Commit graph

2201 commits

Author SHA1 Message Date
David Hill
dea7ef364c Ignore getaddr requests from outbound peers.
This change reduces fingerprinting attacks and
mimics Bitcoin Core commit
dca799e1db6e319fdd47e0bfdb038eab0efabb85
2015-04-14 13:27:37 -04:00
David Hill
2cc85ef428 Reduce fingerprinting.
This change reduces fingerprinting via timestamps in addr messages.
Previously, the last seen time for an address was updated when
certain protocol commands were received.  Now, the last seen time
is set when the peer disconnects if the peer had sent a verack
message and was connected for more than 20 minutes.

This mimics Bitcoin Core commit:
9c2737901b5203f267d21d728019d64b46f1d9f3

Also, add additional sanity checking before updating the peer's
timestamp.  These include:

 - Do not mark a peer as connected if we never received
   a version message.
 - Disconnect a peer for sending a verack before btcd
   sent a version
 - Disconnect a peer for sending multiple verack's
2015-04-14 12:38:41 -04:00
David Hill
0eef96e1c8 addrmgr: Always use a 50% chance between tried and new entries.
This change was suggested as Countermeasure 2 in
Eclipse Attacks on Bitcoin's Peer-to-Peer Network, Ethan
Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive
Report 2015/263. March 2015.

This mimics Bitcoin Core commit c6a63ceeb4956933588995bcf01dc3095aaeb1fc
2015-04-14 12:28:45 -04:00
David Hill
320ecea6a0 addrmgr: Do not bias toward fresh addresses.
This change was suggested as Countermeasure 2 in Eclipse Attacks on
Bitcoin's Peer-to-Peer Network, Ethan Heilman, Alison Kendler, Aviv
Zohar, Sharon Goldberg. ePrint Archive Report 2015/263. March 2015.

This mimics Bitcoin Core commit
f68ba3f67bd500a64fb8932c6b41924ddc31d76f
2015-04-14 11:21:57 -04:00
cjepson
4696d16ed4 Fix race in FetchTransactionStore
Because FetchTransactionStore in GetBlockTemplate occasionally accesses
the internal blockchain memory structure while it is being read or modified,
a race can occur. To prevent this, FetchTransactionStore is instead
routed through the internal channel for blockchain requests.
2015-04-13 16:34:18 -04:00
Alex Akselrod
4a1445a032 Create limited RPC user.
The limited user is specified with the --rpclimituser and
--rpclimitpass options (or the equivalent in the config file).
The config struct and loadConfig() are updated to take the
new options into account. The limited user can have neither
the same username nor the same password as the admin user.

The package-level rpcLimit map in rpcserver.go specifies
the RPC commands accessible by limited users. This map
includes both HTTP/S and websocket commands.

The checkAuth function gets a new return parameter to
signify whether the user is authorized to change server
state. The result is passed to the jsonRPCRead function and
to the WebsocketHandler function in rpcwebsocket.go.

The wsClient struct is updated with an "isAdmin" field
signifying that the client is authorized to change server
state, written by WebsocketHandler and handleMessage.
The handleMessage function also checks the field to
allow or disallow an RPC call.

The following documentation files are updated:
- doc.go
- sample-btcd.conf
- docs/README.md
- docs/json_rpc_api.md
- docs/configure_rpc_server_listen_interfaces.md
2015-04-13 14:14:52 -04:00
David Hill
abe74f1d4e txscript: sync Bitcoin Core tests.
From Bitcoin Core commit 437ada3e55df8ae6f801cb2aa2e79ec5bb5f1971
2015-04-09 12:24:12 -04:00
Dave Collins
167afc5304 database: Correct test logging found by go vet. 2015-04-09 00:23:40 -05:00
Dave Collins
6211eef7ee wire: Add new DoubleSha256SH function.
This commit adds a new function which is similar to the DoubleSha256
function except it returns a ShaHash copy instead of a byte slice.  It
also adds a new benchmark for it.

This can be a slight optimization in certain cases where the caller
ultimately wants a ShaHash since it can avoid a heap allocation and
additional copy to convert the result to a ShaHash (the function simply
performs a type cast against the returned array which is not possible
against a []byte).

existing: DoubleSha256     500000   3081 ns/op   32 B/op   1 allocs/op
     new: DoubleSha256SH   500000   2939 ns/op    0 B/op   0 allocs/op

The hashing functions for blocks and transactions have also been updated
to make use of the new function since they directly return the ShaHash.
The transaction change in particular is quite useful since transactions
are frequently hashed and this change allows all of those hashes to avoid
an additional heap allocation.
2015-04-06 11:37:43 -05:00
Dave Collins
f5cdf2d6a8 Minor hashing-related optimizations.
This commit contains three classes of optimizations:
 - Reducing the number of unnecessary hash copies
 - Improve the performance of the DoubleSha256 function
 - A couple of minor optimizations of the ShaHash functions

The first class is a result of the Bytes function on a ShaHash making a
copy of the bytes before returning them.  It really should have been named
CloneBytes, but that would break the API now.

