Commit graph

454 commits

Author SHA1 Message Date
Cory Fields
8b8f87714d net: make Ban/Unban/ClearBan functionality consistent
- Ban/Unban/ClearBan call uiInterface.BannedListChanged() as necessary
- Ban/Unban/ClearBan sync to disk if the operation is user-invoked
- Mark node for disconnection automatically when banning
- Lock cs_vNodes while setting disconnected
- Don't spin in a tight loop while setting disconnected
2016-05-10 12:28:22 -04:00
Cory Fields
cca221fd21 net: Drop CNodeRef for AttemptToEvictConnection
Locking for each operation here is unnecessary, and solves the wrong problem.
Additionally, it introduces a problem when cs_vNodes is held in an owning
class, to which invididual CNodeRefs won't have access.

These should be weak pointers anyway, once vNodes contain shared pointers.

Rather than using a refcounting class, use a 3-step process instead.

1. Lock vNodes long enough to snapshot the fields necessary for comparing
2. Unlock and do the comparison
3. Re-lock and mark the resulting node for disconnection if it still exists
2016-05-05 13:22:25 -04:00
Cory Fields
563f375cde net: use the exposed GetNodeSignals() rather than g_signals directly 2016-05-05 13:22:25 -04:00
Cory Fields
9faa4902cd net: remove unused set 2016-05-05 13:22:24 -04:00
Cory Fields
52cbce287a net: don't import std namespace
This file is about to be broken up into chunks and moved around. Drop the
namespace now rather than requiring other files to use it.
2016-05-05 13:22:24 -04:00
Wladimir J. van der Laan
3b9a0bf41f
Merge #7840: Several performance and privacy improvements to inv/mempool handling
b559914 Move bloom and feerate filtering to just prior to tx sending. (Gregory Maxwell)
4578215 Return mempool queries in dependency order (Pieter Wuille)
ed70683 Handle mempool requests in send loop, subject to trickle (Pieter Wuille)
dc13dcd Split up and optimize transaction and block inv queues (Pieter Wuille)
f2d3ba7 Eliminate TX trickle bypass, sort TX invs for privacy and priority. (Gregory Maxwell)
2016-05-05 13:14:40 +02:00
Wladimir J. van der Laan
8206835cc1
Merge #7974: More comments on the design of AttemptToEvictConnection.
d90351f More comments on the design of AttemptToEvictConnection. (Gregory Maxwell)
2016-05-04 15:52:13 +02:00
Gregory Maxwell
d90351f050 More comments on the design of AttemptToEvictConnection.
Some developers clearly don't get this and have been posting
 "improvements" that create clear vulnerabilities.  It should
 have been better explained in the code, since the design
 is somewhat subtle and getting it right is important.
2016-04-29 23:15:23 +00:00
Kaz Wesley
f4ac02ee7c fix race that could fail to persist a ban
DumpBanList currently does this:
  - with lock: take a copy of the banmap
  - perform I/O (write out the banmap)
  - with lock: mark the banmap non-dirty
If a new ban is added during the I/O operation, it may never be persisted to
disk.

Reorder operations so that the data to be persisted cannot be older than the
time at which the banmap was marked non-dirty.
2016-04-27 09:41:13 -07:00
Gregory Maxwell
b559914753 Move bloom and feerate filtering to just prior to tx sending.
This will avoid sending more pointless INVs around updates, and
 prevents using filter updates to timetag transactions.

Also adds locking for fRelayTxes.
2016-04-21 00:33:56 +02:00
Pieter Wuille
ed7068302c Handle mempool requests in send loop, subject to trickle
By eliminating queued entries from the mempool response and responding only at
trickle time, this makes the mempool no longer leak transaction arrival order
information (as the mempool itself is also sorted)-- at least no more than
relay itself leaks it.
2016-04-21 00:33:56 +02:00
Cory Fields
a98cd1fc86 net: manually resolve dns seed sources
Note: Some seeds aren't actually returning an IP for their name entries, so
they're being added to addrman with a source of [::].

