From 98f7f308641b2c7cf94184a42323bfc4766ebe74 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Wed, 22 Jan 2020 20:48:32 +0000
Subject: [PATCH] SSU: Use same valid IP criteria for sending relay request as
 for receiving relay response

---
 .../transport/udp/EstablishmentManager.java    |  6 +++---
 .../transport/udp/IntroductionManager.java     |  2 +-
 .../router/transport/udp/PacketBuilder.java    | 18 +++++++++++-------
 3 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java b/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java
index 94be6ca25..59f410df9 100644
--- a/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java
+++ b/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java
@@ -941,7 +941,7 @@ class EstablishmentManager {
             state.setIntroNonce(nonce);
         }
         _context.statManager().addRateData("udp.sendIntroRelayRequest", 1);
-        List<UDPPacket> requests = _builder.buildRelayRequest(_transport, state, _transport.getIntroKey());
+        List<UDPPacket> requests = _builder.buildRelayRequest(_transport, this, state, _transport.getIntroKey());
         if (requests.isEmpty()) {
             // FIXME need a failed OB state
             if (_log.shouldLog(Log.WARN))
@@ -1045,9 +1045,9 @@ class EstablishmentManager {
      *  Are IP and port valid? This is only for checking the relay response.
      *  Reject all IPv6, for now, even if we are configured for it.
      *  Refuse anybody in the same /16
-     *  @since 0.9.3
+     *  @since 0.9.3, pkg private since 0.9.45 for PacketBuider
      */
-    private boolean isValid(byte[] ip, int port) {
+    boolean isValid(byte[] ip, int port) {
         return TransportUtil.isValidPort(port) &&
                ip != null && ip.length == 4 &&
                _transport.isValid(ip) &&
diff --git a/router/java/src/net/i2p/router/transport/udp/IntroductionManager.java b/router/java/src/net/i2p/router/transport/udp/IntroductionManager.java
index 4772ec2f8..75f6fdbb8 100644
--- a/router/java/src/net/i2p/router/transport/udp/IntroductionManager.java
+++ b/router/java/src/net/i2p/router/transport/udp/IntroductionManager.java
@@ -206,7 +206,7 @@ class IntroductionManager {
                 _context.banlist().isBanlisted(cur.getRemotePeer()) ||
                 _transport.wasUnreachable(cur.getRemotePeer())) {
                 if (_log.shouldLog(Log.INFO))
-                    _log.info("Peer is failing, shistlisted or was unreachable: " + cur);
+                    _log.info("Peer is failing, blocklisted or was unreachable: " + cur);
                 continue;
             }
             // Try to pick active peers...
diff --git a/router/java/src/net/i2p/router/transport/udp/PacketBuilder.java b/router/java/src/net/i2p/router/transport/udp/PacketBuilder.java
index 3dbf0192b..d6d9984fc 100644
--- a/router/java/src/net/i2p/router/transport/udp/PacketBuilder.java
+++ b/router/java/src/net/i2p/router/transport/udp/PacketBuilder.java
@@ -1214,9 +1214,12 @@ class PacketBuilder {
     
     /**
      *  build intro packets for each of the published introducers
+     *
+     *  @param emgr only to call emgr.isValid()
      *  @return empty list on failure
      */
-    public List<UDPPacket> buildRelayRequest(UDPTransport transport, OutboundEstablishState state, SessionKey ourIntroKey) {
+    public List<UDPPacket> buildRelayRequest(UDPTransport transport, EstablishmentManager emgr,
+                                             OutboundEstablishState state, SessionKey ourIntroKey) {
         UDPAddress addr = state.getRemoteAddress();
         int count = addr.getIntroducerCount();
         List<UDPPacket> rv = new ArrayList<UDPPacket>(count);
@@ -1228,16 +1231,17 @@ class PacketBuilder {
             long tag = addr.getIntroducerTag(i);
             long exp = addr.getIntroducerExpiration(i);
             // let's not use an introducer on a privileged port, sounds like trouble
-            if (ikey == null || !TransportUtil.isValidPort(iport) ||
+            if (ikey == null ||
                 iaddr == null || tag <= 0 ||
-                // must be IPv4 for now as we don't send Alice IP/port, see below
-                iaddr.getAddress().length != 4 ||
-                (!_transport.isValid(iaddr.getAddress())) ||
+                // we must use the same isValid() as EstablishmentManager.receiveRelayResponse().
+                // If an introducer isn't valid, we shouldn't send to it
+                !emgr.isValid(iaddr.getAddress(), iport) ||
                 (exp > 0 && exp < cutoff) ||
+                // FIXME this will have already failed in isValid() above, right?
                 (Arrays.equals(iaddr.getAddress(), _transport.getExternalIP()) && !_transport.allowLocal())) {
                 if (_log.shouldLog(Log.WARN))
-                    _log.warn("Cannot build a relay request to " + state.getRemoteIdentity().calculateHash()
-                               + ", as their UDP address is invalid: addr=" + addr + " index=" + i);
+                    _log.warn("Cannot build a relay request for " + state.getRemoteIdentity().calculateHash()
+                               + ", as the introducer address is invalid: " + iaddr + ':' + iport);
                 // TODO implement some sort of introducer banlist
                 continue;
             }