Commit graph

173 commits

Author SHA1 Message Date
Wladimir J. van der Laan
5eaaa83ac1 Kill insecure_random and associated global state
There are only a few uses of `insecure_random` outside the tests.
This PR replaces uses of insecure_random (and its accompanying global
state) in the core code with an FastRandomContext that is automatically
seeded on creation.

This is meant to be used for inner loops. The FastRandomContext
can be in the outer scope, or the class itself, then rand32() is used
inside the loop. Useful e.g. for pushing addresses in CNode or the fee
rounding, or randomization for coin selection.

As a context is created per purpose, thus it gets rid of
cross-thread unprotected shared usage of a single set of globals, this
should also get rid of the potential race conditions.

- I'd say TxMempool::check is not called enough to warrant using a special
  fast random context, this is switched to GetRand() (open for
  discussion...)

- The use of `insecure_rand` in ConnectThroughProxy has been replaced by
  an atomic integer counter. The only goal here is to have a different
  credentials pair for each connection to go on a different Tor circuit,
  it does not need to be random nor unpredictable.

- To avoid having a FastRandomContext on every CNode, the context is
  passed into PushAddress as appropriate.

There remains an insecure_random for test usage in `test_random.h`.
2016-10-17 13:08:35 +02:00
Pavel Janík
b7c349d5e7 Do not shadow variables in networking code 2016-08-15 14:10:07 +02:00
Cory Fields
8945384bca net: Have LookupNumeric return a CService directly
Also fix up a few small issues:
- Lookup with "badip:port" now sets the port to 0
- Don't allow assert to have side-effects
2016-08-04 16:41:39 -04:00
Cory Fields
21e5b96ff4 net: move CNetAddr/CService/CSubNet out of netbase 2016-07-31 14:01:44 -04:00
Cory Fields
b6c3ff3dae net: Split resolving out of CSubNet 2016-07-31 14:01:43 -04:00
Cory Fields
f96c7c4d91 net: Split resolving out of CService 2016-07-31 13:24:07 -04:00
Cory Fields
31d6b1d5f0 net: Split resolving out of CNetAddr 2016-07-31 13:24:07 -04:00
Pieter Wuille
1a5a4e6488 Randomize name lookup result in ConnectSocketByName 2016-06-13 23:53:08 +02:00
Warren Togami
bf9266e017 Use Socks5ErrorString() to decode error responses from socks proxy. 2016-05-19 14:21:22 +09:00
Warren Togami
94fd1d8d53 Make Socks5() InterruptibleRecv() timeout/failures informative.
Before:
2016-05-16 06:10:45 ERROR: Error reading proxy response

After:
2016-05-16 06:10:45 Socks5() connect to k7s5d6jqig4ej4v4.onion:18333 failed: InterruptibleRecv() timeout or other failure
2016-05-17 16:43:23 +09:00
Warren Togami
0d9af79e50 SOCKS5 connecting and connected messages with -debug=net.
They were too noisy and not necessary for normal operation.
2016-05-09 18:13:55 -07:00
Warren Togami
00678bdb0a Make failures to connect via Socks5() more informative and less unnecessarily scary.
* The "ERROR" was printed far too often during normal operation for what was not an error.
* Makes the Socks5() connect failure similar to the IP connect failure in debug.log.

Before:
`2016-05-09 00:15:00 ERROR: Proxy error: host unreachable`

After:
`2016-05-09 00:15:00 Socks5() connect to t6xj6wilh4ytvcs7.onion:18333 failed: host unreachable"`
2016-05-09 18:13:55 -07:00
Cory Fields
d39f5b425d net: disable resolving from storage structures
CNetAddr/CService/CSubnet can no longer resolve DNS.
2016-04-20 13:08:19 -04:00
Cory Fields
367569926a net: resolve outside of storage structures
Rather than allowing CNetAddr/CService/CSubNet to launch DNS queries, require
that addresses are already resolved.

