aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/net.cpp34
-rw-r--r--src/net.h2
-rw-r--r--src/net_permissions.cpp34
-rw-r--r--src/net_permissions.h46
-rw-r--r--src/net_processing.cpp50
-rw-r--r--src/qt/rpcconsole.cpp2
-rw-r--r--src/test/fuzz/net_permissions.cpp4
-rw-r--r--src/test/netbase_tests.cpp52
-rw-r--r--src/test/util/net.h20
9 files changed, 126 insertions, 118 deletions
diff --git a/src/net.cpp b/src/net.cpp
index 05588d7406..909b7622e3 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -1005,7 +1005,7 @@ bool CConnman::AttemptToEvictConnection()
LOCK(cs_vNodes);
for (const CNode* node : vNodes) {
- if (node->HasPermission(PF_NOBAN))
+ if (node->HasPermission(NetPermissionFlags::NoBan))
continue;
if (!node->IsInboundConn())
continue;
@@ -1062,7 +1062,7 @@ void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
const CAddress addr_bind = GetBindAddress(hSocket);
- NetPermissionFlags permissionFlags = NetPermissionFlags::PF_NONE;
+ NetPermissionFlags permissionFlags = NetPermissionFlags::None;
hListenSocket.AddSocketPermissionFlags(permissionFlags);
CreateNodeFromAcceptedSocket(hSocket, permissionFlags, addr_bind, addr);
@@ -1077,12 +1077,12 @@ void CConnman::CreateNodeFromAcceptedSocket(SOCKET hSocket,
int nMaxInbound = nMaxConnections - m_max_outbound;
AddWhitelistPermissionFlags(permissionFlags, addr);
- if (NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_ISIMPLICIT)) {
- NetPermissions::ClearFlag(permissionFlags, PF_ISIMPLICIT);
- if (gArgs.GetBoolArg("-whitelistforcerelay", DEFAULT_WHITELISTFORCERELAY)) NetPermissions::AddFlag(permissionFlags, PF_FORCERELAY);
- if (gArgs.GetBoolArg("-whitelistrelay", DEFAULT_WHITELISTRELAY)) NetPermissions::AddFlag(permissionFlags, PF_RELAY);
- NetPermissions::AddFlag(permissionFlags, PF_MEMPOOL);
- NetPermissions::AddFlag(permissionFlags, PF_NOBAN);
+ if (NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::Implicit)) {
+ NetPermissions::ClearFlag(permissionFlags, NetPermissionFlags::Implicit);
+ if (gArgs.GetBoolArg("-whitelistforcerelay", DEFAULT_WHITELISTFORCERELAY)) NetPermissions::AddFlag(permissionFlags, NetPermissionFlags::ForceRelay);
+ if (gArgs.GetBoolArg("-whitelistrelay", DEFAULT_WHITELISTRELAY)) NetPermissions::AddFlag(permissionFlags, NetPermissionFlags::Relay);
+ NetPermissions::AddFlag(permissionFlags, NetPermissionFlags::Mempool);
+ NetPermissions::AddFlag(permissionFlags, NetPermissionFlags::NoBan);
}
{
@@ -1111,7 +1111,7 @@ void CConnman::CreateNodeFromAcceptedSocket(SOCKET hSocket,
// Don't accept connections from banned peers.
bool banned = m_banman && m_banman->IsBanned(addr);
- if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && banned)
+ if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::NoBan) && banned)
{
LogPrint(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToString());
CloseSocket(hSocket);
@@ -1120,7 +1120,7 @@ void CConnman::CreateNodeFromAcceptedSocket(SOCKET hSocket,
// Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
- if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && nInbound + 1 >= nMaxInbound && discouraged)
+ if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::NoBan) && nInbound + 1 >= nMaxInbound && discouraged)
{
LogPrint(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToString());
CloseSocket(hSocket);
@@ -1141,7 +1141,7 @@ void CConnman::CreateNodeFromAcceptedSocket(SOCKET hSocket,
uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
ServiceFlags nodeServices = nLocalServices;
- if (NetPermissions::HasFlag(permissionFlags, PF_BLOOMFILTER)) {
+ if (NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::BloomFilter)) {
nodeServices = static_cast<ServiceFlags>(nodeServices | NODE_BLOOM);
}
@@ -2253,7 +2253,7 @@ void CConnman::ThreadI2PAcceptIncoming()
continue;
}
- CreateNodeFromAcceptedSocket(conn.sock->Release(), NetPermissionFlags::PF_NONE,
+ CreateNodeFromAcceptedSocket(conn.sock->Release(), NetPermissionFlags::None,
CAddress{conn.me, NODE_NONE}, CAddress{conn.peer, NODE_NONE});
}
}
@@ -2411,7 +2411,7 @@ bool CConnman::Bind(const CService &addr, unsigned int flags, NetPermissionFlags
return false;
}
- if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::PF_NOBAN)) {
+ if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::NoBan)) {
AddLocal(addr, LOCAL_BIND);
}
