diff --git a/src/i2p.cpp b/src/i2p.cpp index f66aa2e96..0eecae143 100644 --- a/src/i2p.cpp +++ b/src/i2p.cpp @@ -1,413 +1,415 @@ // Copyright (c) 2020-2020 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include +#include #include #include namespace i2p { /** * Swap Standard Base64 <-> I2P Base64. * Standard Base64 uses `+` and `/` as last two characters of its alphabet. * I2P Base64 uses `-` and `~` respectively. * So it is easy to detect in which one is the input and convert to the other. * @param[in] from Input to convert. * @return converted `from` */ static std::string SwapBase64(const std::string &from) { std::string to; to.resize(from.size()); for (size_t i = 0; i < from.size(); ++i) { switch (from[i]) { case '-': to[i] = '+'; break; case '~': to[i] = '/'; break; case '+': to[i] = '-'; break; case '/': to[i] = '~'; break; default: to[i] = from[i]; break; } } return to; } /** * Decode an I2P-style Base64 string. * @param[in] i2p_b64 I2P-style Base64 string. * @return decoded `i2p_b64` * @throw std::runtime_error if decoding fails */ static Binary DecodeI2PBase64(const std::string &i2p_b64) { const std::string &std_b64 = SwapBase64(i2p_b64); bool invalid; Binary decoded = DecodeBase64(std_b64.c_str(), &invalid); if (invalid) { throw std::runtime_error( strprintf("Cannot decode Base64: \"%s\"", i2p_b64)); } return decoded; } /** * Derive the .b32.i2p address of an I2P destination (binary). * @param[in] dest I2P destination. * @return the address that corresponds to `dest` * @throw std::runtime_error if conversion fails */ static CNetAddr DestBinToAddr(const Binary &dest) { CSHA256 hasher; hasher.Write(dest.data(), dest.size()); uint8_t hash[CSHA256::OUTPUT_SIZE]; hasher.Finalize(hash); CNetAddr addr; const std::string addr_str = EncodeBase32(hash, false) + ".b32.i2p"; if (!addr.SetSpecial(addr_str)) { throw std::runtime_error( strprintf("Cannot parse I2P address: \"%s\"", addr_str)); } return addr; } /** * Derive the .b32.i2p address of an I2P destination (I2P-style Base64). * @param[in] dest I2P destination. * @return the address that corresponds to `dest` * @throw std::runtime_error if conversion fails */ static CNetAddr DestB64ToAddr(const std::string &dest) { const Binary &decoded = DecodeI2PBase64(dest); return DestBinToAddr(decoded); } namespace sam { Session::Session(const fs::path &private_key_file, const CService &control_host, CThreadInterrupt *interrupt) : m_private_key_file(private_key_file), m_control_host(control_host), - m_interrupt(interrupt) {} + m_interrupt(interrupt), + m_control_sock(std::make_unique(INVALID_SOCKET)) {} Session::~Session() { LOCK(m_mutex); Disconnect(); } bool Session::Listen(Connection &conn) { try { LOCK(m_mutex); CreateIfNotCreatedAlready(); conn.me = m_my_addr; conn.sock = StreamAccept(); return true; } catch (const std::runtime_error &e) { Log("Error listening: %s", e.what()); CheckControlSock(); } return false; } bool Session::Accept(Connection &conn) { try { while (!*m_interrupt) { Sock::Event occurred; - conn.sock.Wait(MAX_WAIT_FOR_IO, Sock::RECV, &occurred); + conn.sock->Wait(MAX_WAIT_FOR_IO, Sock::RECV, &occurred); if ((occurred & Sock::RECV) == 0) { // Timeout, no incoming connections within MAX_WAIT_FOR_IO. continue; } - const std::string &peer_dest = conn.sock.RecvUntilTerminator( + const std::string &peer_dest = conn.sock->RecvUntilTerminator( '\n', MAX_WAIT_FOR_IO, *m_interrupt, MAX_MSG_SIZE); conn.peer = CService(DestB64ToAddr(peer_dest), Params().GetDefaultPort()); return true; } } catch (const std::runtime_error &e) { Log("Error accepting: %s", e.what()); CheckControlSock(); } return false; } bool Session::Connect(const CService &to, Connection &conn, bool &proxy_error) { proxy_error = true; std::string session_id; - Sock sock; + std::unique_ptr sock; conn.peer = to; try { { LOCK(m_mutex); CreateIfNotCreatedAlready(); session_id = m_session_id; conn.me = m_my_addr; sock = Hello(); } const Reply &lookup_reply = SendRequestAndGetReply( - sock, strprintf("NAMING LOOKUP NAME=%s", to.ToStringIP())); + *sock, strprintf("NAMING LOOKUP NAME=%s", to.ToStringIP())); const std::string &dest = lookup_reply.Get("VALUE"); const Reply &connect_reply = SendRequestAndGetReply( - sock, + *sock, strprintf("STREAM CONNECT ID=%s DESTINATION=%s SILENT=false", session_id, dest), false); const std::string &result = connect_reply.Get("RESULT"); if (result == "OK") { conn.sock = std::move(sock); return true; } if (result == "INVALID_ID") { LOCK(m_mutex); Disconnect(); throw std::runtime_error("Invalid session id"); } if (result == "CANT_REACH_PEER" || result == "TIMEOUT") { proxy_error = false; } throw std::runtime_error(strprintf("\"%s\"", connect_reply.full)); } catch (const std::runtime_error &e) { Log("Error connecting to %s: %s", to.ToString(), e.what()); CheckControlSock(); return false; } } // Private methods std::string Session::Reply::Get(const std::string &key) const { const auto &pos = keys.find(key); if (pos == keys.end() || !pos->second.has_value()) { throw std::runtime_error( strprintf("Missing %s= in the reply to \"%s\": \"%s\"", key, request, full)); } return pos->second.value(); } template void Session::Log(const std::string &fmt, const Args &... args) const { LogPrint(BCLog::I2P, "I2P: %s\n", tfm::format(fmt, args...)); } Session::Reply Session::SendRequestAndGetReply(const Sock &sock, const std::string &request, bool check_result_ok) const { sock.SendComplete(request + "\n", MAX_WAIT_FOR_IO, *m_interrupt); Reply reply; // Don't log the full "SESSION CREATE ..." because it contains our // private key. reply.request = request.substr(0, 14) == "SESSION CREATE" ? "SESSION CREATE ..." : request; // It could take a few minutes for the I2P router to reply as it is // querying the I2P network (when doing name lookup, for example). // Notice: `RecvUntilTerminator()` is checking `m_interrupt` more often, // so we would not be stuck here for long if `m_interrupt` is signaled. static constexpr auto recv_timeout = 3min; reply.full = sock.RecvUntilTerminator('\n', recv_timeout, *m_interrupt, MAX_MSG_SIZE); for (const auto &kv : spanparsing::Split(reply.full, ' ')) { const auto &pos = std::find(kv.begin(), kv.end(), '='); if (pos != kv.end()) { reply.keys.emplace(std::string{kv.begin(), pos}, std::string{pos + 1, kv.end()}); } else { reply.keys.emplace(std::string{kv.begin(), kv.end()}, std::nullopt); } } if (check_result_ok && reply.Get("RESULT") != "OK") { throw std::runtime_error(strprintf( "Unexpected reply to \"%s\": \"%s\"", request, reply.full)); } return reply; } - Sock Session::Hello() const { + std::unique_ptr Session::Hello() const { auto sock = CreateSock(m_control_host); if (!sock) { throw std::runtime_error("Cannot create socket"); } - if (!ConnectSocketDirectly(m_control_host, sock->Get(), nConnectTimeout, + if (!ConnectSocketDirectly(m_control_host, *sock, nConnectTimeout, true)) { throw std::runtime_error( strprintf("Cannot connect to %s", m_control_host.ToString())); } SendRequestAndGetReply(*sock, "HELLO VERSION MIN=3.1 MAX=3.1"); - return std::move(*sock); + return sock; } void Session::CheckControlSock() { LOCK(m_mutex); std::string errmsg; - if (!m_control_sock.IsConnected(errmsg)) { + if (!m_control_sock->IsConnected(errmsg)) { Log("Control socket error: %s", errmsg); Disconnect(); } } void Session::DestGenerate(const Sock &sock) { // https://geti2p.net/spec/common-structures#key-certificates // "7" or "EdDSA_SHA512_Ed25519" - "Recent Router Identities and // Destinations". Use "7" because i2pd <2.24.0 does not recognize the // textual form. const Reply &reply = SendRequestAndGetReply( sock, "DEST GENERATE SIGNATURE_TYPE=7", false); m_private_key = DecodeI2PBase64(reply.Get("PRIV")); } void Session::GenerateAndSavePrivateKey(const Sock &sock) { DestGenerate(sock); // umask is set to 077 in init.cpp, which is ok (unless -sysperms is // given) if (!WriteBinaryFile( m_private_key_file, std::string(m_private_key.begin(), m_private_key.end()))) { throw std::runtime_error( strprintf("Cannot save I2P private key to %s", fs::quoted(fs::PathToString(m_private_key_file)))); } } Binary Session::MyDestination() const { // From https://geti2p.net/spec/common-structures#destination: // "They are 387 bytes plus the certificate length specified at bytes // 385-386, which may be non-zero" static constexpr size_t DEST_LEN_BASE = 387; static constexpr size_t CERT_LEN_POS = 385; uint16_t cert_len; memcpy(&cert_len, &m_private_key.at(CERT_LEN_POS), sizeof(cert_len)); cert_len = be16toh(cert_len); const size_t dest_len = DEST_LEN_BASE + cert_len; return Binary{m_private_key.begin(), m_private_key.begin() + dest_len}; } void Session::CreateIfNotCreatedAlready() { std::string errmsg; - if (m_control_sock.IsConnected(errmsg)) { + if (m_control_sock->IsConnected(errmsg)) { return; } Log("Creating SAM session with %s", m_control_host.ToString()); - Sock sock = Hello(); + auto sock = Hello(); const auto &[read_ok, data] = ReadBinaryFile(m_private_key_file); if (read_ok) { m_private_key.assign(data.begin(), data.end()); } else { - GenerateAndSavePrivateKey(sock); + GenerateAndSavePrivateKey(*sock); } const std::string &session_id = GetRandHash().GetHex().substr( 0, 10); // full is an overkill, too verbose in the logs const std::string &private_key_b64 = SwapBase64(EncodeBase64(m_private_key)); SendRequestAndGetReply( - sock, strprintf("SESSION CREATE STYLE=STREAM ID=%s DESTINATION=%s", - session_id, private_key_b64)); + *sock, strprintf("SESSION CREATE STYLE=STREAM ID=%s DESTINATION=%s", + session_id, private_key_b64)); m_my_addr = CService(DestBinToAddr(MyDestination()), Params().GetDefaultPort()); m_session_id = session_id; m_control_sock = std::move(sock); LogPrintf("I2P: SAM session created: session id=%s, my address=%s\n", m_session_id, m_my_addr.ToString()); } - Sock Session::StreamAccept() { - Sock sock = Hello(); + std::unique_ptr Session::StreamAccept() { + auto sock = Hello(); const Reply &reply = SendRequestAndGetReply( - sock, strprintf("STREAM ACCEPT ID=%s SILENT=false", m_session_id), + *sock, strprintf("STREAM ACCEPT ID=%s SILENT=false", m_session_id), false); const std::string &result = reply.Get("RESULT"); if (result == "OK") { return sock; } if (result == "INVALID_ID") { // If our session id is invalid, then force session re-creation on // next usage. Disconnect(); } throw std::runtime_error(strprintf("\"%s\"", reply.full)); } void Session::Disconnect() { - if (m_control_sock.Get() != INVALID_SOCKET) { + if (m_control_sock->Get() != INVALID_SOCKET) { if (m_session_id.empty()) { Log("Destroying incomplete session"); } else { Log("Destroying session %s", m_session_id); } } - m_control_sock.Reset(); + m_control_sock->Reset(); m_session_id.clear(); } } // namespace sam } // namespace i2p diff --git a/src/i2p.h b/src/i2p.h index d1de9fa2b..5c39f946f 100644 --- a/src/i2p.h +++ b/src/i2p.h @@ -1,282 +1,283 @@ // Copyright (c) 2020-2020 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef BITCOIN_I2P_H #define BITCOIN_I2P_H #include #include #include #include #include #include +#include #include #include #include #include namespace i2p { /** * Binary data. */ using Binary = std::vector; /** * An established connection with another peer. */ struct Connection { /** Connected socket. */ - Sock sock; + std::unique_ptr sock; /** Our I2P address. */ CService me; /** The peer's I2P address. */ CService peer; }; namespace sam { /** * The maximum size of an incoming message from the I2P SAM proxy (in * bytes). Used to avoid a runaway proxy from sending us an "unlimited" * amount of data without a terminator. The longest known message is ~1400 * bytes, so this is high enough not to be triggered during normal * operation, yet low enough to avoid a malicious proxy from filling our * memory. */ static constexpr size_t MAX_MSG_SIZE{65536}; /** * I2P SAM session. */ class Session { public: /** * Construct a session. This will not initiate any IO, the session will * be lazily created later when first used. * @param[in] private_key_file Path to a private key file. If the file * does not exist then the private key will be generated and saved into * the file. * @param[in] control_host Location of the SAM proxy. * @param[in,out] interrupt If this is signaled then all operations are * canceled as soon as possible and executing methods throw an * exception. Notice: only a pointer to the `CThreadInterrupt` object is * saved, so it must not be destroyed earlier than this `Session` * object. */ Session(const fs::path &private_key_file, const CService &control_host, CThreadInterrupt *interrupt); /** * Destroy the session, closing the internally used sockets. The sockets * that have been returned by `Accept()` or `Connect()` will not be * closed, but they will be closed by the SAM proxy because the session * is destroyed. So they will return an error next time we try to read * or write to them. */ ~Session(); /** * Start listening for an incoming connection. * @param[out] conn Upon successful completion the `sock` and `me` * members will be set to the listening socket and address. * @return true on success */ bool Listen(Connection &conn); /** * Wait for and accept a new incoming connection. * @param[in,out] conn The `sock` member is used for waiting and * accepting. Upon successful completion the `peer` member will be set * to the address of the incoming peer. * @return true on success */ bool Accept(Connection &conn); /** * Connect to an I2P peer. * @param[in] to Peer to connect to. * @param[out] conn Established connection. Only set if `true` is * returned. * @param[out] proxy_error If an error occurs due to proxy or general * network failure, then this is set to `true`. If an error occurs due * to unreachable peer (likely peer is down), then it is set to `false`. * Only set if `false` is returned. * @return true on success */ bool Connect(const CService &to, Connection &conn, bool &proxy_error); private: /** * A reply from the SAM proxy. */ struct Reply { /** * Full, unparsed reply. */ std::string full; /** * Request, used for detailed error reporting. */ std::string request; /** * A map of keywords from the parsed reply. * For example, if the reply is "A=X B C=YZ", then the map will be * keys["A"] == "X" * keys["B"] == (empty std::optional) * keys["C"] == "YZ" */ std::unordered_map> keys; /** * Get the value of a given key. * For example if the reply is "A=X B" then: * Value("A") -> "X" * Value("B") -> throws * Value("C") -> throws * @param[in] key Key whose value to retrieve * @returns the key's value * @throws std::runtime_error if the key is not present or if it has * no value */ std::string Get(const std::string &key) const; }; /** * Log a message in the `BCLog::I2P` category. * @param[in] fmt printf(3)-like format string. * @param[in] args printf(3)-like arguments that correspond to `fmt`. */ template void Log(const std::string &fmt, const Args &... args) const; /** * Send request and get a reply from the SAM proxy. * @param[in] sock A socket that is connected to the SAM proxy. * @param[in] request Raw request to send, a newline terminator is * appended to it. * @param[in] check_result_ok If true then after receiving the reply a * check is made whether it contains "RESULT=OK" and an exception is * thrown if it does not. * @throws std::runtime_error if an error occurs */ Reply SendRequestAndGetReply(const Sock &sock, const std::string &request, bool check_result_ok = true) const; /** * Open a new connection to the SAM proxy. * @return a connected socket * @throws std::runtime_error if an error occurs */ - Sock Hello() const EXCLUSIVE_LOCKS_REQUIRED(m_mutex); + std::unique_ptr Hello() const EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Check the control socket for errors and possibly disconnect. */ void CheckControlSock(); /** * Generate a new destination with the SAM proxy and set `m_private_key` * to it. * @param[in] sock Socket to use for talking to the SAM proxy. * @throws std::runtime_error if an error occurs */ void DestGenerate(const Sock &sock) EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Generate a new destination with the SAM proxy, set `m_private_key` to * it and save it on disk to `m_private_key_file`. * @param[in] sock Socket to use for talking to the SAM proxy. * @throws std::runtime_error if an error occurs */ void GenerateAndSavePrivateKey(const Sock &sock) EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Derive own destination from `m_private_key`. * @see https://geti2p.net/spec/common-structures#destination * @return an I2P destination */ Binary MyDestination() const EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Create the session if not already created. Reads the private key file * and connects to the SAM proxy. * @throws std::runtime_error if an error occurs */ void CreateIfNotCreatedAlready() EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Open a new connection to the SAM proxy and issue "STREAM ACCEPT" - * request using the existing session id. Return the idle socket that is - * waiting for a peer to connect to us. + * request using the existing session id. + * @return the idle socket that is waiting for a peer to connect to us * @throws std::runtime_error if an error occurs */ - Sock StreamAccept() EXCLUSIVE_LOCKS_REQUIRED(m_mutex); + std::unique_ptr StreamAccept() EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * Destroy the session, closing the internally used sockets. */ void Disconnect() EXCLUSIVE_LOCKS_REQUIRED(m_mutex); /** * The name of the file where this peer's private key is stored (in * binary). */ const fs::path m_private_key_file; /** * The host and port of the SAM control service. */ const CService m_control_host; /** * Cease network activity when this is signaled. */ CThreadInterrupt *const m_interrupt; /** * Mutex protecting the members that can be concurrently accessed. */ mutable Mutex m_mutex; /** * The private key of this peer. * @see The reply to the "DEST GENERATE" command in * https://geti2p.net/en/docs/api/samv3 */ Binary m_private_key GUARDED_BY(m_mutex); /** * SAM control socket. * Used to connect to the I2P SAM service and create a session * ("SESSION CREATE"). With the established session id we later open * other connections to the SAM service to accept incoming I2P * connections and make outgoing ones. * See https://geti2p.net/en/docs/api/samv3 */ - Sock m_control_sock GUARDED_BY(m_mutex); + std::unique_ptr m_control_sock GUARDED_BY(m_mutex); /** * Our .b32.i2p address. * Derived from `m_private_key`. */ CService m_my_addr GUARDED_BY(m_mutex); /** * SAM session id. */ std::string m_session_id GUARDED_BY(m_mutex); }; } // namespace sam } // namespace i2p #endif // BITCOIN_I2P_H diff --git a/src/net.cpp b/src/net.cpp index 78beacd4c..38ae803e7 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -1,3667 +1,3667 @@ // Copyright (c) 2009-2010 Satoshi Nakamoto // Copyright (c) 2009-2019 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #if defined(HAVE_CONFIG_H) #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef WIN32 #include #else #include #endif #ifdef USE_POLL #include #endif #ifdef USE_UPNP #include #include #include // The minimum supported miniUPnPc API version is set to 10. This keeps // compatibility with Ubuntu 16.04 LTS and Debian 8 libminiupnpc-dev packages. static_assert(MINIUPNPC_API_VERSION >= 10, "miniUPnPc API version >= 10 assumed"); #endif #include #include #include #include #include #include #include /** Maximum number of block-relay-only anchor connections */ static constexpr size_t MAX_BLOCK_RELAY_ONLY_ANCHORS = 2; static_assert(MAX_BLOCK_RELAY_ONLY_ANCHORS <= static_cast(MAX_BLOCK_RELAY_ONLY_CONNECTIONS), "MAX_BLOCK_RELAY_ONLY_ANCHORS must not exceed " "MAX_BLOCK_RELAY_ONLY_CONNECTIONS."); /** Anchor IP address database file name */ const char *const ANCHORS_DATABASE_FILENAME = "anchors.dat"; // How often to dump addresses to peers.dat static constexpr std::chrono::minutes DUMP_PEERS_INTERVAL{15}; /** * Number of DNS seeds to query when the number of connections is low. */ static constexpr int DNSSEEDS_TO_QUERY_AT_ONCE = 3; /** * How long to delay before querying DNS seeds * * If we have more than THRESHOLD entries in addrman, then it's likely * that we got those addresses from having previously connected to the P2P * network, and that we'll be able to successfully reconnect to the P2P * network via contacting one of them. So if that's the case, spend a * little longer trying to connect to known peers before querying the * DNS seeds. */ static constexpr std::chrono::seconds DNSSEEDS_DELAY_FEW_PEERS{11}; static constexpr std::chrono::minutes DNSSEEDS_DELAY_MANY_PEERS{5}; // "many" vs "few" peers static constexpr int DNSSEEDS_DELAY_PEER_THRESHOLD = 1000; /** The default timeframe for -maxuploadtarget. 