always request through tunnels in case of restricted routes

This commit is contained in:
orignal 2024-02-09 15:24:48 -05:00
parent 592d6ae4f4
commit d96803a290
3 changed files with 18 additions and 10 deletions

View file

@ -730,6 +730,7 @@ namespace data
void NetDb::RequestDestination (const IdentHash& destination, RequestedDestination::RequestComplete requestComplete, bool direct) void NetDb::RequestDestination (const IdentHash& destination, RequestedDestination::RequestComplete requestComplete, bool direct)
{ {
if (direct && i2p::transport::transports.RoutesRestricted ()) direct = false; // always use tunnels for restricted routes
auto dest = m_Requests.CreateRequest (destination, false, direct, requestComplete); // non-exploratory auto dest = m_Requests.CreateRequest (destination, false, direct, requestComplete); // non-exploratory
if (!dest) if (!dest)
{ {

View file

@ -1015,18 +1015,25 @@ namespace transport
} }
} }
void Transports::RestrictRoutesToRouters(std::set<i2p::data::IdentHash> routers) void Transports::RestrictRoutesToRouters(const std::set<i2p::data::IdentHash>& routers)
{ {
std::unique_lock<std::mutex> lock(m_TrustedRoutersMutex); std::lock_guard<std::mutex> lock(m_TrustedRoutersMutex);
m_TrustedRouters.clear(); m_TrustedRouters.clear();
for (const auto & ri : routers ) for (const auto & ri : routers )
m_TrustedRouters.push_back(ri); m_TrustedRouters.push_back(ri);
} }
bool Transports::RoutesRestricted() const { bool Transports::RoutesRestricted() const
std::unique_lock<std::mutex> famlock(m_FamilyMutex); {
std::unique_lock<std::mutex> routerslock(m_TrustedRoutersMutex); {
return m_TrustedFamilies.size() > 0 || m_TrustedRouters.size() > 0; std::lock_guard<std::mutex> routerslock(m_TrustedRoutersMutex);
if (!m_TrustedRouters.empty ()) return true;
}
{
std::lock_guard<std::mutex> famlock(m_FamilyMutex);
if (!m_TrustedFamilies.empty ()) return true;
}
return false;
} }
/** XXX: if routes are not restricted this dies */ /** XXX: if routes are not restricted this dies */
@ -1050,7 +1057,7 @@ namespace transport
return i2p::data::netdb.GetRandomRouterInFamily(fam); return i2p::data::netdb.GetRandomRouterInFamily(fam);
} }
{ {
std::unique_lock<std::mutex> l(m_TrustedRoutersMutex); std::lock_guard<std::mutex> l(m_TrustedRoutersMutex);
auto sz = m_TrustedRouters.size(); auto sz = m_TrustedRouters.size();
if (sz) if (sz)
{ {
@ -1067,12 +1074,12 @@ namespace transport
bool Transports::IsRestrictedPeer(const i2p::data::IdentHash & ih) const bool Transports::IsRestrictedPeer(const i2p::data::IdentHash & ih) const
{ {
{ {
std::unique_lock<std::mutex> l(m_TrustedRoutersMutex); std::lock_guard<std::mutex> l(m_TrustedRoutersMutex);
for (const auto & r : m_TrustedRouters ) for (const auto & r : m_TrustedRouters )
if ( r == ih ) return true; if ( r == ih ) return true;
} }
{ {
std::unique_lock<std::mutex> l(m_FamilyMutex); std::lock_guard<std::mutex> l(m_FamilyMutex);
auto ri = i2p::data::netdb.FindRouter(ih); auto ri = i2p::data::netdb.FindRouter(ih);
for (const auto & fam : m_TrustedFamilies) for (const auto & fam : m_TrustedFamilies)
if(ri->IsFamily(fam)) return true; if(ri->IsFamily(fam)) return true;

View file

@ -165,7 +165,7 @@ namespace transport
/** restrict routes to use only these router families for first hops */ /** restrict routes to use only these router families for first hops */
void RestrictRoutesToFamilies(const std::set<std::string>& families); void RestrictRoutesToFamilies(const std::set<std::string>& families);
/** restrict routes to use only these routers for first hops */ /** restrict routes to use only these routers for first hops */
void RestrictRoutesToRouters(std::set<i2p::data::IdentHash> routers); void RestrictRoutesToRouters(const std::set<i2p::data::IdentHash>& routers);
bool IsRestrictedPeer(const i2p::data::IdentHash & ident) const; bool IsRestrictedPeer(const i2p::data::IdentHash & ident) const;