@@ -2425,7 +2425,7 @@ bool CConnman::InitBinds(
{
bool fBound = false;
for (const auto& addrBind : binds) {
- fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR), NetPermissionFlags::PF_NONE);
+ fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR), NetPermissionFlags::None);
}
for (const auto& addrBind : whiteBinds) {
fBound |= Bind(addrBind.m_service, (BF_EXPLICIT | BF_REPORT_ERROR), addrBind.m_flags);
@@ -2434,12 +2434,12 @@ bool CConnman::InitBinds(
struct in_addr inaddr_any;
inaddr_any.s_addr = htonl(INADDR_ANY);
struct in6_addr inaddr6_any = IN6ADDR_ANY_INIT;
- fBound |= Bind(CService(inaddr6_any, GetListenPort()), BF_NONE, NetPermissionFlags::PF_NONE);
- fBound |= Bind(CService(inaddr_any, GetListenPort()), !fBound ? BF_REPORT_ERROR : BF_NONE, NetPermissionFlags::PF_NONE);
+ fBound |= Bind(CService(inaddr6_any, GetListenPort()), BF_NONE, NetPermissionFlags::None);
+ fBound |= Bind(CService(inaddr_any, GetListenPort()), !fBound ? BF_REPORT_ERROR : BF_NONE, NetPermissionFlags::None);
}
for (const auto& addr_bind : onion_binds) {
- fBound |= Bind(addr_bind, BF_EXPLICIT | BF_DONT_ADVERTISE, NetPermissionFlags::PF_NONE);
+ fBound |= Bind(addr_bind, BF_EXPLICIT | BF_DONT_ADVERTISE, NetPermissionFlags::None);
}
return fBound;
diff --git a/src/net.h b/src/net.h
index 6b9a7ef136..65b262e573 100644
--- a/src/net.h
+++ b/src/net.h
@@ -402,7 +402,7 @@ public:
std::unique_ptr<TransportDeserializer> m_deserializer;
std::unique_ptr<TransportSerializer> m_serializer;
- NetPermissionFlags m_permissionFlags{PF_NONE};
+ NetPermissionFlags m_permissionFlags{NetPermissionFlags::None};
std::atomic<ServiceFlags> nServices{NODE_NONE};
SOCKET hSocket GUARDED_BY(cs_hSocket);
/** Total size of all vSendMsg entries */
diff --git a/src/net_permissions.cpp b/src/net_permissions.cpp
index 1fdcd97593..228453df20 100644
--- a/src/net_permissions.cpp
+++ b/src/net_permissions.cpp
@@ -23,12 +23,12 @@ namespace {
// The parse the following format "perm1,perm2@xxxxxx"
bool TryParsePermissionFlags(const std::string str, NetPermissionFlags& output, size_t& readen, bilingual_str& error)
{
- NetPermissionFlags flags = PF_NONE;
+ NetPermissionFlags flags = NetPermissionFlags::None;
const auto atSeparator = str.find('@');
// if '@' is not found (ie, "xxxxx"), the caller should apply implicit permissions
if (atSeparator == std::string::npos) {
- NetPermissions::AddFlag(flags, PF_ISIMPLICIT);
+ NetPermissions::AddFlag(flags, NetPermissionFlags::Implicit);
readen = 0;
}
// else (ie, "perm1,perm2@xxxxx"), let's enumerate the permissions by splitting by ',' and calculate the flags
@@ -44,14 +44,14 @@ bool TryParsePermissionFlags(const std::string str, NetPermissionFlags& output,
readen += len; // We read "perm1"
if (commaSeparator != std::string::npos) readen++; // We read ","
- if (permission == "bloomfilter" || permission == "bloom") NetPermissions::AddFlag(flags, PF_BLOOMFILTER);
- else if (permission == "noban") NetPermissions::AddFlag(flags, PF_NOBAN);
- else if (permission == "forcerelay") NetPermissions::AddFlag(flags, PF_FORCERELAY);
- else if (permission == "mempool") NetPermissions::AddFlag(flags, PF_MEMPOOL);
- else if (permission == "download") NetPermissions::AddFlag(flags, PF_DOWNLOAD);
- else if (permission == "all") NetPermissions::AddFlag(flags, PF_ALL);
- else if (permission == "relay") NetPermissions::AddFlag(flags, PF_RELAY);
- else if (permission == "addr") NetPermissions::AddFlag(flags, PF_ADDR);
+ if (permission == "bloomfilter" || permission == "bloom") NetPermissions::AddFlag(flags, NetPermissionFlags::BloomFilter);
+ else if (permission == "noban") NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);
+ else if (permission == "forcerelay") NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);
+ else if (permission == "mempool") NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);
+ else if (permission == "download") NetPermissions::AddFlag(flags, NetPermissionFlags::Download);
+ else if (permission == "all") NetPermissions::AddFlag(flags, NetPermissionFlags::All);
+ else if (permission == "relay") NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);
+ else if (permission == "addr") NetPermissions::AddFlag(flags, NetPermissionFlags::Addr);
else if (permission.length() == 0); // Allow empty entries
else {