1 day. */ static constexpr std::chrono::seconds MAX_UPLOAD_TIMEFRAME{60 * 60 * 24}; // We add a random period time (0 to 1 seconds) to feeler connections to prevent // synchronization. #define FEELER_SLEEP_WINDOW 1 /** Used to pass flags to the Bind() function */ enum BindFlags { BF_NONE = 0, BF_EXPLICIT = (1U << 0), BF_REPORT_ERROR = (1U << 1), /** * Do not call AddLocal() for our special addresses, e.g., for incoming * Tor connections, to prevent gossiping them over the network. */ BF_DONT_ADVERTISE = (1U << 2), }; // The set of sockets cannot be modified while waiting // The sleep time needs to be small to avoid new sockets stalling static const uint64_t SELECT_TIMEOUT_MILLISECONDS = 50; const std::string NET_MESSAGE_COMMAND_OTHER = "*other*"; // SHA256("netgroup")[0:8] static const uint64_t RANDOMIZER_ID_NETGROUP = 0x6c0edd8036ef4036ULL; // SHA256("localhostnonce")[0:8] static const uint64_t RANDOMIZER_ID_LOCALHOSTNONCE = 0xd93e69e2bbfa5735ULL; // SHA256("localhostnonce")[8:16] static const uint64_t RANDOMIZER_ID_EXTRAENTROPY = 0x94b05d41679a4ff7ULL; // SHA256("addrcache")[0:8] static const uint64_t RANDOMIZER_ID_ADDRCACHE = 0x1cf2e4ddd306dda9ULL; // // Global state variables // bool fDiscover = true; bool fListen = true; RecursiveMutex cs_mapLocalHost; std::map mapLocalHost GUARDED_BY(cs_mapLocalHost); static bool vfLimited[NET_MAX] GUARDED_BY(cs_mapLocalHost) = {}; void CConnman::AddAddrFetch(const std::string &strDest) { LOCK(m_addr_fetches_mutex); m_addr_fetches.push_back(strDest); } uint16_t GetListenPort() { return uint16_t(gArgs.GetArg("-port", Params().GetDefaultPort())); } // find 'best' local address for a particular peer bool GetLocal(CService &addr, const CNetAddr *paddrPeer) { if (!fListen) { return false; } int nBestScore = -1; int nBestReachability = -1; { LOCK(cs_mapLocalHost); for (const auto &entry : mapLocalHost) { int nScore = entry.second.nScore; int nReachability = entry.first.GetReachabilityFrom(paddrPeer); if (nReachability > nBestReachability || (nReachability == nBestReachability && nScore > nBestScore)) { addr = CService(entry.first, entry.second.nPort); nBestReachability = nReachability; nBestScore = nScore; } } } return nBestScore >= 0; } //! Convert the pnSeed6 array into usable address objects. static std::vector convertSeed6(const std::vector &vSeedsIn) { // It'll only connect to one or two seed nodes because once it connects, // it'll get a pile of addresses with newer timestamps. Seed nodes are given // a random 'last seen time' of between one and two weeks ago. const int64_t nOneWeek = 7 * 24 * 60 * 60; std::vector vSeedsOut; vSeedsOut.reserve(vSeedsIn.size()); FastRandomContext rng; for (const auto &seed_in : vSeedsIn) { struct in6_addr ip; memcpy(&ip, seed_in.addr, sizeof(ip)); CAddress addr(CService(ip, seed_in.port), GetDesirableServiceFlags(NODE_NONE)); addr.nTime = GetTime() - rng.randrange(nOneWeek) - nOneWeek; vSeedsOut.push_back(addr); } return vSeedsOut; } // Get best local address for a particular peer as a CAddress. Otherwise, return // the unroutable 0.0.0.0 but filled in with the normal parameters, since the IP // may be changed to a useful one by discovery. CAddress GetLocalAddress(const CNetAddr *paddrPeer, ServiceFlags nLocalServices) { CAddress ret(CService(CNetAddr(), GetListenPort()), nLocalServices); CService addr; if (GetLocal(addr, paddrPeer)) { ret = CAddress(addr, nLocalServices); } ret.nTime = GetAdjustedTime(); return ret; } static int GetnScore(const CService &addr) { LOCK(cs_mapLocalHost); if (mapLocalHost.count(addr) == 0) { return 0; } return mapLocalHost[addr].nScore; } // Is our peer's addrLocal potentially useful as an external IP source? bool IsPeerAddrLocalGood(CNode *pnode) { CService addrLocal = pnode->GetAddrLocal(); return fDiscover && pnode->addr.IsRoutable() && addrLocal.IsRoutable() && IsReachable(addrLocal.GetNetwork()); } std::optional GetLocalAddrForPeer(CNode *pnode) { CAddress addrLocal = GetLocalAddress(&pnode->addr, pnode->GetLocalServices()); if (gArgs.GetBoolArg("-addrmantest", false)) { // use IPv4 loopback during addrmantest addrLocal = CAddress(CService(LookupNumeric("127.0.0.1", GetListenPort())), pnode->GetLocalServices()); } // If discovery is enabled, sometimes give our peer the address it // tells us that it sees us as in case it has a better idea of our // address than we do. FastRandomContext rng; if (IsPeerAddrLocalGood(pnode) && (!addrLocal.IsRoutable() || rng.randbits((GetnScore(addrLocal) > LOCAL_MANUAL) ? 3 : 1) == 0)) { addrLocal.SetIP(pnode->GetAddrLocal()); } if (addrLocal.IsRoutable() || gArgs.GetBoolArg("-addrmantest", false)) { LogPrint(BCLog::NET, "Advertising address %s to peer=%d\n", addrLocal.ToString(), pnode->GetId()); return addrLocal; } // Address is unroutable. Don't advertise. return std::nullopt; } // Learn a new local address. bool AddLocal(const CService &addr, int nScore) { if (!addr.IsRoutable()) { return false; } if (!fDiscover && nScore < LOCAL_MANUAL) { return false; } if (!IsReachable(addr)) { return false; } LogPrintf("AddLocal(%s,%i)\n", addr.ToString(), nScore); { LOCK(cs_mapLocalHost); bool fAlready = mapLocalHost.count(addr) > 0; LocalServiceInfo &info = mapLocalHost[addr]; if (!fAlready || nScore >= info.nScore) { info.nScore = nScore + (fAlready ? 1 : 0); info.nPort = addr.GetPort(); } } return true; } bool AddLocal(const CNetAddr &addr, int nScore) { return AddLocal(CService(addr, GetListenPort()), nScore); } void RemoveLocal(const CService &addr) { LOCK(cs_mapLocalHost); LogPrintf("RemoveLocal(%s)\n", addr.ToString()); mapLocalHost.erase(addr); } void SetReachable(enum Network net, bool reachable) { if (net == NET_UNROUTABLE || net == NET_INTERNAL) { return; } LOCK(cs_mapLocalHost); vfLimited[net] = !reachable; } bool IsReachable(enum Network net) { LOCK(cs_mapLocalHost); return !vfLimited[net]; } bool IsReachable(const CNetAddr &addr) { return IsReachable(addr.GetNetwork()); } /** vote for a local address */ bool SeenLocal(const CService &addr) { LOCK(cs_mapLocalHost); if (mapLocalHost.count(addr) == 0) { return false; } mapLocalHost[addr].nScore++; return true; } /** check whether a given address is potentially local */ bool IsLocal(const CService &addr) { LOCK(cs_mapLocalHost); return mapLocalHost.count(addr) > 0; } CNode *CConnman::FindNode(const CNetAddr &ip) { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (static_cast(pnode->addr) == ip) { return pnode; } } return nullptr; } CNode *CConnman::FindNode(const CSubNet &subNet) { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (subNet.Match(static_cast(pnode->addr))) { return pnode; } } return nullptr; } CNode *CConnman::FindNode(const std::string &addrName) { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (pnode->GetAddrName() == addrName) { return pnode; } } return nullptr; } CNode *CConnman::FindNode(const CService &addr) { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (static_cast(pnode->addr) == addr) { return pnode; } } return nullptr; } bool CConnman::AlreadyConnectedToAddress(const CAddress &addr) { return FindNode(static_cast(addr)) || FindNode(addr.ToStringIPPort()); } bool CConnman::CheckIncomingNonce(uint64_t nonce) { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (!pnode->fSuccessfullyConnected && !pnode->IsInboundConn() && pnode->GetLocalNonce() == nonce) { return false; } } return true; } /** Get the bind address for a socket as CAddress */ static CAddress GetBindAddress(SOCKET sock) { CAddress addr_bind; struct sockaddr_storage sockaddr_bind; socklen_t sockaddr_bind_len = sizeof(sockaddr_bind); if (sock != INVALID_SOCKET) { if (!getsockname(sock, (struct sockaddr *)&sockaddr_bind, &sockaddr_bind_len)) { addr_bind.SetSockAddr((const struct sockaddr *)&sockaddr_bind); } else { LogPrint(BCLog::NET, "Warning: getsockname failed\n"); } } return addr_bind; } CNode *CConnman::ConnectNode(CAddress addrConnect, const char *pszDest, bool fCountFailure, ConnectionType conn_type) { assert(conn_type != ConnectionType::INBOUND); if (pszDest == nullptr) { if (IsLocal(addrConnect)) { return nullptr; } // Look for an existing connection CNode *pnode = FindNode(static_cast(addrConnect)); if (pnode) { LogPrintf("Failed to open new connection, already connected\n"); return nullptr; } } /// debug print LogPrint(BCLog::NET, "trying connection %s lastseen=%.1fhrs\n", pszDest ? pszDest : addrConnect.ToString(), pszDest ? 0.0 : (double)(GetAdjustedTime() - addrConnect.nTime) / 3600.0); // Resolve const int default_port = Params().GetDefaultPort(); if (pszDest) { std::vector resolved; if (Lookup(pszDest, resolved, default_port, fNameLookup && !HaveNameProxy(), 256) && !resolved.empty()) { addrConnect = CAddress(resolved[GetRand(resolved.size())], NODE_NONE); if (!addrConnect.IsValid()) { LogPrint(BCLog::NET, "Resolver returned invalid address %s for %s\n", addrConnect.ToString(), pszDest); return nullptr; } // It is possible that we already have a connection to the IP/port // pszDest resolved to. In that case, drop the connection that was // just created, and return the existing CNode instead. Also store // the name we used to connect in that CNode, so that future // FindNode() calls to that name catch this early. LOCK(cs_vNodes); CNode *pnode = FindNode(static_cast(addrConnect)); if (pnode) { pnode->MaybeSetAddrName(std::string(pszDest)); LogPrintf("Failed to open new connection, already connected\n"); return nullptr; } } } // Connect bool connected = false; std::unique_ptr sock; proxyType proxy; CAddress addr_bind; assert(!addr_bind.IsValid()); if (addrConnect.IsValid()) { bool proxyConnectionFailed = false; if (addrConnect.GetNetwork() == NET_I2P && m_i2p_sam_session.get() != nullptr) { i2p::Connection conn; if (m_i2p_sam_session->Connect(addrConnect, conn, proxyConnectionFailed)) { connected = true; - sock = std::make_unique(std::move(conn.sock)); + sock = std::move(conn.sock); addr_bind = CAddress{conn.me, NODE_NONE}; } } else if (GetProxy(addrConnect.GetNetwork(), proxy)) { sock = CreateSock(proxy.proxy); if (!sock) { return nullptr; } connected = ConnectThroughProxy( proxy, addrConnect.ToStringIP(), addrConnect.GetPort(), *sock, nConnectTimeout, proxyConnectionFailed); } else { // no proxy needed (none set for target network) sock = CreateSock(addrConnect); if (!sock) { return nullptr; } connected = - ConnectSocketDirectly(addrConnect, sock->Get(), nConnectTimeout, + ConnectSocketDirectly(addrConnect, *sock, nConnectTimeout, conn_type == ConnectionType::MANUAL); } if (!proxyConnectionFailed) { // If a connection to the node was attempted, and failure (if any) // is not caused by a problem connecting to the proxy, mark this as // an attempt. addrman.Attempt(addrConnect, fCountFailure); } } else if (pszDest && GetNameProxy(proxy)) { sock = CreateSock(proxy.proxy); if (!sock) { return nullptr; } std::string host; int port = default_port; SplitHostPort(std::string(pszDest), port, host); bool proxyConnectionFailed; connected = ConnectThroughProxy(proxy, host, port, *sock, nConnectTimeout, proxyConnectionFailed); } if (!connected) { return nullptr; } // Add node NodeId id = GetNewNodeId(); uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE) .Write(id) .Finalize(); uint64_t extra_entropy = GetDeterministicRandomizer(RANDOMIZER_ID_EXTRAENTROPY) .Write(id) .Finalize(); if (!addr_bind.IsValid()) { addr_bind = GetBindAddress(sock->Get()); } CNode *pnode = new CNode(id, nLocalServices, sock->Release(), addrConnect, CalculateKeyedNetGroup(addrConnect), nonce, extra_entropy, addr_bind, pszDest ? pszDest : "", conn_type, /* inbound_onion */ false); pnode->AddRef(); // We're making a new connection, harvest entropy from the time (and our // peer count) RandAddEvent(uint32_t(id)); return pnode; } void CNode::CloseSocketDisconnect() { fDisconnect = true; LOCK(cs_hSocket); if (hSocket != INVALID_SOCKET) { LogPrint(BCLog::NET, "disconnecting peer=%d\n", id); CloseSocket(hSocket); } } void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags &flags, const CNetAddr &addr) const { for (const auto &subnet : vWhitelistedRange) { if (subnet.m_subnet.Match(addr)) { NetPermissions::AddFlag(flags, subnet.m_flags); } } } std::string CNode::ConnectionTypeAsString() const { switch (m_conn_type) { case ConnectionType::INBOUND: return "inbound"; case ConnectionType::MANUAL: return "manual"; case ConnectionType::FEELER: return "feeler"; case ConnectionType::OUTBOUND_FULL_RELAY: return "outbound-full-relay"; case ConnectionType::BLOCK_RELAY: return "block-relay-only"; case ConnectionType::ADDR_FETCH: return "addr-fetch"; } // no default case, so the compiler can warn about missing cases assert(false); } std::string CNode::GetAddrName() const { LOCK(cs_addrName); return addrName; } void CNode::MaybeSetAddrName(const std::string &addrNameIn) { LOCK(cs_addrName); if (addrName.empty()) { addrName = addrNameIn; } } CService CNode::GetAddrLocal() const { LOCK(cs_addrLocal); return addrLocal; } void CNode::SetAddrLocal(const CService &addrLocalIn) { LOCK(cs_addrLocal); if (addrLocal.IsValid()) { error("Addr local already set for node: %i. Refusing to change from %s " "to %s", id, addrLocal.ToString(), addrLocalIn.ToString()); } else { addrLocal = addrLocalIn; } } Network CNode::ConnectedThroughNetwork() const { return m_inbound_onion ? NET_ONION : addr.GetNetClass(); } void CNode::copyStats(CNodeStats &stats) { stats.nodeid = this->GetId(); stats.nServices = nServices; stats.addr = addr; stats.addrBind = addrBind; stats.m_network = ConnectedThroughNetwork(); if (m_tx_relay != nullptr) { LOCK(m_tx_relay->cs_filter); stats.fRelayTxes = m_tx_relay->fRelayTxes; } else { stats.fRelayTxes = false; } stats.m_last_send = m_last_send; stats.m_last_recv = m_last_recv; stats.nLastTXTime = nLastTXTime; stats.nLastProofTime = nLastProofTime; stats.nLastBlockTime = nLastBlockTime; stats.nTimeConnected = nTimeConnected; stats.nTimeOffset = nTimeOffset; stats.addrName = GetAddrName(); stats.nVersion = nVersion; { LOCK(cs_SubVer); stats.cleanSubVer = cleanSubVer; } stats.fInbound = IsInboundConn(); stats.m_manual_connection = IsManualConn(); stats.m_bip152_highbandwidth_to = m_bip152_highbandwidth_to; stats.m_bip152_highbandwidth_from = m_bip152_highbandwidth_from; { LOCK(cs_vSend); stats.mapSendBytesPerMsgCmd = mapSendBytesPerMsgCmd; stats.nSendBytes = nSendBytes; } { LOCK(cs_vRecv); stats.mapRecvBytesPerMsgCmd = mapRecvBytesPerMsgCmd; stats.nRecvBytes = nRecvBytes; } stats.m_legacyWhitelisted = m_legacyWhitelisted; stats.m_permissionFlags = m_permissionFlags; if (m_tx_relay != nullptr) { LOCK(m_tx_relay->cs_feeFilter); stats.minFeeFilter = m_tx_relay->minFeeFilter; } else { stats.minFeeFilter = Amount::zero(); } stats.m_last_ping_time = m_last_ping_time; stats.m_min_ping_time = m_min_ping_time; // Leave string empty if addrLocal invalid (not filled in yet) CService addrLocalUnlocked = GetAddrLocal(); stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToString() : ""; stats.m_conn_type_string = ConnectionTypeAsString(); } bool CNode::ReceiveMsgBytes(const Config &config, Span msg_bytes, bool &complete) { complete = false; const auto time = GetTime(); LOCK(cs_vRecv); m_last_recv = std::chrono::duration_cast(time); nRecvBytes += msg_bytes.size(); while (msg_bytes.size() > 0) { // Absorb network data. int handled = m_deserializer->Read(config, msg_bytes); if (handled < 0) { return false; } if (m_deserializer->Complete()) { // decompose a transport agnostic CNetMessage from the deserializer CNetMessage msg = m_deserializer->GetMessage(config, time); // Store received bytes per message command to prevent a memory DOS, // only allow valid commands. mapMsgCmdSize::iterator i = mapRecvBytesPerMsgCmd.find(msg.m_command); if (i == mapRecvBytesPerMsgCmd.end()) { i = mapRecvBytesPerMsgCmd.find(NET_MESSAGE_COMMAND_OTHER); } assert(i != mapRecvBytesPerMsgCmd.end()); i->second += msg.m_raw_message_size; // push the message to the process queue, vRecvMsg.push_back(std::move(msg)); complete = true; } } return true; } int V1TransportDeserializer::readHeader(const Config &config, Span msg_bytes) { // copy data to temporary parsing buffer uint32_t nRemaining = CMessageHeader::HEADER_SIZE - nHdrPos; uint32_t nCopy = std::min(nRemaining, msg_bytes.size()); memcpy(&hdrbuf[nHdrPos], msg_bytes.data(), nCopy); nHdrPos += nCopy; // if header incomplete, exit if (nHdrPos < CMessageHeader::HEADER_SIZE) { return nCopy; } // deserialize to CMessageHeader try { hdrbuf >> hdr; } catch (const std::exception &) { return -1; } // Reject oversized messages if (hdr.IsOversized(config)) { LogPrint(BCLog::NET, "Oversized header detected\n"); return -1; } // switch state to reading message data in_data = true; return nCopy; } int V1TransportDeserializer::readData(Span msg_bytes) { unsigned int nRemaining = hdr.nMessageSize - nDataPos; unsigned int nCopy = std::min(nRemaining, msg_bytes.size()); if (vRecv.size() < nDataPos + nCopy) { // Allocate up to 256 KiB ahead, but never more than the total message // size. vRecv.resize(std::min(hdr.nMessageSize, nDataPos + nCopy + 256 * 1024)); } hasher.Write(MakeUCharSpan(msg_bytes.first(nCopy))); memcpy(&vRecv[nDataPos], msg_bytes.data(), nCopy); nDataPos += nCopy; return nCopy; } const uint256 &V1TransportDeserializer::GetMessageHash() const { assert(Complete()); if (data_hash.IsNull()) { hasher.Finalize(data_hash); } return data_hash; } CNetMessage V1TransportDeserializer::GetMessage(const Config &config, const std::chrono::microseconds time) { // decompose a single CNetMessage from the TransportDeserializer CNetMessage msg(std::move(vRecv)); // store state about valid header, netmagic and checksum msg.m_valid_header = hdr.IsValid(config); // FIXME Split CheckHeaderMagicAndCommand() into CheckHeaderMagic() and // CheckCommand() to prevent the net magic check code duplication. msg.m_valid_netmagic = (memcmp(std::begin(hdr.pchMessageStart), std::begin(config.GetChainParams().NetMagic()), CMessageHeader::MESSAGE_START_SIZE) == 0); uint256 hash = GetMessageHash(); // store command string, payload size msg.m_command = hdr.GetCommand(); msg.m_message_size = hdr.nMessageSize; msg.m_raw_message_size = hdr.nMessageSize + CMessageHeader::HEADER_SIZE; // We just received a message off the wire, harvest entropy from the time // (and the message checksum) RandAddEvent(ReadLE32(hash.begin())); msg.m_valid_checksum = (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) == 0); if (!msg.m_valid_checksum) { LogPrint( BCLog::NET, "CHECKSUM ERROR (%s, %u bytes), expected %s was %s\n", SanitizeString(msg.m_command), msg.m_message_size, HexStr(Span(hash.begin(), hash.begin() + CMessageHeader::CHECKSUM_SIZE)), HexStr(hdr.pchChecksum)); } // store receive time msg.m_time = time; // reset the network deserializer (prepare for the next message) Reset(); return msg; } void V1TransportSerializer::prepareForTransport(const Config &config, CSerializedNetMsg &msg, std::vector &header) { // create dbl-sha256 checksum uint256 hash = Hash(msg.data); // create header CMessageHeader hdr(config.GetChainParams().NetMagic(), msg.m_type.c_str(), msg.data.size()); memcpy(hdr.pchChecksum, hash.begin(), CMessageHeader::CHECKSUM_SIZE); // serialize header header.reserve(CMessageHeader::HEADER_SIZE); CVectorWriter{SER_NETWORK, INIT_PROTO_VERSION, header, 0, hdr}; } size_t CConnman::SocketSendData(CNode &node) const { size_t nSentSize = 0; size_t nMsgCount = 0; for (const auto &data : node.vSendMsg) { assert(data.size() > node.nSendOffset); int nBytes = 0; { LOCK(node.cs_hSocket); if (node.hSocket == INVALID_SOCKET) { break; } nBytes = send( node.hSocket, reinterpret_cast(data.data()) + node.nSendOffset, data.size() - node.nSendOffset, MSG_NOSIGNAL | MSG_DONTWAIT); } if (nBytes == 0) { // couldn't send anything at all break; } if (nBytes < 0) { // error int nErr = WSAGetLastError(); if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) { LogPrint(BCLog::NET, "socket send error for peer=%d: %s\n", node.GetId(), NetworkErrorString(nErr)); node.CloseSocketDisconnect(); } break; } assert(nBytes > 0); node.m_last_send = GetTime(); node.nSendBytes += nBytes; node.nSendOffset += nBytes; nSentSize += nBytes; if (node.nSendOffset != data.size()) { // could not send full message; stop sending more break; } node.nSendOffset = 0; node.nSendSize -= data.size(); node.fPauseSend = node.nSendSize > nSendBufferMaxSize; nMsgCount++; } node.vSendMsg.erase(node.vSendMsg.begin(), node.vSendMsg.begin() + nMsgCount); if (node.vSendMsg.empty()) { assert(node.nSendOffset == 0); assert(node.nSendSize == 0); } return nSentSize; } static bool ReverseCompareNodeMinPingTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { return a.m_min_ping_time > b.m_min_ping_time; } static bool ReverseCompareNodeTimeConnected(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { return a.nTimeConnected > b.nTimeConnected; } static bool CompareLocalHostTimeConnected(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { if (a.m_is_local != b.m_is_local) { return b.m_is_local; } return a.nTimeConnected > b.nTimeConnected; } static bool CompareOnionTimeConnected(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { if (a.m_is_onion != b.m_is_onion) { return b.m_is_onion; } return a.nTimeConnected > b.nTimeConnected; } static