diff options
| -rw-r--r-- | src/net.cpp | 14 | ||||
| -rw-r--r-- | src/net.h | 1 | ||||
| -rw-r--r-- | src/test/fuzz/node_eviction.cpp | 1 | ||||
| -rw-r--r-- | src/test/util/net.cpp | 1 |
4 files changed, 15 insertions, 2 deletions
diff --git a/src/net.cpp b/src/net.cpp index 91a1b05b81..46b8975eba 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -957,6 +957,15 @@ void ProtectNoBanConnections(std::vector<NodeEvictionCandidate>& eviction_candid eviction_candidates.end()); } +void ProtectOutboundConnections(std::vector<NodeEvictionCandidate>& eviction_candidates) +{ + eviction_candidates.erase(std::remove_if(eviction_candidates.begin(), eviction_candidates.end(), + [](NodeEvictionCandidate const& n) { + return n.m_conn_type != ConnectionType::INBOUND; + }), + eviction_candidates.end()); +} + void ProtectEvictionCandidatesByRatio(std::vector<NodeEvictionCandidate>& eviction_candidates) { // Protect the half of the remaining nodes which have been connected the longest. @@ -1036,6 +1045,8 @@ void ProtectEvictionCandidatesByRatio(std::vector<NodeEvictionCandidate>& evicti ProtectNoBanConnections(vEvictionCandidates); + ProtectOutboundConnections(vEvictionCandidates); + // Deterministically select 4 peers to protect by netgroup. // An attacker cannot predict which netgroups will be protected EraseLastKElements(vEvictionCandidates, CompareNetGroupKeyed, 4); @@ -1107,8 +1118,6 @@ bool CConnman::AttemptToEvictConnection() LOCK(m_nodes_mutex); for (const CNode* node : m_nodes) { - if (!node->IsInboundConn()) - continue; if (node->fDisconnect) continue; NodeEvictionCandidate candidate{ @@ -1125,6 +1134,7 @@ bool CConnman::AttemptToEvictConnection() Desig(m_is_local) node->addr.IsLocal(), Desig(m_network) node->ConnectedThroughNetwork(), Desig(m_noban) node->HasPermission(NetPermissionFlags::NoBan), + Desig(m_conn_type) node->m_conn_type, }; vEvictionCandidates.push_back(candidate); } @@ -1262,6 +1262,7 @@ struct NodeEvictionCandidate bool m_is_local; Network m_network; bool m_noban; + ConnectionType m_conn_type; }; /** diff --git a/src/test/fuzz/node_eviction.cpp b/src/test/fuzz/node_eviction.cpp index d7721f1bf6..e27b254580 100644 --- a/src/test/fuzz/node_eviction.cpp +++ b/src/test/fuzz/node_eviction.cpp @@ -33,6 +33,7 @@ FUZZ_TARGET(node_eviction) /*m_is_local=*/fuzzed_data_provider.ConsumeBool(), /*m_network=*/fuzzed_data_provider.PickValueInArray(ALL_NETWORKS), /*m_noban=*/fuzzed_data_provider.ConsumeBool(), + /*m_conn_type=*/fuzzed_data_provider.PickValueInArray(ALL_CONNECTION_TYPES), }); } // Make a copy since eviction_candidates may be in some valid but otherwise diff --git a/src/test/util/net.cpp b/src/test/util/net.cpp index 26b3acc677..bbcee6a5c8 100644 --- a/src/test/util/net.cpp +++ b/src/test/util/net.cpp @@ -59,6 +59,7 @@ std::vector<NodeEvictionCandidate> GetRandomNodeEvictionCandidates(int n_candida /*m_is_local=*/random_context.randbool(), /*m_network=*/ALL_NETWORKS[random_context.randrange(ALL_NETWORKS.size())], /*m_noban=*/false, + /*m_conn_type=*/ConnectionType::INBOUND, }); } return candidates; |