aboutsummaryrefslogtreecommitdiff
path: root/src/net_processing.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Merge #16021: p2p: Avoid logging transaction decode errors to stderrWladimir J. van der Laan2019-05-201-11/+10
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fa2b52af32f6a4b9c22c270f36e92960c29ef364 Disallow extended encoding for non-witness transactions (take 3) (MarcoFalke) Pull request description: (previous title "p2p: Disallow extended encoding for non-witness transactions (take 3)") Remote peers can send us illegally encoded txs and thus have us write to stderr. Fix that by not writing to stderr. This is a follow up to the previous (incomplete) attempts at this: * Disallow extended encoding for non-witness transactions #14039 * Add test for superfluous witness record in deserialization #15893 ACKs for commit fa2b52: laanwj: utACK fa2b52af32f6a4b9c22c270f36e92960c29ef364 ryanofsky: utACK fa2b52af32f6a4b9c22c270f36e92960c29ef364. Would change title to something like "Avoid logging transaction decode errors to stderr" instead of "Disallow extended encoding for non-witness transactions." The current title is confusing because this PR isn't really allowing or disallowing anything, just logging the condition differently. "Disallow" also seems to contradict the "Allow exceptions from..." comments in the actual code. Tree-SHA512: c66990e69b432d00dc1c5510bf976a1188664d0890a32d1e5c6459094e7e27da82a5d227627afcbc203676f5540eec74b7d9b1d71d2c62d3b2069e1781824b4d
| * Disallow extended encoding for non-witness transactions (take 3)MarcoFalke2019-05-141-11/+10
| |
* | net: Rename ::fRelayTxes to ::g_relay_txesMarcoFalke2019-05-091-3/+3
|/ | | | | This helps to distinguish it from CNode::fRelayTxes and avoid bugs like 425278d17bd0edf8a3a7cc81e55016f7fd8e7726
* Merge #15948: refactor: rename chainActiveMarcoFalke2019-05-071-45/+45
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 486c1eea86 refactoring: remove unused chainActive (James O'Beirne) 631940aab2 scripted-diff: replace chainActive -> ::ChainActive() (James O'Beirne) a3a609079c refactoring: introduce unused ChainActive() (James O'Beirne) 1b6e6fcfd2 rename: CChainState.chainActive -> m_chain (James O'Beirne) Pull request description: This is part of the assumeutxo project: Parent PR: #15606 Issue: #15605 Specification: https://github.com/jamesob/assumeutxo-docs/tree/2019-04-proposal/proposal --- This change refactors the `chainActive` reference into a `::ChainActive()` call. It also distinguishes `CChainState`'s `CChain` data member as `m_chain` instead of the current `chainActive`, which makes it easily confused with the global data. The active chain must be obtained via function because its reference will be swapped at some point during runtime after loading a UTXO snapshot. This change, though lengthy, should be pretty easy to review since most of it is contained within a scripted-diff. Once merged, the parent PR should be easier to review. ACKs for commit 486c1e: Sjors: utACK 486c1ee promag: utACK 486c1ee. practicalswift: utACK 486c1eea863a41e597ae4fddc392f446f2518b4b Tree-SHA512: 06ed8f9e77f2d25fc9bea0ba86436d80dbbce90a1e8be23e37ec4eeb26060483e60b4a5c4fba679cb1867f61e3921c24abeb9cabdfb4d0a9b1c4ddd77b17456a
| * scripted-diff: replace chainActive -> ::ChainActive()James O'Beirne2019-05-031-45/+45
| | | | | | | | | | | | | | | | | | | | Though at the moment ChainActive() simply references `g_chainstate.m_chain`, doing this change now clears the way for multiple chainstate usage and allows us to script the diff. -BEGIN VERIFY SCRIPT- git grep -l "chainActive" | grep -E '(h|cpp)$' | xargs sed -i '/chainActive =/b; /extern CChain& chainActive/b; s/\(::\)\{0,1\}chainActive/::ChainActive()/g' -END VERIFY SCRIPT-
* | Separate reason for premature spends (coinbase/locktime)Suhas Daftuar2019-05-021-0/+1
| |
* | Assert validation reasons are contextually correctSuhas Daftuar2019-05-021-0/+3
| |
* | Fix handling of invalid headersSuhas Daftuar2019-05-021-47/+30
| | | | | | | | | | We only disconnect outbound peers (excluding HB compact block peers and manual connections) when receiving a CACHED_INVALID header.
* | [refactor] Use Reasons directly instead of DoS codesMatt Corallo2019-05-021-30/+57
| |
* | CorruptionPossible -> TX_WITNESS_MUTATEDMatt Corallo2019-05-021-2/+2
| | | | | | | | Co-authored-by: Anthony Towns <[email protected]>
* | LookupBlockIndex -> CACHED_INVALIDMatt Corallo2019-05-021-1/+1
| | | | | | | | Co-authored-by: Anthony Towns <[email protected]>
* | [refactor] Drop redundant nDoS, corruptionPossible, SetCorruptionPossibleMatt Corallo2019-05-021-2/+0
| | | | | | | | Co-authored-by: Anthony Towns <[email protected]>
* | [refactor] Add useful-for-dos "reason" field to CValidationStateMatt Corallo2019-05-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | This is a first step towards cleaning up our DoS interface - make validation return *why* something is invalid, and let net_processing figure out what that implies in terms of banning/disconnection/etc. Behavior change: peers will now be banned for providing blocks with premature coinbase spends. Co-authored-by: Anthony Towns <[email protected]> Suhas Daftuar <[email protected]>
* | [refactor] Refactor misbehavior ban decisions to MaybePunishNode()Matt Corallo2019-05-021-34/+57
| | | | | | | | | | | | | | | | | | Isolate the decision of whether to ban a peer to one place in the code, rather than having it sprinkled throughout net_processing. Co-authored-by: Anthony Towns <[email protected]> Suhas Daftuar <[email protected]> John Newbery <[email protected]>
* | [refactor] rename stateDummy -> orphan_stateMatt Corallo2019-05-021-4/+4
|/ | | | | Co-authored-by: Anthony Towns <[email protected]> Suhas Daftuar <[email protected]>
* [build] Add several util unitsJohn Newbery2019-04-091-0/+1
| | | | | | | | | | | | Adds the following util units and adds them to libbitcoin_util: - `util/url.cpp` takes `urlDecode` from `httpserver.cpp` - `util/error.cpp` takes `TransactionErrorString` from `node/transaction.cpp` and `AmountHighWarn` and `AmountErrMsg` from `ui_interface.cpp` - `util/fees.cpp` takes `StringForFeeReason` and `FeeModeFromString` from `policy/fees.cpp` - `util/rbf.cpp` takes `SignalsOptInRBF` from `policy/rbf.cpp` - 'util/validation.cpp` takes `FormatStateMessage` and `strMessageMagic` from 'validation.cpp`
* [wallet] Schedule tx rebroadcasts in walletJohn Newbery2019-04-091-8/+0
| | | | | | | | | Removes the now-unused Broadcast/ResendWalletTransactions interface from validationinterface. The wallet_resendwallettransactions.py needs a sleep added at the start to make sure that the rebroadcast scheduler is warmed up before the next block is mined.
* [wallet] Keep track of the best block time in the walletJohn Newbery2019-04-091-5/+1
| | | | | Move nTimeBestReceived (which is only used for wallet rebroadcasts) into the wallet.
* Merge #15654: net: Remove unused unsanitized user agent string CNode::strSubVerMarcoFalke2019-04-041-2/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fa8548c5d1 net: Remove unused unsanitized user agent string CNode::strSubVer (MarcoFalke) Pull request description: I fail to see a use case for this unsanitized byte array. In fact this can easily be confused with `cleanSubVer` and be displayed to the user (or logged) by a simple typo that is hard to find in review. Further reading: https://btcinformation.org/en/developer-reference#version ACKs for commit fa8548: promag: utACK fa8548c, good catch. practicalswift: utACK fa8548c5d13957f57f9b1e20e03002600962f7f0 sipa: utACK fa8548c5d13957f57f9b1e20e03002600962f7f0 Tree-SHA512: 3c3ff1504d1583ad099df9a6aa761458a82ec48a58ef7aaa9b5679a5281dd1b59036ba2932ed708488951a565b669a3083ef70be5a58472ff8677b971162ae2f
| * net: Remove unused unsanitized user agent string CNode::strSubVerMarcoFalke2019-03-231-2/+1
| |
* | Interrupt orphan processing after every transactionPieter Wuille2019-03-221-5/+16
| | | | | | | | | | | | This makes orphan processing work like handling getdata messages: After every actual transaction validation attempt, interrupt processing to deal with messages arriving from other peers.
