diff options
author | Peter Todd <pete@petertodd.org> | 2014-03-10 22:36:46 -0400 |
---|---|---|
committer | Peter Todd <pete@petertodd.org> | 2014-05-08 00:55:01 -0400 |
commit | f80cffa213cce7d7f82aef7cf3a2f7308fbeb009 (patch) | |
tree | 09eaf78579af5f6d88c94726a3f13cb99f571e0a | |
parent | 6380180821917c22ecfd89128ee60aae6f4cac33 (diff) |
Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails
-rw-r--r-- | src/main.cpp | 24 | ||||
-rw-r--r-- | src/script.h | 6 |
2 files changed, 24 insertions, 6 deletions
diff --git a/src/main.cpp b/src/main.cpp index cee9d027f5..e8fb26de88 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -1588,14 +1588,26 @@ bool CheckInputs(const CTransaction& tx, CValidationState &state, CCoinsViewCach pvChecks->push_back(CScriptCheck()); check.swap(pvChecks->back()); } else if (!check()) { - if (flags & SCRIPT_VERIFY_STRICTENC) { - // For now, check whether the failure was caused by non-canonical - // encodings or not; if so, don't trigger DoS protection. - CScriptCheck check(coins, tx, i, flags & (~SCRIPT_VERIFY_STRICTENC), 0); + if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) { + // Check whether the failure was caused by a + // non-mandatory script verification check, such as + // non-standard DER encodings or non-null dummy + // arguments; if so, don't trigger DoS protection to + // avoid splitting the network between upgraded and + // non-upgraded nodes. + CScriptCheck check(coins, tx, i, + flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, 0); if (check()) - return state.Invalid(false, REJECT_NONSTANDARD, "non-canonical"); + return state.Invalid(false, REJECT_NONSTANDARD, "non-mandatory-script-verify-flag"); } - return state.DoS(100,false, REJECT_NONSTANDARD, "non-canonical"); + // Failures of other flags indicate a transaction that is + // invalid in new blocks, e.g. a invalid P2SH. We DoS ban + // such nodes as they are not following the protocol. That + // said during an upgrade careful thought should be taken + // as to the correct behavior - we may want to continue + // peering with non-upgraded nodes even after a soft-fork + // super-majority vote has passed. + return state.DoS(100,false, REJECT_INVALID, "mandatory-script-verify-flag-failed"); } } } diff --git a/src/script.h b/src/script.h index 01779f550c..bbcdad159c 100644 --- a/src/script.h +++ b/src/script.h @@ -49,6 +49,9 @@ enum // them to be valid. (but old blocks may not comply with) Currently just P2SH, // but in the future other flags may be added, such as a soft-fork to enforce // strict DER encoding. +// +// Failing one of these tests may trigger a DoS ban - see CheckInputs() for +// details. static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH; // Standard script verification flags that standard transactions will comply @@ -58,6 +61,9 @@ static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY SCRIPT_VERIFY_STRICTENC | SCRIPT_VERIFY_NULLDUMMY; +// For convenience, standard but not mandatory verify flags. +static const unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS; + enum txnouttype { TX_NONSTANDARD, |