Commit Graph

13581 Commits

Author SHA1 Message Date
Ilya Savinov
1c4e2946af fix potential deadlock in CGovernanceManager::ProcessVote (#1541)
govman.cs -> cs_vSend:
CGovernanceManager::ProcessVote - LOCK(govman.cs) -> RequestGovernanceObject -> PushMessage -> BeginMessage - LOCK(cs_vSend)

cs_vSend -> govman.cs:
ThreadMessageHandler -> TRY_LOCK(pnode->cs_vSend, lockSend) -> SendMessages -> AlreadyHave -> ConfirmInventoryRequest -> LOCK(govman.cs)
2017-07-21 12:47:38 +03:00
chaeplin
f47f0daf9a add 6 to strAllowedChars (#1542) 2017-07-21 12:36:34 +03:00
Oleg Girko
a9d771e497 Backport Bitcoin PR#8085: p2p: Begin encapsulation (#1537)
* net: move CBanDB and CAddrDB out of net.h/cpp

This will eventually solve a circular dependency

* net: Create CConnman to encapsulate p2p connections

* net: Move socket binding into CConnman

* net: move OpenNetworkConnection into CConnman

* net: move ban and addrman functions into CConnman

* net: Add oneshot functions to CConnman

* net: move added node functions to CConnman

* net: Add most functions needed for vNodes to CConnman

* net: handle nodesignals in CConnman

* net: Pass CConnection to wallet rather than using the global

* net: Add rpc error for missing/disabled p2p functionality

* net: Pass CConnman around as needed

* gui: add NodeID to the peer table

* net: create generic functor accessors and move vNodes to CConnman

* net: move whitelist functions into CConnman

* net: move nLastNodeId to CConnman

* net: move nLocalHostNonce to CConnman

This behavior seems to have been quite racy and broken.

Move nLocalHostNonce into CNode, and check received nonces against all
non-fully-connected nodes. If there's a match, assume we've connected
to ourself.

* net: move messageHandlerCondition to CConnman

* net: move send/recv statistics to CConnman

* net: move SendBufferSize/ReceiveFloodSize to CConnman

* net: move nLocalServices/nRelevantServices to CConnman

These are in-turn passed to CNode at connection time. This allows us to offer
different services to different peers (or test the effects of doing so).

* net: move semOutbound and semMasternodeOutbound to CConnman

* net: SocketSendData returns written size

* net: move max/max-outbound to CConnman

* net: Pass best block known height into CConnman

CConnman then passes the current best height into CNode at creation time.

This way CConnman/CNode have no dependency on main for height, and the signals
only move in one direction.

This also helps to prevent identity leakage a tiny bit. Before this change, an
attacker could theoretically make 2 connections on different interfaces. They
would connect fully on one, and only establish the initial connection on the
other. Once they receive a new block, they would relay it to your first
connection, and immediately commence the version handshake on the second. Since
the new block height is reflected immediately, they could attempt to learn
whether the two connections were correlated.

This is, of course, incredibly unlikely to work due to the small timings
involved and receipt from other senders. But it doesn't hurt to lock-in
nBestHeight at the time of connection, rather than letting the remote choose
the time.

* net: pass CClientUIInterface into CConnman

* net: Drop StartNode/StopNode and use CConnman directly

* net: Introduce CConnection::Options to avoid passing so many params

* net: add nSendBufferMaxSize/nReceiveFloodSize to CConnection::Options

* net: move vNodesDisconnected into CConnman

* Made the ForEachNode* functions in src/net.cpp more pragmatic and self documenting

* Convert ForEachNode* functions to take a templated function argument rather than a std::function to eliminate std::function overhead

* net: move MAX_FEELER_CONNECTIONS into connman
2017-07-21 12:35:19 +03:00
Ilya Savinov
15958c594c fix potential deadlock (PR#1536 fix) (#1538)
mempool.cs -> mnodeman.cs:
`CreateNewBlock - LOCK2(cs_main, mempool.cs) -> FillBlockPayments -> FillBlockPayee -> GetNextMasternodeInQueueForPayment - LOCK(mnodeman.cs)`

mnodeman.cs -> mempool.cs
`CheckMnbAndUpdateMasternodeList - LOCK2(cs_main, mnodeman.cs) -> CheckOutpoint -> GetTransaction -> lookup - LOCK(mempool.cs)`
2017-07-20 13:48:30 +03:00
UdjinM6
0f05e25c71 fix a bug in CommitFinalTransaction (#1540) 2017-07-19 21:49:48 +02:00
Ilya Savinov
6cb3fddcc1 fixed potential deadlock in CSuperblockManager::IsSuperblockTriggered (#1536)
governance.cs -> mempool.cs:
`CGovernanceManager::ProcessMessage - LOCK2(cs_main, governance.cs) ->  GetTransaction ->  lookup - LOCK(mempool.cs)`

