Author: toad
Date: 2008-02-15 14:59:03 +0000 (Fri, 15 Feb 2008)
New Revision: 17940
Modified:
trunk/freenet/src/freenet/node/NodeDispatcher.java
Log:
If we RejectedOverload a request, don't add it to the failure table.
Otherwise an attacker can generate a lot of requests very fast and overwhelm
our failure table.
Modified: trunk/freenet/src/freenet/node/NodeDispatcher.java
===================================================================
--- trunk/freenet/src/freenet/node/NodeDispatcher.java 2008-02-15 14:57:05 UTC
(rev 17939)
+++ trunk/freenet/src/freenet/node/NodeDispatcher.java 2008-02-15 14:59:03 UTC
(rev 17940)
@@ -316,7 +316,9 @@
Logger.normal(this, "Rejecting (overload) data
request from "+source.getPeer()+": "+e);
}
node.unlockUID(id, isSSK, false, false, false);
- node.failureTable.onFinalFailure(key, null, htl, -1,
source);
+ // Do not tell failure table.
+ // Otherwise an attacker can flood us with requests
very cheaply and purge our
+ // failure table even though we didn't accept any of
them.
return true;
}
//if(!node.lockUID(id)) return false;
