diff options
author | Jonas Schnelli <dev@jonasschnelli.ch> | 2017-08-11 20:59:24 +0200 |
---|---|---|
committer | Jonas Schnelli <dev@jonasschnelli.ch> | 2017-12-05 11:08:34 -1000 |
commit | bd0941652444df09c32eb552952fd3705d03fd6a (patch) | |
tree | aebbfcee2e17a0deffbde9d66697268d2a8c7e37 | |
parent | 27df193efdac8a7c4d3d4bbe8a29c8d79c6ce623 (diff) |
Avoid leaking the prune height through getdata (fingerprinting countermeasure)
-rw-r--r-- | src/net_processing.cpp | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/net_processing.cpp b/src/net_processing.cpp index 442cd00c9b..85e6d9c73d 100644 --- a/src/net_processing.cpp +++ b/src/net_processing.cpp @@ -1091,6 +1091,16 @@ void static ProcessGetData(CNode* pfrom, const Consensus::Params& consensusParam pfrom->fDisconnect = true; send = false; } + // Avoid leaking prune-height by never sending blocks below the NODE_NETWORK_LIMITED threshold + if (send && !pfrom->fWhitelisted && ( + (((pfrom->GetLocalServices() & NODE_NETWORK_LIMITED) == NODE_NETWORK_LIMITED) && ((pfrom->GetLocalServices() & NODE_NETWORK) != NODE_NETWORK) && (chainActive.Tip()->nHeight - mi->second->nHeight > (int)NODE_NETWORK_LIMITED_MIN_BLOCKS + 2 /* add two blocks buffer extension for possible races */) ) + )) { + LogPrint(BCLog::NET, "Ignore block request below NODE_NETWORK_LIMITED threshold from peer=%d\n", pfrom->GetId()); + + //disconnect node and prevent it from stalling (would otherwise wait for the missing block) + pfrom->fDisconnect = true; + send = false; + } // Pruned nodes may have deleted the block, so check whether // it's available before trying to send. if (send && (mi->second->nStatus & BLOCK_HAVE_DATA)) |