From 3d6a40a6831fbc2ce9309b8ea0c0fbcea55acdb2 Mon Sep 17 00:00:00 2001
From: jrandom <jrandom>
Date: Wed, 18 Aug 2004 07:23:01 +0000
Subject: [PATCH] don't do the netDb store of the peer's routerInfo until after
we validate what they tell us (so we can shitlist them for the right reason)
[thanks duck!]
---
.../transport/tcp/RestrictiveTCPConnection.java | 16 ++++++++++++++--
.../i2p/router/transport/tcp/TCPConnection.java | 11 ++---------
2 files changed, 16 insertions(+), 11 deletions(-)
diff --git a/router/java/src/net/i2p/router/transport/tcp/RestrictiveTCPConnection.java b/router/java/src/net/i2p/router/transport/tcp/RestrictiveTCPConnection.java
index f263927ca8..91f3065419 100644
--- a/router/java/src/net/i2p/router/transport/tcp/RestrictiveTCPConnection.java
+++ b/router/java/src/net/i2p/router/transport/tcp/RestrictiveTCPConnection.java
@@ -260,9 +260,9 @@ class RestrictiveTCPConnection extends TCPConnection {
boolean ok = identifyStationToStation();
if (_log.shouldLog(Log.DEBUG)) _log.debug("After station to station [" + ok + "]...");
- if (!ok)
+ if (!ok) {
throw new DataFormatException("Station to station identification failed! MITM?");
-
+ }
if (_log.shouldLog(Log.DEBUG)) _log.debug("before validateVersion...");
boolean versionOk = validateVersion();
@@ -284,6 +284,18 @@ class RestrictiveTCPConnection extends TCPConnection {
throw new DataFormatException("Peer is too far out of sync with the current router's clock! dropping");
}
+ try {
+ _context.netDb().store(_remoteIdentity.getHash(), _remoteInfo);
+ } catch (IllegalArgumentException iae) {
+ if (_log.shouldLog(Log.ERROR))
+ _log.error("Peer gave us invalid router info", iae);
+ // not only do we remove the reference to the invalid peer
+ _context.netDb().fail(_remoteIdentity.getHash());
+ // but we make sure that we don't try to talk to them soon even if we get a new ref
+ _context.shitlist().shitlistRouter(_remoteIdentity.getHash(), "Invalid peer info");
+ throw new DataFormatException("Invalid peer info provided");
+ }
+
if (_log.shouldLog(Log.DEBUG)) _log.debug("before validate peer address...");
boolean peerReachable = validatePeerAddress();
if (_log.shouldLog(Log.DEBUG)) _log.debug("after validatePeerAddress [" + peerReachable + "]...");
diff --git a/router/java/src/net/i2p/router/transport/tcp/TCPConnection.java b/router/java/src/net/i2p/router/transport/tcp/TCPConnection.java
index e67f2d9710..013108498a 100644
--- a/router/java/src/net/i2p/router/transport/tcp/TCPConnection.java
+++ b/router/java/src/net/i2p/router/transport/tcp/TCPConnection.java
@@ -59,6 +59,7 @@ class TCPConnection implements I2NPMessageReader.I2NPMessageEventListener {
protected InputStream _in;
protected OutputStream _out;
protected RouterIdentity _remoteIdentity;
+ protected RouterInfo _remoteInfo;
protected TCPTransport _transport;
protected ConnectionRunner _runner;
protected List _toBeSent;
@@ -191,15 +192,7 @@ class TCPConnection implements I2NPMessageReader.I2NPMessageEventListener {
byte signedData[] = new byte[decr.length - rsig.getData().length];
System.arraycopy(decr, 0, signedData, 0, signedData.length);
boolean valid = _context.dsa().verifySignature(rsig, signedData, _remoteIdentity.getSigningPublicKey());
- if (valid) {
- try {
- _context.netDb().store(_remoteIdentity.getHash(), peer);
- } catch (IllegalArgumentException iae) {
- if (_log.shouldLog(Log.ERROR))
- _log.error("Peer gave us invalid router info", iae);
- valid = false;
- }
- }
+ _remoteInfo = peer;
return valid;
}
--
GitLab