Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails
This commit is contained in:
parent
6380180821
commit
f80cffa213
2 changed files with 24 additions and 6 deletions
24
src/main.cpp
24
src/main.cpp
|
@ -1588,14 +1588,26 @@ bool CheckInputs(const CTransaction& tx, CValidationState &state, CCoinsViewCach
|
|||
pvChecks->push_back(CScriptCheck());
|
||||
check.swap(pvChecks->back());
|
||||
} else if (!check()) {
|
||||
if (flags & SCRIPT_VERIFY_STRICTENC) {
|
||||
// For now, check whether the failure was caused by non-canonical
|
||||
// encodings or not; if so, don't trigger DoS protection.
|
||||
CScriptCheck check(coins, tx, i, flags & (~SCRIPT_VERIFY_STRICTENC), 0);
|
||||
if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) {
|
||||
// Check whether the failure was caused by a
|
||||
// non-mandatory script verification check, such as
|
||||
// non-standard DER encodings or non-null dummy
|
||||
// arguments; if so, don't trigger DoS protection to
|
||||
// avoid splitting the network between upgraded and
|
||||
// non-upgraded nodes.
|
||||
CScriptCheck check(coins, tx, i,
|
||||
flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, 0);
|
||||
if (check())
|
||||
return state.Invalid(false, REJECT_NONSTANDARD, "non-canonical");
|
||||
return state.Invalid(false, REJECT_NONSTANDARD, "non-mandatory-script-verify-flag");
|
||||
}
|
||||
return state.DoS(100,false, REJECT_NONSTANDARD, "non-canonical");
|
||||
// Failures of other flags indicate a transaction that is
|
||||
// invalid in new blocks, e.g. a invalid P2SH. We DoS ban
|
||||
// such nodes as they are not following the protocol. That
|
||||
// said during an upgrade careful thought should be taken
|
||||
// as to the correct behavior - we may want to continue
|
||||
// peering with non-upgraded nodes even after a soft-fork
|
||||
// super-majority vote has passed.
|
||||
return state.DoS(100,false, REJECT_INVALID, "mandatory-script-verify-flag-failed");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -49,6 +49,9 @@ enum
|
|||
// them to be valid. (but old blocks may not comply with) Currently just P2SH,
|
||||
// but in the future other flags may be added, such as a soft-fork to enforce
|
||||
// strict DER encoding.
|
||||
//
|
||||
// Failing one of these tests may trigger a DoS ban - see CheckInputs() for
|
||||
// details.
|
||||
static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
|
||||
|
||||
// Standard script verification flags that standard transactions will comply
|
||||
|
@ -58,6 +61,9 @@ static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY
|
|||
SCRIPT_VERIFY_STRICTENC |
|
||||
SCRIPT_VERIFY_NULLDUMMY;
|
||||
|
||||
// For convenience, standard but not mandatory verify flags.
|
||||
static const unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;
|
||||
|
||||
enum txnouttype
|
||||
{
|
||||
TX_NONSTANDARD,
|
||||
|
|
Loading…
Reference in a new issue