9d4eb9a Do diskspace check before import thread is started (Pieter Wuille)
aa59f2e Add extra message to avoid a long 'Loading banlist' (Pieter Wuille)
0fd2a33 Use a signal to continue init after genesis activation (Pieter Wuille)
eebc232 test: Add more test vectors for siphash (Wladimir J. van der Laan)
8884830 Use C++11 thread-safe static initializers (Pieter Wuille)
c31b24f Use 64-bit SipHash of netgroups in eviction (Pieter Wuille)
9bf156b Support SipHash with arbitrary byte writes (Pieter Wuille)
053930f Avoid recalculating vchKeyedNetGroup in eviction logic. (Patrick Strateman)
6182d10 Do not increment nAttempts by more than one for every Good connection. (Gregory Maxwell)
c769c4a Avoid counting failed connect attempts when probably offline. (Gregory Maxwell)
b559914 Move bloom and feerate filtering to just prior to tx sending. (Gregory Maxwell)
4578215 Return mempool queries in dependency order (Pieter Wuille)
ed70683 Handle mempool requests in send loop, subject to trickle (Pieter Wuille)
dc13dcd Split up and optimize transaction and block inv queues (Pieter Wuille)
f2d3ba7 Eliminate TX trickle bypass, sort TX invs for privacy and priority. (Gregory Maxwell)
* Initial devnet
* Move genesis block adding into its own method
* Introduce -allowprivatenet to lift limitation on RFC1918 addresses
Normally, RFC1918 (192.168.x.x/10.x.x.x/...) addresses are not allowed
to be relayed. Also, masternodes won't start when the address is considered
invalid.
This is needed to test local devnet or regtest based networks.
* Lift the requirement of minimum MN age for regtest/devnet
* Implement named devnets
This allows the creation of multiple independent devnets. Each one is
identified by a name which is hardened into a "devnet genesis" block,
which is automatically positioned at height 1. Validation rules will
ensure that a node from devnet=test1 never be able to accept blocks
from devnet=test2. This is done by checking the expected devnet genesis
block.
The genesis block of the devnet is the same as the one from regtest. This
starts the devnet with a very low difficulty, allowing us to fill up
needed balances for masternodes very fast.
Also, the devnet name is put into the sub-version of the VERSION message.
If a node connects to the wrong network, it will immediately be disconnected.
* Allow to select multiple addresses from the same group in devnet/regtest
The selection code normally only allows to select addresses from the same
group (e.g. 192.168.x.x) once. This results in connecting to only a single
node in devnet/regtest.
* Show the devnet name in the title bar and on the loading screen
* Add AllowMultipleAddressesFromGroup to chainparams and use it in net.cpp
* Remove unused/unneeded scripts from devnet geneses creation
1. OP_RETURN not needed in input script of devnet genesis
2. genesisOutputScript was unused
* Fix copy/paste error in -allowprivatenet description
* Improve -devnet parameter error handling
- Only allow one of -devnet, -regtest or -testnet
- Only allow -devnet=name to be specified once
* Use different datadir for each devnet
* Fix `devnet-devnet` issue
* Fix devnet splashscreen (should use testnet img)
* Avoid passing devNetName around (most of the time)
* Remove nMaxTipAge from CDevNetParams
Not present anymore after rebase on develop
027fdb8 When/if the copyright line does not mention Bitcoin Core developers, add a second line to copyrights in -version, About dialog, and splash screen (Luke Dashjr)
cc2095e Rewrite FormatParagraph to handle newlines within input strings correctly (Luke Dashjr)
cddffaf Bugfix: Include COPYRIGHT_HOLDERS_SUBSTITUTION in Makefile substitutions so it gets passed to extract-strings correctly (Luke Dashjr)
29598e4 Move PACKAGE_URL to configure.ac (Luke Dashjr)
78ec83d splashscreen: Resize text to fit exactly (Luke Dashjr)
3cae140 Bugfix: Actually use _COPYRIGHT_HOLDERS_SUBSTITUTION everywhere (Luke Dashjr)
4d5a3df Bugfix: gitian-descriptors: Add missing python-setuptools requirement for OS X (biplist module) (Luke Dashjr)
e4ab5e5 Bugfix: Correct copyright year in Mac DMG background image (Luke Dashjr)
917b1d0 Set copyright holders displayed in notices separately from the package name (Luke Dashjr)
c39a6ff Travis & gitian-osx: Use depends for ds_store and mac_alias modules (Luke Dashjr)
902ccde depends: Add mac_alias to depends (Luke Dashjr)
82a2d98 depends: Add ds_store to depends (Cory Fields)
de619a3 depends: Pass PYTHONPATH along to configure (Cory Fields)
e611b6e macdeploy: Use rsvg-convert rather than cairosvg (Luke Dashjr)
63bcdc5 More complicated package name substitution for Mac deployment (Luke Dashjr)
1a6c67c Parameterise 2009 in translatable copyright strings (Luke Dashjr)
d5f4683 Unify package name to as few places as possible without major changes (Luke Dashjr)
* Allow compilation with `--disable-wallet`
* fix remaining references
* Drop wallet references/include in CActiveMasternode and fix other files affected by this change
* Wrap privatesend-client.h include with ifdef/endif and fix other files affected by this change
* Re-enable Travis build with no wallet
reverts 267e57877b
* Merge #8996: Network activity toggle
19f46f1 Qt: New network_disabled icon (Luke Dashjr)
54cf997 RPC/Net: Use boolean consistently for networkactive, and remove from getinfo (Luke Dashjr)
b2b33d9 Overhaul network activity toggle (Jonas Schnelli)
32efa79 Qt: Add GUI feedback and control of network activity state. (Jon Lund Steffensen)
e38993b RPC: Add "togglenetwork" method to toggle network activity temporarily (Jon Lund Steffensen)
7c9a98a Allow network activity to be temporarily suspended. (Jon Lund Steffensen)
* Revert on-click behavior of network status icon to showing peers list
Stay with the way Dash handled clicking on the status icon
* Add theme support for network disabled icon
* Merge #8874: Multiple Selection for peer and ban tables
1077577 Fix auto-deselection of peers (Andrew Chow)
addfdeb Multiple Selection for peer and ban tables (Andrew Chow)
* Merge #9190: qt: Plug many memory leaks
ed998ea qt: Avoid OpenSSL certstore-related memory leak (Wladimir J. van der Laan)
5204598 qt: Avoid shutdownwindow-related memory leak (Wladimir J. van der Laan)
e4f126a qt: Avoid splash-screen related memory leak (Wladimir J. van der Laan)
693384e qt: Prevent thread/memory leak on exiting RPCConsole (Wladimir J. van der Laan)
47db075 qt: Plug many memory leaks (Wladimir J. van der Laan)
* Merge #9218: qt: Show progress overlay when clicking spinner icon
042f9fa qt: Show progress overlay when clicking spinner icon (Wladimir J. van der Laan)
827d9a3 qt: Replace NetworkToggleStatusBarControl with generic ClickableLabel (Wladimir J. van der Laan)
* Merge #9266: Bugfix: Qt/RPCConsole: Put column enum in the right places
df17fe0 Bugfix: Qt/RPCConsole: Put column enum in the right places (Luke Dashjr)
* Merge #9255: qt: layoutAboutToChange signal is called layoutAboutToBeChanged
f36349e qt: Remove on_toggleNetworkActiveButton_clicked from RPCConsole (Wladimir J. van der Laan)
297cc20 qt: layoutAboutToChange signal is called layoutAboutToBeChanged (Wladimir J. van der Laan)
* Use UniValue until bitcoin PR #8788 is backported
Network active toggle was already based on
"[RPC] Give RPC commands more information about the RPC request"
We need to use the old UniValue style until that one is backported
* Merge #8906: [qt] sync-overlay: Don't show progress twice
fafeec3 [qt] sync-overlay: Don't show progress twice (MarcoFalke)
* Merge #8985: Use pindexBestHeader instead of setBlockIndexCandidates for NotifyHeaderTip()
3154d6e [Qt] use NotifyHeaderTip's height and date for the progress update (Jonas Schnelli)
0a261b6 Use pindexBestHeader instead of setBlockIndexCandidates for NotifyHeaderTip() (Jonas Schnelli)
* Merge #9280: [Qt] Show ModalOverlay by pressing the progress bar, allow hiding
89a3723 [Qt] Show ModalOverlay by pressing the progress bar, disabled show() in sync mode (Jonas Schnelli)
* Merge #9461: [Qt] Improve progress display during headers-sync and peer-finding
40ec7c7 [Qt] Improve progress display during headers-sync and peer-finding (Jonas Schnelli)
* Merge #9588: qt: Use nPowTargetSpacing constant
fa4d478 qt: Use nPowTargetSpacing constant (MarcoFalke)
* Hide modal overlay forever when syncing has catched up
Don't allow to open it again by clicking on the progress bar and spinner
icon. Currently the overlay does not show meaningful information about
masternode sync and it gives the impression of being stuck after the block
chain sync is done.
