Avoid "Unknown command" messages when receiving getaddr on outbound connections.
Github-Pull: #7642 Rebased-From: d84ea1a59ce3704457a162f1fd8a7353047156de
This commit is contained in:
parent
a5bc6a1bc4
commit
d3ead9bcb6
17
src/main.cpp
17
src/main.cpp
@ -5247,13 +5247,18 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// This asymmetric behavior for inbound and outbound connections was introduced
|
else if (strCommand == NetMsgType::GETADDR)
|
||||||
// to prevent a fingerprinting attack: an attacker can send specific fake addresses
|
|
||||||
// to users' AddrMan and later request them by sending getaddr messages.
|
|
||||||
// Making nodes which are behind NAT and can only make outgoing connections ignore
|
|
||||||
// the getaddr message mitigates the attack.
|
|
||||||
else if ((strCommand == NetMsgType::GETADDR) && (pfrom->fInbound))
|
|
||||||
{
|
{
|
||||||
|
// This asymmetric behavior for inbound and outbound connections was introduced
|
||||||
|
// to prevent a fingerprinting attack: an attacker can send specific fake addresses
|
||||||
|
// to users' AddrMan and later request them by sending getaddr messages.
|
||||||
|
// Making nodes which are behind NAT and can only make outgoing connections ignore
|
||||||
|
// the getaddr message mitigates the attack.
|
||||||
|
if (!pfrom->fInbound) {
|
||||||
|
LogPrint("net", "Ignoring \"getaddr\" from outbound connection. peer=%d\n", pfrom->id);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
pfrom->vAddrToSend.clear();
|
pfrom->vAddrToSend.clear();
|
||||||
vector<CAddress> vAddr = addrman.GetAddr();
|
vector<CAddress> vAddr = addrman.GetAddr();
|
||||||
BOOST_FOREACH(const CAddress &addr, vAddr)
|
BOOST_FOREACH(const CAddress &addr, vAddr)
|
||||||
|
Loading…
Reference in New Issue
Block a user