Commit graph

282 commits

Author SHA1 Message Date
Pieter Wuille
273d02580a Use a FastRandomContext in LimitOrphanTxSize 2018-12-12 14:22:12 -08:00
MarcoFalke
fa4fc8856b
validation: Add and use HaveTxsDownloaded where appropriate 2018-12-04 10:51:56 -05:00
MarcoFalke
11e1ac3ae0
Merge #14436: doc: add comment explaining recentRejects-DoS behavior
b191c7dfb7 doc: add comment explaining recentRejects-DoS behavior (James O'Beirne)

Pull request description:

  When we receive invalid txs for the first time, we mark the sender as
  misbehaving. If we receive the same tx before a new block is seen, we *don't*
  punish the second sender (in the same way we do the original sender). It wasn't
  initially clear to me that this is intentional, so add a clarifying comment.

Tree-SHA512: d12c674db137ed3ad83e0b941bffe6ddcd2982238048742afa574a4235881f0e58cfc0a4a576a0503e74c5c5240c270b9520fa30221e8b43a371fb3e0b37066b
2018-11-07 14:59:35 -05:00
Jim Posen
2068f089c8 scripted-diff: Move util files to separate directory.
-BEGIN VERIFY SCRIPT-
mkdir -p src/util
git mv src/util.h src/util/system.h
git mv src/util.cpp src/util/system.cpp
git mv src/utilmemory.h src/util/memory.h
git mv src/utilmoneystr.h src/util/moneystr.h
git mv src/utilmoneystr.cpp src/util/moneystr.cpp
git mv src/utilstrencodings.h src/util/strencodings.h
git mv src/utilstrencodings.cpp src/util/strencodings.cpp
git mv src/utiltime.h src/util/time.h
git mv src/utiltime.cpp src/util/time.cpp

sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')

sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h
sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h
sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h
sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h
sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h

sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am
sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am
sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am
sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am
sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am

sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh
sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh
sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh
sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh
sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj
-END VERIFY SCRIPT-
2018-11-04 22:46:07 -08:00
James O'Beirne
b191c7dfb7 doc: add comment explaining recentRejects-DoS behavior
When we receive invalid txs for the first time, we mark the sender as
misbehaving. If we receive the same tx before a new block is seen, we *don't*
punish the second sender (in the same way we do the original sender). It wasn't
initially clear to me that this is intentional, so add a clarifying comment.
2018-10-16 13:04:42 -04:00
MarcoFalke
423cb37658
Merge #14027: Skip stale tip checking if outbound connections are off or if reindexing.
66b3fc5437 Skip stale tip checking if outbound connections are off or if reindexing. (Gregory Maxwell)

Pull request description:

  I got tired of the pointless stale tip notices in reindex and on nodes with connections disabled.

Tree-SHA512: eb07d9c5c787ae6dea02cdd1d67a48a36a30adc5ccc74d6f1c0c7364d404dc8848b35d2b8daf5283f7c8f36f1a3c463aacb190d70a22d1fe796a301bb1f03228
2018-09-27 11:18:47 -04:00
Wladimir J. van der Laan
5c24d3b98c
Merge #13249: Make objects in range declarations immutable by default. Avoid unnecessary copying of objects in range declarations.
f34c8c466a Make objects in range declarations immutable by default. Avoid unnecessary copying of objects in range declarations. (practicalswift)

Pull request description:

  Make objects in range declarations immutable by default.

  Rationale:
  * Immutable objects are easier to reason about.
  * Prevents accidental or hard-to-notice change of value.

Tree-SHA512: cad69d35f0cf8a938b848e65dd537c621d96fe3369be306b65ef0cd1baf6cc0a9f28bc230e1e383d810c555a6743d08cb6b2b0bd51856d4611f537a12e5abb8b
2018-09-04 15:50:08 +02:00
practicalswift
b602c9b3af tests: Add missing locking annotations and locks 2018-08-30 16:36:26 +02:00
practicalswift
f34c8c466a Make objects in range declarations immutable by default. Avoid unnecessary copying of objects in range declarations. 2018-08-27 18:19:33 +02:00
practicalswift
9e0a514112 Add compile time checking for all cs_main runtime locking assertions 2018-08-26 00:25:28 +02:00
Wladimir J. van der Laan
021dce935a
Merge #13946: p2p: Clarify control flow in ProcessMessage
fa6c3dea42 p2p: Clarify control flow in ProcessMessage() (MarcoFalke)

Pull request description:

  `ProcessMessage` is effectively a massive switch case construct. In the past there were attempts to clarify the control flow in `ProcessMessage()` by moving each case into a separate static function (see #9608). It was closed because it wasn't clear if moving each case into a function was the right approach.
  Though, we can quasi treat each case as a function by adding a return statement to each case. (Can be seen as a continuation of bugfix #13162)

  This patch does exactly that.

  Also note that this patch is a subset of previous approaches such as #9608 and #10145.

  Review suggestion: `git diff HEAD~ --function-context`

Tree-SHA512: 91f6106840de2f29bb4f10d27bae0616b03a91126e6c6013479e1dd79bee53f22a78902b631fe85517dd5dc0fa7239939b4fefc231851a13c819458559f6c201
2018-08-25 18:18:15 +02:00
Gregory Maxwell
66b3fc5437 Skip stale tip checking if outbound connections are off or if reindexing. 2018-08-23 10:10:12 +00:00
MarcoFalke
fa5099ceb7
p2p: Remove dead code for nVersion=10300 2018-08-22 09:22:04 -04:00
MarcoFalke
fa6c3dea42
p2p: Clarify control flow in ProcessMessage() 2018-08-12 15:07:45 -04:00
Wladimir J. van der Laan
48bf8ff5b1
Merge #13907: Introduce a maximum size for locators.
e254ff5d53 Introduce a maximum size for locators. (Gregory Maxwell)

Pull request description:

  The largest sensible size for a locator is log in the number of blocks.
   But, as noted by Coinr8d on BCT a maximum size message could encode a
   hundred thousand locators.  If height were used to limit the messages
   that could open new attacks where peers on long low diff forks would
   get disconnected and end up stuck.

  Ideally, nodes first first learn to limit the size of locators they
   send before limiting what would be processed, but common implementations
   back off with an exponent of 2 and have an implicit limit of 2^32
   blocks, so they already cannot produce locators over some size.

  Locators are cheap to process so allowing a few more is harmless,
   so this sets the maximum to 64-- which is enough for blockchains
   with 2^64 blocks before the get overhead starts increasing.

