From 2aa71205d47f122c5382e1847b48d3c6a03c1268 Mon Sep 17 00:00:00 2001
From: Miguel Freitas <miguel@pitanga.cpti.cetuc.puc-rio.br>
Date: Thu, 8 Aug 2013 13:55:45 -0300
Subject: [PATCH] possiblyNeighbor is authoritative for false, so we may trust
 it to NOT store putData value. someone might be trying to attack this
 resource by storing value into non-final nodes.

---
 libtorrent/src/kademlia/node.cpp | 28 +++++++++++++++++++++++-----
 src/twister.cpp                  |  2 +-
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/libtorrent/src/kademlia/node.cpp b/libtorrent/src/kademlia/node.cpp
index de8235a0..237803a9 100644
--- a/libtorrent/src/kademlia/node.cpp
+++ b/libtorrent/src/kademlia/node.cpp
@@ -1250,6 +1250,29 @@ void node_impl::incoming_request(msg const& m, entry& e)
 			return;
 		}
 
+		m_table.node_seen(id, m.addr, 0xffff);
+		//f->last_seen = time_now();
+
+		// check distance between target, nodes and our own id
+		// n is sorted from closer(begin) to more distant (end)
+		nodes_t n;
+		m_table.find_node(target, n, 0);
+		bool possiblyNeighbor = false;
+		if( n.size() < m_table.bucket_size() ) {
+			possiblyNeighbor = true;
+		} else {
+			node_id dFarther = distance(n.back().id, target);
+			node_id dOwn     = distance(nid(), target);
+			if( dOwn < dFarther )
+				possiblyNeighbor = true;
+		}
+		// possiblyNeighbor is authoritative for false, so we may
+		// trust it to NOT store this value. someone might be trying to
+		// attack this resource by storing value into non-final nodes.
+		if( !possiblyNeighbor ) {
+			printf("putData with possiblyNeighbor=false, ignoring request.\n");
+		}
+
 		dht_storage_item item(str_p, msg_keys[mk_sig_p], msg_keys[mk_sig_user]);
 		dht_storage_table_t::iterator i = m_storage_table.find(target);
 		if (i == m_storage_table.end()) {
@@ -1299,12 +1322,7 @@ void node_impl::incoming_request(msg const& m, entry& e)
 				// new entry
 				lsto.push_back(item);
 			}
-
 		}
-
-		m_table.node_seen(id, m.addr, 0xffff);
-
-		//f->last_seen = time_now();
 	}
 	else if (strcmp(query, "getData") == 0)
 	{
diff --git a/src/twister.cpp b/src/twister.cpp
index 9bfd2176..1bc24c94 100644
--- a/src/twister.cpp
+++ b/src/twister.cpp
@@ -306,7 +306,7 @@ void ThreadSessionAlerts()
                 dht_reply_data_done_alert const* dd = alert_cast<dht_reply_data_done_alert>(*i);
                 if (dd)
                 {
-                    printf("get_data_gone [%s,%s,%s] is_neighbor=%d got_data=%d\n",
+                    printf("get_data_done [%s,%s,%s] is_neighbor=%d got_data=%d\n",
                            dd->m_username.c_str(), dd->m_resource.c_str(), dd->m_multi ? "m" : "s",
                            dd->m_is_neighbor, dd->m_got_data);