Don't add local IP addresses to the routing table (with config option to override).

diff --git a/apt-p2p.conf b/apt-p2p.conf
index 7dc3f545a68fe6f59dc3589b2b45a02335e0b003..e3512c8e80491d6c208112056426a9c0e2fb30ee 100644 (file)
--- a/apt-p2p.conf
+++ b/apt-p2p.conf
@@ -105,6 +105,11 @@ MIN_PING_INTERVAL = 15m
 # refresh buckets that haven't been touched in this long
 BUCKET_STALENESS = 1h
 
 # refresh buckets that haven't been touched in this long
 BUCKET_STALENESS = 1h
 

+# Whether it's OK to add nodes to the routing table that use an IP
+# address from a known local/private range.
+# If not specified here, the LOCAL_OK value in the DEFAULT section will be used.
+# LOCAL_OK = no
+

 # expire unrefreshed entries older than this
 KEY_EXPIRE = 3h
 
 # expire unrefreshed entries older than this
 KEY_EXPIRE = 3h
 

diff --git a/apt_p2p_Khashmir/DHT.py b/apt_p2p_Khashmir/DHT.py
index 7c4c7bd5cfd53806dd9eb092cab88912ea496e87..af99f053c689800cfce81f18a2ba26170f2ab069 100644 (file)
--- a/apt_p2p_Khashmir/DHT.py
+++ b/apt_p2p_Khashmir/DHT.py
@@ -115,7 +115,7 @@ class DHT:
                        'KRPC_TIMEOUT', 'KRPC_INITIAL_DELAY']:
                 self.config[k] = self.config_parser.gettime(section, k)
             # The booleans in the config file
                        'KRPC_TIMEOUT', 'KRPC_INITIAL_DELAY']:
                 self.config[k] = self.config_parser.gettime(section, k)
             # The booleans in the config file

-            elif k in ['SPEW']:
+            elif k in ['SPEW', 'LOCAL_OK']:

                 self.config[k] = self.config_parser.getboolean(section, k)
             # Everything else is a string
             else:
                 self.config[k] = self.config_parser.getboolean(section, k)
             # Everything else is a string
             else:


@@ -335,7 +335,7 @@ class TestSimpleDHT(unittest.TestCase):
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,

-                    'MAX_FAILURES': 3,
+                    'MAX_FAILURES': 3, 'LOCAL_OK': True,

                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }
                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }


@@ -456,7 +456,7 @@ class TestMultiDHT(unittest.TestCase):
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,

-                    'MAX_FAILURES': 3,
+                    'MAX_FAILURES': 3, 'LOCAL_OK': True,

                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }
                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }

diff --git a/apt_p2p_Khashmir/khashmir.py b/apt_p2p_Khashmir/khashmir.py
index cc188d8bcf80ad669d14a35304c8ff886eb7570c..294940c545c1cb5fa13af1fb3aa68ea7d1a747f9 100644 (file)
--- a/apt_p2p_Khashmir/khashmir.py
+++ b/apt_p2p_Khashmir/khashmir.py
@@ -1,5 +1,9 @@
 
 

-"""The main Khashmir program."""
+"""The main Khashmir program.
+
+@var isLocal: a compiled regular expression suitable for testing if an
+    IP address is from a known local or private range
+"""

 
 import warnings
 warnings.simplefilter("ignore", DeprecationWarning)
 
 import warnings
 warnings.simplefilter("ignore", DeprecationWarning)


@@ -8,7 +12,7 @@ from datetime import datetime, timedelta
 from random import randrange, shuffle
 from sha import sha
 from copy import copy
 from random import randrange, shuffle
 from sha import sha
 from copy import copy

-import os
+import os, re

 
 from twisted.internet.defer import Deferred
 from twisted.internet import protocol, reactor
 
 from twisted.internet.defer import Deferred
 from twisted.internet import protocol, reactor


@@ -23,6 +27,11 @@ from actions import FindNode, FindValue, GetValue, StoreValue
 from stats import StatsLogger
 import krpc
 
 from stats import StatsLogger
 import krpc
 

+isLocal = re.compile('^(192\.168\.[0-9]{1,3}\.[0-9]{1,3})|'+
+                     '(10\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|'+
+                     '(172\.0?([1][6-9])|([2][0-9])|([3][0-1])\.[0-9]{1,3}\.[0-9]{1,3})|'+
+                     '(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$')
+

 class KhashmirBase(protocol.Factory):
     """The base Khashmir class, with base functionality and find node, no key-value mappings.
     
 class KhashmirBase(protocol.Factory):
     """The base Khashmir class, with base functionality and find node, no key-value mappings.
     