* Don't include chainparams.h in sendcoinsdialog.cpp
This was just a remainder of a backported PR which meant to change some
calculation in this file which does not apply to Dash.
* Also check for fNetworkActive in ConnectNode
* Merge #9528: [qt] Rename formateNiceTimeOffset(qint64) to formatNiceTimeOffset(qint64)
988d300 [qt] Rename formateNiceTimeOffset(qint64) to formatNiceTimeOffset(qint64) (practicalswift)
* Merge #11237: qt: Fixing division by zero in time remaining
c8d38abd6 Refactor tipUpdate as per style guide (MeshCollider)
3b69a08c5 Fix division by zero in time remaining (MeshCollider)
Pull request description:
Fixes https://github.com/bitcoin/bitcoin/issues/10291, https://github.com/bitcoin/bitcoin/issues/11265
progressDelta may be 0 (or even negative according to 11265), this checks for that and prints unknown if it is, because we cannot calculate an estimate for the time remaining (would be infinite or negative).
Tree-SHA512: bc5708e5ed6e4670d008219558c5fbb25709bd99a32c98ec39bb74f94a0b7fa058f3d03389ccdd39e6723e6b5b48e34b13ceee7c051c2db631e51d8ec3e1d68c
* Merge #7506: Use CCoinControl selection in CWallet::FundTransaction
d6cc6a1 Use CCoinControl selection in CWallet::FundTransaction (João Barbosa)
* Merge #7732: [Qt] Debug window: replace "Build date" with "Datadir"
fc737d1 [Qt] remove unused formatBuildDate method (Jonas Schnelli)
4856f1d [Qt] Debug window: replace "Build date" with "Datadir" (Jonas Schnelli)
* Merge #7707: [RPC][QT] UI support for abandoned transactions
8efed3b [Qt] Support for abandoned/abandoning transactions (Jonas Schnelli)
* Merge #7688: List solvability in listunspent output and improve help
c3932b3 List solvability in listunspent output and improve help (Pieter Wuille)
* Merge #8006: Qt: Add option to disable the system tray icon
8b0e497 Qt: Add option to hide the system tray icon (Tyler Hardin)
* Merge #8073: qt: askpassphrasedialog: Clear pass fields on accept
02ce2a3 qt: askpassphrasedialog: Clear pass fields on accept (Pavel Vasin)
* Merge #8231: [Qt] fix a bug where the SplashScreen will not be hidden during startup
b3e1348 [Qt] fix a bug where the SplashScreen will not be hidden during startup (Jonas Schnelli)
* Merge #8257: Do not ask a UI question from bitcoind
1acf1db Do not ask a UI question from bitcoind (Pieter Wuille)
* Merge #8463: [qt] Remove Priority from coincontrol dialog
fa8dd78 [qt] Remove Priority from coincontrol dialog (MarcoFalke)
* Merge #8678: [Qt][CoinControl] fix UI bug that could result in paying unexpected fee
0480293 [Qt][CoinControl] fix UI bug that could result in paying unexpected fee (Jonas Schnelli)
* Merge #8672: Qt: Show transaction size in transaction details window
c015634 qt: Adding transaction size to transaction details window (Hampus Sjöberg)
\-- merge fix for s/size/total size/
fdf82fb Adding method GetTotalSize() to CTransaction (Hampus Sjöberg)
* Merge #8371: [Qt] Add out-of-sync modal info layer
08827df [Qt] modalinfolayer: removed unused comments, renamed signal, code style overhaul (Jonas Schnelli)
d8b062e [Qt] only update "amount of blocks left" when the header chain is in-sync (Jonas Schnelli)
e3245b4 [Qt] add out-of-sync modal info layer (Jonas Schnelli)
e47052f [Qt] ClientModel add method to get the height of the header chain (Jonas Schnelli)
a001f18 [Qt] Always pass the numBlocksChanged signal for headers tip changed (Jonas Schnelli)
bd44a04 [Qt] make Out-Of-Sync warning icon clickable (Jonas Schnelli)
0904c3c [Refactor] refactor function that forms human readable text out of a timeoffset (Jonas Schnelli)
* Merge #8805: Trivial: Grammar and capitalization
c9ce17b Trivial: Grammar and capitalization (Derek Miller)
* Merge #8885: gui: fix ban from qt console
cb78c60 gui: fix ban from qt console (Cory Fields)
* Merge #8821: [qt] sync-overlay: Don't block during reindex
fa85e86 [qt] sync-overlay: Don't show estimated number of headers left (MarcoFalke)
faa4de2 [qt] sync-overlay: Don't block during reindex (MarcoFalke)
* Support themes for new transaction_abandoned icon
* Fix constructor call to COutput
* Merge #7842: RPC: do not print minping time in getpeerinfo when no ping received yet
62a6486 RPC: do not print ping info in getpeerinfo when no ping received yet, fix help (Pavel Janík)
* Merge #8918: Qt: Add "Copy URI" to payment request context menu
21f5a63 Qt: Add "Copy URI" to payment request context menu (Luke Dashjr)
* Merge #8925: qt: Display minimum ping in debug window.
1724a40 Display minimum ping in debug window. (R E Broadley)
* Merge #8972: [Qt] make warnings label selectable (jonasschnelli)
ef0c9ee [Qt] make warnings label selectable (Jonas Schnelli)
* Make background of warning icon transparent in modaloverlay
* Merge #9088: Reduce ambiguity of warning message
77cbbd9 Make warning message about wallet balance possibly being incorrect less ambiguous. (R E Broadley)
* Replace Bitcoin with Dash in modal overlay
* Remove clicked signals from labelWalletStatus and labelTransactionsStatus
As both are really just labels, clicking on those is not possible.