To address this, a comment has been added to the function which explicitly
calls out the copy behavior.  In addition, all call sites of .Bytes on a
ShaHash in the code base have been updated to simply slice the array when
a copy is not needed.  This saves a significant amount of data copying.

The second optimization modifies the DoubleSha256 function to directly use
fastsha256.Sum256 instead of the hasher interface.  This reduces the
number of allocations needed.  A benchmark for the function has been added
as well.

old: BenchmarkDoubleSha256  500000   3691 ns/op   192 B/op   3 allocs/op
new: BenchmarkDoubleSha256  500000   3081 ns/op    32 B/op   1 allocs/op

The final optimizations are for the ShaHash IsEqual and SetBytes functions
which have been modified to make use of the fact the type is an array and
remove an unneeded subslice.
2015-04-06 11:33:58 -05:00
David Hill
c80c8e7fe9 Scale up addrman.
This change was suggested as Countermeasure 6 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan
Heilman, Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive
Report 2015/263. March 2015.

This mimics Bitcoin Core commit 1d21ba2f5ecbf03086d0b65c4c4c80a39a94c2ee
2015-04-06 11:45:57 -04:00
Dave Collins
07176c8f65 btcjson: Add a few examples of using the package. 2015-04-03 22:53:03 -05:00
Dave Collins
1c332b283f btcjson: Add README.md and doc.go for btcjsonv2. 2015-04-03 18:32:00 -05:00
Oleg Andreev
122031bee3 Makes signing deterministic according to RFC6979 and BIP62. Closes #358. 2015-04-02 09:57:52 +02:00
Olaoluwa Osuntokun
1bf564d963 Fix #138 by dynamically updating heights of peers
In order to avoid prior situations of stalled syncs due to
outdated peer height data, we now update block heights up peers in
real-time as we learn of their announced
blocks.

Updates happen when:
   * A peer sends us an orphan block. We update based on
     the height embedded in the scriptSig for the coinbase tx
   * When a peer sends us an inv for a block we already know
     of
   * When peers announce new blocks. Subsequent
     announcements that lost the announcement race are
     recognized and peer heights are updated accordingly

Additionally, the `getpeerinfo` command has been modified
to include both the starting height, and current height of
connected peers.

Docs have been updated with `getpeerinfo` extension.
2015-04-01 17:22:45 -07:00
Alex Akselrod
7c46f213e1 Fix #340 and DropAfterBlockBySha/NewestSha bug.
- Delete spent TX in setclearSpentData when unspent by block
  disconnect on reorg; return an error when there's more than
  one record to delete in the spent TX as that should never
  happen.

- Test spent TX deletion when reorg causes block disconnect.

- Test for correct NewestSha results after DropAfterBlockBySha.

- Fix DropAfterBlockBySha to update info for NewestSha.

- Updated copyright statements in modified files
2015-03-30 16:35:38 -05:00
Alex Akselrod
ead39153af Fix #303 and #346 and change addrindex sort order
Fix #303 by changing the addrindex key prefix to 3 characters so that
it's easy to check length when dropping the index. To drop the old
index, check to make sure we aren't dropping any entries that end in
"sx" or "tx" as those aren't part of the addrindex. Update test to
deal with the new prefix length.

Fix #346 by changing the pointers in the mempool's addrindex map to
wire.ShaHash 32-byte values. This lets them be deleted even if the
transaction data changes places in memory upon expanding the maps.

Change the way addrindex uint32s are stored to big-endian in order to
sort the transactions on disk in chronological/dependency order.

Change the "searchrawtransactions" RPC call to return transactions
from the database before the memory pool so that they're returned in
order. This commit DOES NOT do topological sorting of the memory pool
transactions to ensure they're returned in dependency order. This may
be a good idea for a future enhancement.

Add addrindex versioning to automatically drop the old/incompatible
version of the index and rebuild with the new sort method and key
prefix.
2015-03-23 13:05:54 -04:00
David Hill
ccc3a9b979 Do a little addrindex database cleanup.
- Use explicit index values for byte slices
- Fix a bug in FetchTxsForAddr that allocated an extra 10 bytes
  for each address index
- Add missing iterator release in error path
- Check for iterator errors.
2015-03-14 22:09:51 -04:00
David Hill
369b352452 txscript: Add new flag ScriptVerifyLowS
The ScriptVerifyLowS flag defines that script signatures must
comply with the DER format as well as have an S value less than
or equal to the half order.
2015-03-14 13:40:03 -04:00
David Hill
9523345814 txscript: Add new flag ScriptVerifyCleanStack
The ScriptVerifyCleanStack flag requires that only a single
stack element remains after evaluation and that when interpreted
as a bool, it must be true.  This is BIP0062, rule 6.

This mimics Bitcoin Core commit b6e03cc59208305681745ad06f2056ffe6690597
2015-03-13 15:54:17 -04:00
Dave Collins
d3aebcaed3 btcctl: Support - argument to read from stdin.
This commit modifies the argument handling for btcctl to treat a
parameter that is a single dash as an indicator to read that paramter from
stdin instead.

This change allows commands, such as the submitblock, to accept data piped
from stdin for any parameter.  This, in turn, allows large arguments, such
as blocks, which can often be too big for a single argument due to
Operating System limitations to be submitted by putting them into a file
and redirecting stdin.

For example:

btcctl submitblock - <block.hex
cat block.hex | btcctl submitblock -

btcctl sendrawtransaction - <tx.hex
cat tx.hex | btcctl sendrawtransaction -
2015-03-13 11:15:26 -05:00
Dave Collins
279308288c blockchain: Provide new IsCoinBaseTx function.
This commit adds a new function to the blockchain package named
IsCoinBaseTx which performs the same function as IsCoinBase except it
takes raw wire transactions as opposed to the higher level util
transactions.

While here, it also adds a file for benchmarks along with a couple of
benchmarks for the IsCoinBase and IsCoinBaseTx functions.

Finally, the function was very slightly optimized:

BenchmarkIsCoinBaseOld  100000000  10.7 ns/op  0 B/op  0 allocs/op
BenchmarkIsCoinBaseNew  200000000  6.05 ns/op  0 B/op  0 allocs/op
2015-03-10 13:55:24 -05:00
David Hill
54d7951084 Process orphans on block acceptance.
For every transaction in a newly accepted block, process the orphan
pool moving now no longer orphan transactions to the mempool.

Previously, no longer orphan transactions would remain in the orphan
pool.
2015-03-10 14:15:55 -04:00
David Hill
ad35a5dc48 Have calcPriority determine the tx size. 2015-03-10 00:19:23 -04:00
David Hill
436fb8203c txscript: Increase maximum allowed nulldata bytes
This change increases the maximum allowed bytes allowed in pushed
data to be considered a nulldata transaction.  This matches the current
value the reference implementation uses by default.
2015-03-09 23:40:46 -04:00
David Hill
db8fa6f850 Add id and timeoffset to getpeerinfo. 2015-03-09 23:27:53 -04:00
Dave Collins
62432a6f90 wire: Add func to get pkscript locs from a tx.
This commit provides a new function named PkScriptLocs on the MsgTx type
which can be used to efficiently retrieve a list of offsets for the public
key scripts for the serialized form of the transaction.

This is useful for certain applications which store fully serialized
transactions and want to be able to quickly index into the serialized
transaction to extract a give public key script directly thereby avoiding
the need to deserialize the entire transaction.
2015-03-09 22:09:09 -05:00
Dave Collins
def0ef6af6 Use network adjusted time for finalized tx check.
This commit modifies finalized transaction check used by the memory pool
and block templates to use the network adjusted time instead of the
unadjusted local time.  This helps keep the transactions accepted to the
memory pool, and hence allowed to relay, more consistent across nodes.
2015-03-09 22:03:58 -05:00
Dave Collins
e0bb106646 Update golang.org/x/crypto imports to new location (round 2). 2015-03-03 21:25:53 -06:00
Dave Collins
a765bbff5a Update golang.org/x/crypto import paths to new location. 2015-03-03 21:10:38 -06:00
Jimmy Song
f54ffd8c76 Added some unit tests to addrmgr. 2015-03-02 12:28:58 -06:00
Dave Collins
cfefe14153 Prepare for release 0.10.0-beta. 2015-03-01 20:18:11 -06:00
Dave Collins
28269d2598 rpcserver: Use default values for getnetworkhashps.
When the fields in the command for the getnetworkhashps RPC don't have the
fields set, use the intended default values.