error = strprintf(_("Invalid P2P permission: '%s'"), permission);
@@ -71,13 +71,13 @@ bool TryParsePermissionFlags(const std::string str, NetPermissionFlags& output,
std::vector<std::string> NetPermissions::ToStrings(NetPermissionFlags flags)
{
std::vector<std::string> strings;
- if (NetPermissions::HasFlag(flags, PF_BLOOMFILTER)) strings.push_back("bloomfilter");
- if (NetPermissions::HasFlag(flags, PF_NOBAN)) strings.push_back("noban");
- if (NetPermissions::HasFlag(flags, PF_FORCERELAY)) strings.push_back("forcerelay");
- if (NetPermissions::HasFlag(flags, PF_RELAY)) strings.push_back("relay");
- if (NetPermissions::HasFlag(flags, PF_MEMPOOL)) strings.push_back("mempool");
- if (NetPermissions::HasFlag(flags, PF_DOWNLOAD)) strings.push_back("download");
- if (NetPermissions::HasFlag(flags, PF_ADDR)) strings.push_back("addr");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::BloomFilter)) strings.push_back("bloomfilter");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::NoBan)) strings.push_back("noban");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::ForceRelay)) strings.push_back("forcerelay");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::Relay)) strings.push_back("relay");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::Mempool)) strings.push_back("mempool");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::Download)) strings.push_back("download");
+ if (NetPermissions::HasFlag(flags, NetPermissionFlags::Addr)) strings.push_back("addr");
return strings;
}
diff --git a/src/net_permissions.h b/src/net_permissions.h
index 142b317bf6..7a158aa6c5 100644
--- a/src/net_permissions.h
+++ b/src/net_permissions.h
@@ -5,6 +5,7 @@
#include <netaddress.h>
#include <string>
+#include <type_traits>
#include <vector>
#ifndef BITCOIN_NET_PERMISSIONS_H
@@ -14,52 +15,59 @@ struct bilingual_str;
extern const std::vector<std::string> NET_PERMISSIONS_DOC;
-enum NetPermissionFlags {
- PF_NONE = 0,
+enum class NetPermissionFlags : uint32_t {
+ None = 0,
// Can query bloomfilter even if -peerbloomfilters is false
- PF_BLOOMFILTER = (1U << 1),
+ BloomFilter = (1U << 1),
// Relay and accept transactions from this peer, even if -blocksonly is true
// This peer is also not subject to limits on how many transaction INVs are tracked
- PF_RELAY = (1U << 3),
+ Relay = (1U << 3),
// Always relay transactions from this peer, even if already in mempool
// Keep parameter interaction: forcerelay implies relay
- PF_FORCERELAY = (1U << 2) | PF_RELAY,
+ ForceRelay = (1U << 2) | Relay,
// Allow getheaders during IBD and block-download after maxuploadtarget limit
- PF_DOWNLOAD = (1U << 6),
+ Download = (1U << 6),
// Can't be banned/disconnected/discouraged for misbehavior
- PF_NOBAN = (1U << 4) | PF_DOWNLOAD,
+ NoBan = (1U << 4) | Download,
// Can query the mempool
- PF_MEMPOOL = (1U << 5),
+ Mempool = (1U << 5),
// Can request addrs without hitting a privacy-preserving cache
- PF_ADDR = (1U << 7),
+ Addr = (1U << 7),
// True if the user did not specifically set fine grained permissions
- PF_ISIMPLICIT = (1U << 31),
- PF_ALL = PF_BLOOMFILTER | PF_FORCERELAY | PF_RELAY | PF_NOBAN | PF_MEMPOOL | PF_DOWNLOAD | PF_ADDR,
+ Implicit = (1U << 31),
+ All = BloomFilter | ForceRelay | Relay | NoBan | Mempool | Download | Addr,
};
+static inline constexpr NetPermissionFlags operator|(NetPermissionFlags a, NetPermissionFlags b)
+{
+ using t = typename std::underlying_type<NetPermissionFlags>::type;
+ return static_cast<NetPermissionFlags>(static_cast<t>(a) | static_cast<t>(b));
+}
class NetPermissions
{
public:
NetPermissionFlags m_flags;
static std::vector<std::string> ToStrings(NetPermissionFlags flags);
- static inline bool HasFlag(const NetPermissionFlags& flags, NetPermissionFlags f)
+ static inline bool HasFlag(NetPermissionFlags flags, NetPermissionFlags f)
{
- return (flags & f) == f;
+ using t = typename std::underlying_type<NetPermissionFlags>::type;
+ return (static_cast<t>(flags) & static_cast<t>(f)) == static_cast<t>(f);
}
static inline void AddFlag(NetPermissionFlags& flags, NetPermissionFlags f)
{
- flags = static_cast<NetPermissionFlags>(flags | f);
+ flags = flags | f;
}
- //! ClearFlag is only called with `f` == NetPermissionFlags::PF_ISIMPLICIT.
+ //! ClearFlag is only called with `f` == NetPermissionFlags::Implicit.
