From 5fb9db53be80fb052a428039f0494c2c2eb7aa64 Mon Sep 17 00:00:00 2001 From: Cameron Dale Date: Mon, 28 Apr 2008 16:28:06 -0700 Subject: [PATCH] Don't add local IP addresses to the routing table (with config option to override). --- apt-p2p.conf | 5 +++++ apt_p2p_Khashmir/DHT.py | 6 +++--- apt_p2p_Khashmir/khashmir.py | 21 +++++++++++++++++---- debian/apt-p2p.conf.sgml | 10 +++++++++- test.py | 5 +++++ 5 files changed, 39 insertions(+), 8 deletions(-) diff --git a/apt-p2p.conf b/apt-p2p.conf index 7dc3f54..e3512c8 100644 --- a/apt-p2p.conf +++ b/apt-p2p.conf @@ -105,6 +105,11 @@ MIN_PING_INTERVAL = 15m # refresh buckets that haven't been touched in this long BUCKET_STALENESS = 1h +# Whether it's OK to add nodes to the routing table that use an IP +# address from a known local/private range. +# If not specified here, the LOCAL_OK value in the DEFAULT section will be used. +# LOCAL_OK = no + # expire unrefreshed entries older than this KEY_EXPIRE = 3h diff --git a/apt_p2p_Khashmir/DHT.py b/apt_p2p_Khashmir/DHT.py index 7c4c7bd..af99f05 100644 --- a/apt_p2p_Khashmir/DHT.py +++ b/apt_p2p_Khashmir/DHT.py @@ -115,7 +115,7 @@ class DHT: 'KRPC_TIMEOUT', 'KRPC_INITIAL_DELAY']: self.config[k] = self.config_parser.gettime(section, k) # The booleans in the config file - elif k in ['SPEW']: + elif k in ['SPEW', 'LOCAL_OK']: self.config[k] = self.config_parser.getboolean(section, k) # Everything else is a string else: @@ -335,7 +335,7 @@ class TestSimpleDHT(unittest.TestCase): DHT_DEFAULTS = {'PORT': 9977, 'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4, 'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000, - 'MAX_FAILURES': 3, + 'MAX_FAILURES': 3, 'LOCAL_OK': True, 'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600, 'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2, 'KEY_EXPIRE': 3600, 'SPEW': False, } @@ -456,7 +456,7 @@ class TestMultiDHT(unittest.TestCase): DHT_DEFAULTS = {'PORT': 9977, 'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4, 'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000, - 'MAX_FAILURES': 3, + 'MAX_FAILURES': 3, 'LOCAL_OK': True, 'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600, 'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2, 'KEY_EXPIRE': 3600, 'SPEW': False, } diff --git a/apt_p2p_Khashmir/khashmir.py b/apt_p2p_Khashmir/khashmir.py index cc188d8..294940c 100644 --- a/apt_p2p_Khashmir/khashmir.py +++ b/apt_p2p_Khashmir/khashmir.py @@ -1,5 +1,9 @@ -"""The main Khashmir program.""" +"""The main Khashmir program. + +@var isLocal: a compiled regular expression suitable for testing if an + IP address is from a known local or private range +""" import warnings warnings.simplefilter("ignore", DeprecationWarning) @@ -8,7 +12,7 @@ from datetime import datetime, timedelta from random import randrange, shuffle from sha import sha from copy import copy -import os +import os, re from twisted.internet.defer import Deferred from twisted.internet import protocol, reactor @@ -23,6 +27,11 @@ from actions import FindNode, FindValue, GetValue, StoreValue from stats import StatsLogger import krpc +isLocal = re.compile('^(192\.168\.[0-9]{1,3}\.[0-9]{1,3})|'+ + '(10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|'+ + '(172\.0?([1][6-9])|([2][0-9])|([3][0-1])\.[0-9]{1,3}\.[0-9]{1,3})|'+ + '(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$') + class KhashmirBase(protocol.Factory): """The base Khashmir class, with base functionality and find node, no key-value mappings. @@ -191,6 +200,10 @@ class KhashmirBase(protocol.Factory): @param contacted: whether the new node is known to be good, i.e. responded to a request (optional, defaults to True) """ + # Don't add any local nodes to the routing table + if not self.config['LOCAL_OK'] and isLocal.match(node.host): + return + old = self.table.insertNode(node, contacted=contacted) if (old and old.id != self.node.id and (datetime.now() - old.lastSeen) > @@ -517,7 +530,7 @@ class SimpleTests(unittest.TestCase): DHT_DEFAULTS = {'PORT': 9977, 'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4, 'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000, - 'MAX_FAILURES': 3, + 'MAX_FAILURES': 3, 'LOCAL_OK': True, 'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600, 'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2, 'KEY_EXPIRE': 3600, 'SPEW': False, } @@ -591,7 +604,7 @@ class MultiTest(unittest.TestCase): DHT_DEFAULTS = {'PORT': 9977, 'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4, 'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000, - 'MAX_FAILURES': 3, + 'MAX_FAILURES': 3, 'LOCAL_OK': True, 'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600, 'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2, 'KEY_EXPIRE': 3600, 'SPEW': False, } diff --git a/debian/apt-p2p.conf.sgml b/debian/apt-p2p.conf.sgml index 98a8a8c..cf10b44 100644 --- a/debian/apt-p2p.conf.sgml +++ b/debian/apt-p2p.conf.sgml @@ -129,7 +129,7 @@ - Whether it's OK to use an IP addres from a known local or private range. + Whether it's OK to use an IP address from a known local or private range. (Default is false) @@ -263,6 +263,14 @@ (Default is 1 hour.) + + + + Whether it's OK to add nodes to the routing table that use an IP address + from a known local or private range. + (Default is to use the value specified in the DEFAULT section.) + + diff --git a/test.py b/test.py index 83c2d1b..a04903c 100755 --- a/test.py +++ b/test.py @@ -513,6 +513,11 @@ MIN_PING_INTERVAL = 15m # refresh buckets that haven't been touched in this long BUCKET_STALENESS = 1h +# Whether it's OK to add nodes to the routing table that use an IP +# address from a known local/private range. +# If not specified here, the LOCAL_OK value in the DEFAULT section will be used. +LOCAL_OK = yes + # expire entries older than this KEY_EXPIRE = 3h -- 2.39.5