Tree-SHA512: da28df9c46c988980da861046c62e6e7f93d0eaab3083d32e408d1062f45c00316d5e1754127e808c1feb424fa8e00e5a91aea2cc3b80326b71c148696f7cdb3
2018-08-10 19:52:13 +02:00
Gregory Maxwell
e254ff5d53 Introduce a maximum size for locators.
The largest sensible size for a locator is log in the number of blocks.
 But, as noted by Coinr8d on BCT a maximum size message could encode a
 hundred thousand locators.  If height were used to limit the messages
 that could open new attacks where peers on long low diff forks would
 get disconnected and end up stuck.

Ideally, nodes first first learn to limit the size of locators they
 send before limiting what would be processed, but common implementations
 back off with an exponent of 2 and have an implicit limit of 2^32
 blocks, so they already cannot produce locators over some size.

This sets the limit to an absurdly high amount of 101 in order to
 maximize compatibility with existing software.
2018-08-09 20:54:01 +00:00
DrahtBot
eb7daf4d60 Update copyright headers to 2018 2018-07-27 07:15:02 -04:00
Jesse Cohen
1e3bcd2517 [net_processing] Add thread safety annotations 2018-07-25 15:23:53 -04:00
Wladimir J. van der Laan
c575260f80
Merge #11637: p2p: Remove dead service bits code
fa4bf92be9 Remove dead service bits code (MarcoFalke)

Pull request description:

  Seems fine to remove for the upcoming 0.17 release

  Fixes #10993

Tree-SHA512: 3a4664b787e3da399bcaaba693619bd384826df14f469dbdfbbfffc540d9da3f2b322cda262b43388376785f77907c2540541c239ab0fca82bd7eb69d02b6b7a
2018-07-20 15:13:49 +02:00
Pieter Wuille
f8d470e246
Merge #13298: Net: Bucketing INV delays (1 bucket) for incoming connections to hide tx time
d45b344ffd Bucket for inbound when scheduling invs to hide tx time (Gleb)

Pull request description:

  It has been brought up to my attention that current random delays mechanism (originally intended to obfuscate transaction metadata) allows to easily estimate the time a transaction was received by a node.

  It may be done by connecting multiple observer nodes to the same node. Each of those nodes will generate its own schedule of delays. Combined metadata regarding those events from different sources allows an observer to estimate transaction time.

  After this patch a spy won't gain additional information by just creating multiple connections to a target.

Tree-SHA512: c71dae5ff350b614cb40a8e201fd0562d3e03e3e72a5099718cd451f0d84c66d5e52bbaf0d5b4b75137514c8efdedcc6ef4df90142b360153f04ad0721545ab1
2018-07-16 10:37:02 -07:00
Gleb
d45b344ffd Bucket for inbound when scheduling invs to hide tx time 2018-07-13 23:14:35 -07:00
Pieter Wuille
1e90862f5d
Merge #13417: [net] Tighten scope in net_processing
3339ba28e9 Make g_enable_bip61 a member variable of PeerLogicValidation (Jesse Cohen)
6690a28606 Restrict as much as possible in net_processing to translation unit (Jesse Cohen)
1d4df02b7e [move-only] Move things only referenced in net_processing out of header file (Jesse Cohen)
02bbc05310 Rescope g_enable_bip61 to net_processing (Jesse Cohen)

Pull request description:

  As part of a larger effort to decouple net_processing and validation a bit, these are a bunch of simple scope cleanups. I've moved things out of the header file that are only referenced in net_processing and added static (or anonymous namespace) modifiers to everything possible in net_processing.

  There are a handful of functions which could be static except that they are exposed for the sake of unit testing - these are explicitly commented. There has been some discussion of a compile time annotation, but no conclusion has been reached on that yet.

  This is somewhat related to other prs #12934 #13413 #13407 and will be followed by prs that reduce reliance on cs_main to synchronize data structures which are translation unit local to net_processing

Tree-SHA512: 46c9660ee4e06653feb42ba92189565b0aea17aac2375c20747c0d091054c63829cbf66d2daddf65682b58ce1d6922e23aefea051a7f2c8abbb6db253a609082
2018-07-13 20:10:55 -07:00
MarcoFalke
fa4bf92be9
Remove dead service bits code 2018-07-11 10:32:25 -04:00
Jesse Cohen
3339ba28e9 Make g_enable_bip61 a member variable of PeerLogicValidation 2018-07-09 21:09:58 -04:00
Matt Corallo
beef7ec4be Remove useless mapRequest tracking that just effects Qt display.
I thought we had removed this a long time ago, TBH, its really
confusing feedback to users that we display whether a tx was
broadcast to immediate neighbor nodes, given that has little
indication of whether the tx propagated very far.
2018-07-09 20:06:39 -04:00
practicalswift
4b6ab02122
Remove unused argument to ProcessGetBlockData(...) 2018-07-08 21:27:12 +08:00
fanquake
c469ecf22e
net: Remove unused interrupt from SendMessages 2018-07-08 21:27:12 +08:00
Wladimir J. van der Laan
062738cf69
Merge #13096: [Policy] Fix MAX_STANDARD_TX_WEIGHT check
2f1a30c63 Fix MAX_STANDARD_TX_WEIGHT check (Johnson Lau)

Pull request description:

  As suggested by the constant name and its comment in policy.h, a transaction with a weight of exactly MAX_STANDARD_TX_WEIGHT should be allowed. Users could be confused.

Tree-SHA512: af417de1c6a2e6796ebbb39aa0caad8764302ded155cb1bbfbe457e4567c199cc53256189832b17d4aeec369e190b3edd4c6116d5f0b8cf0ede6dfb4ed83bdd3
2018-07-05 18:40:58 +02:00
Ben Woosley
e62fdfeeab
Drop unused init.h includes
These were entirely unused, as based on successful compilation
and a grep for:
  \bStartShutdown\(\)|\bShutdownRequested\(\)|\bInterrupt\(\)|\bShutdown\(\)|\bInitLogging\(\)|\bInitParameterInteraction\(\)|\bAppInitBasicSetup\(\)|\bAppInitParameterInteraction\(\)|\bAppInitSanityChecks\(\)|\bAppInitLockDataDirectory\(\)|\bAppInitMain\(\)|\bSetupServerArgs\(\)|\bLicenseInfo\(\)|g_wallet_init_interface|init.h
2018-06-25 00:08:00 -04:00
Jesse Cohen
6690a28606
Restrict as much as possible in net_processing to translation unit
Mark everything else static or in an anonymous namespace.
2018-06-20 17:27:59 -04:00
Jesse Cohen
1d4df02b7e [move-only] Move things only referenced in net_processing out of header file 2018-06-19 13:02:27 -04:00
Jesse Cohen
02bbc05310 Rescope g_enable_bip61 to net_processing 2018-06-19 13:02:26 -04:00
MarcoFalke
b22115d9a3
Merge #13312: docs: Add a note about the source code filename naming convention
e56771365b Do not use uppercase characters in source code filenames (practicalswift)
419a1983ca docs: Add a note about the source code filename naming convention (practicalswift)

Pull request description:

  Add a note about the source code filename naming convention.