//! If that should change in the future, be aware that ClearFlag should not
- //! be called with a subflag of a multiflag, e.g. NetPermissionFlags::PF_RELAY
- //! or NetPermissionFlags::PF_DOWNLOAD, as that would leave `flags` in an
+ //! be called with a subflag of a multiflag, e.g. NetPermissionFlags::Relay
+ //! or NetPermissionFlags::Download, as that would leave `flags` in an
//! invalid state corresponding to none of the existing flags.
static inline void ClearFlag(NetPermissionFlags& flags, NetPermissionFlags f)
{
- assert(f == NetPermissionFlags::PF_ISIMPLICIT);
- flags = static_cast<NetPermissionFlags>(flags & ~f);
+ assert(f == NetPermissionFlags::Implicit);
+ using t = typename std::underlying_type<NetPermissionFlags>::type;
+ flags = static_cast<NetPermissionFlags>(static_cast<t>(flags) & ~static_cast<t>(f));
}
};
diff --git a/src/net_processing.cpp b/src/net_processing.cpp
index 27ad9eefb5..fdd36835c2 100644
--- a/src/net_processing.cpp
+++ b/src/net_processing.cpp
@@ -124,11 +124,11 @@ static constexpr auto AVG_LOCAL_ADDRESS_BROADCAST_INTERVAL = 24h;
/** Average delay between peer address broadcasts */
static constexpr auto AVG_ADDRESS_BROADCAST_INTERVAL = 30s;
/** Average delay between trickled inventory transmissions for inbound peers.
- * Blocks and peers with noban permission bypass this. */
+ * Blocks and peers with NetPermissionFlags::NoBan permission bypass this. */
static constexpr auto INBOUND_INVENTORY_BROADCAST_INTERVAL = 5s;
/** Average delay between trickled inventory transmissions for outbound peers.
* Use a smaller delay as there is less privacy concern for them.
- * Blocks and peers with noban permission bypass this. */
+ * Blocks and peers with NetPermissionFlags::NoBan permission bypass this. */
static constexpr auto OUTBOUND_INVENTORY_BROADCAST_INTERVAL = 2s;
/** Maximum rate of inventory items to send per second.
* Limits the impact of low-fee transaction floods. */
@@ -183,7 +183,7 @@ struct Peer {
Mutex m_misbehavior_mutex;
/** Accumulated misbehavior score for this peer */
int m_misbehavior_score GUARDED_BY(m_misbehavior_mutex){0};
- /** Whether this peer should be disconnected and marked as discouraged (unless it has the noban permission). */
+ /** Whether this peer should be disconnected and marked as discouraged (unless it has NetPermissionFlags::NoBan permission). */
bool m_should_discourage GUARDED_BY(m_misbehavior_mutex){false};
/** Protects block inventory data members */
@@ -680,7 +680,7 @@ static void UpdatePreferredDownload(const CNode& node, CNodeState* state) EXCLUS
nPreferredDownload -= state->fPreferredDownload;
// Whether this node should be marked as a preferred download node.
- state->fPreferredDownload = (!node.IsInboundConn() || node.HasPermission(PF_NOBAN)) && !node.IsAddrFetchConn() && !node.fClient;
+ state->fPreferredDownload = (!node.IsInboundConn() || node.HasPermission(NetPermissionFlags::NoBan)) && !node.IsAddrFetchConn() && !node.fClient;
nPreferredDownload += state->fPreferredDownload;
}
@@ -960,24 +960,24 @@ void PeerManagerImpl::AddTxAnnouncement(const CNode& node, const GenTxid& gtxid,
{
AssertLockHeld(::cs_main); // For m_txrequest
NodeId nodeid = node.GetId();
- if (!node.HasPermission(PF_RELAY) && m_txrequest.Count(nodeid) >= MAX_PEER_TX_ANNOUNCEMENTS) {
+ if (!node.HasPermission(NetPermissionFlags::Relay) && m_txrequest.Count(nodeid) >= MAX_PEER_TX_ANNOUNCEMENTS) {
// Too many queued announcements from this peer
return;
}
const CNodeState* state = State(nodeid);
// Decide the TxRequestTracker parameters for this announcement:
- // - "preferred": if fPreferredDownload is set (= outbound, or PF_NOBAN permission)
+ // - "preferred": if fPreferredDownload is set (= outbound, or NetPermissionFlags::NoBan permission)
// - "reqtime": current time plus delays for:
// - NONPREF_PEER_TX_DELAY for announcements from non-preferred connections
// - TXID_RELAY_DELAY for txid announcements while wtxid peers are available
// - OVERLOADED_PEER_TX_DELAY for announcements from peers which have at least
- // MAX_PEER_TX_REQUEST_IN_FLIGHT requests in flight (and don't have PF_RELAY).
+ // MAX_PEER_TX_REQUEST_IN_FLIGHT requests in flight (and don't have NetPermissionFlags::Relay).