* | [MOVEONLY] Move processing of orphan queue to ProcessOrphanTxPieter Wuille2019-03-221-52/+59
| |
* | Simplify orphan processing in preparation for interruptibilityPieter Wuille2019-03-221-56/+54
|/
* Merge #15597: net: Generate log entry when blocks messages are received ↵Wladimir J. van der Laan2019-03-201-4/+28
|\ | | | | | | | | | | | | | | | | | | | | | | unexpectedly ef0019e054734a14214dfbce56611ce4db1688a5 Generate log entry when blocks messages are received unexpectedly. (Patrick Strateman) Pull request description: Currently these are incorrectly logged as an unknown command. Tree-SHA512: dd272388a90b79897f8c1ea6d4c949323fcf75493f3a5b2ec9a26a2cf6a8ee743b497941702f21df8fae0f5b9481444363643379832dbd5053b0cc0b0363de04
| * Generate log entry when blocks messages are received unexpectedly.Patrick Strateman2019-03-131-4/+28
| |
* | Do not relay banned IP addressesPieter Wuille2019-03-171-2/+6
|/
* Merge #14626: Select orphan transaction uniformly for evictionMarcoFalke2019-02-141-6/+19
|\ | | | | | | | | | | | | | | | | | | 7257353b93 Select orphan transaction uniformly for eviction (Pieter Wuille) Pull request description: The previous code was biased towards evicting transactions whose txid has a larger gap (lexicographically) with the previous txid in the orphan pool. Tree-SHA512: e35f700aea5ed79d1bc57f64bffcb623424b40156fd0a12f05f74f981a8aa4175d5c18d042989243f7559242bdf1d6d720bcf588d28f43d74a798a4843f09c70
| * Select orphan transaction uniformly for evictionPieter Wuille2018-12-131-6/+19
| | | | | | | | | | The previous code was biased towards evicting transactions whose txid has a larger gap (lexicographically) with the previous txid in the orphan pool.
* | Change in transaction pull scheduling to prevent InvBlock-related attacksGleb Naumenko2019-02-061-18/+168
| | | | | | | | Co-authored-by: Suhas Daftuar <[email protected]>
* | net: move BanMan to its own filesCory Fields2019-01-161-0/+1
| |
* | banman: create and split out banmanCory Fields2019-01-161-8/+8
| | | | | | | | Some say he has always been.
* | net: Break disconnecting out of Ban()Cory Fields2019-01-161-7/+7
|/ | | | | | | | | These are separate events which need to be carried out by separate subsystems. This also cleans up some whitespace and tabs in qt to avoid getting flagged by the linter. Current behavior is preserved.
* Use a FastRandomContext in LimitOrphanTxSizePieter Wuille2018-12-121-1/+2
|
* validation: Add and use HaveTxsDownloaded where appropriateMarcoFalke2018-12-041-2/+2
|
* Merge #14436: doc: add comment explaining recentRejects-DoS behaviorMarcoFalke2018-11-071-0/+17
|\ | | | | | | | | | | | | | | | | | | | | | | | | b191c7dfb7 doc: add comment explaining recentRejects-DoS behavior (James O'Beirne) Pull request description: When we receive invalid txs for the first time, we mark the sender as misbehaving. If we receive the same tx before a new block is seen, we *don't* punish the second sender (in the same way we do the original sender). It wasn't initially clear to me that this is intentional, so add a clarifying comment. Tree-SHA512: d12c674db137ed3ad83e0b941bffe6ddcd2982238048742afa574a4235881f0e58cfc0a4a576a0503e74c5c5240c270b9520fa30221e8b43a371fb3e0b37066b
| * doc: add comment explaining recentRejects-DoS behaviorJames O'Beirne2018-10-161-0/+17
| | | | | | | | | | | | | | When we receive invalid txs for the first time, we mark the sender as misbehaving. If we receive the same tx before a new block is seen, we *don't* punish the second sender (in the same way we do the original sender). It wasn't initially clear to me that this is intentional, so add a clarifying comment.