Tree-SHA512: 8d329bd9e19bcd26e74b0862fb0bc2369b46095dbd3e69d34859908632763abd7c3d00ccc44ee059772ad4bae4460c2bcc1c0e22fd9d8876d57e5fcd346cea4b
2018-06-12 08:02:20 -04:00
Wladimir J. van der Laan
70d3541313
Merge #13134: net: Add option -enablebip61 to configure sending of BIP61 notifications
87fe292d89 doc: Mention disabling BIP61 in bips.md (Wladimir J. van der Laan)
fe16dd8226 net: Add option `-enablebip61` to configure sending of BIP61 notifications (Wladimir J. van der Laan)

Pull request description:

  This commit adds a boolean option `-peersendreject`, defaulting to `1`, that can be used to disable the sending of [BIP61](https://github.com/bitcoin/bips/blob/master/bip-0061.mediawiki) `reject` messages. This functionality has been requested for various reasons:

  - security (DoS): reject messages can reveal internal state that can be used to target certain resources such as the mempool more easily.

  - bandwidth: a typical node sends lots of reject messages; this counts against upstream bandwidth. Also the reject messages tend to be larger than the message that was rejected.

  On the other hand, reject messages can be useful while developing client software (I found them indispensable while creating bitcoin-submittx), as well as for our own test cases, so whatever the default becomes on the long run, IMO the functionality should be retained as option. But that's a discussion for later, for now it's simply a node operator decision.

  Also adds a RPC test that checks the functionality.

Tree-SHA512: 9488cc53e13cd8e5c6f8eb472a44309572673405c1d1438c3488f627fae622c95e2198bde5ed7d29e56b948e2918bf1920239e9f865889f4c37c097c37a4d7a9
2018-05-29 15:31:54 +02:00
Wladimir J. van der Laan
7f4db9a7c3
Merge #13151: net: Serve blocks directly from disk when possible
0bf431870e net: Serve blocks directly from disk when possible (Wladimir J. van der Laan)

Pull request description:

  In `ProcessGetBlockData`, send the block data directly from disk if type MSG_WITNESS_BLOCK is requested. This is a valid shortcut as the on-disk format matches the network format.

  This is expected to increase performance because a deserialization and subsequent serialization roundtrip is avoided.

Tree-SHA512: 9a9500b4c1354eaae1a6f1c6ef2416c1c1985029852589266f3a70e808f6c7482c135e9ab251a527566935378ab7c32dba4ed43ba5451e802d8e72b77d1ba472
2018-05-23 19:51:28 +02:00
practicalswift
e56771365b Do not use uppercase characters in source code filenames 2018-05-23 16:07:37 +02:00
Wladimir J. van der Laan
0bf431870e net: Serve blocks directly from disk when possible
In `ProcessGetBlockData`, send the block data directly from disk if
type MSG_WITNESS_BLOCK is requested. This is a valid shortcut as the
on-disk format matches the network format.

This is expected to increase performance because a deserialization and
subsequent serialization roundtrip is avoided.
2018-05-15 08:11:56 +02:00
Wladimir J. van der Laan
fe16dd8226 net: Add option -enablebip61 to configure sending of BIP61 notifications
This commit adds a boolean option `-enablebip61`, defaulting to `1`, that
can be used to disable the sending of BIP61 `reject` messages. This
functionality has been requested for various reasons:

- security (DoS): reject messages can reveal internal state that can be
  used to target certain resources such as the mempool more easily.

- bandwidth: a typical node sends lots of reject messages; this counts
  against upstream bandwidth. Also the reject messages tend to be larger
  than the message that was rejected.

On the other hand, reject messages can be useful while developing client
software (I found them indispensable while creating bitcoin-submittx),
as well as for our own test cases, so whatever the default becomes on the
long run, IMO the functionality should be retained as option. But that's
a discussion for later.
2018-05-13 21:03:27 +02:00
Wladimir J. van der Laan
a174702bad
Merge #13162: [net] Don't incorrectly log that REJECT messages are unknown.
fad63eb [logging] Don't incorrectly log that REJECT messages are unknown. (John Newbery)

Pull request description:

  Reject messages are logged to debug.log if NET debug logging is enabled.

  Because of the way the `ProcessMessages()` function is structured,
  processing for REJECT messages will also drop through to the default
  branch and incorrectly log `Unknown command "reject" from peer-?`. Fix
  that by exiting from `ProcessMessages()` early.

  without this PR:
  ```
  2018-05-03T17:37:00.930600Z received: reject (21 bytes) peer=0
  2018-05-03T17:37:00.930620Z Reject message code 16: spammy spam
  2018-05-03T17:37:00.930656Z Unknown command "reject" from peer=0
  ```
  with this PR:
  ```
  2018-05-03T17:35:04.751246Z received: reject (21 bytes) peer=0
  2018-05-03T17:35:04.751274Z Reject message code 16: spammy spam
  ```

Tree-SHA512: 5c84c98433ab99e0db2dd481f9c2db6f87ff0d39022ff317a791737e918714bbcb4a23e81118212ed8e594ebcf098ab7f52f7fd5e21ebc3f07b1efb279b9b30b
2018-05-07 12:49:11 +02:00
Johnson Lau
2f1a30c63e Fix MAX_STANDARD_TX_WEIGHT check
As suggested by the constant name and its comment in policy.h, a transaction with a weight of exactly MAX_STANDARD_TX_WEIGHT should be allowed
2018-05-05 00:00:28 +08:00
practicalswift
c3f34d06be Make it clear which functions that are intended to be translation unit local
Do not share functions that are meant to be translation unit local with
other translation units. Use internal linkage for those consistently.
2018-05-03 21:47:40 +02:00
John Newbery
fad63ebe0f [logging] Don't incorrectly log that REJECT messages are unknown.
Reject messages are logged to debug.log if NET debug logging is enabled.