auto delay = std::chrono::microseconds{0};
const bool preferred = state->fPreferredDownload;
if (!preferred) delay += NONPREF_PEER_TX_DELAY;
if (!gtxid.IsWtxid() && m_wtxid_relay_peers > 0) delay += TXID_RELAY_DELAY;
- const bool overloaded = !node.HasPermission(PF_RELAY) &&
+ const bool overloaded = !node.HasPermission(NetPermissionFlags::Relay) &&
m_txrequest.CountInFlight(nodeid) >= MAX_PEER_TX_REQUEST_IN_FLIGHT;
if (overloaded) delay += OVERLOADED_PEER_TX_DELAY;
m_txrequest.ReceivedInv(nodeid, gtxid, preferred, current_time + delay);
@@ -1637,14 +1637,14 @@ void PeerManagerImpl::ProcessGetBlockData(CNode& pfrom, Peer& peer, const CInv&
// disconnect node in case we have reached the outbound limit for serving historical blocks
if (m_connman.OutboundTargetReached(true) &&
(((pindexBestHeader != nullptr) && (pindexBestHeader->GetBlockTime() - pindex->GetBlockTime() > HISTORICAL_BLOCK_AGE)) || inv.IsMsgFilteredBlk()) &&
- !pfrom.HasPermission(PF_DOWNLOAD) // nodes with the download permission may exceed target
+ !pfrom.HasPermission(NetPermissionFlags::Download) // nodes with the download permission may exceed target
) {
LogPrint(BCLog::NET, "historical block serving limit reached, disconnect peer=%d\n", pfrom.GetId());
pfrom.fDisconnect = true;
return;
}
// Avoid leaking prune-height by never sending blocks below the NODE_NETWORK_LIMITED threshold
- if (!pfrom.HasPermission(PF_NOBAN) && (
+ if (!pfrom.HasPermission(NetPermissionFlags::NoBan) && (
(((pfrom.GetLocalServices() & NODE_NETWORK_LIMITED) == NODE_NETWORK_LIMITED) && ((pfrom.GetLocalServices() & NODE_NETWORK) != NODE_NETWORK) && (m_chainman.ActiveChain().Tip()->nHeight - pindex->nHeight > (int)NODE_NETWORK_LIMITED_MIN_BLOCKS + 2 /* add two blocks buffer extension for possible races */) )
)) {
LogPrint(BCLog::NET, "Ignore block request below NODE_NETWORK_LIMITED threshold, disconnect peer=%d\n", pfrom.GetId());
@@ -2738,7 +2738,7 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
bool fBlocksOnly = m_ignore_incoming_txs || (pfrom.m_tx_relay == nullptr);
// Allow peers with relay permission to send data other than blocks in blocks only mode
- if (pfrom.HasPermission(PF_RELAY)) {
+ if (pfrom.HasPermission(NetPermissionFlags::Relay)) {
fBlocksOnly = false;
}
@@ -2952,7 +2952,7 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
}
LOCK(cs_main);
- if (m_chainman.ActiveChainstate().IsInitialBlockDownload() && !pfrom.HasPermission(PF_DOWNLOAD)) {
+ if (m_chainman.ActiveChainstate().IsInitialBlockDownload() && !pfrom.HasPermission(NetPermissionFlags::Download)) {
LogPrint(BCLog::NET, "Ignoring getheaders from peer=%d because node is in initial block download\n", pfrom.GetId());
return;
}
@@ -3011,7 +3011,7 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
// Stop processing the transaction early if
// 1) We are in blocks only mode and peer has no relay permission
// 2) This peer is a block-relay-only peer
- if ((m_ignore_incoming_txs && !pfrom.HasPermission(PF_RELAY)) || (pfrom.m_tx_relay == nullptr))
+ if ((m_ignore_incoming_txs && !pfrom.HasPermission(NetPermissionFlags::Relay)) || (pfrom.m_tx_relay == nullptr))
{
LogPrint(BCLog::NET, "transaction sent in violation of protocol peer=%d\n", pfrom.GetId());
pfrom.fDisconnect = true;
@@ -3056,7 +3056,7 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
// (older than our recency filter) if trying to DoS us, without any need
// for witness malleation.
if (AlreadyHaveTx(GenTxid(/* is_wtxid=*/true, wtxid))) {
- if (pfrom.HasPermission(PF_FORCERELAY)) {
+ if (pfrom.HasPermission(NetPermissionFlags::ForceRelay)) {
// Always relay transactions received from peers with forcerelay
// permission, even if they were already in the mempool, allowing
// the node to function as a gateway for nodes hidden behind it.
@@ -3585,7 +3585,7 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
pfrom.vAddrToSend.clear();
std::vector<CAddress> vAddr;
- if (pfrom.HasPermission(PF_ADDR)) {
+ if (pfrom.HasPermission(NetPermissionFlags::Addr)) {
vAddr = m_connman.GetAddresses(MAX_ADDR_TO_SEND, MAX_PCT_ADDR_TO_SEND);
} else {
vAddr = m_connman.GetAddresses(pfrom, MAX_ADDR_TO_SEND, MAX_PCT_ADDR_TO_SEND);
@@ -3598,9 +3598,9 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
}
if (msg_type == NetMsgType::MEMPOOL) {
- if (!(pfrom.GetLocalServices() & NODE_BLOOM) && !pfrom.HasPermission(PF_MEMPOOL))
+ if (!(pfrom.GetLocalServices() & NODE_BLOOM) && !pfrom.HasPermission(NetPermissionFlags::Mempool))
{
