/**
* @returns true if the address is inside one of the local networks
*/
gboolean
host_is_nearby(const host_addr_t addr)
{
guint i;
if (host_addr_is_ipv4(addr)) {
for (i = 0; i < number_local_networks; i++) {
guint32 m_mask = local_networks[i].mask;
guint32 m_ip = local_networks[i].net;
if ((host_addr_ipv4(addr) & m_mask) == (m_ip & m_mask))
return TRUE;
}
} else if (host_addr_is_ipv6(addr)) {
/* XXX: Implement this! */
}
return FALSE;
}
/**
* Generate GUID for a query with OOB results delivery.
* If `initial' is false, this is a requery.
*
* Bytes 0 to 3 if the GUID are the 4 octet bytes of the IP address.
* Bytes 13 and 14 are the little endian representation of the port.
* Byte 15 holds an HEC with bit 0 indicating a requery.
*/
void
guid_query_oob_muid(struct guid *muid, const host_addr_t addr, uint16 port,
bool initial)
{
uint32 ip;
g_assert(host_addr_is_ipv4(addr));
guid_random_fill(muid);
ip = host_addr_ipv4(addr);
poke_be32(&muid->v[0], ip);
poke_le16(&muid->v[13], port);
guid_flag_oob_gtkg(muid); /* Mark as being from GTKG */
if (initial)
muid->v[15] &= ~GUID_REQUERY;
else
muid->v[15] |= GUID_REQUERY;
}
/**
* Add file to the current query hit.
*
* @return TRUE if we kept the file, FALSE if we did not include it in the hit.
*/
static bool
g2_build_qh2_add(struct g2_qh2_builder *ctx, const shared_file_t *sf)
{
const sha1_t *sha1;
g2_tree_t *h, *c;
shared_file_check(sf);
/*
* Make sure the file is still in the library.
*/
if (0 == shared_file_index(sf))
return FALSE;
/*
* On G2, the H/URN child is required, meaning we need the SHA1 at least.
*/
if (!sha1_hash_available(sf))
return FALSE;
/*
* Do not send duplicates, as determined by the SHA1 of the resource.
*
* A user may share several files with different names but the same SHA1,
* and if all of them are hits, we only want to send one instance.
*
* When generating hits for host-browsing, we do not care about duplicates
* and ctx->hs is NULL then.
*/
sha1 = shared_file_sha1(sf); /* This is an atom */
if (ctx->hs != NULL) {
if (hset_contains(ctx->hs, sha1))
return FALSE;
hset_insert(ctx->hs, sha1);
}
/*
* Create the "H" child and attach it to the current tree.
*/
if (NULL == ctx->t)
g2_build_qh2_start(ctx);
h = g2_tree_alloc_empty("H");
g2_tree_add_child(ctx->t, h);
/*
* URN -- Universal Resource Name
*
* If there is a known TTH, then we can generate a bitprint, otherwise
* we just convey the SHA1.
*/
{
const tth_t * const tth = shared_file_tth(sf);
char payload[SHA1_RAW_SIZE + TTH_RAW_SIZE + sizeof G2_URN_BITPRINT];
char *p = payload;
if (NULL == tth) {
p = mempcpy(p, G2_URN_SHA1, sizeof G2_URN_SHA1);
p += clamp_memcpy(p, sizeof payload - ptr_diff(p, payload),
sha1, SHA1_RAW_SIZE);
} else {
p = mempcpy(p, G2_URN_BITPRINT, sizeof G2_URN_BITPRINT);
p += clamp_memcpy(p, sizeof payload - ptr_diff(p, payload),
sha1, SHA1_RAW_SIZE);
p += clamp_memcpy(p, sizeof payload - ptr_diff(p, payload),
tth, TTH_RAW_SIZE);
}
g_assert(ptr_diff(p, payload) <= sizeof payload);
c = g2_tree_alloc_copy("URN", payload, ptr_diff(p, payload));
g2_tree_add_child(h, c);
}
/*
* URL -- empty to indicate that we share the file via uri-res.
*/
if (ctx->flags & QHIT_F_G2_URL) {
uint known;
uint16 csc;
c = g2_tree_alloc_empty("URL");
g2_tree_add_child(h, c);
/*
* CSC -- if we know alternate sources, indicate how many in "CSC".
*
* This child is only emitted when they requested "URL".