Because of the way the `ProcessMessages()` function is structured,
processing for REJECT messages will also drop through to the default
branch and incorrectly log `Unknown command "reject" from peer-?`. Fix
that by exiting from `ProcessMessages()` early.

without this PR:
```
2018-05-03T17:37:00.930600Z received: reject (21 bytes) peer=0
2018-05-03T17:37:00.930620Z Reject message code 16: spammy spam
2018-05-03T17:37:00.930656Z Unknown command "reject" from peer=0
```
with this PR:
```
2018-05-03T17:35:04.751246Z received: reject (21 bytes) peer=0
2018-05-03T17:35:04.751274Z Reject message code 16: spammy spam
```
2018-05-03 13:41:03 -04:00
Wladimir J. van der Laan
ff2ad2d569 Add missing newlines to LogPrint debug logging
The linter only checked `LogPrintf`, not `LogPrint`.
Fix the remaining cases.
2018-05-02 15:14:04 +02:00
Ben Woosley
e4d0b44373
Consistently log CValidationState on failure
Seems providing at least minimal visibility to the failure is a good practice.

The only remaining ignored state is in LoadExternalBlockFile, where logging
would likely be spammy.
2018-04-18 18:43:12 -04:00
Wladimir J. van der Laan
bd59c4395c
Merge #12859: Bugfix: Include <memory> for std::unique_ptr
a5bca13 Bugfix: Include <memory> for std::unique_ptr (Luke Dashjr)

Pull request description:

  Not sure why all these includes were missing, but it's breaking builds for some users:

  https://bugs.gentoo.org/show_bug.cgi?id=652142

  (Added to all files with a reference to `std::unique_ptr`)

Tree-SHA512: 8a2c67513ca07b9bb52c34e8a20b15e56f8af2530310d9ee9b0a69694dd05e02e7a3683f14101a2685d457672b56addec591a0bb83900a0eb8e2a43d43200509
2018-04-05 09:31:53 +02:00
Luke Dashjr
a5bca13095 Bugfix: Include <memory> for std::unique_ptr 2018-04-02 18:31:52 +00:00
Dimitris Apostolou
4d9b4256d8 Fix typos 2018-03-21 08:34:44 +02:00
Wladimir J. van der Laan
d42a4fe5aa
Merge #11041: Add LookupBlockIndex
92fabcd44 Add LookupBlockIndex function (João Barbosa)
43a32b739 Add missing cs_lock in CreateWalletFromFile (João Barbosa)
f814a3e8f Fix cs_main lock in LoadExternalBlockFile (João Barbosa)
c651df8b3 Lock cs_main while loading block index in AppInitMain (João Barbosa)
02de6a6bc Assert cs_main is held when accessing mapBlockIndex (João Barbosa)

Pull request description:

  Replace all `mapBlockIndex` lookups with the new `LookupBlockIndex()`. In some cases it avoids a second lookup.

Tree-SHA512: ca31118f028a19721f2191d86f2dd398144d04df345694575a64aeb293be2f85785201480c3c578a0ec99690516205708558c0fd4168b09313378fd4e60a8412
2018-03-13 19:12:35 +01:00
João Barbosa
92fabcd443 Add LookupBlockIndex function 2018-03-06 19:52:19 +00:00
James O'Beirne
b7cd08b717 Add documentation to PeerLogicValidation interface and related functions 2018-03-06 14:43:32 -05:00
Wladimir J. van der Laan
5c2aff8d95
Merge #10387: Eventually connect to NODE_NETWORK_LIMITED peers
eb91835 Add setter for g_initial_block_download_completed (Jonas Schnelli)
3f56df5 [QA] add NODE_NETWORK_LIMITED address relay and sync test (Jonas Schnelli)
158e1a6 [QA] fix mininode CAddress ser/deser (Jonas Schnelli)
fa999af [QA] Allow addrman loopback tests (add debug option -addrmantest) (Jonas Schnelli)
6fe57bd Connect to peers signaling NODE_NETWORK_LIMITED when out-of-IBD (Jonas Schnelli)
31c45a9 Accept addresses with NODE_NETWORK_LIMITED flag (Jonas Schnelli)

Pull request description:

  Eventually connect to peers signalling NODE_NETWORK_LIMITED if we are out of IBD.
  Accept and relay NODE_NETWORK_LIMITED peers in addrman.

Tree-SHA512: 8a238fc97f767f81cae1866d6cc061390f23a72af4a711d2f7158c77f876017986abb371d213d1c84019eef7be4ca951e8e6f83fda36769c4e1a1d763f787037
2018-03-01 15:31:15 +01:00
Jonas Schnelli
eb9183535d
Add setter for g_initial_block_download_completed 2018-02-17 21:28:50 +11:00
Jonas Schnelli
6fe57bdaac
Connect to peers signaling NODE_NETWORK_LIMITED when out-of-IBD 2018-02-09 19:56:10 +11:00
Jonas Schnelli
31c45a927e
Accept addresses with NODE_NETWORK_LIMITED flag 2018-02-09 19:56:07 +11:00
Matt Corallo
c4af738763 Fix ignoring tx data requests when fPauseSend is set on a peer
This resolves a bug introduced in
66aa1d58a1 where, if when responding
to a series of transaction requests in a getdata we hit the send
buffer limit and set fPauseSend, we will skip one transaction per
call to ProcessGetData.

Bug found by Cory Fields (@theuni).
2018-02-08 18:06:21 -05:00
MarcoFalke
0277173b1d
Merge #10498: Use static_cast instead of C-style casts for non-fundamental types
9ad6746ccd Use static_cast instead of C-style casts for non-fundamental types (practicalswift)

Pull request description:

  A C-style cast is equivalent to try casting in the following order:

  1. `const_cast(...)`
  2. `static_cast(...)`
  3. `const_cast(static_cast(...))`
  4. `reinterpret_cast(...)`
  5. `const_cast(reinterpret_cast(...))`

  By using `static_cast<T>(...)` explicitly we avoid the possibility of an unintentional and dangerous `reinterpret_cast`. Furthermore `static_cast<T>(...)` allows for easier grepping of casts.

  For a more thorough discussion, see ["ES.49: If you must use a cast, use a named cast"](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#es49-if-you-must-use-a-cast-use-a-named-cast) in the C++ Core Guidelines (Stroustrup & Sutter).

Tree-SHA512: bd6349b7ea157da93a47b8cf238932af5dff84731374ccfd69b9f732fabdad1f9b1cdfca67497040f14eaa85346391404f4c0495e22c467f26ca883cd2de4d3c
2018-02-07 16:15:28 -05:00
Wladimir J. van der Laan
d3a185a33b net: Move misbehaving logging to net logging category
This moves the error messages for misbehavior (when available) into the
line that reports the misbehavior, as well as moves the logging to the
`net` category.

This is a continuation of #11583 and avoids serious-looking errors due
to misbehaving peers.

To do this, Misbehaving() gains an optional `message` argument.

