[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[vidalia-svn] r1329: If we get geographic information for an IP address we did no (in trunk: doc src/util/geoip)
Author: edmanm
Date: 2006-10-13 00:54:36 -0400 (Fri, 13 Oct 2006)
New Revision: 1329
Modified:
trunk/doc/geoip-spec.txt
trunk/src/util/geoip/geoiprequest.cpp
trunk/src/util/geoip/geoiprequest.h
trunk/src/util/geoip/geoipresolver.cpp
Log:
If we get geographic information for an IP address we did not request, ignore
it and don't cache it.
Modified: trunk/doc/geoip-spec.txt
===================================================================
--- trunk/doc/geoip-spec.txt 2006-10-13 02:42:54 UTC (rev 1328)
+++ trunk/doc/geoip-spec.txt 2006-10-13 04:54:36 UTC (rev 1329)
@@ -133,9 +133,6 @@
active partitioning to mislead the user into believing a given server
is at a certain set of coordinates?
- Third, Vidalia 0.0.8 will accept and cache responses to questions
- that it didn't ask. This probably aids partitioning attacks.
-
3. Future directions.
3.1. Encryption to/from the coordinate servers.
Modified: trunk/src/util/geoip/geoiprequest.cpp
===================================================================
--- trunk/src/util/geoip/geoiprequest.cpp 2006-10-13 02:42:54 UTC (rev 1328)
+++ trunk/src/util/geoip/geoiprequest.cpp 2006-10-13 04:54:36 UTC (rev 1329)
@@ -58,6 +58,7 @@
_request.append(",");
}
}
+ _ips = ips;
}
/** Formats the request as an HTTP POST request. */
@@ -69,3 +70,10 @@
return request.toAscii();
}
+/** Returns true if this request contains <b>ip</b>. */
+bool
+GeoIpRequest::contains(QHostAddress ip)
+{
+ return _ips.contains(ip);
+}
+
Modified: trunk/src/util/geoip/geoiprequest.h
===================================================================
--- trunk/src/util/geoip/geoiprequest.h 2006-10-13 02:42:54 UTC (rev 1328)
+++ trunk/src/util/geoip/geoiprequest.h 2006-10-13 04:54:36 UTC (rev 1329)
@@ -47,7 +47,9 @@
void setPage(QString page) { _page = page; }
/** Sets the list of IPs whose geo information we want to request. */
void setRequest(QList<QHostAddress> ips);
-
+ /** Returns true if this request contains <b>ip</b>. */
+ bool contains(QHostAddress ip);
+
/** Returns the request's identifier. */
int id() { return _id; }
/** Formats the request as an HTTP POST request */
@@ -61,6 +63,7 @@
QString _host; /**< Host: field value. */
QString _page; /**< Page giving us the geo ip information. */
QString _request; /**< Formatted Geo IP request string. */
+ QList<QHostAddress> _ips; /**< List of IP addresses in this request. */
};
#endif
Modified: trunk/src/util/geoip/geoipresolver.cpp
===================================================================
--- trunk/src/util/geoip/geoipresolver.cpp 2006-10-13 02:42:54 UTC (rev 1328)
+++ trunk/src/util/geoip/geoipresolver.cpp 2006-10-13 04:54:36 UTC (rev 1329)
@@ -105,12 +105,26 @@
/* Check the response code and see what we got */
if (response.statusCode() == 200) {
/* We got a 200 OK, so get the Geo IP information and cache the results */
- int numCached = 0;
+ int numCached = 0, i = 0;
QList<GeoIp> geoips = response.geoIps();
foreach (GeoIp geoip, geoips) {
- if (!_cache.contains(geoip.ip())) {
- _cache.cache(geoip);
- numCached++;
+ QHostAddress ip = geoip.ip();
+
+ if (request->contains(ip)) {
+ /* This is a requested geoip item, so if it wasn't cached, then
+ * cache it now. */
+ if (!_cache.contains(ip)) {
+ _cache.cache(geoip);
+ numCached++;
+ }
+ i++;
+ } else {
+ /* This item wasn't requested, so remove it. According to the Qt docs,
+ * this is safe to do inside the foreach() loop because, "Qt
+ * automatically takes a copy of the container when it enters a
+ * foreach loop. If you modify the container as you are iterating,
+ * that won't affect the loop." */
+ geoips.removeAt(i);
}
}
/* If new results were cached, save them to disk */