aboutsummaryrefslogtreecommitdiff
path: root/src/net.h
AgeCommit message (Collapse)Author
2019-05-09net: Rename ::fRelayTxes to ::g_relay_txesMarcoFalke
This helps to distinguish it from CNode::fRelayTxes and avoid bugs like 425278d17bd0edf8a3a7cc81e55016f7fd8e7726
2019-04-04Merge #15654: net: Remove unused unsanitized user agent string CNode::strSubVerMarcoFalke
fa8548c5d1 net: Remove unused unsanitized user agent string CNode::strSubVer (MarcoFalke) Pull request description: I fail to see a use case for this unsanitized byte array. In fact this can easily be confused with `cleanSubVer` and be displayed to the user (or logged) by a simple typo that is hard to find in review. Further reading: https://btcinformation.org/en/developer-reference#version ACKs for commit fa8548: promag: utACK fa8548c, good catch. practicalswift: utACK fa8548c5d13957f57f9b1e20e03002600962f7f0 sipa: utACK fa8548c5d13957f57f9b1e20e03002600962f7f0 Tree-SHA512: 3c3ff1504d1583ad099df9a6aa761458a82ec48a58ef7aaa9b5679a5281dd1b59036ba2932ed708488951a565b669a3083ef70be5a58472ff8677b971162ae2f
2019-03-23net: Remove unused unsanitized user agent string CNode::strSubVerMarcoFalke
2019-03-22Interrupt orphan processing after every transactionPieter Wuille
This makes orphan processing work like handling getdata messages: After every actual transaction validation attempt, interrupt processing to deal with messages arriving from other peers.
2019-02-08Merge #15201: net: Add missing locking annotation for vNodes. vNodes is ↵MarcoFalke
guarded by cs_vNodes. eea02be70e Add locking annotation for vNodes. vNodes is guarded by cs_vNodes. (practicalswift) Pull request description: Add locking annotation for `vNodes`. `vNodes` is guarded by `cs_vNodes`. Tree-SHA512: b1e18be22ba5b9dd153536380321b09b30a75a20575f975af9af94164f51982b32267ba0994e77c801513b59da05d923a974a9d2dfebdac48024c4bda98b53af
2019-02-06Change in transaction pull scheduling to prevent InvBlock-related attacksGleb Naumenko
Co-authored-by: Suhas Daftuar <sdaftuar@gmail.com>
2019-01-29Merge #14929: net: Allow connections from misbehavior banned peersJonas Schnelli
0297be61a Allow connections from misbehavior banned peers. (Gregory Maxwell) Pull request description: This allows incoming connections from peers which are only banned due to an automatic misbehavior ban if doing so won't fill inbound. These peers are preferred for eviction when inbound fills, but may still be kept if they fall into the protected classes. This eviction preference lasts the entire life of the connection even if the ban expires. If they misbehave again they'll still get disconnected. The main purpose of banning on misbehavior is to prevent our connections from being wasted on unhelpful peers such as ones running incompatible consensus rules. For inbound peers this can be better accomplished with eviction preferences. A secondary purpose was to reduce resource waste from repeated abuse but virtually any attacker can get a nearly unlimited supply of addresses, so disconnection is about the best we can do. This can reduce the potential from negative impact due to incorrect misbehaviour bans. Tree-SHA512: 03bc8ec8bae365cc437daf70000c8f2edc512e37db821bc4e0fafa6cf56cc185e9ab40453aa02445f48d6a2e3e7268767ca2017655aca5383108416f1e2cf20f
2019-01-24Trivial: fixup a few doxygen commentsBen Woosley
These were not declared properly, so their results are not properly processed. E.g.: https://dev.visucore.com/bitcoin/doxygen/rpcdump_8cpp.html#a994c8748aaa60fbb78009ff8a0638dea https://dev.visucore.com/bitcoin/doxygen/coins_8cpp.html#aa03af24ef3570144b045f4fca7a0d603 https://dev.visucore.com/bitcoin/doxygen/wallet_2wallet_8cpp.html#a5c2a7725ff8796f03471f844ecded3d9
2019-01-22Allow connections from misbehavior banned peers.Gregory Maxwell
This allows incoming connections from peers which are only banned due to an automatic misbehavior ban if doing so won't fill inbound. These peers are preferred for eviction when inbound fills, but may still be kept if they fall into the protected classes. This eviction preference lasts the entire life of the connection even if the ban expires. If they misbehave again they'll still get disconnected. The main purpose of banning on misbehavior is to prevent our connections from being wasted on unhelpful peers such as ones running incompatible consensus rules. For inbound peers this can be better accomplished with eviction preferences. A secondary purpose was to reduce resource waste from repeated abuse but virtually any attacker can get a nearly unlimited supply of addresses, so disconnection is about the best we can do.