E.g. change:

    2018-01-18 16:02:27 Misbehaving: x.x.x.x:62174 peer=164603 (80 -> 100) BAN THRESHOLD EXCEEDED
    2018-01-18 16:02:27 ERROR: non-continuous headers sequence

to

    2018-01-18 16:02:27 Misbehaving: x.x.x.x:62174 peer=164603 (80 -> 100) BAN THRESHOLD EXCEEDED: non-continuous headers sequence
2018-01-24 12:18:29 +01:00
Akira Takizawa
595a7bab23 Increment MIT Licence copyright header year on files modified in 2017 2018-01-03 02:26:56 +09:00
Matt Corallo
a734896038 Avoid cs_main in net_processing ActivateBestChain calls 2017-12-24 13:20:52 -05:00
Matt Corallo
66aa1d58a1 Refactor ProcessGetData in anticipation of avoiding cs_main for ABC 2017-12-24 13:08:38 -05:00
Matt Corallo
818075adac Create new mutex for orphans, no cs_main in PLV::BlockConnected
This should (marginally) speed up validationinterface queue
draining by avoiding a cs_main lock in one client.
2017-12-15 15:27:45 -05:00
Wladimir J. van der Laan
68e021e3a3
Merge #11558: Minimal code changes to allow msvc compilation
fbf327b Minimal code changes to allow msvc compilation. (Aaron Clauson)

Pull request description:

  These changes are required to allow the Bitcoin source to build with Microsoft's C++ compiler (#11562 is also required).

  I looked around for a better place for the typedef of ssize_t which is in random.h. The best candidate looks like src/compat.h but I figured including that header in random.h is a bigger change than the typedef. Note that the same typedef is in at least two other places including the OpenSSL and Berkeley DB headers so some of the Bitcoin code already picks it up.

Tree-SHA512: aa6cc6283015e08ab074641f9abdc116c4dc58574dc90f75e7a5af4cc82946d3052370e5cbe855fb6180c00f8dc66997d3724ff0412e4b7417e51b6602154825
2017-12-13 14:05:25 +01:00
Wladimir J. van der Laan
5d132e8b97
Merge #10574: Remove includes in .cpp files for things the corresponding .h file already included
a720b92 Remove includes in .cpp files for things the corresponding .h file already included (practicalswift)

Pull request description:

  Remove includes in .cpp files for things the corresponding .h file already included.

  Example case:
  * `addrdb.cpp` includes `addrdb.h` and `fs.h`
  * `addrdb.h` includes `fs.h`

  Then remove the direct inclusion of `fs.h` in `addrman.cpp` and rely on the indirect inclusion of `fs.h` via the included `addrdb.h`.

  In line with the header include guideline (see #10575).

Tree-SHA512: 8704b9de3011a4c234db336a39f7d2c139e741cf0f7aef08a5d3e05197e1e18286b863fdab25ae9638af4ff86b3d52e5cab9eed66bfa2476063aa5c79f9b0346
2017-12-12 14:56:25 +01:00
Wladimir J. van der Laan
37ffa16933
Merge #11583: Do not make it trivial for inbound peers to generate log entries
be9f38c Do not make it trivial for inbound peers to generate log entries (Matt Corallo)

Pull request description:

  Based on #11580 because I'm lazy.

  We should generally avoid writing to debug.log unconditionally for
  inbound peers which misbehave (the peer being about to be banned
  being an exception, since they cannot do this twice).

Tree-SHA512: 8e59c8d08d00b1527951b30f4842d010a4c2fc440503ade112baa2c1b9afd0e0d1c5c2df83dde25183a242af45089cf9b9f873b71796771232ffb6c5fc6cc0cc
2017-12-11 17:06:22 +01:00
Jonas Schnelli
bd09416524
Avoid leaking the prune height through getdata (fingerprinting countermeasure) 2017-12-05 11:08:34 -10:00
practicalswift
a720b928c8 Remove includes in .cpp files for things the corresponding .h file already included 2017-11-16 22:26:34 +01:00
MeshCollider
1a445343f6 scripted-diff: Replace #include "" with #include <> (ryanofsky)
-BEGIN VERIFY SCRIPT-
for f in \
  src/*.cpp \
  src/*.h \
  src/bench/*.cpp \
  src/bench/*.h \
  src/compat/*.cpp \
  src/compat/*.h \
  src/consensus/*.cpp \
  src/consensus/*.h \
  src/crypto/*.cpp \
  src/crypto/*.h \
  src/crypto/ctaes/*.h \
  src/policy/*.cpp \
  src/policy/*.h \
  src/primitives/*.cpp \
  src/primitives/*.h \
  src/qt/*.cpp \
  src/qt/*.h \
  src/qt/test/*.cpp \
  src/qt/test/*.h \
  src/rpc/*.cpp \
  src/rpc/*.h \
  src/script/*.cpp \
  src/script/*.h \
  src/support/*.cpp \
  src/support/*.h \
  src/support/allocators/*.h \
  src/test/*.cpp \
  src/test/*.h \
  src/wallet/*.cpp \
  src/wallet/*.h \
  src/wallet/test/*.cpp \
  src/wallet/test/*.h \
  src/zmq/*.cpp \
  src/zmq/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-
2017-11-16 08:23:01 +13:00
practicalswift
63c2d83e58 Explicitly state assumption that state.m_chain_sync.m_work_header != nullptr in ConsiderEviction
Static analyzer (and humans!) will see ...

```
else if (state.m_chain_sync.m_timeout == 0 || (state.m_chain_sync.m_work_header != nullptr && ...
```

... and infer that state.m_chain_sync.m_work_header might be set to nullptr,
and thus flag `state.m_chain_sync.m_work_header->GetBlockHash().ToString()`
as a potential null pointer dereference.

This commit makes the tacit assumption (m_work_header != nullptr) explicit.

Code introduced in 5a6d00 ("Permit disconnection of outbound peers on
bad/slow chains") which was merged into master four days ago.
2017-11-10 15:37:37 +01:00
Matt Corallo
be9f38c613 Do not make it trivial for inbound peers to generate log entries
We should generally avoid writing to debug.log unconditionally for
inbound peers which misbehave (the peer being about to be banned
being an exception, since they cannot do this twice).