This greatly simplifies async resolve logic, and makes it harder to
accidentally leak DNS queries.
2016-04-20 13:08:19 -04:00
mruddy
eda3d92489 Net: Add IPv6 Link-Local Address Support 2016-04-05 22:26:38 +00:00
Chris Wheeler
9d263bd17c Typo fixes in comments 2016-01-17 11:03:56 +00:00
MarcoFalke
fa24439ff3 Bump copyright headers to 2015 2015-12-13 18:08:39 +01:00
MarcoFalke
faf93f37fe [trivial] Reuse translation and cleanup DEFAULT_* values
* DEFAULT_DISABLE_SAFEMODE = false
* Use DEFAULT_* constants for extern bools
2015-11-28 19:01:11 +01:00
Luke Dashjr
b966aa836a Constrain constant values to a single location in code 2015-11-28 18:47:29 +01:00
Wladimir J. van der Laan
8f4e67f152 net: Automatically create hidden service, listen on Tor
Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket
API, to create and destroy 'ephemeral' hidden services programmatically.
https://stem.torproject.org/api/control.html#stem.control.Controller.create_ephemeral_hidden_service

This means that if Tor is running (and proper authorization is available),
bitcoin automatically creates a hidden service to listen on, without user
manual configuration. This will positively affect the number of available
.onion nodes.

- When the node is started, connect to Tor through control socket
- Send `ADD_ONION` command
- First time:
    - Make it create a hidden service key
    - Save the key in the data directory for later usage
- Make it redirect port 8333 to the local port 8333 (or whatever port we're listening on).
- Keep control socket connection open for as long node is running. The hidden service will
  (by default) automatically go away when the connection is closed.
2015-11-10 17:29:56 +01:00
Gregory Maxwell
a4e28b3d1e Set TCP_NODELAY on P2P sockets.
Nagle appears to be a significant contributor to latency now that the static
 sleeps are gone.  Most of our messages are relatively large compared to
 IP + TCP so I do not expect this to create enormous overhead.

This may also reduce traffic burstyness somewhat.
2015-10-22 17:57:48 +00:00
Wladimir J. van der Laan
e2b8028e4c net: Fix CIDR notation in ToString()
Only use CIDR notation if the netmask can be represented as such.
2015-09-16 16:50:19 +02:00
Jonas Schnelli
607809f037 net: use CIDR notation in CSubNet::ToString() 2015-09-16 16:50:19 +02:00
Wladimir J. van der Laan
70ec975ea6
Merge pull request #6556
1123cdb add unit test for CNetAddr::GetGroup. (Alex Morcos)
bba3db1 Fix masking of irrelevant bits in address groups. (Alex Morcos)
2015-08-20 16:45:46 +02:00
Alex Morcos
bba3db1a40 Fix masking of irrelevant bits in address groups. 2015-08-14 14:25:19 -05:00
Veres Lajos
9f68ed6b6d typofixes (found by misspell_fixer) 2015-08-10 22:06:27 +01:00
Pieter Wuille
d422f9b1fd Test whether created sockets are select()able 2015-07-10 12:05:09 -04:00
Jonas Schnelli
177a0e4914 Adding CSubNet constructor over a single CNetAddr 2015-07-02 20:44:27 +02:00
Jonas Schnelli
d624167387 fix CSubNet comparison operator 2015-06-17 21:40:55 +02:00
Jonas Schnelli
433fb1a95d [RPC] extend setban to allow subnets 2015-06-17 21:40:55 +02:00
Philip Kaufmann
d6922aad2c [net, trivial] remove using namespace std pollution in netbase.cpp 2015-05-31 15:48:23 +02:00
Wladimir J. van der Laan
b45c50ce51 Fix two problems in CSubNet parsing
Fix two CSubNet constructor problems:

- The use of `/x` where 8 does not divide x was broken, due to a
  bit-order issue

- The use of e.g. `1.2.3.4/24` where the netmasked bits in the network
  are not 0 was broken. Fix this by explicitly normalizing the netwok
  according to the bitmask.

Also add tests for these cases.

