From 878f7b0e46e49a5abb90015e584dc299faaabf36 Mon Sep 17 00:00:00 2001 From: idk Date: Wed, 8 Nov 2023 20:59:14 +0000 Subject: [PATCH] Revert Blocklist/Banlist Changes --- .../net/i2p/router/update/NewsFetcher.java | 4 +- .../router/web/helpers/BanlistRenderer.java | 6 +- router/java/src/net/i2p/router/Banlist.java | 114 ++++++------------ router/java/src/net/i2p/router/Blocklist.java | 39 +++--- ...FloodfillDatabaseLookupMessageHandler.java | 2 +- .../FloodfillNetworkDatabaseFacade.java | 4 +- .../kademlia/FloodfillPeerSelector.java | 4 +- ...andleFloodfillDatabaseStoreMessageJob.java | 2 +- .../kademlia/IterativeLookupJob.java | 2 +- .../kademlia/IterativeSearchJob.java | 2 +- .../KademliaNetworkDatabaseFacade.java | 2 +- .../src/net/i2p/router/sybil/Analysis.java | 8 +- .../i2p/router/transport/TransportImpl.java | 2 +- .../transport/ntcp/InboundEstablishState.java | 7 +- .../transport/udp/EstablishmentManager.java | 2 +- .../transport/udp/InboundEstablishState.java | 2 +- .../transport/udp/InboundEstablishState2.java | 4 +- 17 files changed, 77 insertions(+), 129 deletions(-) diff --git a/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java b/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java index daf9865fc2..e56b88e5b6 100644 --- a/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java +++ b/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java @@ -657,7 +657,7 @@ private void processBlocklistEntries(BlocklistEntries ble) { continue; } Hash h = Hash.create(b); - if (!ban.isBanlistedHard(h)) { + if (!ban.isBanlistedForever(h)) { ban.banlistRouterForever(h, reason); _context.commSystem().forceDisconnect(h); } @@ -681,7 +681,7 @@ private void processBlocklistEntries(BlocklistEntries ble) { if (b == null || b.length != Hash.HASH_LENGTH) continue; Hash h = Hash.create(b); - if (ban.isBanlistedHard(h)) + if (ban.isBanlistedForever(h)) ban.unbanlistRouter(h); } else { byte[] ip = Addresses.getIP(s); diff --git a/apps/routerconsole/java/src/net/i2p/router/web/helpers/BanlistRenderer.java b/apps/routerconsole/java/src/net/i2p/router/web/helpers/BanlistRenderer.java index 7a86441648..8ab9a643ee 100644 --- a/apps/routerconsole/java/src/net/i2p/router/web/helpers/BanlistRenderer.java +++ b/apps/routerconsole/java/src/net/i2p/router/web/helpers/BanlistRenderer.java @@ -78,14 +78,12 @@ else if (expires < 5l*24*60*60*1000) buf.append(" on the following transport: ").append(transports); if (entry.cause != null) { buf.append("
\n"); - if (entry.causeComment != null) - buf.append(_t(entry.cause, entry.causeComment)); + if (entry.causeCode != null) + buf.append(_t(entry.cause, entry.causeCode)); else buf.append(_t(entry.cause)); } if (!key.equals(Hash.FAKE_HASH)) { - if (entry.causeCode == 1) - buf.append(" (H)"); // note: CSS hides anchor text buf.append(" [").append(unban).append("]"); diff --git a/router/java/src/net/i2p/router/Banlist.java b/router/java/src/net/i2p/router/Banlist.java index 7ed72dcfd3..dc3d322403 100644 --- a/router/java/src/net/i2p/router/Banlist.java +++ b/router/java/src/net/i2p/router/Banlist.java @@ -39,10 +39,8 @@ public static class Entry { public long expireOn; /** why they were banlisted */ public String cause; - /** separate comment so cause can contain {0} for translation */ - public String causeComment; - /** Code used for classifying the handling of the ban */ - public Integer causeCode; + /** separate code so cause can contain {0} for translation */ + public String causeCode; /** what transports they were banlisted for (String), or null for all transports */ public Set transports; } @@ -54,7 +52,7 @@ public static class Entry { public final static long BANLIST_DURATION_MS = 7*60*1000; public final static long BANLIST_DURATION_MAX = 30*60*1000; public final static long BANLIST_DURATION_PARTIAL = 10*60*1000; - public final static long BANLIST_DURATION_HARD = 181l*24*60*60*1000; // will get rounded down to 180d on console + public final static long BANLIST_DURATION_FOREVER = 181l*24*60*60*1000; // will get rounded down to 180d on console /** * Buggy i2pd fork * @since 0.9.52 @@ -62,10 +60,7 @@ public static class Entry { public final static long