2019-01-21Merge #14605: Return of the BanmanWladimir J. van der Laan
18185b57c32d0a43afeca4c125b9352c692923e9 scripted-diff: batch-recase BanMan variables (Carl Dong) c2e04d37f3841d109c1fe60693f9622e2836cc29 banman: Add, use CBanEntry ctor that takes ban reason (Carl Dong) 1ffa4ce27d4ea6c1067d8984455df97994c7713e banman: reformulate nBanUtil calculation (Carl Dong) daae598feb034f2f56e0b00ecfb4854d693d3641 banman: add thread annotations and mark members const where possible (Cory Fields) 84fc3fbd0304a7d6e660bf783c84bed2dd415141 scripted-diff: batch-rename BanMan members (Cory Fields) af3503d903b1a608cd212e2d74b274103199078c net: move BanMan to its own files (Cory Fields) d0469b2e9386a7a4b268cb9725347e7517acace6 banman: pass in default ban time as a parameter (Cory Fields) 2e56702ecedd83c4b7cb8de9de5c437c8c08e645 banman: pass the banfile path in (Cory Fields) 4c0d961eb0d7825a1e6f8389d7f5545114ee18c6 banman: create and split out banman (Cory Fields) 83c1ea2e5e66b8a83072e3d5ad6a4ced406eb1ba net: split up addresses/ban dumps in preparation for moving them (Cory Fields) 136bd7926c72659dd277a7b795ea17f72e523338 tests: remove member connman/peerLogic in TestingSetup (Cory Fields) 7cc2b9f6786f9bc33853220551eed33ca6b7b7b2 net: Break disconnecting out of Ban() (Cory Fields) Pull request description: **Old English à la Beowulf** ``` Banman wæs bréme --blaéd wíde sprang-- Connmanes eafera Coreum in. aéglaéca léodum forstandan Swá bealdode bearn Connmanes guma gúðum cúð gódum daédum· dréah æfter dóme· nealles druncne slóg ``` **Modern English Translation** ``` Banman was famed --his renown spread wide-- Conman's hier, in Core-land. against the evil creature defend the people Thus he was bold, the son of Connman man famed in war, for good deeds; he led his life for glory, never, having drunk, slew ``` -- With @theuni's blessing, here is Banman, rebased. Original PR: https://github.com/bitcoin/bitcoin/pull/11457 -- Followup PRs: 1. Give `CNode` a `Disconnect` method ([source](https://github.com/bitcoin/bitcoin/pull/14605#discussion_r248065847)) 2. Add a comment to `std::atomic_bool fDisconnect` in `net.h` that setting this to true will cause the node to be disconnected the next time `DisconnectNodes()` runs ([source](https://github.com/bitcoin/bitcoin/pull/14605#discussion_r248384309)) Tree-SHA512: 9c207edbf577415c22c9811113e393322d936a843d4ff265186728152a67c057779ac4d4f27b895de9729f7a53e870f828b9ebc8bcdab757520c2aebe1e9be35
2019-01-19Add locking annotation for vNodes. vNodes is guarded by cs_vNodes.practicalswift
2019-01-17Add comment describing fDisconnect behaviorCarl Dong
2019-01-16net: move BanMan to its own filesCory Fields
2019-01-16banman: pass in default ban time as a parameterCory Fields
Removes the dependency on arg parsing.
