On Tuesday, February 23, 2016 06:45:46 PM Matthew Toseland wrote: > On 23/02/16 17:53, Martin Byrenheid wrote: > Hmmm. I thought we relayed opennet announcements through darknet nodes? > We probably do want to send them through hybrid nodes, so we can't just > say "never forward an announcement to a darknet peer"? Or can we? As > discussed previously I don't think the security issue is relevant one > way or the other, e.g. swapping and FOAF data give away a lot. So > currently we will send it to a darknet peer, but if it's a pure darknet > node it will reject it, whereas if it's a hybrid it may accept the > announcement?
> Anyway, the apparently redundant check is probably there to deal with > race conditions - whether opennet is enabled changes occasionally. IMHO > that is legitimate. I think the current code behavior, where all nodes except pure darknet nodes accept announce requests, should be fine and doesn't seem to pose a significant security risk. I don't think that it will bring a huge performance or security gain to actively avoid forwarding announce requests to pure darknet nodes, since the hybrid node will just continue with the next neighbor. With my comment I solely had the intention of removing some possibly dead code. But since it's just 4 lines and I'm not deeply familiar with Freenet, I agree that it is probably safer to keep the additional check :-) > Bandwidth limiting, message priorities, something of that nature. The > point is it shouldn't actually complete the AnnounceSender and close the > connection until existing transfers have completed. Which is why > complete() waits for all transfers to finish. Unfortunately we don't > call complete() in the case of an RNF! AFAICS the solution is to copy > the wait loop from complete() into rnf(). Patches welcome. :) Okay, I will try it out! Thanks! Martin _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
