friend of a friend type darknets

Alex allo at laxu.de
Mon Sep 20 15:39:32 CEST 2010 

Hi!
On Mon, Sep 20, 2010 at 03:00:35PM +0200, Guus Sliepen wrote:
> On Sun, Sep 19, 2010 at 11:44:23PM +0200, Alex wrote:
> 
> > > It is less simple there. Also, when you
> > > have a graph with cycles (for example, G connects to F as well), and not
> > > everyone is using the FriendOfAFriend option, then you will get conflicting
> > > ADD_EDGE messages, which will trigger a never-ending flood of correcting
> > > DEL_EDGE and ADD_EDGE messages.
> > isn't this the same problem, if peer A is known to B by a lan-ip and
> > known to C by an internet IP?
> 
> No, since that will be two distinct edges, a B->A edge and a C->A edge.  But
> suppose A has FriendOfAFriend set, but B and C do not, and B and C are also
> connected to each other. Then it is possible that the B->C edge information
> (that B sends to A and C  at some point) gets anonymised by A and forwarded to
> C, which sees new information, and forwards it in turn to B, which will see
> that someone forwarded the B->C edge, but with wrong IP address information.
Okay. if i do it in add_edge_h, too it should work, shouldn't it? i'm
only not sure at the moment where the direct connection information is
stored, and i should set up a few test-vms to test a whole net next.

diff -Nur tinc-1.0.13/doc/tinc.conf.5.in tinc-1.0.13-patched/doc/tinc.conf.5.in
--- tinc-1.0.13/doc/tinc.conf.5.in  2010-04-11 19:44:12.000000000 +0200
+++ tinc-1.0.13-patched/doc/tinc.conf.5.in  2010-09-17 23:36:59.031491597 +0200
@@ -209,6 +209,13 @@
 This option selects the way indirect packets are forwarded.
 .Bl -tag -width indent
 
+.It Va FriendOfAFriend Li = off | on Po off Pc Bq experimental
+If this option is set, indirect data is implied and your node
+will lie to other nodes when its asked about the ip of its peers.
+This enables a FriendOfAFriend mode, where everybody just trusts
+his direct peers and noone else.
+.Bl -tag -width indent
+
 .It off
 Incoming packets that are not meant for the local node,
 but which should be forwarded to another node, are dropped.
diff -Nur tinc-1.0.13/src/net_setup.c tinc-1.0.13-patched/src/net_setup.c
--- tinc-1.0.13/src/net_setup.c 2010-04-11 04:34:31.000000000 +0200
+++ tinc-1.0.13-patched/src/net_setup.c 2010-09-17 23:38:05.591481035 +0200
@@ -337,6 +337,10 @@
 
    /* Check some options */
 
+   get_config_bool(lookup_config(config_tree, "FriendOfAFriend"), &foaf);
+    if(foaf)
+        myself->options |= OPTION_INDIRECT;
+
    if(get_config_bool(lookup_config(config_tree, "IndirectData"), &choice) && choice)
        myself->options |= OPTION_INDIRECT;
 
diff -Nur tinc-1.0.13/src/protocol.c tinc-1.0.13-patched/src/protocol.c
--- tinc-1.0.13/src/protocol.c  2010-03-13 18:53:33.000000000 +0100
+++ tinc-1.0.13-patched/src/protocol.c  2010-09-20 15:29:52.802132853 +0200
@@ -29,6 +29,7 @@
 #include "xalloc.h"
 
 bool tunnelserver = false;
+bool foaf = false;
 bool strictsubnets = false;
 
 /* Jumptable for the request handlers */
diff -Nur tinc-1.0.13/src/protocol_edge.c tinc-1.0.13-patched/src/protocol_edge.c
--- tinc-1.0.13/src/protocol_edge.c 2010-03-13 18:53:33.000000000 +0100
+++ tinc-1.0.13-patched/src/protocol_edge.c 2010-09-20 15:32:02.602441373 +0200
@@ -39,7 +39,13 @@
    bool x;
    char *address, *port;
 
-   sockaddr2str(&e->address, &address, &port);
+    if(foaf){
+        address = xstrdup("0.0.0.0");
+        port = xstrdup("0");
+    }else{
+       sockaddr2str(&e->address, &address, &port);
+    }
+
 
    x = send_request(c, "%d %x %s %s %s %s %x %d", ADD_EDGE, rand(),
                     e->from->name, e->to->name, address, port,
@@ -109,7 +115,14 @@
 
    /* Convert addresses */
 
-   address = str2sockaddr(to_address, to_port);
+    if(foaf){
+        char *host=xstrdup("0.0.0.0");
+        char *port=xstrdup("0");
+        address = str2sockaddr(host, port);
+        free(host);free(port);
+    }else{
+       address = str2sockaddr(to_address, to_port);
+    }
 
    /* Check if edge already exists */
 
diff -Nur tinc-1.0.13/src/protocol.h tinc-1.0.13-patched/src/protocol.h
--- tinc-1.0.13/src/protocol.h  2010-03-13 18:53:33.000000000 +0100
+++ tinc-1.0.13-patched/src/protocol.h  2010-09-17 23:28:44.671480039 +0200
@@ -53,6 +53,7 @@
 } past_request_t;
 
 extern bool tunnelserver;
+extern bool foaf;
 extern bool strictsubnets;
 
 /* Maximum size of strings in a request.

with kind regards,
Alex

More information about the tinc-devel mailing list