aboutsummaryrefslogtreecommitdiff
path: root/src/test/netbase_tests.cpp
AgeCommit message (Collapse)Author
2024-02-28Accept "in" and "out" flags to -whitelist to allow whitelisting manual ↵Luke Dashjr
connections
2023-11-30Remove unused version.h includeMarcoFalke
2023-10-26Merge bitcoin/bitcoin#26078: p2p: return `CSubNet` in `LookupSubNet`Andrew Chow
fb3e812277041f239b97b88689a5076796d75b9b p2p: return `CSubNet` in `LookupSubNet` (brunoerg) Pull request description: Analyzing the usage of `LookupSubNet`, noticed that most cases uses check if the subnet is valid by calling `subnet.IsValid()`, and the boolean returned by `LookupSubNet` hasn't been used so much, see: https://github.com/bitcoin/bitcoin/blob/29d540b7ada890dd588c4825d40c27c5e6f20061/src/httpserver.cpp#L172-L174 https://github.com/bitcoin/bitcoin/blob/29d540b7ada890dd588c4825d40c27c5e6f20061/src/net_permissions.cpp#L114-L116 It makes sense to return `CSubNet` instead of `bool`. ACKs for top commit: achow101: ACK fb3e812277041f239b97b88689a5076796d75b9b vasild: ACK fb3e812277041f239b97b88689a5076796d75b9b theStack: Code-review ACK fb3e812277041f239b97b88689a5076796d75b9b stickies-v: Concept ACK, but Approach ~0 (for now). Reviewed the code (fb3e812277041f239b97b88689a5076796d75b9b) and it all looks good to me. Tree-SHA512: ba50d6bd5d58dfdbe1ce1faebd80dd8cf8c92ac53ef33519860b83399afffab482d5658cb6921b849d7a3df6d5cea911412850e08f3f4e27f7af510fbde4b254
2023-09-14scripted-diff: use SER_PARAMS_OPFUNCAnthony Towns
-BEGIN VERIFY SCRIPT- sed -i 's/WithParams(\(CAddress::V[12]_[A-Z]*\) *, */\1(/g' $(git grep -l 'WithParams' src/) sed -i 's/WithParams(\(CNetAddr::V[12]\) *, */\1(/g' $(git grep -l 'WithParams' src/) sed -i 's@\(CNetAddr::V1.CService{}.*\) //@\1 //@' src/test/util/net.cpp -END VERIFY SCRIPT-
2023-09-05Use serialization parameters for CAddress serializationMarcoFalke
This also cleans up the addrman (de)serialization code paths to only allow `Disk` serialization. Some unit tests previously forced a `Network` serialization, which does not make sense, because Bitcoin Core in production will always `Disk` serialize. This cleanup idea was suggested by Pieter Wuille and implemented by Anthony Towns. Co-authored-by: Pieter Wuille <pieter@wuille.net> Co-authored-by: Anthony Towns <aj@erisian.com.au>
2023-05-30p2p: return `CSubNet` in `LookupSubNet`brunoerg
2023-05-26p2p, refactor: return `std::optional<CNetAddr>` in `LookupHost`brunoerg
2023-02-17Merge bitcoin/bitcoin#25619: net: avoid overriding non-virtual ToString() in ↵Andrew Chow
CService and use better naming c9d548c91fb12fba516dee896f1f97692cfa2104 net: remove CService::ToStringPort() (Vasil Dimov) fd4f0f41e915d99c9b0eac1afd21c5628222e368 gui: simplify OptionsDialog::updateDefaultProxyNets() (Vasil Dimov) 96c791dd20fea54c17d224000dee677bc158f66a net: remove CService::ToString() use ToStringAddrPort() instead (Vasil Dimov) 944a9de08a00f8273e73cd28b40e46cc0eb0bad1 net: remove CNetAddr::ToString() and use ToStringAddr() instead (Vasil Dimov) 043b9de59aec88ae5e29daac7dc2a8b51a9414ce scripted-diff: rename ToStringIP[Port]() to ToStringAddr[Port]() (Vasil Dimov) Pull request description: Before this PR we had the somewhat confusing combination of methods: `CNetAddr::ToStringIP()` `CNetAddr::ToString()` (duplicate of the above) `CService::ToStringIPPort()` `CService::ToString()` (duplicate of the above, overrides a non-virtual method from `CNetAddr`) `CService::ToStringPort()` Avoid [overriding