- if (!pfrom.HasPermission(PF_NOBAN))
+ if (!pfrom.HasPermission(NetPermissionFlags::NoBan))
{
LogPrint(BCLog::NET, "mempool request with bloom filters disabled, disconnect peer=%d\n", pfrom.GetId());
pfrom.fDisconnect = true;
@@ -3608,9 +3608,9 @@ void PeerManagerImpl::ProcessMessage(CNode& pfrom, const std::string& msg_type,
return;
}
- if (m_connman.OutboundTargetReached(false) && !pfrom.HasPermission(PF_MEMPOOL))
+ if (m_connman.OutboundTargetReached(false) && !pfrom.HasPermission(NetPermissionFlags::Mempool))
{
- if (!pfrom.HasPermission(PF_NOBAN))
+ if (!pfrom.HasPermission(NetPermissionFlags::NoBan))
{
LogPrint(BCLog::NET, "mempool request with bandwidth limit reached, disconnect peer=%d\n", pfrom.GetId());
pfrom.fDisconnect = true;
@@ -3825,8 +3825,8 @@ bool PeerManagerImpl::MaybeDiscourageAndDisconnect(CNode& pnode, Peer& peer)
peer.m_should_discourage = false;
} // peer.m_misbehavior_mutex
- if (pnode.HasPermission(PF_NOBAN)) {
- // We never disconnect or discourage peers for bad behavior if they have the NOBAN permission flag
+ if (pnode.HasPermission(NetPermissionFlags::NoBan)) {
+ // We never disconnect or discourage peers for bad behavior if they have NetPermissionFlags::NoBan permission
LogPrintf("Warning: not punishing noban peer %d!\n", peer.m_id);
return false;
}
@@ -4463,7 +4463,7 @@ bool PeerManagerImpl::SendMessages(CNode* pto)
if (pto->m_tx_relay != nullptr) {
LOCK(pto->m_tx_relay->cs_tx_inventory);
// Check whether periodic sends should happen
- bool fSendTrickle = pto->HasPermission(PF_NOBAN);
+ bool fSendTrickle = pto->HasPermission(NetPermissionFlags::NoBan);
if (pto->m_tx_relay->nNextInvSend < current_time) {
fSendTrickle = true;
if (pto->IsInboundConn()) {
@@ -4620,12 +4620,12 @@ bool PeerManagerImpl::SendMessages(CNode* pto)
// Detect whether this is a stalling initial-headers-sync peer
if (pindexBestHeader->GetBlockTime() <= GetAdjustedTime() - 24 * 60 * 60) {
if (current_time > state.m_headers_sync_timeout && nSyncStarted == 1 && (nPreferredDownload - state.fPreferredDownload >= 1)) {
- // Disconnect a peer (without the noban permission) if it is our only sync peer,
+ // Disconnect a peer (without NetPermissionFlags::NoBan permission) if it is our only sync peer,
// and we have others we could be using instead.
// Note: If all our peers are inbound, then we won't
// disconnect our sync peer for stalling; we have bigger
// problems if we can't get any outbound peers.
- if (!pto->HasPermission(PF_NOBAN)) {
+ if (!pto->HasPermission(NetPermissionFlags::NoBan)) {
LogPrintf("Timeout downloading headers from peer=%d, disconnecting\n", pto->GetId());
pto->fDisconnect = true;
return true;
@@ -4712,7 +4712,7 @@ bool PeerManagerImpl::SendMessages(CNode* pto)
!m_ignore_incoming_txs &&
pto->GetCommonVersion() >= FEEFILTER_VERSION &&
gArgs.GetBoolArg("-feefilter", DEFAULT_FEEFILTER) &&
- !pto->HasPermission(PF_FORCERELAY) // peers with the forcerelay permission should not filter txs to us
+ !pto->HasPermission(NetPermissionFlags::ForceRelay) // peers with the forcerelay permission should not filter txs to us
) {
CAmount currentFilter = m_mempool.GetMinFee(gArgs.GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000).GetFeePerK();
static FeeFilterRounder g_filter_rounder{CFeeRate{DEFAULT_MIN_RELAY_TX_FEE}};
diff --git a/src/qt/rpcconsole.cpp b/src/qt/rpcconsole.cpp
index 731d6a4eef..eed73e8ce3 100644
--- a/src/qt/rpcconsole.cpp
+++ b/src/qt/rpcconsole.cpp
@@ -1062,7 +1062,7 @@ void RPCConsole::updateDetailWidget()
ui->peerSubversion->setText(QString::fromStdString(stats->nodeStats.cleanSubVer));
ui->peerConnectionType->setText(GUIUtil::ConnectionTypeToQString(stats->nodeStats.m_conn_type, /* prepend_direction */ true));
ui->peerNetwork->setText(GUIUtil::NetworkToQString(stats->nodeStats.m_network));
- if (stats->nodeStats.m_permissionFlags == PF_NONE) {
+ if (stats->nodeStats.m_permissionFlags == NetPermissionFlags::None) {
ui->peerPermissions->setText(ts.na);
} else {
QStringList permissions;
diff --git a/src/test/fuzz/net_permissions.cpp b/src/test/fuzz/net_permissions.cpp
index 6fdf4b653c..6ea79464d0 100644
--- a/src/test/fuzz/net_permissions.cpp
+++ b/src/test/fuzz/net_permissions.cpp
@@ -25,7 +25,7 @@ FUZZ_TARGET(net_permissions)
(void)NetPermissions::ToStrings(net_whitebind_permissions.m_flags);
(void)NetPermissions::AddFlag(net_whitebind_permissions.m_flags, net_permission_flags);
assert(NetPermissions::HasFlag(net_whitebind_permissions.m_flags, net_permission_flags));
