Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails
This commit is contained in:
Peter Todd
parent
6380180821
commit
f80cffa213
2 changed files with 24 additions and 6 deletions
24
src/main.cpp
24
src/main.cpp
|
|
@ -1588,14 +1588,26 @@ bool CheckInputs(const CTransaction& tx, CValidationState &state, CCoinsViewCach
|
||||||
pvChecks->push_back(CScriptCheck());
|
pvChecks->push_back(CScriptCheck());
|
||||||
check.swap(pvChecks->back());
|
check.swap(pvChecks->back());
|
||||||
} else if (!check()) {
|
} else if (!check()) {
|
||||||
if (flags & SCRIPT_VERIFY_STRICTENC) {
|
if (flags & STANDARD_NOT_MANDATORY_VERIFY_FLAGS) {
|
||||||
// For now, check whether the failure was caused by non-canonical
|
// Check whether the failure was caused by a
|
||||||
// encodings or not; if so, don't trigger DoS protection.
|
// non-mandatory script verification check, such as
|
||||||
CScriptCheck check(coins, tx, i, flags & (~SCRIPT_VERIFY_STRICTENC), 0);
|
// non-standard DER encodings or non-null dummy
|
||||||
|
// arguments; if so, don't trigger DoS protection to
|
||||||
|
// avoid splitting the network between upgraded and
|
||||||
|
// non-upgraded nodes.
|
||||||
|
CScriptCheck check(coins, tx, i,
|
||||||
|
flags & ~STANDARD_NOT_MANDATORY_VERIFY_FLAGS, 0);
|
||||||
if (check())
|
if (check())
|
||||||
return state.Invalid(false, REJECT_NONSTANDARD, "non-canonical");
|
return state.Invalid(false, REJECT_NONSTANDARD, "non-mandatory-script-verify-flag");
|
||||||
}
|
}
|
||||||
return state.DoS(100,false, REJECT_NONSTANDARD, "non-canonical");
|
// Failures of other flags indicate a transaction that is
|
||||||
|
// invalid in new blocks, e.g. a invalid P2SH. We DoS ban
|
||||||
|
// such nodes as they are not following the protocol. That
|
||||||
|
// said during an upgrade careful thought should be taken
|
||||||
|
// as to the correct behavior - we may want to continue
|
||||||
|
// peering with non-upgraded nodes even after a soft-fork
|
||||||
|
// super-majority vote has passed.
|
||||||
|
return state.DoS(100,false, REJECT_INVALID, "mandatory-script-verify-flag-failed");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -49,6 +49,9 @@ enum
|
||||||
// them to be valid. (but old blocks may not comply with) Currently just P2SH,
|
// them to be valid. (but old blocks may not comply with) Currently just P2SH,
|
||||||
// but in the future other flags may be added, such as a soft-fork to enforce
|
// but in the future other flags may be added, such as a soft-fork to enforce
|
||||||
// strict DER encoding.
|
// strict DER encoding.
|
||||||
|
//
|
||||||
|
// Failing one of these tests may trigger a DoS ban - see CheckInputs() for
|
||||||
|
// details.
|
||||||
static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
|
static const unsigned int MANDATORY_SCRIPT_VERIFY_FLAGS = SCRIPT_VERIFY_P2SH;
|
||||||
|
|
||||||
// Standard script verification flags that standard transactions will comply
|
// Standard script verification flags that standard transactions will comply
|
||||||
|
|
@ -58,6 +61,9 @@ static const unsigned int STANDARD_SCRIPT_VERIFY_FLAGS = MANDATORY_SCRIPT_VERIFY
|
||||||
SCRIPT_VERIFY_STRICTENC |
|
SCRIPT_VERIFY_STRICTENC |
|
||||||
SCRIPT_VERIFY_NULLDUMMY;
|
SCRIPT_VERIFY_NULLDUMMY;
|
||||||
|
|
||||||
|
// For convenience, standard but not mandatory verify flags.
|
||||||
|
static const unsigned int STANDARD_NOT_MANDATORY_VERIFY_FLAGS = STANDARD_SCRIPT_VERIFY_FLAGS & ~MANDATORY_SCRIPT_VERIFY_FLAGS;
|
||||||
|
|
||||||
enum txnouttype
|
enum txnouttype
|
||||||
{
|
{
|
||||||
TX_NONSTANDARD,
|
TX_NONSTANDARD,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue