From 10d05ba6c9ae41e62e67f5780e09a75b3bc64f16 Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Thu, 26 Oct 2017 16:34:49 -0700 Subject: [PATCH 1/2] only respond to expected ICE peers in DS --- domain-server/src/DomainGatekeeper.cpp | 10 ++++++++-- libraries/networking/src/NodeList.cpp | 4 ++-- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/domain-server/src/DomainGatekeeper.cpp b/domain-server/src/DomainGatekeeper.cpp index 09bebf806a..188c420a5d 100644 --- a/domain-server/src/DomainGatekeeper.cpp +++ b/domain-server/src/DomainGatekeeper.cpp @@ -814,9 +814,15 @@ void DomainGatekeeper::processICEPeerInformationPacket(QSharedPointer message) { auto limitedNodeList = DependencyManager::get(); - auto pingReplyPacket = limitedNodeList->constructICEPingReplyPacket(*message, limitedNodeList->getSessionUUID()); - limitedNodeList->sendPacket(std::move(pingReplyPacket), message->getSenderSockAddr()); + // before we respond to this ICE ping packet, make sure we have a peer in the list that matches + QUuid icePeerID = QUuid::fromRfc4122({ message->getRawMessage(), NUM_BYTES_RFC4122_UUID }); + + if (_icePeers.contains(icePeerID)) { + auto pingReplyPacket = limitedNodeList->constructICEPingReplyPacket(*message, limitedNodeList->getSessionUUID()); + + limitedNodeList->sendPacket(std::move(pingReplyPacket), message->getSenderSockAddr()); + } } void DomainGatekeeper::processICEPingReplyPacket(QSharedPointer message) { diff --git a/libraries/networking/src/NodeList.cpp b/libraries/networking/src/NodeList.cpp index fcf369f786..71128c5ff0 100644 --- a/libraries/networking/src/NodeList.cpp +++ b/libraries/networking/src/NodeList.cpp @@ -557,10 +557,10 @@ void NodeList::pingPunchForDomainServer() { flagTimeForConnectionStep(LimitedNodeList::ConnectionStep::SendPingsToDS); // send the ping packet to the local and public sockets for this node - auto localPingPacket = constructICEPingPacket(PingType::Local, _sessionUUID); + auto localPingPacket = constructICEPingPacket(PingType::Local, _domainHandler.getICEClientID()); sendPacket(std::move(localPingPacket), _domainHandler.getICEPeer().getLocalSocket()); - auto publicPingPacket = constructICEPingPacket(PingType::Public, _sessionUUID); + auto publicPingPacket = constructICEPingPacket(PingType::Public, _domainHandler.getICEClientID()); sendPacket(std::move(publicPingPacket), _domainHandler.getICEPeer().getPublicSocket()); _domainHandler.getICEPeer().incrementConnectionAttempts(); From 689828e3facd7cd6a0401f34771808eac17f2915 Mon Sep 17 00:00:00 2001 From: Stephen Birarda Date: Fri, 27 Oct 2017 10:00:49 -0700 Subject: [PATCH 2/2] add packet version change for ICE ping change --- libraries/networking/src/udt/PacketHeaders.cpp | 2 ++ libraries/networking/src/udt/PacketHeaders.h | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/libraries/networking/src/udt/PacketHeaders.cpp b/libraries/networking/src/udt/PacketHeaders.cpp index ef2768b0af..0852b27293 100644 --- a/libraries/networking/src/udt/PacketHeaders.cpp +++ b/libraries/networking/src/udt/PacketHeaders.cpp @@ -72,6 +72,8 @@ PacketVersion versionForPacketType(PacketType packetType) { case PacketType::MicrophoneAudioWithEcho: case PacketType::AudioStreamStats: return static_cast(AudioVersion::HighDynamicRangeVolume); + case PacketType::ICEPing: + return static_cast(IcePingVersion::SendICEPeerID); default: return 17; } diff --git a/libraries/networking/src/udt/PacketHeaders.h b/libraries/networking/src/udt/PacketHeaders.h index 9443ee570d..9644769566 100644 --- a/libraries/networking/src/udt/PacketHeaders.h +++ b/libraries/networking/src/udt/PacketHeaders.h @@ -277,4 +277,8 @@ enum class MessageDataVersion : PacketVersion { TextOrBinaryData = 18 }; +enum class IcePingVersion : PacketVersion { + SendICEPeerID = 18 +}; + #endif // hifi_PacketHeaders_h