Fixes #6179. Thanks to @jonasschnelli for reporting and initial fix.
2015-05-26 08:59:59 +02:00
Wladimir J. van der Laan
19e8d7be42 Simplify code for CSubnet
Simplify the code by using CAddress.ip directly, instead of the reversed
GetByte() semantics.
2015-05-26 08:59:13 +02:00
Philip Kaufmann
d1af89e655 use const reference as param in ConnectThroughProxy/Socks5
- also ensure code style conformance by replacing bool static with static bool
2015-04-28 14:44:56 +02:00
Wladimir J. van der Laan
67a7949397 privacy: Stream isolation for Tor
According to Tor's extensions to the SOCKS protocol
(https://gitweb.torproject.org/torspec.git/tree/socks-extensions.txt)
it is possible to perform stream isolation by providing authentication
to the proxy. Each set of credentials will create a new circuit,
which makes it harder to correlate connections.

This patch adds an option, `-proxyrandomize` (on by default) that randomizes
credentials for every outgoing connection, thus creating a new circuit.

    2015-03-16 15:29:59 SOCKS5 Sending proxy authentication 3842137544:3256031132
2015-04-17 13:26:47 +02:00
sandakersmann
f914f1a746
Added "Core" to copyright headers
Github-Pull: #5494
Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
2014-12-19 19:55:32 +01:00
Michael Ford
78253fcbad Remove references to X11 licence 2014-12-16 15:56:50 +08:00
Wladimir J. van der Laan
35e408f8a4 Regard connection failures as attempt for addrman
This avoids connecting to them again too soon in ThreadOpenConnections.

Make an exception for connection failures to the proxy as these
shouldn't affect the status of specific nodes.
2014-12-02 17:54:16 +01:00
Pavel Janík
a53d16ac0c Use complete path to include bitcoin-config.h. 2014-11-26 10:37:49 +01:00
Matt Corallo
2d06c0febf Add missing reserved address spaces. 2014-10-28 23:54:39 -07:00
Philip Kaufmann
de10efd154 add -timeout default as constant and use them
- update help message text
- simplify code in init to check for -timeout
2014-10-06 13:13:25 +02:00
Wladimir J. van der Laan
6050ab6855 netbase: Make SOCKS5 negotiation interruptible
Avoids that SOCKS5 negotiation will hold up the shutdown process.

- Sockets can stay in non-blocking mode, no need to switch it on/off
  anymore
- Adds a timeout (20 seconds) on SOCK5 negotiation. This should be
  enough for even Tor to get a connection to a hidden service, and
  avoids blocking the opencon thread indefinitely on a hanging proxy.

Fixes #2954.
2014-09-10 11:33:13 +02:00
Wladimir J. van der Laan
f7d0a86bf6 netbase: Use .data() instead of .c_str() on binary string
`.c_str()` is only guaranteed to return the data up to the first NUL
character.
2014-09-08 12:20:50 +02:00
Wladimir J. van der Laan
ad49c256c3 Split up util.cpp/h
Split up util.cpp/h into:

- string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach)
- money utilities (parsesmoney, formatmoney)
- time utilities (gettime*, sleep, format date):
- and the rest (logging, argument parsing, config file parsing)

The latter is basically the environment and OS handling,
and is stripped of all utility functions, so we may want to
rename it to something else than util.cpp/h for clarity (Matt suggested
osinterface).

Breaks dependency of sha256.cpp on all the things pulled in by util.
2014-08-26 13:25:22 +02:00
Wladimir J. van der Laan
3802224110 Remove all other print() methods
All unused.
2014-08-20 20:54:27 +02:00
Wladimir J. van der Laan
04d6c7d10c
Merge pull request #4605
aa82795 Add detailed network info to getnetworkinfo RPC (Wladimir J. van der Laan)
075cf49 Add GetNetworkName function (Wladimir J. van der Laan)
c91a947 Add IsReachable(net) function (Wladimir J. van der Laan)
60dc8e4 Allow -onlynet=onion to be used (Wladimir J. van der Laan)
2014-08-18 13:37:54 +02:00
Philip Kaufmann
efd6b87811 small net cleanup
- add comment for disabling sigpipe
- add closing comment in compat.h
- remove redundant check in net.h
2014-08-08 07:40:45 +02:00
Wladimir J. van der Laan
075cf49e59 Add GetNetworkName function
Returns the network name for an Network enum.
2014-07-30 15:41:17 +02:00
Wladimir J. van der Laan
60dc8e4208 Allow -onlynet=onion to be used
Just an alias for onlynet=tor, but matches the new name
of the proxy option -onion= better.
2014-07-30 15:38:58 +02:00
Philip Kaufmann
eaedb59e05 net: add SetSocketNonBlocking() as OS independent wrapper 2014-07-17 22:12:44 +02:00
Wladimir J. van der Laan
43f510d37d Convert closesocket 'compat wrapper' to function in netbase
Simpler alternative to #4348.

