From 096efcef1a728aeac13d1948bf97cdc3cf54a098 Mon Sep 17 00:00:00 2001 From: Bryan Biedenkapp Date: Wed, 3 Apr 2024 12:26:53 -0400 Subject: [PATCH] ignore affiliation checks for ISSI-type peers, they are excluded from affiliation rule checking; --- src/fne/network/fne/TagDMRData.cpp | 8 +++++--- src/fne/network/fne/TagDMRData.h | 2 +- src/fne/network/fne/TagNXDNData.cpp | 8 +++++--- src/fne/network/fne/TagNXDNData.h | 2 +- src/fne/network/fne/TagP25Data.cpp | 8 +++++--- src/fne/network/fne/TagP25Data.h | 2 +- 6 files changed, 18 insertions(+), 12 deletions(-) diff --git a/src/fne/network/fne/TagDMRData.cpp b/src/fne/network/fne/TagDMRData.cpp index fb38c7d6..370122ab 100644 --- a/src/fne/network/fne/TagDMRData.cpp +++ b/src/fne/network/fne/TagDMRData.cpp @@ -281,7 +281,7 @@ bool TagDMRData::processFrame(const uint8_t* data, uint32_t len, uint32_t peerId // is coming from a external peer if (dstPeerId != peerId) { // is this peer ignored? - if (!isPeerPermitted(dstPeerId, dmrData, streamId)) { + if (!isPeerPermitted(dstPeerId, dmrData, streamId, true)) { continue; } @@ -558,8 +558,9 @@ bool TagDMRData::processCSBK(uint8_t* buffer, uint32_t peerId, dmr::data::Data& /// Peer ID /// /// Stream ID +/// /// -bool TagDMRData::isPeerPermitted(uint32_t peerId, data::Data& data, uint32_t streamId) +bool TagDMRData::isPeerPermitted(uint32_t peerId, data::Data& data, uint32_t streamId, bool external) { // private calls are always permitted if (data.getDataType() == FLCO_PRIVATE) { @@ -590,7 +591,8 @@ bool TagDMRData::isPeerPermitted(uint32_t peerId, data::Data& data, uint32_t str } // is this a TG that requires affiliations to repeat? - if (tg.config().affiliated()) { + // NOTE: external peers *always* repeat traffic regardless of affiliation + if (tg.config().affiliated() && !external) { // check the affiliations for this peer to see if we can repeat traffic lookups::AffiliationLookup* aff = m_network->m_peerAffiliations[peerId]; if (aff == nullptr) { diff --git a/src/fne/network/fne/TagDMRData.h b/src/fne/network/fne/TagDMRData.h index 30baaba8..03333d0a 100644 --- a/src/fne/network/fne/TagDMRData.h +++ b/src/fne/network/fne/TagDMRData.h @@ -81,7 +81,7 @@ namespace network bool processCSBK(uint8_t* buffer, uint32_t peerId, dmr::data::Data& dmrData); /// Helper to determine if the peer is permitted for traffic. - bool isPeerPermitted(uint32_t peerId, dmr::data::Data& data, uint32_t streamId); + bool isPeerPermitted(uint32_t peerId, dmr::data::Data& data, uint32_t streamId, bool external = false); /// Helper to validate the DMR call stream. bool validate(uint32_t peerId, dmr::data::Data& data, uint32_t streamId); diff --git a/src/fne/network/fne/TagNXDNData.cpp b/src/fne/network/fne/TagNXDNData.cpp index 9a5ddda6..fd34e4a5 100644 --- a/src/fne/network/fne/TagNXDNData.cpp +++ b/src/fne/network/fne/TagNXDNData.cpp @@ -248,7 +248,7 @@ bool TagNXDNData::processFrame(const uint8_t* data, uint32_t len, uint32_t peerI // is coming from a external peer if (dstPeerId != peerId) { // is this peer ignored? - if (!isPeerPermitted(dstPeerId, lc, messageType, streamId)) { + if (!isPeerPermitted(dstPeerId, lc, messageType, streamId, true)) { continue; } @@ -391,8 +391,9 @@ bool TagNXDNData::peerRewrite(uint32_t peerId, uint32_t& dstId, bool outbound) /// /// /// Stream ID +/// /// -bool TagNXDNData::isPeerPermitted(uint32_t peerId, lc::RTCH& lc, uint8_t messageType, uint32_t streamId) +bool TagNXDNData::isPeerPermitted(uint32_t peerId, lc::RTCH& lc, uint8_t messageType, uint32_t