diff --git a/src/net_processing.cpp b/src/net_processing.cpp --- a/src/net_processing.cpp +++ b/src/net_processing.cpp @@ -2679,6 +2679,15 @@ connman.PushMessage(&peer, std::move(msg)); } +bool IsAvalancheMessageType(const std::string &msg_type) { + if (msg_type == NetMsgType::AVAHELLO || msg_type == NetMsgType::AVAPOLL || + msg_type == NetMsgType::AVARESPONSE || + msg_type == NetMsgType::AVAPROOF) { + return true; + } + return false; +} + void PeerManager::ProcessMessage(const Config &config, CNode &pfrom, const std::string &msg_type, CDataStream &vRecv, @@ -2703,6 +2712,29 @@ return; } + if (IsAvalancheMessageType(msg_type)) { + if (!g_avalanche) { + LogPrint(BCLog::NET, + "Avalanche is not initialized, ignoring %s message\n", + msg_type); + return; + } + + // Discourage avalanche messages if the service flag is not set. + if (!gArgs.GetBoolArg("-enableavalanche", AVALANCHE_DEFAULT_ENABLED)) { + Misbehaving(pfrom, 20, "unsolicited-" + msg_type); + return; + } + // Ignore avalanche requests while importing + if ((msg_type == NetMsgType::AVAPOLL || + msg_type == NetMsgType::AVARESPONSE) && + (fImporting || fReindex)) { + LogPrint(BCLog::NET, "Ignoring %s message while importing\n", + msg_type); + return; + } + } + if (msg_type == NetMsgType::VERSION) { // Each connection can only send one version message if (pfrom.nVersion != 0) { @@ -3969,11 +4001,7 @@ return; } - if (msg_type == NetMsgType::AVAHELLO && g_avalanche) { - if (!gArgs.GetBoolArg("-enableavalanche", AVALANCHE_DEFAULT_ENABLED)) { - Misbehaving(pfrom, 20, "unsolicited-avahello"); - return; - } + if (msg_type == NetMsgType::AVAHELLO) { if (!pfrom.m_avalanche_state) { pfrom.m_avalanche_state = std::make_unique(); } @@ -3994,7 +4022,7 @@ msgMaker.Make(NetMsgType::GETDATA, vGetData)); } - if (msg_type == NetMsgType::AVAPROOF && g_avalanche) { + if (msg_type == NetMsgType::AVAPROOF) { // Read the proof. avalanche::Proof proof; vRecv >> proof; @@ -4033,13 +4061,7 @@ } } - // Ignore avalanche requests while importing - if (msg_type == NetMsgType::AVAPOLL && !fImporting && !fReindex && - g_avalanche) { - if (!gArgs.GetBoolArg("-enableavalanche", AVALANCHE_DEFAULT_ENABLED)) { - Misbehaving(pfrom, 20, "unsolicited-avapoll"); - return; - } + if (msg_type == NetMsgType::AVAPOLL) { auto now = std::chrono::steady_clock::now(); int64_t cooldown = gArgs.GetArg("-avacooldown", AVALANCHE_DEFAULT_COOLDOWN); @@ -4146,13 +4168,7 @@ return; } - // Ignore avalanche requests while importing - if (msg_type == NetMsgType::AVARESPONSE && !fImporting && !fReindex && - g_avalanche) { - if (!gArgs.GetBoolArg("-enableavalanche", AVALANCHE_DEFAULT_ENABLED)) { - Misbehaving(pfrom, 20, "unsolicited-avaresponse"); - return; - } + if (msg_type == NetMsgType::AVARESPONSE) { // As long as QUIC is not implemented, we need to sign response and // verify response's signatures in order to avoid any manipulation of // messages at the transport level. diff --git a/test/functional/p2p_invalid_messages.py b/test/functional/p2p_invalid_messages.py --- a/test/functional/p2p_invalid_messages.py +++ b/test/functional/p2p_invalid_messages.py @@ -13,6 +13,7 @@ msg_avahello, msg_avapoll, msg_avaresponse, + msg_avaproof, msg_getdata, msg_headers, msg_inv, @@ -372,6 +373,10 @@ ['Misbehaving', 'peer=9 (40 -> 60): unsolicited-avaresponse']): msg = msg_avaresponse() conn.send_and_ping(msg) + with self.nodes[0].assert_debug_log( + ['Misbehaving', 'peer=9 (60 -> 80): unsolicited-avaproof']): + msg = msg_avaproof() + conn.send_and_ping(msg) self.nodes[0].disconnect_p2ps() def _tweak_msg_data_size(self, message, wrong_size):