- (void)NetPermissions::ClearFlag(net_whitebind_permissions.m_flags, NetPermissionFlags::PF_ISIMPLICIT);
+ (void)NetPermissions::ClearFlag(net_whitebind_permissions.m_flags, NetPermissionFlags::Implicit);
(void)NetPermissions::ToStrings(net_whitebind_permissions.m_flags);
}
@@ -35,7 +35,7 @@ FUZZ_TARGET(net_permissions)
(void)NetPermissions::ToStrings(net_whitelist_permissions.m_flags);
(void)NetPermissions::AddFlag(net_whitelist_permissions.m_flags, net_permission_flags);
assert(NetPermissions::HasFlag(net_whitelist_permissions.m_flags, net_permission_flags));
- (void)NetPermissions::ClearFlag(net_whitelist_permissions.m_flags, NetPermissionFlags::PF_ISIMPLICIT);
+ (void)NetPermissions::ClearFlag(net_whitelist_permissions.m_flags, NetPermissionFlags::Implicit);
(void)NetPermissions::ToStrings(net_whitelist_permissions.m_flags);
}
}
diff --git a/src/test/netbase_tests.cpp b/src/test/netbase_tests.cpp
index b316a37c6e..3c47cf83e2 100644
--- a/src/test/netbase_tests.cpp
+++ b/src/test/netbase_tests.cpp
@@ -381,27 +381,27 @@ BOOST_AUTO_TEST_CASE(netpermissions_test)
// If no permission flags, assume backward compatibility
BOOST_CHECK(NetWhitebindPermissions::TryParse("1.2.3.4:32", whitebindPermissions, error));
BOOST_CHECK(error.empty());
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_ISIMPLICIT);
- BOOST_CHECK(NetPermissions::HasFlag(whitebindPermissions.m_flags, PF_ISIMPLICIT));
- NetPermissions::ClearFlag(whitebindPermissions.m_flags, PF_ISIMPLICIT);
- BOOST_CHECK(!NetPermissions::HasFlag(whitebindPermissions.m_flags, PF_ISIMPLICIT));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_NONE);
- NetPermissions::AddFlag(whitebindPermissions.m_flags, PF_ISIMPLICIT);
- BOOST_CHECK(NetPermissions::HasFlag(whitebindPermissions.m_flags, PF_ISIMPLICIT));
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::Implicit);
+ BOOST_CHECK(NetPermissions::HasFlag(whitebindPermissions.m_flags, NetPermissionFlags::Implicit));
+ NetPermissions::ClearFlag(whitebindPermissions.m_flags, NetPermissionFlags::Implicit);
+ BOOST_CHECK(!NetPermissions::HasFlag(whitebindPermissions.m_flags, NetPermissionFlags::Implicit));
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::None);
+ NetPermissions::AddFlag(whitebindPermissions.m_flags, NetPermissionFlags::Implicit);
+ BOOST_CHECK(NetPermissions::HasFlag(whitebindPermissions.m_flags, NetPermissionFlags::Implicit));
// Can set one permission
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_BLOOMFILTER);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::BloomFilter);
BOOST_CHECK(NetWhitebindPermissions::TryParse("@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_NONE);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::None);
NetWhitebindPermissions noban, noban_download, download_noban, download;
// "noban" implies "download"
BOOST_REQUIRE(NetWhitebindPermissions::TryParse("noban@1.2.3.4:32", noban, error));
- BOOST_CHECK_EQUAL(noban.m_flags, NetPermissionFlags::PF_NOBAN);
- BOOST_CHECK(NetPermissions::HasFlag(noban.m_flags, NetPermissionFlags::PF_DOWNLOAD));
- BOOST_CHECK(NetPermissions::HasFlag(noban.m_flags, NetPermissionFlags::PF_NOBAN));
+ BOOST_CHECK_EQUAL(noban.m_flags, NetPermissionFlags::NoBan);
+ BOOST_CHECK(NetPermissions::HasFlag(noban.m_flags, NetPermissionFlags::Download));
+ BOOST_CHECK(NetPermissions::HasFlag(noban.m_flags, NetPermissionFlags::NoBan));
// "noban,download" is equivalent to "noban"
BOOST_REQUIRE(NetWhitebindPermissions::TryParse("noban,download@1.2.3.4:32", noban_download, error));
@@ -413,31 +413,31 @@ BOOST_AUTO_TEST_CASE(netpermissions_test)
// "download" excludes (does not imply) "noban"
BOOST_REQUIRE(NetWhitebindPermissions::TryParse("download@1.2.3.4:32", download, error));
- BOOST_CHECK_EQUAL(download.m_flags, NetPermissionFlags::PF_DOWNLOAD);
- BOOST_CHECK(NetPermissions::HasFlag(download.m_flags, NetPermissionFlags::PF_DOWNLOAD));
- BOOST_CHECK(!NetPermissions::HasFlag(download.m_flags, NetPermissionFlags::PF_NOBAN));
+ BOOST_CHECK_EQUAL(download.m_flags, NetPermissionFlags::Download);
+ BOOST_CHECK(NetPermissions::HasFlag(download.m_flags, NetPermissionFlags::Download));
+ BOOST_CHECK(!NetPermissions::HasFlag(download.m_flags, NetPermissionFlags::NoBan));
// Happy path, can parse flags
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom,forcerelay@1.2.3.4:32", whitebindPermissions, error));
// forcerelay should also activate the relay permission