bool CompareNetGroupKeyed(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { return a.nKeyedNetGroup < b.nKeyedNetGroup; } static bool CompareNodeBlockTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { // There is a fall-through here because it is common for a node to have many // peers which have not yet relayed a block. if (a.nLastBlockTime != b.nLastBlockTime) { return a.nLastBlockTime < b.nLastBlockTime; } if (a.fRelevantServices != b.fRelevantServices) { return b.fRelevantServices; } return a.nTimeConnected > b.nTimeConnected; } static bool CompareNodeTXTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { // There is a fall-through here because it is common for a node to have more // than a few peers that have not yet relayed txn. if (a.nLastTXTime != b.nLastTXTime) { return a.nLastTXTime < b.nLastTXTime; } if (a.fRelayTxes != b.fRelayTxes) { return b.fRelayTxes; } if (a.fBloomFilter != b.fBloomFilter) { return a.fBloomFilter; } return a.nTimeConnected > b.nTimeConnected; } static bool CompareNodeProofTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { // There is a fall-through here because it is common for a node to have more // than a few peers that have not yet relayed proofs. This fallback is also // used in the case avalanche is not enabled. if (a.nLastProofTime != b.nLastProofTime) { return a.nLastProofTime < b.nLastProofTime; } return a.nTimeConnected > b.nTimeConnected; } // Pick out the potential block-relay only peers, and sort them by last block // time. static bool CompareNodeBlockRelayOnlyTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { if (a.fRelayTxes != b.fRelayTxes) { return a.fRelayTxes; } if (a.nLastBlockTime != b.nLastBlockTime) { return a.nLastBlockTime < b.nLastBlockTime; } if (a.fRelevantServices != b.fRelevantServices) { return b.fRelevantServices; } return a.nTimeConnected > b.nTimeConnected; } static bool CompareNodeAvailabilityScore(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) { // Equality can happen if the nodes have no score or it has not been // computed yet. if (a.availabilityScore != b.availabilityScore) { return a.availabilityScore < b.availabilityScore; } return a.nTimeConnected > b.nTimeConnected; } //! Sort an array by the specified comparator, then erase the last K elements //! where predicate is true. template static void EraseLastKElements( std::vector &elements, Comparator comparator, size_t k, std::function predicate = [](const NodeEvictionCandidate &n) { return true; }) { std::sort(elements.begin(), elements.end(), comparator); size_t eraseSize = std::min(k, elements.size()); elements.erase( std::remove_if(elements.end() - eraseSize, elements.end(), predicate), elements.end()); } void ProtectEvictionCandidatesByRatio( std::vector &vEvictionCandidates) { // Protect the half of the remaining nodes which have been connected the // longest. This replicates the non-eviction implicit behavior, and // precludes attacks that start later. // To promote the diversity of our peer connections, reserve up to // (half + 2) of these protected spots for onion and localhost peers, if // any, even if they're not the longest uptime overall. This helps protect // tor peers, which tend to be otherwise disadvantaged under our eviction // criteria. const size_t initial_size = vEvictionCandidates.size(); size_t total_protect_size = initial_size / 2; const size_t onion_protect_size = total_protect_size / 2; if (onion_protect_size) { // Pick out up to 1/4 peers connected via our onion service, sorted by // longest uptime. EraseLastKElements( vEvictionCandidates, CompareOnionTimeConnected, onion_protect_size, [](const NodeEvictionCandidate &n) { return n.m_is_onion; }); } const size_t localhost_min_protect_size{2}; if (onion_protect_size >= localhost_min_protect_size) { // Allocate any remaining slots of the 1/4, or minimum 2 additional // slots, to localhost peers, sorted by longest uptime, as manually // configured hidden services not using `-bind=addr[:port]=onion` will // not be detected as inbound onion connections. const size_t remaining_tor_slots{ onion_protect_size - (initial_size - vEvictionCandidates.size())}; const size_t localhost_protect_size{ std::max(remaining_tor_slots, localhost_min_protect_size)}; EraseLastKElements( vEvictionCandidates, CompareLocalHostTimeConnected, localhost_protect_size, [](const NodeEvictionCandidate &n) { return n.m_is_local; }); } // Calculate how many we removed, and update our total number of peers that // we want to protect based on uptime accordingly. total_protect_size -= initial_size - vEvictionCandidates.size(); EraseLastKElements(vEvictionCandidates, ReverseCompareNodeTimeConnected, total_protect_size); } [[nodiscard]] std::optional SelectNodeToEvict(std::vector &&vEvictionCandidates) { // Protect connections with certain characteristics // Deterministically select 4 peers to protect by netgroup. // An attacker cannot predict which netgroups will be protected EraseLastKElements(vEvictionCandidates, CompareNetGroupKeyed, 4); // Protect the 8 nodes with the lowest minimum ping time. // An attacker cannot manipulate this metric without physically moving nodes // closer to the target. EraseLastKElements(vEvictionCandidates, ReverseCompareNodeMinPingTime, 8); // Protect 4 nodes that most recently sent us novel transactions accepted // into our mempool. An attacker cannot manipulate this metric without // performing useful work. EraseLastKElements(vEvictionCandidates, CompareNodeTXTime, 4); // Protect 4 nodes that most recently sent us novel proofs accepted // into our proof pool. An attacker cannot manipulate this metric without // performing useful work. // TODO this filter must happen before the last tx time once avalanche is // enabled for pre-consensus. EraseLastKElements(vEvictionCandidates, CompareNodeProofTime, 4); // Protect up to 8 non-tx-relay peers that have sent us novel blocks. const size_t erase_size = std::min(size_t(8), vEvictionCandidates.size()); EraseLastKElements(vEvictionCandidates, CompareNodeBlockRelayOnlyTime, erase_size, [](const NodeEvictionCandidate &n) { return !n.fRelayTxes && n.fRelevantServices; }); // Protect 4 nodes that most recently sent us novel blocks. // An attacker cannot manipulate this metric without performing useful work. EraseLastKElements(vEvictionCandidates, CompareNodeBlockTime, 4); // Protect up to 128 nodes that have the highest avalanche availability // score. EraseLastKElements(vEvictionCandidates, CompareNodeAvailabilityScore, 128, [](NodeEvictionCandidate const &n) { return n.availabilityScore > 0.; }); // Protect some of the remaining eviction candidates by ratios of desirable // or disadvantaged characteristics. ProtectEvictionCandidatesByRatio(vEvictionCandidates); if (vEvictionCandidates.empty()) { return std::nullopt; } // If any remaining peers are preferred for eviction consider only them. // This happens after the other preferences since if a peer is really the // best by other criteria (esp relaying blocks) // then we probably don't want to evict it no matter what. if (std::any_of( vEvictionCandidates.begin(), vEvictionCandidates.end(), [](NodeEvictionCandidate const &n) { return n.prefer_evict; })) { vEvictionCandidates.erase( std::remove_if( vEvictionCandidates.begin(), vEvictionCandidates.end(), [](NodeEvictionCandidate const &n) { return !n.prefer_evict; }), vEvictionCandidates.end()); } // Identify the network group with the most connections and youngest member. // (vEvictionCandidates is already sorted by reverse connect time) uint64_t naMostConnections; unsigned int nMostConnections = 0; int64_t nMostConnectionsTime = 0; std::map> mapNetGroupNodes; for (const NodeEvictionCandidate &node : vEvictionCandidates) { std::vector &group = mapNetGroupNodes[node.nKeyedNetGroup]; group.push_back(node); const int64_t grouptime = group[0].nTimeConnected; size_t group_size = group.size(); if (group_size > nMostConnections || (group_size == nMostConnections && grouptime > nMostConnectionsTime)) { nMostConnections = group_size; nMostConnectionsTime = grouptime; naMostConnections = node.nKeyedNetGroup; } } // Reduce to the network group with the most connections vEvictionCandidates = std::move(mapNetGroupNodes[naMostConnections]); // Disconnect from the network group with the most connections return vEvictionCandidates.front().id; } /** Try to find a connection to evict when the node is full. * Extreme care must be taken to avoid opening the node to attacker * triggered network partitioning. * The strategy used here is to protect a small number of peers * for each of several distinct characteristics which are difficult * to forge. In order to partition a node the attacker must be * simultaneously better at all of them than honest peers. */ bool CConnman::AttemptToEvictConnection() { std::vector vEvictionCandidates; { LOCK(cs_vNodes); for (const CNode *node : vNodes) { if (node->HasPermission(PF_NOBAN)) { continue; } if (!node->IsInboundConn()) { continue; } if (node->fDisconnect) { continue; } bool peer_relay_txes = false; bool peer_filter_not_null = false; if (node->m_tx_relay != nullptr) { LOCK(node->m_tx_relay->cs_filter); peer_relay_txes = node->m_tx_relay->fRelayTxes; peer_filter_not_null = node->m_tx_relay->pfilter != nullptr; } NodeEvictionCandidate candidate = { node->GetId(), node->nTimeConnected, node->m_min_ping_time, node->nLastBlockTime, node->nLastProofTime, node->nLastTXTime, HasAllDesirableServiceFlags(node->nServices), peer_relay_txes, peer_filter_not_null, node->nKeyedNetGroup, node->m_prefer_evict, node->addr.IsLocal(), node->m_inbound_onion, node->m_avalanche_state ? node->m_avalanche_state->getAvailabilityScore() : -std::numeric_limits::infinity()}; vEvictionCandidates.push_back(candidate); } } const std::optional node_id_to_evict = SelectNodeToEvict(std::move(vEvictionCandidates)); if (!node_id_to_evict) { return false; } LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (pnode->GetId() == *node_id_to_evict) { LogPrint( BCLog::NET, "selected %s connection for eviction peer=%d; disconnecting\n", pnode->ConnectionTypeAsString(), pnode->GetId()); pnode->fDisconnect = true; return true; } } return false; } void CConnman::AcceptConnection(const ListenSocket &hListenSocket) { struct sockaddr_storage sockaddr; socklen_t len = sizeof(sockaddr); SOCKET hSocket = accept(hListenSocket.socket, (struct sockaddr *)&sockaddr, &len); CAddress addr; if (hSocket == INVALID_SOCKET) { const int nErr = WSAGetLastError(); if (nErr != WSAEWOULDBLOCK) { LogPrintf("socket error accept failed: %s\n", NetworkErrorString(nErr)); } return; } if (!addr.SetSockAddr((const struct sockaddr *)&sockaddr)) { LogPrintf("Warning: Unknown socket family\n"); } const CAddress addr_bind = GetBindAddress(hSocket); NetPermissionFlags permissionFlags = NetPermissionFlags::PF_NONE; hListenSocket.AddSocketPermissionFlags(permissionFlags); CreateNodeFromAcceptedSocket(hSocket, permissionFlags, addr_bind, addr); } void CConnman::CreateNodeFromAcceptedSocket(SOCKET hSocket, NetPermissionFlags permissionFlags, const CAddress &addr_bind, const CAddress &addr) { int nInbound = 0; int nMaxInbound = nMaxConnections - m_max_outbound; AddWhitelistPermissionFlags(permissionFlags, addr); bool legacyWhitelisted = false; if (NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_ISIMPLICIT)) { NetPermissions::ClearFlag(permissionFlags, PF_ISIMPLICIT); if (gArgs.GetBoolArg("-whitelistforcerelay", DEFAULT_WHITELISTFORCERELAY)) { NetPermissions::AddFlag(permissionFlags, PF_FORCERELAY); } if (gArgs.GetBoolArg("-whitelistrelay", DEFAULT_WHITELISTRELAY)) { NetPermissions::AddFlag(permissionFlags, PF_RELAY); } NetPermissions::AddFlag(permissionFlags, PF_MEMPOOL); NetPermissions::AddFlag(permissionFlags, PF_NOBAN); legacyWhitelisted = true; } { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->IsInboundConn()) { nInbound++; } } } if (!fNetworkActive) { LogPrint(BCLog::NET, "connection from %s dropped: not accepting new connections\n", addr.ToString()); CloseSocket(hSocket); return; } if (!IsSelectableSocket(hSocket)) { LogPrintf("connection from %s dropped: non-selectable socket\n", addr.ToString()); CloseSocket(hSocket); return; } // According to the internet TCP_NODELAY is not carried into accepted // sockets on all platforms. Set it again here just to be sure. SetSocketNoDelay(hSocket); // Don't accept connections from banned peers. bool banned = m_banman && m_banman->IsBanned(addr); if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && banned) { LogPrint(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToString()); CloseSocket(hSocket); return; } // Only accept connections from discouraged peers if our inbound slots // aren't (almost) full. bool discouraged = m_banman && m_banman->IsDiscouraged(addr); if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && nInbound + 1 >= nMaxInbound && discouraged) { LogPrint(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToString()); CloseSocket(hSocket); return; } if (nInbound >= nMaxInbound) { if (!AttemptToEvictConnection()) { // No connection to evict, disconnect the new connection LogPrint(BCLog::NET, "failed to find an eviction candidate - " "connection dropped (full)\n"); CloseSocket(hSocket); return; } } NodeId id = GetNewNodeId(); uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE) .Write(id) .Finalize(); uint64_t extra_entropy = GetDeterministicRandomizer(RANDOMIZER_ID_EXTRAENTROPY) .Write(id) .Finalize(); ServiceFlags nodeServices = nLocalServices; if (NetPermissions::HasFlag(permissionFlags, PF_BLOOMFILTER)) { nodeServices = static_cast(nodeServices | NODE_BLOOM); } const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end(); CNode *pnode = new CNode( id, nodeServices, hSocket, addr, CalculateKeyedNetGroup(addr), nonce, extra_entropy, addr_bind, "", ConnectionType::INBOUND, inbound_onion); pnode->AddRef(); pnode->m_permissionFlags = permissionFlags; // If this flag is present, the user probably expect that RPC and QT report // it as whitelisted (backward compatibility) pnode->m_legacyWhitelisted = legacyWhitelisted; pnode->m_prefer_evict = discouraged; m_msgproc->InitializeNode(*config, pnode); LogPrint(BCLog::NET, "connection from %s accepted\n", addr.ToString()); { LOCK(cs_vNodes); vNodes.push_back(pnode); } // We received a new connection, harvest entropy from the time (and our peer // count) RandAddEvent(uint32_t(id)); } bool CConnman::AddConnection(const std::string &address, ConnectionType conn_type) { std::optional max_connections; switch (conn_type) { case ConnectionType::INBOUND: case ConnectionType::MANUAL: return false; case ConnectionType::OUTBOUND_FULL_RELAY: max_connections = m_max_outbound_full_relay; break; case ConnectionType::BLOCK_RELAY: max_connections = m_max_outbound_block_relay; break; // no limit for ADDR_FETCH because -seednode has no limit either case ConnectionType::ADDR_FETCH: break; // no limit for FEELER connections since they're short-lived case ConnectionType::FEELER: break; } // no default case, so the compiler can warn about missing cases // Count existing connections int existing_connections = WITH_LOCK( cs_vNodes, return std::count_if( vNodes.begin(), vNodes.end(), [conn_type](CNode *node) { return node->m_conn_type == conn_type; });); // Max connections of specified type already exist if (max_connections != std::nullopt && existing_connections >= max_connections) { return false; } // Max total outbound connections already exist CSemaphoreGrant grant(*semOutbound, true); if (!grant) { return false; } OpenNetworkConnection(CAddress(), false, &grant, address.c_str(), conn_type); return true; } void CConnman::DisconnectNodes() { { LOCK(cs_vNodes); if (!fNetworkActive) { // Disconnect any connected nodes for (CNode *pnode : vNodes) { if (!pnode->fDisconnect) { LogPrint(BCLog::NET, "Network not active, dropping peer=%d\n", pnode->GetId()); pnode->fDisconnect = true; } } } // Disconnect unused nodes std::vector vNodesCopy = vNodes; for (CNode *pnode : vNodesCopy) { if (pnode->fDisconnect) { // remove from vNodes vNodes.erase(remove(vNodes.begin(), vNodes.end(), pnode), vNodes.end()); // release outbound grant (if any) pnode->grantOutbound.Release(); // close socket and cleanup pnode->CloseSocketDisconnect(); // hold in disconnected pool until all refs are released pnode->Release(); vNodesDisconnected.push_back(pnode); } } } { // Delete disconnected nodes std::list vNodesDisconnectedCopy = vNodesDisconnected; for (CNode *pnode : vNodesDisconnectedCopy) { // wait until threads are done using it if (pnode->GetRefCount() <= 0) { bool fDelete = false; { TRY_LOCK(pnode->cs_vSend, lockSend); if (lockSend) { fDelete = true; } } if (fDelete) { vNodesDisconnected.remove(pnode); DeleteNode(pnode); } } } } } void CConnman::NotifyNumConnectionsChanged() { size_t vNodesSize; { LOCK(cs_vNodes); vNodesSize = vNodes.size(); } if (vNodesSize != nPrevNodeCount) { nPrevNodeCount = vNodesSize; if (clientInterface) { clientInterface->NotifyNumConnectionsChanged(vNodesSize); } } } bool CConnman::ShouldRunInactivityChecks(const CNode &node, std::chrono::seconds now) const { return std::chrono::seconds{node.nTimeConnected} + m_peer_connect_timeout < now; } bool CConnman::InactivityCheck(const CNode &node) const { // Tests that see disconnects after using mocktime can start nodes with a // large timeout. For example, -peertimeout=999999999. const auto now{GetTime()}; const auto last_send{node.m_last_send.load()}; const auto last_recv{node.m_last_recv.load()}; if (!ShouldRunInactivityChecks(node, now)) { return false; } if (last_recv.count() == 0 || last_send.count() == 0) { LogPrint(BCLog::NET, "socket no message in first %i seconds, %d %d peer=%d\n", count_seconds(m_peer_connect_timeout), last_recv.count() != 0, last_send.count() != 0, node.GetId()); return true; } if (now > last_send + TIMEOUT_INTERVAL) { LogPrint(BCLog::NET, "socket sending timeout: %is peer=%d\n", count_seconds(now - last_send), node.GetId()); return true; } if (now > last_recv + TIMEOUT_INTERVAL) { LogPrint(BCLog::NET, "socket receive timeout: %is peer=%d\n", count_seconds(now - last_recv), node.GetId()); return true; } if (!node.fSuccessfullyConnected) { LogPrint(BCLog::NET, "version handshake timeout peer=%d\n", node.GetId()); return true; } return false; } bool CConnman::GenerateSelectSet(std::set &recv_set, std::set &send_set, std::set &error_set) { for (const ListenSocket &hListenSocket : vhListenSocket) { recv_set.insert(hListenSocket.socket); } { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { // Implement the following logic: // * If there is data to send, select() for sending data. As this // only happens when optimistic write failed, we choose to first // drain the write buffer in this case before receiving more. This // avoids needlessly queueing received data, if the remote peer is // not themselves receiving data. This means properly utilizing // TCP flow control signalling. // * Otherwise, if there is space left in the receive buffer, // select() for receiving data. // * Hand off all complete messages to the processor, to be handled // without blocking here. bool select_recv = !pnode->fPauseRecv; bool select_send; { LOCK(pnode->cs_vSend); select_send = !pnode->vSendMsg.empty(); } LOCK(pnode->cs_hSocket); if (pnode->hSocket == INVALID_SOCKET) { continue; } error_set.insert(pnode->hSocket); if (select_send) { send_set.insert(pnode->hSocket); continue; } if (select_recv) { recv_set.insert(pnode->hSocket); } } } return !recv_set.empty() || !send_set.empty() || !error_set.empty(); } #ifdef USE_POLL void CConnman::SocketEvents(std::set &recv_set, std::set &send_set, std::set &error_set) { std::set recv_select_set, send_select_set, error_select_set; if (!GenerateSelectSet(recv_select_set, send_select_set, error_select_set)) { interruptNet.sleep_for( std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS)); return; } std::unordered_map pollfds; for (SOCKET socket_id : recv_select_set) { pollfds[socket_id].fd = socket_id; pollfds[socket_id].events |= POLLIN; } for (SOCKET socket_id : send_select_set) { pollfds[socket_id].fd = socket_id; pollfds[socket_id].events |= POLLOUT; } for (SOCKET socket_id : error_select_set) { pollfds[socket_id].fd = socket_id; // These flags are ignored, but we set them for clarity pollfds[socket_id].events |= POLLERR | POLLHUP; } std::vector vpollfds; vpollfds.reserve(pollfds.size()); for (auto it : pollfds) { vpollfds.push_back(std::move(it.second)); } if (poll(vpollfds.data(), vpollfds.size(), SELECT_TIMEOUT_MILLISECONDS) < 0) { return; } if (interruptNet) { return; } for (struct pollfd pollfd_entry : vpollfds) { if (pollfd_entry.revents & POLLIN) { recv_set.insert(pollfd_entry.fd); } if (pollfd_entry.revents & POLLOUT) { send_set.insert(pollfd_entry.fd); } if (pollfd_entry.revents & (POLLERR | POLLHUP)) { error_set.insert(pollfd_entry.fd); } } } #else void CConnman::SocketEvents(std::set &recv_set, std::set &send_set, std::set &error_set) { std::set