This is different in Bitcoin, where these labels are actually buttons.
* Pull out modaloverlay show/hide into it's own if/else block and switch to time based check
Also don't use masternodeSync.IsBlockchainSynced() for now as it won't
report the blockchain being synced before the first block (or other MN
data?) arrives. This would otherwise give the impression that sync is
being stuck.
* Merge pull request #7154a3c3ddb [Qt] add InMempool() info to transaction details (Jonas Schnelli)
* Merge pull request #7218fa5769e [qt] Fix misleading translation (MarcoFalke)
fa8c8d7 torcontrol debug: Change to a blanket message that covers both cases (MarcoFalke)
* Merge pull request #72556fd0a07 Remove hardcoded fee from CoinControl ToolTip (fanquake)
5fdf32d Replace some instances of formatWithUnit with formatHtmlWithUnit (fanquake)
* Merge pull request #7263a5a0831 Double semicolon cleanup. (21E14)
* Merge pull request #7334fa989fb [qt] coincontrol workaround is still needed in qt5.4 (fixed in qt5.5) (MarcoFalke)
* Merge pull request #73299d263bd Typo fixes in comments (Chris Wheeler)
* Merge #7396: [Qt] Add option to increase/decrease font size in the console window
43abb02 [Qt] Add a new chevron/arrow icon for the console prompt line (Jonas Schnelli)
56c9e66 [Qt] keep scroll position in GUI console after changing font size (Jonas Schnelli)
3a3a927 [Qt] Add option to increase/decrease font size in the console window (Jonas Schnelli)
* Merge #7628: QT: Add 'copy full transaction details' option
b51ed40 QT: Add 'copy full transaction details' option (Eric Shaw)
* Merge #7668: Fix history deletion bug after font size change
21e45a0 Fix history deletion bug after font change (Andrew C)
* Copy/Move font size related icons into theme folders
* Use formatTxDate for date/time in TxPlainTextRole
* net: Split resolving out of CNetAddr
* net: Split resolving out of CService
* net: Split resolving out of CSubNet
* net: move CNetAddr/CService/CSubNet out of netbase
* net: narrow include scope after moving to netaddress
Net functionality is no longer needed for CAddress/CAddrman/etc. now that
CNetAddr/CService/CSubNet are dumb storage classes.
* net: Add direct tests for new CSubNet constructors
* net: Have LookupNumeric return a CService directly
Also fix up a few small issues:
- Lookup with "badip:port" now sets the port to 0
- Don't allow assert to have side-effects
* net: fixup nits
* net: require lookup functions to specify all arguments
To make it clear where DNS resolves are happening
* net: manually resolve dns seed sources
Note: Some seeds aren't actually returning an IP for their name entries, so
they're being added to addrman with a source of [::].
This commit shouldn't change that behavior, for better or worse.
* net: resolve outside of storage structures
Rather than allowing CNetAddr/CService/CSubNet to launch DNS queries, require
that addresses are already resolved.
This greatly simplifies async resolve logic, and makes it harder to
accidentally leak DNS queries.
* net: disable resolving from storage structures
CNetAddr/CService/CSubnet can no longer resolve DNS.
The use of mocktime in test logic means that comparisons between
GetTime() and GetTimeMicros()/1000000 are unreliable since the former
can use mocktime values while the latter always gets the system clock;
this changes the networking code's inactivity checks to consistently
use the system clock for inactivity comparisons.
Also remove some hacks from setmocktime() that are no longer needed,
now that we're using the system clock for nLastSend and nLastRecv.
* net: fix typo causing the wrong receive buffer size
Surprisingly this hasn't been causing me any issues while testing, probably
because it requires lots of large blocks to be flying around.
Send/Recv corks need tests!
* net: make vRecvMsg a list so that we can use splice()
* net: make GetReceiveFloodSize public
This will be needed so that the message processor can cork incoming messages
* net: only disconnect if fDisconnect has been set
These conditions are problematic to check without locking, and we shouldn't be
relying on the refcount to disconnect.
* net: wait until the node is destroyed to delete its recv buffer
when vRecvMsg becomes a private buffer, it won't make sense to allow other
threads to mess with it anymore.
* net: set message deserialization version when it's actually time to deserialize
We'll soon no longer have access to vRecvMsg, and this is more intuitive anyway.
* net: handle message accounting in ReceiveMsgBytes
This allows locking to be pushed down to only where it's needed
Also reuse the current time rather than checking multiple times.
* net: record bytes written before notifying the message processor
* net: Add a simple function for waking the message handler
This may be used publicly in the future
* net: remove useless comments
* net: remove redundant max sendbuffer size check
This is left-over from before there was proper accounting. Hitting 2x the
sendbuffer size should not be possible.
* net: rework the way that the messagehandler sleeps
In order to sleep accurately, the message handler needs to know if _any_ node
has more processing that it should do before the entire thread sleeps.
Rather than returning a value that represents whether ProcessMessages
encountered a message that should trigger a disconnnect, interpret the return
value as whether or not that node has more work to do.
Also, use a global fProcessWake value that can be set by other threads,
which takes precedence (for one cycle) over the messagehandler's decision.
Note that the previous behavior was to only process one message per loop
(except in the case of a bad checksum or invalid header). That was changed in
PR #3180.
The only change here in that regard is that the current node now falls to the
back of the processing queue for the bad checksum/invalid header cases.
* net: add a new message queue for the message processor
This separates the storage of messages from the net and queued messages for
processing, allowing the locks to be split.
* net: add a flag to indicate when a node's process queue is full
Messages are dumped very quickly from the socket handler to the processor, so
it's the depth of the processing queue that's interesting.
The socket handler checks the process queue's size during the brief message
hand-off and pauses if necessary, and the processor possibly unpauses each time
a message is popped off of its queue.
* net: add a flag to indicate when a node's send buffer is full
Similar to the recv flag, but this one indicates whether or not the net's send
buffer is full.
The socket handler checks the send queue when a new message is added and pauses
if necessary, and possibly unpauses after each message is drained from its buffer.
* net: remove cs_vRecvMsg
vRecvMsg is now only touched by the socket handler thread.
The accounting vars (nRecvBytes/nLastRecv/mapRecvBytesPerMsgCmd) are also
only used by the socket handler thread, with the exception of queries from
rpc/gui. These accesses are not threadsafe, but they never were. This needs to
be addressed separately.
Also, update comment describing data flow
* Dont deserialize nVersion into CNode, should fix#9212
* net: deserialize the entire version message locally
This avoids having some vars set if the version negotiation fails.
Also copy it all into CNode at the same site. nVersion and
fSuccessfullyConnected are set last, as they are the gates for the other vars.
Make them atomic for that reason.
* net: don't run callbacks on nodes that haven't completed the version handshake
Since ForEach* are can be used to send messages to all nodes, the caller may
end up sending a message before the version handshake is complete. To limit
this, filter out these nodes. While we're at it, may as well filter out
disconnected nodes as well.
Delete unused methods rather than updating them.
* net: Disallow sending messages until the version handshake is complete
This is a change in behavior, though it's much more sane now than before.
