diff --git a/libtorrent/src/disk_io_thread.cpp b/libtorrent/src/disk_io_thread.cpp index 20445d2c..06cb391d 100644 --- a/libtorrent/src/disk_io_thread.cpp +++ b/libtorrent/src/disk_io_thread.cpp @@ -1077,51 +1077,8 @@ namespace libtorrent if (!m_settings.disable_hash_checks) { - *hash_ok = false; - - lazy_entry v; - int pos; - error_code ec; - if (lazy_bdecode((char const*)p->blocks[0].buf, (char const*)p->blocks[0].buf - + piece_size, v, ec, &pos) == 0) { - - if( v.type() == lazy_entry::dict_t ) { - lazy_entry const* post = v.dict_find_dict("userpost"); - std::string sig = v.dict_find_string_value("sig_userpost"); - std::string username = j.storage->info()->name(); - - if( !post || !sig.size() ) { -#ifdef TORRENT_DEBUG - printf("r_p_f_c_a_h: missing post or signature\n"); -#endif - } else { - std::string n = post->dict_find_string_value("n"); - int k = post->dict_find_int_value("k",-1); - - if( n != username ) { -#ifdef TORRENT_DEBUG - printf("r_p_f_c_a_h: expected username '%s' got '%s'\n", - username.c_str(), n.c_str()); -#endif - } else if( k != j.piece ) { -#ifdef TORRENT_DEBUG - printf("r_p_f_c_a_h: expected piece '%d' got '%d'\n", - j.piece, k); -#endif - } else { - std::pair postbuf = post->data_section(); - *hash_ok = verifySignature( - std::string(postbuf.first,postbuf.second), - username, sig); -#ifdef TORRENT_DEBUG - if( !(*hash_ok) ) { - printf("r_p_f_c_a_h: bad signature\n"); - } -#endif - } - } - } - } + *hash_ok = acceptSignedPost((char const*)p->blocks[0].buf, piece_size, + j.storage->info()->name(), j.piece); } ret = copy_from_piece(const_cast(*p), hit, j, l); diff --git a/libtorrent/src/storage.cpp b/libtorrent/src/storage.cpp index 54c8f6ad..d04ef765 100644 --- a/libtorrent/src/storage.cpp +++ b/libtorrent/src/storage.cpp @@ -230,51 +230,8 @@ namespace libtorrent if (ret > 0) { - *hash_ok = false; - - lazy_entry v; - int pos; - error_code ec; - if (lazy_bdecode((char const*)buf.iov_base, (char const*)buf.iov_base - + ret, v, ec, &pos) == 0) { - - if( v.type() == lazy_entry::dict_t ) { - lazy_entry const* post = v.dict_find_dict("userpost"); - std::string sig = v.dict_find_string_value("sig_userpost"); - std::string username = m_info->name(); - - if( !post || !sig.size() ) { -#ifdef TORRENT_DEBUG - printf("h_f_s: missing post or signature\n"); -#endif - } else { - std::string n = post->dict_find_string_value("n"); - int k = post->dict_find_int_value("k",-1); - - if( n != username ) { -#ifdef TORRENT_DEBUG - printf("h_f_s: expected username '%s' got '%s'\n", - username.c_str(), n.c_str()); -#endif - } else if( k != slot ) { -#ifdef TORRENT_DEBUG - printf("h_f_s: expected piece '%d' got '%d'\n", - slot, k); -#endif - } else { - std::pair postbuf = post->data_section(); - *hash_ok = verifySignature( - std::string(postbuf.first,postbuf.second), - username, sig); -#ifdef TORRENT_DEBUG - if( !(*hash_ok) ) { - printf("h_f_s: bad signature\n"); - } -#endif - } - } - } - } + *hash_ok = acceptSignedPost((char const*)buf.iov_base, ret, + m_info->name(), slot); } if (error()) return 0; diff --git a/src/twister.cpp b/src/twister.cpp index 8601247b..4cd113a1 100644 --- a/src/twister.cpp +++ b/src/twister.cpp @@ -26,6 +26,8 @@ twister::twister() #define TORRENT_DISABLE_GEO_IP #include "libtorrent/aux_/session_impl.hpp" +#define DEBUG_ACCEPT_POST 1 + using namespace libtorrent; static session *ses = NULL; @@ -514,6 +516,59 @@ bool verifySignature(std::string const &strMessage, std::string const &strUserna return (pubkeyRec.GetID() == pubkey.GetID()); } +bool acceptSignedPost(char const *data, int data_size, std::string username, int seq) +{ + bool ret = false; + + lazy_entry v; + int pos; + error_code ec; + if (lazy_bdecode(data, data + data_size, v, ec, &pos) == 0) { + + if( v.type() == lazy_entry::dict_t ) { + lazy_entry const* post = v.dict_find_dict("userpost"); + std::string sig = v.dict_find_string_value("sig_userpost"); + + if( !post || !sig.size() ) { +#ifdef DEBUG_ACCEPT_POST + printf("acceptSignedPost: missing post or signature\n"); +#endif + } else { + std::string n = post->dict_find_string_value("n"); + int k = post->dict_find_int_value("k",-1); + + if( n != username ) { +#ifdef DEBUG_ACCEPT_POST + printf("acceptSignedPost: expected username '%s' got '%s'\n", + username.c_str(), n.c_str()); +#endif + } else if( k != seq ) { +#ifdef DEBUG_ACCEPT_POST + printf("acceptSignedPost: expected piece '%d' got '%d'\n", + slot, k); +#endif + } else if( k < 0 || k > nBestHeight * 2 + 10 ) { +#ifdef DEBUG_ACCEPT_POST + printf("acceptSignedPost: too much posts from user '%s' rejecting post %d\n", + username.c_str(), k); +#endif + } else { + std::pair postbuf = post->data_section(); + ret = verifySignature( + std::string(postbuf.first,postbuf.second), + username, sig); +#ifdef DEBUG_ACCEPT_POST + if( !ret ) { + printf("acceptSignedPost: bad signature\n"); + } +#endif + } + } + } + } + return ret; +} + int getBestHeight() { return nBestHeight; diff --git a/src/twister.h b/src/twister.h index 54a00a9b..67b97023 100644 --- a/src/twister.h +++ b/src/twister.h @@ -18,6 +18,8 @@ void stopSessionTorrent(); std::string createSignature(std::string const &strMessage, std::string const &strUsername); bool verifySignature(std::string const &strMessage, std::string const &strUsername, std::string const &strSign); +bool acceptSignedPost(char const *data, int data_size, std::string username, int seq); + int getBestHeight(); #endif // TWISTER_H