streamId, bool external) { // private calls are always permitted if (!lc.getGroup()) { @@ -423,7 +424,8 @@ bool TagNXDNData::isPeerPermitted(uint32_t peerId, lc::RTCH& lc, uint8_t message } // is this a TG that requires affiliations to repeat? - if (tg.config().affiliated()) { + // NOTE: external peers *always* repeat traffic regardless of affiliation + if (tg.config().affiliated() && !external) { // check the affiliations for this peer to see if we can repeat traffic lookups::AffiliationLookup* aff = m_network->m_peerAffiliations[peerId]; if (aff == nullptr) { diff --git a/src/fne/network/fne/TagNXDNData.h b/src/fne/network/fne/TagNXDNData.h index 92aab94a..9533484c 100644 --- a/src/fne/network/fne/TagNXDNData.h +++ b/src/fne/network/fne/TagNXDNData.h @@ -72,7 +72,7 @@ namespace network bool peerRewrite(uint32_t peerId, uint32_t& dstId, bool outbound = true); /// Helper to determine if the peer is permitted for traffic. - bool isPeerPermitted(uint32_t peerId, nxdn::lc::RTCH& lc, uint8_t messageType, uint32_t streamId); + bool isPeerPermitted(uint32_t peerId, nxdn::lc::RTCH& lc, uint8_t messageType, uint32_t streamId, bool external = false); /// Helper to validate the NXDN call stream. bool validate(uint32_t peerId, nxdn::lc::RTCH& control, uint8_t messageType, uint32_t streamId); diff --git a/src/fne/network/fne/TagP25Data.cpp b/src/fne/network/fne/TagP25Data.cpp index 796e0654..8b3f9e65 100644 --- a/src/fne/network/fne/TagP25Data.cpp +++ b/src/fne/network/fne/TagP25Data.cpp @@ -311,7 +311,7 @@ bool TagP25Data::processFrame(const uint8_t* data, uint32_t len, uint32_t peerId // is coming from a external peer if (dstPeerId != peerId) { // is this peer ignored? - if (!isPeerPermitted(dstPeerId, control, duid, streamId)) { + if (!isPeerPermitted(dstPeerId, control, duid, streamId, true)) { continue; } @@ -734,8 +734,9 @@ bool TagP25Data::processTSDUToExternal(uint8_t* buffer, uint32_t srcPeerId, uint /// /// /// Stream ID +/// /// -bool TagP25Data::isPeerPermitted(uint32_t peerId, lc::LC& control, uint8_t duid, uint32_t streamId) +bool TagP25Data::isPeerPermitted(uint32_t peerId, lc::LC& control, uint8_t duid, uint32_t streamId, bool external) { // private calls are always permitted if (control.getLCO() == LC_PRIVATE) { @@ -773,7 +774,8 @@ bool TagP25Data::isPeerPermitted(uint32_t peerId, lc::LC& control, uint8_t duid, } // is this a TG that requires affiliations to repeat? - if (tg.config().affiliated()) { + // NOTE: external peers *always* repeat traffic regardless of affiliation + if (tg.config().affiliated() && !external) { // check the affiliations for this peer to see if we can repeat traffic lookups::AffiliationLookup* aff = m_network->m_peerAffiliations[peerId]; if (aff == nullptr) { diff --git a/src/fne/network/fne/TagP25Data.h b/src/fne/network/fne/TagP25Data.h index cd7c83e9..9d302486 100644 --- a/src/fne/network/fne/TagP25Data.h +++ b/src/fne/network/fne/TagP25Data.h @@ -94,7 +94,7 @@ namespace network bool processTSDUToExternal(uint8_t* buffer, uint32_t srcPeerId, uint32_t dstPeerId, uint8_t duid); /// Helper to determine if the peer is permitted for traffic. - bool isPeerPermitted(uint32_t peerId, p25::lc::LC& control, uint8_t duid, uint32_t streamId); + bool isPeerPermitted(uint32_t peerId, p25::lc::LC& control, uint8_t duid, uint32_t streamId, bool external = false); /// Helper to validate the P25 call stream. bool validate(uint32_t peerId, p25::lc::LC& control, uint8_t duid, const p25::lc::TSBK* tsbk, uint32_t streamId);