recv_select_set, send_select_set, error_select_set; if (!GenerateSelectSet(recv_select_set, send_select_set, error_select_set)) { interruptNet.sleep_for( std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS)); return; } // // Find which sockets have data to receive // struct timeval timeout; timeout.tv_sec = 0; // frequency to poll pnode->vSend timeout.tv_usec = SELECT_TIMEOUT_MILLISECONDS * 1000; fd_set fdsetRecv; fd_set fdsetSend; fd_set fdsetError; FD_ZERO(&fdsetRecv); FD_ZERO(&fdsetSend); FD_ZERO(&fdsetError); SOCKET hSocketMax = 0; for (SOCKET hSocket : recv_select_set) { FD_SET(hSocket, &fdsetRecv); hSocketMax = std::max(hSocketMax, hSocket); } for (SOCKET hSocket : send_select_set) { FD_SET(hSocket, &fdsetSend); hSocketMax = std::max(hSocketMax, hSocket); } for (SOCKET hSocket : error_select_set) { FD_SET(hSocket, &fdsetError); hSocketMax = std::max(hSocketMax, hSocket); } int nSelect = select(hSocketMax + 1, &fdsetRecv, &fdsetSend, &fdsetError, &timeout); if (interruptNet) { return; } if (nSelect == SOCKET_ERROR) { int nErr = WSAGetLastError(); LogPrintf("socket select error %s\n", NetworkErrorString(nErr)); for (unsigned int i = 0; i <= hSocketMax; i++) { FD_SET(i, &fdsetRecv); } FD_ZERO(&fdsetSend); FD_ZERO(&fdsetError); if (!interruptNet.sleep_for( std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS))) { return; } } for (SOCKET hSocket : recv_select_set) { if (FD_ISSET(hSocket, &fdsetRecv)) { recv_set.insert(hSocket); } } for (SOCKET hSocket : send_select_set) { if (FD_ISSET(hSocket, &fdsetSend)) { send_set.insert(hSocket); } } for (SOCKET hSocket : error_select_set) { if (FD_ISSET(hSocket, &fdsetError)) { error_set.insert(hSocket); } } } #endif void CConnman::SocketHandler() { std::set recv_set, send_set, error_set; SocketEvents(recv_set, send_set, error_set); if (interruptNet) { return; } // // Accept new connections // for (const ListenSocket &hListenSocket : vhListenSocket) { if (hListenSocket.socket != INVALID_SOCKET && recv_set.count(hListenSocket.socket) > 0) { AcceptConnection(hListenSocket); } } // // Service each socket // std::vector vNodesCopy; { LOCK(cs_vNodes); vNodesCopy = vNodes; for (CNode *pnode : vNodesCopy) { pnode->AddRef(); } } for (CNode *pnode : vNodesCopy) { if (interruptNet) { return; } // // Receive // bool recvSet = false; bool sendSet = false; bool errorSet = false; { LOCK(pnode->cs_hSocket); if (pnode->hSocket == INVALID_SOCKET) { continue; } recvSet = recv_set.count(pnode->hSocket) > 0; sendSet = send_set.count(pnode->hSocket) > 0; errorSet = error_set.count(pnode->hSocket) > 0; } if (recvSet || errorSet) { // typical socket buffer is 8K-64K char pchBuf[0x10000]; int32_t nBytes = 0; { LOCK(pnode->cs_hSocket); if (pnode->hSocket == INVALID_SOCKET) { continue; } nBytes = recv(pnode->hSocket, pchBuf, sizeof(pchBuf), MSG_DONTWAIT); } if (nBytes > 0) { bool notify = false; if (!pnode->ReceiveMsgBytes( *config, Span(pchBuf, nBytes), notify)) { pnode->CloseSocketDisconnect(); } RecordBytesRecv(nBytes); if (notify) { size_t nSizeAdded = 0; auto it(pnode->vRecvMsg.begin()); for (; it != pnode->vRecvMsg.end(); ++it) { // vRecvMsg contains only completed CNetMessage // the single possible partially deserialized message // are held by TransportDeserializer nSizeAdded += it->m_raw_message_size; } { LOCK(pnode->cs_vProcessMsg); pnode->vProcessMsg.splice(pnode->vProcessMsg.end(), pnode->vRecvMsg, pnode->vRecvMsg.begin(), it); pnode->nProcessQueueSize += nSizeAdded; pnode->fPauseRecv = pnode->nProcessQueueSize > nReceiveFloodSize; } WakeMessageHandler(); } } else if (nBytes == 0) { // socket closed gracefully if (!pnode->fDisconnect) { LogPrint(BCLog::NET, "socket closed for peer=%d\n", pnode->GetId()); } pnode->CloseSocketDisconnect(); } else if (nBytes < 0) { // error int nErr = WSAGetLastError(); if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) { if (!pnode->fDisconnect) { LogPrint(BCLog::NET, "socket recv error for peer=%d: %s\n", pnode->GetId(), NetworkErrorString(nErr)); } pnode->CloseSocketDisconnect(); } } } // // Send // if (sendSet) { LOCK(pnode->cs_vSend); size_t nBytes = SocketSendData(*pnode); if (nBytes) { RecordBytesSent(nBytes); } } if (InactivityCheck(*pnode)) { pnode->fDisconnect = true; } } { LOCK(cs_vNodes); for (CNode *pnode : vNodesCopy) { pnode->Release(); } } } void CConnman::ThreadSocketHandler() { while (!interruptNet) { DisconnectNodes(); NotifyNumConnectionsChanged(); SocketHandler(); } } void CConnman::WakeMessageHandler() { { LOCK(mutexMsgProc); fMsgProcWake = true; } condMsgProc.notify_one(); } #ifdef USE_UPNP static CThreadInterrupt g_upnp_interrupt; static std::thread g_upnp_thread; static void ThreadMapPort() { std::string port = strprintf("%u", GetListenPort()); const char *multicastif = nullptr; const char *minissdpdpath = nullptr; struct UPNPDev *devlist = nullptr; char lanaddr[64]; int error = 0; #if MINIUPNPC_API_VERSION < 14 devlist = upnpDiscover(2000, multicastif, minissdpdpath, 0, 0, &error); #else devlist = upnpDiscover(2000, multicastif, minissdpdpath, 0, 0, 2, &error); #endif struct UPNPUrls urls; struct IGDdatas data; int r; r = UPNP_GetValidIGD(devlist, &urls, &data, lanaddr, sizeof(lanaddr)); if (r == 1) { if (fDiscover) { char externalIPAddress[40]; r = UPNP_GetExternalIPAddress( urls.controlURL, data.first.servicetype, externalIPAddress); if (r != UPNPCOMMAND_SUCCESS) { LogPrintf("UPnP: GetExternalIPAddress() returned %d\n", r); } else { if (externalIPAddress[0]) { CNetAddr resolved; if (LookupHost(externalIPAddress, resolved, false)) { LogPrintf("UPnP: ExternalIPAddress = %s\n", resolved.ToString()); AddLocal(resolved, LOCAL_UPNP); } } else { LogPrintf("UPnP: GetExternalIPAddress failed.\n"); } } } std::string strDesc = PACKAGE_NAME " " + FormatFullVersion(); do { r = UPNP_AddPortMapping(urls.controlURL, data.first.servicetype, port.c_str(), port.c_str(), lanaddr, strDesc.c_str(), "TCP", 0, "0"); if (r != UPNPCOMMAND_SUCCESS) { LogPrintf( "AddPortMapping(%s, %s, %s) failed with code %d (%s)\n", port, port, lanaddr, r, strupnperror(r)); } else { LogPrintf("UPnP Port Mapping successful.\n"); } } while (g_upnp_interrupt.sleep_for(std::chrono::minutes(20))); r = UPNP_DeletePortMapping(urls.controlURL, data.first.servicetype, port.c_str(), "TCP", 0); LogPrintf("UPNP_DeletePortMapping() returned: %d\n", r); freeUPNPDevlist(devlist); devlist = nullptr; FreeUPNPUrls(&urls); } else { LogPrintf("No valid UPnP IGDs found\n"); freeUPNPDevlist(devlist); devlist = nullptr; if (r != 0) { FreeUPNPUrls(&urls); } } } void StartMapPort() { if (!g_upnp_thread.joinable()) { assert(!g_upnp_interrupt); g_upnp_thread = std::thread( (std::bind(&TraceThread, "upnp", &ThreadMapPort))); } } void InterruptMapPort() { if (g_upnp_thread.joinable()) { g_upnp_interrupt(); } } void StopMapPort() { if (g_upnp_thread.joinable()) { g_upnp_thread.join(); g_upnp_interrupt.reset(); } } #else void StartMapPort() { // Intentionally left blank. } void InterruptMapPort() { // Intentionally left blank. } void StopMapPort() { // Intentionally left blank. } #endif void CConnman::ThreadDNSAddressSeed() { FastRandomContext rng; std::vector seeds = GetRandomizedDNSSeeds(config->GetChainParams()); // Number of seeds left before testing if we have enough connections int seeds_right_now = 0; int found = 0; if (gArgs.GetBoolArg("-forcednsseed", DEFAULT_FORCEDNSSEED)) { // When -forcednsseed is provided, query all. seeds_right_now = seeds.size(); } else if (addrman.size() == 0) { // If we have no known peers, query all. // This will occur on the first run, or if peers.dat has been // deleted. seeds_right_now = seeds.size(); } // goal: only query DNS seed if address need is acute // * If we have a reasonable number of peers in addrman, spend // some time trying them first. This improves user privacy by // creating fewer identifying DNS requests, reduces trust by // giving seeds less influence on the network topology, and // reduces traffic to the seeds. // * When querying DNS seeds query a few at once, this ensures // that we don't give DNS seeds the ability to eclipse nodes // that query them. // * If we continue having problems, eventually query all the // DNS seeds, and if that fails too, also try the fixed seeds. // (done in ThreadOpenConnections) const std::chrono::seconds seeds_wait_time = (addrman.size() >= DNSSEEDS_DELAY_PEER_THRESHOLD ? DNSSEEDS_DELAY_MANY_PEERS : DNSSEEDS_DELAY_FEW_PEERS); for (const std::string &seed : seeds) { if (seeds_right_now == 0) { seeds_right_now += DNSSEEDS_TO_QUERY_AT_ONCE; if (addrman.size() > 0) { LogPrintf("Waiting %d seconds before querying DNS seeds.\n", seeds_wait_time.count()); std::chrono::seconds to_wait = seeds_wait_time; while (to_wait.count() > 0) { // if sleeping for the MANY_PEERS interval, wake up // early to see if we have enough peers and can stop // this thread entirely freeing up its resources std::chrono::seconds w = std::min(DNSSEEDS_DELAY_FEW_PEERS, to_wait); if (!interruptNet.sleep_for(w)) { return; } to_wait -= w; int nRelevant = 0; { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->fSuccessfullyConnected && pnode->IsOutboundOrBlockRelayConn()) { ++nRelevant; } } } if (nRelevant >= 2) { if (found > 0) { LogPrintf("%d addresses found from DNS seeds\n", found); LogPrintf( "P2P peers available. Finished DNS seeding.\n"); } else { LogPrintf( "P2P peers available. Skipped DNS seeding.\n"); } return; } } } } if (interruptNet) { return; } // hold off on querying seeds if P2P network deactivated if (!fNetworkActive) { LogPrintf("Waiting for network to be reactivated before querying " "DNS seeds.\n"); do { if (!interruptNet.sleep_for(std::chrono::seconds{1})) { return; } } while (!fNetworkActive); } LogPrintf("Loading addresses from DNS seed %s\n", seed); if (HaveNameProxy()) { AddAddrFetch(seed); } else { std::vector vIPs; std::vector vAdd; ServiceFlags requiredServiceBits = GetDesirableServiceFlags(NODE_NONE); std::string host = strprintf("x%x.%s", requiredServiceBits, seed); CNetAddr resolveSource; if (!resolveSource.SetInternal(host)) { continue; } // Limits number of IPs learned from a DNS seed unsigned int nMaxIPs = 256; if (LookupHost(host, vIPs, nMaxIPs, true)) { for (const CNetAddr &ip : vIPs) { int nOneDay = 24 * 3600; CAddress addr = CAddress( CService(ip, config->GetChainParams().GetDefaultPort()), requiredServiceBits); // Use a random age between 3 and 7 days old. addr.nTime = GetTime() - 3 * nOneDay - rng.randrange(4 * nOneDay); vAdd.push_back(addr); found++; } addrman.Add(vAdd, resolveSource); } else { // We now avoid directly using results from DNS Seeds which do // not support service bit filtering, instead using them as a // addrfetch to get nodes with our desired service bits. AddAddrFetch(seed); } } --seeds_right_now; } LogPrintf("%d addresses found from DNS seeds\n", found); } void CConnman::DumpAddresses() { int64_t nStart = GetTimeMillis(); CAddrDB adb(config->GetChainParams()); adb.Write(addrman); LogPrint(BCLog::NET, "Flushed %d addresses to peers.dat %dms\n", addrman.size(), GetTimeMillis() - nStart); } void CConnman::ProcessAddrFetch() { std::string strDest; { LOCK(m_addr_fetches_mutex); if (m_addr_fetches.empty()) { return; } strDest = m_addr_fetches.front(); m_addr_fetches.pop_front(); } CAddress addr; CSemaphoreGrant grant(*semOutbound, true); if (grant) { OpenNetworkConnection(addr, false, &grant, strDest.c_str(), ConnectionType::ADDR_FETCH); } } bool CConnman::GetTryNewOutboundPeer() { return m_try_another_outbound_peer; } void CConnman::SetTryNewOutboundPeer(bool flag) { m_try_another_outbound_peer = flag; LogPrint(BCLog::NET, "net: setting try another outbound peer=%s\n", flag ? "true" : "false"); } // Return the number of peers we have over our outbound connection limit. // Exclude peers that are marked for disconnect, or are going to be disconnected // soon (eg ADDR_FETCH and FEELER). // Also exclude peers that haven't finished initial connection handshake yet (so // that we don't decide we're over our desired connection limit, and then evict // some peer that has finished the handshake). int CConnman::GetExtraFullOutboundCount() { int full_outbound_peers = 0; { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsFullOutboundConn()) { ++full_outbound_peers; } } } return std::max(full_outbound_peers - m_max_outbound_full_relay, 0); } int CConnman::GetExtraBlockRelayCount() { int block_relay_peers = 0; { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsBlockOnlyConn()) { ++block_relay_peers; } } } return std::max(block_relay_peers - m_max_outbound_block_relay, 0); } void CConnman::ThreadOpenConnections(const std::vector connect) { // Connect to specific addresses if (!connect.empty()) { for (int64_t nLoop = 0;; nLoop++) { ProcessAddrFetch(); for (const std::string &strAddr : connect) { CAddress addr(CService(), NODE_NONE); OpenNetworkConnection(addr, false, nullptr, strAddr.c_str(), ConnectionType::MANUAL); for (int i = 0; i < 10 && i < nLoop; i++) { if (!interruptNet.sleep_for( std::chrono::milliseconds(500))) { return; } } } if (!interruptNet.sleep_for(std::chrono::milliseconds(500))) { return; } } } // Initiate network connections auto start = GetTime(); // Minimum time before next feeler connection (in microseconds). auto next_feeler = PoissonNextSend(start, FEELER_INTERVAL); auto next_extra_block_relay = PoissonNextSend(start, EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL); const bool dnsseed = gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED); bool add_fixed_seeds = gArgs.GetBoolArg("-fixedseeds", DEFAULT_FIXEDSEEDS); if (!add_fixed_seeds) { LogPrintf("Fixed seeds are disabled\n"); } while (!interruptNet) { ProcessAddrFetch(); if (!interruptNet.sleep_for(std::chrono::milliseconds(500))) { return; } CSemaphoreGrant grant(*semOutbound); if (interruptNet) { return; } if (add_fixed_seeds && addrman.size() == 0) { // When the node starts with an empty peers.dat, there are a few // other sources of peers before we fallback on to fixed seeds: // -dnsseed, -seednode, -addnode If none of those are available, we // fallback on to fixed seeds immediately, else we allow 60 seconds // for any of those sources to populate addrman. bool add_fixed_seeds_now = false; // It is cheapest to check if enough time has passed first. if (GetTime() > start + std::chrono::minutes{1}) { add_fixed_seeds_now = true; LogPrintf("Adding fixed seeds as 60 seconds have passed and " "addrman is empty\n"); } // Checking !dnsseed is cheaper before locking 2 mutexes. if (!add_fixed_seeds_now && !dnsseed) { LOCK2(m_addr_fetches_mutex, cs_vAddedNodes); if (m_addr_fetches.empty() && vAddedNodes.empty()) { add_fixed_seeds_now = true; LogPrintf( "Adding fixed seeds as -dnsseed=0, -addnode is not " "provided and all -seednode(s) attempted\n"); } } if (add_fixed_seeds_now) { CNetAddr local; local.SetInternal("fixedseeds"); addrman.Add(convertSeed6(config->GetChainParams().FixedSeeds()), local); add_fixed_seeds = false; } } // // Choose an address to connect to based on most recently seen // CAddress addrConnect; // Only connect out to one peer per network group (/16 for IPv4). int nOutboundFullRelay = 0; int nOutboundBlockRelay = 0; std::set> setConnected; { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->IsFullOutboundConn()) { nOutboundFullRelay++; } if (pnode->IsBlockOnlyConn()) { nOutboundBlockRelay++; } // Netgroups for inbound and manual peers are not excluded // because our goal here is to not use multiple of our // limited outbound slots on a single netgroup but inbound // and manual peers do not use our outbound slots. Inbound // peers also have the added issue that they could be attacker // controlled and could be used to prevent us from connecting // to particular hosts if we used them here. switch (pnode->m_conn_type) { case ConnectionType::INBOUND: case ConnectionType::MANUAL: break; case ConnectionType::OUTBOUND_FULL_RELAY: case ConnectionType::BLOCK_RELAY: case ConnectionType::ADDR_FETCH: case ConnectionType::FEELER: setConnected.insert( pnode->addr.GetGroup(addrman.m_asmap)); } // no default case, so the compiler can warn about missing // cases } } ConnectionType conn_type = ConnectionType::OUTBOUND_FULL_RELAY; auto now = GetTime(); bool anchor = false; bool fFeeler = false; // Determine what type of connection to open. Opening // BLOCK_RELAY connections to addresses from anchors.dat gets the // highest priority. Then we open OUTBOUND_FULL_RELAY priority until we // meet our full-relay capacity. Then we open BLOCK_RELAY connection // until we hit our block-relay-only peer limit. // GetTryNewOutboundPeer() gets set when a stale tip is detected, so we // try opening an additional OUTBOUND_FULL_RELAY connection. If none of // these conditions are met, check to see if it's time to try an extra // block-relay-only peer (to confirm our tip is current, see below) or // the next_feeler timer to decide if we should open a FEELER. if (!m_anchors.empty() && (nOutboundBlockRelay < m_max_outbound_block_relay)) { conn_type = ConnectionType::BLOCK_RELAY; anchor = true; } else if (nOutboundFullRelay < m_max_outbound_full_relay) { // OUTBOUND_FULL_RELAY } else if (nOutboundBlockRelay < m_max_outbound_block_relay) { conn_type = ConnectionType::BLOCK_RELAY; } else if (GetTryNewOutboundPeer()) { // OUTBOUND_FULL_RELAY } else if (now > next_extra_block_relay && m_start_extra_block_relay_peers) { // Periodically connect to a peer (using regular outbound selection // methodology from addrman) and stay connected long enough to sync // headers, but not much else. // // Then disconnect the peer, if we haven't learned anything new. // // The idea is to make eclipse attacks very difficult to pull off, // because every few minutes we're finding a new peer to learn // headers from. // // This is similar to the logic for trying extra outbound // (full-relay) peers, except: // - we do this all the time on a poisson timer, rather than just // when our tip is stale // - we potentially disconnect our next-youngest block-relay-only // peer, if our newest block-relay-only peer delivers a block more // recently. // See the eviction logic in net_processing.cpp. // // Because we can promote these connections to block-relay-only // connections, they do not get their own ConnectionType enum // (similar to how we deal with extra outbound peers). next_extra_block_relay = PoissonNextSend(now, EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL); conn_type = ConnectionType::BLOCK_RELAY; } else if (now > next_feeler) { next_feeler = PoissonNextSend(now, FEELER_INTERVAL); conn_type = ConnectionType::FEELER; fFeeler = true; } else { // skip to next iteration of while loop continue; } addrman.ResolveCollisions(); int64_t nANow = GetAdjustedTime(); int nTries = 0; while (!interruptNet) { if (anchor && !m_anchors.empty()) { const CAddress addr = m_anchors.back(); m_anchors.pop_back(); if (!addr.IsValid() || IsLocal(addr) || !IsReachable(addr) || !HasAllDesirableServiceFlags(addr.nServices) || setConnected.count(addr.GetGroup(addrman.m_asmap))) { continue; } addrConnect = addr; LogPrint(BCLog::NET, "Trying to make an anchor connection to %s\n", addrConnect.ToString()); break; } // If we didn't find an appropriate destination after trying 100 // addresses fetched from addrman, stop this loop, and let the outer // loop run again (which sleeps, adds seed nodes, recalculates // already-connected network ranges, ...) before trying new addrman // addresses. nTries++; if (nTries > 100) { break; } CAddrInfo addr; if (fFeeler) { // First, try to get a tried table collision address. This // returns an empty (invalid) address if there are no collisions // to try. addr = addrman.SelectTriedCollision(); if (!addr.IsValid()) { // No tried table collisions. Select a new table address // for our feeler. addr = addrman.Select(true); } else if (AlreadyConnectedToAddress(addr)) { // If test-before-evict logic would have us connect to a // peer that we're already connected to, just mark that // address as Good(). We won't be able to initiate the // connection anyway, so this avoids inadvertently evicting // a currently-connected peer. addrman.Good(addr); // Select a new table address for our feeler instead. addr = addrman.Select(true); } } else { // Not a feeler addr = addrman.Select(); } // Require outbound connections, other than feelers, to be to // distinct network groups if (!fFeeler && setConnected.count(addr.GetGroup(addrman.m_asmap))) { break; } // if we selected an invalid or local address, restart if (!addr.IsValid() || IsLocal(addr)) { break; } if (!IsReachable(addr)) { continue; } // only consider very recently tried nodes after 30 failed attempts if (nANow - addr.nLastTry < 600 && nTries < 30) { continue; } // for non-feelers, require all the services we'll want, // for feelers, only require they be a full node (only because most // SPV clients don't have a good address DB available) if (!fFeeler && !HasAllDesirableServiceFlags(addr.nServices)) { continue; } if (fFeeler && !MayHaveUsefulAddressDB(addr.nServices)) { continue; } // do not allow non-default ports, unless after 50 invalid addresses // selected already. if (addr.GetPort() != config->GetChainParams().GetDefaultPort() && nTries < 50) { continue; } addrConnect = addr; break; } if (addrConnect.IsValid()) { if (fFeeler) { // Add small amount of random noise before connection to avoid // synchronization. int randsleep = GetRandInt(FEELER_SLEEP_WINDOW * 1000); if (!interruptNet.sleep_for( std::chrono::milliseconds(randsleep))) { return; } LogPrint(BCLog::NET, "Making feeler connection to %s\n", addrConnect.ToString()); } OpenNetworkConnection(addrConnect, int(setConnected.size()) >= std::min(nMaxConnections - 1, 2), &grant, nullptr, conn_type); } } } std::vector CConnman::GetCurrentBlockRelayOnlyConns() const { std::vector ret; LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->IsBlockOnlyConn()) { ret.push_back(pnode->addr); } } return ret; } std::vector CConnman::GetAddedNodeInfo() { std::vector ret; std::list lAddresses(0); { LOCK(cs_vAddedNodes); ret.reserve(vAddedNodes.size()); std::copy(vAddedNodes.cbegin(), vAddedNodes.cend(), std::back_inserter(lAddresses)); } // Build a map of all already connected addresses (by IP:port and by name) // to inbound/outbound and resolved CService std::map mapConnected; std::map> mapConnectedByName; { LOCK(cs_vNodes); for (const CNode *pnode : vNodes) { if (pnode->addr.IsValid()) { mapConnected[pnode->addr] = pnode->IsInboundConn(); } std::string addrName = pnode->GetAddrName(); if (!addrName.empty()) { mapConnectedByName[std::move(addrName)] = std::make_pair(pnode->IsInboundConn(), static_cast(pnode->addr)); } } } for (const std::string &strAddNode : lAddresses) { CService service(LookupNumeric(strAddNode, Params().GetDefaultPort())); AddedNodeInfo addedNode{strAddNode, CService(), false, false}; if (service.IsValid()) { // strAddNode is an IP:port auto it = mapConnected.find(service); if (it != mapConnected.end()) { addedNode.resolvedAddress = service; addedNode.fConnected = true; addedNode.fInbound = it->second; } } else { // strAddNode is a name auto it = mapConnectedByName.find(strAddNode); if (it != mapConnectedByName.end()) { addedNode.resolvedAddress = it->second.second; addedNode.fConnected = true; addedNode.fInbound = it->second.first; } } ret.emplace_back(std::move(addedNode)); } return ret; } void CConnman::ThreadOpenAddedConnections() { while (true) { CSemaphoreGrant grant(*semAddnode); std::vector vInfo = GetAddedNodeInfo(); bool tried = false; for (const AddedNodeInfo &info : vInfo) { if (!info.fConnected) { if (!grant.TryAcquire()) { // If we've used up our semaphore and need a new one, let's // not wait here since while we are waiting the // addednodeinfo state might change. break; } tried = true; CAddress addr(CService(), NODE_NONE); OpenNetworkConnection(addr, false, &grant, info.strAddedNode.c_str(), ConnectionType::MANUAL); if (!interruptNet.sleep_for(std::chrono::milliseconds(500))) { return; } } } // Retry every 60 seconds if a connection was attempted, otherwise two // seconds. if (!interruptNet.sleep_for(std::chrono::seconds(tried ? 