From ae922a36a4b54a8e78d3a2a2cb2af7f03960fce3 Mon Sep 17 00:00:00 2001 From: s_nakamoto Date: Sat, 17 Jul 2010 23:51:16 +0000 Subject: [PATCH] security safeguards, limited addr messages -- version 0.3.2 git-svn-id: https://bitcoin.svn.sourceforge.net/svnroot/bitcoin/trunk@107 1a98c847-1fd6-4fd8-948a-caf3550aa51b --- main.cpp | 19 ++++++++++++++++--- serialize.h | 2 +- setup.nsi | 6 +++--- 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/main.cpp b/main.cpp index bd3dad78a..276a22bcd 100644 --- a/main.cpp +++ b/main.cpp @@ -1341,6 +1341,14 @@ bool CBlock::AcceptBlock() if (nBits != GetNextWorkRequired(pindexPrev)) return error("AcceptBlock() : incorrect proof of work"); + // Check that the block chain matches the known block chain up to a checkpoint + if (pindexPrev->nHeight+1 == 11111 && hash != uint256("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d")) + return error("AcceptBlock() : rejected by checkpoint lockin at 11111"); + if (pindexPrev->nHeight+1 == 33333 && hash != uint256("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6")) + return error("AcceptBlock() : rejected by checkpoint lockin at 33333"); + if (pindexPrev->nHeight+1 == 68555 && hash != uint256("0x00000000001e1b4903550a0b96e9a9405c8a95f387162e4944e8d9fbe501cd6a")) + return error("AcceptBlock() : rejected by checkpoint lockin at 68555"); + // Write block to history file if (!CheckDiskSpace(::GetSerializeSize(*this, SER_DISK))) return error("AcceptBlock() : out of disk space"); @@ -1933,6 +1941,8 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) vRecv >> vAddr; if (pfrom->nVersion < 200) // don't want addresses from 0.1.5 return true; + if (pfrom->nVersion < 209 && mapAddresses.size() > 1000) // don't want addr from 0.2.0 unless seeding + return true; if (vAddr.size() > 1000) return error("message addr size() = %d", vAddr.size()); @@ -1941,6 +1951,9 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) { if (fShutdown) return true; + // ignore IPv6 for now, since it isn't implemented anyway + if (!addr.IsIPv4()) + continue; addr.nTime = GetAdjustedTime() - 2 * 60 * 60; if (pfrom->fGetAddr || vAddr.size() > 10) addr.nTime -= 5 * 24 * 60 * 60; @@ -1952,15 +1965,15 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) CRITICAL_BLOCK(cs_vNodes) { // Use deterministic randomness to send to - // the same places for an hour at a time + // the same places for 12 hours at a time static uint256 hashSalt; if (hashSalt == 0) RAND_bytes((unsigned char*)&hashSalt, sizeof(hashSalt)); - uint256 hashRand = addr.ip ^ (GetTime()/3600) ^ hashSalt; + uint256 hashRand = addr.ip ^ ((GetTime()+addr.ip)/(12*60*60)) ^ hashSalt; multimap mapMix; foreach(CNode* pnode, vNodes) mapMix.insert(make_pair(hashRand = Hash(BEGIN(hashRand), END(hashRand)), pnode)); - int nRelayNodes = 10; // reduce this to 5 when the network is large + int nRelayNodes = 4; for (multimap::iterator mi = mapMix.begin(); mi != mapMix.end() && nRelayNodes-- > 0; ++mi) ((*mi).second)->PushAddress(addr); } diff --git a/serialize.h b/serialize.h index 8d3bd2378..d76cac78a 100644 --- a/serialize.h +++ b/serialize.h @@ -19,7 +19,7 @@ class CScript; class CDataStream; class CAutoFile; -static const int VERSION = 301; +static const int VERSION = 302; static const char* pszSubVer = ""; diff --git a/setup.nsi b/setup.nsi index 6b593cd8b..ff6763e08 100644 --- a/setup.nsi +++ b/setup.nsi @@ -7,7 +7,7 @@ RequestExecutionLevel highest # General Symbol Definitions !define REGKEY "SOFTWARE\$(^Name)" -!define VERSION 0.3.1 +!define VERSION 0.3.2 !define COMPANY "Bitcoin project" !define URL http://www.bitcoin.org/ @@ -42,12 +42,12 @@ Var StartMenuGroup !insertmacro MUI_LANGUAGE English # Installer attributes -OutFile bitcoin-0.3.1-win32-setup.exe +OutFile bitcoin-0.3.2-win32-setup.exe InstallDir $PROGRAMFILES\Bitcoin CRCCheck on XPStyle on ShowInstDetails show -VIProductVersion 0.3.1.0 +VIProductVersion 0.3.2.0 VIAddVersionKey ProductName Bitcoin VIAddVersionKey ProductVersion "${VERSION}" VIAddVersionKey CompanyName "${COMPANY}"