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_BLOOMFILTER | PF_FORCERELAY | PF_RELAY);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::BloomFilter | NetPermissionFlags::ForceRelay | NetPermissionFlags::Relay);
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom,relay,noban@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_BLOOMFILTER | PF_RELAY | PF_NOBAN);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::BloomFilter | NetPermissionFlags::Relay | NetPermissionFlags::NoBan);
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom,forcerelay,noban@1.2.3.4:32", whitebindPermissions, error));
BOOST_CHECK(NetWhitebindPermissions::TryParse("all@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_ALL);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::All);
// Allow dups
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom,relay,noban,noban@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_BLOOMFILTER | PF_RELAY | PF_NOBAN | PF_DOWNLOAD); // "noban" implies "download"
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::BloomFilter | NetPermissionFlags::Relay | NetPermissionFlags::NoBan | NetPermissionFlags::Download); // "noban" implies "download"
// Allow empty
BOOST_CHECK(NetWhitebindPermissions::TryParse("bloom,relay,,noban@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_BLOOMFILTER | PF_RELAY | PF_NOBAN);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::BloomFilter | NetPermissionFlags::Relay | NetPermissionFlags::NoBan);
BOOST_CHECK(NetWhitebindPermissions::TryParse(",@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_NONE);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::None);
BOOST_CHECK(NetWhitebindPermissions::TryParse(",,@1.2.3.4:32", whitebindPermissions, error));
- BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, PF_NONE);
+ BOOST_CHECK_EQUAL(whitebindPermissions.m_flags, NetPermissionFlags::None);
// Detect invalid flag
BOOST_CHECK(!NetWhitebindPermissions::TryParse("bloom,forcerelay,oopsie@1.2.3.4:32", whitebindPermissions, error));
@@ -449,16 +449,16 @@ BOOST_AUTO_TEST_CASE(netpermissions_test)
// Happy path for whitelist parsing
BOOST_CHECK(NetWhitelistPermissions::TryParse("noban@1.2.3.4", whitelistPermissions, error));
- BOOST_CHECK_EQUAL(whitelistPermissions.m_flags, PF_NOBAN);
- BOOST_CHECK(NetPermissions::HasFlag(whitelistPermissions.m_flags, NetPermissionFlags::PF_NOBAN));
+ BOOST_CHECK_EQUAL(whitelistPermissions.m_flags, NetPermissionFlags::NoBan);
+ BOOST_CHECK(NetPermissions::HasFlag(whitelistPermissions.m_flags, NetPermissionFlags::NoBan));
BOOST_CHECK(NetWhitelistPermissions::TryParse("bloom,forcerelay,noban,relay@1.2.3.4/32", whitelistPermissions, error));
- BOOST_CHECK_EQUAL(whitelistPermissions.m_flags, PF_BLOOMFILTER | PF_FORCERELAY | PF_NOBAN | PF_RELAY);
+ BOOST_CHECK_EQUAL(whitelistPermissions.m_flags, NetPermissionFlags::BloomFilter | NetPermissionFlags::ForceRelay | NetPermissionFlags::NoBan | NetPermissionFlags::Relay);
BOOST_CHECK(error.empty());
BOOST_CHECK_EQUAL(whitelistPermissions.m_subnet.ToString(), "1.2.3.4/32");
BOOST_CHECK(NetWhitelistPermissions::TryParse("bloom,forcerelay,noban,relay,mempool@1.2.3.4/32", whitelistPermissions, error));
- const auto strings = NetPermissions::ToStrings(PF_ALL);
+ const auto strings = NetPermissions::ToStrings(NetPermissionFlags::All);
BOOST_CHECK_EQUAL(strings.size(), 7U);
BOOST_CHECK(std::find(strings.begin(), strings.end(), "bloomfilter") != strings.end());
BOOST_CHECK(std::find(strings.begin(), strings.end(), "forcerelay") != strings.end());
diff --git a/src/test/util/net.h b/src/test/util/net.h
index 9268d60a1e..71685d437a 100644
--- a/src/test/util/net.h
+++ b/src/test/util/net.h
@@ -46,16 +46,16 @@ constexpr ServiceFlags ALL_SERVICE_FLAGS[]{
};
constexpr NetPermissionFlags ALL_NET_PERMISSION_FLAGS[]{
- NetPermissionFlags::PF_NONE,
- NetPermissionFlags::PF_BLOOMFILTER,
- NetPermissionFlags::PF_RELAY,
- NetPermissionFlags::PF_FORCERELAY,
- NetPermissionFlags::PF_NOBAN,
- NetPermissionFlags::PF_MEMPOOL,
- NetPermissionFlags::PF_ADDR,
- NetPermissionFlags::PF_DOWNLOAD,
- NetPermissionFlags::PF_ISIMPLICIT,
- NetPermissionFlags::PF_ALL,
+ NetPermissionFlags::None,
+ NetPermissionFlags::BloomFilter,
+ NetPermissionFlags::Relay,
+ NetPermissionFlags::ForceRelay,
+ NetPermissionFlags::NoBan,
+ NetPermissionFlags::Mempool,
+ NetPermissionFlags::Addr,
+ NetPermissionFlags::Download,
+ NetPermissionFlags::Implicit,
+ NetPermissionFlags::All,
};
constexpr ConnectionType ALL_CONNECTION_TYPES[]{