aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Todd <pete@petertodd.org>2014-03-10 22:36:46 -0400
committerPeter Todd <pete@petertodd.org>2014-05-08 00:55:01 -0400
commitf80cffa213cce7d7f82aef7cf3a2f7308fbeb009 (patch)
tree09eaf78579af5f6d88c94726a3f13cb99f571e0a
parent6380180821917c22ecfd89128ee60aae6f4cac33 (diff)
Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails
-rw-r--r--src/main.cpp24
-rw-r--r--src/script.h6
2 files changed, 24 insertions, 6 deletions
diff --git a/src/main.cpp b/src/main.cpp
index cee9d027f5..e8fb26de88 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1588,14 +1588,26 @@ bool CheckInputs(const CTransaction& tx, CValidationState &state, CCoinsViewCach
pvChecks->push_back(CScriptCheck());
check.swap(pvChecks->back());
} else if (!check()) {
- if (flags & SCRIPT_VERIFY_STRICTENC) {
- // For now, check whether the failure was caused by non-canonical
- // encodings or not; if so, don't trigger DoS protection.
- CScriptCheck check(coins, tx, i, flags & (~SCRIPT_VERIFY_STRICTENC), 0);
+ if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) {
+ // Check whether the failure was caused by a
+ // non-mandatory script verification check, such as
+ // non-standard DER encodings or non-null dummy
+ // arguments; if so, don't trigger DoS protection to
+ // avoid splitting the network between upgraded and
+ // non-upgraded nodes.
+ CScriptCheck check(coins, tx, i,
+ flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, 0);
if (check())
- return state.Invalid(false, REJECT_NONSTANDARD, "non-canonical");
+ return state.Invalid(false, REJECT_NONSTANDARD, "non-mandatory-script-verify-flag");
}
- return state.DoS(100,false, REJECT_NONSTANDARD, "non-canonical");
+ // Failures of other flags indicate a transaction that is
+ // invalid in new blocks, e.g. a invalid P2SH. We DoS ban
+ // such nodes as they are not following the protocol. That
+ // said during an upgrade careful thought should be taken
+ // as to the correct behavior - we may want to continue
+ // peering with non-upgraded nodes even after a soft-fork
+ // super-majority vote has passed.
+ return state.DoS(100,false, REJECT_INVALID, "mandatory-script-verify-flag-failed");
}
}
}
diff --git a/src/script.h b/src/script.h
index 01779f550c..bbcdad159c 100644
--- a/src/script.h
+++ b/src/script.h
@@ -49,6 +49,9 @@ enum
// them to be valid. (but old blocks may not comply with) Currently just P2SH,
// but in the future other flags may be added, such as a soft-fork to enforce
// strict DER encoding.
+//
+// Failing one of these tests may trigger a DoS ban - see CheckInputs() for
+// details.
static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
// Standard script verification flags that standard transactions will comply
@@ -58,6 +61,9 @@ static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY
SCRIPT_VERIFY_STRICTENC |
SCRIPT_VERIFY_NULLDUMMY;
+// For convenience, standard but not mandatory verify flags.
+static const unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;
+
enum txnouttype
{
TX_NONSTANDARD,