aboutsummaryrefslogtreecommitdiff
path: root/src/addrman.cpp
AgeCommit message (Collapse)Author
2020-01-29Merge #16702: p2p: supplying and using asmap to improve IP bucketing in addrmanWladimir J. van der Laan
3c1bc40205a3fcab606e70b0e3c13d68b2860e34 Add extra logging of asmap use and bucketing (Gleb Naumenko) e4658aa8eaf1629dd5af8cf7b9717a8e72028251 Return mapped AS in RPC call getpeerinfo (Gleb Naumenko) ec45646de9e62b3d42c85716bfeb06d8f2b507dc Integrate ASN bucketing in Addrman and add tests (Gleb Naumenko) 8feb4e4b667361bf23344149c01594abebd56fdb Add asmap utility which queries a mapping (Gleb Naumenko) Pull request description: This PR attempts to solve the problem explained in #16599. A particular attack which encouraged us to work on this issue is explained here [[Erebus Attack against Bitcoin Peer-to-Peer Network](https://erebus-attack.comp.nus.edu.sg/)] (by @muoitranduc) Instead of relying on /16 prefix to diversify the connections every node creates, we would instead rely on the (ip -> ASN) mapping, if this mapping is provided. A .map file can be created by every user independently based on a router dump, or provided along with the Bitcoin release. Currently we use the python scripts written by @sipa to create a .map file, which is no larger than 2MB (awesome!). Here I suggest adding a field to peers.dat which would represent a hash of asmap file used while serializing addrman (or 0 for /16 prefix legacy approach). In this case, every time the file is updated (or grouping method changed), all buckets will be re-computed. I believe that alternative selective re-bucketing for only updated ranges would require substantial changes. TODO: - ~~more unit tests~~ - ~~find a way to test the code without including >1 MB mapping file in the repo.~~ - find a way to check that mapping file is not corrupted (checksum?) - comments and separate tests for asmap.cpp - make python code for .map generation public - figure out asmap distribution (?) ~Interesting corner case: I’m using std::hash to compute a fingerprint of asmap, and std::hash returns size_t. I guess if a user updates the OS to 64-bit, then the hash of asap will change? Does it even matter?~ ACKs for top commit: laanwj: re-ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 jamesob: ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 ([`jamesob/ackr/16702.3.naumenkogs.p2p_supplying_and_using`](https://github.com/jamesob/bitcoin/tree/ackr/16702.3.naumenkogs.p2p_supplying_and_using)) jonatack: ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 Tree-SHA512: e2dc6171188d5cdc2ab2c022fa49ed73a14a0acb8ae4c5ffa970172a0365942a249ad3d57e5fb134bc156a3492662c983f74bd21e78d316629dcadf71576800c
2020-01-23Add extra logging of asmap use and bucketingGleb Naumenko
2019-12-30scripted-diff: Bump copyright of files changed in 2019MarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2019-12-25Integrate ASN bucketing in Addrman and add testsGleb Naumenko
Instead of using /16 netgroups to bucket nodes in Addrman for connection diversification, ASN, which better represents an actor in terms of network-layer infrastructure, is used. For testing, asmap.raw is used. It represents a minimal asmap needed for testing purposes.
2019-06-02Make reasoning about dependencies easier by not including unused dependenciespracticalswift
2019-03-01[addrman] Improve collision logging and address nitsSuhas Daftuar
2019-02-27[addrman] Ensure collisions eventually get resolvedSuhas Daftuar
After 40 minutes, time out a test-before-evict entry and just evict without testing. Otherwise, if we were unable to test an entry for some reason, we might break using feelers altogether.
2019-02-26[addrman] Improve tried table collision loggingSuhas Daftuar
2018-12-12Make addrman use its local RNG exclusivelyPieter Wuille
2018-09-18uint256: Remove unnecessary crypto/common.h useKarl-Johan Alm
2018-07-27Update copyright headers to 2018DrahtBot
2018-07-24scripted-diff: Remove trailing whitespacesJoão Barbosa
-BEGIN VERIFY SCRIPT- sed --in-place'' --regexp-extended 's/[[:space:]]+$//g' $(git grep -I --files-with-matches --extended-regexp '[[:space:]]+$' -- src test ':!*.svg' ':!src/crypto/sha256_sse4*' ':!src/leveldb' ':!src/qt/locale' ':!src/secp256k1' ':!src/univalue') -END VERIFY SCRIPT-
2018-03-06net: Correct addrman loggingWladimir J. van der Laan
These were introduced in #9037. Found by @theuni.
2018-03-06Add test-before-evict discipline to addrmanEthan Heilman
Changes addrman to use the test-before-evict discipline in which an address is to be evicted from the tried table is first tested and if it is still online it is not evicted. Adds tests to provide test coverage for this change. This change was suggested as Countermeasure 3 in Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report 2015/263. March 2015.