@@ -191,6 +200,10 @@ class KhashmirBase(protocol.Factory):
         @param contacted: whether the new node is known to be good, i.e.
             responded to a request (optional, defaults to True)
         """
         @param contacted: whether the new node is known to be good, i.e.
             responded to a request (optional, defaults to True)
         """

+        # Don't add any local nodes to the routing table
+        if not self.config['LOCAL_OK'] and isLocal.match(node.host):
+            return
+

         old = self.table.insertNode(node, contacted=contacted)
         if (old and old.id != self.node.id and
             (datetime.now() - old.lastSeen) > 
         old = self.table.insertNode(node, contacted=contacted)
         if (old and old.id != self.node.id and
             (datetime.now() - old.lastSeen) > 


@@ -517,7 +530,7 @@ class SimpleTests(unittest.TestCase):
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,

-                    'MAX_FAILURES': 3,
+                    'MAX_FAILURES': 3, 'LOCAL_OK': True,

                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }
                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }


@@ -591,7 +604,7 @@ class MultiTest(unittest.TestCase):
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,
     DHT_DEFAULTS = {'PORT': 9977,
                     'CHECKPOINT_INTERVAL': 300, 'CONCURRENT_REQS': 4,
                     'STORE_REDUNDANCY': 3, 'RETRIEVE_VALUES': -10000,

-                    'MAX_FAILURES': 3,
+                    'MAX_FAILURES': 3, 'LOCAL_OK': True,

                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }
                     'MIN_PING_INTERVAL': 900,'BUCKET_STALENESS': 3600,
                     'KRPC_TIMEOUT': 14, 'KRPC_INITIAL_DELAY': 2,
                     'KEY_EXPIRE': 3600, 'SPEW': False, }

diff --git a/debian/apt-p2p.conf.sgml b/debian/apt-p2p.conf.sgml
index 98a8a8c53181ed05ed9a6fafaceafdc9c6d9c777..cf10b44ab4e4e4b56d26a5164c4a5fdff36d8555 100644 (file)
--- a/debian/apt-p2p.conf.sgml
+++ b/debian/apt-p2p.conf.sgml
@@ -129,7 +129,7 @@
          <varlistentry>
            <term><option>LOCAL_OK = <replaceable>boolean</replaceable></option></term>
             <listitem>
          <varlistentry>
            <term><option>LOCAL_OK = <replaceable>boolean</replaceable></option></term>
             <listitem>

-             <para>Whether it's OK to use an IP addres from a known local or private range.
+             <para>Whether it's OK to use an IP address from a known local or private range.

                (Default is false)</para>
            </listitem>
          </varlistentry>
                (Default is false)</para>
            </listitem>
          </varlistentry>


@@ -263,6 +263,14 @@
                  (Default is 1 hour.)</para>
            </listitem>
          </varlistentry>
                  (Default is 1 hour.)</para>
            </listitem>
          </varlistentry>

+         <varlistentry>
+           <term><option>LOCAL_OK = <replaceable>boolean</replaceable></option></term>
+            <listitem>
+             <para>Whether it's OK to add nodes to the routing table that use an IP address
+               from a known local or private range.
+               (Default is to use the value specified in the DEFAULT section.)</para>
+           </listitem>
+         </varlistentry>

          <varlistentry>
            <term><option>KEY_EXPIRE = <replaceable>time</replaceable></option></term>
             <listitem>
          <varlistentry>
            <term><option>KEY_EXPIRE = <replaceable>time</replaceable></option></term>
             <listitem>

diff --git a/test.py b/test.py
index 83c2d1bbecfce101529560035c9db77f8ed9b5e5..a04903c88f676a3e6276efbaaf4ddbb902b0cf29 100755 (executable)
--- a/test.py
+++ b/test.py
@@ -513,6 +513,11 @@ MIN_PING_INTERVAL = 15m
 # refresh buckets that haven't been touched in this long
 BUCKET_STALENESS = 1h
 
 # refresh buckets that haven't been touched in this long
 BUCKET_STALENESS = 1h
 

+# Whether it's OK to add nodes to the routing table that use an IP
+# address from a known local/private range.
+# If not specified here, the LOCAL_OK value in the DEFAULT section will be used.
+LOCAL_OK = yes
+

 # expire entries older than this
 KEY_EXPIRE = 3h
 
 # expire entries older than this
 KEY_EXPIRE = 3h