*/
known = dmesh_count(sha1);
csc = MIN(known, MAX_INT_VAL(uint16));
if (csc != 0) {
char payload[2];
poke_le16(payload, csc);
c = g2_tree_alloc_copy("CSC", payload, sizeof payload);
g2_tree_add_child(h, c);
}
/*
* PART -- if we only have a partial file, indicate how much we have.
*
* This child is only emitted when they requested "URL".
*/
if (shared_file_is_partial(sf) && !shared_file_is_finished(sf)) {
filesize_t available = shared_file_available(sf);
char payload[8]; /* If we have to encode file size as 64-bit */
uint32 av32;
time_t mtime = shared_file_modification_time(sf);
c = g2_tree_alloc_empty("PART");
g2_tree_add_child(h, c);
av32 = available;
if (av32 == available) {
/* Fits within a 32-bit quantity */
poke_le32(payload, av32);
g2_tree_set_payload(c, payload, sizeof av32, TRUE);
} else {
/* Encode as a 64-bit quantity then */
poke_le64(payload, available);
g2_tree_set_payload(c, payload, sizeof payload, TRUE);
}
/*
* GTKG extension: encode the last modification time of the
* partial file in an "MT" child. This lets the other party
* determine whether the host is still able to actively complete
* the file.
*/
poke_le32(payload, (uint32) mtime);
g2_tree_add_child(c,
g2_tree_alloc_copy("MT", payload, sizeof(uint32)));
}
/*
* CT -- creation time of the resource (GTKG extension).
*/
{
time_t create_time = shared_file_creation_time(sf);
if ((time_t) -1 != create_time) {
char payload[8];
int n;
create_time = MAX(0, create_time);
n = vlint_encode(create_time, payload);
g2_tree_add_child(h,
g2_tree_alloc_copy("CT", payload, n)); /* No trailing 0s */
}
}
}
/*
* DN -- distinguished name.
*
* Note that the presence of DN also governs the presence of SZ if the
* file length does not fit a 32-bit unsigned quantity.
*/
if (ctx->flags & QHIT_F_G2_DN) {
char payload[8]; /* If we have to encode file size as 64-bit */
uint32 fs32;
filesize_t fs = shared_file_size(sf);
const char *name;
const char *rp;
c = g2_tree_alloc_empty("DN");
fs32 = fs;
if (fs32 == fs) {
/* Fits within a 32-bit quantity */
poke_le32(payload, fs32);
g2_tree_set_payload(c, payload, sizeof fs32, TRUE);
} else {
/* Does not fit a 32-bit quantity, emit a SZ child */
poke_le64(payload, fs);
g2_tree_add_child(h,
g2_tree_alloc_copy("SZ", payload, sizeof payload));
}
name = shared_file_name_nfc(sf);
g2_tree_append_payload(c, name, shared_file_name_nfc_len(sf));
g2_tree_add_child(h, c);
/*
* GTKG extension: if there is a file path, expose it as a "P" child
* under the DN node.
*/
rp = shared_file_relative_path(sf);
if (rp != NULL) {
g2_tree_add_child(c, g2_tree_alloc_copy("P", rp, strlen(rp)));
}
}
/*
* GTKG extension: if they requested alt-locs in the /Q2/I with "A", then
* send them some known alt-locs in an "ALT" child.
*
* Note that these alt-locs can be for Gnutella hosts: since both Gnutella
* and G2 share a common HTTP-based file transfer mechanism with compatible
* extra headers, there is no need to handle them separately.
*/
if (ctx->flags & QHIT_F_G2_ALT) {
gnet_host_t hvec[G2_BUILD_QH2_MAX_ALT];
int hcnt = 0;
hcnt = dmesh_fill_alternate(sha1, hvec, N_ITEMS(hvec));
if (hcnt > 0) {
int i;
c = g2_tree_alloc_empty("ALT");
for (i = 0; i < hcnt; i++) {
host_addr_t addr;
uint16 port;
addr = gnet_host_get_addr(&hvec[i]);
port = gnet_host_get_port(&hvec[i]);
if (host_addr_is_ipv4(addr)) {
char payload[6];
host_ip_port_poke(payload, addr, port, NULL);
g2_tree_append_payload(c, payload, sizeof payload);
}
}
/*
* If the payload is still empty, then drop the "ALT" child.
* Otherwise, attach it to the "H" node.
*/
if (NULL == g2_tree_node_payload(c, NULL)) {
g2_tree_free_null(&c);
} else {
g2_tree_add_child(h, c);
}
}
}
/*
* Update the size of the query hit we're generating.
*/
ctx->current_size += g2_frame_serialize(h, NULL, 0);
return TRUE;
}
/**
* Loads the whitelist into memory.