This commit shouldn't change that behavior, for better or worse.
2016-04-20 13:07:19 -04:00
Cory Fields
e9fc71e5fa net: require lookup functions to specify all arguments
To make it clear where DNS resolves are happening
2016-04-17 17:37:36 -04:00
Wladimir J. van der Laan
64e71b3721
Merge #7856: Only send one GetAddr response per connection.
66b0724 Only send one GetAddr response per connection. (Gregory Maxwell)
2016-04-15 09:03:17 +02:00
Pieter Wuille
38c310299c Change mapRelay to store CTransactions 2016-04-14 16:24:56 +02:00
Suhas Daftuar
7e91f632c7 Use txid as key in mapAlreadyAskedFor
Previously we used the CInv that would be sent to the peer announcing the
transaction as the key, but using the txid instead allows us to decouple the
p2p layer from the application logic (which relies on this map to avoid
duplicate tx requests).
2016-04-11 15:58:01 -04:00
Gregory Maxwell
66b07247a7 Only send one GetAddr response per connection.
This conserves resources from abusive peers that just send
 getaddr in a loop. Also makes correlating addr messages
 against INVs less effective.
2016-04-11 01:09:34 +00:00
Alex Morcos
9e072a6e66 Implement "feefilter" P2P message.
The "feefilter" p2p message is used to inform other nodes of your mempool min fee which is the feerate that any new transaction must meet to be accepted to your mempool.  This will allow them to filter invs to you according to this feerate.
2016-03-21 10:46:25 -04:00
Patrick Strateman
110b62f069 Remove vfReachable and modify IsReachable to only use vfLimited.
We do not know that a class of Network is reachable, only that it is not.
2016-02-17 23:21:27 -08:00
jloughry
37767fd46f fix spelling of advertise in src and doc 2016-02-12 12:51:54 -07:00
Wladimir J. van der Laan
2cdbf28cf3
Merge #7192: Unify product name to as few places as possible
027fdb8 When/if the copyright line does not mention Bitcoin Core developers, add a second line to copyrights in -version, About dialog, and splash screen (Luke Dashjr)
cc2095e Rewrite FormatParagraph to handle newlines within input strings correctly (Luke Dashjr)
cddffaf Bugfix: Include COPYRIGHT_HOLDERS_SUBSTITUTION in Makefile substitutions so it gets passed to extract-strings correctly (Luke Dashjr)
29598e4 Move PACKAGE_URL to configure.ac (Luke Dashjr)
78ec83d splashscreen: Resize text to fit exactly (Luke Dashjr)
3cae140 Bugfix: Actually use _COPYRIGHT_HOLDERS_SUBSTITUTION everywhere (Luke Dashjr)
4d5a3df Bugfix: gitian-descriptors: Add missing python-setuptools requirement for OS X (biplist module) (Luke Dashjr)
e4ab5e5 Bugfix: Correct copyright year in Mac DMG background image (Luke Dashjr)
917b1d0 Set copyright holders displayed in notices separately from the package name (Luke Dashjr)
c39a6ff Travis & gitian-osx: Use depends for ds_store and mac_alias modules (Luke Dashjr)
902ccde depends: Add mac_alias to depends (Luke Dashjr)
82a2d98 depends: Add ds_store to depends (Cory Fields)
de619a3 depends: Pass PYTHONPATH along to configure (Cory Fields)
e611b6e macdeploy: Use rsvg-convert rather than cairosvg (Luke Dashjr)
63bcdc5 More complicated package name substitution for Mac deployment (Luke Dashjr)
1a6c67c Parameterise 2009 in translatable copyright strings (Luke Dashjr)
d5f4683 Unify package name to as few places as possible without major changes (Luke Dashjr)
2016-02-04 13:42:24 +01:00
Wladimir J. van der Laan
898fedf42f
Merge #7458: [Net] peers.dat, banlist.dat recreated when missing
c77c662 peers.dat, banlist.dat recreated when missing (kirkalx)
2016-02-04 08:54:21 +01:00
kirkalx
c77c6625f3 peers.dat, banlist.dat recreated when missing 2016-02-04 11:46:24 +13:00
Luke Dashjr
a68bb9f5e7 Merge branch 'master' into single_prodname 2016-02-03 05:41:13 +00:00
Gregory Maxwell
1e05727072 Decide eviction group ties based on time.
This corrects a bug the case of tying group size where the code may
 fail to select the group with the newest member. Since newest time
 is the final selection criteria, failing to break ties on it
 on the step before can undermine the final selection.