2018-01-29Merge #11577: Fix warnings (-Wsign-compare) when building with DEBUG_ADDRMANWladimir J. van der Laan
6eddd43 Fix warnings when building with DEBUG_ADDRMAN (practicalswift) Pull request description: Fix warnings when building with `DEBUG_ADDRMAN`. Warnings prior to this commit: ``` addrman.cpp:390:24: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (vRandom.size() != nTried + nNew) ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~ addrman.cpp:411:52: warning: comparison of integers of different signs: 'int' and 'size_type' (aka 'unsigned long') [-Wsign-compare] if (info.nRandomPos < 0 || info.nRandomPos >= vRandom.size() || vRandom[info.nRandomPos] != n) ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~ addrman.cpp:419:25: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (setTried.size() != nTried) ~~~~~~~~~~~~~~~ ^ ~~~~~~ addrman.cpp:421:23: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (mapNew.size() != nNew) ~~~~~~~~~~~~~ ^ ~~~~ 4 warnings generated. ``` Tree-SHA512: 0316faecfe95066d2c9a0b6b3960086e43824f21a67086a895ea45fbce1327f8d6df5945fe923c2dbe4efce430bc1384d515d317c3930d97d24965e507cf734d
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-11-30Merge #10493: Use range-based for loops (C++11) when looping over map elementsMarcoFalke
680bc2cbb Use range-based for loops (C++11) when looping over map elements (practicalswift) Pull request description: Before this commit: ```c++ for (std::map<T1, T2>::iterator x = y.begin(); x != y.end(); ++x) { T1 z = (*x).first; … } ``` After this commit: ```c++ for (auto& x : y) { T1 z = x.first; … } ``` Tree-SHA512: 954b136b7f5e6df09f39248a6b530fd9baa9ab59d7c2c7eb369fd4afbb591b7a52c92ee25f87f1745f47b41d6828b7abfd395b43daf84a55b4e6a3d45015e3a0
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-10-30Fix warnings when building with DEBUG_ADDRMANpracticalswift
Warnings prior to this commit: ``` addrman.cpp:390:24: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (vRandom.size() != nTried + nNew) ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~ addrman.cpp:411:52: warning: comparison of integers of different signs: 'int' and 'size_type' (aka 'unsigned long') [-Wsign-compare] if (info.nRandomPos < 0 || info.nRandomPos >= vRandom.size() || vRandom[info.nRandomPos] != n) ~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~ addrman.cpp:419:25: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (setTried.size() != nTried) ~~~~~~~~~~~~~~~ ^ ~~~~~~ addrman.cpp:421:23: warning: comparison of integers of different signs: 'size_type' (aka 'unsigned long') and 'int' [-Wsign-compare] if (mapNew.size() != nNew) ~~~~~~~~~~~~~ ^ ~~~~ 4 warnings generated. ```
2017-10-09Use range-based for loops (C++11) when looping over map elementspracticalswift
Before this commit: for (std::map<T1, T2>::iterator x = y.begin(); x != y.end(); ++x) { } After this commit: for (auto& x : y) { }
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-04-24Merge #9792: FastRandomContext improvements and switch to ChaCha20Wladimir J. van der Laan
4fd2d2f Add a FastRandomContext::randrange and use it (Pieter Wuille) 1632922 Switch FastRandomContext to ChaCha20 (Pieter Wuille) e04326f Add ChaCha20 (Pieter Wuille) 663fbae FastRandom benchmark (Pieter Wuille) c21cbe6 Introduce FastRandomContext::randbool() (Pieter Wuille) Tree-SHA512: 7fff61e3f6d6dc6ac846ca643d877b377db609646dd401a0e8f50b052c6b9bcd2f5fc34de6bbf28f04afd1724f6279ee163ead5f37d724fb782a00239f35db1d
2017-04-01Change LogAcceptCategory to use uint32_t rather than sets of strings.Gregory Maxwell
This changes the logging categories to boolean flags instead of strings. This simplifies the acceptance testing by avoiding accessing a scoped static thread local pointer to a thread local set of strings. It eliminates the only use of boost::thread_specific_ptr outside of lockorder debugging. This change allows log entries to be directed to multiple categories and makes it easy to change the logging flags at runtime (e.g. via an RPC, though that isn't done by this commit.) It also eliminates the fDebug global. Configuration of unknown logging categories now produces a warning.
2017-03-29Switch FastRandomContext to ChaCha20Pieter Wuille
2017-02-07Use z = std::max(x - y, 0); instead of z = x - y; if (z < 0) z = 0;practicalswift
2017-02-07Merge #9532: Remove unused variablesWladimir J. van der Laan
90fd29b Remove unused int64_t nSinceLastSeen (practicalswift) ac4a095 Remove unused Python variables (practicalswift)
2017-01-27[trivial] Fix typos in commentspracticalswift
2017-01-13Remove unused int64_t nSinceLastSeenpracticalswift
2016-12-31Increment MIT Licence copyright header year on files modified in 2016isle2983
Edited via: $ contrib/devtools/copyright_header.py update .