2019-01-16banman: pass the banfile path inCory Fields
There's no need to hard-code the path here. Passing it in means that there are no ordering concerns wrt establishing the datadir.
2019-01-16banman: create and split out banmanCory Fields
Some say he has always been.
2019-01-16net: Break disconnecting out of Ban()Cory Fields
These are separate events which need to be carried out by separate subsystems. This also cleans up some whitespace and tabs in qt to avoid getting flagged by the linter. Current behavior is preserved.
2019-01-14Merge #15144: [refactor] CNode: Use C++11 default member initializersWladimir J. van der Laan
fac2f5ecae96dd11057977ce988501e18bb162c6 Use C++11 default member initializers (MarcoFalke) Pull request description: The second and last change on this topic (c.f. #15109). Split up because the diff would otherwise interleave, making review harder than necessary. This is not a stylistic change, but a change that avoids bugs such as: * fix uninitialized read when stringifying an addrLocal #14728 * qt: Initialize members in WalletModel #12426 * net: correctly initialize nMinPingUsecTime #6636 * ... Tree-SHA512: 547ae72b87aeaed5890eb5fdcff612bfc93354632b238d89e1e1c0487187f39609bcdc537ef21345e0aea8cfcf1ea48da432d672c5386dd87cf58742446a86b1
2019-01-13Drop IsLimited in favor of IsReachableBen Woosley
These two methods have had the same meaning, but inverted, since 110b62f06992d0fb989153afff2dc3aea62a674f. Having one name for a single concept simplifies the code.
2019-01-10Use C++11 default member initializersMarcoFalke
2019-01-09Merge #15109: refactor: Use C++11 default member initializersWladimir J. van der Laan
fa2510d5c1cdf9c2cd5cc9887302ced4378c7202 Use C++11 default member initializers (MarcoFalke) Pull request description: Changes: * Remove unused constructors that leave some members uninitialized * Remove manual initialization in each constructor and prefer C++11 default member initializers This is not a stylistic change, but a change that avoids bugs such as: * fix uninitialized read when stringifying an addrLocal #14728 * qt: Initialize members in WalletModel #12426 * net: correctly initialize nMinPingUsecTime #6636 * ... Tree-SHA512: 0f896f3b9fcc464d5fc7525f7c86343ef9ce9fb13425fbc68e9a9728fd8710c2b4e2fd039ee08279ea41ff20fd92b7185cf5cca95a0bcb6a5340a1e6f03cae6b
2019-01-05Use C++11 default member initializersMarcoFalke
2019-01-03rpc: Document bytessent_per_msg and bytesrecv_per_msgMarcoFalke
2019-01-02Merge #14336: net: implement pollWladimir J. van der Laan
4927bf2f257ac53569978980eaf1f61c2c6b04cc Increase maxconnections limit when using poll. (Patrick Strateman) 11cc491a288a73e911be24a285e12abd57df7d04 Implement poll() on systems which support it properly. (Patrick Strateman) 28211a4bc9c65859b641b81a0541726a0e01988f Move SocketEvents logic to private method. (Patrick Strateman) 7e403c0ae705455aa66f7df9a9a99f462fd4e9a8 Move GenerateSelectSet logic to private method. (Patrick Strateman) 1e6afd0dbc1c581435588e1e9bb419a035b81028 Introduce and use constant SELECT_TIMEOUT_MILLISECONDS. (Patrick Strateman) Pull request description: Implement poll() on systems which support it properly. This eliminates the restriction on maximum socket descriptor number. Tree-SHA512: b945cd9294afdafcce96d547f67679d5cdd684cf257904a239cd1248de3b5e093b8d6d28d8d1b7cc923dc0b2b5723faef9bc9bf118a9ce1bdcf357c2323f5573
