diff options
author | Ivan Pustogarov <ivanpustogarov@users.noreply.github.com> | 2014-12-07 17:30:57 +0100 |
---|---|---|
committer | Ivan Pustogarov <ivanpustogarov@users.noreply.github.com> | 2015-02-06 22:03:42 +0100 |
commit | dca799e1db6e319fdd47e0bfdb038eab0efabb85 (patch) | |
tree | ced9b22d5688baf8ed31b37a59f34e4db2851673 | |
parent | fb6140b54bad51e3b063dfb005bfde13aca64eb4 (diff) | |
download | bitcoin-dca799e1db6e319fdd47e0bfdb038eab0efabb85.tar.xz |
Ignore getaddr messages on Outbound connections.
The only time when a client sends a "getaddr" message is when he
esatblishes an Outbound connection (see ProcessMessage() in
src/main.cpp). Another bitcoin client is expected to receive a
"getaddr" message only on Inbound connection. Ignoring "gettaddr"
requests on Outbound connections can resolve potential privacy issues
(and as was said such request normally do not happen anyway).
-rw-r--r-- | src/main.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/main.cpp b/src/main.cpp index 27c427f7cd..a30084a75b 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -4008,7 +4008,12 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv, } - else if (strCommand == "getaddr") + // This asymmetric behavior for inbound and outbound connections was introduced + // to prevent a fingerprinting attack: an attacker can send specific fake addresses + // to users' AddrMan and later request them by sending getaddr messages. + // Making users (which are behind NAT and can only make outgoing connections) ignore + // getaddr message mitigates the attack. + else if ((strCommand == "getaddr") && (pfrom->fInbound)) { pfrom->vAddrToSend.clear(); vector<CAddress> vAddr = addrman.GetAddr(); |