diff options
| author | Gregory Maxwell <[email protected]> | 2016-05-20 16:19:26 +0000 |
|---|---|---|
| committer | Gregory Maxwell <[email protected]> | 2016-05-25 18:05:58 +0000 |
| commit | 7e908c7b826cedbf29560ce7a668af809ee71524 (patch) | |
| tree | b28d1f37652e06bde2db6127cbb3378ee35c7617 /src/main.cpp | |
| parent | Merge #8056: [qa] Remove hardcoded "4 nodes" from test_framework (diff) | |
| download | discoin-7e908c7b826cedbf29560ce7a668af809ee71524.tar.xz discoin-7e908c7b826cedbf29560ce7a668af809ee71524.zip | |
Do not use mempool for GETDATA for tx accepted after the last mempool req.
The ability to GETDATA a transaction which has not (yet) been relayed
is a privacy loss vector.
The use of the mempool for this was added as part of the mempool p2p
message and is only needed to fetch transactions returned by it.
Diffstat (limited to 'src/main.cpp')
| -rw-r--r-- | src/main.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/main.cpp b/src/main.cpp index 9ba90b4ea..2ee6bc531 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -4503,7 +4503,10 @@ void static ProcessGetData(CNode* pfrom, const Consensus::Params& consensusParam } if (!pushed && inv.type == MSG_TX) { CTransaction tx; - if (mempool.lookup(inv.hash, tx)) { + int64_t txtime; + // To protect privacy, do not answer getdata using the mempool when + // that TX couldn't have been INVed in reply to a MEMPOOL request. + if (mempool.lookup(inv.hash, tx, txtime) && txtime <= pfrom->timeLastMempoolReq) { pfrom->PushMessage(NetMsgType::TX, tx); pushed = true; } @@ -5902,6 +5905,7 @@ bool SendMessages(CNode* pto) vInv.clear(); } } + pto->timeLastMempoolReq = GetTime(); } // Determine transactions to relay |