non-virtual methods](https://github.com/bitcoin/bitcoin/pull/25349/#issuecomment-1185226396). "IP" stands for "Internet Protocol" and while sometimes "IP addresses" are called just "IPs", it is incorrect to call Tor or I2P addresses "IPs". Thus use "Addr" instead of "IP". Change the above to: `CNetAddr::ToStringAddr()` `CService::ToStringAddrPort()` The changes touch a lot of files, but are mostly mechanical. ACKs for top commit: sipa: utACK c9d548c91fb12fba516dee896f1f97692cfa2104 achow101: ACK c9d548c91fb12fba516dee896f1f97692cfa2104 jonatack: re-ACK c9d548c91fb12fba516dee896f1f97692cfa2104 only change since my previous reviews is rebase, but as a sanity check rebased to current master and at each commit quickly re-reviewed and re-verified clean build and green unit tests LarryRuane: ACK c9d548c91fb12fba516dee896f1f97692cfa2104 Tree-SHA512: 633fb044bdecf9f551b5e3314c385bf10e2b78e8027dc51ec324b66b018da35e5b01f3fbe6295bbc455ea1bcd1a3629de1918d28de510693afaf6a52693f2157
2022-12-24scripted-diff: Bump copyright headersHennadii Stepanov
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: - 2021: f47dda2c58b5d8d623e0e7ff4e74bc352dfa83d7 - 2020: fa0074e2d82928016a43ca408717154a1c70a4db - 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2022-12-12net: remove CService::ToString() use ToStringAddrPort() insteadVasil Dimov
Both methods do the same thing, so simplify to having just one. `ToString()` is too generic in this case and it is unclear what it does, given that there are similar methods: `ToStringAddr()` (inherited from `CNetAddr`), `ToStringPort()` and `ToStringAddrPort()`.
2022-12-12net: remove CNetAddr::ToString() and use ToStringAddr() insteadVasil Dimov
Both methods do the same thing, so simplify to having just one. Further, `CService` inherits `CNetAddr` and `CService::ToString()` overrides `CNetAddr::ToString()` but the latter is not virtual which may be confusing. Avoid such a confusion by not having non-virtual methods with the same names in inheritance.
2022-10-05Validate port value in `SplitHostPort`amadeuszpawlik
Forward the validation of the port from `ParseUInt16(...)`. Consider port 0 as invalid. Add suitable test for the `SplitHostPort` function. Add doxygen description to the `SplitHostPort` function.
2022-07-26refactor: Use type-safe std::chrono for addrman timeMarcoFalke
2022-04-20[netgroupman] Add GetMappedAS() and GetGroup()John Newbery
These currently call through to the CNetAddr methods. The logic will be moved in a future commit.
2022-02-11net: open p2p connections to nodes that listen on non-default portsVasil Dimov
By default, for mainnet, the p2p listening port is 8333. Bitcoin Core has a strong preference for only connecting to nodes that listen on that port. Remove that preference because connections over clearnet that involve port 8333 make it easy to detect, analyze, block or divert Bitcoin p2p traffic before the connection is even established (at TCP SYN time). For further justification see the OP of: https://github.com/bitcoin/bitcoin/pull/23306
2021-12-30scripted-diff: Bump copyright headersHennadii Stepanov
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- Commits of previous years: * 2020: fa0074e2d82928016a43ca408717154a1c70a4db * 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
2021-11-03net: recognize CJDNS from ParseNetwork()Vasil Dimov
This allows to use "cjdns" as an argument to the `getnodeaddresses` RPC and to the `-onlynet=` parameter.