60 : 2))) { return; } } } // If successful, this moves the passed grant to the constructed node. void CConnman::OpenNetworkConnection(const CAddress &addrConnect, bool fCountFailure, CSemaphoreGrant *grantOutbound, const char *pszDest, ConnectionType conn_type) { assert(conn_type != ConnectionType::INBOUND); // // Initiate outbound network connection // if (interruptNet) { return; } if (!fNetworkActive) { return; } if (!pszDest) { bool banned_or_discouraged = m_banman && (m_banman->IsDiscouraged(addrConnect) || m_banman->IsBanned(addrConnect)); if (IsLocal(addrConnect) || banned_or_discouraged || AlreadyConnectedToAddress(addrConnect)) { return; } } else if (FindNode(std::string(pszDest))) { return; } CNode *pnode = ConnectNode(addrConnect, pszDest, fCountFailure, conn_type); if (!pnode) { return; } if (grantOutbound) { grantOutbound->MoveTo(pnode->grantOutbound); } m_msgproc->InitializeNode(*config, pnode); { LOCK(cs_vNodes); vNodes.push_back(pnode); } } void CConnman::ThreadMessageHandler() { while (!flagInterruptMsgProc) { std::vector vNodesCopy; { LOCK(cs_vNodes); vNodesCopy = vNodes; for (CNode *pnode : vNodesCopy) { pnode->AddRef(); } } bool fMoreWork = false; for (CNode *pnode : vNodesCopy) { if (pnode->fDisconnect) { continue; } // Receive messages bool fMoreNodeWork = m_msgproc->ProcessMessages( *config, pnode, flagInterruptMsgProc); fMoreWork |= (fMoreNodeWork && !pnode->fPauseSend); if (flagInterruptMsgProc) { return; } // Send messages { LOCK(pnode->cs_sendProcessing); m_msgproc->SendMessages(*config, pnode); } if (flagInterruptMsgProc) { return; } } { LOCK(cs_vNodes); for (CNode *pnode : vNodesCopy) { pnode->Release(); } } WAIT_LOCK(mutexMsgProc, lock); if (!fMoreWork) { condMsgProc.wait_until(lock, std::chrono::steady_clock::now() + std::chrono::milliseconds(100), [this]() EXCLUSIVE_LOCKS_REQUIRED( mutexMsgProc) { return fMsgProcWake; }); } fMsgProcWake = false; } } void CConnman::ThreadI2PAcceptIncoming() { static constexpr auto err_wait_begin = 1s; static constexpr auto err_wait_cap = 5min; auto err_wait = err_wait_begin; bool advertising_listen_addr = false; i2p::Connection conn; while (!interruptNet) { if (!m_i2p_sam_session->Listen(conn)) { if (advertising_listen_addr && conn.me.IsValid()) { RemoveLocal(conn.me); advertising_listen_addr = false; } interruptNet.sleep_for(err_wait); if (err_wait < err_wait_cap) { err_wait *= 2; } continue; } if (!advertising_listen_addr) { AddLocal(conn.me, LOCAL_MANUAL); advertising_listen_addr = true; } if (!m_i2p_sam_session->Accept(conn)) { continue; } CreateNodeFromAcceptedSocket( - conn.sock.Release(), NetPermissionFlags::PF_NONE, + conn.sock->Release(), NetPermissionFlags::PF_NONE, CAddress{conn.me, NODE_NONE}, CAddress{conn.peer, NODE_NONE}); } } bool CConnman::BindListenPort(const CService &addrBind, bilingual_str &strError, NetPermissionFlags permissions) { int nOne = 1; // Create socket for listening for incoming connections struct sockaddr_storage sockaddr; socklen_t len = sizeof(sockaddr); if (!addrBind.GetSockAddr((struct sockaddr *)&sockaddr, &len)) { strError = strprintf( Untranslated("Error: Bind address family for %s not supported"), addrBind.ToString()); LogPrintf("%s\n", strError.original); return false; } std::unique_ptr sock = CreateSock(addrBind); if (!sock) { strError = strprintf(Untranslated("Error: Couldn't open socket for incoming " "connections (socket returned error %s)"), NetworkErrorString(WSAGetLastError())); LogPrintf("%s\n", strError.original); return false; } // Allow binding if the port is still in TIME_WAIT state after // the program was closed and restarted. setsockopt(sock->Get(), SOL_SOCKET, SO_REUSEADDR, (sockopt_arg_type)&nOne, sizeof(int)); // Some systems don't have IPV6_V6ONLY but are always v6only; others do have // the option and enable it by default or not. Try to enable it, if // possible. if (addrBind.IsIPv6()) { #ifdef IPV6_V6ONLY setsockopt(sock->Get(), IPPROTO_IPV6, IPV6_V6ONLY, (sockopt_arg_type)&nOne, sizeof(int)); #endif #ifdef WIN32 int nProtLevel = PROTECTION_LEVEL_UNRESTRICTED; setsockopt(sock->Get(), IPPROTO_IPV6, IPV6_PROTECTION_LEVEL, (sockopt_arg_type)&nProtLevel, sizeof(int)); #endif } if (::bind(sock->Get(), (struct sockaddr *)&sockaddr, len) == SOCKET_ERROR) { int nErr = WSAGetLastError(); if (nErr == WSAEADDRINUSE) { strError = strprintf(_("Unable to bind to %s on this computer. %s " "is probably already running."), addrBind.ToString(), PACKAGE_NAME); } else { strError = strprintf(_("Unable to bind to %s on this computer " "(bind returned error %s)"), addrBind.ToString(), NetworkErrorString(nErr)); } LogPrintf("%s\n", strError.original); return false; } LogPrintf("Bound to %s\n", addrBind.ToString()); // Listen for incoming connections if (listen(sock->Get(), SOMAXCONN) == SOCKET_ERROR) { strError = strprintf(_("Error: Listening for incoming connections " "failed (listen returned error %s)"), NetworkErrorString(WSAGetLastError())); LogPrintf("%s\n", strError.original); return false; } vhListenSocket.push_back(ListenSocket(sock->Release(), permissions)); return true; } void Discover() { if (!fDiscover) { return; } #ifdef WIN32 // Get local host IP char pszHostName[256] = ""; if (gethostname(pszHostName, sizeof(pszHostName)) != SOCKET_ERROR) { std::vector vaddr; if (LookupHost(pszHostName, vaddr, 0, true)) { for (const CNetAddr &addr : vaddr) { if (AddLocal(addr, LOCAL_IF)) { LogPrintf("%s: %s - %s\n", __func__, pszHostName, addr.ToString()); } } } } #elif (HAVE_DECL_GETIFADDRS && HAVE_DECL_FREEIFADDRS) // Get local host ip struct ifaddrs *myaddrs; if (getifaddrs(&myaddrs) == 0) { for (struct ifaddrs *ifa = myaddrs; ifa != nullptr; ifa = ifa->ifa_next) { if (ifa->ifa_addr == nullptr || (ifa->ifa_flags & IFF_UP) == 0 || strcmp(ifa->ifa_name, "lo") == 0 || strcmp(ifa->ifa_name, "lo0") == 0) { continue; } if (ifa->ifa_addr->sa_family == AF_INET) { struct sockaddr_in *s4 = reinterpret_cast(ifa->ifa_addr); CNetAddr addr(s4->sin_addr); if (AddLocal(addr, LOCAL_IF)) { LogPrintf("%s: IPv4 %s: %s\n", __func__, ifa->ifa_name, addr.ToString()); } } else if (ifa->ifa_addr->sa_family == AF_INET6) { struct sockaddr_in6 *s6 = reinterpret_cast(ifa->ifa_addr); CNetAddr addr(s6->sin6_addr); if (AddLocal(addr, LOCAL_IF)) { LogPrintf("%s: IPv6 %s: %s\n", __func__, ifa->ifa_name, addr.ToString()); } } } freeifaddrs(myaddrs); } #endif } void CConnman::SetNetworkActive(bool active) { LogPrintf("%s: %s\n", __func__, active); if (fNetworkActive == active) { return; } fNetworkActive = active; uiInterface.NotifyNetworkActiveChanged(fNetworkActive); } CConnman::CConnman(const Config &configIn, uint64_t nSeed0In, uint64_t nSeed1In, bool network_active) : config(&configIn), nSeed0(nSeed0In), nSeed1(nSeed1In) { SetTryNewOutboundPeer(false); Options connOptions; Init(connOptions); SetNetworkActive(network_active); } NodeId CConnman::GetNewNodeId() { return nLastNodeId.fetch_add(1); } bool CConnman::Bind(const CService &addr, unsigned int flags, NetPermissionFlags permissions) { if (!(flags & BF_EXPLICIT) && !IsReachable(addr)) { return false; } bilingual_str strError; if (!BindListenPort(addr, strError, permissions)) { if ((flags & BF_REPORT_ERROR) && clientInterface) { clientInterface->ThreadSafeMessageBox( strError, "", CClientUIInterface::MSG_ERROR); } return false; } if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !(permissions & PF_NOBAN)) { AddLocal(addr, LOCAL_BIND); } return true; } bool CConnman::InitBinds(const std::vector &binds, const std::vector &whiteBinds, const std::vector &onion_binds) { bool fBound = false; for (const auto &addrBind : binds) { fBound |= Bind(addrBind, (BF_EXPLICIT | BF_REPORT_ERROR), NetPermissionFlags::PF_NONE); } for (const auto &addrBind : whiteBinds) { fBound |= Bind(addrBind.m_service, (BF_EXPLICIT | BF_REPORT_ERROR), addrBind.m_flags); } if (binds.empty() && whiteBinds.empty()) { struct in_addr inaddr_any; inaddr_any.s_addr = htonl(INADDR_ANY); struct in6_addr inaddr6_any = IN6ADDR_ANY_INIT; fBound |= Bind(CService(inaddr6_any, GetListenPort()), BF_NONE, NetPermissionFlags::PF_NONE); fBound |= Bind(CService(inaddr_any, GetListenPort()), !fBound ? BF_REPORT_ERROR : BF_NONE, NetPermissionFlags::PF_NONE); } for (const auto &addr_bind : onion_binds) { fBound |= Bind(addr_bind, BF_EXPLICIT | BF_DONT_ADVERTISE, NetPermissionFlags::PF_NONE); } return fBound; } bool CConnman::Start(CScheduler &scheduler, const Options &connOptions) { Init(connOptions); if (fListen && !InitBinds(connOptions.vBinds, connOptions.vWhiteBinds, connOptions.onion_binds)) { if (clientInterface) { clientInterface->ThreadSafeMessageBox( _("Failed to listen on any port. Use -listen=0 if you want " "this."), "", CClientUIInterface::MSG_ERROR); } return false; } proxyType i2p_sam; if (GetProxy(NET_I2P, i2p_sam)) { m_i2p_sam_session = std::make_unique( GetDataDir() / "i2p_private_key", i2p_sam.proxy, &interruptNet); } for (const auto &strDest : connOptions.vSeedNodes) { AddAddrFetch(strDest); } if (clientInterface) { clientInterface->InitMessage(_("Loading P2P addresses...").translated); } // Load addresses from peers.dat int64_t nStart = GetTimeMillis(); { CAddrDB adb(config->GetChainParams()); if (adb.Read(addrman)) { LogPrintf("Loaded %i addresses from peers.dat %dms\n", addrman.size(), GetTimeMillis() - nStart); } else { // Addrman can be in an inconsistent state after failure, reset it addrman.Clear(); LogPrintf("Invalid or missing peers.dat; recreating\n"); DumpAddresses(); } } if (m_use_addrman_outgoing) { // Load addresses from anchors.dat m_anchors = ReadAnchors(config->GetChainParams(), GetDataDir() / ANCHORS_DATABASE_FILENAME); if (m_anchors.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) { m_anchors.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS); } LogPrintf( "%i block-relay-only anchors will be tried for connections.\n", m_anchors.size()); } uiInterface.InitMessage(_("Starting network threads...").translated); fAddressesInitialized = true; if (semOutbound == nullptr) { // initialize semaphore semOutbound = std::make_unique( std::min(m_max_outbound, nMaxConnections)); } if (semAddnode == nullptr) { // initialize semaphore semAddnode = std::make_unique(nMaxAddnode); } // // Start threads // assert(m_msgproc); InterruptSocks5(false); interruptNet.reset(); flagInterruptMsgProc = false; { LOCK(mutexMsgProc); fMsgProcWake = false; } // Send and receive from sockets, accept connections threadSocketHandler = std::thread( &TraceThread>, "net", std::function(std::bind(&CConnman::ThreadSocketHandler, this))); if (!gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED)) { LogPrintf("DNS seeding disabled\n"); } else { threadDNSAddressSeed = std::thread(&TraceThread>, "dnsseed", std::function( std::bind(&CConnman::ThreadDNSAddressSeed, this))); } // Initiate manual connections threadOpenAddedConnections = std::thread(&TraceThread>, "addcon", std::function(std::bind( &CConnman::ThreadOpenAddedConnections, this))); if (connOptions.m_use_addrman_outgoing && !connOptions.m_specified_outgoing.empty()) { if (clientInterface) { clientInterface->ThreadSafeMessageBox( _("Cannot provide specific connections and have addrman find " "outgoing connections at the same."), "", CClientUIInterface::MSG_ERROR); } return false; } if (connOptions.m_use_addrman_outgoing || !connOptions.m_specified_outgoing.empty()) { threadOpenConnections = std::thread(&TraceThread>, "opencon", std::function( std::bind(&CConnman::ThreadOpenConnections, this, connOptions.m_specified_outgoing))); } // Process messages threadMessageHandler = std::thread(&TraceThread>, "msghand", std::function( std::bind(&CConnman::ThreadMessageHandler, this))); if (connOptions.m_i2p_accept_incoming && m_i2p_sam_session.get() != nullptr) { threadI2PAcceptIncoming = std::thread(&TraceThread>, "i2paccept", std::function(std::bind( &CConnman::ThreadI2PAcceptIncoming, this))); } // Dump network addresses scheduler.scheduleEvery( [this]() { this->DumpAddresses(); return true; }, DUMP_PEERS_INTERVAL); return true; } class CNetCleanup { public: CNetCleanup() {} ~CNetCleanup() { #ifdef WIN32 // Shutdown Windows Sockets WSACleanup(); #endif } }; static CNetCleanup instance_of_cnetcleanup; void CConnman::Interrupt() { { LOCK(mutexMsgProc); flagInterruptMsgProc = true; } condMsgProc.notify_all(); interruptNet(); InterruptSocks5(true); if (semOutbound) { for (int i = 0; i < m_max_outbound; i++) { semOutbound->post(); } } if (semAddnode) { for (int i = 0; i < nMaxAddnode; i++) { semAddnode->post(); } } } void CConnman::StopThreads() { if (threadI2PAcceptIncoming.joinable()) { threadI2PAcceptIncoming.join(); } if (threadMessageHandler.joinable()) { threadMessageHandler.join(); } if (threadOpenConnections.joinable()) { threadOpenConnections.join(); } if (threadOpenAddedConnections.joinable()) { threadOpenAddedConnections.join(); } if (threadDNSAddressSeed.joinable()) { threadDNSAddressSeed.join(); } if (threadSocketHandler.joinable()) { threadSocketHandler.join(); } } void CConnman::StopNodes() { if (fAddressesInitialized) { DumpAddresses(); fAddressesInitialized = false; if (m_use_addrman_outgoing) { // Anchor connections are only dumped during clean shutdown. std::vector anchors_to_dump = GetCurrentBlockRelayOnlyConns(); if (anchors_to_dump.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) { anchors_to_dump.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS); } DumpAnchors(config->GetChainParams(), GetDataDir() / ANCHORS_DATABASE_FILENAME, anchors_to_dump); } } // Close sockets LOCK(cs_vNodes); for (CNode *pnode : vNodes) { pnode->CloseSocketDisconnect(); } for (ListenSocket &hListenSocket : vhListenSocket) { if (hListenSocket.socket != INVALID_SOCKET) { if (!CloseSocket(hListenSocket.socket)) { LogPrintf("CloseSocket(hListenSocket) failed with error %s\n", NetworkErrorString(WSAGetLastError())); } } } // clean up some globals (to help leak detection) for (CNode *pnode : vNodes) { DeleteNode(pnode); } for (CNode *pnode : vNodesDisconnected) { DeleteNode(pnode); } vNodes.clear(); vNodesDisconnected.clear(); vhListenSocket.clear(); semOutbound.reset(); semAddnode.reset(); } void CConnman::DeleteNode(CNode *pnode) { assert(pnode); bool fUpdateConnectionTime = false; m_msgproc->FinalizeNode(*config, *pnode, fUpdateConnectionTime); if (fUpdateConnectionTime) { addrman.Connected(pnode->addr); } delete pnode; } CConnman::~CConnman() { Interrupt(); Stop(); } void CConnman::SetServices(const CService &addr, ServiceFlags nServices) { addrman.SetServices(addr, nServices); } void CConnman::MarkAddressGood(const CAddress &addr) { addrman.Good(addr); } bool CConnman::AddNewAddresses(const std::vector &vAddr, const CAddress &addrFrom, int64_t nTimePenalty) { return addrman.Add(vAddr, addrFrom, nTimePenalty); } std::vector CConnman::GetAddresses(size_t max_addresses, size_t max_pct) { std::vector addresses = addrman.GetAddr(max_addresses, max_pct); if (m_banman) { addresses.erase(std::remove_if(addresses.begin(), addresses.end(), [this](const CAddress &addr) { return m_banman->IsDiscouraged( addr) || m_banman->IsBanned(addr); }), addresses.end()); } return addresses; } std::vector CConnman::GetAddresses(CNode &requestor, size_t max_addresses, size_t max_pct) { auto local_socket_bytes = requestor.addrBind.GetAddrBytes(); uint64_t cache_id = GetDeterministicRandomizer(RANDOMIZER_ID_ADDRCACHE) .Write(requestor.addr.GetNetwork()) .Write(local_socket_bytes.data(), local_socket_bytes.size()) .Finalize(); const auto current_time = GetTime(); auto r = m_addr_response_caches.emplace(cache_id, CachedAddrResponse{}); CachedAddrResponse &cache_entry = r.first->second; // New CachedAddrResponse have expiration 0. if (cache_entry.m_cache_entry_expiration < current_time) { cache_entry.m_addrs_response_cache = GetAddresses(max_addresses, max_pct); // Choosing a proper cache lifetime is a trade-off between the privacy // leak minimization and the usefulness of ADDR responses to honest // users. // // Longer cache lifetime makes it more difficult for an attacker to // scrape enough AddrMan data to maliciously infer something useful. By // the time an attacker scraped enough AddrMan records, most of the // records should be old enough to not leak topology info by e.g. // analyzing real-time changes in timestamps. // // It takes only several hundred requests to scrape everything from an // AddrMan containing 100,000 nodes, so ~24 hours of cache lifetime // indeed makes the data less inferable by the time most of it could be // scraped (considering that timestamps are updated via ADDR // self-announcements and when nodes communicate). We also should be // robust to those attacks which may not require scraping *full* // victim's AddrMan (because even several timestamps of the same handful // of nodes may leak privacy). // // On the other hand, longer cache lifetime makes ADDR responses // outdated and less useful for an honest requestor, e.g. if most nodes // in the ADDR response are no longer active. // // However, the churn in the network is known to be rather low. Since we // consider nodes to be "terrible" (see IsTerrible()) if the timestamps // are older than 30 days, max. 24 hours of "penalty" due to cache // shouldn't make any meaningful difference in terms of the freshness of // the response. cache_entry.m_cache_entry_expiration = current_time + std::chrono::hours(21) + GetRandMillis(std::chrono::hours(6)); } return cache_entry.m_addrs_response_cache; } bool CConnman::AddNode(const std::string &strNode) { LOCK(cs_vAddedNodes); for (const std::string &it : vAddedNodes) { if (strNode == it) { return false; } } vAddedNodes.push_back(strNode); return true; } bool CConnman::RemoveAddedNode(const std::string &strNode) { LOCK(cs_vAddedNodes); for (std::vector::iterator it = vAddedNodes.begin(); it != vAddedNodes.end(); ++it) { if (strNode == *it) { vAddedNodes.erase(it); return true; } } return false; } size_t CConnman::GetNodeCount(NumConnections flags) { LOCK(cs_vNodes); // Shortcut if we want total if (flags == CConnman::CONNECTIONS_ALL) { return vNodes.size(); } int nNum = 0; for (const auto &pnode : vNodes) { if (flags & (pnode->IsInboundConn() ? CONNECTIONS_IN : CONNECTIONS_OUT)) { nNum++; } } return nNum; } void CConnman::GetNodeStats(std::vector &vstats) { vstats.clear(); LOCK(cs_vNodes); vstats.reserve(vNodes.size()); for (CNode *pnode : vNodes) { vstats.emplace_back(); pnode->copyStats(vstats.back()); vstats.back().m_mapped_as = pnode->addr.GetMappedAS(addrman.m_asmap); } } bool CConnman::DisconnectNode(const std::string &strNode) { LOCK(cs_vNodes); if (CNode *pnode = FindNode(strNode)) { LogPrint(BCLog::NET, "disconnect by address%s matched peer=%d; disconnecting\n", (fLogIPs ? strprintf("=%s", strNode) : ""), pnode->GetId()); pnode->fDisconnect = true; return true; } return false; } bool CConnman::DisconnectNode(const CSubNet &subnet) { bool disconnected = false; LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (subnet.Match(pnode->addr)) { LogPrint(BCLog::NET, "disconnect by subnet%s matched peer=%d; disconnecting\n", (fLogIPs ? strprintf("=%s", subnet.ToString()) : ""), pnode->GetId()); pnode->fDisconnect = true; disconnected = true; } } return disconnected; } bool CConnman::DisconnectNode(const CNetAddr &addr) { return DisconnectNode(CSubNet(addr)); } bool CConnman::DisconnectNode(NodeId id) { LOCK(cs_vNodes); for (CNode *pnode : vNodes) { if (id == pnode->GetId()) { LogPrint(BCLog::NET, "disconnect by id peer=%d; disconnecting\n", pnode->GetId()); pnode->fDisconnect = true; return true; } } return false; } void CConnman::RecordBytesRecv(uint64_t bytes) { LOCK(cs_totalBytesRecv); nTotalBytesRecv += bytes; } void CConnman::RecordBytesSent(uint64_t bytes) { LOCK(cs_totalBytesSent); nTotalBytesSent += bytes; const auto now = GetTime(); if (nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME < now) { // timeframe expired, reset cycle nMaxOutboundCycleStartTime = now; nMaxOutboundTotalBytesSentInCycle = 0; } // TODO, exclude peers with download permission nMaxOutboundTotalBytesSentInCycle += bytes; } uint64_t CConnman::GetMaxOutboundTarget() { LOCK(cs_totalBytesSent); return nMaxOutboundLimit; } std::chrono::seconds CConnman::GetMaxOutboundTimeframe() { return MAX_UPLOAD_TIMEFRAME; } std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle() { LOCK(cs_totalBytesSent); if (nMaxOutboundLimit == 0) { return 0s; } if (nMaxOutboundCycleStartTime.count() == 0) { return MAX_UPLOAD_TIMEFRAME; } const std::chrono::seconds cycleEndTime = nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME; const auto now = GetTime(); return (cycleEndTime < now) ? 