diff options
author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-09-21 18:46:52 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-09-21 19:36:57 +0200 |
commit | c0c409dcd330e8b837291b1d331894aeb0015ead (patch) | |
tree | 5610b0546fafad84bbbe4de6c09df0bed116afca /src/net.h | |
parent | b99a1633b270e0e89479b2bb2ae19a8a8dc0fa05 (diff) | |
parent | 0d04784af151de249bbbcbad51e6e8ad9af8f5a3 (diff) |
Merge #19697: Improvements on ADDR caching
0d04784af151de249bbbcbad51e6e8ad9af8f5a3 Refactor the functional test (Gleb Naumenko)
83ad65f31b5c9441ae1618614082e584854a14e1 Address nits in ADDR caching (Gleb Naumenko)
81b00f87800f40cb14f2131ff27668bd2bb9e551 Add indexing ADDR cache by local socket addr (Gleb Naumenko)
42ec5585424ceb91bed07826dde15697c020661a Justify the choice of ADDR cache lifetime (Gleb Naumenko)
Pull request description:
This is a follow-up on #18991 which does 3 things:
- improves privacy of a node listening to multiple addresses via adding cache index by local socket addr (suggested [here](https://github.com/bitcoin/bitcoin/pull/18991#issuecomment-668219345))
- documents on the choice of 24h cache lifetime
- addresses nits from #18991
ACKs for top commit:
jnewbery:
utACK 0d04784af151de249bbbcbad51e6e8ad9af8f5a3
vasild:
ACK 0d04784
jonatack:
Code review ACK 0d04784
Tree-SHA512: bb65a34dd1ce2811186d3e4469bc33e8399cebaaa494ce13041c7cff23275870e4176a719f7a72f8d779c49f8b2344bf4fa1aeb3ea4e2626d5ae76514f00a750
Diffstat (limited to 'src/net.h')
-rw-r--r-- | src/net.h | 16 |
1 files changed, 10 insertions, 6 deletions
@@ -311,7 +311,7 @@ public: * A non-malicious call (from RPC or a peer with addr permission) should * call the function without a parameter to avoid using the cache. */ - std::vector<CAddress> GetAddresses(Network requestor_network, size_t max_addresses, size_t max_pct); + std::vector<CAddress> GetAddresses(CNode& requestor, size_t max_addresses, size_t max_pct); // This allows temporarily exceeding m_max_outbound_full_relay, with the goal of finding // a peer that is better than all our current peers. @@ -484,20 +484,24 @@ private: */ struct CachedAddrResponse { std::vector<CAddress> m_addrs_response_cache; - std::chrono::microseconds m_update_addr_response{0}; + std::chrono::microseconds m_cache_entry_expiration{0}; }; /** * Addr responses stored in different caches - * per network prevent cross-network node identification. + * per (network, local socket) prevent cross-network node identification. * If a node for example is multi-homed under Tor and IPv6, * a single cache (or no cache at all) would let an attacker * to easily detect that it is the same node by comparing responses. - * The used memory equals to 1000 CAddress records (or around 32 bytes) per + * Indexing by local socket prevents leakage when a node has multiple + * listening addresses on the same network. + * + * The used memory equals to 1000 CAddress records (or around 40 bytes) per * distinct Network (up to 5) we have/had an inbound peer from, - * resulting in at most ~160 KB. + * resulting in at most ~196 KB. Every separate local socket may + * add up to ~196 KB extra. */ - std::map<Network, CachedAddrResponse> m_addr_response_caches; + std::map<uint64_t, CachedAddrResponse> m_addr_response_caches; /** * Services this instance offers. |