The current setup with closesocket() is strange. It poses
as a compatibility wrapper but adds functionality.

Rename it and make it a documented utility function in netbase.

Code movement only, zero effect on the functionality.
2014-07-17 15:46:25 +02:00
Wladimir J. van der Laan
418d4ad110
Merge pull request #4479
109849e Bugfix: strerror_r can return an error, and if it does, POSIX does not specify the content of the buffer (Luke Dashjr)
2014-07-08 13:35:56 +02:00
Luke Dashjr
109849e204 Bugfix: strerror_r can return an error, and if it does, POSIX does not specify the content of the buffer 2014-07-07 15:34:00 +00:00
Wladimir J. van der Laan
afe380ef0f
Fix the build for windows
Problem introduced in caf6150. Thanks to @drak for noticing. Fixes #4473.
2014-07-07 12:48:56 +02:00
Philip Kaufmann
0127a9be14 remove SOCKS4 support from core and GUI
- now we support SOCKS5 only
2014-07-07 08:15:14 +02:00
Huang Le
caf6150e97 Use async name resolving to improve net thread responsiveness
In the LookupIntern(), things changed are:

  1. Call getaddrinfo_a() instead of getaddrinfo() if available, the former is a sync version of the latter;
  2. Try using inet_pton()/inet_addr() to convert the input text to a network addr structure at first, if success the extra name resolving thread inside getaddrinfo_a() could be avoided;
  3.  An interruption point added in the waiting loop for return from getaddrinfo_a(), which completes the improve for thread responsiveness.

A easy way to see the effect is to kick off a 'bitcoind stop' immediately after 'bitcoind -daemon', before the change it would take several, or even tens of, minutes on a bad network situation to wait for the running bitcoind to exit, now it costs only seconds.

Signed-off-by: Huang Le <4tarhl@gmail.com>
2014-06-27 02:55:39 +08:00
Philip Kaufmann
6dc90ed8fa replace 3 separate calls to WSAGetLastError() with 1 2014-06-24 08:46:12 +02:00
Wladimir J. van der Laan
0f1040ba52
Merge pull request #4183
f40dbee remove CPubKey::VerifyCompact( ) which is never used (Kamil Domanski)
28b6c1d remove GetMedianTime( ) which is never used (Kamil Domanski)
5bd4adc remove LookupHostNumeric( ) which is never used (Kamil Domanski)
595f691 remove LogException( ) which is never used (Kamil Domanski)
f4057cb remove CTransaction::IsNewerThan which is never used (Kamil Domanski)
0e31e56 remove CWallet::AddReserveKey which is never used (Kamil Domanski)
2014-05-25 16:19:54 +02:00
Wladimir J. van der Laan
a60838d09a Replace non-threadsafe strerror
Log the name of the error as well as the error code if a network problem
happens. This makes network troubleshooting more convenient.

Use thread-safe strerror_r and the WIN32 equivalent FormatMessage.
2014-05-23 09:45:04 +02:00
Kamil Domanski
5bd4adca71 remove LookupHostNumeric( ) which is never used 2014-05-20 14:58:21 +02:00
Wladimir J. van der Laan
e16be73753 net: Add CSubNet class for subnet matching 2014-05-09 16:45:57 +02:00
Wladimir J. van der Laan
d864275299 Use new function parseint32 in SplitHostPort
Use the new function parseint32 in SplitHostPort instead of calling
strtol directly.
2014-05-09 16:45:57 +02:00
Wladimir J. van der Laan
e27c4110d9 Remove build-time no-IPv6 setting
The year is 2014. All supported operating systems have IPv6 support,
most certainly at build time (this doesn't mean that IPv6 is configured,
of course).