Since the btcjson package sets these fields to the default values when a
command is unmarshaled from the wire, this typically isn't necessary.
However, when the RPC server calls the handler internally with optional
command fields set to nil, as is the case in getmininginfo, the defaults
need to be set as well.
2015-02-28 20:49:37 -06:00
Josh Rickmar
5ac0f1247d Fix return types for handleGetNetworkHashPS. 2015-02-28 21:40:13 -05:00
Dave Collins
2c80b44024 Update release script to correct btcctl location. 2015-02-28 03:39:20 -06:00
Dave Collins
2dc8a8a9ee Add 0.10.0 deps to deps.txt. 2015-02-28 03:08:44 -06:00
Dave Collins
ac4879dde2 Add checkpoint at block height 343185. 2015-02-27 12:34:42 -06:00
David Hill
c153596542 Update Travis to test against golang 1.4.2 2015-02-27 13:28:06 -05:00
David Hill
8412cde46f btcjson: Fix a bug in btcjson v2
btcjson v2 switched an optional field to mandatory which resulted
in a nil deference.  This switches it back to optional.
2015-02-26 19:35:46 -05:00
David Hill
d9cba7ca6a txscript: export StandardVerifyFlags
By exporting StandardVerifyFlags, clients can ensure they create
transactions that btcd will accept into its mempool.

This flag doesn't belong in txscript.  It belongs in a
policy package.  However, this is currently the least worse place.
2015-02-26 15:21:12 -05:00
David Hill
c09ef75ba9 Enable strict encoding verification 2015-02-26 13:58:45 -05:00
David Hill
ff747f8eae Use ScriptVerifyMinimalData
Additionally, drop HasCanoncialPushes as ScriptVerifyMinimalData
offers more complete checks.
2015-02-26 13:13:16 -05:00
Dave Collins
3ed8f363e7 Implement BIP0066 changeover logic for v3 blocks.
This commit implements the changeover logic for version 3 blocks as
described by BIP0066.
2015-02-26 09:54:29 -06:00
Dave Collins
4c53599b67 mempool: Loosen restrictions for resurrected txns.
This modifies the recently added code which rejects free/low-fee
transactions with insufficient priority to ignore resurrected transactions
from disconnected blocks.  It also exempts resurrected transactions from
the free/low-fee rate limiting.
2015-02-25 22:07:12 -06:00
Dave Collins
65eb8020d2 blockchain: Determine script flags sooner.
This commit moves the definition of the flags which are needed to check
transaction scripts higher up the call stack to pave the way for adding
support for v3 blocks.  While here, also spruce up a couple of sections.

There are no functional changes in this commit.
2015-02-25 16:56:34 -06:00
Dave Collins
5a800b9580 Rewrite btcctl to use the new features of btcjson.
This commit contains what is essentially a complete rewrite of the btcctl
utility to make use of the new features provided by the latest version
btcjson and improve several things along the way.  The following
summarizes the changes:

- The supported commands and handling now come directly from btcjson, so
  it is no longer necessary to manually add new commands.  Once a command
  has been registered with btcjson, it will automatically become usable by
  btcctl complete with full error handling (once it is re-compiled of
  course)
- Rather than dumping the entire list of commands on every error, the user
  now must specifically request the list of command via the -l option
- The list of commands is now categorized by chain and wallet and
  alphabetized
- The help flag now only shows the help options instead of also dumping
  all of the commands
- The error display on valid commands with invalid parameters has been
  greatly improved to show the specific parameter number, reason, and
  error code
- When a valid command is specified with invalid parameter, only the usage
  for that specific command is shown now
- It is now possible to use a SOCKS5 proxy for connection
- The output of commands has been improved in the following ways:
  - Strings on commands such as getbestblockhash no longer have quotes
    wrapped around them
  - Fields that are integers no longer show in scientific notation when
    they are large (timestamps for example)

This closes #305 as a side effect.
2015-02-25 16:03:31 -06:00
Dave Collins
c0428f6f9f btcjson: Update searchrawtransactions verbose.
This commit updates the SearchRawTransactionsCmd verbose parameter in the
latest version of btcjson to an integer to match recent changes to the
previous version of btcjson.
2015-02-25 16:03:30 -06:00
Josh Rickmar
859d9a7520 wire: Display correct RandomUint64 test failures. 2015-02-25 15:32:00 -05:00
David Hill
b3342510b7 txscript: sync Bitcoin Core tests. 2015-02-25 12:44:15 -05:00
David Hill
833bb04775 Reject free/low-fee transactions with insufficient priority.
By default, have the mempool reject free and low-fee transactions that
have insufficient priority to be mined in the next block.

Addtionally, add a new configuration option, -norelaypriority, to
disable the check.
2015-02-25 11:27:41 -05:00