Tied netgroups are very common.

(cherry picked from commit 8e09f914f8ec66301257358b250e9a61befadd95)
2016-02-01 15:31:21 +01:00
Gregory Maxwell
1e9613ac09 Do not absolutely protect local peers from eviction.
With automatic tor HS support in place we should probably not be providing
 absolute protection for local peers, since HS inbound could be used to
 attack pretty easily.  Instead, this counts on the latency metric inside
 AttemptToEvictConnection to privilege actually local peers.

(cherry picked from commit 46dbcd4833115401fecbb052365b4c7725874414)
2016-02-01 15:31:17 +01:00
Wladimir J. van der Laan
5578144413
Merge #7350: Banlist updates
e8600c9 banlist (bugfix): allow CNode::SweepBanned() to run on interval (Philip Kaufmann)
2977c24 banlist: add more banlist infos to log / add GUI signal (Philip Kaufmann)
ce479aa banlist: better handling of banlist in StartNode() (Philip Kaufmann)
57c77fe banlist: update set dirty to be more fine grained (Philip Kaufmann)
2016-01-20 13:38:40 +01:00
Chris Wheeler
9d263bd17c Typo fixes in comments 2016-01-17 11:03:56 +00:00
Luke Dashjr
5bc4fb7b60 Merge branch 'master' into 20150703_banlist_updates 2016-01-15 05:17:15 +00:00
Wladimir J. van der Laan
605c17844e
Merge pull request #7205
fa71669 [devtools] Use git pretty-format for year parsing (MarcoFalke)
fa24439 Bump copyright headers to 2015 (MarcoFalke)
fa6ad85 [devtools] Rewrite fix-copyright-headers.py (MarcoFalke)
2016-01-05 14:11:40 +01:00
21E14
a5a0831458 Double semicolon cleanup. 2015-12-30 12:23:07 -05:00
Luke Dashjr
d5f46832de Unify package name to as few places as possible without major changes 2015-12-14 02:11:10 +00:00
MarcoFalke
fa24439ff3 Bump copyright headers to 2015 2015-12-13 18:08:39 +01:00
Pieter Wuille
5400ef6bcb Replace trickle nodes with per-node/message Poisson delays
We used to have a trickle node, a node which was chosen in each iteration of
the send loop that was privileged and allowed to send out queued up non-time
critical messages. Since the removal of the fixed sleeps in the network code,
this resulted in fast and attackable treatment of such broadcasts.

This pull request changes the 3 remaining trickle use cases by random delays:
* Local address broadcast (while also removing the the wiping of the seen filter)
* Address relay
* Inv relay (for transactions; blocks are always relayed immediately)

The code is based on older commits by Patrick Strateman.
2015-12-11 22:20:38 +01:00
Wladimir J. van der Laan
9bbe71b641 net: Add and document network messages in protocol.h
- Avoids string typos (by making the compiler check)
- Makes it easier to grep for handling/generation of a certain message type
- Refer directly to documentation by following the symbol in IDE
- Move list of valid message types to protocol.cpp:
    protocol.cpp is a more appropriate place for this, and having
    the array there makes it easier to keep things consistent.
2015-12-10 12:14:06 +01:00
Wladimir J. van der Laan
e3bc5e0e92 net: Account for sendheaders verack messages
Looks like these were forgotten in #6589.
2015-12-07 15:17:53 +01:00
Jonas Schnelli
ca188c629e
log bytes recv/sent per command 2015-12-07 13:32:59 +01:00
Wladimir J. van der Laan
8843676621
Merge pull request #7133
aa4b0c2 When not filtering blocks, getdata sends more in one test (Pieter Wuille)
d41e44c Actually only use filterInventoryKnown with MSG_TX inventory messages. (Gregory Maxwell)
b6a0da4 Only use filterInventoryKnown with MSG_TX inventory messages. (Patick Strateman)
6b84935 Rename setInventoryKnown filterInventoryKnown (Patick Strateman)
e206724 Remove mruset as it is no longer used. (Gregory Maxwell)
ec73ef3 Replace setInventoryKnown with a rolling bloom filter. (Gregory Maxwell)
2015-12-03 13:16:46 +01:00
Wladimir J. van der Laan
1b5118bfa0
Merge pull request #7079
ebb25f4 Limit setAskFor and retire requested entries only when a getdata returns. (Gregory Maxwell)
5029698 prevent peer flooding request queue for an inv (kazcw)
2015-12-01 09:02:33 +01:00
Patick Strateman
6b849350ab Rename setInventoryKnown filterInventoryKnown 2015-11-30 12:53:48 +01:00
Gregory Maxwell
ec73ef37ec Replace setInventoryKnown with a rolling bloom filter.
Mruset setInventoryKnown was reduced to a remarkably small 1000
 entries as a side effect of sendbuffer size reductions in 2012.