mempool.cs -> governance.cs:
`CreateNewBlock - LOCK2(cs_main, mempool.cs)  -> FillBlockPayments ->  IsSuperblockTriggered - LOCK(governance.cs)`
2017-07-18 19:25:02 +03:00
Oleg Girko
290fb3b57e Backport Bitcoin PR#7942: locking for Misbehave() and other cs_main locking fixes (#1535)
* lock cs_main for chainActive

ActivateBestChain uses chainActive after releasing the lock; reorder operations
to move all access to synchronized object into existing LOCK(cs_main) block.

* lock cs_main for State/Misbehaving

ProcessMessage calls State(...) and Misbehaving(...) without holding the
required lock; add LOCK(cs_main) blocks.
2017-07-17 20:49:17 +03:00
gladcow
8075370d1e change invalid version string constant (#1532) 2017-07-17 17:38:32 +03:00
Ilya Savinov
e0d6c5b5a2 fixed potential deadlock in CMasternodePing::SimpleCheck (#1534) 2017-07-17 16:59:04 +03:00
UdjinM6
9e9df28203 do not use masternode connections in feeler logic (#1533) 2017-07-17 16:54:35 +03:00
Oleg Girko
d934ffb2ff Added feeler connections increasing good addrs in the tried table. (#1530)
Tests if addresses are online or offline by briefly connecting to them. These short lived connections are referred to as feeler connections. Feeler connections are designed to increase the number of fresh online addresses in tried by selecting and connecting to addresses in new. One feeler connection is attempted on average once every two minutes.

This change was suggested as Countermeasure 4 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.
2017-07-17 13:39:12 +03:00
UdjinM6
27b6f36338 fix deadlock (#1531) 2017-07-17 10:06:15 +02:00
Oleg Girko
aa32f1dc97 Remove bad chain alert partition check (#1529)
As per meeting 2016-03-31
https://bitcoincore.org/en/meetings/2016/03/31/#bad-chain-alerts

The partition checker was producing huge number of false-positives
and was disabled in 0.12.1 on the understanding it would either be
fixed in 0.13 or removed entirely from master if not.

*** Dash specific note: ***
This check was disabled in Dash already.
2017-07-16 23:17:04 +03:00
Oleg Girko
9ce2b966cd Backport Bitcoin PR#8113: Rework addnode behaviour (#1525)
* Rework addnode behaviour

* Use CNode::addeName to track whether a connection to a name is already open
  * A new connection to a previously-connected by-name addednode is only opened when
    the previous one closes (even if the name starts resolving to something else)
  * At most one connection is opened per addednode (even if the name resolves to multiple)
* Unify the code between ThreadOpenAddedNodeConnections and getaddednodeinfo
  * Information about open connections is always returned, and the dns argument becomes a dummy
  * An IP address and inbound/outbound is only reported for the (at most 1) open connection

* Prevent duplicate connections where one is by name and another by ip

* Randomize name lookup result in ConnectSocketByName
2017-07-14 19:58:57 +03:00
UdjinM6
1b1d52ac3e workaround for travis (#1526) 2017-07-14 17:19:07 +03:00
Ilya Savinov
916af52c0a Fix vulnerability with mapMasternodeOrphanObjects (#1512)
* fix vulnerability with mapMasternodeOrphanObjects

The vulnerability is that a malicious node can send a lot of NetMsgType::MNGOVERNANCEOBJECT messages which refer to many arbitrary MN's. In this case, mapMasternodeOrphanObjects will grow unrestrictedly.

* MN collateral moved to governance-object.cpp; ban score applied to misbehaving nodes

* recursive locks removed

* check for the mn collateral code segregated to a separate function

* CheckCollateral implementation moved to cpp
2017-07-13 12:38:00 +03:00
Oleg Girko
eea78d45ed Revert "fixed regtest+ds issues" (#1524)
This reverts commit 1f828f45ec.