2018-12-04Merge #14733: P2P: Make peer timeout configurable, speed up very slow test ↵Wladimir J. van der Laan
and ensure correct code path tested. 48b37db50 make peertimeout a debug argument, remove error message translation (Zain Iqbal Allarakhia) 8042bbfbf p2p: allow p2ptimeout to be configurable, speed up slow test (Zain Iqbal Allarakhia) Pull request description: **Summary:** 1. _Primary_: Adds a `debug_only=true` flag for peertimeout, defaults to 60 sec., the current hard-coded setting. 2. _Secondary_: Drastically speeds up `p2p_timeout.py` test. 3. _Secondary_: Tests that the correct code path is being tested by adding log assertions to the test. **Rationale:** - P2P timeout was hard-coded: make it explicitly specified and configurable, instead of a magic number. - Addresses #13518; `p2p_timeout.py` takes 4 sec. to run instead of 61 sec. - Makes `p2p_timeout.py` more explicit. Previously, we relied on a comment to inform us of the timeout amount being tested. Now it is specified directly in the test via passing in the new arg; `-peertimeout=3`. - Opens us up to testing more P2P scenarios; oftentimes slow tests are the reason we don't test. **Locally verified changes:** _With Proposed Change (4.7 sec.):_ ``` $ time ./test/functional/p2p_timeouts.py 2018-11-19T00:04:19.077000Z TestFramework (INFO): Initializing test directory /tmp/testhja7g2n7 2018-11-19T00:04:23.479000Z TestFramework (INFO): Stopping nodes 2018-11-19T00:04:23.683000Z TestFramework (INFO): Cleaning up /tmp/testhja7g2n7 on exit 2018-11-19T00:04:23.683000Z TestFramework (INFO): Tests successful real 0m4.743s ``` _Currently on master (62.8 sec.):_ ``` $ time ./test/functional/p2p_timeouts.py 2018-11-19T00:06:10.948000Z TestFramework (INFO): Initializing test directory /tmp/test6mo6k21h 2018-11-19T00:07:13.376000Z TestFramework (INFO): Stopping nodes 2018-11-19T00:07:13.631000Z TestFramework (INFO): Cleaning up /tmp/test6mo6k21h on exit 2018-11-19T00:07:13.631000Z TestFramework (INFO): Tests successful real 1m2.836s ``` _Error message demonstrated for new argument `-peertimeout`:_ ``` $ ./bitcoind -peertimeout=-5 ... Error: peertimeout cannot be configured with a negative value. ``` Tree-SHA512: ff7a244ebea54c4059407bf4fb86465714e6a79cef5d2bcaa22cfe831a81761aaf597ba4d5172fc2ec12266f54712216fc41b5d24849e5d9dab39ba6f09e3a2a
2018-11-30Move SocketEvents logic to private method.Patrick Strateman
This separates the select() logic from the socket handling logic, setting up for a switch to poll().
2018-11-30Move GenerateSelectSet logic to private method.Patrick Strateman
This separates the socket event collection logic from the logic deciding which events we're interested in at all.
2018-11-28p2p: allow p2ptimeout to be configurable, speed up slow testZain Iqbal Allarakhia
2018-11-28Add missing locking annotationspracticalswift
2018-11-20Convert comments to thread safety annotationsMarcoFalke
2018-11-05Extract CSipHasher to it's own file in crypto/ directory.Jim Posen
This is a move-only commit with the exception of changes to includes.