BANLIST_DURATION_NO_NETWORK = 30*24*60*60*1000L; public final static long BANLIST_DURATION_LOCALHOST = 2*60*60*1000; private final static long BANLIST_CLEANER_START_DELAY = BANLIST_DURATION_PARTIAL; - - public final static Integer BANLIST_CODE_SOFT = 0; - public final static Integer BANLIST_CODE_HARD = 1; - + public Banlist(RouterContext context) { _context = context; _log = context.logManager().getLog(Banlist.class); @@ -135,8 +130,8 @@ public boolean banlistRouter(Hash peer) { /** * @return true if it WAS previously on the list */ - public boolean banlistRouter(String reasonComment, Hash peer, String reason) { - return banlistRouter(peer, reason, reasonComment, null, false); + public boolean banlistRouter(String reasonCode, Hash peer, String reason) { + return banlistRouter(peer, reason, reasonCode, null, false); } /** @@ -156,65 +151,46 @@ public boolean banlistRouterForever(Hash peer, String reason) { /** * @return true if it WAS previously on the list */ - public boolean banlistRouterForever(Hash peer, String reason, String reasonComment) { - return banlistRouter(peer, reason, reasonComment, null, true); + public boolean banlistRouterForever(Hash peer, String reason, String reasonCode) { + return banlistRouter(peer, reason, reasonCode, null, true); } /** * @return true if it WAS previously on the list */ - public boolean banlistRouter(Hash peer, String reason, String transport, boolean hard) { - return banlistRouter(peer, reason, null, transport, hard); + public boolean banlistRouter(Hash peer, String reason, String transport, boolean forever) { + return banlistRouter(peer, reason, null, transport, forever); } /** * @return true if it WAS previously on the list */ - private boolean banlistRouter(Hash peer, String reason, String reasonComment, String transport, boolean hard) { + private boolean banlistRouter(Hash peer, String reason, String reasonCode, String transport, boolean forever) { long expireOn; - Integer reasonCode; - if (hard) { - expireOn = _context.clock().now() + BANLIST_DURATION_HARD; - reasonCode = BANLIST_CODE_HARD; + if (forever) { + expireOn = _context.clock().now() + BANLIST_DURATION_FOREVER; } else if (transport != null) { expireOn = _context.clock().now() + BANLIST_DURATION_PARTIAL; - reasonCode = BANLIST_CODE_SOFT; } else { long period = BANLIST_DURATION_MS + _context.random().nextLong(BANLIST_DURATION_MS / 4); if (period > BANLIST_DURATION_MAX) period = BANLIST_DURATION_MAX; expireOn = _context.clock().now() + period; - reasonCode = BANLIST_CODE_SOFT; } - return banlistRouter(peer, reason, reasonComment, reasonCode, transport, expireOn); - } - - /** - * @return true if it WAS previously on the list - */ - public boolean banlistRouter(Hash peer, String reason, String reasonComment, String transport, long expireOn) { - Integer reasonCode = BANLIST_CODE_SOFT; // Default - // To maintain legacy behavior, set reasonCode to BANLIST_CODE_HARD - // if expireOn is longer than 2 days. - if (expireOn > _context.clock().now() + 2*24*60*60*1000L) - reasonCode = BANLIST_CODE_HARD; - return banlistRouter(peer, reason, reasonComment, reasonCode, transport, expireOn); + return banlistRouter(peer, reason, reasonCode, transport, expireOn); } /** * So that we may specify an expiration * * @param reason may be null - * @param reasonComment may be null - * @param reasonCode Integer handling code. - * BANLIST_CODE_SOFT - 0 - SOFT ban handling - * BANLIST_CODE_HARD - 1 - HARD ban handling (corresponds to legacy 'forever' ban handling) + * @param reasonCode may be null * @param expireOn absolute time, not a duration * @param transport may be null * @return true if it WAS previously on the list * @since 0.9.18 */ - public boolean banlistRouter(Hash peer, String reason, String reasonComment, Integer reasonCode, String transport, long expireOn) { + public boolean banlistRouter(Hash peer, String reason, String reasonCode, String transport, long expireOn) { if (peer == null) { _log.error("ban null?", new Exception()); return false; @@ -232,7 +208,6 @@ public boolean banlistRouter(Hash peer, String reason, String reasonComment, Int Entry e = new Entry(); e.expireOn = expireOn; e.cause = reason; - e.causeComment = reasonComment; e.causeCode = reasonCode; e.transports = null; if (transport != null) { @@ -240,32 +215,26 @@ public boolean banlistRouter(Hash peer, String reason, String reasonComment, Int e.transports.add(transport); } - Entry old = _entries.get(peer); - if (old != null) { - wasAlready = true; - // take the oldest expiration and cause, combine transports - if (old.expireOn > e.expireOn) { - e.expireOn = old.expireOn; - e.cause = old.cause; - e.causeComment = old.causeComment; - } - // Preserve BANLIST_CODE_HARD over BANLIST_CODE_SOFT - // Otherwise, take the highest banlist handling code. - if ((e.causeCode == 1) || (old.causeCode == 1)) - e.causeCode = 1; - else - e.causeCode = Math.max(e.causeCode, old.causeCode); - if (e.transports != null) { - if (old.transports != null) - e.transports.addAll(old.transports); - else { - e.transports = null; - e.cause = reason; - e.causeComment = reasonComment; + Entry old = _entries.get(peer); + if (old != null) { + wasAlready = true; + // take the oldest expiration and cause, combine transports + if (old.expireOn > e.expireOn) { + e.expireOn = old.expireOn; + e.cause = old.cause; + e.causeCode = old.causeCode; + } + if (e.transports != null) { + if (old.transports != null) + e.transports.addAll(old.transports); + else { + e.transports = null; + e.cause = reason; + e.causeCode = reasonCode; + } } } - } - _entries.put(peer, e); + _entries.put(peer, e); if (transport == null) { // we hate the peer on *any* transport @@ -349,19 +318,10 @@ public boolean isBanlisted(Hash peer, String transport) { return rv; } - - public boolean isBanlistedHard(Hash peer) { - boolean rv = false; - + + public boolean isBanlistedForever(Hash peer) { Entry entry = _entries.get(peer); - if (entry == null) - rv = false; - else if (entry.causeCode == BANLIST_CODE_HARD) - rv = true; - else - rv = (entry.expireOn > _context.clock().now() + 2*24*60*60*1000L); - - return rv; + return entry != null && entry.expireOn > _context.clock().now() + 2*24*60*60*1000L; } /** @deprecated moved to router console */ diff --git a/router/java/src/net/i2p/router/Blocklist.java b/router/java/src/net/i2p/router/Blocklist.java index edd37db013..99247e0c27 100644 --- a/router/java/src/net/i2p/router/Blocklist.java +++ b/router/java/src/net/i2p/router/Blocklist.java @@ -227,9 +227,11 @@ public synchronized void startup() { // but it's important to have this initialized before we read in the netdb. //job.getTiming().setStartAfter(_context.clock().now() + 30*1000); _context.jobQueue().addJob(job); - Job cleanupJob = new CleanupJob(); - cleanupJob.getTiming().setStartAfter(_context.clock().now() + expireInterval()); - _context.jobQueue().addJob(cleanupJob); + if (expireInterval() > 0) { + Job cleanupJob = new CleanupJob(); + cleanupJob.getTiming().setStartAfter(_context.clock().now() + expireInterval()); + _context.jobQueue().addJob(cleanupJob); + } } /** @@ -278,21 +280,12 @@ public String getName(){ return "Expire blocklist at user-defined interval of " + expireInterval(); } public void runJob() { - int jobInterval; - - if (expireInterval() > 0) { - clear(); - _lastExpired = System.currentTimeMillis(); - jobInterval = expireInterval(); - if (_log.shouldLog(Log.DEBUG)) - _log.debug("Expiring blocklist entrys at" + _lastExpired); - } else { - // Set the next job interval to 15 minutes when expireInterval disabled - jobInterval = 15 * 60 * 1000; - } - + clear(); + _lastExpired = System.currentTimeMillis(); + if (_log.shouldLog(Log.DEBUG)) + _log.debug("Expiring blocklist entrys at" + _lastExpired); // schedule the next one - super.requeue(jobInterval); + super.requeue(expireInterval()); } } @@ -368,9 +361,7 @@ private int process() { private void banlistRouter(Hash peer, String reason, String comment) { if (expireInterval() > 0) - _context.banlist().banlistRouter(peer, reason, comment, - _context.banlist().BANLIST_CODE_HARD, null, - _context.clock().now() + expireInterval()); + _context.banlist().banlistRouter(peer, reason, comment, null, expireInterval()); else _context.banlist().banlistRouterForever(peer, reason, comment); } @@ -1281,13 +1272,11 @@ public void runJob() { * So we also stagger these jobs. * */ - private void banlistRouter( Hash peer, String reason, String reasonComment, long duration) { + private void banlistRouter( Hash peer, String reason, String reasonCode, long duration) { if (duration > 0) - _context.banlist().banlistRouter(peer, reason, reasonComment, - _context.banlist().BANLIST_CODE_HARD, null, - System.currentTimeMillis()+expireInterval()); + _context.banlist().banlistRouter(peer, reason, reasonCode, null, System.currentTimeMillis()+expireInterval()); else - _context.banlist().banlistRouterForever(peer, reason, reasonComment); + _context.banlist().banlistRouterForever(peer, reason, reasonCode); } private synchronized void banlistRouter(Hash peer, List ips, long duration) { // This only checks one file for now, pick the best one diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillDatabaseLookupMessageHandler.java b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillDatabaseLookupMessageHandler.java index 606f3e97ac..bbb7b52794 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillDatabaseLookupMessageHandler.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillDatabaseLookupMessageHandler.java @@ -66,7 +66,7 @@ public Job createJob(I2NPMessage receivedMessage, RouterIdentity from, Hash from DatabaseLookupMessage dlm = (DatabaseLookupMessage)receivedMessage; boolean isBanned = dlm.getFrom() != null - && (_context.banlist().isBanlistedHard(dlm.getFrom()) + && (_context.banlist().isBanlistedForever(dlm.getFrom()) || _context.banlist().isBanlisted(dlm.getFrom())); if (isBanned) { _context.statManager().addRateData("netDb.lookupsDroppedDueToPriorBan", 1); diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillNetworkDatabaseFacade.java b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillNetworkDatabaseFacade.java index 395ee0ac34..e11d97bb34 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillNetworkDatabaseFacade.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillNetworkDatabaseFacade.java @@ -247,7 +247,7 @@ public boolean floodConditional(DatabaseEntry ds) { if (!floodfillEnabled()) return false; Hash h = ds.getHash(); - if (_context.banlist().isBanlistedHard(h)) + if (_context.banlist().isBanlistedForever(h)) return false; if (shouldThrottleFlood(h)) { _context.statManager().addRateData("netDb.floodThrottled", 1); @@ -668,7 +668,7 @@ protected void lookupBeforeDropping(Hash peer, RouterInfo info) { knownRouters > MAX_DB_BEFORE_SKIPPING_SEARCH || _context.jobQueue().getMaxLag() > 500 || _context.router().gracefulShutdownInProgress() || - _context.banlist().isBanlistedHard(peer)) { + _context.banlist().isBanlistedForever(peer)) { // don't try to overload ourselves (e.g. failing 3000 router refs at // once, and then firing off 3000 netDb lookup tasks) // Also don't queue a search if we have plenty of routerinfos diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillPeerSelector.java b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillPeerSelector.java index 967e639709..5e3ac202dd 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillPeerSelector.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillPeerSelector.java @@ -140,7 +140,7 @@ private List selectFloodfillParticipants(Set toIgnore, KBucketSet rv = new ArrayList(set.size()); for (Hash h : set) { if ((toIgnore != null && toIgnore.contains(h)) || - _context.banlist().isBanlistedHard(h)) + _context.banlist().isBanlistedForever(h)) continue; rv.add(h); } @@ -371,7 +371,7 @@ public void add(Hash entry) { //if (_context.banlist().isBanlisted(entry)) // return; // ... unless they are really bad - if (_context.banlist().isBanlistedHard(entry)) + if (_context.banlist().isBanlistedForever(entry)) return; RouterInfo info = (RouterInfo) _context.netDb().lookupLocallyWithoutValidation(entry); //if (info == null) diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java index 8d37c57cd4..905ea29bd1 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java @@ -412,7 +412,7 @@ else if (_fromHash.equals(key)) // Check new routerinfo address against blocklist if (wasNew) { // TODO should we not flood temporarily banned routers either? - boolean forever = getContext().banlist().isBanlistedHard(key); + boolean