From b59f3749a16087f48582ddaf8d06ea5565f6945e Mon Sep 17 00:00:00 2001
From: Miguel Freitas <miguel@pitanga.cpti.cetuc.puc-rio.br>
Date: Mon, 29 Jul 2013 15:46:59 -0300
Subject: [PATCH] enforce ID x external IP verification

---
 libtorrent/src/kademlia/node.cpp        |  5 ++-
 libtorrent/src/kademlia/rpc_manager.cpp | 48 +++++++++++++------------
 2 files changed, 30 insertions(+), 23 deletions(-)

diff --git a/libtorrent/src/kademlia/node.cpp b/libtorrent/src/kademlia/node.cpp
index 5e117652..e1d33a9b 100644
--- a/libtorrent/src/kademlia/node.cpp
+++ b/libtorrent/src/kademlia/node.cpp
@@ -633,8 +633,11 @@ void node_impl::incoming_request(msg const& m, entry& e)
 
 	// if this nodes ID doesn't match its IP, tell it what
 	// its IP is
-	if (!verify_id(id, m.addr.address()))
+	if (!verify_id(id, m.addr.address())) {
 		reply["ip"] = address_to_bytes(m.addr.address());
+		//[MF] enforce ID verification.
+		return;
+	}
 
 	if (strcmp(query, "ping") == 0)
 	{
diff --git a/libtorrent/src/kademlia/rpc_manager.cpp b/libtorrent/src/kademlia/rpc_manager.cpp
index 66132217..a1d32855 100644
--- a/libtorrent/src/kademlia/rpc_manager.cpp
+++ b/libtorrent/src/kademlia/rpc_manager.cpp
@@ -312,6 +312,32 @@ bool rpc_manager::incoming(msg const& m, node_id* id)
 		return false;
 	}
 
+	lazy_entry const* ext_ip = ret_ent->dict_find_string("ip");
+	if (ext_ip && ext_ip->string_length() == 4)
+	{
+		// this node claims we use the wrong node-ID!
+		address_v4::bytes_type b;
+		memcpy(&b[0], ext_ip->string_ptr(), 4);
+		if (m_observer)
+			m_observer->set_external_address(address_v4(b)
+				, m.addr.address());
+		// [MF] enforced: no valid response is sent along with "ip".
+		return false;
+	}
+#if TORRENT_USE_IPV6
+	else if (ext_ip && ext_ip->string_length() == 16)
+	{
+		// this node claims we use the wrong node-ID!
+		address_v6::bytes_type b;
+		memcpy(&b[0], ext_ip->string_ptr(), 16);
+		if (m_observer)
+			m_observer->set_external_address(address_v6(b)
+				, m.addr.address());
+		// [MF] enforced: no valid response is sent along with "ip".
+		return false;
+	}
+#endif
+
 	ptime now = time_now_hires();
 
 #ifdef TORRENT_DHT_VERBOSE_LOGGING
@@ -338,28 +364,6 @@ bool rpc_manager::incoming(msg const& m, node_id* id)
 		return false;
 	}
 
-	lazy_entry const* ext_ip = ret_ent->dict_find_string("ip");
-	if (ext_ip && ext_ip->string_length() == 4)
-	{
-		// this node claims we use the wrong node-ID!
-		address_v4::bytes_type b;
-		memcpy(&b[0], ext_ip->string_ptr(), 4);
-		if (m_observer)
-			m_observer->set_external_address(address_v4(b)
-				, m.addr.address());
-	}
-#if TORRENT_USE_IPV6
-	else if (ext_ip && ext_ip->string_length() == 16)
-	{
-		// this node claims we use the wrong node-ID!
-		address_v6::bytes_type b;
-		memcpy(&b[0], ext_ip->string_ptr(), 16);
-		if (m_observer)
-			m_observer->set_external_address(address_v6(b)
-				, m.addr.address());
-	}
-#endif
-
 #ifdef TORRENT_DHT_VERBOSE_LOGGING
 	TORRENT_LOG(rpc) << "[" << o->m_algorithm.get() << "] Reply with transaction id: " 
 		<< tid << " from " << m.addr;