2018-10-16Merge #14335: net: refactor: cleanup ThreadSocketHandlerWladimir J. van der Laan
032488e6e7b4c2d37f3f434d575d25806ddcb0b0 Move SocketHandler logic to private method. (Patrick Strateman) 2af9cff11ad3ef27893b4b2009ddbfcb208554a9 Move InactivityCheck logic to private method. (Patrick Strateman) 7479b63d9109ccaf3708a92dc65dc24556576551 Move DisconnectNodes logic to private method. (Patrick Strateman) edb5350c32cdf7f8487777b5cc1a2ebfcdfc9e75 Move NotifyNumConnectionsChanged logic to private method. (Patrick Strateman) Pull request description: Working towards using poll() on unix like systems. A number of small changes designed to separate the actual socket handling from the rest of the logic in ThreadSocketHandler. This is a simpler version of #14147 Tree-SHA512: 72f35c8ef7649019dcbfe19537d8c9f7e3d0fc5854dc691a70c5573352230fc31c3f55565820c632e9b8cb3c55b878bed19e0ad9423100762197ac35967d8067
2018-09-27Merge #14027: Skip stale tip checking if outbound connections are off or if ↵MarcoFalke
reindexing. 66b3fc5437 Skip stale tip checking if outbound connections are off or if reindexing. (Gregory Maxwell) Pull request description: I got tired of the pointless stale tip notices in reindex and on nodes with connections disabled. Tree-SHA512: eb07d9c5c787ae6dea02cdd1d67a48a36a30adc5ccc74d6f1c0c7364d404dc8848b35d2b8daf5283f7c8f36f1a3c463aacb190d70a22d1fe796a301bb1f03228
2018-09-24Move SocketHandler logic to private method.Patrick Strateman
2018-09-24Move InactivityCheck logic to private method.Patrick Strateman
2018-09-24Move DisconnectNodes logic to private method.Patrick Strateman
2018-09-24Move NotifyNumConnectionsChanged logic to private method.Patrick Strateman
2018-08-31scripted-diff: Small locking renameRussell Yanofsky
Call sync.h primitives "locks" and "mutexes" instead of "blocks" and "waitable critical sections" to match current coding conventions and c++11 standard names. This PR does not rename the "CCriticalSection" class (though this could be done as a followup) because it is used everywhere and would swamp the other changes in this PR. Plain mutexes should mostly be preferred instead of recursive mutexes in new code anyway. -BEGIN VERIFY SCRIPT- set -x set -e ren() { git grep -l $1 | xargs sed -i s/$1/$2/; } ren CCriticalBlock UniqueLock ren CWaitableCriticalSection Mutex ren CConditionVariable std::condition_variable ren cs_GenesisWait g_genesis_wait_mutex ren condvar_GenesisWait g_genesis_wait_cv perl -0777 -pi -e 's/.*typedef.*condition_variable.*\n\n?//g' src/sync.h -END VERIFY SCRIPT-
2018-08-31Merge #11640: Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSectionWladimir J. van der Laan
9c4dc597ddc66acfd58a945a5ab11f833731abba Use LOCK macros for non-recursive locks (Russell Yanofsky) 1382913e61f5db6ba849b1e261e8aefcd5a1ae68 Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSection (Russell Yanofsky) ba1f095aadf29bddb0bd8176d2e0b908f92a5623 MOVEONLY Move AnnotatedMixin declaration (Russell Yanofsky) 41b88e93375d57db12da923f45f87b9a2db8e730 Add unit test for DEBUG_LOCKORDER code (Russell Yanofsky) Pull request description: Make LOCK macros work with non-recursive mutexes, and use wherever possible for better deadlock detection. Also add unit test for DEBUG_LOCKORDER code. Tree-SHA512: 64ef209307f28ecd0813a283f15c6406138c6ffe7f6cbbd084161044db60e2c099a7d0d2edcd1c5e7770a115e9b931b486e86c9a777bdc96d2e8a9f4dc192942
2018-08-27Report minfeefilter value in getpeerinfo rpcAnthony Towns
Lowering the minimum relay fee is only useful when many nodes in the p2p network also lower the fee, so to make it easier to understand progress on that front, this includes the value of the minfeefilter in getpeerinfo, so you at least have visibility to what fees your neighbours are currently accepting.
