Merge branch 'alert_fix' of git://github.com/gavinandresen/bitcoin-git
This commit is contained in:
Gavin Andresen
commit
fde5c34bd8
2 changed files with 42 additions and 7 deletions
47
src/main.cpp
47
src/main.cpp
|
|
@ -2322,6 +2322,28 @@ bool CAlert::ProcessAlert()
|
||||||
if (!IsInEffect())
|
if (!IsInEffect())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
// alert.nID=max is reserved for if the alert key is
|
||||||
|
// compromised. It must have a pre-defined message,
|
||||||
|
// must never expire, must apply to all versions,
|
||||||
|
// and must cancel all previous
|
||||||
|
// alerts or it will be ignored (so an attacker can't
|
||||||
|
// send an "everything is OK, don't panic" version that
|
||||||
|
// cannot be overridden):
|
||||||
|
int maxInt = std::numeric_limits<int>::max();
|
||||||
|
if (nID == maxInt)
|
||||||
|
{
|
||||||
|
if (!(
|
||||||
|
nExpiration == maxInt &&
|
||||||
|
nCancel == (maxInt-1) &&
|
||||||
|
nMinVer == 0 &&
|
||||||
|
nMaxVer == maxInt &&
|
||||||
|
setSubVer.empty() &&
|
||||||
|
nPriority == maxInt &&
|
||||||
|
strStatusBar == "URGENT: Alert key compromised, upgrade required"
|
||||||
|
))
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
LOCK(cs_mapAlerts);
|
LOCK(cs_mapAlerts);
|
||||||
// Cancel previous alerts
|
// Cancel previous alerts
|
||||||
|
|
@ -2997,14 +3019,27 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
|
||||||
CAlert alert;
|
CAlert alert;
|
||||||
vRecv >> alert;
|
vRecv >> alert;
|
||||||
|
|
||||||
if (alert.ProcessAlert())
|
uint256 alertHash = alert.GetHash();
|
||||||
|
if (pfrom->setKnown.count(alertHash) == 0)
|
||||||
{
|
{
|
||||||
// Relay
|
if (alert.ProcessAlert())
|
||||||
pfrom->setKnown.insert(alert.GetHash());
|
|
||||||
{
|
{
|
||||||
LOCK(cs_vNodes);
|
// Relay
|
||||||
BOOST_FOREACH(CNode* pnode, vNodes)
|
pfrom->setKnown.insert(alertHash);
|
||||||
alert.RelayTo(pnode);
|
{
|
||||||
|
LOCK(cs_vNodes);
|
||||||
|
BOOST_FOREACH(CNode* pnode, vNodes)
|
||||||
|
alert.RelayTo(pnode);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// Small DoS penalty so peers that send us lots of
|
||||||
|
// duplicate/expired/invalid-signature/whatever alerts
|
||||||
|
// eventually get banned.
|
||||||
|
// This isn't a Misbehaving(100) (immediate ban) because the
|
||||||
|
// peer might be an older or different implementation with
|
||||||
|
// a different signature key, etc.
|
||||||
|
pfrom->Misbehaving(10);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1535,7 +1535,7 @@ public:
|
||||||
|
|
||||||
uint256 GetHash() const
|
uint256 GetHash() const
|
||||||
{
|
{
|
||||||
return SerializeHash(*this);
|
return Hash(this->vchMsg.begin(), this->vchMsg.end());
|
||||||
}
|
}
|
||||||
|
|
||||||
bool IsInEffect() const
|
bool IsInEffect() const
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue