1 files changed, 80 insertions, 2 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c
index 5232deed..3a1b9cf0 100644
--- a/toxcore/DHT.c
+++ b/toxcore/DHT.c
@@ -1545,8 +1545,12 @@ static void do_NAT(DHT *dht)
 #define HARDREQ_DATA_SIZE 768 /* Attempt to prevent amplification/other attacks*/
-#define CHECK_TYPE_GETNODE_REQ 0
+#define CHECK_TYPE_ROUTE_REQ 0
-#define CHECK_TYPE_GETNODE_RES 1
+#define CHECK_TYPE_ROUTE_RES 1
+#define CHECK_TYPE_GETNODE_REQ 2
+#define CHECK_TYPE_GETNODE_RES 3
+#define CHECK_TYPE_TEST_REQ 4
+#define CHECK_TYPE_TEST_RES 5
 static int send_hardening_req(DHT *dht, Node_format *sendto, uint8_t type, uint8_t *contents, uint16_t length)
 {
@@ -1639,6 +1643,80 @@ static int handle_hardening(void *object, IP_Port source, uint8_t *source_pubkey
    return 1;
 }
+/* Return a random node from all the nodes we are connected to.
+ * TODO: improve this function.
+ */
+Node_format random_node(DHT *dht, sa_family_t sa_family)
+{
+    uint8_t id[CLIENT_ID_SIZE];
+    uint32_t i;
+    for (i = 0; i < CLIENT_ID_SIZE / 4; ++i) { /* populate the id with pseudorandom bytes.*/
+        uint32_t t = rand();
+        memcpy(id + i * sizeof(t), &t, sizeof(t));
+    }
+    Node_format nodes_list[MAX_SENT_NODES];
+    memset(nodes_list, 0, sizeof(nodes_list));
+    int num_nodes = get_close_nodes(dht, id, nodes_list, sa_family, 1);
+    if (num_nodes < 1)
+        return nodes_list[0];
+    else
+        return nodes_list[rand() % num_nodes];
+}
+/* Interval in seconds between checks */
+#define HARDENING_INTERVAL 5
+#define HARDEN_TIMEOUT 500
+void do_hardening(DHT *dht)
+{
+    uint32_t i;
+    for (i = 0; i < LCLIENT_LIST * 2; ++i) {
+        IPPTsPng  *cur_iptspng;
+        sa_family_t sa_family;
+        uint8_t   *client_id = dht->close_clientlist[i / 2].client_id;
+        if (i % 2 == 0) {
+            cur_iptspng = &dht->close_clientlist[i / 2].assoc4;
+            sa_family = AF_INET;
+        } else {
+            cur_iptspng = &dht->close_clientlist[i / 2].assoc6;
+            sa_family = AF_INET6;
+        }
+        if (is_timeout(cur_iptspng->timestamp, BAD_NODE_TIMEOUT))
+            continue;
+        if (cur_iptspng->hardening.send_nodes_ok == 0) {
+            if (is_timeout(cur_iptspng->hardening.send_nodes_timestamp, HARDENING_INTERVAL)) {
+                Node_format rand_node = random_node(dht, sa_family);
+                if (!ipport_isset(&rand_node.ip_port))
+                    continue;
+                Node_format to_test;
+                to_test.ip_port = cur_iptspng->ip_port;
+                memcpy(to_test.client_id, client_id, CLIENT_ID_SIZE);
+                //TODO: The search id should maybe not be ours?
+                if (send_hardening_getnode_req(dht, &rand_node, &to_test, dht->c->self_public_key) != -1) {
+                    memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.client_id, CLIENT_ID_SIZE);
+                    cur_iptspng->hardening.send_nodes_timestamp = unix_time();
+                }
+            }
+        } else {
+            if (is_timeout(cur_iptspng->hardening.send_nodes_timestamp, HARDEN_TIMEOUT)) {
+                cur_iptspng->hardening.send_nodes_ok = 0;
+            }
+        }
+        //TODO: add the 2 other testers.
