From 044ec403506014f769311ce78ec46c0ec52a1181 Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Mon, 26 Aug 2019 01:13:12 -0400 Subject: [PATCH] Allow up to 2 onion addresses to bypass BGP checks --- src/datastore.rs | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/src/datastore.rs b/src/datastore.rs index c00bc01..b4982b3 100644 --- a/src/datastore.rs +++ b/src/datastore.rs @@ -1,7 +1,7 @@ use std::{cmp, mem}; use std::collections::{HashSet, HashMap, hash_map}; use std::sync::{Arc, RwLock}; -use std::net::{IpAddr, SocketAddr}; +use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr}; use std::time::{Duration, Instant}; use std::io::{BufRead, BufReader}; @@ -446,16 +446,23 @@ impl Store { { let mut rng = thread_rng(); for i in &[1u64, 4, 5, 8, 9, 12, 13, 1024, 1025, 1028, 1029, 1032, 1033, 1036, 1037] { - let mut v6_set: Vec = Vec::new(); - let mut v4_set: Vec = Vec::new(); + let mut v6_set: Vec = Vec::new(); + let mut v4_set: Vec = Vec::new(); + macro_rules! add_addr { ($addr: expr) => { + match $addr.ip() { + IpAddr::V4(v4addr) => v4_set.push(v4addr), + IpAddr::V6(v6addr) => v6_set.push(v6addr), + } + } } { let nodes = self.nodes.read().unwrap(); if i.count_ones() == 1 { for j in 0..64 { if i & (1 << j) != 0 { let set_ref = &nodes.good_node_services[j]; - v4_set = set_ref.iter().filter(|e| e.is_ipv4() && e.port() == 8333).map(|e| e.ip()).collect(); - v6_set = set_ref.iter().filter(|e| e.is_ipv6() && e.port() == 8333).map(|e| e.ip()).collect(); + for a in set_ref.iter().filter(|e| e.port() == 8333) { + add_addr!(a); + } break; } } @@ -472,10 +479,9 @@ impl Store { } } } - v4_set = first_set.unwrap().intersection(&second_set.unwrap()) - .filter(|e| e.is_ipv4() && e.port() == 8333).map(|e| e.ip()).collect(); - v6_set = first_set.unwrap().intersection(&second_set.unwrap()) - .filter(|e| e.is_ipv6() && e.port() == 8333).map(|e| e.ip()).collect(); + for a in first_set.unwrap().intersection(&second_set.unwrap()).filter(|e| e.port() == 8333) { + add_addr!(a); + } } else { //TODO: Could optimize this one a bit let mut intersection; @@ -492,20 +498,27 @@ impl Store { } } } - v4_set = intersection_set_ref.unwrap().iter() - .filter(|e| e.is_ipv4() && e.port() == 8333).map(|e| e.ip()).collect(); - v6_set = intersection_set_ref.unwrap().iter() - .filter(|e| e.is_ipv6() && e.port() == 8333).map(|e| e.ip()).collect(); + for a in intersection_set_ref.unwrap().iter().filter(|e| e.port() == 8333) { + add_addr!(a); + } } } let mut asn_set = HashSet::with_capacity(cmp::max(v4_set.len(), v6_set.len())); asn_set.insert(0); - for a in v4_set.iter().filter(|a| asn_set.insert(bgp_client.get_asn(**a))).choose_multiple(&mut rng, 21) { + for a in v4_set.iter().filter(|a| asn_set.insert(bgp_client.get_asn(IpAddr::V4(**a)))).choose_multiple(&mut rng, 21) { dns_buff += &format!("x{:x}.dnsseed\tIN\tA\t{}\n", i, a); } asn_set.clear(); asn_set.insert(0); - for a in v6_set.iter().filter(|a| asn_set.insert(bgp_client.get_asn(**a))).choose_multiple(&mut rng, 12) { + let mut tor_count = 0; + for a in v6_set.iter().filter(|a| { + if a.octets()[..6] != [0xFD,0x87,0xD8,0x7E,0xEB,0x43][..] { + asn_set.insert(bgp_client.get_asn(IpAddr::V6(**a))) + } else { + tor_count += 1; + tor_count <= 2 + } + }).choose_multiple(&mut rng, 12) { dns_buff += &format!("x{:x}.dnsseed\tIN\tAAAA\t{}\n", i, a); } } -- 2.30.2