send connection denial for connect version mismatch

This commit is contained in:
Stephen Birarda 2016-06-08 11:47:58 -07:00
parent 4b5a554122
commit f963adb5dd
4 changed files with 20 additions and 19 deletions

View file

@ -62,10 +62,7 @@ void DomainGatekeeper::processConnectRequestPacket(QSharedPointer<ReceivedMessag
QByteArray myProtocolVersion = protocolVersionsSignature(); QByteArray myProtocolVersion = protocolVersionsSignature();
if (nodeConnection.protocolVersion != myProtocolVersion) { if (nodeConnection.protocolVersion != myProtocolVersion) {
QString protocolVersionError = "Protocol version mismatch - Domain version:" + QCoreApplication::applicationVersion(); sendProtocolMismatchConnectionDenial(message->getSenderSockAddr());
qDebug() << "Protocol Version mismatch - denying connection.";
sendConnectionDeniedPacket(protocolVersionError, message->getSenderSockAddr(),
DomainHandler::ConnectionRefusedReason::ProtocolMismatch);
return; return;
} }
@ -123,6 +120,13 @@ void DomainGatekeeper::processConnectRequestPacket(QSharedPointer<ReceivedMessag
} }
} }
void DomainGatekeeper::sendProtocolMismatchConnectionDenial(const HifiSockAddr& senderSockAddr) {
QString protocolVersionError = "Protocol version mismatch - Domain version:" + QCoreApplication::applicationVersion();
qDebug() << "Protocol Version mismatch - denying connection.";
sendConnectionDeniedPacket(protocolVersionError, senderSockAddr,
DomainHandler::ConnectionRefusedReason::ProtocolMismatch);
}
SharedNodePointer DomainGatekeeper::processAssignmentConnectRequest(const NodeConnectionData& nodeConnection, SharedNodePointer DomainGatekeeper::processAssignmentConnectRequest(const NodeConnectionData& nodeConnection,
const PendingAssignedNodeData& pendingAssignment) { const PendingAssignedNodeData& pendingAssignment) {
@ -531,14 +535,14 @@ void DomainGatekeeper::publicKeyJSONCallback(QNetworkReply& requestReply) {
} }
void DomainGatekeeper::sendConnectionDeniedPacket(const QString& reason, const HifiSockAddr& senderSockAddr, void DomainGatekeeper::sendConnectionDeniedPacket(const QString& reason, const HifiSockAddr& senderSockAddr,
DomainHandler::ConnectionRefusedReason reasonCode) { DomainHandler::ConnectionRefusedReason reasonCode) {
// this is an agent and we've decided we won't let them connect - send them a packet to deny connection // this is an agent and we've decided we won't let them connect - send them a packet to deny connection
QByteArray utfString = reason.toUtf8(); QByteArray utfString = reason.toUtf8();
quint16 payloadSize = utfString.size(); quint16 payloadSize = utfString.size();
// setup the DomainConnectionDenied packet // setup the DomainConnectionDenied packet
auto connectionDeniedPacket = NLPacket::create(PacketType::DomainConnectionDenied, auto connectionDeniedPacket = NLPacket::create(PacketType::DomainConnectionDenied,
payloadSize + sizeof(payloadSize) + sizeof(uint8_t)); payloadSize + sizeof(payloadSize) + sizeof(uint8_t));
// pack in the reason the connection was denied (the client displays this) // pack in the reason the connection was denied (the client displays this)
if (payloadSize > 0) { if (payloadSize > 0) {

View file

@ -42,6 +42,8 @@ public:
void preloadAllowedUserPublicKeys(); void preloadAllowedUserPublicKeys();
void removeICEPeer(const QUuid& peerUUID) { _icePeers.remove(peerUUID); } void removeICEPeer(const QUuid& peerUUID) { _icePeers.remove(peerUUID); }
static void sendProtocolMismatchConnectionDenial(const HifiSockAddr& senderSockAddr);
public slots: public slots:
void processConnectRequestPacket(QSharedPointer<ReceivedMessage> message); void processConnectRequestPacket(QSharedPointer<ReceivedMessage> message);
void processICEPingPacket(QSharedPointer<ReceivedMessage> message); void processICEPingPacket(QSharedPointer<ReceivedMessage> message);
@ -76,8 +78,8 @@ private:
const HifiSockAddr& senderSockAddr); const HifiSockAddr& senderSockAddr);
void sendConnectionTokenPacket(const QString& username, const HifiSockAddr& senderSockAddr); void sendConnectionTokenPacket(const QString& username, const HifiSockAddr& senderSockAddr);
void sendConnectionDeniedPacket(const QString& reason, const HifiSockAddr& senderSockAddr, static void sendConnectionDeniedPacket(const QString& reason, const HifiSockAddr& senderSockAddr,
DomainHandler::ConnectionRefusedReason reasonCode = DomainHandler::ConnectionRefusedReason::Unknown); DomainHandler::ConnectionRefusedReason reasonCode = DomainHandler::ConnectionRefusedReason::Unknown);
void pingPunchForConnectingPeer(const SharedNetworkPeer& peer); void pingPunchForConnectingPeer(const SharedNetworkPeer& peer);

View file

@ -318,16 +318,11 @@ bool DomainServer::packetVersionMatch(const udt::Packet& packet) {
auto nodeList = DependencyManager::get<LimitedNodeList>(); auto nodeList = DependencyManager::get<LimitedNodeList>();
// This implements a special case that handles OLD clients which don't know how to negotiate matching // if this is a mismatching connect packet, we can't simply drop it on the floor
// protocol versions. We know these clients will sent DomainConnectRequest with older versions. We also // send back a packet to the interface that tells them we refuse connection for a mismatch
// know these clients will show a warning dialog if they get an EntityData with a protocol version they if (headerType == PacketType::DomainConnectRequest
// don't understand, so we can send them an empty EntityData with our latest version and they will && headerVersion != versionForPacketType(PacketType::DomainConnectRequest)) {
// warn the user that the protocol is not compatible DomainGatekeeper::sendProtocolMismatchConnectionDenial(packet.getSenderSockAddr());
if (headerType == PacketType::DomainConnectRequest &&
headerVersion <static_cast<PacketVersion>(DomainConnectRequestVersion::HasProtocolVersions)) {
auto packetWithBadVersion = NLPacket::create(PacketType::EntityData);
nodeList->sendPacket(std::move(packetWithBadVersion), packet.getSenderSockAddr());
return false;
} }
// let the normal nodeList implementation handle all other packets. // let the normal nodeList implementation handle all other packets.

View file

@ -67,7 +67,7 @@ PacketVersion versionForPacketType(PacketType packetType) {
return static_cast<PacketVersion>(DomainConnectionDeniedVersion::IncludesReasonCode); return static_cast<PacketVersion>(DomainConnectionDeniedVersion::IncludesReasonCode);
case PacketType::DomainConnectRequest: case PacketType::DomainConnectRequest:
return static_cast<PacketVersion>(DomainConnectRequestVersion::HasProtocolVersions); return static_cast<PacketVersion>(DomainConnectRequestVersion::HasHostname);
default: default:
return 17; return 17;