Validate port/IP in received peer tests

This commit is contained in:
zzz
2012-10-06 14:58:42 +00:00
parent b07b9bf0b9
commit 034db1a282
3 changed files with 12 additions and 3 deletions

View File

@ -8,6 +8,7 @@
* SSU:
- Throttle outbound destroys on shutdown
- Limit outbound introduction offers
- Validate port/IP in received peer tests
2012-10-05 zzz
* configservice.jsp: Add GC button

View File

@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */
public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 8;
public final static long BUILD = 9;
/** for example "-test" */
public final static String EXTRA = "";

View File

@ -437,7 +437,14 @@ class PeerTestManager {
PeerTestState state = _activeTests.get(Long.valueOf(nonce));
if (state == null) {
if ( (testIP == null) || (testPort <= 0) ) {
// NEW TEST
if ((testPort > 0 && (testPort < 1024 || testPort > 65535)) ||
(testIP != null && !_transport.isValid(testIP))) {
// spoof check, and don't respond to privileged ports
if (_log.shouldLog(Log.WARN))
_log.warn("Invalid IP/Port rcvd in PeerTest: " + Addresses.toString(testIP, testPort));
return;
} else if ( (testIP == null) || (testPort <= 0) ) {
// we are bob, since we haven't seen this nonce before AND its coming from alice
if (_log.shouldLog(Log.DEBUG))
_log.debug("test IP/port are blank coming from " + from + ", assuming we are Bob and they are alice");
@ -455,6 +462,7 @@ class PeerTestManager {
}
}
} else {
// EXISTING TEST
if (state.getOurRole() == PeerTestState.BOB) {
if (DataHelper.eq(from.getIP(), state.getAliceIP().getAddress()) &&
(from.getPort() == state.getAlicePort()) ) {