diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-02-26 17:07:47 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2015-02-26 17:13:13 +0100 |
| commit | 59310f1c02673c3ee068cd82f8654bed9b757889 (patch) | |
| tree | 8dd58d6488d74ea27b93c418464d455063e13530 /src | |
| parent | 482783b341a078c1604207941f01100839e8c9e6 (diff) | |
| parent | 85da07a5a001a563488382435202b74a3e3e964a (diff) | |
Merge pull request #5820
85da07a Better fingerprinting protection for non-main-chain getdatas. (Pieter Wuille)
Diffstat (limited to 'src')
| -rw-r--r-- | src/main.cpp | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/src/main.cpp b/src/main.cpp index 34b4c51d5f..b6a61f7da1 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -3355,19 +3355,17 @@ void static ProcessGetData(CNode* pfrom) BlockMap::iterator mi = mapBlockIndex.find(inv.hash); if (mi != mapBlockIndex.end()) { - // If the requested block is at a height below our last - // checkpoint, only serve it if it's in the checkpointed chain - int nHeight = mi->second->nHeight; - CBlockIndex* pcheckpoint = Checkpoints::GetLastCheckpoint(); - if (pcheckpoint && nHeight < pcheckpoint->nHeight) { - if (!chainActive.Contains(mi->second)) - { - LogPrintf("ProcessGetData(): ignoring request for old block that isn't in the main chain\n"); - } else { - send = true; - } - } else { + if (chainActive.Contains(mi->second)) { send = true; + } else { + // To prevent fingerprinting attacks, only send blocks outside of the active + // chain if they are valid, and no more than a month older than the best header + // chain we know about. + send = mi->second->IsValid(BLOCK_VALID_SCRIPTS) && (pindexBestHeader != NULL) && + (mi->second->GetBlockTime() > pindexBestHeader->GetBlockTime() - 30 * 24 * 60 * 60); + if (!send) { + LogPrintf("ProcessGetData(): ignoring request from peer=%i for old block that isn't in the main chain\n", pfrom->GetId()); + } } } if (send) |