Commit graph

84 commits

Author SHA1 Message Date
Wladimir J. van der Laan
e87ce95fbd
Merge #9720: net: fix banning and disallow sending messages before receiving verack
d943491 qa: add a test to detect leaky p2p messages (Cory Fields)
8650bbb qa: Expose on-connection to mininode listeners (Matt Corallo)
5b5e4f8 qa: mininode learns when a socket connects, not its first action (Matt Corallo)
cbfc5a6 net: require a verack before responding to anything else (Cory Fields)
8502e7a net: parse reject earlier (Cory Fields)
c45b9fb net: correctly ban before the handshake is complete (Cory Fields)
2017-02-14 14:42:29 +01:00
Cory Fields
cbfc5a6728 net: require a verack before responding to anything else
7a8c251901 made this logic hard to follow. After that change, messages would
not be sent to a peer via SendMessages() before the handshake was complete, but
messages could still be sent as a response to an incoming message.

For example, if a peer had not yet sent a verack, we wouldn't notify it about
new blocks, but we would respond to a PING with a PONG.

This change makes the behavior straightforward: until we've received a verack,
never send any message other than version/verack/reject.

The behavior until a VERACK is received has always been undefined, this change
just tightens our policy.

This also makes testing much easier, because we can now connect but not send
version/verack, and anything sent to us is an error.
2017-02-13 18:55:35 -05:00
Cory Fields
8502e7acbe net: parse reject earlier
Prior to this change, all messages were ignored until a VERSION message was
received, as well as possibly incurring a ban score.

Since REJECT messages can be sent at any time (including as a response to a bad
VERSION message), make sure to always parse them.

Moving this parsing up keeps it from being caught in the
if (pfrom->nVersion == 0) check below.
2017-02-13 18:55:35 -05:00
Cory Fields
c45b9fb54c net: correctly ban before the handshake is complete
7a8c251901 made a change to avoid getting into SendMessages() until the
version handshake (VERSION + VERACK) is complete. That was done to avoid
leaking out messages to nodes who could connect, but never bothered sending
us their version/verack.

Unfortunately, the ban tally and possible disconnect are done as part of
SendMessages(). So after 7a8c251901, if a peer managed to do something
bannable before completing the handshake (say send 100 non-version messages
before their version), they wouldn't actually end up getting
disconnected/banned. That's fixed here by checking the banscore as part of
ProcessMessages() in addition to SendMessages().
2017-02-13 18:55:34 -05:00
Matt Corallo
db2dc7a58c Move CNode::addrLocal access behind locked accessors 2017-02-10 11:32:41 -05:00
Matt Corallo
036073bf87 Move CNode::addrName accesses behind locked accessors 2017-02-10 11:32:41 -05:00
Matt Corallo
d8f2b8a8c0 Make nTimeBestReceived atomic 2017-02-10 11:32:41 -05:00
Matt Corallo
22b4966a29 Move [clean|str]SubVer writes/copyStats into a lock 2017-02-10 11:32:41 -05:00
Cory Fields
321d0fc6b6 net: fix a few races. Credit @TheBlueMatt
These are (afaik) all long-standing races or concurrent accesses. Going
forward, we can clean these up so that they're not all individual atomic
accesses.

- Reintroduce cs_vRecv to guard receive-specific vars
- Lock vRecv/vSend for CNodeStats
- Make some vars atomic.
- Only set the connection time in CNode's constructor so that it doesn't change
2017-02-10 11:32:39 -05:00
Wladimir J. van der Laan
729de15b63
Merge #9604: [Trivial] add comment about setting peer as HB peer.
dd5b011 [Trivial] add comment about setting peer as HB peer. (John Newbery)
2017-02-07 13:03:57 +01:00
Wladimir J. van der Laan
09e0c28f85
Merge #9659: Net: Turn some methods and params/variables const
0729102 Net: pass interruptMsgProc as const where possible (Jorge Timón)
fc7f2ff Net: Make CNetMsgMaker more const (Jorge Timón)
d45955f Net: CConnman: Make some methods const (Jorge Timón)
2017-02-06 14:34:53 +01:00
Cory Fields
7a8c251901 net: Disallow sending messages until the version handshake is complete
This is a change in behavior, though it's much more sane now than before.
2017-02-02 16:14:16 -05:00
Cory Fields
2046617b5e net: deserialize the entire version message locally
This avoids having some vars set if the version negotiation fails.