The commit being reverted changed FindNode(const CService& addr)
to make no difference between nodes with the same IP address,
but different ports, but only for regtest network.
As functional tests run several nodes on different ports or the same
IP address (127.0.0.1), this eventually started breaking functional tests.
The only use for regtest network I know is for functional tests,
so it's time to revert that commit.
2017-07-13 09:07:50 +03:00
chaeplin
f9dd40888e include atomic (#1523) 2017-07-12 23:08:18 +03:00
Ilya Savinov
f7aa81586f Fix issues with mapSeenGovernanceObjects (#1511)
* fix issues with mapSeenGovernanceObjects

Removed seen-governance-objects optimization except for deleted objects. Otherwise some nodes can permanently lost proposals if they received them too early.
Beside of that there is a vulnerability with seen-governance-objects mechanism if malicious node send us a lot of invalid governance objects.

* mapSeenGovernanceObjects renamed to mapErasedGovernanceObjects

* current fixes

* use int64_t for expiration timestamp
2017-07-12 23:08:06 +03:00
Oleg Girko
7b5556a294 Backport Bitcoin PR#8084: Add recently accepted blocks and txn to AttemptToEvictConnection (#1522)
* Add recently accepted blocks and txn to AttemptToEvictConnection.

This protects any not-already-protected peers who were the most
 recent four to relay transactions and most recent four to send
 blocks to us.

* Allow disconnecting a netgroup with only one member in eviction.

With the latest additions there are enough protective measures that
 we can take the training wheels off.
2017-07-12 14:13:38 +03:00
Oleg Girko
5a1961e5e3 Backport Bitcoin PR#7906: net: prerequisites for p2p encapsulation changes (#1521)
* net: don't import std namespace

This file is about to be broken up into chunks and moved around. Drop the
namespace now rather than requiring other files to use it.

* net: remove unused set

* net: use the exposed GetNodeSignals() rather than g_signals directly

* net: make Ban/Unban/ClearBan functionality consistent

- Ban/Unban/ClearBan call uiInterface.BannedListChanged() as necessary
- Ban/Unban/ClearBan sync to disk if the operation is user-invoked
- Mark node for disconnection automatically when banning
- Lock cs_vNodes while setting disconnected
- Don't spin in a tight loop while setting disconnected

* net: No need to export DumpBanlist
2017-07-12 04:20:12 +03:00
Oleg Girko
9a8a290b87 fix race that could fail to persist a ban (#1518)
DumpBanList currently does this:
  - with lock: take a copy of the banmap
  - perform I/O (write out the banmap)
  - with lock: mark the banmap non-dirty
If a new ban is added during the I/O operation, it may never be persisted to
disk.

Reorder operations so that the data to be persisted cannot be older than the
time at which the banmap was marked non-dirty.
2017-07-11 09:15:14 +03:00
Oleg Girko
b47984f303 Remove non-determinism which is breaking net_tests #8069 (#1517) 2017-07-11 02:03:14 +03:00
UdjinM6
397ea95dbb Implement BIP69 outside of CTxIn/CTxOut (#1514)
Apply BIP69 on transaction creation only, fix inputs order to match the BIP
2017-07-10 17:42:59 +03:00
UdjinM6
7abac068b6 fix MakeCollateralAmounts (#1500)
apply same logic as in CreateDenominated to avoid joining inputs from different addresses
2017-07-10 17:42:32 +03:00
UdjinM6
739ef9a681 Expire confirmed DSTXes after ~1h since confirmation (#1499)
* Expire confirmed DSTXes after ~1h since confirmation

* add missing cs_main lock
2017-07-10 17:42:09 +03:00
gladcow
70eb83a5ce New rpc call "masternodelist info" (#1513)
* add masternodelist info call

* safe version conversion function

* change default sentinel version value

* fix issues
2017-07-10 17:41:42 +03:00
Oleg Girko
9268a336dd Backport Bitcoin PR#7917: Optimize reindex (#1515)
* Make ProcessNewBlock dbp const and update comment

* Switch reindexing to AcceptBlock in-loop and ActivateBestChain afterwards

* Optimize ActivateBestChain for long chains

* Add -reindex-chainstate that does not rebuild block index

* Report reindexing progress in GUI
2017-07-10 17:41:14 +03:00
Oleg Girko
b39c518d5a Backport Bitcoin PR#7749: Enforce expected outbound services (#1508)
* Only store and connect to NODE_NETWORK nodes