2018-08-23Skip stale tip checking if outbound connections are off or if reindexing.Gregory Maxwell
2018-08-10Merge #13907: Introduce a maximum size for locators.Wladimir J. van der Laan
e254ff5d53b79bee29203b965fca572f218bff54 Introduce a maximum size for locators. (Gregory Maxwell) Pull request description: The largest sensible size for a locator is log in the number of blocks. But, as noted by Coinr8d on BCT a maximum size message could encode a hundred thousand locators. If height were used to limit the messages that could open new attacks where peers on long low diff forks would get disconnected and end up stuck. Ideally, nodes first first learn to limit the size of locators they send before limiting what would be processed, but common implementations back off with an exponent of 2 and have an implicit limit of 2^32 blocks, so they already cannot produce locators over some size. Locators are cheap to process so allowing a few more is harmless, so this sets the maximum to 64-- which is enough for blockchains with 2^64 blocks before the get overhead starts increasing. Tree-SHA512: da28df9c46c988980da861046c62e6e7f93d0eaab3083d32e408d1062f45c00316d5e1754127e808c1feb424fa8e00e5a91aea2cc3b80326b71c148696f7cdb3
2018-08-09Introduce a maximum size for locators.Gregory Maxwell
The largest sensible size for a locator is log in the number of blocks. But, as noted by Coinr8d on BCT a maximum size message could encode a hundred thousand locators. If height were used to limit the messages that could open new attacks where peers on long low diff forks would get disconnected and end up stuck. Ideally, nodes first first learn to limit the size of locators they send before limiting what would be processed, but common implementations back off with an exponent of 2 and have an implicit limit of 2^32 blocks, so they already cannot produce locators over some size. This sets the limit to an absurdly high amount of 101 in order to maximize compatibility with existing software.
2018-08-08Merge #13780: 0.17: Pre-branch maintenanceWladimir J. van der Laan
3fc20632a3ad30809356a58d2cf0ea4a4ad4cec3 qt: Set BLOCK_CHAIN_SIZE = 220 (DrahtBot) 2b6a2f4a28792f2fe9dc1be843b1ff1ecae35e8a Regenerate manpages (DrahtBot) eb7daf4d600eeb631427c018a984a77a34aca66e Update copyright headers to 2018 (DrahtBot) Pull request description: Some trivial maintenance to avoid having to do it again after the 0.17 branch off. (The scripts to do this are in `./contrib/`) Tree-SHA512: 16b2af45e0351b1c691c5311d48025dc6828079e98c2aa2e600dc5910ee8aa01858ca6c356538150dc46fe14c8819ed8ec8e4ec9a0f682b9950dd41bc50518fa
2018-08-03Use LOCK macros for non-recursive locksRussell Yanofsky
Instead of std::unique_lock.
2018-07-27Return void instead of bool for functions that cannot failpracticalswift
* CBlockTreeDB::ReadReindexing(...) * CChainState::ResetBlockFailureFlags(...) * CTxMemPool::addUnchecked(...) * CWallet::LoadDestData(...) * CWallet::LoadKeyMetadata(...) * CWallet::LoadScriptMetadata(...) * CWallet::LoadToWallet(...) * CWallet::SetHDChain(...) * CWallet::SetHDSeed(...) * RemoveLocal(...) * SetMinVersion(...) * StartHTTPServer(...) * StartRPC(...) * TorControlConnection::Disconnect(...)
2018-07-27Update copyright headers to 2018DrahtBot
2018-07-16Initialize m_next_send_inv_to_incomingPieter Wuille
2018-07-16Merge #13298: Net: Bucketing INV delays (1 bucket) for incoming connections ↵Pieter Wuille
to hide tx time d45b344ffd Bucket for inbound when scheduling invs to hide tx time (Gleb) Pull request description: It has been brought up to my attention that current random delays mechanism (originally intended to obfuscate transaction metadata) allows to easily estimate the time a transaction was received by a node. It may be done by connecting multiple observer nodes to the same node. Each of those nodes will generate its own schedule of delays. Combined metadata regarding those events from different sources allows an observer to estimate transaction time. After this patch a spy won't gain additional information by just creating multiple connections to a target. Tree-SHA512: c71dae5ff350b614cb40a8e201fd0562d3e03e3e72a5099718cd451f0d84c66d5e52bbaf0d5b4b75137514c8efdedcc6ef4df90142b360153f04ad0721545ab1
2018-07-13Bucket for inbound when scheduling invs to hide tx timeGleb