If noone is exercising the functionality to disable it, that means it
doesn't get tested, and IMO it's better to get rid of it.

(it's also not used consistently in RPC/boost and Net code...)
2014-05-01 12:15:36 +02:00
Gregory Maxwell
0bd05b53b1 Correct some proxy related socket leaks. 2014-04-09 17:09:45 -07:00
gubatron
57702541a2 Copyright header updates s/2013/2014 on files whose last git commit was done in 2014.
contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does.
2014-02-09 21:06:06 -05:00
Wladimir J. van der Laan
7d9d134bf9 Remove redundant .c_str()s
After the tinyformat switch sprintf() family functions support passing
actual std::string objects.

Remove unnecessary c_str calls (236 of them) in logging and formatting.
2014-01-23 16:05:01 +01:00
Philip Kaufmann
379778bde6 core: remove includes in .cpp, if header is already in .h
- example: if util.h includes stdint.h, remove it from util.cpp, as
  util.h is the first header included in util.cpp
2013-11-15 12:20:16 +01:00
Gavin Andresen
0f90613cbe Improve logging of failed connections 2013-11-11 10:17:06 +10:00
Brandon Dahler
51ed9ec971 Cleanup code using forward declarations.
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
2013-11-10 09:36:28 -06:00
super3
db0e8ccd90 Bump Year Number to 2013 2013-10-20 15:25:06 -04:00
David Hill
a5e685bcf8 Hurricane Electric uses block 2001:470::, not 2011:470:: 2013-10-04 08:46:45 -04:00
Gavin Andresen
881a85a22d Replace printf with LogPrintf / LogPrint 2013-09-18 20:39:25 +10:00
Cory Fields
35b8af9226 autotools: switch to autotools buildsystem 2013-09-05 21:31:03 -04:00
fcicq
98148a713e Fix fcntl include in net.cpp & netbase.cpp 2013-07-17 16:51:40 +08:00
Wladimir J. van der Laan
fe9e88cb06 fix !O_NONBLOCK where ~O_NONBLOCK was meant
Using ! on a non-zero value will always return 0.

Also remove some duplicate and superfluous code in other places.
2013-04-27 15:37:26 +02:00
Pieter Wuille
0fb9073edd Split off hash.h from util.h 2012-12-18 21:39:29 +01:00
Philip Kaufmann
0f8a647782 don't use memset() in privacy/security relevant code parts
As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.

For details see: http://www.viva64.com/en/b/0178/

- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()
2012-11-09 12:53:53 +01:00
Wladimir J. van der Laan
24694e24ed Merge pull request #1913 from sipa/noi2p
Remove I2P support from netbase
2012-10-11 00:41:33 -07:00
Wladimir J. van der Laan
ac0ad5dc63 Merge pull request #1901 from laanwj/2012_10_remove_strlcpy
get rid of strlcpy.h
2012-10-11 00:39:51 -07:00
Pieter Wuille
4e882b7960 Remove I2P support from netbase
I2P apparently needs 256 bits to store a fully routable address. Garlicat
requires a centralized lookup service to map the 80-bit addresses to fully
routable ones (as far as I understood), so that's not really usable in our
situation.