* net: log an error rather than asserting if send version is misused
Also cleaned up the comments and moved from the header to the .cpp so that
logging headers aren't needed from net.h
* Implement conditions for ForEachNode() and ForNode() methods of CConnman.
A change making ForEachNode() and ForNode() methods ignore nodes that
have not completed initial handshake have been backported from Bitcoin.
Unfortunately, some Dash-specific code needs to iterate over all nodes.
This change introduces additional condition argument to these methods.
This argument is a functional object that should return true for nodes
that should be taken into account, not ignored.
Two functional objects are provided in CConnman namespace:
* FullyConnectedOnly returns true for nodes that have handshake completed,
* AllNodes returns true for all nodes.
Overloads for ForEachNode() and ForNode() methods without condition argument
are left for compatibility with non-Dash-specific code.
They use FullyConnectedOnly functional object for condition.
Signed-off-by: Oleg Girko <ol@infoserver.lv>
* Iterate over all nodes in Dash-specific code using AllNodes condition.
Use AllNodes functional object as newly introduced condition argument for
ForEachNode() and ForNode() methods of CConnman to iterate over all nodes
where needed in Dash-specific code.
Signed-off-by: Oleg Girko <ol@infoserver.lv>
* net: a few small cleanups before replacing boost threads
- Drop the interruption point directly after the pnode allocation. This would
be leaky if hit.
- Rearrange thread creation so that the socket handler comes first
* net: add CThreadInterrupt and InterruptibleSleep
* net: make net interruptible
Also now that net threads are interruptible, switch them to use std
threads/binds/mutexes/condvars.
* net: make net processing interruptible
* net: remove thread_interrupted catch
This is now a std::thread, so there's no hope of catching a boost interruption
point.
* net: make proxy receives interruptible
* net: misc header cleanups
In the case of (for example) an already-running bitcoind, the shutdown sequence
begins before CConnman has been created, leading to a null-pointer dereference
when g_connman->Stop() is called.
Instead, Just let the CConnman dtor take care of stopping.
* serialization: teach serializers variadics
Also add a variadic CDataStream ctor for ease-of-use.
* connman is in charge of pushing messages
The changes here are dense and subtle, but hopefully all is more explicit
than before.
- CConnman is now in charge of sending data rather than the nodes themselves.
This is necessary because many decisions need to be made with all nodes in
mind, and a model that requires the nodes calling up to their manager quickly
turns to spaghetti.
- The per-node-serializer (ssSend) has been replaced with a (quasi-)const
send-version. Since the send version for serialization can only change once
per connection, we now explicitly tag messages with INIT_PROTO_VERSION if
they are sent before the handshake. With this done, there's no need to lock
for access to nSendVersion.
Also, a new stream is used for each message, so there's no need to lock
during the serialization process.
- This takes care of accounting for optimistic sends, so the
nOptimisticBytesWritten hack can be removed.
- -dropmessagestest and -fuzzmessagestest have not been preserved, as I suspect
they haven't been used in years.
* net: switch all callers to connman for pushing messages
Drop all of the old stuff.
* drop the optimistic write counter hack
This is now handled properly in realtime.
* net: remove now-unused ssSend and Fuzz
* net: construct CNodeStates in place
* net: handle version push in InitializeNode
* net: Add fRelayTxes flag
Add a fRelayTxes to keep track of the relay transaction flag
we send to other peers.
* rpc: Add `relaytxes` flag to `getnetworkinfo`
Re-work of PR #7841 by dragongem45.
Closes#7771.
* net: move CBanDB and CAddrDB out of net.h/cpp
This will eventually solve a circular dependency
* net: Create CConnman to encapsulate p2p connections
* net: Move socket binding into CConnman
* net: move OpenNetworkConnection into CConnman
* net: move ban and addrman functions into CConnman
* net: Add oneshot functions to CConnman
* net: move added node functions to CConnman
* net: Add most functions needed for vNodes to CConnman
* net: handle nodesignals in CConnman
* net: Pass CConnection to wallet rather than using the global
* net: Add rpc error for missing/disabled p2p functionality
* net: Pass CConnman around as needed
* gui: add NodeID to the peer table
* net: create generic functor accessors and move vNodes to CConnman
* net: move whitelist functions into CConnman
* net: move nLastNodeId to CConnman
* net: move nLocalHostNonce to CConnman
This behavior seems to have been quite racy and broken.
Move nLocalHostNonce into CNode, and check received nonces against all
non-fully-connected nodes. If there's a match, assume we've connected
to ourself.
* net: move messageHandlerCondition to CConnman
* net: move send/recv statistics to CConnman
* net: move SendBufferSize/ReceiveFloodSize to CConnman
* net: move nLocalServices/nRelevantServices to CConnman
These are in-turn passed to CNode at connection time. This allows us to offer
different services to different peers (or test the effects of doing so).
* net: move semOutbound and semMasternodeOutbound to CConnman
* net: SocketSendData returns written size
* net: move max/max-outbound to CConnman
* net: Pass best block known height into CConnman
CConnman then passes the current best height into CNode at creation time.
This way CConnman/CNode have no dependency on main for height, and the signals
only move in one direction.
This also helps to prevent identity leakage a tiny bit. Before this change, an
attacker could theoretically make 2 connections on different interfaces. They
would connect fully on one, and only establish the initial connection on the
other. Once they receive a new block, they would relay it to your first
connection, and immediately commence the version handshake on the second. Since
the new block height is reflected immediately, they could attempt to learn
whether the two connections were correlated.
This is, of course, incredibly unlikely to work due to the small timings
involved and receipt from other senders. But it doesn't hurt to lock-in
nBestHeight at the time of connection, rather than letting the remote choose
the time.
* net: pass CClientUIInterface into CConnman
* net: Drop StartNode/StopNode and use CConnman directly
* net: Introduce CConnection::Options to avoid passing so many params
* net: add nSendBufferMaxSize/nReceiveFloodSize to CConnection::Options
* net: move vNodesDisconnected into CConnman
* Made the ForEachNode* functions in src/net.cpp more pragmatic and self documenting
* Convert ForEachNode* functions to take a templated function argument rather than a std::function to eliminate std::function overhead
* net: move MAX_FEELER_CONNECTIONS into connman
Tests if addresses are online or offline by briefly connecting to them. These short lived connections are referred to as feeler connections. Feeler connections are designed to increase the number of fresh online addresses in tried by selecting and connecting to addresses in new. One feeler connection is attempted on average once every two minutes.
This change was suggested as Countermeasure 4 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.
* Rework addnode behaviour
* Use CNode::addeName to track whether a connection to a name is already open
* A new connection to a previously-connected by-name addednode is only opened when
the previous one closes (even if the name starts resolving to something else)
* At most one connection is opened per addednode (even if the name resolves to multiple)
* Unify the code between ThreadOpenAddedNodeConnections and getaddednodeinfo
* Information about open connections is always returned, and the dns argument becomes a dummy
* An IP address and inbound/outbound is only reported for the (at most 1) open connection
* Prevent duplicate connections where one is by name and another by ip
* Randomize name lookup result in ConnectSocketByName
This reverts commit 1f828f45ec.
The commit being reverted changed FindNode(const CService& addr)
to make no difference between nodes with the same IP address,
but different ports, but only for regtest network.