0s : cycleEndTime - now; } bool CConnman::OutboundTargetReached(bool historicalBlockServingLimit) { LOCK(cs_totalBytesSent); if (nMaxOutboundLimit == 0) { return false; } if (historicalBlockServingLimit) { // keep a large enough buffer to at least relay each block once. const std::chrono::seconds timeLeftInCycle = GetMaxOutboundTimeLeftInCycle(); const uint64_t buffer = timeLeftInCycle / std::chrono::minutes{10} * ONE_MEGABYTE; if (buffer >= nMaxOutboundLimit || nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit - buffer) { return true; } } else if (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) { return true; } return false; } uint64_t CConnman::GetOutboundTargetBytesLeft() { LOCK(cs_totalBytesSent); if (nMaxOutboundLimit == 0) { return 0; } return (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) ? 0 : nMaxOutboundLimit - nMaxOutboundTotalBytesSentInCycle; } uint64_t CConnman::GetTotalBytesRecv() { LOCK(cs_totalBytesRecv); return nTotalBytesRecv; } uint64_t CConnman::GetTotalBytesSent() { LOCK(cs_totalBytesSent); return nTotalBytesSent; } ServiceFlags CConnman::GetLocalServices() const { return nLocalServices; } unsigned int CConnman::GetReceiveFloodSize() const { return nReceiveFloodSize; } void CNode::AvalancheState::invsPolled(uint32_t count) { invCounters += count; } void CNode::AvalancheState::invsVoted(uint32_t count) { invCounters += uint64_t(count) << 32; } void CNode::AvalancheState::updateAvailabilityScore() { LOCK(cs_statistics); uint64_t windowInvCounters = invCounters.exchange(0); double previousScore = availabilityScore; int64_t polls = windowInvCounters & std::numeric_limits::max(); int64_t votes = windowInvCounters >> 32; availabilityScore = AVALANCHE_STATISTICS_DECAY_FACTOR * (2 * votes - polls) + (1. - AVALANCHE_STATISTICS_DECAY_FACTOR) * previousScore; } double CNode::AvalancheState::getAvailabilityScore() const { // The score is set atomically so there is no need to lock the statistics // when reading. return availabilityScore; } CNode::CNode(NodeId idIn, ServiceFlags nLocalServicesIn, SOCKET hSocketIn, const CAddress &addrIn, uint64_t nKeyedNetGroupIn, uint64_t nLocalHostNonceIn, uint64_t nLocalExtraEntropyIn, const CAddress &addrBindIn, const std::string &addrNameIn, ConnectionType conn_type_in, bool inbound_onion) : nTimeConnected(GetTimeSeconds()), addr(addrIn), addrBind(addrBindIn), m_inbound_onion(inbound_onion), nKeyedNetGroup(nKeyedNetGroupIn), // Don't relay addr messages to peers that we connect to as // block-relay-only peers (to prevent adversaries from inferring these // links from addr traffic). id(idIn), nLocalHostNonce(nLocalHostNonceIn), nLocalExtraEntropy(nLocalExtraEntropyIn), m_conn_type(conn_type_in), nLocalServices(nLocalServicesIn) { if (inbound_onion) { assert(conn_type_in == ConnectionType::INBOUND); } hSocket = hSocketIn; addrName = addrNameIn == "" ? addr.ToStringIPPort() : addrNameIn; if (conn_type_in != ConnectionType::BLOCK_RELAY) { m_tx_relay = std::make_unique(); } // Don't relay proofs if avalanche is disabled if (isAvalancheEnabled(gArgs)) { m_proof_relay = std::make_unique(); } for (const std::string &msg : getAllNetMessageTypes()) { mapRecvBytesPerMsgCmd[msg] = 0; } mapRecvBytesPerMsgCmd[NET_MESSAGE_COMMAND_OTHER] = 0; if (fLogIPs) { LogPrint(BCLog::NET, "Added connection to %s peer=%d\n", addrName, id); } else { LogPrint(BCLog::NET, "Added connection peer=%d\n", id); } m_deserializer = std::make_unique( V1TransportDeserializer(GetConfig().GetChainParams().NetMagic(), SER_NETWORK, INIT_PROTO_VERSION)); m_serializer = std::make_unique(V1TransportSerializer()); } CNode::~CNode() { CloseSocket(hSocket); } bool CConnman::NodeFullyConnected(const CNode *pnode) { return pnode && pnode->fSuccessfullyConnected && !pnode->fDisconnect; } void CConnman::PushMessage(CNode *pnode, CSerializedNetMsg &&msg) { size_t nMessageSize = msg.data.size(); LogPrint(BCLog::NET, "sending %s (%d bytes) peer=%d\n", SanitizeString(msg.m_type), nMessageSize, pnode->GetId()); // make sure we use the appropriate network transport format std::vector serializedHeader; pnode->m_serializer->prepareForTransport(*config, msg, serializedHeader); size_t nTotalSize = nMessageSize + serializedHeader.size(); size_t nBytesSent = 0; { LOCK(pnode->cs_vSend); bool optimisticSend(pnode->vSendMsg.empty()); // log total amount of bytes per message type pnode->mapSendBytesPerMsgCmd[msg.m_type] += nTotalSize; pnode->nSendSize += nTotalSize; if (pnode->nSendSize > nSendBufferMaxSize) { pnode->fPauseSend = true; } pnode->vSendMsg.push_back(std::move(serializedHeader)); if (nMessageSize) { pnode->vSendMsg.push_back(std::move(msg.data)); } // If write queue empty, attempt "optimistic write" if (optimisticSend == true) { nBytesSent = SocketSendData(*pnode); } } if (nBytesSent) { RecordBytesSent(nBytesSent); } } bool CConnman::ForNode(NodeId id, std::function func) { CNode *found = nullptr; LOCK(cs_vNodes); for (auto &&pnode : vNodes) { if (pnode->GetId() == id) { found = pnode; break; } } return found != nullptr && NodeFullyConnected(found) && func(found); } std::chrono::microseconds CConnman::PoissonNextSendInbound(std::chrono::microseconds now, std::chrono::seconds average_interval) { if (m_next_send_inv_to_incoming.load() < now) { // If this function were called from multiple threads simultaneously // it would be possible that both update the next send variable, and // return a different result to their caller. This is not possible in // practice as only the net processing thread invokes this function. m_next_send_inv_to_incoming = PoissonNextSend(now, average_interval); } return m_next_send_inv_to_incoming; } std::chrono::microseconds PoissonNextSend(std::chrono::microseconds now, std::chrono::seconds average_interval) { double unscaled = -log1p(GetRand(1ULL << 48) * -0.0000000000000035527136788 /* -1/2^48 */); return now + std::chrono::duration_cast( unscaled * average_interval + 0.5us); } CSipHasher CConnman::GetDeterministicRandomizer(uint64_t id) const { return CSipHasher(nSeed0, nSeed1).Write(id); } uint64_t CConnman::CalculateKeyedNetGroup(const CAddress &ad) const { std::vector vchNetGroup(ad.GetGroup(addrman.m_asmap)); return GetDeterministicRandomizer(RANDOMIZER_ID_NETGROUP) .Write(vchNetGroup.data(), vchNetGroup.size()) .Finalize(); } /** * This function convert MaxBlockSize from byte to * MB with a decimal precision one digit rounded down * E.g. * 1660000 -> 1.6 * 2010000 -> 2.0 * 1000000 -> 1.0 * 230000 -> 0.2 * 50000 -> 0.0 * * NB behavior for EB<1MB not standardized yet still * the function applies the same algo used for * EB greater or equal to 1MB */ std::string getSubVersionEB(uint64_t MaxBlockSize) { // Prepare EB string we are going to add to SubVer: // 1) translate from byte to MB and convert to string // 2) limit the EB string to the first decimal digit (floored) std::stringstream ebMBs; ebMBs << (MaxBlockSize / (ONE_MEGABYTE / 10)); std::string eb = ebMBs.str(); eb.insert(eb.size() - 1, ".", 1); if (eb.substr(0, 1) == ".") { eb = "0" + eb; } return eb; } std::string userAgent(const Config &config) { // format excessive blocksize value std::string eb = getSubVersionEB(config.GetMaxBlockSize()); std::vector uacomments; uacomments.push_back("EB" + eb); // Comments are checked for char compliance at startup, it is safe to add // them to the user agent string for (const std::string &cmt : gArgs.GetArgs("-uacomment")) { uacomments.push_back(cmt); } const std::string client_name = gArgs.GetArg("-uaclientname", CLIENT_NAME); const std::string client_version = gArgs.GetArg("-uaclientversion", FormatVersion(CLIENT_VERSION)); // Size compliance is checked at startup, it is safe to not check it again return FormatUserAgent(client_name, client_version, uacomments); } diff --git a/src/netbase.cpp b/src/netbase.cpp index 76c04a4c1..43bee4d77 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -1,966 +1,953 @@ // Copyright (c) 2009-2010 Satoshi Nakamoto // Copyright (c) 2009-2016 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifndef WIN32 #include #else #include #endif #ifdef USE_POLL #include #endif // Settings static Mutex g_proxyinfo_mutex; static proxyType proxyInfo[NET_MAX] GUARDED_BY(g_proxyinfo_mutex); static proxyType nameProxy GUARDED_BY(g_proxyinfo_mutex); int nConnectTimeout = DEFAULT_CONNECT_TIMEOUT; bool fNameLookup = DEFAULT_NAME_LOOKUP; // Need ample time for negotiation for very slow proxies such as Tor // (milliseconds) static const int SOCKS5_RECV_TIMEOUT = 20 * 1000; static std::atomic interruptSocks5Recv(false); enum Network ParseNetwork(const std::string &net_in) { std::string net = ToLower(net_in); if (net == "ipv4") { return NET_IPV4; } if (net == "ipv6") { return NET_IPV6; } if (net == "onion") { return NET_ONION; } if (net == "tor") { LogPrintf("Warning: net name 'tor' is deprecated and will be removed " "in the future. You should use 'onion' instead.\n"); return NET_ONION; } if (net == "i2p") { return NET_I2P; } return NET_UNROUTABLE; } std::string GetNetworkName(enum Network net) { switch (net) { case NET_UNROUTABLE: return "not_publicly_routable"; case NET_IPV4: return "ipv4"; case NET_IPV6: return "ipv6"; case NET_ONION: return "onion"; case NET_I2P: return "i2p"; case NET_CJDNS: return "cjdns"; case NET_INTERNAL: return "internal"; case NET_MAX: assert(false); } // no default case, so the compiler can warn about missing cases assert(false); } std::vector GetNetworkNames(bool append_unroutable) { std::vector names; for (int n = 0; n < NET_MAX; ++n) { const enum Network network { static_cast(n) }; if (network == NET_UNROUTABLE || network == NET_CJDNS || network == NET_INTERNAL) { continue; } names.emplace_back(GetNetworkName(network)); } if (append_unroutable) { names.emplace_back(GetNetworkName(NET_UNROUTABLE)); } return names; } static bool LookupIntern(const std::string &name, std::vector &vIP, unsigned int nMaxSolutions, bool fAllowLookup) { vIP.clear(); if (!ValidAsCString(name)) { return false; } { CNetAddr addr; // From our perspective, onion addresses are not hostnames but rather // direct encodings of CNetAddr much like IPv4 dotted-decimal notation // or IPv6 colon-separated hextet notation. Since we can't use // getaddrinfo to decode them and it wouldn't make sense to resolve // them, we return a network address representing it instead. See // CNetAddr::SetSpecial(const std::string&) for more details. if (addr.SetSpecial(name)) { vIP.push_back(addr); return true; } } struct addrinfo aiHint; memset(&aiHint, 0, sizeof(struct addrinfo)); // We want a TCP port, which is a streaming socket type aiHint.ai_socktype = SOCK_STREAM; aiHint.ai_protocol = IPPROTO_TCP; // We don't care which address family (IPv4 or IPv6) is returned aiHint.ai_family = AF_UNSPEC; // If we allow lookups of hostnames, use the AI_ADDRCONFIG flag to only // return addresses whose family we have an address configured for. // // If we don't allow lookups, then use the AI_NUMERICHOST flag for // getaddrinfo to only decode numerical network addresses and suppress // hostname lookups. aiHint.ai_flags = fAllowLookup ? AI_ADDRCONFIG : AI_NUMERICHOST; struct addrinfo *aiRes = nullptr; int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes); if (nErr) { return false; } // Traverse the linked list starting with aiTrav, add all non-internal // IPv4,v6 addresses to vIP while respecting nMaxSolutions. struct addrinfo *aiTrav = aiRes; while (aiTrav != nullptr && (nMaxSolutions == 0 || vIP.size() < nMaxSolutions)) { CNetAddr resolved; if (aiTrav->ai_family == AF_INET) { assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in)); resolved = CNetAddr(reinterpret_cast(aiTrav->ai_addr) ->sin_addr); } if (aiTrav->ai_family == AF_INET6) { assert(aiTrav->ai_addrlen >= sizeof(sockaddr_in6)); struct sockaddr_in6 *s6 = reinterpret_cast(aiTrav->ai_addr); resolved = CNetAddr(s6->sin6_addr, s6->sin6_scope_id); } // Never allow resolving to an internal address. Consider any such // result invalid. if (!resolved.IsInternal()) { vIP.push_back(resolved); } aiTrav = aiTrav->ai_next; } freeaddrinfo(aiRes); return (vIP.size() > 0); } /** * Resolve a host string to its corresponding network addresses. * * @param name The string representing a host. Could be a name or a numerical * IP address (IPv6 addresses in their bracketed form are * allowed). * @param[out] vIP The resulting network addresses to which the specified host * string resolved. * * @returns Whether or not the specified host string successfully resolved to * any resulting network addresses. * * @see Lookup(const char *, std::vector&, int, bool, unsigned int) * for additional parameter descriptions. */ bool LookupHost(const std::string &name, std::vector &vIP, unsigned int nMaxSolutions, bool fAllowLookup) { if (!ValidAsCString(name)) { return false; } std::string strHost = name; if (strHost.empty()) { return false; } if (strHost.front() == '[' && strHost.back() == ']') { strHost = strHost.substr(1, strHost.size() - 2); } return LookupIntern(strHost, vIP, nMaxSolutions, fAllowLookup); } /** * Resolve a host string to its first corresponding network address. * * @see LookupHost(const std::string&, std::vector&, unsigned int, * bool) for additional parameter descriptions. */ bool LookupHost(const std::string &name, CNetAddr &addr, bool fAllowLookup) { if (!ValidAsCString(name)) { return false; } std::vector vIP; LookupHost(name, vIP, 1, fAllowLookup); if (vIP.empty()) { return false; } addr = vIP.front(); return true; } /** * Resolve a service string to its corresponding service. * * @param name The string representing a service. Could be a name or a * numerical IP address (IPv6 addresses should be in their * disambiguated bracketed form), optionally followed by a port * number. (e.g. example.com:8333 or * [2001:db8:85a3:8d3:1319:8a2e:370:7348]:420) * @param[out] vAddr The resulting services to which the specified service * string resolved. * @param portDefault The default port for resulting services if not specified * by the service string. * @param fAllowLookup Whether or not hostname lookups are permitted. If yes, * external queries may be performed. * @param nMaxSolutions The maximum number of results we want, specifying 0 * means "as many solutions as we get." * * @returns Whether or not the service string successfully resolved to any * resulting services. */ bool Lookup(const std::string &name, std::vector &vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions) { if (name.empty() || !ValidAsCString(name)) { return false; } int port = portDefault; std::string hostname; SplitHostPort(name, port, hostname); std::vector vIP; bool fRet = LookupIntern(hostname, vIP, nMaxSolutions, fAllowLookup); if (!fRet) { return false; } vAddr.resize(vIP.size()); for (unsigned int i = 0; i < vIP.size(); i++) { vAddr[i] = CService(vIP[i], port); } return true; } /** * Resolve a service string to its first corresponding service. * * @see Lookup(const char *, std::vector&, int, bool, unsigned int) * for additional parameter descriptions. */ bool Lookup(const std::string &name, CService &addr, int portDefault, bool fAllowLookup) { if (!ValidAsCString(name)) { return false; } std::vector vService; bool fRet = Lookup(name, vService, portDefault, fAllowLookup, 1); if (!fRet) { return false; } addr = vService[0]; return true; } /** * Resolve a service string with a numeric IP to its first corresponding * service. * * @returns The resulting CService if the resolution was successful, [::]:0 * otherwise. * * @see Lookup(const char *, CService&, int, bool) for additional parameter * descriptions. */ CService LookupNumeric(const std::string &name, int portDefault) { if (!ValidAsCString(name)) { return {}; } CService addr; // "1.2:345" will fail to resolve the ip, but will still set the port. // If the ip fails to resolve, re-init the result. if (!Lookup(name, addr, portDefault, false)) { addr = CService(); } return addr; } /** SOCKS version */ enum SOCKSVersion : uint8_t { SOCKS4 = 0x04, SOCKS5 = 0x05 }; /** Values defined for METHOD in RFC1928 */ enum SOCKS5Method : uint8_t { NOAUTH = 0x00, //!< No authentication required GSSAPI = 0x01, //!< GSSAPI USER_PASS = 0x02, //!< Username/password NO_ACCEPTABLE = 0xff, //!< No acceptable methods }; /** Values defined for CMD in RFC1928 */ enum SOCKS5Command : uint8_t { CONNECT = 0x01, BIND = 0x02, UDP_ASSOCIATE = 0x03 }; /** Values defined for REP in RFC1928 */ enum SOCKS5Reply : uint8_t { SUCCEEDED = 0x00, //!< Succeeded GENFAILURE = 0x01, //!< General failure NOTALLOWED = 0x02, //!< Connection not allowed by ruleset NETUNREACHABLE = 0x03, //!< Network unreachable HOSTUNREACHABLE = 0x04, //!< Network unreachable CONNREFUSED = 0x05, //!< Connection refused TTLEXPIRED = 0x06, //!< TTL expired CMDUNSUPPORTED = 0x07, //!< Command not supported ATYPEUNSUPPORTED = 0x08, //!