* | scripted-diff: Move util files to separate directory.Jim Posen2018-11-041-3/+3
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
* Merge #14027: Skip stale tip checking if outbound connections are off or if ↵MarcoFalke2018-09-271-4/+3
|\ | | | | | | | | | | | | | | | | | | | | | | reindexing. 66b3fc5437 Skip stale tip checking if outbound connections are off or if reindexing. (Gregory Maxwell) Pull request description: I got tired of the pointless stale tip notices in reindex and on nodes with connections disabled. Tree-SHA512: eb07d9c5c787ae6dea02cdd1d67a48a36a30adc5ccc74d6f1c0c7364d404dc8848b35d2b8daf5283f7c8f36f1a3c463aacb190d70a22d1fe796a301bb1f03228
| * Skip stale tip checking if outbound connections are off or if reindexing.Gregory Maxwell2018-08-231-4/+3
| |
* | Merge #13249: Make objects in range declarations immutable by default. Avoid ↵Wladimir J. van der Laan2018-09-041-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | unnecessary copying of objects in range declarations. f34c8c466a0e514edac2e8683127b4176ad5d321 Make objects in range declarations immutable by default. Avoid unnecessary copying of objects in range declarations. (practicalswift) Pull request description: Make objects in range declarations immutable by default. Rationale: * Immutable objects are easier to reason about. * Prevents accidental or hard-to-notice change of value. Tree-SHA512: cad69d35f0cf8a938b848e65dd537c621d96fe3369be306b65ef0cd1baf6cc0a9f28bc230e1e383d810c555a6743d08cb6b2b0bd51856d4611f537a12e5abb8b
| * | Make objects in range declarations immutable by default. Avoid unnecessary ↵practicalswift2018-08-271-2/+2
| | | | | | | | | | | | copying of objects in range declarations.
* | | tests: Add missing locking annotations and lockspracticalswift2018-08-301-1/+1
|/ /
* | Add compile time checking for all cs_main runtime locking assertionspracticalswift2018-08-261-4/+4
| |
* | Merge #13946: p2p: Clarify control flow in ProcessMessageWladimir J. van der Laan2018-08-251-68/+49
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fa6c3dea420b6c50c164ccc34f4e9e8a7d9a8022 p2p: Clarify control flow in ProcessMessage() (MarcoFalke) Pull request description: `ProcessMessage` is effectively a massive switch case construct. In the past there were attempts to clarify the control flow in `ProcessMessage()` by moving each case into a separate static function (see #9608). It was closed because it wasn't clear if moving each case into a function was the right approach. Though, we can quasi treat each case as a function by adding a return statement to each case. (Can be seen as a continuation of bugfix #13162) This patch does exactly that. Also note that this patch is a subset of previous approaches such as #9608 and #10145. Review suggestion: `git diff HEAD~ --function-context` Tree-SHA512: 91f6106840de2f29bb4f10d27bae0616b03a91126e6c6013479e1dd79bee53f22a78902b631fe85517dd5dc0fa7239939b4fefc231851a13c819458559f6c201
| * | p2p: Clarify control flow in ProcessMessage()MarcoFalke2018-08-121-68/+49
| |/
* / p2p: Remove dead code for nVersion=10300MarcoFalke2018-08-221-4/+1
|/
* Merge #13907: Introduce a maximum size for locators.Wladimir J. van der Laan2018-08-101-0/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e254ff5d53b79bee29203b965fca572f218bff54 Introduce a maximum size for locators. (Gregory Maxwell) Pull request description: The largest sensible size for a locator is log in the number of blocks. But, as noted by Coinr8d on BCT a maximum size message could encode a hundred thousand locators. If height were used to limit the messages that could open new attacks where peers on long low diff forks would get disconnected and end up stuck. Ideally, nodes first first learn to limit the size of locators they send before limiting what would be processed, but common implementations back off with an exponent of 2 and have an implicit limit of 2^32 blocks, so they already cannot produce locators over some size. Locators are cheap to process so allowing a few more is harmless, so this sets the maximum to 64-- which is enough for blockchains with 2^64 blocks before the get overhead starts increasing. Tree-SHA512: da28df9c46c988980da861046c62e6e7f93d0eaab3083d32e408d1062f45c00316d5e1754127e808c1feb424fa8e00e5a91aea2cc3b80326b71c148696f7cdb3
| * Introduce a maximum size for locators.Gregory Maxwell2018-08-091-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The largest sensible size for a locator is log in the number of blocks. But, as noted by Coinr8d on BCT a maximum size message could encode a hundred thousand locators. If height were used to limit the messages that could open new attacks where peers on long low diff forks would get disconnected and end up stuck. Ideally, nodes first first learn to limit the size of locators they send before limiting what would be processed, but common implementations back off with an exponent of 2 and have an implicit limit of 2^32 blocks, so they already cannot produce locators over some size. This sets the limit to an absurdly high amount of 101 in order to maximize compatibility with existing software.
* | Update copyright headers to 2018DrahtBot2018-07-271-1/+1
|/
* [net_processing] Add thread safety annotationsJesse Cohen2018-07-251-45/+46
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-04 07:31:53 +0000