2016-10-17Kill insecure_random and associated global stateWladimir J. van der Laan
There are only a few uses of `insecure_random` outside the tests. This PR replaces uses of insecure_random (and its accompanying global state) in the core code with an FastRandomContext that is automatically seeded on creation. This is meant to be used for inner loops. The FastRandomContext can be in the outer scope, or the class itself, then rand32() is used inside the loop. Useful e.g. for pushing addresses in CNode or the fee rounding, or randomization for coin selection. As a context is created per purpose, thus it gets rid of cross-thread unprotected shared usage of a single set of globals, this should also get rid of the potential race conditions. - I'd say TxMempool::check is not called enough to warrant using a special fast random context, this is switched to GetRand() (open for discussion...) - The use of `insecure_rand` in ConnectThroughProxy has been replaced by an atomic integer counter. The only goal here is to have a different credentials pair for each connection to go on a different Tor circuit, it does not need to be random nor unpredictable. - To avoid having a FastRandomContext on every CNode, the context is passed into PushAddress as appropriate. There remains an insecure_random for test usage in `test_random.h`.
2016-09-03Do not set an addr time penalty when a peer advertises itself.Gregory Maxwell
Claims a peer makes about itself are inherently more credible.
2016-06-13Introduce enum ServiceFlags for service flagsPieter Wuille
2016-06-13Keep addrman's nService bits consistent with outbound observationsPieter Wuille
2016-05-26Do not increment nAttempts by more than one for every Good connection.Gregory Maxwell
This slows the increase of the nAttempts in addrman while partitioned, even if the node hasn't yet noticed the partitioning.
2016-05-26Avoid counting failed connect attempts when probably offline.Gregory Maxwell
If a node is offline failed outbound connection attempts will crank up the addrman counter and effectively blow away our state. This change reduces the problem by only counting attempts made while the node believes it has outbound connections to at least two netgroups. Connect and addnode connections are also not counted, as there is no reason to unequally penalize them for their more frequent connections -- though there should be no real effect from this unless their addnode configureation is later removed. Wasteful repeated connection attempts while only a few connections are up are avoided via nLastTry. This is still somewhat incomplete protection because our outbound peers could be down but not timed out or might all be on 'local' networks (although the requirement for multiple netgroups helps).
2016-01-28Merge #7212: Adds unittests for CAddrMan and CAddrinfo, removes source of ↵Wladimir J. van der Laan
non-determinism. 40c87b6 Increase test coverage for addrman and addrinfo (Ethan Heilman)
2016-01-27Increase test coverage for addrman and addrinfoEthan Heilman
Adds several unittests for CAddrMan and CAddrInfo. Increases the accuracy of addrman tests. Removes non-determinism in tests by overriding the random number generator. Extracts testing code from addrman class to test class.
2016-01-05Add missing copyright headersMarcoFalke
2015-09-24Creates unittests for addrman, makes addrman testable.EthanHeilman
Adds several unittests for addrman to verify it works as expected. Makes small modifications to addrman to allow deterministic and targeted tests.
2015-08-26Improve addrman Select() performance when buckets are nearly emptyPieter Wuille
2015-06-15remove using namespace std from addrman.cppPhilip Kaufmann
2015-04-24Merge pull request #6028Wladimir J. van der Laan
1d5b47a nLastTry is only used for addrman entries (Pieter Wuille)
2015-04-19Cap nAttempts penalty at 8 and switch to pow instead of a division loop.Gregory Maxwell
On hosts that had spent some time with a failed internet connection their nAttempts penalty was going through the roof (e.g. thousands for all peers) and as a result the connect search was pegging the CPU and failing to get more than a 4 connections after days of running (because it was taking so long per try).
2015-04-19nLastTry is only used for addrman entriesPieter Wuille
No need to define it for every CAddress, as it's memory only anyway.
2015-03-23Always use a 50% chance to choose between tried and new entriesPieter Wuille
This change was suggested as Countermeasure 2 in Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report 2015/263. March 2015.
2015-03-23Do not bias outgoing connections towards fresh addressesPieter Wuille
This change was suggested as Countermeasure 2 in Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report 2015/263. March 2015.
2015-03-23Simplify hashing codePieter Wuille
2015-03-23Make addrman's bucket placement deterministic.Pieter Wuille
Give each address a single fixed location in the new and tried tables, which become simple fixed-size arrays instead of sets and vectors. This prevents attackers from having an advantages by inserting an address multiple times. This change was suggested as Countermeasure 1 in Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report 2015/263. March 2015. It is also more efficient.
2015-03-23Switch addrman key from vector to uint256Pieter Wuille
2015-03-17Reduce fingerprinting through timestamps in 'addr' messages.Pieter Wuille
Suggested by Jonas Nick.