*/
static void G_COLD
whitelist_retrieve(void)
{
char line[1024];
FILE *f;
filestat_t st;
unsigned linenum = 0;
file_path_t fp[1];
whitelist_generation++;
file_path_set(fp, settings_config_dir(), whitelist_file);
f = file_config_open_read_norename("Host Whitelist", fp, N_ITEMS(fp));
if (!f)
return;
if (fstat(fileno(f), &st)) {
g_warning("%s(): fstat() failed: %m", G_STRFUNC);
fclose(f);
return;
}
while (fgets(line, sizeof line, f)) {
pslist_t *sl_addr, *sl;
const char *endptr, *start;
host_addr_t addr;
uint16 port;
uint8 bits;
bool item_ok;
bool use_tls;
char *hname;
linenum++;
if (!file_line_chomp_tail(line, sizeof line, NULL)) {
g_warning("%s(): line %u too long, aborting", G_STRFUNC, linenum);
break;
}
if (file_line_is_skipable(line))
continue;
sl_addr = NULL;
addr = zero_host_addr;
endptr = NULL;
hname = NULL;
endptr = is_strprefix(line, "tls:");
if (endptr) {
use_tls = TRUE;
start = endptr;
} else {
use_tls = FALSE;
start = line;
}
port = 0;
if (string_to_host_addr_port(start, &endptr, &addr, &port)) {
sl_addr = name_to_host_addr(host_addr_to_string(addr),
settings_dns_net());
} else if (string_to_host_or_addr(start, &endptr, &addr)) {
uchar c = *endptr;
switch (c) {
case '\0':
case ':':
case '/':
break;
default:
if (!is_ascii_space(c))
endptr = NULL;
}
if (!endptr) {
g_warning("%s(): line %d: "
"expected a hostname or IP address \"%s\"",
G_STRFUNC, linenum, line);
continue;
}
/* Terminate the string for name_to_host_addr() */
hname = h_strndup(start, endptr - start);
} else {
g_warning("%s(): line %d: expected hostname or IP address \"%s\"",
G_STRFUNC, linenum, line);
continue;
}
g_assert(sl_addr != NULL || hname != NULL);
g_assert(NULL != endptr);
bits = 0;
item_ok = TRUE;
/*
* When an explicit address is given (no hostname) and with no
* port, one can suffix the address with bits to indicate a CIDR
* range of whitelisted addresses.
*/
if (0 == port) {
/* Ignore trailing items separated by a space */
while ('\0' != *endptr && !is_ascii_space(*endptr)) {
uchar c = *endptr++;
if (':' == c) {
int error;
uint32 v;
if (0 != port) {
g_warning("%s(): line %d: multiple colons after host",
G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
v = parse_uint32(endptr, &endptr, 10, &error);
port = (error || v > 0xffff) ? 0 : v;
if (0 == port) {
g_warning("%s(): line %d: "
"invalid port value after host",
G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
} else if ('/' == c) {
const char *ep;
uint32 mask;
if (0 != bits) {
g_warning("%s(): line %d: "
"multiple slashes after host", G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
if (string_to_ip_strict(endptr, &mask, &ep)) {
if (!host_addr_is_ipv4(addr)) {
g_warning("%s(): line %d: "
"IPv4 netmask after non-IPv4 address",
G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
endptr = ep;
if (0 == (bits = netmask_to_cidr(mask))) {
g_warning("%s(): line %d: "
"IPv4 netmask after non-IPv4 address",
G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
} else {
int error;
uint32 v;
v = parse_uint32(endptr, &endptr, 10, &error);
if (
error ||
0 == v ||
(v > 32 && host_addr_is_ipv4(addr)) ||
(v > 128 && host_addr_is_ipv6(addr))
) {
g_warning("%s(): line %d: "
"invalid numeric netmask after host",
G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
bits = v;
}
} else {
g_warning("%s(): line %d: "
"unexpected character after host", G_STRFUNC, linenum);
item_ok = FALSE;
break;
}
}
}
if (item_ok) {
struct whitelist *item;
if (hname) {
item = whitelist_hostname_create(use_tls, hname, port);
whitelist_dns_resolve(item, FALSE);
} else {
PSLIST_FOREACH(sl_addr, sl) {
host_addr_t *aptr = sl->data;
g_assert(aptr != NULL);
item = whitelist_addr_create(use_tls, *aptr, port, bits);
whitelist_add(item);
}
}
} else {