As functional tests run several nodes on different ports or the same
IP address (127.0.0.1), this eventually started breaking functional tests.
The only use for regtest network I know is for functional tests,
so it's time to revert that commit.
* Add recently accepted blocks and txn to AttemptToEvictConnection.
This protects any not-already-protected peers who were the most
recent four to relay transactions and most recent four to send
blocks to us.
* Allow disconnecting a netgroup with only one member in eviction.
With the latest additions there are enough protective measures that
we can take the training wheels off.
* net: don't import std namespace
This file is about to be broken up into chunks and moved around. Drop the
namespace now rather than requiring other files to use it.
* net: remove unused set
* net: use the exposed GetNodeSignals() rather than g_signals directly
* net: make Ban/Unban/ClearBan functionality consistent
- Ban/Unban/ClearBan call uiInterface.BannedListChanged() as necessary
- Ban/Unban/ClearBan sync to disk if the operation is user-invoked
- Mark node for disconnection automatically when banning
- Lock cs_vNodes while setting disconnected
- Don't spin in a tight loop while setting disconnected
* net: No need to export DumpBanlist
DumpBanList currently does this:
- with lock: take a copy of the banmap
- perform I/O (write out the banmap)
- with lock: mark the banmap non-dirty
If a new ban is added during the I/O operation, it may never be persisted to
disk.
Reorder operations so that the data to be persisted cannot be older than the
time at which the banmap was marked non-dirty.
* Only store and connect to NODE_NETWORK nodes
* Keep addrman's nService bits consistent with outbound observations
* Verify that outbound connections have expected services
* Don't require services in -addnode
* Introduce enum ServiceFlags for service flags
* Introduce REQUIRED_SERVICES constant
* CAddrDB modified so that when de-serialization code throws an exception Addrman is reset to a clean state
* CAddrDB modified to make unit tests possible
* Regression test created to ensure bug is fixed
* StartNode modifed to clear adrman if CAddrDB::Read returns an error code.
* banlist: update set dirty to be more fine grained
- move the SetBannedSetDirty(false) call from DumpData() into DumpBanlist()
- ensure we only set false, if the write succeeded
* banlist: better handling of banlist in StartNode()
- only start working on/with banlist data, if reading in the banlist from
disk didn't fail
- as CNode::setBannedIsDirty is false (default) when reading fails, we
don't need to explicitly set it to false to prevent writing
banlist.dat in that case either
* banlist: add more banlist infos to log / add GUI signal
- to match the peers.dat handling also supply a debug.log entry for how
many entries were loaded from banlist.dat and how long it took
- add a GUI init message for loading the banlist (same as with peers.dat)
- move the same message for peers.dat upwards in the code, to be able to
reuse the timing variable nStart and also just log, if our read from
peers.dat didn't fail
* banlist (bugfix): allow CNode::SweepBanned() to run on interval
- allows CNode::SweepBanned() to run, even if !CNode::BannedSetIsDirty(),
because if nBanUntil is over we want the ban to be disabled for these
nodes
* log bytes recv/sent per command
* net: Account for `sendheaders` `verack` messages
Looks like these were forgotten in #6589.
* Backport remaining part of Bitcoin PR bitcoin/bitcoin#7181.
Most of this PR is already merged, but a small part remaining
that makes per-command byte counts in CNode working.
Signed-off-by: Oleg Girko <ol@infoserver.lv>
* Few networking fixes:
- skip "masternode"/inbound connections for sync related processes
- do not sync gov data to other nodes until fully synced ourselves
- do not accept incoming connections until fully synced
* inbound connections could be harmful only if our node is a masternode
* same for CGovernanceManager::Sync
* Multi-quorum InstantSend, complete refactoring
+ cleanup for IS and partial protobump
* more changes:
- allow InstantSend tx to have 10 inputs max
- store many unique tx hashes in mapVotedOutpoints
- more checks in AcceptToMemoryPoolWorker (moved from ProcessMessage + CTxLockRequest(tx).IsValid() )
* More changes:
- let multiple lock candidates compete for votes
- fail to vote on the same outpoint twice early
* More changes:
- notify CInstantSend on UpdatedBlockTip -> remove cs_main from CheckAndRemove()
- notify CInstantSend on SyncTransaction -> count expiration block starting from the block corresponding tx was confirmed instead of the block lock candidate/vote was created
- fixed few locks
* add comments about nConfirmedHeight
* Fix "Block vs Lock" edge case
* Fix "Block vs Lock" edge case, p2
* Fix issues:
- fix logic for locking inputs and notifying - see UpdateLockedTransaction, TryToFinalizeLockCandidate
- add missing hash inserting in ProcessTxLockVote
- add nMaxBlocks param to ResolveConflicts to limit max depth allowed to disconnect blocks recursively
- fix false positive mempool conflict
- add missing mutex locks
- fix fRequireUnspent logic in CTxLockRequest::IsValid
- some were not used, some were included twice, some were in the wrong place, some were missing (but it compiled because some were in the wrong place)
- organized a bit better, grouped dash specific includes in original bitcoin files, should save some time solving conflicts when/if merging patches later
86d8505 Refactor CActiveMasternode
+ move strMasterNodeAddr to CActiveMasternode
a005c79 Refactor InstantSend
+ new lock cs_instantsend to protect maps on CleanTransactionLocksList()
+ new DEFAULT_INSTANTSEND_DEPTH constant
+ rename MIN_INSTANTX_PROTO_VERSION to MIN_INSTANTSEND_PROTO_VERSION and bump it
d24182c Refactor Privatesend
+ decouple from util.h and version.h
+ more functions for CDarksendBroadcastTx: constructors, signing, serialization
+ move from rand() to insecure_rand() in general but to GetRand() for session id
+ fix defaults
513506f Fixing AddRef() usage
Using AddRef() in ConnectNode() for existing connections doesn't feel right considering how refs are released in ThreadSocketHandler(). I guess this could be the reason that sometimes refs stay >0 no matter what and nodes stuck in vNodesDisconnected forever which means that node never get deleted and FinalizeNode signal is never fired which in its turn means that for example mapBlocksInFlight can't be cleaned properly and then blocks stuck.
This commit should solve the issue by:
- removing AddRef() for existing connections
- adding AddRef() in CNode's constructor using the same conditions as in ThreadSocketHandler()
- addding AddRef() in ConnectNode() and Release() in ThreadSocketHandler() for mixing nodes
- removing explicit calls to Release() (back to `pnode->fDisconnect = true` in `CMasternodeMan::ProcessMasternodeConnections`)
9da4a83 fix names/comments
487674f Governance object/vote syncing fixes
- disable fCached values
- use two maps for storing votes, by hash and parent-hash/type
- disable part of flatdb.dump (still overwriting)
- fixed govobj/votes relay and sync
15821fe various fixes
- Added const where possible
- Uncommented sync block
- Protocol min 70201
- Fixed bug which flags invalid votes incorrectly
- Formatting
aa8fdd7 fix curly braces
d8e39b1 Fix GetTypeHash bug
- Should not collide based on the outcome
732a8a3 fixed mismatched index for vote map
Previously we used the CInv that would be sent to the peer announcing the
transaction as the key, but using the txid instead allows us to decouple the
p2p layer from the application logic (which relies on this map to avoid
duplicate tx requests).