Also copy it all into CNode at the same site. nVersion and
fSuccessfullyConnected are set last, as they are the gates for the other vars.
Make them atomic for that reason.
2017-02-02 16:13:52 -05:00
Matt Corallo
80ff0344ae Dont deserialize nVersion into CNode, should fix #9212 2017-02-02 13:56:05 -05:00
Jorge Timón
0729102f99
Net: pass interruptMsgProc as const where possible 2017-01-31 23:45:47 +01:00
Jorge Timón
fc7f2ffad4
Net: Make CNetMsgMaker more const 2017-01-31 23:29:28 +01:00
Karl-Johan Alm
b7b48c8bbd Refactor: Remove using namespace <xxx> from src/*.cpp. 2017-01-27 18:13:20 +09:00
Wladimir J. van der Laan
fd7021142a
Merge #9594: Send final alert message to older peers after connecting.
8ff8d21 Send final alert message to older peers after connecting. (Gregory Maxwell)
2017-01-26 10:31:55 +01:00
John Newbery
dd5b0114cf [Trivial] add comment about setting peer as HB peer.
This adds a comment to the new logic for setting HB peers based
on block validation (and aligns the code below to reflect the comment).
It's not obvious why we're checking mapBlocksInFlight. Add a comment to
explain.
2017-01-20 15:05:12 -05:00
Pavel Janík
44f2baac48 Do not shadow local variable named tx. 2017-01-20 10:55:47 +01:00
Gregory Maxwell
8ff8d219c3 Send final alert message to older peers after connecting.
The old Bitcoin alert system has long since been retired.
( See also: https://bitcoin.org/en/alert/2016-11-01-alert-retirement )

This change causes each node to send any old peers that
 it connects with a copy of the final alert.

The alert it hardcode cancels all other alerts including
 other final alerts.
2017-01-20 07:33:58 +00:00
Wladimir J. van der Laan
9c9af5ab2d
Merge #9499: Use recent-rejects, orphans, and recently-replaced txn for compact-block-reconstruction
c594580 Add braces around AddToCompactExtraTransactions (Matt Corallo)
1ccfe9b Clarify comment about mempool/extra conflicts (Matt Corallo)
fac4c78 Make PartiallyDownloadedBlock::InitData's second param const (Matt Corallo)
b55b416 Add extra_count lower bound to compact reconstruction debug print (Matt Corallo)
863edb4 Consider all (<100k memusage) txn for compact-block-extra-txn cache (Matt Corallo)
7f8c8ca Consider all orphan txn for compact-block-extra-txn cache (Matt Corallo)
93380c5 Use replaced transactions in compact block reconstruction (Matt Corallo)
1531652 Keep shared_ptrs to recently-replaced txn for compact blocks (Matt Corallo)
edded80 Make ATMP optionally return the CTransactionRefs it replaced (Matt Corallo)
c735540 Move ORPHAN constants from validation.h to net_processing.h (Matt Corallo)
2017-01-19 09:03:46 +01:00
Matt Corallo
c5945804ca Add braces around AddToCompactExtraTransactions 2017-01-16 23:00:58 -05:00
Pieter Wuille
6696b4635c
Merge #9561: Wake message handling thread when we receive a new block
241d893 Wake message handling thread when we receive a new block (Matt Corallo)
f13914a Make WakeMessageHandler public (Matt Corallo)
2017-01-16 19:54:52 -08:00
Pieter Wuille
8a445c5651
Merge #9400: Set peers as HB peers upon full block validation
d4781ac Set peers as HB peers upon full block validation (Gregory Sanders)
2017-01-15 09:44:33 -08:00
Wladimir J. van der Laan
f62bc10a60
Merge #9486: Make peer=%d log prints consistent
e6111b2 Make peer id logging consistent ("peer=%d" instead of "peer %d") (Matt Corallo)
2017-01-15 06:44:54 +01:00
Matt Corallo
241d8938f4 Wake message handling thread when we receive a new block
This forces the message handling thread to make another full
iteration of SendMessages prior to going back to sleep, ensuring
we announce the new block to all peers before sleeping.
2017-01-14 16:00:16 -08:00
Pieter Wuille
3908fc4728
Merge #9375: Relay compact block messages prior to full block connection
02ee4eb Make most_recent_compact_block a pointer to a const (Matt Corallo)
73666ad Add comment to describe callers to ActivateBestChain (Matt Corallo)
962f7f0 Call ActivateBestChain without cs_main/with most_recent_block (Matt Corallo)
0df777d Use a temp pindex to avoid a const_cast in ProcessNewBlockHeaders (Matt Corallo)
c1ae4fc Avoid holding cs_most_recent_block while calling ReadBlockFromDisk (Matt Corallo)
9eb67f5 Ensure we meet the BIP 152 old-relay-types response requirements (Matt Corallo)
5749a85 Cache most-recently-connected compact block (Matt Corallo)
9eaec08 Cache most-recently-announced block's shared_ptr (Matt Corallo)
c802092 Relay compact block messages prior to full block connection (Matt Corallo)
6987219 Add a CValidationInterface::NewPoWValidBlock callback (Matt Corallo)
180586f Call AcceptBlock with the block's shared_ptr instead of CBlock& (Matt Corallo)
8baaba6 [qa] Avoid race in preciousblock test. (Matt Corallo)
9a0b2f4 [qa] Make compact blocks test construction using fetch methods (Matt Corallo)
8017547 Make CBlockIndex*es in net_processing const (Matt Corallo)
2017-01-13 14:52:26 -08:00
Matt Corallo
02ee4eb263 Make most_recent_compact_block a pointer to a const 2017-01-13 16:28:15 -05:00
Pieter Wuille
8b66bf74e2
Merge #9441: Net: Massive speedup. Net locks overhaul
e60360e net: remove cs_vRecvMsg (Cory Fields)
991955e net: add a flag to indicate when a node's send buffer is full (Cory Fields)
c6e8a9b net: add a flag to indicate when a node's process queue is full (Cory Fields)
4d712e3 net: add a new message queue for the message processor (Cory Fields)
c5a8b1b net: rework the way that the messagehandler sleeps (Cory Fields)
c72cc88 net: remove useless comments (Cory Fields)
ef7b5ec net: Add a simple function for waking the message handler (Cory Fields)
f5c36d1 net: record bytes written before notifying the message processor (Cory Fields)
60befa3 net: handle message accounting in ReceiveMsgBytes (Cory Fields)
56212e2 net: set message deserialization version when it's actually time to deserialize (Cory Fields)
0e973d9 net: remove redundant max sendbuffer size check (Cory Fields)
6042587 net: wait until the node is destroyed to delete its recv buffer (Cory Fields)
f6315e0 net: only disconnect if fDisconnect has been set (Cory Fields)
5b4a8ac net: make GetReceiveFloodSize public (Cory Fields)
e5bcd9c net: make vRecvMsg a list so that we can use splice() (Cory Fields)
53ad9a1 net: fix typo causing the wrong receive buffer size (Cory Fields)
2017-01-13 10:02:18 -08:00
Cory Fields
e60360e139 net: remove cs_vRecvMsg
vRecvMsg is now only touched by the socket handler thread.