forever = getContext().banlist().isBanlistedForever(key); if (forever) { wasNew = false; // don't flood shouldStore = false; // don't call heardAbout() diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/IterativeLookupJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/IterativeLookupJob.java index 41b237636c..6b243b7695 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/IterativeLookupJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/IterativeLookupJob.java @@ -62,7 +62,7 @@ public void runJob() { invalidPeers++; continue; } - if (getContext().banlist().isBanlistedHard(peer)) { + if (getContext().banlist().isBanlistedForever(peer)) { oldPeers++; continue; } diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/IterativeSearchJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/IterativeSearchJob.java index 66112cf3b4..22355df5ab 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/IterativeSearchJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/IterativeSearchJob.java @@ -594,7 +594,7 @@ void newPeerToTry(Hash peer) { if (peer.equals(getContext().routerHash()) || peer.equals(_key)) return; - if (getContext().banlist().isBanlistedHard(peer)) { + if (getContext().banlist().isBanlistedForever(peer)) { if (_log.shouldLog(Log.INFO)) _log.info(getJobId() + ": banlisted peer from DSRM " + peer); return; diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java b/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java index df5d1e0227..84085f5187 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/KademliaNetworkDatabaseFacade.java @@ -824,7 +824,7 @@ public void lookupRouterInfo(Hash key, Job onFindJob, Job onFailedLookupJob, lon if (ri != null) { if (onFindJob != null) _context.jobQueue().addJob(onFindJob); - } else if (_context.banlist().isBanlistedHard(key)) { + } else if (_context.banlist().isBanlistedForever(key)) { if (onFailedLookupJob != null) _context.jobQueue().addJob(onFailedLookupJob); } else if (isNegativeCached(key)) { diff --git a/router/java/src/net/i2p/router/sybil/Analysis.java b/router/java/src/net/i2p/router/sybil/Analysis.java index 7043f980bc..c3ac82f122 100644 --- a/router/java/src/net/i2p/router/sybil/Analysis.java +++ b/router/java/src/net/i2p/router/sybil/Analysis.java @@ -173,7 +173,7 @@ public void runJob() { if (b != null && b.length == Hash.HASH_LENGTH) { Hash h = Hash.create(b); long until = e.getValue().longValue(); - ban.banlistRouter(h, "Sybil analysis", null, ban.BANLIST_CODE_HARD, null, until); + ban.banlistRouter(h, "Sybil analysis", null, null, until); } } } @@ -497,7 +497,7 @@ private void doBlocking(Map points) { else _log.warn("Banned " + h.toBase64() + " by " + reason); } - _context.banlist().banlistRouter(h, reason, null, Banlist.BANLIST_CODE_HARD, null, blockUntil); + _context.banlist().banlistRouter(h, reason, null, null, blockUntil); } } if (!blocks.isEmpty()) @@ -1061,8 +1061,8 @@ public void addProfilePoints(List ris, Map points) { if (entry != null) { if (entry.cause != null) { buf.append(": "); - if (entry.causeComment != null) - buf.append(_t(entry.cause, entry.causeComment)); + if (entry.causeCode != null) + buf.append(_t(entry.cause, entry.causeCode)); else buf.append(_t(entry.cause)); } diff --git a/router/java/src/net/i2p/router/transport/TransportImpl.java b/router/java/src/net/i2p/router/transport/TransportImpl.java index 04b24b16da..4a2a45b88c 100644 --- a/router/java/src/net/i2p/router/transport/TransportImpl.java +++ b/router/java/src/net/i2p/router/transport/TransportImpl.java @@ -958,7 +958,7 @@ public void markReachable(Hash peer, boolean isInbound) { // even HARD banned in the first place (we've been unbanning everybody // who reaches here, whether they're banned or not), then mark it // with an warning-level log entry. - if (_context.banlist().isBanlistedHard(peer)) { + if (_context.banlist().isBanlistedForever(peer)) { if (_log.shouldLog(Log.WARN)) _log.warn("Unbanning HARD-banned peer (due to reachability): " + peer, new Exception("Unbanned by")); _context.banlist().unbanlistRouter(peer); diff --git a/router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java