Github-Pull: #7862
Rebased-From: 7e91f632c7
- Fix CreateTransaction and GetDepthInMainChain for IX compatibility
- Prepare IsIXTXValid for the next update (see FIXME in CreateTransaction)
- Unify processing of TX/IX/DSTX a bit more
- Clean up some code
This corrects a bug the case of tying group size where the code may
fail to select the group with the newest member. Since newest time
is the final selection criteria, failing to break ties on it
on the step before can undermine the final selection.
Tied netgroups are very common.
With automatic tor HS support in place we should probably not be providing
absolute protection for local peers, since HS inbound could be used to
attack pretty easily. Instead, this counts on the latency metric inside
AttemptToEvictConnection to privilege actually local peers.
When running the rpc tests in Wine, nodes often fail to listen on localhost
due to a stale socket from a previous run. This aligns the behavior with other
platforms.
We used to have a trickle node, a node which was chosen in each iteration of
the send loop that was privileged and allowed to send out queued up non-time
critical messages. Since the removal of the fixed sleeps in the network code,
this resulted in fast and attackable treatment of such broadcasts.
This pull request changes the 3 remaining trickle use cases by random delays:
* Local address broadcast (while also removing the the wiping of the seen filter)
* Address relay
* Inv relay (for transactions; blocks are always relayed immediately)
The code is based on older commits by Patrick Strateman.
Github-Pull: #7125
Rebased-From: 5400ef6bcb
- Avoids string typos (by making the compiler check)
- Makes it easier to grep for handling/generation of a certain message type
- Refer directly to documentation by following the symbol in IDE
- Move list of valid message types to protocol.cpp:
protocol.cpp is a more appropriate place for this, and having
the array there makes it easier to keep things consistent.
Github-Pull: #7181
Rebased-From: 9bbe71b641
ebb25f4 Limit setAskFor and retire requested entries only when a getdata returns. (Gregory Maxwell)
5029698 prevent peer flooding request queue for an inv (kazcw)
The setAskFor duplicate elimination was too eager and removed entries
when we still had no getdata response, allowing the peer to keep
INVing and not responding.
mapAlreadyAskedFor does not keep track of which peer has a request queued for a
particular tx. As a result, a peer can blind a node to a tx indefinitely by
sending many invs for the same tx, and then never replying to getdatas for it.
Each inv received will be placed 2 minutes farther back in mapAlreadyAskedFor,
so a short message containing 10 invs would render that tx unavailable for 20
minutes.
This is fixed by disallowing a peer from having more than one entry for a
particular inv in mapAlreadyAskedFor at a time.
- Force AUTHCOOKIE size to be 32 bytes: This provides protection against
an attack where a process pretends to be Tor and uses the cookie
authentication method to nab arbitrary files such as the
wallet
- torcontrol logging
- fix cookie auth
- add HASHEDPASSWORD auth, fix fd leak when fwrite() fails
- better error reporting when cookie file is not ok
- better init/shutdown flow
- stop advertizing service when disconnected from tor control port
- COOKIE->SAFECOOKIE auth
Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket
API, to create and destroy 'ephemeral' hidden services programmatically.
https://stem.torproject.org/api/control.html#stem.control.Controller.create_ephemeral_hidden_service
This means that if Tor is running (and proper authorization is available),
bitcoin automatically creates a hidden service to listen on, without user
manual configuration. This will positively affect the number of available
.onion nodes.
- When the node is started, connect to Tor through control socket
- Send `ADD_ONION` command
- First time:
- Make it create a hidden service key
- Save the key in the data directory for later usage
- Make it redirect port 8333 to the local port 8333 (or whatever port we're listening on).
- Keep control socket connection open for as long node is running. The hidden service will
(by default) automatically go away when the connection is closed.
* -maxuploadtarget can be set in MiB
* if <limit> - ( time-left-in-24h-cycle / 600 * MAX_BLOCK_SIZE ) has reach, stop serve blocks older than one week and filtered blocks
* no action if limit has reached, no guarantee that the target will not be surpassed
* add outbound limit informations to rpc getnettotals
Nagle appears to be a significant contributor to latency now that the static
sleeps are gone. Most of our messages are relatively large compared to
IP + TCP so I do not expect this to create enormous overhead.
This may also reduce traffic burstyness somewhat.
`nMinPingUsecTime` was left uninitialized in CNode.
The correct initialization for a minimum-until-now is int64_t's max value, so initialize it to that.
Thanks @MarcoFalke for noticing.
027de94 Use network group instead of CNetAddr in final pass to select node to disconnect (Patrick Strateman)
000c18a Fix comment (Patrick Strateman)
fed3094 Acquire cs_vNodes before changing refrence counts (Patrick Strateman)
69ee1aa CNodeRef copy constructor and assignment operator (Patrick Strateman)
dc81dd0 Return false early if vEvictionCandidates is empty (Patrick Strateman)
17f3533 Better support for nodes with non-standard nMaxConnections (Patrick Strateman)
1317cd1 RAII wrapper for CNode* (Patrick Strateman)
df23937 Add comments to AttemptToEvictConnection (Patrick Strateman)
a8f6e45 Remove redundant whiteconnections option (Patrick Strateman)
b105ba3 Prefer to disconnect peers in favor of whitelisted peers (Patrick Strateman)
2c70153 AttemptToEvictConnection (Patrick Strateman)
4bac601 Record nMinPingUsecTime (Patrick Strateman)
ae037b7 Refactor: Move failure conditions to the top of AcceptConnection (Patrick Strateman)
1ef4817 Refactor: Bail early in AcceptConnection (Patrick Strateman)
541a1dd Refactor: AcceptConnection (Patrick Strateman)
When running the rpc tests in Wine, nodes often fail to listen on localhost
due to a stale socket from a previous run. This aligns the behavior with other
platforms.
7b79cbd limit total length of user agent comments (Pavol Rusnak)
557f8ea implement uacomment config parameter which can add comments to user agent as per BIP-0014 (Pavol Rusnak)
While CBloomFilter is usually used with an explicitly set nTweak,
CRollingBloomFilter is only used internally. Requiring every caller to
set nTweak is error-prone and redundant; better to have the class handle
that for you with a high-quality randomness source.
Additionally when clearing the filter it makes sense to change nTweak as
well to recover from a bad setting, e.g. due to insufficient randomness
at initialization, so the clear() method is replaced by a reset() method
that sets a new, random, nTweak value.
a794284 locking: add a quick example of GUARDED_BY (Cory Fields)
2b890dd locking: fix a few small issues uncovered by -Wthread-safety (Cory Fields)
cd27bba locking: teach Clang's -Wthread-safety to cope with our scoped lock macros (Cory Fields)
Submissions to the network now require a fee to be paid to the network (mining fee) using a special transaction with a OP_RETURN && ProposalHash in one of the outputs. This allows the network to filter spam quickly, while also allowing anyone to submit a proposal to the network.