The accounting vars (nRecvBytes/nLastRecv/mapRecvBytesPerMsgCmd) are also
only used by the socket handler thread, with the exception of queries from
rpc/gui. These accesses are not threadsafe, but they never were. This needs to
be addressed separately.

Also, update comment describing data flow
2017-01-12 23:08:08 -05:00
Cory Fields
991955ee81 net: add a flag to indicate when a node's send buffer is full
Similar to the recv flag, but this one indicates whether or not the net's send
buffer is full.

The socket handler checks the send queue when a new message is added and pauses
if necessary, and possibly unpauses after each message is drained from its buffer.
2017-01-12 23:05:59 -05:00
Cory Fields
c6e8a9bcff net: add a flag to indicate when a node's process queue is full
Messages are dumped very quickly from the socket handler to the processor, so
it's the depth of the processing queue that's interesting.

The socket handler checks the process queue's size during the brief message
hand-off and pauses if necessary, and the processor possibly unpauses each time
a message is popped off of its queue.
2017-01-12 23:05:47 -05:00
Cory Fields
4d712e366c net: add a new message queue for the message processor
This separates the storage of messages from the net and queued messages for
processing, allowing the locks to be split.
2017-01-12 23:05:25 -05:00
Cory Fields
c5a8b1b946 net: rework the way that the messagehandler sleeps
In order to sleep accurately, the message handler needs to know if _any_ node
has more processing that it should do before the entire thread sleeps.

Rather than returning a value that represents whether ProcessMessages
encountered a message that should trigger a disconnnect, interpret the return
value as whether or not that node has more work to do.

Also, use a global fProcessWake value that can be set by other threads,
which takes precedence (for one cycle) over the messagehandler's decision.

Note that the previous behavior was to only process one message per loop
(except in the case of a bad checksum or invalid header). That was changed in
PR #3180.