To avoid removing logs for outbound peers, a new log is added to
notify users when a new outbound peer is connected which mimics
the version print.
2017-11-09 18:41:18 -05:00
Wladimir J. van der Laan
5e9be169e4
Merge #11043: Use std::unique_ptr (C++11) where possible
a357293 Use MakeUnique<Db>(...) (practicalswift)
3e09b39 Use MakeUnique<T>(...) instead of std::unique_ptr<T>(new T(...)) (practicalswift)
8617989 Add MakeUnique (substitute for C++14 std::make_unique) (practicalswift)
d223bc9 Use unique_ptr for pcoinscatcher/pcoinsdbview/pcoinsTip/pblocktree (practicalswift)
b45c597 Use unique_ptr for pdbCopy (Db) and fix potential memory leak (practicalswift)
29ab96d Use unique_ptr for dbenv (DbEnv) (practicalswift)
f72cbf9 Use unique_ptr for pfilter (CBloomFilter) (practicalswift)
8ccf1bb Use unique_ptr for sem{Addnode,Outbound} (CSemaphore) (practicalswift)
73db063 Use unique_ptr for upnp_thread (boost::thread) (practicalswift)
0024531 Use unique_ptr for dbw (CDBWrapper) (practicalswift)
fa6d122 Use unique_ptr:s for {fee,short,long}Stats (TxConfirmStats) (practicalswift)
5a6f768 Use unique_ptr for httpRPCTimerInterface (HTTPRPCTimerInterface) (practicalswift)
860e912 Use unique_ptr for pwalletMain (CWallet) (practicalswift)

Pull request description:

  Use `std::unique_ptr` (C++11) where possible.

  Rationale:
  1. Avoid resource leaks (specifically: forgetting to `delete` an object created using `new`)
  2. Avoid undefined behaviour (specifically: double `delete`:s)

  **Note to reviewers:** Please let me know if I've missed any obvious `std::unique_ptr` candidates. Hopefully this PR should cover all the trivial cases.

Tree-SHA512: 9fbeb47b800ab8ff4e0be9f2a22ab63c23d5c613a0c6716d9183db8d22ddbbce592fb8384a8b7874bf7375c8161efb13ca2197ad6f24b75967148037f0f7b20c
2017-11-09 21:34:25 +01:00
Aaron Clauson
fbf327b138 Minimal code changes to allow msvc compilation. 2017-11-10 07:06:49 +11:00
Wladimir J. van der Laan
1f4375f8e7
Merge #11580: Do not send (potentially) invalid headers in response to getheaders
725b79a [test] Verify node doesn't send headers that haven't been fully validated (Russell Yanofsky)
3788a84 Do not send (potentially) invalid headers in response to getheaders (Matt Corallo)

Pull request description:

  Nowhere else in the protocol do we send headers which are for
  blocks we have not fully validated except in response to getheaders
  messages with a null locator. On my public node I have not seen any
  such request (whether for an invalid block or not) in at least two
  years of debug.log output, indicating that this should have minimal
  impact.

Tree-SHA512: c1f6e0cdcdfb78ea577d555f9b3ceb1b4b60eff4f6cf313bfd8b576c9562d797bea73abc23f7011f249ae36dd539c715f3d20487ac03ace60e84e1b77c0c1e1a
2017-11-09 19:57:47 +01:00
practicalswift
d223bc940a Use unique_ptr for pcoinscatcher/pcoinsdbview/pcoinsTip/pblocktree
* pcoinscatcher (CCoinsViewErrorCatcher)
* pcoinsdbview (CCoinsViewDB)
* pcoinsTip (CCoinsViewCache)
* pblocktree (CBlockTreeDB)
* Remove variables shadowing pcoinsdbview
2017-11-09 16:53:34 +01:00
practicalswift
f72cbf9ba9 Use unique_ptr for pfilter (CBloomFilter) 2017-11-09 16:53:34 +01:00
Pieter Wuille
ef8a634358
Merge #10866: Fix -Wthread-safety-analysis warnings. Compile with -Wthread-safety-analysis if available.
76ea17c79 Add mutex requirement for AddToCompactExtraTransactions(…) (practicalswift)
4616c825a Use -Wthread-safety-analysis if available (+ -Werror=thread-safety-analysis if --enable-werror) (practicalswift)
7e319d639 Fix -Wthread-safety-analysis warnings. Change the sync.h primitives to std from boost. (Matt Corallo)

Pull request description:

  * Add mutex requirement for `AddToCompactExtraTransactions(…)`.
  * Use `-Wthread-safety-analysis` if available.
  * Rebased on top of https://github.com/TheBlueMatt/bitcoin/commits/2017-08-test-10923 - now includes: Fix -Wthread-safety-analysis warnings. Change the sync.h primitives to std from boost.

Tree-SHA512: fb7365f85daa2741c276a1c899228181a8d46af51db7fbbdffceeaff121a3eb2ab74d7c8bf5e7de879bcc5042d00d24cb4649c312d51caba45a3f6135fd8b38f
2017-11-07 10:36:58 -08:00
practicalswift
76ea17c796 Add mutex requirement for AddToCompactExtraTransactions(…)
The vector `vExtraTxnForCompact`, which is guarded by the mutex
`cs_main`, is accessed in `AddToCompactExtraTransactions(…)`.
2017-11-06 17:41:02 +01:00
Wladimir J. van der Laan
2f959a5874
Merge #11560: Connect to a new outbound peer if our tip is stale
6262915 Add unit test for stale tip checking (Suhas Daftuar)
83df257 Add CConnmanTest to mutate g_connman in tests (João Barbosa)
ac7b37c Connect to an extra outbound peer if our tip is stale (Suhas Daftuar)
db32a65 Track tip update time and last new block announcement from each peer (Suhas Daftuar)
2d4327d net: Allow connecting to extra outbound peers (Suhas Daftuar)

Pull request description:

  This is an alternative approach to #11534.  Rather than disconnect an outbound peer when our tip looks stale, instead try to connect to an additional outbound peer.

  Periodically, check to see if we have more outbound peers than we target (ie if any extra peers are in use), and if so, disconnect the one that least recently announced a new block (breaking ties by choosing the newest peer that we connected to).

Tree-SHA512: 8f19e910e0bb36867f81783e020af225f356451899adfc7ade1895d6d3bd5afe51c83759610dfd10c62090c4fe404efa0283b2f63fde0bd7da898a1aaa7fb281
2017-11-02 20:13:24 +01:00
Suhas Daftuar
626291508c Add unit test for stale tip checking 2017-11-02 12:39:14 -04:00
Suhas Daftuar
ac7b37cd2b Connect to an extra outbound peer if our tip is stale
If our tip hasn't updated in a while, that may be because our peers are
not relaying blocks to us that we would consider valid. Allow connection
to an additional outbound peer in that circumstance.