2021-06-03p2p: ignore torv2-in-ipv6 addresses in SetLegacyIPv6()Jon Atack
2021-05-27p2p: remove torv2/ADDR_TORV2_SIZE from SetTor()Jon Atack
2021-05-12scripted-diff: rename NetPermissionFlags enumeratorsJon Atack
- drop redundant PF_ permission flags prefixes - drop ALL_CAPS naming per https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Renum-caps - rename IsImplicit to Implicit -BEGIN VERIFY SCRIPT- s() { git grep -l "$1" src | xargs sed -i "s/$1/$2/g"; } s 'PF_NONE' 'None' s 'PF_BLOOMFILTER' 'BloomFilter' s 'PF_RELAY' 'Relay' s 'PF_FORCERELAY' 'ForceRelay' s 'PF_DOWNLOAD' 'Download' s 'PF_NOBAN' 'NoBan' s 'PF_MEMPOOL' 'Mempool' s 'PF_ADDR' 'Addr' s 'PF_ISIMPLICIT' 'Implicit' s 'PF_ALL' 'All' -END VERIFY SCRIPT-
2021-05-12scripted-diff: add NetPermissionFlags scopes where not already presentJon Atack
-BEGIN VERIFY SCRIPT- s() { git grep -l "$1" -- 'src' ':!src/net_permissions.h' | xargs sed -i -E "s/([^:])$1/\1NetPermissionFlags::$1/"; } s 'PF_NONE' s 'PF_BLOOMFILTER' s 'PF_RELAY' s 'PF_FORCERELAY' s 'PF_DOWNLOAD' s 'PF_NOBAN' s 'PF_MEMPOOL' s 'PF_ADDR' s 'PF_ISIMPLICIT' s 'PF_ALL' -END VERIFY SCRIPT- Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2021-04-18test: add net permissions noban/download unit test coverageJon Atack
to clarify/test the relationship and NetPermissions operations involving the NetPermissionFlags PF_NOBAN and PF_DOWNLOAD. Co-authored-by: Vasil Dimov <vd@FreeBSD.org>
2021-03-16test: add missing netaddress include headersJon Atack
2021-03-16p2p, refactor: pass and use uint16_t CService::port as uint16_tJon Atack
2021-01-10net: allow CSubNet of non-IP networksVasil Dimov
Allow creation of valid `CSubNet` objects of non-IP networks and only match the single address they were created from (like /32 for IPv4 or /128 for IPv6). This fixes a deficiency in `CConnman::DisconnectNode(const CNetAddr& addr)` and in `BanMan` which assume that creating a subnet from any address using the `CSubNet(CNetAddr)` constructor would later match that address only. Before this change a non-IP subnet would be invalid and would not match any address.
2020-11-20Merge #20000: test: fix creation of "std::string"s with \0sWladimir J. van der Laan
ecc6cf1a3b097b9b5b047282063a0b6779631b83 test: fix creation of std::string objects with \0s (Vasil Dimov) Pull request description: A string literal `"abc"` contains a terminating `\0`, so that is 4 bytes. There is no need to write `"abc\0"` unless two terminating `\0`s are necessary. `std::string` objects do not internally contain a terminating `\0`, so `std::string("abc")` creates a string with size 3 and is the same as `std::string("abc", 3)`. In `"\01"` the `01` part is interpreted as one number (1) and that is the same as `"\1"` which is a string like `{1, 0}` whereas `"\0z"` is a string like `{0, 'z', 0}`. To create a string like `{0, '1', 0}` one must use `"\0" "1"`. Adjust the tests accordingly. ACKs for top commit: laanwj: ACK ecc6cf1a3b097b9b5b047282063a0b6779631b83 practicalswift: ACK ecc6cf1a3b097b9b5b047282063a0b6779631b83 modulo happily green CI Tree-SHA512: 5eb489e8533a4199a9324b92f7280041552379731ebf7dfee169f70d5458e20e29b36f8bfaee6f201f48ab2b9d1d0fc4bdf8d6e4c58d6102f399cfbea54a219e
2020-10-31test: fix creation of std::string objects with \0sVasil Dimov
A string literal `"abc"` contains a terminating `\0`, so that is 4 bytes. There is no need to write `"abc\0"` unless two terminating `\0`s are necessary. `std::string` objects do not internally contain a terminating `\0`, so `std::string("abc")` creates a string with size 3 and is the same as `std::string("abc", 3)`. In `"\01"` the `01` part is interpreted as one number (1) and that is the same as `"\1"` which is a string like `{1, 0}` whereas `"\0z"` is a string like `{0, 'z', 0}`. To create a string like `{0, '1', 0}` one must use `"\0" "1"`. Adjust the tests accordingly.