The only change here in that regard is that the current node now falls to the
back of the processing queue for the bad checksum/invalid header cases.
2017-01-12 23:05:24 -05:00
Cory Fields
c72cc88ed3 net: remove useless comments 2017-01-12 23:05:09 -05:00
Wladimir J. van der Laan
2742568a00
Merge #9261: Add unstored orphans with rejected parents to recentRejects
dfbe0d5 Add unstored orphans with rejected parents to recentRejects (Alex Morcos)
2017-01-12 12:34:44 +01:00
Matt Corallo
962f7f054f Call ActivateBestChain without cs_main/with most_recent_block
There is still a call to ActivateBestChain with cs_main if a peer
requests the block prior to it being validated, but this one is
more specifically-gated, so should be less of an issue.
2017-01-11 21:18:48 -08:00
Matt Corallo
863edb45b9 Consider all (<100k memusage) txn for compact-block-extra-txn cache 2017-01-10 14:48:42 -05:00
Matt Corallo
7f8c8cab1e Consider all orphan txn for compact-block-extra-txn cache 2017-01-10 14:48:42 -05:00
Matt Corallo
93380c5247 Use replaced transactions in compact block reconstruction 2017-01-10 14:48:42 -05:00
Matt Corallo
1531652e02 Keep shared_ptrs to recently-replaced txn for compact blocks 2017-01-10 14:48:42 -05:00
Matt Corallo
e6111b2398 Make peer id logging consistent ("peer=%d" instead of "peer %d") 2017-01-07 16:19:34 -05:00
Matt Corallo
c1ae4fcf7d Avoid holding cs_most_recent_block while calling ReadBlockFromDisk 2017-01-05 15:16:34 -05:00
Gregory Maxwell
50bd12ce0c Break addnode out from the outbound connection limits.
Previously addnodes were in competition with outbound connections
 for access to the eight outbound slots.

One result of this is that frequently a node with several addnode
 configured peers would end up connected to none of them, because
 while the addnode loop was in its two minute sleep the automatic
 connection logic would fill any free slots with random peers.
 This is particularly unwelcome to users trying to maintain links
 to specific nodes for fast block relay or purposes.

Another result is that a group of nine or more nodes which are
 have addnode configured towards each other can become partitioned
 from the public network.

This commit introduces a new limit of eight connections just for
 addnode peers which is not subject to any of the other connection
 limitations (including maxconnections).

The choice of eight is sufficient so that under no condition would
 a user find themselves connected to fewer addnoded peers than
 previously.  It is also low enough that users who are confused
 about the significance of more connections and have gotten too
 copy-and-paste happy will not consume more than twice the slot
 usage of a typical user.

Any additional load on the network resulting from this will likely
 be offset by a reduction in users applying even more wasteful
 workaround for the prior behavior.

The retry delays are reduced to avoid nodes sitting around without
 their added peers up, but are still sufficient to prevent overly
 aggressive repeated connections.  The reduced delays also make
 the system much more responsive to the addnode RPC.

Ban-disconnects are also exempted for peers added via addnode since
 the outbound addnode logic ignores bans.  Previously it would ban
 an addnode then immediately reconnect to it.

A minor change was also made to CSemaphoreGrant so that it is
 possible to re-acquire via an object whos grant was moved.
2017-01-05 19:02:09 +00:00
Matt Corallo
9eb67f5000 Ensure we meet the BIP 152 old-relay-types response requirements
In order to do this, we must call ActivateBestChain prior to
responding getdata requests for blocks which we announced using
compact blocks.

For getheaders responses we dont need code changes, but do note
that we must reset the bestHeaderSent so that the SendMessages call
re-announces the header in question.

While we could do something smarter for getblocks, calling
ActivateBestChain is simple and more obviously correct, instead of
doing something more similar to getheaders.

See-also the BIP clarifications at
https://github.com/bitcoin/bips/pull/486
2017-01-05 10:32:07 -05:00
Matt Corallo
5749a853b9 Cache most-recently-connected compact block 2017-01-05 10:32:07 -05:00
Matt Corallo
9eaec08dd2 Cache most-recently-announced block's shared_ptr 2017-01-05 10:32:07 -05:00
Matt Corallo
c802092142 Relay compact block messages prior to full block connection 2017-01-05 10:32:07 -05:00
Matt Corallo
80175472d1 Make CBlockIndex*es in net_processing const 2017-01-04 15:56:08 -05:00