Also, periodically check to see if we are exceeding our target number of
outbound peers, and disconnect the one which has least recently
announced a new block to us (choosing the newest such peer in the case
of tie).
2017-11-02 12:39:14 -04:00
Suhas Daftuar
db32a65897 Track tip update time and last new block announcement from each peer 2017-11-01 13:13:45 -04:00
Wladimir J. van der Laan
cffa5ee132
Merge #11531: Check that new headers are not a descendant of an invalid block (more effeciently)
f3d4adf Make p2p-acceptablock not an extended test (Matt Corallo)
00dcda6 [qa] test that invalid blocks on an invalid chain get a disconnect (Matt Corallo)
015a525 Reject headers building on invalid chains by tracking invalidity (Matt Corallo)
932f118 Accept unrequested blocks with work equal to our tip (Matt Corallo)
3d9c70c Stop always storing blocks from whitelisted peers (Matt Corallo)
3b4ac43 Rewrite p2p-acceptblock in preparation for slight behavior changes (Matt Corallo)

Pull request description:

  @sdaftuar pointed out that the version in #11487 was somewhat DoS-able as someone could feed you a valid chain that forked off the the last checkpoint block and force you to do lots of work just walking backwards across blocks for each new block they gave you. We came up with a few proposals but settled on the one implemented here as likely the simplest without obvious DoS issues. It uses our existing on-load mapBlockIndex walk to make sure everything that descends from an invalid block is marked as such, and then simply caches blocks which we attempted to connect but which were found to be invalid. To avoid DoS issues during IBD, this will need to depend on #11458.

  Includes tests from #11487.

Tree-SHA512: 46aff8332908e122dae72ceb5fe8cd241902c2281a87f58a5fb486bf69d46458d84a096fdcb5f3e8e07fbcf7466232b10c429f4d67855425f11b38ac0bf612e1
2017-11-01 14:42:08 +01:00
Matt Corallo
3d9c70ca0f Stop always storing blocks from whitelisted peers
There is no reason to wish to store blocks on disk always just
because a peer is whitelisted. This appears to be a historical
quirk to avoid breaking things when the accept limits were added.
2017-10-31 13:36:06 -04:00
Matt Corallo
3788a8479b Do not send (potentially) invalid headers in response to getheaders
Nowhere else in the protocol do we send headers which are for
blocks we have not fully validated except in response to getheaders
messages with a null locator. On my public node I have not seen any
such request (whether for an invalid block or not) in at least two
years of debug.log output, indicating that this should have minimal
impact.
2017-10-30 18:59:07 -04:00
practicalswift
2530bf27b7 net: Add missing lock in ProcessHeadersMessage(...)
Reading the variable mapBlockIndex requires holding the mutex cs_main.

The new "Disconnect outbound peers relaying invalid headers" code
added in commit 37886d5e2f and merged
as part of #11568 two days ago did not lock cs_main prior to accessing
mapBlockIndex.
2017-10-30 20:00:17 +01:00
Suhas Daftuar
37886d5e2f Disconnect outbound peers relaying invalid headers 2017-10-27 16:29:12 -04:00
Suhas Daftuar
4637f18522 moveonly: factor out headers processing into separate function
ProcessMessages will now return earlier when processing headers
messages, rather than continuing on (and do nothing).
2017-10-26 16:37:06 -04:00
Wladimir J. van der Laan
d93fa261f0
Merge #11490: Disconnect from outbound peers with bad headers chains
e065249 Add unit test for outbound peer eviction (Suhas Daftuar)
5a6d00c Permit disconnection of outbound peers on bad/slow chains (Suhas Daftuar)
c60fd71 Disconnecting from bad outbound peers in IBD (Suhas Daftuar)

Pull request description:

  The first commit will disconnect an outbound peer that serves us a headers chain with insufficient work while we're in IBD.

  The second commit introduces a way to disconnect outbound peers whose chains fall out of sync with ours:

  For a given outbound peer, we check whether their best known block (which is known from the blocks they announce to us) has at least as much work as our tip.  If it doesn't, we set a 20 minute timeout, and if we still haven't heard about a block with as much work as our tip had when we set the timeout, then we send a single getheaders message, and wait 2 more minutes.  If after two minutes their best known block has insufficient work, we disconnect that peer.

  We protect 4 of our outbound peers (who provide some "good" headers chains, ie a chain with at least as much work as our tip at some point) from being subject to this logic, to prevent excessive network topology changes as a result of this algorithm, while still ensuring that we have a reasonable number of nodes not known to be on bogus chains.

  We also don't require our peers to be on the same chain as us, to prevent accidental partitioning of the network in the event of a chain split.  Note that if our peers are ever on a more work chain than our tip, then we will download and validate it, and then either reorg to it, or learn of a consensus incompatibility with that peer and disconnect.  This PR is designed to protect against peers that are on a less work chain which we may never try to download and validate.

Tree-SHA512: 2e0169a1dd8a7fb95980573ac4a201924bffdd724c19afcab5efcef076fdbe1f2cec7dc5f5d7e0a6327216f56d3828884f73642e00c8534b56ec2bb4c854a656
2017-10-26 21:53:41 +02:00
Suhas Daftuar
5a6d00c6de Permit disconnection of outbound peers on bad/slow chains
Currently we have no rotation of outbound peers.  If an outbound peer
stops serving us blocks, or is on a consensus-incompatible chain with
less work than our tip (but otherwise valid headers), then we will never
disconnect that peer, even though that peer is using one of our 8
outbound connection slots.  Because we rely on our outbound peers to
find an honest node in order to reach consensus, allowing an
incompatible peer to occupy one of those slots is undesirable,
particularly if it is possible for all such slots to be occupied by such
peers.

Protect against this by always checking to see if a peer's best known
block has less work than our tip, and if so, set a 20 minute timeout --
if the peer is still not known to have caught up to a chain with as much
work as ours after 20 minutes, then send a single getheaders message,
wait 2 more minutes, and if a better header hasn't been received by then,
disconnect that peer.

Note:

- we do not require that our peer sync to the same tip as ours, just an
equal or greater work tip.  (Doing otherwise would risk partitioning the
network in the event of a chain split, and is also unnecessary.)

- we pick 4 of our outbound peers and do not subject them to this logic,
to be more conservative. We don't wish to permit temporary network
issues (or an attacker) to excessively disrupt network topology.
2017-10-26 13:43:53 -04:00
Suhas Daftuar
c60fd71a65 Disconnecting from bad outbound peers in IBD
When in IBD, we'd like to use all our outbound peers to help us
sync the chain.  Disconnect any outbound peers whose headers have
insufficient work.
2017-10-26 13:43:53 -04:00
Suhas Daftuar
01b52cedd4 Add comment explaining forced processing of compact blocks 2017-10-19 20:52:30 -04:00
Pieter Wuille
326a5652e0
Merge #11456: Replace relevant services logic with a function suite.
15f5d3b17 Switch DNSSeed-needed metric to any-automatic-nodes, not services (Matt Corallo)
5ee88b4bd Clarify docs for requirements/handling of addnode/connect nodes (Matt Corallo)
57edc0b0c Rename fAddnode to a more-descriptive "manual_connection" (Matt Corallo)
44407100f Replace relevant services logic with a function suite. (Matt Corallo)

Pull request description:

  This was mostly written as a way to clean things up so that the NETWORK_LIMITED PR (#10387) can be simplified a ton, but its also a nice standalone cleanup that will also require a bit of review because it tweaks a lot of stuff across net. The new functions are fine in protocol.h right now since they're straight-forward, but after NETWORK_LIMITED will really want to move elsewhere after @theuni moves the nServices-based selection to addrman from connman.