This removes setInventoryKnown filtering from merkleBlock responses
 because false positives there are especially unattractive and
 also because I'm not sure if there aren't race conditions around
 the relay pool that would cause some transactions there to
 be suppressed. (Also, ProcessGetData was accessing
 setInventoryKnown without taking the required lock.)
2015-11-30 12:53:48 +01:00
Luke Dashjr
b966aa836a Constrain constant values to a single location in code 2015-11-28 18:47:29 +01:00
Gregory Maxwell
ebb25f4c23 Limit setAskFor and retire requested entries only when a getdata returns.
The setAskFor duplicate elimination was too eager and removed entries
 when we still had no getdata response, allowing the peer to keep
 INVing and not responding.
2015-11-23 01:54:23 +00:00
kazcw
5029698186 prevent peer flooding request queue for an inv
mapAlreadyAskedFor does not keep track of which peer has a request queued for a
particular tx. As a result, a peer can blind a node to a tx indefinitely by
sending many invs for the same tx, and then never replying to getdatas for it.
Each inv received will be placed 2 minutes farther back in mapAlreadyAskedFor,
so a short message containing 10 invs would render that tx unavailable for 20
minutes.

This is fixed by disallowing a peer from having more than one entry for a
particular inv in mapAlreadyAskedFor at a time.
2015-11-23 01:18:54 +00:00
Peter Todd
08843ed998 Add relaytxes status to getpeerinfo 2015-11-20 16:07:12 -08:00
Patick Strateman
71a2683f4b Use DEFAULT_BLOCKSONLY and DEFAULT_WHITELISTALWAYSRELAY constants 2015-11-14 05:10:59 -08:00
Patick Strateman
4044f07d1c Add blocksonly mode 2015-11-14 04:52:21 -08:00
MarcoFalke
b27e81f115 [net] Cleanup maxuploadtarget
* log: nMaxOutboundLimit is in bytes
* log: Hide misleading -maxuploadtarget=0 warning
* qa : Minor cleanup to maxuploadtarget rpc tests
* net: Use DEFAULT_MAX_UPLOAD_TARGET = 0
2015-11-12 20:45:57 +01:00
Wladimir J. van der Laan
09c1ae1c01 torcontrol improvements and fixes
- Force AUTHCOOKIE size to be 32 bytes: This provides protection against
  an attack where a process pretends to be Tor and uses the cookie
  authentication method to nab arbitrary files such as the
  wallet
- torcontrol logging
- fix cookie auth
- add HASHEDPASSWORD auth, fix fd leak when fwrite() fails
- better error reporting when cookie file is not ok
- better init/shutdown flow
- stop advertizing service when disconnected from tor control port
- COOKIE->SAFECOOKIE auth
2015-11-12 17:58:15 +01:00
Wladimir J. van der Laan
8f4e67f152 net: Automatically create hidden service, listen on Tor
Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket
API, to create and destroy 'ephemeral' hidden services programmatically.
https://stem.torproject.org/api/control.html#stem.control.Controller.create_ephemeral_hidden_service

This means that if Tor is running (and proper authorization is available),
bitcoin automatically creates a hidden service to listen on, without user
manual configuration. This will positively affect the number of available
.onion nodes.

- When the node is started, connect to Tor through control socket
- Send `ADD_ONION` command
- First time:
    - Make it create a hidden service key
    - Save the key in the data directory for later usage
- Make it redirect port 8333 to the local port 8333 (or whatever port we're listening on).
- Keep control socket connection open for as long node is running. The hidden service will
  (by default) automatically go away when the connection is closed.
2015-11-10 17:29:56 +01:00