Merge pull request #5820

85da07a Better fingerprinting protection for non-main-chain getdatas. (Pieter Wuille)
This commit is contained in:
Wladimir J. van der Laan 2015-02-26 17:07:47 +01:00
commit 59310f1c02
No known key found for this signature in database
GPG key ID: 74810B012346C9A6

View file

@ -3355,19 +3355,17 @@ void static ProcessGetData(CNode* pfrom)
BlockMap::iterator mi = mapBlockIndex.find(inv.hash); BlockMap::iterator mi = mapBlockIndex.find(inv.hash);
if (mi != mapBlockIndex.end()) if (mi != mapBlockIndex.end())
{ {
// If the requested block is at a height below our last if (chainActive.Contains(mi->second)) {
// checkpoint, only serve it if it's in the checkpointed chain
int nHeight = mi->second->nHeight;
CBlockIndex* pcheckpoint = Checkpoints::GetLastCheckpoint();
if (pcheckpoint && nHeight < pcheckpoint->nHeight) {
if (!chainActive.Contains(mi->second))
{
LogPrintf("ProcessGetData(): ignoring request for old block that isn't in the main chain\n");
} else {
send = true; send = true;
} else {
// To prevent fingerprinting attacks, only send blocks outside of the active
// chain if they are valid, and no more than a month older than the best header
// chain we know about.
send = mi->second->IsValid(BLOCK_VALID_SCRIPTS) && (pindexBestHeader != NULL) &&
(mi->second->GetBlockTime() > pindexBestHeader->GetBlockTime() - 30 * 24 * 60 * 60);
if (!send) {
LogPrintf("ProcessGetData(): ignoring request from peer=%i for old block that isn't in the main chain\n", pfrom->GetId());
} }
} else {
send = true;
} }
} }
if (send) if (send)