  Adds HasAllRelevantServices and GetRelevantServices, which check
  for NETWORK|WITNESS.

  This changes the following:
   * Removes nRelevantServices from CConnman, disconnecting it a bit
     more from protocol-level logic.
   * Replaces our sometimes-connect-to-!WITNESS-nodes logic with
     simply always requiring WITNESS|NETWORK for outbound non-feeler
     connections (feelers still only require NETWORK).
   * This has the added benefit of removing nServicesExpected from
     CNode - instead letting net_processing's VERSION message
     handling simply check HasAllRelevantServices.
   * This implies we believe WITNESS nodes to continue to be a
     significant majority of nodes on the network, but also because
     we cannot sync properly from !WITNESS nodes, it is strange to
     continue using our valuable outbound slots on them.
   * In order to prevent this change from preventing connection to
     -connect= nodes which have !WITNESS, -connect nodes are now
     given the "addnode" flag. This also allows outbound connections
     to !NODE_NETWORK nodes for -connect nodes (which was already true
     of addnodes).
   * Has the (somewhat unintended) consequence of changing one of the
     eviction metrics from the same
     sometimes-connect-to-!WITNESS-nodes metric to requiring
     HasRelevantServices.

  This should make NODE_NETWORK_LIMITED much simpler to implement.

Tree-SHA512: 90606896c86cc5da14c77843b16674a6a012065e7b583d76d1c47a18215358abefcbab44ff4fab3fadcd39aa9a42d4740c6dc8874a58033bdfc8ad3fb5c649fc
2017-10-13 15:31:19 -07:00
Matt Corallo
57edc0b0c8 Rename fAddnode to a more-descriptive "manual_connection" 2017-10-13 13:25:58 -04:00
Matt Corallo
44407100ff Replace relevant services logic with a function suite.
Adds HasAllRelevantServices and GetRelevantServices, which check
for NETWORK|WITNESS.

This changes the following:
 * Removes nRelevantServices from CConnman, disconnecting it a bit
   more from protocol-level logic.
 * Replaces our sometimes-connect-to-!WITNESS-nodes logic with
   simply always requiring WITNESS|NETWORK for outbound non-feeler
   connections (feelers still only require NETWORK).
 * This has the added benefit of removing nServicesExpected from
   CNode - instead letting net_processing's VERSION message
   handling simply check HasAllRelevantServices.
 * This implies we believe WITNESS nodes to continue to be a
   significant majority of nodes on the network, but also because
   we cannot sync properly from !WITNESS nodes, it is strange to
   continue using our valuable outbound slots on them.
 * In order to prevent this change from preventing connection to
   -connect= nodes which have !WITNESS, -connect nodes are now
   given the "addnode" flag. This also allows outbound connections
   to !NODE_NETWORK nodes for -connect nodes (which was already true
   of addnodes).
 * Has the (somewhat unintended) consequence of changing one of the
   eviction metrics from the same
   sometimes-connect-to-!WITNESS-nodes metric to requiring
   HasRelevantServices.

This should make NODE_NETWORK_LIMITED much simpler to implement.
2017-10-13 13:25:57 -04:00
Wladimir J. van der Laan
470c730e3f
Merge #10898: Fix invalid checks (NULL checks after dereference, redundant checks, etc.)
76fed83 Avoid NULL pointer dereference when _walletModel is NULL (which is valid) (practicalswift)
4971a9a Use two boolean literals instead of re-using variable (practicalswift)
b5fb339 Remove duplicate uriParts.size() > 0 check (practicalswift)
7466991 Remove redundant check (!ecc is always true) (practicalswift)
55224af Remove redundant NULL checks after new (practicalswift)

Pull request description:

  Contains:
  * Remove redundant `NULL` checks after throwing `new`
  * Remove redundant check (`!ecc` is always true)
  * Remove duplicate `uriParts.size() > 0` check
  * Use two boolean literals instead of re-using variable

Tree-SHA512: 30e9af8a9d5c8184836f8267b492aeb4e26eca171a3be08f634b3f39b3055b9fa9f06623f6c69b294ca13bf99743f7645cfac2b25e014ff74687bd085a997895
2017-10-12 23:55:50 +02:00
Jim Posen
a2be3b66b5 [net] Ignore getheaders requests for very old side blocks
Sending a getheaders message with an empty locator and a stop hash
is a request for a single header by hash. The node will respond with
headers for blocks not in the main chain as well as those in the main
chain. To avoid fingerprinting, the node should, however, ignore
requests for headers on side branches that are too old.
2017-10-03 10:28:00 -07:00
practicalswift
4971a9a3c9 Use two boolean literals instead of re-using variable 2017-10-02 15:47:44 +02:00
practicalswift
9ad6746ccd Use static_cast instead of C-style casts for non-fundamental types
A C-style cast is equivalent to try casting in the following order:

1. const_cast(...)
2. static_cast(...)
3. const_cast(static_cast(...))
4. reinterpret_cast(...)
5. const_cast(reinterpret_cast(...))

By using static_cast<T>(...) explicitly we avoid the possibility
of an unintentional and dangerous reinterpret_cast. Furthermore
static_cast<T>(...) allows for easier grepping of casts.
2017-09-22 14:59:27 +02:00
Alex Morcos
fd849e1b03 Change AcceptToMemoryPool function signature
Combine fLimitFree and fOverrideMempoolLimit into a single boolean:
bypass_limits.  This is used to indicate that mempool limiting based on feerate
should be bypassed.  It is used when readding transactions from a reorg and then
the mempool is trimmed to size after all transactions are added and they can be
evaluated in the context of their descendants. No changes to behavior.
2017-09-12 12:30:26 -04:00
Cory Fields
80e2e9d0ce net: drop unused connman param
The copy in PeerLogicValidation can be used instead.
2017-09-06 19:32:04 -04:00
Cory Fields
8ad663c1fa net: use an interface class rather than signals for message processing
Drop boost signals in favor of a stateful class. This will allow the message
processing loop to actually move to net_processing in a future step.
2017-09-06 19:32:04 -04:00