* Keep addrman's nService bits consistent with outbound observations

* Verify that outbound connections have expected services

* Don't require services in -addnode

* Introduce enum ServiceFlags for service flags

* Introduce REQUIRED_SERVICES constant
2017-07-05 06:45:23 +03:00
Oleg Girko
6af9955faa Backport Bitcoin PR#7696: Fix de-serialization bug where AddrMan is corrupted after exception (#1507)
* CAddrDB modified so that when de-serialization code throws an exception Addrman is reset to a clean state
* CAddrDB modified to make unit tests possible
* Regression test created to ensure bug is fixed
* StartNode modifed to clear adrman if CAddrDB::Read returns an error code.
2017-07-05 03:40:22 +03:00
Ilya Savinov
109c5fd1d8 Fixed issues with propagation of governance objects (#1489)
* process governance objects in CheckMasternodeOrphanObjects as usual

* code refactoring: SetRateChecksHelper class added

* fixed race condition issues with propagation of governance objects

* change GetCollateralConfirmations signature

* code refactoring

* reduced minimum number of collateral confirmations required for relaying proposals

* bug fixes and improvements
2017-07-05 03:31:50 +03:00
Oleg Girko
d787fe4ab6 Backport Bitcoin PR#7458 : [Net] peers.dat, banlist.dat recreated when missing (#1506) 2017-07-05 02:26:13 +03:00
Oleg Girko
ac6c3c9008 Backport Bitcoin PR#7350: Banlist updates (#1505)
* banlist: update set dirty to be more fine grained

- move the SetBannedSetDirty(false) call from DumpData() into DumpBanlist()
- ensure we only set false, if the write succeeded

* banlist: better handling of banlist in StartNode()

- only start working on/with banlist data, if reading in the banlist from
  disk didn't fail
- as CNode::setBannedIsDirty is false (default) when reading fails, we
  don't need to explicitly set it to false to prevent writing
  banlist.dat in that case either

* banlist: add more banlist infos to log / add GUI signal

- to match the peers.dat handling also supply a debug.log entry for how
  many entries were loaded from banlist.dat and how long it took
- add a GUI init message for loading the banlist (same as with peers.dat)

- move the same message for peers.dat upwards in the code, to be able to
  reuse the timing variable nStart and also just log, if our read from
  peers.dat didn't fail

* banlist (bugfix): allow CNode::SweepBanned() to run on interval

- allows CNode::SweepBanned() to run, even if !CNode::BannedSetIsDirty(),
  because if nBanUntil is over we want the ban to be disabled for these
  nodes
2017-07-05 00:39:05 +03:00
gladcow
a439e98408 Replace watchdogs with ping (#1491)
* Add hassentinelping to governanceinfo

* sentinelping rpc call

* additional fields in mnp

* sentinel ping implementation

* change sentinel state to byte in mnp

* use adjusted time in sentinel ping

* update nTimeLastWatchdogVote if sentinel ping is actual

* remove unused fields

* bump protocol to 70207

* Fix small issues

 - fix the error message text in CActivbeMasternodeUpdateSentinelPing;
 - add empty string before public: in CActiveMasternode class declaration;
 - rename field sentinelPing in CMasternodePing to sentinelIsActual and change $
 - decrease sentinelVersion field size to uint16_t;

* revert proto bump for MIN_... consts

* revert changes in getgovernanceinfo

* Update mn vote time for remote masternodes

 - call UpdateWatchdogVoteTime in CMasternodeMan::ProcessMessage
 - deserialize masternodeping from the previous version archive without exception
 - add ability to set time in UpdateWatchdogVoteTime
 - set nTimeLastWatchdogVote to masternode ping sigTime if sentinel is actual
 - bump CMasternodeMan::SERIALIZATION_VERSION_STRING

* remove mn state checks and add correct rpc param convertion

* fix var names

* Helper class for version in string and integer form

* String version in sentinel ping

Version format is "x.x.x"

* test for bacward compatibility in serialization

* Change VersionInfo class to convert functions
2017-07-04 20:31:57 +03:00
Oleg Girko
f65017cfeb Backport Bitcoin PR#7349: Build against system UniValue when available (#1503)
* Build against system UniValue when available

* doc: Add UniValue to build instructions

* Bugfix: The var is LIBUNIVALUE,not LIBBITCOIN_UNIVALUE

* Change default configure option --with-system-univalue to "no"