+    }
+}
 /*----------------------------------------------------------------------------------*/
 DHT *new_DHT(Net_Crypto *c)

diff --git a/toxcore/DHT.c b/toxcore/DHT.c index 5232deed..3a1b9cf0 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c
@@ -1545,8 +1545,12 @@ static void do_NAT(DHT *dht)
1545		1545
1546	#define HARDREQ_DATA_SIZE 768 /* Attempt to prevent amplification/other attacks*/	1546	#define HARDREQ_DATA_SIZE 768 /* Attempt to prevent amplification/other attacks*/
1547		1547
1548	#define CHECK_TYPE_GETNODE_REQ 0	1548	#define CHECK_TYPE_ROUTE_REQ 0
1549	#define CHECK_TYPE_GETNODE_RES 1	1549	#define CHECK_TYPE_ROUTE_RES 1
		1550	#define CHECK_TYPE_GETNODE_REQ 2
		1551	#define CHECK_TYPE_GETNODE_RES 3
		1552	#define CHECK_TYPE_TEST_REQ 4
		1553	#define CHECK_TYPE_TEST_RES 5
1550		1554
1551	static int send_hardening_req(DHT dht, Node_format sendto, uint8_t type, uint8_t *contents, uint16_t length)	1555	static int send_hardening_req(DHT dht, Node_format sendto, uint8_t type, uint8_t *contents, uint16_t length)
1552	{	1556	{
@@ -1639,6 +1643,80 @@ static int handle_hardening(void object, IP_Port source, uint8_t source_pubkey
1639	return 1;	1643	return 1;
1640	}	1644	}
1641		1645
		1646	/* Return a random node from all the nodes we are connected to.
		1647	* TODO: improve this function.
		1648	*/
		1649	Node_format random_node(DHT *dht, sa_family_t sa_family)
		1650	{
		1651	uint8_t id[CLIENT_ID_SIZE];
		1652	uint32_t i;
		1653
		1654	for (i = 0; i < CLIENT_ID_SIZE / 4; ++i) { /* populate the id with pseudorandom bytes.*/
		1655	uint32_t t = rand();
		1656	memcpy(id + i * sizeof(t), &t, sizeof(t));
		1657	}
		1658
		1659	Node_format nodes_list[MAX_SENT_NODES];
		1660	memset(nodes_list, 0, sizeof(nodes_list));
		1661	int num_nodes = get_close_nodes(dht, id, nodes_list, sa_family, 1);
		1662
		1663	if (num_nodes < 1)
		1664	return nodes_list[0];
		1665	else
		1666	return nodes_list[rand() % num_nodes];
		1667	}
		1668
		1669	/* Interval in seconds between checks */
		1670	#define HARDENING_INTERVAL 5
		1671	#define HARDEN_TIMEOUT 500
		1672
		1673	void do_hardening(DHT *dht)
		1674	{
		1675	uint32_t i;
		1676
		1677	for (i = 0; i < LCLIENT_LIST * 2; ++i) {
		1678	IPPTsPng *cur_iptspng;
		1679	sa_family_t sa_family;
		1680	uint8_t *client_id = dht->close_clientlist[i / 2].client_id;
		1681
		1682	if (i % 2 == 0) {
		1683	cur_iptspng = &dht->close_clientlist[i / 2].assoc4;
		1684	sa_family = AF_INET;
		1685	} else {
		1686	cur_iptspng = &dht->close_clientlist[i / 2].assoc6;
		1687	sa_family = AF_INET6;
		1688	}
		1689
		1690	if (is_timeout(cur_iptspng->timestamp, BAD_NODE_TIMEOUT))
		1691	continue;
		1692
		1693	if (cur_iptspng->hardening.send_nodes_ok == 0) {
		1694	if (is_timeout(cur_iptspng->hardening.send_nodes_timestamp, HARDENING_INTERVAL)) {
		1695	Node_format rand_node = random_node(dht, sa_family);
		1696
		1697	if (!ipport_isset(&rand_node.ip_port))
		1698	continue;
		1699
		1700	Node_format to_test;
		1701	to_test.ip_port = cur_iptspng->ip_port;
		1702	memcpy(to_test.client_id, client_id, CLIENT_ID_SIZE);
		1703
		1704	//TODO: The search id should maybe not be ours?
		1705	if (send_hardening_getnode_req(dht, &rand_node, &to_test, dht->c->self_public_key) != -1) {
		1706	memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.client_id, CLIENT_ID_SIZE);
		1707	cur_iptspng->hardening.send_nodes_timestamp = unix_time();
		1708	}
		1709	}
		1710	} else {
		1711	if (is_timeout(cur_iptspng->hardening.send_nodes_timestamp, HARDEN_TIMEOUT)) {
		1712	cur_iptspng->hardening.send_nodes_ok = 0;
		1713	}
		1714	}
		1715
		1716	//TODO: add the 2 other testers.
		1717	}
		1718	}
		1719
1642	/----------------------------------------------------------------------------------/	1720	/----------------------------------------------------------------------------------/
1643		1721
1644	DHT new_DHT(Net_Crypto c)	1722	DHT new_DHT(Net_Crypto c)