To implement these changes we've introduced a few new commands:
mnbudget prepare PROPOSAL-NAME URL PAYMENT_COUNT BLOCK_START DASH_ADDRESS DASH_AMOUNT YES|NO|ABSTAIN [USE_IX(TRUE|FALSE)]
- To create the special transaction
mnbudget submit PROPOSAL-NAME URL PAYMENT_COUNT BLOCK_START DASH_ADDRESS DASH_AMOUNT YES|NO|ABSTAIN FEE_TX
- After the transaction is accepted by the network and has 3 confirmations, you can submit the transaction to the network here
mnbudget show
- Get the proposal hash from here
mnbudget vote PROPOSAL-HASH YES|NO|ABSTAIN
- You can now simply vote by hash using this command
- rpcwallet: No need to lock twice here
- openssl: Clang doesn't understand selective lock/unlock here. Ignore it.
- CNode: Fix a legitimate (though very unlikely) locking bug.
This sets aside a number of connection slots for whitelisted peers,
useful for ensuring your local users and miners can always get in,
even if your limit on inbound connections has already been reached.
- Added commands for using budgets "mnbudget" and "mnfinalbudget"
- Supports 100% decentralized budget control and view-only site with json meta data object
Use a probabilistic bloom filter to keep track of which addresses
we think we have given our peers, instead of a list.
This uses much less memory, at the cost of sometimes failing to
relay an address to a peer-- worst case if the bloom filter happens
to be as full as it gets, 1-in-1,000.
Measured memory usage of a full mruset setAddrKnown: 650Kbytes
Constant memory usage of CRollingBloomFilter addrKnown: 37Kbytes.
This will also help heap fragmentation, because the 37K of storage
is allocated when a CNode is created (when a connection to a peer
is established) and then there is no per-item-remembered memory
allocation.
I plan on testing by restarting a full node with an empty peers.dat,
running a while with -debug=addrman and -debug=net, and making sure
that the 'addr' message traffic out is reasonable.
(suggestions for better tests welcome)
1d21ba2 Scale up addrman (Pieter Wuille)
c6a63ce Always use a 50% chance to choose between tried and new entries (Pieter Wuille)
f68ba3f Do not bias outgoing connections towards fresh addresses (Pieter Wuille)
a8ff7c6 Simplify hashing code (Pieter Wuille)
e6b343d Make addrman's bucket placement deterministic. (Pieter Wuille)
b23add5 Switch addrman key from vector to uint256 (Pieter Wuille)
This change was suggested as Countermeasure 2 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.
Normally bitcoin core does not display any network originated strings without
sanitizing or hex encoding. This wasn't done for strcommand in many places.
This could be used to play havoc with a terminal displaying the logs,
especially with printtoconsole in use.
Thanks to Evil-Knievel for reporting this issue.
Conflicts:
src/main.cpp
Normally bitcoin core does not display any network originated strings without
sanitizing or hex encoding. This wasn't done for strcommand in many places.
This could be used to play havoc with a terminal displaying the logs,
especially with printtoconsole in use.
Thanks to Evil-Knievel for reporting this issue.
856e862 namespace: drop most boost namespaces and a few header cleanups (Cory Fields)
9b1ab86 namespace: drop boost::assign altogether here (Cory Fields)
a324199 namespace: remove boost namespace pollution (Cory Fields)
- Made masternodes/darksend compatible with regression testing mode (a local-only blockchain that doesn't require mining). Developers can now test multiple rounds in a few minutes without waiting on mining (much faster).
- Added dsee security verification to v11
- darkSendMasternodes -> vecMasternodes (must clearer)
This avoids connecting to them again too soon in ThreadOpenConnections.
Make an exception for connection failures to the proxy as these
shouldn't affect the status of specific nodes.
This is a simplified re-do of closed pull #3088.
This patch eliminates the privacy and reliability problematic use
of centralized web services for discovering the node's addresses
for advertisement.
The Bitcoin protocol already allows your peers to tell you what
IP they think you have, but this data isn't trustworthy since
they could lie. So the challenge is using it without creating a
DOS vector.
To accomplish this we adopt an approach similar to the one used
by P2Pool: If we're announcing and don't have a better address
discovered (e.g. via UPNP) or configured we just announce to
each peer the address that peer told us. Since peers could
already replace, forge, or drop our address messages this cannot
create a new vulnerability... but if even one of our peers is
giving us a good address we'll eventually make a useful
advertisement.
We also may randomly use the peer-provided address for the
daily rebroadcast even if we otherwise have a seemingly routable
address, just in case we've been misconfigured (e.g. by UPNP).
To avoid privacy problems, we only do these things if discovery
is enabled.
Many changes:
* Do not use 'getblocks', but 'getheaders', and use it to build a headers tree.
* Blocks are fetched in parallel from all available outbound peers, using a
limited moving window. When one peer stalls the movement of the window, it is
disconnected.
* No more orphan blocks. At all. We only ever request a block for which we have
verified the headers, and store it to disk immediately. This means that a
disk-fill attack would require PoW.
* Require protocol version 31800 for every peer (released in december 2010).
* No more syncnode (we sync from everyone we can, though limited to 1 during
initial *headers* sync).
* Introduce some extra named constants, comments and asserts.
Avoids that SOCKS5 negotiation will hold up the shutdown process.
- Sockets can stay in non-blocking mode, no need to switch it on/off
anymore
- Adds a timeout (20 seconds) on SOCK5 negotiation. This should be
enough for even Tor to get a connection to a hidden service, and
avoids blocking the opencon thread indefinitely on a hanging proxy.
Fixes#2954.
Split up util.cpp/h into:
- string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach)
- money utilities (parsesmoney, formatmoney)
- time utilities (gettime*, sleep, format date):
- and the rest (logging, argument parsing, config file parsing)
The latter is basically the environment and OS handling,
and is stripped of all utility functions, so we may want to
rename it to something else than util.cpp/h for clarity (Matt suggested
osinterface).
Breaks dependency of sha256.cpp on all the things pulled in by util.
Fixes#4679.
This leaves us with only one candidate, checkip.dyndns.org.
GetMyExternalIP should be phased out as soon as possible.
Rebased-From: c33b983
aa82795 Add detailed network info to getnetworkinfo RPC (Wladimir J. van der Laan)
075cf49 Add GetNetworkName function (Wladimir J. van der Laan)
c91a947 Add IsReachable(net) function (Wladimir J. van der Laan)
60dc8e4 Allow -onlynet=onion to be used (Wladimir J. van der Laan)
- the call to CloseSocket() is placed after the WSAGetLastError(), because
a CloseSocket() can trigger an error also, which we don't want for the
logging in this two cases
Simpler alternative to #4348.
The current setup with closesocket() is strange. It poses
as a compatibility wrapper but adds functionality.
Rename it and make it a documented utility function in netbase.
Code movement only, zero effect on the functionality.
4eedf4f make RandAddSeed() use OPENSSL_cleanse() (Philip Kaufmann)
6354935 move rand functions from util to new random.h/.cpp (Philip Kaufmann)
001a53d add GetRandBytes() as wrapper for RAND_bytes() (Philip Kaufmann)
This adds a -whitelist option to specify subnet ranges from which peers
that connect are whitelisted. In addition, there is a -whitebind option
which works like -bind, except peers connecting to it are also
whitelisted (allowing a separate listen port for trusted connections).
Being whitelisted has two effects (for now):
* They are immune to DoS disconnection/banning.
* Transactions they broadcast (which are valid) are always relayed,
even if they were already in the mempool. This means that a node
can function as a gateway for a local network, and that rebroadcasts
from the local network will work as expected.