2020-10-12tests: don't export in6addr_loopbackVasil Dimov
Don't export `in6addr_loopback` because that upsets `contrib/devtools/symbol-check.py` Fixes https://github.com/bitcoin/bitcoin/issues/20127
2020-10-09net: CAddress & CAddrMan: (un)serialize as ADDRv2Vasil Dimov
Change the serialization of `CAddrMan` to serialize its addresses in ADDRv2/BIP155 format by default. Introduce a new `CAddrMan` format version (3). Add support for ADDRv2 format in `CAddress` (un)serialization. Co-authored-by: Carl Dong <contact@carldong.me>
2020-08-24net: change CNetAddr::ip to have flexible sizeVasil Dimov
Before this change `CNetAddr::ip` was a fixed-size array of 16 bytes, not being able to store larger addresses (e.g. TORv3) and encoded smaller ones as 16-byte IPv6 addresses. Change its type to `prevector`, so that it can hold larger addresses and do not disguise non-IPv6 addresses as IPv6. So the IPv4 address `1.2.3.4` is now encoded as `01020304` instead of `00000000000000000000FFFF01020304`. Rename `CNetAddr::ip` to `CNetAddr::m_addr` because it is not an "IP" or "IP address" (TOR addresses are not IP addresses). In order to preserve backward compatibility with serialization (where e.g. `1.2.3.4` is serialized as `00000000000000000000FFFF01020304`) introduce `CNetAddr` dedicated legacy serialize/unserialize methods. Adjust `CSubNet` accordingly. Still use `CSubNet::netmask[]` of fixed 16 bytes, but use the first 4 for IPv4 (not the last 4). Only allow subnetting for IPv4 and IPv6. Co-authored-by: Carl Dong <contact@carldong.me>
2020-08-24net: don't accept non-left-contiguous netmasksVasil Dimov
A netmask that contains 1-bits after 0-bits (the 1-bits are not contiguous on the left side) is invalid [1] [2]. The code before this PR used to parse and accept such non-left-contiguous netmasks. However, a coming change that will alter `CNetAddr::ip` to have flexible size would make juggling with such netmasks more difficult, thus drop support for those. [1] https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#Subnet_masks [2] https://tools.ietf.org/html/rfc4632#section-5.1
2020-08-03Merge #18991: Cache responses to GETADDR to prevent topology leaksWladimir J. van der Laan
3bd67ba5a4ef3c20ef1f873b63c9f53a6c8608b6 Test addr response caching (Gleb Naumenko) cf1569e074505dbbb9d29422803dd31bb62072d4 Add addr permission flag enabling non-cached addr sharing (Gleb Naumenko) acd6135b43941fa51d52f5fcdb2ce944280ad01e Cache responses to addr requests (Gleb Naumenko) 7cc0e8101f01891aa8be093a00d993bb7579c385 Remove useless 2500 limit on AddrMan queries (Gleb Naumenko) ded742bc5b96e3215d69c11fb3628d224e7ae034 Move filtering banned addrs inside GetAddresses() (Gleb Naumenko) Pull request description: This is a very simple code change with a big p2p privacy benefit. It’s currently trivial to scrape any reachable node’s AddrMan (a database of all nodes known to them along with the timestamps). We do have a limit of one GETADDR per connection, but a spy can disconnect and reconnect even from the same IP, and send GETADDR again and again. Since we respond with 1,000 random records at most, depending on the AddrMan size it takes probably up to 100 requests for an spy to make sure they scraped (almost) everything. I even have a script for that. It is totally doable within couple minutes. Then, with some extra protocol knowledge a spy can infer the direct peers of the victim, and other topological stuff. I suggest to cache responses to GETADDR on a daily basis, so that an attacker gets at most 1,000 records per day, and can’t track the changes in real time. I will be following up with more improvements to addr relay