< Address type not supported }; /** Values defined for ATYPE in RFC1928 */ enum SOCKS5Atyp : uint8_t { IPV4 = 0x01, DOMAINNAME = 0x03, IPV6 = 0x04, }; /** Status codes that can be returned by InterruptibleRecv */ enum class IntrRecvError { OK, Timeout, Disconnected, NetworkError, Interrupted }; /** * Try to read a specified number of bytes from a socket. Please read the "see * also" section for more detail. * * @param data The buffer where the read bytes should be stored. * @param len The number of bytes to read into the specified buffer. * @param timeout The total timeout in milliseconds for this read. * @param sock The socket (has to be in non-blocking mode) from which to read * bytes. * * @returns An IntrRecvError indicating the resulting status of this read. * IntrRecvError::OK only if all of the specified number of bytes were * read. * * @see This function can be interrupted by calling InterruptSocks5(bool). * Sockets can be made non-blocking with SetSocketNonBlocking(const * SOCKET&, bool). */ static IntrRecvError InterruptibleRecv(uint8_t *data, size_t len, int timeout, const Sock &sock) { int64_t curTime = GetTimeMillis(); int64_t endTime = curTime + timeout; while (len > 0 && curTime < endTime) { // Optimistically try the recv first ssize_t ret = sock.Recv(data, len, 0); if (ret > 0) { len -= ret; data += ret; } else if (ret == 0) { // Unexpected disconnection return IntrRecvError::Disconnected; } else { // Other error or blocking int nErr = WSAGetLastError(); if (nErr == WSAEINPROGRESS || nErr == WSAEWOULDBLOCK || nErr == WSAEINVAL) { // Only wait at most MAX_WAIT_FOR_IO at a time, unless // we're approaching the end of the specified total timeout const auto remaining = std::chrono::milliseconds{endTime - curTime}; const auto timeout_ = std::min( remaining, std::chrono::milliseconds{MAX_WAIT_FOR_IO}); if (!sock.Wait(timeout_, Sock::RECV)) { return IntrRecvError::NetworkError; } } else { return IntrRecvError::NetworkError; } } if (interruptSocks5Recv) { return IntrRecvError::Interrupted; } curTime = GetTimeMillis(); } return len == 0 ? IntrRecvError::OK : IntrRecvError::Timeout; } /** Credentials for proxy authentication */ struct ProxyCredentials { std::string username; std::string password; }; /** Convert SOCKS5 reply to an error message */ static std::string Socks5ErrorString(uint8_t err) { switch (err) { case SOCKS5Reply::GENFAILURE: return "general failure"; case SOCKS5Reply::NOTALLOWED: return "connection not allowed"; case SOCKS5Reply::NETUNREACHABLE: return "network unreachable"; case SOCKS5Reply::HOSTUNREACHABLE: return "host unreachable"; case SOCKS5Reply::CONNREFUSED: return "connection refused"; case SOCKS5Reply::TTLEXPIRED: return "TTL expired"; case SOCKS5Reply::CMDUNSUPPORTED: return "protocol error"; case SOCKS5Reply::ATYPEUNSUPPORTED: return "address type not supported"; default: return "unknown"; } } /** * Connect to a specified destination service through an already connected * SOCKS5 proxy. * * @param strDest The destination fully-qualified domain name. * @param port The destination port. * @param auth The credentials with which to authenticate with the specified * SOCKS5 proxy. * @param sock The SOCKS5 proxy socket. * * @returns Whether or not the operation succeeded. * * @note The specified SOCKS5 proxy socket must already be connected to the * SOCKS5 proxy. * * @see RFC1928: SOCKS Protocol * Version 5 */ static bool Socks5(const std::string &strDest, int port, const ProxyCredentials *auth, const Sock &sock) { IntrRecvError recvr; LogPrint(BCLog::NET, "SOCKS5 connecting %s\n", strDest); if (strDest.size() > 255) { return error("Hostname too long"); } // Construct the version identifier/method selection message std::vector vSocks5Init; // We want the SOCK5 protocol vSocks5Init.push_back(SOCKSVersion::SOCKS5); if (auth) { // 2 method identifiers follow... vSocks5Init.push_back(0x02); vSocks5Init.push_back(SOCKS5Method::NOAUTH); vSocks5Init.push_back(SOCKS5Method::USER_PASS); } else { // 1 method identifier follows... vSocks5Init.push_back(0x01); vSocks5Init.push_back(SOCKS5Method::NOAUTH); } ssize_t ret = sock.Send(vSocks5Init.data(), vSocks5Init.size(), MSG_NOSIGNAL); if (ret != (ssize_t)vSocks5Init.size()) { return error("Error sending to proxy"); } uint8_t pchRet1[2]; if ((recvr = InterruptibleRecv(pchRet1, 2, SOCKS5_RECV_TIMEOUT, sock)) != IntrRecvError::OK) { LogPrintf("Socks5() connect to %s:%d failed: InterruptibleRecv() " "timeout or other failure\n", strDest, port); return false; } if (pchRet1[0] != SOCKSVersion::SOCKS5) { return error("Proxy failed to initialize"); } if (pchRet1[1] == SOCKS5Method::USER_PASS && auth) { // Perform username/password authentication (as described in RFC1929) std::vector vAuth; // Current (and only) version of user/pass subnegotiation vAuth.push_back(0x01); if (auth->username.size() > 255 || auth->password.size() > 255) { return error("Proxy username or password too long"); } vAuth.push_back(auth->username.size()); vAuth.insert(vAuth.end(), auth->username.begin(), auth->username.end()); vAuth.push_back(auth->password.size()); vAuth.insert(vAuth.end(), auth->password.begin(), auth->password.end()); ret = sock.Send(vAuth.data(), vAuth.size(), MSG_NOSIGNAL); if (ret != (ssize_t)vAuth.size()) { return error("Error sending authentication to proxy"); } LogPrint(BCLog::PROXY, "SOCKS5 sending proxy authentication %s:%s\n", auth->username, auth->password); uint8_t pchRetA[2]; if ((recvr = InterruptibleRecv(pchRetA, 2, SOCKS5_RECV_TIMEOUT, sock)) != IntrRecvError::OK) { return error("Error reading proxy authentication response"); } if (pchRetA[0] != 0x01 || pchRetA[1] != 0x00) { return error("Proxy authentication unsuccessful"); } } else if (pchRet1[1] == SOCKS5Method::NOAUTH) { // Perform no authentication } else { return error("Proxy requested wrong authentication method %02x", pchRet1[1]); } std::vector vSocks5; // VER protocol version vSocks5.push_back(SOCKSVersion::SOCKS5); // CMD CONNECT vSocks5.push_back(SOCKS5Command::CONNECT); // RSV Reserved must be 0 vSocks5.push_back(0x00); // ATYP DOMAINNAME vSocks5.push_back(SOCKS5Atyp::DOMAINNAME); // Length<=255 is checked at beginning of function vSocks5.push_back(strDest.size()); vSocks5.insert(vSocks5.end(), strDest.begin(), strDest.end()); vSocks5.push_back((port >> 8) & 0xFF); vSocks5.push_back((port >> 0) & 0xFF); ret = sock.Send(vSocks5.data(), vSocks5.size(), MSG_NOSIGNAL); if (ret != (ssize_t)vSocks5.size()) { return error("Error sending to proxy"); } uint8_t pchRet2[4]; if ((recvr = InterruptibleRecv(pchRet2, 4, SOCKS5_RECV_TIMEOUT, sock)) != IntrRecvError::OK) { if (recvr == IntrRecvError::Timeout) { /** * If a timeout happens here, this effectively means we timed out * while connecting to the remote node. This is very common for Tor, * so do not print an error message. */ return false; } else { return error("Error while reading proxy response"); } } if (pchRet2[0] != SOCKSVersion::SOCKS5) { return error("Proxy failed to accept request"); } if (pchRet2[1] != SOCKS5Reply::SUCCEEDED) { // Failures to connect to a peer that are not proxy errors LogPrintf("Socks5() connect to %s:%d failed: %s\n", strDest, port, Socks5ErrorString(pchRet2[1])); return false; } // Reserved field must be 0 if (pchRet2[2] != 0x00) { return error("Error: malformed proxy response"); } uint8_t pchRet3[256]; switch (pchRet2[3]) { case SOCKS5Atyp::IPV4: recvr = InterruptibleRecv(pchRet3, 4, SOCKS5_RECV_TIMEOUT, sock); break; case SOCKS5Atyp::IPV6: recvr = InterruptibleRecv(pchRet3, 16, SOCKS5_RECV_TIMEOUT, sock); break; case SOCKS5Atyp::DOMAINNAME: { recvr = InterruptibleRecv(pchRet3, 1, SOCKS5_RECV_TIMEOUT, sock); if (recvr != IntrRecvError::OK) { return error("Error reading from proxy"); } int nRecv = pchRet3[0]; recvr = InterruptibleRecv(pchRet3, nRecv, SOCKS5_RECV_TIMEOUT, sock); break; } default: return error("Error: malformed proxy response"); } if (recvr != IntrRecvError::OK) { return error("Error reading from proxy"); } if ((recvr = InterruptibleRecv(pchRet3, 2, SOCKS5_RECV_TIMEOUT, sock)) != IntrRecvError::OK) { return error("Error reading from proxy"); } LogPrint(BCLog::NET, "SOCKS5 connected %s\n", strDest); return true; } std::unique_ptr CreateSockTCP(const CService &address_family) { // Create a sockaddr from the specified service. struct sockaddr_storage sockaddr; socklen_t len = sizeof(sockaddr); if (!address_family.GetSockAddr((struct sockaddr *)&sockaddr, &len)) { LogPrintf("Cannot create socket for %s: unsupported network\n", address_family.ToString()); return nullptr; } // Create a TCP socket in the address family of the specified service. SOCKET hSocket = socket(((struct sockaddr *)&sockaddr)->sa_family, SOCK_STREAM, IPPROTO_TCP); if (hSocket == INVALID_SOCKET) { return nullptr; } // Ensure that waiting for I/O on this socket won't result in undefined // behavior. if (!IsSelectableSocket(hSocket)) { CloseSocket(hSocket); LogPrintf("Cannot create connection: non-selectable socket created (fd " ">= FD_SETSIZE ?)\n"); return nullptr; } #ifdef SO_NOSIGPIPE int set = 1; // Set the no-sigpipe option on the socket for BSD systems, other UNIXes // should use the MSG_NOSIGNAL flag for every send. setsockopt(hSocket, SOL_SOCKET, SO_NOSIGPIPE, (sockopt_arg_type)&set, sizeof(int)); #endif // Set the no-delay option (disable Nagle's algorithm) on the TCP socket. SetSocketNoDelay(hSocket); // Set the non-blocking option on the socket. if (!SetSocketNonBlocking(hSocket, true)) { CloseSocket(hSocket); LogPrintf("CreateSocket: Setting socket to non-blocking " "failed, error %s\n", NetworkErrorString(WSAGetLastError())); return nullptr; } return std::make_unique(hSocket); } std::function(const CService &)> CreateSock = CreateSockTCP; template static void LogConnectFailure(bool manual_connection, const char *fmt, const Args &... args) { std::string error_message = tfm::format(fmt, args...); if (manual_connection) { LogPrintf("%s\n", error_message); } else { LogPrint(BCLog::NET, "%s\n", error_message); } } /** * Try to connect to the specified service on the specified socket. * * @param addrConnect The service to which to connect. - * @param hSocket The socket on which to connect. + * @param sock The socket on which to connect. * @param nTimeout Wait this many milliseconds for the connection to be * established. * @param manual_connection Whether or not the connection was manually requested * (e.g. through the addnode RPC) * * @returns Whether or not a connection was successfully made. */ -bool ConnectSocketDirectly(const CService &addrConnect, const SOCKET &hSocket, +bool ConnectSocketDirectly(const CService &addrConnect, const Sock &sock, int nTimeout, bool manual_connection) { // Create a sockaddr from the specified service. struct sockaddr_storage sockaddr; socklen_t len = sizeof(sockaddr); - if (hSocket == INVALID_SOCKET) { + if (sock.Get() == INVALID_SOCKET) { LogPrintf("Cannot connect to %s: invalid socket\n", addrConnect.ToString()); return false; } if (!addrConnect.GetSockAddr((struct sockaddr *)&sockaddr, &len)) { LogPrintf("Cannot connect to %s: unsupported network\n", addrConnect.ToString()); return false; } // Connect to the addrConnect service on the hSocket socket. - if (connect(hSocket, (struct sockaddr *)&sockaddr, len) == SOCKET_ERROR) { + if (sock.Connect(reinterpret_cast(&sockaddr), len) == + SOCKET_ERROR) { int nErr = WSAGetLastError(); // WSAEINVAL is here because some legacy version of winsock uses it if (nErr == WSAEINPROGRESS || nErr == WSAEWOULDBLOCK || nErr == WSAEINVAL) { // Connection didn't actually fail, but is being established // asynchronously. Thus, use async I/O api (select/poll) // synchronously to check for successful connection with a timeout. -#ifdef USE_POLL - struct pollfd pollfd = {}; - pollfd.fd = hSocket; - pollfd.events = POLLIN | POLLOUT; - int nRet = poll(&pollfd, 1, nTimeout); -#else - struct timeval timeout = MillisToTimeval(nTimeout); - fd_set fdset; - FD_ZERO(&fdset); - FD_SET(hSocket, &fdset); - int nRet = select(hSocket + 1, nullptr, &fdset, nullptr, &timeout); -#endif - // Upon successful completion, both select and poll return the total - // number of file descriptors that have been selected. A value of 0 - // indicates that the call timed out and no file descriptors have - // been selected. - if (nRet == 0) { - LogPrint(BCLog::NET, "connection to %s timeout\n", - addrConnect.ToString()); - return false; - } - if (nRet == SOCKET_ERROR) { - LogPrintf("select() for %s failed: %s\n", + const Sock::Event requested = Sock::RECV | Sock::SEND; + Sock::Event occurred; + if (!sock.Wait(std::chrono::milliseconds{nTimeout}, requested, + &occurred)) { + LogPrintf("wait for connect to %s failed: %s\n", addrConnect.ToString(), NetworkErrorString(WSAGetLastError())); return false; + } else if (occurred == 0) { + LogPrint(BCLog::NET, "connection attempt to %s timed out\n", + addrConnect.ToString()); + return false; } - // Even if the select/poll was successful, the connect might not + // Even if the wait was successful, the connect might not // have been successful. The reason for this failure is hidden away // in the SO_ERROR for the socket in modern systems. We read it into - // nRet here. - socklen_t nRetSize = sizeof(nRet); - if (getsockopt(hSocket, SOL_SOCKET, SO_ERROR, - (sockopt_arg_type)&nRet, - &nRetSize) == SOCKET_ERROR) { + // sockerr here. + int sockerr; + socklen_t sockerr_len = sizeof(sockerr); + if (sock.GetSockOpt(SOL_SOCKET, SO_ERROR, + (sockopt_arg_type)&sockerr, + &sockerr_len) == SOCKET_ERROR) { LogPrintf("getsockopt() for %s failed: %s\n", addrConnect.ToString(), NetworkErrorString(WSAGetLastError())); return false; } - if (nRet != 0) { - LogConnectFailure(manual_connection, - "connect() to %s failed after select(): %s", - addrConnect.ToString(), - NetworkErrorString(nRet)); + if (sockerr != 0) { + LogConnectFailure( + manual_connection, "connect() to %s failed after wait: %s", + addrConnect.ToString(), NetworkErrorString(sockerr)); return false; } } #ifdef WIN32 else if (WSAGetLastError() != WSAEISCONN) #else else #endif { LogConnectFailure(manual_connection, "connect() to %s failed: %s", addrConnect.ToString(), NetworkErrorString(WSAGetLastError())); return false; } } return true; } bool SetProxy(enum Network net, const proxyType &addrProxy) { assert(net >= 0 && net < NET_MAX); if (!addrProxy.IsValid()) { return false; } LOCK(g_proxyinfo_mutex); proxyInfo[net] = addrProxy; return true; } bool GetProxy(enum Network net, proxyType &proxyInfoOut) { assert(net >= 0 && net < NET_MAX); LOCK(g_proxyinfo_mutex); if (!proxyInfo[net].IsValid()) { return false; } proxyInfoOut = proxyInfo[net]; return true; } /** * Set the name proxy to use for all connections to nodes specified by a * hostname. After setting this proxy, connecting to a node specified by a * hostname won't result in a local lookup of said hostname, rather, connect to * the node by asking the name proxy for a proxy connection to the hostname, * effectively delegating the hostname lookup to the specified proxy. * * This delegation increases privacy for those who set the name proxy as they no * longer leak their external hostname queries to their DNS servers. * * @returns Whether or not the operation succeeded. * * @note SOCKS5's support for UDP-over-SOCKS5 has been considered, but no SOCK5 * server in common use (most notably Tor) actually implements UDP * support, and a DNS resolver is beyond the scope of this project. */ bool SetNameProxy(const proxyType &addrProxy) { if (!addrProxy.IsValid()) { return false; } LOCK(g_proxyinfo_mutex); nameProxy = addrProxy; return true; } bool GetNameProxy(proxyType &nameProxyOut) { LOCK(g_proxyinfo_mutex); if (!nameProxy.IsValid()) { return false; } nameProxyOut = nameProxy; return true; } bool HaveNameProxy() { LOCK(g_proxyinfo_mutex); return nameProxy.IsValid(); } bool IsProxy(const CNetAddr &addr) { LOCK(g_proxyinfo_mutex); for (int i = 0; i < NET_MAX; i++) { if (addr == static_cast(proxyInfo[i].proxy)) { return true; } } return false; } /** * Connect to a specified destination service through a SOCKS5 proxy by first * connecting to the SOCKS5 proxy. * * @param proxy The SOCKS5 proxy. * @param strDest The destination service to which to connect. * @param port The destination port. * @param sock The socket on which to connect to the SOCKS5 proxy. * @param nTimeout Wait this many milliseconds for the connection to the SOCKS5 * proxy to be established. * @param[out] outProxyConnectionFailed Whether or not the connection to the * SOCKS5 proxy failed. * * @returns Whether or not the operation succeeded. */ bool ConnectThroughProxy(const proxyType &proxy, const std::string &strDest, int port, const Sock &sock, int nTimeout, bool &outProxyConnectionFailed) { // first connect to proxy server - if (!ConnectSocketDirectly(proxy.proxy, sock.Get(), nTimeout, true)) { + if (!ConnectSocketDirectly(proxy.proxy, sock, nTimeout, true)) { outProxyConnectionFailed = true; return false; } // do socks negotiation if (proxy.randomize_credentials) { ProxyCredentials random_auth; static std::atomic_int counter(0); random_auth.username = random_auth.password = strprintf("%i", counter++); if (!Socks5(strDest, uint16_t(port), &random_auth, sock)) { return false; } } else if (!Socks5(strDest, uint16_t(port), 0, sock)) { return false; } return true; } /** * Parse and resolve a specified subnet string into the appropriate internal * representation. * * @param strSubnet A string representation of a subnet of the form `network * address [ "/", ( CIDR-style suffix | netmask ) ]`(e.g. * `2001:db8::/32`, `192.0.2.0/255.255.255.0`, or `8.8.8.8`). * @param ret The resulting internal representation of a subnet. * * @returns Whether the operation succeeded or not. */ bool LookupSubNet(const std::string &strSubnet, CSubNet &ret) { if (!ValidAsCString(strSubnet)) { return false; } size_t slash = strSubnet.find_last_of('/'); std::vector vIP; std::string strAddress = strSubnet.substr(0, slash); // TODO: Use LookupHost(const std::string&, CNetAddr&, bool) instead to just // get one CNetAddr. if (LookupHost(strAddress, vIP, 1, false)) { CNetAddr network = vIP[0]; if (slash != strSubnet.npos) { std::string strNetmask = strSubnet.substr(slash + 1); uint8_t n; if (ParseUInt8(strNetmask, &n)) { // If valid number, assume CIDR variable-length subnet masking ret = CSubNet(network, n); return ret.IsValid(); } else { // If not a valid number, try full netmask syntax // Never allow lookup for netmask if (LookupHost(strNetmask, vIP, 1, false)) { ret = CSubNet(network, vIP[0]); return ret.IsValid(); } } } else { ret = CSubNet(network); return ret.IsValid(); } } return false; } bool SetSocketNonBlocking(const SOCKET &hSocket, bool fNonBlocking) { if (fNonBlocking) { #ifdef WIN32 u_long nOne = 1; if (ioctlsocket(hSocket, FIONBIO, &nOne) == SOCKET_ERROR) { #else int fFlags = fcntl(hSocket, F_GETFL, 0); if (fcntl(hSocket, F_SETFL, fFlags | O_NONBLOCK) == SOCKET_ERROR) { #endif return false; } } else { #ifdef WIN32 u_long nZero = 0; if (ioctlsocket(hSocket, FIONBIO, &nZero) == SOCKET_ERROR) { #else int fFlags = fcntl(hSocket, F_GETFL, 0); if (fcntl(hSocket, F_SETFL, fFlags & ~O_NONBLOCK) == SOCKET_ERROR) { #endif return false; } } return true; } bool SetSocketNoDelay(const SOCKET &hSocket) { int set = 1; int rc = setsockopt(hSocket, IPPROTO_TCP, TCP_NODELAY, (sockopt_arg_type)&set, sizeof(int)); return rc == 0; } void InterruptSocks5(bool interrupt) { interruptSocks5Recv = interrupt; } diff --git a/src/netbase.h b/src/netbase.h index 032869809..844df61a8 100644 --- a/src/netbase.h +++ b/src/netbase.h @@ -1,94 +1,93 @@ // Copyright (c) 2009-2016 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef BITCOIN_NETBASE_H #define BITCOIN_NETBASE_H #if defined(HAVE_CONFIG_H) #include #endif #include #include #include #include #include #include #include #include #include extern int nConnectTimeout; extern bool fNameLookup; //! -timeout default static const int DEFAULT_CONNECT_TIMEOUT = 5000; //! -dns default static const int DEFAULT_NAME_LOOKUP = true; class proxyType { public: proxyType() : randomize_credentials(false) {} explicit proxyType(const CService &_proxy, bool _randomize_credentials = false) : proxy(_proxy), randomize_credentials(_randomize_credentials) {} bool IsValid() const { return proxy.IsValid(); } CService proxy; bool randomize_credentials; }; enum Network ParseNetwork(const std::string &net); std::string GetNetworkName(enum Network net); /** * Return a vector of publicly routable Network names; optionally append * NET_UNROUTABLE */ std::vector GetNetworkNames(bool append_unroutable = false); bool SetProxy(enum Network net, const proxyType &addrProxy); bool GetProxy(enum Network net, proxyType &proxyInfoOut); bool IsProxy(const CNetAddr &addr); bool SetNameProxy(const proxyType &addrProxy); bool HaveNameProxy(); bool GetNameProxy(proxyType &nameProxyOut); bool LookupHost(const std::string &name, std::vector &vIP, unsigned int nMaxSolutions, bool fAllowLookup); bool LookupHost(const std::string &name, CNetAddr &addr, bool fAllowLookup); bool Lookup(const std::string &name, CService &addr, int portDefault, bool fAllowLookup); bool Lookup(const std::string &name, std::vector &vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions); CService LookupNumeric(const std::string &name, int portDefault = 0); bool LookupSubNet(const std::string &strSubnet, CSubNet &subnet); /** * Create a TCP socket in the given address family. * @param[in] address_family The socket is created in the same address family as * this address. * @return pointer to the created Sock object or unique_ptr that owns nothing in * case of failure */ std::unique_ptr CreateSockTCP(const CService &address_family); /** * Socket factory. Defaults to `CreateSockTCP()`, but can be overridden by unit * tests. */ extern std::function(const CService &)> CreateSock; -bool ConnectSocketDirectly(const CService &addrConnect, - const SOCKET &hSocketRet, int nTimeout, - bool manual_connection); +bool ConnectSocketDirectly(const CService &addrConnect, const Sock &sock, + int nTimeout, bool manual_connection); bool ConnectThroughProxy(const proxyType &proxy, const std::string &strDest, int port, const Sock &sock, int nTimeout, bool &outProxyConnectionFailed); /** Disable or enable blocking-mode for a socket */ bool SetSocketNonBlocking(const SOCKET &hSocket, bool fNonBlocking); /** Set the TCP_NODELAY flag on a socket */ bool SetSocketNoDelay(const SOCKET &hSocket); void InterruptSocks5(bool