b/router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java index a11afdbb0f..dd6349a627 100644 --- a/router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java +++ b/router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java @@ -180,7 +180,7 @@ private void receiveInbound(ByteBuffer src) { private boolean verifyInbound(Hash aliceHash) { // get inet-addr byte[] ip = _con.getRemoteIP(); - if (_context.banlist().isBanlistedHard(aliceHash)) { + if (_context.banlist().isBanlistedForever(aliceHash)) { if (_log.shouldWarn()) _log.warn("Dropping inbound connection from permanently banlisted peer at " + Addresses.toString(ip) + " : " + aliceHash); // So next time we will not accept the con from this IP, @@ -674,7 +674,7 @@ public void gotRI(RouterInfo ri, boolean isHandshake, boolean flood) throws Data } _aliceIdent = ri.getIdentity(); Hash h = _aliceIdent.calculateHash(); - // this sets the reason + // this sets the reasonH boolean ok = verifyInbound(h); if (!ok) throw new DataFormatException("NTCP2 verifyInbound() fail"); @@ -682,7 +682,8 @@ public void gotRI(RouterInfo ri, boolean isHandshake, boolean flood) throws Data // s is verified, we may now ban the hash if (mismatchMessage != null) { _context.banlist().banlistRouter(h, "IP mismatch", null, - _context.banlist().BANLIST_CODE_HARD, null, + //_context.banlist().BANLIST_CODE_FOREVER, + null, _context.clock().now() + 2*60*60*1000); _msg3p2FailReason = NTCPConnection.REASON_BANNED; throw new DataFormatException(mismatchMessage + ri); diff --git a/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java b/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java index a66186bcb0..f65660b498 100644 --- a/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java +++ b/router/java/src/net/i2p/router/transport/udp/EstablishmentManager.java @@ -2439,7 +2439,7 @@ private long handleInbound() { case IB_STATE_CONFIRMED_COMPLETELY: RouterIdentity remote = inboundState.getConfirmedIdentity(); if (remote != null) { - if (_context.banlist().isBanlistedHard(remote.calculateHash())) { + if (_context.banlist().isBanlistedForever(remote.calculateHash())) { if (_log.shouldLog(Log.WARN)) _log.warn("Dropping inbound connection from permanently banlisted peer: " + remote.calculateHash()); // So next time we will not accept the con, rather than doing the whole handshake diff --git a/router/java/src/net/i2p/router/transport/udp/InboundEstablishState.java b/router/java/src/net/i2p/router/transport/udp/InboundEstablishState.java index e598dc34d9..fd2b5e8325 100644 --- a/router/java/src/net/i2p/router/transport/udp/InboundEstablishState.java +++ b/router/java/src/net/i2p/router/transport/udp/InboundEstablishState.java @@ -399,7 +399,7 @@ public synchronized void receiveSessionConfirmed(UDPPacketReader.SessionConfirme fail(); } Hash h = _receivedUnconfirmedIdentity.calculateHash(); - if (_context.banlist().isBanlistedHard(h)) { + if (_context.banlist().isBanlistedForever(h)) { // validate sig to prevent spoofing if (getConfirmedIdentity() != null) _context.blocklist().add(_aliceIP); diff --git a/router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java b/router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java index 65e3b8fb05..16ef065567 100644 --- a/router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java +++ b/router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java @@ -316,7 +316,7 @@ public void gotRI(RouterInfo ri, boolean isHandshake, boolean flood) throws Data // because we have his ikey and we verified he's the owner of the RI Hash h = _receivedUnconfirmedIdentity.calculateHash(); - boolean isBanned = _context.banlist().isBanlistedHard(h); + boolean isBanned = _context.banlist().isBanlistedForever(h); if (isBanned) { // validate sig to prevent spoofing if (ri.verifySignature()) @@ -331,7 +331,7 @@ public void gotRI(RouterInfo ri, boolean isHandshake, boolean flood) throws Data if (mismatchMessage != null) { _context.banlist().banlistRouter(h, "IP mismatch", null, - _context.banlist().BANLIST_CODE_HARD, + //_context.banlist().BANLIST_CODE_FOREVER, null, _context.clock().now() + 2*60*60*1000); if (ri.verifySignature()) _context.blocklist().add(_aliceIP);