* Bugfix: Always include univalue in DIST_SUBDIRS

* LDADD dependency order shuffling

* build-unix: Update UniValue build conditions
2017-07-04 06:20:19 +03:00
UdjinM6
96f0d6ec2b various trivial cleanup fixes (#1501) 2017-07-03 16:14:07 +03:00
Oleg Girko
b0843c397c Backport Bincoin PR#7348: MOVE ONLY: move rpc* to rpc/ + same for Dash-specific rpc (#1502) 2017-07-03 16:13:34 +03:00
UdjinM6
549b659e8c Force self-recheck on CActiveMasternode::ManageStateRemote() (#1441)
(otherwise code below could fail if we received new mnb right after latest check and thus our MN will not start)
2017-07-01 22:00:40 +03:00
Oleg Girko
a12491448d Eliminate unnecessary call to CheckBlock (#1498)
ProcessNewBlock would return failure early if CheckBlock failed, before
calling AcceptBlock.  AcceptBlock also calls CheckBlock, and upon failure
would update mapBlockIndex to indicate that a block was failed.  By returning
early in ProcessNewBlock, we were not marking blocks that fail a check in
CheckBlock as permanently failed, and thus would continue to re-request and
reprocess them.
2017-07-01 21:57:28 +03:00
UdjinM6
029ee64948 split CPrivateSend (#1492)
* split CPrivateSend:
- common client/server base data structures/functions: CPrivateSendBase
- singleton-like helper: CPrivateSend

* GetCollateralAmount(), more of GetSmallestDenomination()

* refactor GetDSTX

* remove excessive static_cast<bool>

* bring back LOCK(cs_mapdstx) :)

* address review comments

* fix bool operator
2017-06-30 21:30:16 +03:00
Oleg Girko
f9730cb2ec Increase test coverage for addrman and addrinfo (#1497)
Adds several unittests for CAddrMan and CAddrInfo.
Increases the accuracy of addrman tests.
Removes non-determinism in tests by overriding the random number generator.
Extracts testing code from addrman class to test class.
2017-06-30 21:29:29 +03:00
Oleg Girko
a443d4e2d0 Backport Bitcoin PRs #6589, #7180 and remaining part of #7181: enable per-command byte counters in CNode (#1496)
* log bytes recv/sent per command

* net: Account for `sendheaders` `verack` messages

Looks like these were forgotten in #6589.

* Backport remaining part of Bitcoin PR bitcoin/bitcoin#7181.

Most of this PR is already merged, but a small part remaining
that makes per-command byte counts in CNode working.

Signed-off-by: Oleg Girko <ol@infoserver.lv>
2017-06-29 04:51:10 +03:00
Alexander Block
1d67d52122 Don't try to create empty datadir before the real path is known (#1494)
Fixes: #1345

The actual problem is that GetDataDir has the side effect of creating the
datadir, even if it is not known yet where it really is. This is only
known after reading the config file or when explicitly specified in the
cmd line.

Thus, if GetDataDir gets called before the datadir value from the config
is read, it tries to create it at the default location.
2017-06-26 16:57:16 +03:00
thephez
5d27950296 Documentation: Add spork message / details to protocol-documentation.md (#1493)
* Protocol doc update - add missing command placeholders
Add spork command details

* Add message type for ssc and govsync

* Typo fixes

* Integrate UdjinM6's suggestions
2017-06-26 16:56:52 +03:00
Tim Flynn
a109a611f3 Validate proposals on prepare and submit (#1488)
* Implement proposal validation

Includes commits:
  Implemented CProposalValidator

  Use CProposalValidator to check proposals at prepare and submit stages

  Modify proposal validator to support numerical data in string format

  Multiple bug fixes in governance-validators.cpp

  Fixed bug in CheckURL

  Fixed stream state check

  Increase strictness of payment address validation for compatibility with sentinel

  Improved error reporting

  Implemented "check" rpc command to validate proposals

  Fixes to RPC check command

  Fix error message

  Unit test and data files for proposal validator

  Added test cases

  Removed debugging code

* Fix name validation

* Changes to address code review comments
2017-06-26 16:56:29 +03:00
Will Wray
7155043571 Dashify bitcoin unix executables (#1486) 2017-06-06 02:47:46 +03:00
Spencer Lievens
72fbfe93d8 Icon Cutoff Fix (#1485)
This will prevent the cutoff of the connections icon when using this theme.
2017-06-06 02:47:36 +03:00
UdjinM6
bea548c612 adjust/fix some log and error messages (#1484)
* adjust/fix some log and error messages

* revert penalty

* more newline/c_str fixes

* lld -> llu
2017-06-06 02:47:23 +03:00
UdjinM6
2daea77a5b fix calculation of (unconfirmed) anonymizable balance (#1477)
* fix calculation of (unconfirmed) anonymizable balance

* store cache with the same param combination as in use
2017-06-06 02:47:12 +03:00
UdjinM6
a28fa724c2 fix BIP34 starting blocks for mainnet/testnet (#1476) 2017-06-06 02:46:58 +03:00