To support I2P routing and peer exchange for it, another solution is needed.
This will most likely imply a network protocol change, and extension of the
'addr' message.
2012-10-07 15:10:14 +02:00
Wladimir J. van der Laan
6032e4f4e7 get rid of strlcpy.h
Don't use hand-rolled string manipulation routine with a fixed
buffer in the bitcoin core, instead make use of c++ strings and boost.
2012-10-07 14:38:37 +02:00
Philip Kaufmann
81bbef2609 add LOCK() for proxy related data-structures
- fix #1560 by properly locking proxy related data-structures
- update GetProxy() and introduce GetNameProxy() to be able to use a
  thread-safe local copy from proxyInfo and nameproxyInfo
- update usage of GetProxy() all over the source to match the new
  behaviour, as it now fills a full proxyType object
- rename GetNameProxy() into HaveNameProxy() to be more clear
2012-10-04 09:35:24 +02:00
Wladimir J. van der Laan
e96a8c7d86 Merge pull request #1793 from Diapolo/fix_signed_unsigned_strprintf
fix signed/unsigned in strprintf and CNetAddr::GetByte()
2012-09-21 06:04:27 -07:00
Jeff Garzik
ea0796bde3 Trim trailing whitespace for src/*.{h,cpp} 2012-09-18 15:07:58 -04:00
Philip Kaufmann
463a1cab43 fix signed/unsigned in strprintf and CNetAddr::GetByte()
- I checked every occurance of strprintf() in the code and used %u, where
  unsigned vars are used
- the change to GetByte() was made, as ip is an unsigned char
2012-09-12 21:30:47 +02:00
Luke Dashjr
814efd6f1f Bugfix: Fix a variety of misspellings 2012-08-01 17:49:51 +00:00
Douglas Huff
b19811d5f4 Fix OBO in socks5 auth proposal. This fixes compatibility with openssh's socks5 proxy and tor's .2.3.x branch. 2012-07-07 09:11:54 -05:00
Pieter Wuille
d077dd2a6e Rewrite CNetAddr::GetReachabilityFrom()
Add support for Tor/I2P networks, and make code more readable.
2012-06-23 01:11:38 +02:00
Pieter Wuille
70f7f00385 Node support for Tor hidden services
This commit adds support for .onion addresses (mapped into the IPv6
by using OnionCat's range and encoding), and the ability to connect
to them via a SOCKS5 proxy.
2012-06-23 01:11:32 +02:00
Pieter Wuille
4c6b210af0 Fix netbase tests
* Do not rely on "a.b.c" being interpreted as "a.0.b.c"
* Parse numeric addresses for address families for which no device is configured
2012-06-19 02:22:09 +02:00
Gavin Andresen
c5532e188e Merge pull request #1399 from sipa/ipparse
Improve parsing of IPv6 addresses
2012-06-18 11:39:16 -07:00
Gavin Andresen
550c73f4c8 Merge branch 'signbugs' of https://github.com/wizeman/bitcoin
Resolved minor conflict in main.cpp
2012-06-18 10:48:40 -04:00
Pieter Wuille
1e8aeae15a Improve parsing of IPv6 addresses
Implement the following rules:
* Interpret [X]:Y as host=X port=Y, if Y is an integer
* Interpret X:Y as host=X port=Y, if Y is an integer and X contains no colon
* Interpret X:Y as host=X:Y port=default otherwise
2012-06-14 17:37:15 +02:00
Philip Kaufmann
b69dd08ae7 fix two signed/unsigned comparison warnings in netbase.cpp 2012-06-05 07:32:27 +02:00
Pieter Wuille
587f929c64 Rework network config settings 2012-05-31 18:12:35 +02:00
Fordy
3a25a2b9b0 Update License in File Headers
I originally created a pull to replace the "COPYING" in crypter.cpp and
crypter.h, but it turned out that COPYING was actually the correct
file.
2012-05-18 22:02:28 +08:00
Pieter Wuille
ca81464697 Use getnameinfo() to get canonical IPv6 addresses 2012-05-14 01:41:15 +02:00
Ricardo M. Correia
4843b55fd1 Make CNetAddr::GetHash() return an unsigned val.
This prevents an undefined operation in main.cpp, when shifting the hash value
left by 32 bits.
Shifting a signed int left into the sign bit is undefined in C++11.
2012-05-13 21:42:54 +02:00
Jeff Garzik
80af836ce0 Merge pull request #1277 from Diapolo/IPv6_IPv4_strings
use "IPv6" and "IPv4" in strings as these are the official spellings
2012-05-12 18:59:31 -07:00
Philip Kaufmann
ea933b03b4 use "IPv6" and "IPv4" in strings as these are the official spellings and make ParseNetwork() in netbase.cpp case-insensitive 2012-05-13 01:12:24 +02:00