cwtch.im
/
cwtch
16
20
Fork 15
Code Issues 10 Pull Requests 1 Releases 163 Wiki Activity

Merge pull request 'Correctly Handle Messages from Unknown Peers' (#332) from first_contact into master
the build was successful Details 

Reviewed-on: #332

discussion was had about permissions, tracking unknowns, and querying vals of unknowns and changes were made to protect getVal requests, and since the meaning of isApproved is changing to rename isAllowed.

this is to smooth the introduction process of new peers, following a twitter DM style. Protection is still afforded for anyone with BlockUnknownPeers enabled.

Previously described schemes in the 2020 Feb doc on getVal and new peer experience around this that still haven’t been implemented are further shelved for now
This commit is contained in:
Dan Ballard 2020-11-12 14:08:10 -08:00
parent c414a518d6 62866da84c
commit c79b083bbc
3 changed files with 27 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
peer/cwtch_peer.go
View File

@ -573,6 +573,9 @@ func (cp *cwtchPeer) Shutdown() {
} }
func (cp *cwtchPeer) StoreMessage(onion string, messageTxt string, sent time.Time) { func (cp *cwtchPeer) StoreMessage(onion string, messageTxt string, sent time.Time) {
if cp.GetContact(onion) == nil {
cp.AddContact(onion, onion, model.AuthUnknown)
}
cp.mutex.Lock() cp.mutex.Lock()
cp.Profile.AddMessageToContactTimeline(onion, messageTxt, sent) cp.Profile.AddMessageToContactTimeline(onion, messageTxt, sent)
cp.mutex.Unlock() cp.mutex.Unlock()
@ -620,18 +623,21 @@ func (cp *cwtchPeer) eventHandler() {
log.Debugf("NewGetValMessageFromPeer for %v%v from %v\n", scope, path, onion) log.Debugf("NewGetValMessageFromPeer for %v%v from %v\n", scope, path, onion)
if scope == attr.PublicScope { remotePeer := cp.GetContact(onion)
val, exists := cp.GetAttribute(attr.GetPublicScope(path)) if remotePeer != nil && remotePeer.Authorization == model.AuthApproved {
resp := event.NewEvent(event.SendRetValMessageToPeer, map[event.Field]string{event.RemotePeer: onion, event.Exists: strconv.FormatBool(exists)}) if scope == attr.PublicScope {
resp.EventID = ev.EventID val, exists := cp.GetAttribute(attr.GetPublicScope(path))
if exists { resp := event.NewEvent(event.SendRetValMessageToPeer, map[event.Field]string{event.RemotePeer: onion, event.Exists: strconv.FormatBool(exists)})
resp.Data[event.Data] = val resp.EventID = ev.EventID
} else { if exists {
resp.Data[event.Data] = "" resp.Data[event.Data] = val
} } else {
log.Debugf("Responding with SendRetValMessageToPeer exists:%v data: %v\n", exists, val) resp.Data[event.Data] = ""
}
log.Debugf("Responding with SendRetValMessageToPeer exists:%v data: %v\n", exists, val)
cp.eventBus.Publish(resp) cp.eventBus.Publish(resp)
}
} }
/***** Non default but requestable handlable events *****/ /***** Non default but requestable handlable events *****/

10
protocol/connections/engine.go
View File

@ -195,18 +195,22 @@ func (e *engine) isBlocked(onion string) bool {
return authorization.(model.Authorization) == model.AuthBlocked return authorization.(model.Authorization) == model.AuthBlocked
} }
func (e *engine) isApproved(onion string) bool { func (e *engine) isAllowed(onion string) bool {
authorization, known := e.authorizations.Load(onion) authorization, known := e.authorizations.Load(onion)
if !known { if !known {
log.Errorf("attempted to lookup authorization of onion not in map...that should never happen")
return false return false
} }
return authorization.(model.Authorization) == model.AuthApproved if e.blockUnknownContacts {
return authorization.(model.Authorization) == model.AuthApproved
}
return authorization.(model.Authorization) != model.AuthBlocked
} }
func (e *engine) createPeerTemplate() *PeerApp { func (e *engine) createPeerTemplate() *PeerApp {
peerAppTemplate := new(PeerApp) peerAppTemplate := new(PeerApp)
peerAppTemplate.IsBlocked = e.isBlocked peerAppTemplate.IsBlocked = e.isBlocked
peerAppTemplate.IsApproved = e.isApproved peerAppTemplate.IsAllowed = e.isAllowed
peerAppTemplate.MessageHandler = e.handlePeerMessage peerAppTemplate.MessageHandler = e.handlePeerMessage
peerAppTemplate.OnAcknowledgement = e.ignoreOnShutdown2(e.peerAck) peerAppTemplate.OnAcknowledgement = e.ignoreOnShutdown2(e.peerAck)
peerAppTemplate.OnAuth = e.ignoreOnShutdown(e.peerAuthed) peerAppTemplate.OnAuth = e.ignoreOnShutdown(e.peerAuthed)

6
protocol/connections/peerapp.go
View File

@ -18,7 +18,7 @@ type PeerApp struct {
MessageHandler func(string, string, string, []byte) MessageHandler func(string, string, string, []byte)
RetValHandler func(string, []byte, []byte) RetValHandler func(string, []byte, []byte)
IsBlocked func(string) bool IsBlocked func(string) bool
IsApproved func(string) bool IsAllowed func(string) bool
OnAcknowledgement func(string, string) OnAcknowledgement func(string, string)
OnAuth func(string) OnAuth func(string)
OnClose func(string) OnClose func(string)
@ -48,7 +48,7 @@ func (pa *PeerApp) NewInstance() tapir.Application {
newApp := new(PeerApp) newApp := new(PeerApp)
newApp.MessageHandler = pa.MessageHandler newApp.MessageHandler = pa.MessageHandler
newApp.IsBlocked = pa.IsBlocked newApp.IsBlocked = pa.IsBlocked
newApp.IsApproved = pa.IsApproved newApp.IsAllowed = pa.IsAllowed
newApp.OnAcknowledgement = pa.OnAcknowledgement newApp.OnAcknowledgement = pa.OnAcknowledgement
newApp.OnAuth = pa.OnAuth newApp.OnAuth = pa.OnAuth
newApp.OnClose = pa.OnClose newApp.OnClose = pa.OnClose
@ -101,7 +101,7 @@ func (pa *PeerApp) listen() {
pa.getValRequests.Delete(peerMessage.ID) pa.getValRequests.Delete(peerMessage.ID)
} }
default: default:
if pa.IsApproved(pa.connection.Hostname()) { if pa.IsAllowed(pa.connection.Hostname()) {
pa.MessageHandler(pa.connection.Hostname(), peerMessage.ID, peerMessage.Context, peerMessage.Data) pa.MessageHandler(pa.connection.Hostname(), peerMessage.ID, peerMessage.Context, peerMessage.Data)
// Acknowledge the message // Acknowledge the message