privacy, but this one alone is a very effective. And simple! I doubt any of the real software does *reconnect to get new addrs from a given peer*, so we shouldn’t be cutting anyone. I also believe it doesn’t have any negative implications on the overall topology quality. And the records being “outdated” for at most a day doesn’t break any honest assumptions either. ACKs for top commit: jnewbery: reACK 3bd67ba5a4ef3c20ef1f873b63c9f53a6c8608b6 promag: Code review ACK 3bd67ba5a4ef3c20ef1f873b63c9f53a6c8608b6. ariard: Code Review ACK 3bd67ba Tree-SHA512: dfa5d03205c2424e40a3f8a41af9306227e1ca18beead3b3dda44aa2a082175bb1c6d929dbc7ea8e48e01aed0d50f0d54491caa1147471a2b72a46c3ca06b66f
2020-07-30Add addr permission flag enabling non-cached addr sharingGleb Naumenko
2020-07-27net: save the network type explicitly in CNetAddrVasil Dimov
Before this change, we would analyze the contents of `CNetAddr::ip[16]` in order to tell which type is an address. Change this by introducing a new member `CNetAddr::m_net` that explicitly tells the type of the address. This is necessary because in BIP155 we will not be able to tell the address type by just looking at its raw representation (e.g. both TORv3 and I2P are "seemingly random" 32 bytes). As a side effect of this change we no longer need to store IPv4 addresses encoded as IPv6 addresses - we can store them in proper 4 bytes (will be done in a separate commit). Also the code gets somewhat simplified - instead of `memcmp(ip, pchIPv4, sizeof(pchIPv4)) == 0` we can use `m_net == NET_IPV4`. Co-authored-by: Carl Dong <contact@carldong.me>
2020-07-10doc: Use precise permission flags where possibleMarcoFalke
2020-07-09net: Extract download permission from nobanMarcoFalke
2020-06-22test: add two edge case tests for CSubNetVasil Dimov
2020-06-09refactor: Error message bilingual_str consistencyWladimir J. van der Laan
- Move the decision whether to translate an error message to where it is defined. This simplifies call sites: no more `InitError(Untranslated(...))`. - Make all functions in `util/error.h` consistently return a `bilingual_str`. We've decided to use this as error message type so let's roll with it. This has no functional changes: no messages are changed, no new translation messages are defined.
2020-05-08test: Fix outstanding -Wsign-compare errorsBen Woosley
2020-04-16scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-04-16scripted-diff: Sort test includesMarcoFalke
-BEGIN VERIFY SCRIPT- # Mark all lines with #includes sed -i --regexp-extended -e 's/(#include <.*>)/\1 /g' $(git grep -l '#include' ./src/bench/ ./src/test ./src/wallet/test/) # Sort all marked lines git diff -U0 | ./contrib/devtools/clang-format-diff.py -p1 -i -v -END VERIFY SCRIPT-
2020-01-29Merge #16702: p2p: supplying and using asmap to improve IP bucketing in addrmanWladimir J. van der Laan
3c1bc40205a3fcab606e70b0e3c13d68b2860e34 Add extra logging of asmap use and bucketing (Gleb Naumenko) e4658aa8eaf1629dd5af8cf7b9717a8e72028251 Return mapped AS in RPC call getpeerinfo (Gleb Naumenko) ec45646de9e62b3d42c85716bfeb06d8f2b507dc Integrate ASN bucketing in Addrman and add tests (Gleb Naumenko) 8feb4e4b667361bf23344149c01594abebd56fdb Add asmap utility which queries a mapping (Gleb Naumenko) Pull request description: This PR attempts to solve the problem explained in #16599. A particular attack which encouraged us to work on this issue is explained here [[Erebus Attack against Bitcoin Peer-to-Peer Network](https://erebus-attack.comp.nus.edu.sg/)] (by @muoitranduc) Instead of relying on /16 prefix to diversify the connections every node creates, we would instead rely on the (ip -> ASN) mapping, if this mapping is provided. A .map file can be created by every user independently based on a router dump, or provided along with the Bitcoin release. Currently we use the python scripts written by @sipa to create a .map file, which is no larger than 2MB (awesome!). Here I suggest adding a field to peers.dat which would represent a hash of asmap file used while serializing addrman (or 0 for /16 prefix legacy approach). In this case, every time the file is updated (or grouping method changed), all buckets will be re-computed. I believe that alternative selective re-bucketing for only updated ranges would require substantial changes. TODO: - ~~more unit tests~~ - ~~find a way to test the code without including >1 MB mapping file in the repo.~~ - find a way to check that mapping file is not corrupted (checksum?) - comments and separate tests for asmap.cpp - make python code for .map generation public - figure out asmap distribution (?) ~Interesting corner case: I’m using std::hash to compute a fingerprint of asmap, and std::hash returns size_t. I guess if a user updates the OS to 64-bit, then the hash of asap will change? Does it even matter?~ ACKs for top commit: laanwj: re-ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 jamesob: ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 ([`jamesob/ackr/16702.3.naumenkogs.p2p_supplying_and_using`](https://github.com/jamesob/bitcoin/tree/ackr/16702.3.naumenkogs.p2p_supplying_and_using)) jonatack: ACK 3c1bc40205a3fcab606e70b0e3c13d68b2860e34 Tree-SHA512: e2dc6171188d5cdc2ab2c022fa49ed73a14a0acb8ae4c5ffa970172a0365942a249ad3d57e5fb134bc156a3492662c983f74bd21e78d316629dcadf71576800c
2020-01-08tests: Avoid using C-style NUL-terminated strings as argumentspracticalswift
2020-01-08tests: Add tests to make sure lookup methods fail on std::string parameters ↵practicalswift
with embedded NUL characters
2020-01-08net: Avoid using C-style NUL-terminated strings as arguments in the netbase ↵practicalswift
interface
2019-12-25Integrate ASN bucketing in Addrman and add testsGleb Naumenko
Instead of using /16 netgroups to bucket nodes in Addrman for connection diversification, ASN, which better represents an actor in terms of network-layer infrastructure, is used. For testing, asmap.raw is used. It represents a minimal asmap needed for testing purposes.
2019-12-16test: add IsRFC2544 testsMark Tyneway
2019-11-06scripted-diff: test: Move setup_common to test libraryMarcoFalke
-BEGIN VERIFY SCRIPT- # Move files for f in $(git ls-files src/test/lib/); do git mv $f src/test/util/; done git mv src/test/setup_common.cpp src/test/util/ git mv src/test/setup_common.h src/test/util/ # Replace Windows paths sed -i -e 's|\\setup_common|\\util\\setup_common|g' $(git grep -l '\\setup_common') sed -i -e 's|src\\test\\lib\\|src\\test\\util\\|g' build_msvc/test_bitcoin/test_bitcoin.vcxproj # Everything else sed -i -e 's|/setup_common|/util/setup_common|g' $(git grep -l 'setup_common') sed -i -e 's|test/lib/|test/util/|g' $(git grep -l 'test/lib/') # Fix include guard sed -i -e 's|BITCOIN_TEST_SETUP_COMMON_H|BITCOIN_TEST_UTIL_SETUP_COMMON_H|g' ./src/test/util/setup_common.h sed -i -e 's|BITCOIN_TEST_LIB_|BITCOIN_TEST_UTIL_|g' $(git grep -l 'BITCOIN_TEST_LIB_') -END VERIFY SCRIPT-
2019-08-11Make whitebind/whitelist permissions more flexiblenicolas.dorier
2019-05-15netaddress: Update CNetAddr for ORCHIDv2Carl Dong
The original ORCHID prefix was deprecated as of 2014-03, the new ORCHIDv2 prefix was allocated by RFC7343 as of 2014-07. We did not consider the original ORCHID prefix routable, and I don't see any reason to consider the new one to be either.