/router/java/src/net/i2p/router/tunnel/pool/ClientPeerSelector.java +++ b/router/java/src/net/i2p/router/tunnel/pool/ClientPeerSelector.java @@ -36,6 +36,10 @@ class ClientPeerSelector extends TunnelPeerSelector { Set exclude = getExclude(settings.isInbound(), false); Set matches = new HashSet(length); if (length == 1) { + // closest-hop restrictions + Set moreExclude = getClosestHopExclude(settings.isInbound()); + if (moreExclude != null) + exclude.addAll(moreExclude); ctx.profileOrganizer().selectFastPeers(length, exclude, matches, 0); matches.remove(ctx.routerHash()); rv = new ArrayList(matches); @@ -46,10 +50,22 @@ class ClientPeerSelector extends TunnelPeerSelector { rv = new ArrayList(length + 1); // OBEP or IB last hop // group 0 or 1 if two hops, otherwise group 0 + Set firstHopExclude; if (!settings.isInbound()) { - // exclude existing OBEPs to get some diversity + // exclude existing OBEPs to get some diversity ? + + // closest-hop restrictions + Set moreExclude = getClosestHopExclude(false); + if (moreExclude != null) { + moreExclude.addAll(exclude); + firstHopExclude = moreExclude; + } else { + firstHopExclude = exclude; + } + } else { + firstHopExclude = exclude; } - ctx.profileOrganizer().selectFastPeers(1, exclude, matches, settings.getRandomKey(), length == 2 ? 2 : 4); + ctx.profileOrganizer().selectFastPeers(1, firstHopExclude, matches, settings.getRandomKey(), length == 2 ? 2 : 4); matches.remove(ctx.routerHash()); exclude.addAll(matches); rv.addAll(matches); @@ -73,7 +89,12 @@ class ClientPeerSelector extends TunnelPeerSelector { // IBGW or OB first hop // group 2 or 3 if two hops, otherwise group 1 if (settings.isInbound()) { - // exclude existing IBGWs to get some diversity + // exclude existing IBGWs to get some diversity ? + + // closest-hop restrictions + Set moreExclude = getClosestHopExclude(true); + if (moreExclude != null) + exclude.addAll(moreExclude); } ctx.profileOrganizer().selectFastPeers(1, exclude, matches, settings.getRandomKey(), length == 2 ? 3 : 5); matches.remove(ctx.routerHash()); diff --git a/router/java/src/net/i2p/router/tunnel/pool/ExploratoryPeerSelector.java b/router/java/src/net/i2p/router/tunnel/pool/ExploratoryPeerSelector.java index e0581c884..68ad4e046 100644 --- a/router/java/src/net/i2p/router/tunnel/pool/ExploratoryPeerSelector.java +++ b/router/java/src/net/i2p/router/tunnel/pool/ExploratoryPeerSelector.java @@ -42,6 +42,13 @@ class ExploratoryPeerSelector extends TunnelPeerSelector { Set exclude = getExclude(settings.isInbound(), true); exclude.add(ctx.routerHash()); + // closest-hop restrictions + // Since we're applying orderPeers() later, we don't know + // which will be the closest hop, so just appply to all peers for now. + Set moreExclude = getClosestHopExclude(settings.isInbound()); + if (moreExclude != null) + exclude.addAll(moreExclude); + // Don't use ff peers for exploratory tunnels to lessen exposure to netDb searches and stores // Hmm if they don't get explored they don't get a speed/capacity rating // so they don't get used for client tunnels either. diff --git a/router/java/src/net/i2p/router/tunnel/pool/TunnelPeerSelector.java b/router/java/src/net/i2p/router/tunnel/pool/TunnelPeerSelector.java index 8bb657831..fa3f5e75d 100644 --- a/router/java/src/net/i2p/router/tunnel/pool/TunnelPeerSelector.java +++ b/router/java/src/net/i2p/router/tunnel/pool/TunnelPeerSelector.java @@ -14,6 +14,7 @@ import java.util.StringTokenizer; import net.i2p.I2PAppContext; import net.i2p.crypto.SHA256Generator; +import net.i2p.crypto.SigType; import net.i2p.data.DataFormatException; import net.i2p.data.Hash; import net.i2p.data.router.RouterInfo; @@ -327,6 +328,40 @@ public abstract class TunnelPeerSelector { return peers; } + /** + * Pick peers that we want to avoid for the first OB hop or last IB hop. + * This is only filled in if our router sig type is not DSA. + * + * @param isInbound unused + * @return null if none + * @since 0.9.17 + */ + protected Set getClosestHopExclude(boolean isInbound) { + RouterInfo ri = ctx.router().getRouterInfo(); + if (ri == null) + return null; + SigType type = ri.getIdentity().getSigType(); + if (type == SigType.DSA_SHA1) + return null; + Set rv = new HashSet(1024); + FloodfillNetworkDatabaseFacade fac = (FloodfillNetworkDatabaseFacade)ctx.netDb(); + List known = fac.getKnownRouterData(); + if (known != null) { + for (int i = 0; i < known.size(); i++) { + RouterInfo peer = known.get(i); + String v = peer.getOption("router.version"); + if (v == null) + continue; + // RI sigtypes added in 0.9.16 + // SSU inbound connection bug fixed in 0.9.17, but it won't bid, so NTCP only, + // no need to check + if (VersionComparator.comp(v, "0.9.16") < 0) + rv.add(peer.getIdentity().calculateHash()); + } + } + return rv; + } + /** warning, this is also called by ProfileOrganizer.isSelectable() */ public static boolean shouldExclude(RouterContext ctx, RouterInfo peer) { Log log = ctx.logManager().getLog(TunnelPeerSelector.class);