Don't send private ip addresses on pex
This commit is contained in:
shortcutme
parent
a6f86329c5
commit
c2edbb30b5
5 changed files with 28 additions and 5 deletions
|
|
@ -292,7 +292,7 @@ class FileRequest(object):
|
|||
added += 1
|
||||
|
||||
# Send back peers that is not in the sent list and connectable (not port 0)
|
||||
packed_peers = helper.packPeers(site.getConnectablePeers(params["need"], got_peer_keys))
|
||||
packed_peers = helper.packPeers(site.getConnectablePeers(params["need"], got_peer_keys, allow_private=False))
|
||||
|
||||
if added:
|
||||
site.worker_manager.onPeers()
|
||||
|
|
|
|||
|
|
@ -71,6 +71,7 @@ class Peer(object):
|
|||
self.log("Getting connection...")
|
||||
|
||||
if connection: # Connection specified
|
||||
self.log("Assigning connection %s" % connection)
|
||||
self.connection = connection
|
||||
self.connection.sites += 1
|
||||
else: # Try to find from connection pool or create new connection
|
||||
|
|
@ -242,7 +243,7 @@ class Peer(object):
|
|||
site = self.site # If no site defined request peers for this site
|
||||
|
||||
# give back 5 connectible peers
|
||||
packed_peers = helper.packPeers(self.site.getConnectablePeers(5))
|
||||
packed_peers = helper.packPeers(self.site.getConnectablePeers(5, allow_private=False))
|
||||
request = {"site": site.address, "peers": packed_peers["ip4"], "need": need_num}
|
||||
if packed_peers["onion"]:
|
||||
request["peers_onion"] = packed_peers["onion"]
|
||||
|
|
|
|||
|
|
@ -996,7 +996,7 @@ class Site(object):
|
|||
return connected
|
||||
|
||||
# Return: Probably peers verified to be connectable recently
|
||||
def getConnectablePeers(self, need_num=5, ignore=[]):
|
||||
def getConnectablePeers(self, need_num=5, ignore=[], allow_private=True):
|
||||
peers = self.peers.values()
|
||||
found = []
|
||||
for peer in peers:
|
||||
|
|
@ -1009,12 +1009,19 @@ class Site(object):
|
|||
if time.time() - peer.connection.last_recv_time > 60 * 60 * 2: # Last message more than 2 hours ago
|
||||
peer.connection = None # Cleanup: Dead connection
|
||||
continue
|
||||
if not allow_private and helper.isPrivateIp(peer.ip):
|
||||
continue
|
||||
found.append(peer)
|
||||
if len(found) >= need_num:
|
||||
break # Found requested number of peers
|
||||
|
||||
if len(found) < need_num: # Return not that good peers
|
||||
found = [peer for peer in peers if not peer.key.endswith(":0") and peer.key not in ignore][0:need_num - len(found)]
|
||||
found = [
|
||||
peer for peer in peers
|
||||
if not peer.key.endswith(":0") and
|
||||
peer.key not in ignore and
|
||||
(allow_private or not helper.isPrivateIp(peer.ip))
|
||||
][0:need_num - len(found)]
|
||||
|
||||
return found
|
||||
|
||||
|
|
|
|||
|
|
@ -103,5 +103,16 @@ class TestFileRequest:
|
|||
assert peer_file_server.pex()
|
||||
assert "1.2.3.4:11337" in site_temp.peers
|
||||
|
||||
# Should not exchange private peers from local network
|
||||
fake_peer_private = site.addPeer("192.168.0.1", 11337, return_peer=True)
|
||||
assert fake_peer_private not in site.getConnectablePeers(allow_private=False)
|
||||
fake_peer_private.connection = Connection(file_server, "192.168.0.1", 11337)
|
||||
fake_peer_private.connection.last_recv_time = time.time()
|
||||
|
||||
assert "192.168.0.1:11337" not in site_temp.peers
|
||||
assert not peer_file_server.pex()
|
||||
assert "192.168.0.1:11337" not in site_temp.peers
|
||||
|
||||
|
||||
connection.close()
|
||||
client.stop()
|
||||
|
|
|
|||
|
|
@ -216,4 +216,8 @@ def avg(items):
|
|||
if len(items) > 0:
|
||||
return sum(items) / len(items)
|
||||
else:
|
||||
return 0
|
||||
return 0
|
||||
|
||||
local_ip_pattern = re.compile(r"^(127\.)|(192\.168\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(::1$)|([fF][cCdD])")
|
||||
def isPrivateIp(ip):
|
||||
return local_ip_pattern.match(ip)
|
||||
|
|
|
|||
Loading…
Reference in a new issue