Whitelisting replaces the magic exemption localhost had for DoS
disconnection (local addresses are still never banned, though), which
implied hidden service connects (from a localhost Tor node) were
incorrectly immune to DoS disconnection as well. This old
behaviour is removed for that reason, but can be restored using
-whitelist=127.0.0.1 or -whitelist=::1 can be specified. -whitebind
is safer to use in case non-trusted localhost connections are expected
(like hidden services).
- add a small wrapper in util around RAND_bytes() and replace with
GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
- SO_NOSIGPIPE isn't available on WIN32 so merge the 2 non-WIN32 blocks
- use predefined names from header for IPV6_PROTECTION_LEVEL and
PROTECTION_LEVEL_UNRESTRICTED
bitcoin-config.h moved, but the old file is likely to still exist when
reconfiguring or switching branches. This would've caused files to not rebuild
correctly, and other strange problems.
Make the path explicit so that the old one cannot be found.
Core libs use config/bitcoin-config.h.
Libs (like crypto) which don't want access to bitcoin's headers continue
to use -Iconfig and #include bitcoin-config.h.
- remove an unneded else in ConnectNode()
- make 0 a double and change to 0.0 in ConnectNode()
- rename strDest to pszDest in OpenNetworkConnection()
- remove an unneded call to our REF() macro in BindListenPort()
- small style cleanups and removal of unneeded new-lines
... instead of after 30 minutes of no sending, for latency measurement
and keep-alive. Also, disconnect if no reply arrives within 20 minutes,
instead of 90 of inactivity (for peers supporting the 'pong' message).
NodeSyncScore() should find the node which we recv data most recently, so put a negative sign to pnode->nLastRecv is indeed wrong.
Also change the return value type to int64_t.
Signed-off-by: Huang Le <4tarhl@gmail.com>
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
Rebased-From: 09a54a6
NodeSyncScore() should find the node which we recv data most recently, so put a negative sign to pnode->nLastRecv is indeed wrong.
Also change the return value type to int64_t.
Signed-off-by: Huang Le <4tarhl@gmail.com>
Log the name of the error as well as the error code if a network problem
happens. This makes network troubleshooting more convenient.
Use thread-safe strerror_r and the WIN32 equivalent FormatMessage.
Conflicts:
src/netbase.cpp
Rebased-By: Wladimir van der Laan <laanwj@gmail.com>
Rebased-From: a60838d
Log the name of the error as well as the error code if a network problem
happens. This makes network troubleshooting more convenient.
Use thread-safe strerror_r and the WIN32 equivalent FormatMessage.
Adds two new info query commands that take over information from
hodge-podge `getinfo`.
Also some new information is added:
- `getblockchaininfo`
- `chain`: (string) current chain (main, testnet3, regtest)
- `verificationprogress: (numeric) estimated verification progress
- `chainwork`
- `getnetworkinfo`
- `localaddresses`: (array) local addresses, from mapLocalHost (fixes#1734)
The year is 2014. All supported operating systems have IPv6 support,
most certainly at build time (this doesn't mean that IPv6 is configured,
of course).
If noone is exercising the functionality to disable it, that means it
doesn't get tested, and IMO it's better to get rid of it.
(it's also not used consistently in RPC/boost and Net code...)
When we are over our outbound limit ThreadSocketHandler would try to
keep the connection if the peer was addnoded.
This didn't actually work for two reasons: It didn't actually run
the accept code due to mistaken code flow, and because we have a
limited number of outbound semaphores it couldn't actually use the
connection.
Instead it leaked the socket, which might have caused issue #4034.
This patch just takes out the non-functioning white-listing for now.
When bitcoind can't bind, bitcoin server (or Bitcoin Core Daemon) is probably already running. Add the missing word "server". Bitcoin itself is definitely running ;-)
Add _(...) so the string can be localized.
I apologize for such trivial changes, learning github interface.
Amend to d5f1e72. It turns out that BerkelyDB was including inttypes.h
indirectly, so we cannot fix this with just macros.
Trivial commit: apply the following script to all .cpp and .h files:
# Middle
sed -i 's/"PRIx64"/x/g' "$1"
sed -i 's/"PRIu64"/u/g' "$1"
sed -i 's/"PRId64"/d/g' "$1"
# Initial
sed -i 's/PRIx64"/"x/g' "$1"
sed -i 's/PRIu64"/"u/g' "$1"
sed -i 's/PRId64"/"d/g' "$1"
# Trailing
sed -i 's/"PRIx64/x"/g' "$1"
sed -i 's/"PRIu64/u"/g' "$1"
sed -i 's/"PRId64/d"/g' "$1"
After this commit, `git grep` for PRI.64 should turn up nothing except
the defines in util.h.
contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does.
After the tinyformat switch sprintf() family functions support passing
actual std::string objects.
Remove unnecessary c_str calls (236 of them) in logging and formatting.
This was a leftover from the times in which
peers.dat depended in BDB.
Other functions in db.cpp still depend on BerkelyDB,
to be able to compile without BDB this (small)
functionality needs to be moved to another file.
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
The existing CNode::addrLocal member is revealed to the user,
as an address string, similar to the existing "addr" field.
Instead of showing garbage or empty string,
it simply will not appear in the output if local address not known yet.
New RPC "ping" command to request ping.
Implemented "pong" message handler.
New "pingtime" field in getpeerinfo, to provide results to user.
New "pingwait" field, to show pings still in flight, to better see newly lagging peers.
- fixes src\net.cpp:1601: Error:invalid conversion from 'void*' to
'const char*' [-fpermissive] in a setsockopt() call on Win32 that was
found by using MinGW 4.8.1 compiler suite
The new class is accessed via the Params() method and holds
most things that vary between main, test and regtest networks.
The regtest mode has two purposes, one is to run the
bitcoind/bitcoinj comparison tool which compares two separate
implementations of the Bitcoin protocol looking for divergence.
The other is that when run, you get a local node which can mine
a single block instantly, which is highly convenient for testing
apps during development as there's no need to wait 10 minutes for
a block on the testnet.
- removes our NewThread() function an replaces remaining calls with
boost::thread with our TraceThread template
- remove ExitThread() function
- fix THREAD_PRIORITY_ABOVE_NORMAL for non Windows OSes
Added explicit include of main.h in init.cpp, changed include of init.h to include of main.h in net.cpp.
Added function registration for net.cpp in init.cpp's network initialization.
Removed protocol.cpp's dependency on main.h.
TODO: Remove main.h include in net.cpp.
Instead of killing a connection when the receive buffer overflows,
just temporarily halt receiving before that happens. Also, no
matter what, always allow at least one full message in the receive
buffer (otherwise blocks larger than the configured buffer size
would pause indefinitely).
This introduces the concept of the 'sync node', which is the one we
asked for missing blocks. In case the sync node goes away, a new one
will be selected.
For now, the heuristic is very simple, but it can easily be extended
later to add better policies.
It seems there were two mechanisms for assessing whether a CNode
was still in use: a refcount and a release timestamp. The latter
seems to have been there for a long time, as a safety mechanism.
However, this timer also keeps CNode objects alive for far longer
than necessary after disconnects, potentially opening up a DoS
window.
This commit removes the timestamp-based mechanism, and replaces
it with an assert(nRefCount >= 0), to verify that the refcounting
is indeed correctly working.