interrupt); #endif // BITCOIN_NETBASE_H diff --git a/src/seeder/bitcoin.cpp b/src/seeder/bitcoin.cpp index 5b4d87003..a8c809858 100644 --- a/src/seeder/bitcoin.cpp +++ b/src/seeder/bitcoin.cpp @@ -1,290 +1,290 @@ // Copyright (c) 2017-2020 The Bitcoin developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include #include #include #include #include #include #include #include #include #include #include #include #include #define BITCOIN_SEED_NONCE 0x0539a019ca550825ULL void CSeederNode::Send() { if (!sock) { return; } if (vSend.empty()) { return; } int nBytes = sock->Send(&vSend[0], vSend.size(), 0); if (nBytes > 0) { vSend.erase(vSend.begin(), vSend.begin() + nBytes); } else { sock.reset(); } } PeerMessagingState CSeederNode::ProcessMessage(std::string strCommand, CDataStream &recv) { // tfm::format(std::cout, "%s: RECV %s\n", ToString(you), // strCommand); if (strCommand == NetMsgType::VERSION) { int64_t nTime; CAddress addrMe; CAddress addrFrom; uint64_t nNonce = 1; uint64_t nServiceInt; recv >> nVersion >> nServiceInt >> nTime >> addrMe; you.nServices = ServiceFlags(nServiceInt); recv >> addrFrom >> nNonce; recv >> strSubVer; recv >> nStartingHeight; vSend.SetVersion(std::min(nVersion, PROTOCOL_VERSION)); MessageWriter::WriteMessage(vSend, NetMsgType::VERACK); return PeerMessagingState::AwaitingMessages; } if (strCommand == NetMsgType::VERACK) { vRecv.SetVersion(std::min(nVersion, PROTOCOL_VERSION)); // tfm::format(std::cout, "\n%s: version %i\n", ToString(you), // nVersion); if (vAddr) { MessageWriter::WriteMessage(vSend, NetMsgType::GETADDR); std::vector locatorHash( 1, Params().Checkpoints().mapCheckpoints.rbegin()->second); MessageWriter::WriteMessage(vSend, NetMsgType::GETHEADERS, CBlockLocator(locatorHash), uint256()); doneAfter = GetTime() + GetTimeout(); } else { doneAfter = GetTime() + 1; } return PeerMessagingState::AwaitingMessages; } if (strCommand == NetMsgType::ADDR && vAddr) { std::vector vAddrNew; recv >> vAddrNew; // tfm::format(std::cout, "%s: got %i addresses\n", // ToString(you), // (int)vAddrNew.size()); int64_t now = GetTime(); std::vector::iterator it = vAddrNew.begin(); if (vAddrNew.size() > 1) { if (doneAfter == 0 || doneAfter > now + 1) { doneAfter = now + 1; } } while (it != vAddrNew.end()) { CAddress &addr = *it; // tfm::format(std::cout, "%s: got address %s\n", // ToString(you), // addr.ToString(), (int)(vAddr->size())); it++; if (addr.nTime <= 100000000 || addr.nTime > now + 600) { addr.nTime = now - 5 * 86400; } if (addr.nTime > now - 604800) { vAddr->push_back(addr); } // tfm::format(std::cout, "%s: added address %s (#%i)\n", // ToString(you), // addr.ToString(), (int)(vAddr->size())); if (vAddr->size() > ADDR_SOFT_CAP) { doneAfter = 1; return PeerMessagingState::Finished; } } return PeerMessagingState::AwaitingMessages; } return PeerMessagingState::AwaitingMessages; } bool CSeederNode::ProcessMessages() { if (vRecv.empty()) { return false; } const CMessageHeader::MessageMagic netMagic = Params().NetMagic(); do { CDataStream::iterator pstart = std::search( vRecv.begin(), vRecv.end(), BEGIN(netMagic), END(netMagic)); uint32_t nHeaderSize = GetSerializeSize(CMessageHeader(netMagic), vRecv.GetVersion()); if (vRecv.end() - pstart < nHeaderSize) { if (vRecv.size() > nHeaderSize) { vRecv.erase(vRecv.begin(), vRecv.end() - nHeaderSize); } break; } vRecv.erase(vRecv.begin(), pstart); std::vector vHeaderSave(vRecv.begin(), vRecv.begin() + nHeaderSize); CMessageHeader hdr(netMagic); vRecv >> hdr; if (!hdr.IsValidWithoutConfig(netMagic)) { // tfm::format(std::cout, "%s: BAD (invalid header)\n", // ToString(you)); ban = 100000; return true; } std::string strCommand = hdr.GetCommand(); unsigned int nMessageSize = hdr.nMessageSize; if (nMessageSize > MAX_SIZE) { // tfm::format(std::cout, "%s: BAD (message too large)\n", // ToString(you)); ban = 100000; return true; } if (nMessageSize > vRecv.size()) { vRecv.insert(vRecv.begin(), vHeaderSave.begin(), vHeaderSave.end()); break; } if (vRecv.GetVersion() >= 209) { uint256 hash = Hash(MakeSpan(vRecv).first(nMessageSize)); if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) { continue; } } CDataStream vMsg(vRecv.begin(), vRecv.begin() + nMessageSize, vRecv.GetType(), vRecv.GetVersion()); vRecv.ignore(nMessageSize); if (ProcessMessage(strCommand, vMsg) == PeerMessagingState::Finished) { return true; } // tfm::format(std::cout, "%s: done processing %s\n", // ToString(you), // strCommand); } while (1); return false; } CSeederNode::CSeederNode(const CService &ip, std::vector *vAddrIn) : vSend(SER_NETWORK, 0), vRecv(SER_NETWORK, 0), nHeaderStart(-1), nMessageStart(-1), nVersion(0), vAddr(vAddrIn), ban(0), doneAfter(0), you(ip, ServiceFlags(NODE_NETWORK)) { if (GetTime() > 1329696000) { vSend.SetVersion(209); vRecv.SetVersion(209); } } bool CSeederNode::Run() { // FIXME: This logic is duplicated with CConnman::ConnectNode for no // good reason. bool connected = false; proxyType proxy; if (you.IsValid()) { bool proxyConnectionFailed = false; if (GetProxy(you.GetNetwork(), proxy)) { sock = CreateSock(proxy.proxy); if (!sock) { return false; } connected = ConnectThroughProxy( proxy, you.ToStringIP(), you.GetPort(), *sock, nConnectTimeout, proxyConnectionFailed); } else { // no proxy needed (none set for target network) sock = CreateSock(you); if (!sock) { return false; } // no proxy needed (none set for target network) connected = - ConnectSocketDirectly(you, sock->Get(), nConnectTimeout, false); + ConnectSocketDirectly(you, *sock, nConnectTimeout, false); } } if (!connected) { // tfm::format(std::cout, "Cannot connect to %s\n", // ToString(you)); sock.reset(); return false; } // Write version message uint64_t nLocalServices = 0; uint64_t nLocalNonce = BITCOIN_SEED_NONCE; CService myService; CAddress me(myService, ServiceFlags(NODE_NETWORK)); uint8_t fRelayTxs = 0; const std::string clientName = gArgs.GetArg("-uaclientname", CLIENT_NAME); const std::string clientVersion = gArgs.GetArg("-uaclientversion", FormatVersion(CLIENT_VERSION)); const std::string userAgent = FormatUserAgent(clientName, clientVersion, {"seeder"}); MessageWriter::WriteMessage(vSend, NetMsgType::VERSION, PROTOCOL_VERSION, nLocalServices, GetTime(), you, me, nLocalNonce, userAgent, GetRequireHeight(), fRelayTxs); Send(); bool res = true; int64_t now; while (now = GetTime(), ban == 0 && (doneAfter == 0 || doneAfter > now) && sock) { char pchBuf[0x10000]; fd_set fdsetRecv; fd_set fdsetError; FD_ZERO(&fdsetRecv); FD_ZERO(&fdsetError); FD_SET(sock->Get(), &fdsetRecv); FD_SET(sock->Get(), &fdsetError); struct timeval wa; if (doneAfter) { wa.tv_sec = doneAfter - now; wa.tv_usec = 0; } else { wa.tv_sec = GetTimeout(); wa.tv_usec = 0; } int ret = select(sock->Get() + 1, &fdsetRecv, nullptr, &fdsetError, &wa); if (ret != 1) { if (!doneAfter) { res = false; } break; } int nBytes = sock->Recv(pchBuf, sizeof(pchBuf), 0); int nPos = vRecv.size(); if (nBytes > 0) { vRecv.resize(nPos + nBytes); memcpy(&vRecv[nPos], pchBuf, nBytes); } else if (nBytes == 0) { // tfm::format(std::cout, "%s: BAD (connection closed // prematurely)\n", // ToString(you)); res = false; break; } else { // tfm::format(std::cout, "%s: BAD (connection error)\n", // ToString(you)); res = false; break; } ProcessMessages(); Send(); } res = sock != nullptr; sock.reset(); return (ban == 0) && res; } diff --git a/src/test/CMakeLists.txt b/src/test/CMakeLists.txt index 7a8eacb77..5bd95c039 100644 --- a/src/test/CMakeLists.txt +++ b/src/test/CMakeLists.txt @@ -1,288 +1,289 @@ # Copyright (c) 2018 The Bitcoin developers project(bitcoin-test) # Process json files. file(MAKE_DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}/data") function(gen_json_header NAME) set(HEADERS "") foreach(f ${ARGN}) set(h "${CMAKE_CURRENT_BINARY_DIR}/${f}.h") # Get the proper name for the test variable. get_filename_component(TEST_NAME ${f} NAME_WE) add_custom_command(OUTPUT ${h} COMMAND "${Python_EXECUTABLE}" "${CMAKE_CURRENT_SOURCE_DIR}/data/generate_header.py" "${TEST_NAME}" "${CMAKE_CURRENT_SOURCE_DIR}/${f}" > ${h} MAIN_DEPENDENCY ${f} DEPENDS "data/generate_header.py" VERBATIM ) list(APPEND HEADERS ${h}) endforeach(f) set(${NAME} "${HEADERS}" PARENT_SCOPE) endfunction() gen_json_header(JSON_HEADERS data/base58_encode_decode.json data/blockfilters.json data/key_io_valid.json data/key_io_invalid.json data/script_tests.json data/sighash.json data/tx_invalid.json data/tx_valid.json ) include(TestSuite) create_test_suite(bitcoin) add_dependencies(check check-bitcoin) # An utility library for bitcoin related test suites. add_library(testutil OBJECT util/blockfilter.cpp util/logging.cpp util/mining.cpp util/net.cpp util/setup_common.cpp util/str.cpp util/transaction_utils.cpp util/wallet.cpp ) target_link_libraries(testutil server) if(BUILD_BITCOIN_WALLET) set(BITCOIN_WALLET_TEST_FIXTURE ../wallet/test/init_test_fixture.cpp ../wallet/test/wallet_test_fixture.cpp ) set(BITCOIN_WALLET_TESTS ../wallet/test/db_tests.cpp ../wallet/test/coinselector_tests.cpp ../wallet/test/init_tests.cpp ../wallet/test/ismine_tests.cpp ../wallet/test/psbt_wallet_tests.cpp ../wallet/test/scriptpubkeyman_tests.cpp ../wallet/test/wallet_tests.cpp ../wallet/test/walletdb_tests.cpp ../wallet/test/wallet_crypto_tests.cpp ) endif() function(gen_asmap_headers HEADERS_VAR) foreach(INPUT_FILE ${ARGN}) set(OUTPUT_FILE "${CMAKE_CURRENT_BINARY_DIR}/${INPUT_FILE}.h") add_custom_command( OUTPUT "${OUTPUT_FILE}" COMMENT "Generate ASMAP header from ${INPUT_FILE}" COMMAND "${Python_EXECUTABLE}" "${CMAKE_CURRENT_SOURCE_DIR}/data/generate_asmap.py" "${CMAKE_CURRENT_SOURCE_DIR}/${INPUT_FILE}" "${OUTPUT_FILE}" MAIN_DEPENDENCY "${INPUT_FILE}" DEPENDS "data/generate_header.py" VERBATIM ) list(APPEND ${HEADERS_VAR} "${OUTPUT_FILE}") endforeach() set(${HEADERS_VAR} ${${HEADERS_VAR}} PARENT_SCOPE) endfunction() gen_asmap_headers(ASMAP_HEADERS data/asmap.raw ) add_boost_unit_tests_to_suite(bitcoin test_bitcoin fixture.cpp jsonutil.cpp scriptflags.cpp sigutil.cpp ${ASMAP_HEADERS} # Tests generated from JSON ${JSON_HEADERS} # Wallet test fixture ${BITCOIN_WALLET_TEST_FIXTURE} TESTS activation_tests.cpp addrman_tests.cpp allocator_tests.cpp amount_tests.cpp arith_uint256_tests.cpp base32_tests.cpp base58_tests.cpp base64_tests.cpp bip32_tests.cpp bitmanip_tests.cpp blockchain_tests.cpp blockcheck_tests.cpp blockencodings_tests.cpp blockfilter_tests.cpp blockfilter_index_tests.cpp blockindex_tests.cpp blockstatus_tests.cpp bloom_tests.cpp bswap_tests.cpp cashaddr_tests.cpp cashaddrenc_tests.cpp checkdatasig_tests.cpp checkpoints_tests.cpp checkqueue_tests.cpp coins_tests.cpp compilerbug_tests.cpp compress_tests.cpp config_tests.cpp core_io_tests.cpp crypto_tests.cpp cuckoocache_tests.cpp dbwrapper_tests.cpp denialofservice_tests.cpp descriptor_tests.cpp dnsseeds_tests.cpp dstencode_tests.cpp feerate_tests.cpp finalization_tests.cpp flatfile_tests.cpp fs_tests.cpp getarg_tests.cpp hash_tests.cpp + i2p_tests.cpp interfaces_tests.cpp intmath_tests.cpp inv_tests.cpp key_io_tests.cpp key_tests.cpp lcg_tests.cpp logging_tests.cpp mempool_tests.cpp merkle_tests.cpp merkleblock_tests.cpp miner_tests.cpp monolith_opcodes_tests.cpp multisig_tests.cpp net_peer_eviction_tests.cpp net_tests.cpp netbase_tests.cpp op_reversebytes_tests.cpp pmt_tests.cpp policy_fee_tests.cpp policyestimator_tests.cpp prevector_tests.cpp radix_tests.cpp raii_event_tests.cpp random_tests.cpp rcu_tests.cpp ref_tests.cpp reverselock_tests.cpp rpc_tests.cpp rpc_server_tests.cpp rwcollection_tests.cpp sanity_tests.cpp scheduler_tests.cpp schnorr_tests.cpp script_bitfield_tests.cpp script_commitment_tests.cpp script_p2sh_tests.cpp script_standard_tests.cpp script_tests.cpp scriptnum_tests.cpp serialize_tests.cpp settings_tests.cpp sigcache_tests.cpp sigencoding_tests.cpp sighash_tests.cpp sighashtype_tests.cpp sigcheckcount_tests.cpp skiplist_tests.cpp sock_tests.cpp streams_tests.cpp sync_tests.cpp timedata_tests.cpp torcontrol_tests.cpp transaction_tests.cpp txindex_tests.cpp txrequest_tests.cpp txvalidation_tests.cpp txvalidationcache_tests.cpp uint256_tests.cpp undo_tests.cpp util_tests.cpp util_threadnames_tests.cpp validation_block_tests.cpp validation_chainstate_tests.cpp validation_chainstatemanager_tests.cpp validation_flush_tests.cpp validation_tests.cpp validationinterface_tests.cpp versionbits_tests.cpp work_comparator_tests.cpp # RPC Tests ../rpc/test/server_tests.cpp # Wallet tests ${BITCOIN_WALLET_TESTS} ) function(add_boost_test_runners_with_upgrade_activated SUITE EXECUTABLE) set(SUITE_UPGRADE_ACTIVATED "${SUITE}-upgrade-activated") get_target_from_suite(${SUITE_UPGRADE_ACTIVATED} TARGET_UPGRADE_ACTIVATED) if(NOT TARGET ${TARGET_UPGRADE_ACTIVATED}) create_test_suite_with_parent_targets( ${SUITE_UPGRADE_ACTIVATED} check-upgrade-activated check-upgrade-activated-extended ) add_dependencies(${TARGET_UPGRADE_ACTIVATED} ${EXECUTABLE}) endif() get_target_from_suite(${SUITE} SUITE_TARGET) get_target_property(BOOST_TESTS ${SUITE_TARGET} UNIT_TESTS) get_target_from_suite(${SUITE_UPGRADE_ACTIVATED} SUITE_UPGRADE_ACTIVATED_TARGET) set(HRF_LOGGER "HRF,test_suite") foreach(_test_name ${BOOST_TESTS}) if(ENABLE_JUNIT_REPORT) set(JUNIT_LOGGER ":JUNIT,message,${SUITE_UPGRADE_ACTIVATED}-${_test_name}.xml") endif() add_test_runner( ${SUITE_UPGRADE_ACTIVATED} "${_test_name}" ${EXECUTABLE} JUNIT "--run_test=${_test_name}" "--logger=${HRF_LOGGER}${JUNIT_LOGGER}" "--catch_system_errors=no" # Dec. 1st, 2019 at 00:00:00 -- "-testsuitename=Bitcoin ABC unit tests with next upgrade activated" -axionactivationtime=1575158400 ) endforeach() endfunction() add_boost_test_runners_with_upgrade_activated(bitcoin test_bitcoin) target_link_libraries(test_bitcoin rpcclient testutil) if(TARGET bitcoinconsensus-shared) target_link_libraries(test_bitcoin bitcoinconsensus-shared) else() target_link_libraries(test_bitcoin bitcoinconsensus) endif() add_subdirectory(fuzz) diff --git a/src/test/i2p_tests.cpp b/src/test/i2p_tests.cpp new file mode 100644 index 000000000..1a4eee1b1 --- /dev/null +++ b/src/test/i2p_tests.cpp @@ -0,0 +1,46 @@ +// Copyright (c) 2021-2021 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +BOOST_FIXTURE_TEST_SUITE(i2p_tests, BasicTestingSetup) + +BOOST_AUTO_TEST_CASE(unlimited_recv) { + auto CreateSockOrig = CreateSock; + + // Mock CreateSock() to create MockSock. + CreateSock = [](const CService &) { + return std::make_unique( + std::string(i2p::sam::MAX_MSG_SIZE + 1, 'a')); + }; + + CThreadInterrupt interrupt; + i2p::sam::Session session(GetDataDir() / "test_i2p_private_key", CService{}, + &interrupt); + + { + ASSERT_DEBUG_LOG("Creating SAM session"); + ASSERT_DEBUG_LOG("too many bytes without a terminator"); + + i2p::Connection conn; + bool proxy_error; + BOOST_REQUIRE(!session.Connect(CService{}, conn, proxy_error)); + } + + CreateSock = CreateSockOrig; +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/src/test/util/net.h b/src/test/util/net.h index 894d7af54..7abd3c63e 100644 --- a/src/test/util/net.h +++ b/src/test/util/net.h @@ -1,39 +1,101 @@ // Copyright (c) 2020 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef BITCOIN_TEST_UTIL_NET_H #define BITCOIN_TEST_UTIL_NET_H +#include #include +#include + +#include +#include +#include struct ConnmanTestMsg : public CConnman { using CConnman::CConnman; void SetPeerConnectTimeout(std::chrono::seconds timeout) { m_peer_connect_timeout = timeout; } void AddTestNode(CNode &node) { LOCK(cs_vNodes); vNodes.push_back(&node); } void ClearTestNodes() { LOCK(cs_vNodes); for (CNode *node : vNodes) { delete node; } vNodes.clear(); } void ProcessMessagesOnce(CNode &node) { m_msgproc->ProcessMessages(*config, &node, flagInterruptMsgProc); } void NodeReceiveMsgBytes(CNode &node, Span msg_bytes, bool &complete) const; bool ReceiveMsgFrom(CNode &node, CSerializedNetMsg &ser_msg) const; }; +/** + * A mocked Sock alternative that returns a statically contained data upon read + * and succeeds and ignores all writes. The data to be returned is given to the + * constructor and when it is exhausted an EOF is returned by further reads. + */ +class StaticContentsSock : public Sock { +public: + explicit StaticContentsSock(const std::string &contents) + : m_contents{contents}, m_consumed{0} { + // Just a dummy number that is not INVALID_SOCKET. + static_assert(INVALID_SOCKET != 1000); + m_socket = 1000; + } + + ~StaticContentsSock() override { Reset(); } + + StaticContentsSock &operator=(Sock &&other) override { + assert(false && "Move of Sock into MockSock not allowed."); + return *this; + } + + void Reset() override { m_socket = INVALID_SOCKET; } + + ssize_t Send(const void *, size_t len, int) const override { return len; } + + ssize_t Recv(void *buf, size_t len, int flags) const override { + const size_t consume_bytes{ + std::min(len, m_contents.size() - m_consumed)}; + std::memcpy(buf, m_contents.data() + m_consumed, consume_bytes); + if ((flags & MSG_PEEK) == 0) { + m_consumed += consume_bytes; + } + return consume_bytes; + } + + int Connect(const sockaddr *, socklen_t) const override { return 0; } + + int GetSockOpt(int level, int opt_name, void *opt_val, + socklen_t *opt_len) const override { + std::memset(opt_val, 0x0, *opt_len); + return 0; + } + + bool Wait(std::chrono::milliseconds timeout, Event requested, + Event *occurred = nullptr) const override { + if (occurred != nullptr) { + *occurred = requested; + } + return true; + } + +private: + const std::string m_contents; + mutable size_t m_consumed; +}; + #endif // BITCOIN_TEST_UTIL_NET_H diff --git a/src/util/sock.cpp b/src/util/sock.cpp index 6405ad9e8..fff75a7a5 100644 --- a/src/util/sock.cpp +++ b/src/util/sock.cpp @@ -1,358 +1,368 @@ // Copyright (c) 2020-2021 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include #include #include #include #include #include #include #include #include #include #include #include #ifdef USE_POLL #include #endif static inline bool IOErrorIsPermanent(int err) { return err != WSAEAGAIN && err != WSAEINTR && err != WSAEWOULDBLOCK && err != WSAEINPROGRESS; } Sock::Sock() : m_socket(INVALID_SOCKET) {} Sock::Sock(SOCKET s) : m_socket(s) {} Sock::Sock(Sock &&other) { m_socket = other.m_socket; other.m_socket = INVALID_SOCKET; } Sock::~Sock() { Reset(); } Sock &Sock::operator=(Sock &&other) { Reset(); m_socket = other.m_socket; other.m_socket = INVALID_SOCKET; return *this; } SOCKET Sock::Get() const { return m_socket; } SOCKET Sock::Release() { const SOCKET s = m_socket; m_socket = INVALID_SOCKET; return s; } void Sock::Reset() { CloseSocket(m_socket); } ssize_t Sock::Send(const void *data, size_t len, int flags) const { return send(m_socket, static_cast(data), len, flags); } ssize_t Sock::Recv(void *buf, size_t len, int flags) const { return recv(m_socket, static_cast(buf), len, flags); } +int Sock::Connect(const sockaddr *addr, socklen_t addr_len) const { + return connect(m_socket, addr, addr_len); +} + +int Sock::GetSockOpt(int level, int opt_name, void *opt_val, + socklen_t *opt_len) const { + return getsockopt(m_socket, level, opt_name, static_cast(opt_val), + opt_len); +} + bool Sock::Wait(std::chrono::milliseconds timeout, Event requested, Event *occurred) const { #ifdef USE_POLL pollfd fd; fd.fd = m_socket; fd.events = 0; if (requested & RECV) { fd.events |= POLLIN; } if (requested & SEND) { fd.events |= POLLOUT; } if (poll(&fd, 1, count_milliseconds(timeout)) == SOCKET_ERROR) { return false; } if (occurred != nullptr) { *occurred = 0; if (fd.revents & POLLIN) { *occurred |= RECV; } if (fd.revents & POLLOUT) { *occurred |= SEND; } } return true; #else if (!IsSelectableSocket(m_socket)) { return false; } fd_set fdset_recv; fd_set fdset_send; FD_ZERO(&fdset_recv); FD_ZERO(&fdset_send); if (requested & RECV) { FD_SET(m_socket, &fdset_recv); } if (requested & SEND) { FD_SET(m_socket, &fdset_send); } timeval timeout_struct = MillisToTimeval(timeout); if (select(m_socket + 1, &fdset_recv, &fdset_send, nullptr, &timeout_struct) == SOCKET_ERROR) { return false; } if (occurred != nullptr) { *occurred = 0; if (FD_ISSET(m_socket, &fdset_recv)) { *occurred |= RECV; } if (FD_ISSET(m_socket, &fdset_send)) { *occurred |= SEND; } } return true; #endif /* USE_POLL */ } void Sock::SendComplete(const std::string &data, std::chrono::milliseconds timeout, CThreadInterrupt &interrupt) const { const auto deadline = GetTime() + timeout; size_t sent{0}; for (;;) { const ssize_t ret{ Send(data.data() + sent, data.size() - sent, MSG_NOSIGNAL)}; if (ret > 0) { sent += static_cast(ret); if (sent == data.size()) { break; } } else { const int err{WSAGetLastError()}; if (IOErrorIsPermanent(err)) { throw std::runtime_error( strprintf("send(): %s", NetworkErrorString(err))); } } const auto now = GetTime(); if (now >= deadline) { throw std::runtime_error( strprintf("Send timeout (sent only %u of %u bytes before that)", sent, data.size())); } if (interrupt) { throw std::runtime_error(strprintf( "Send interrupted (sent only %u of %u bytes before that)", sent, data.size())); } // Wait for a short while (or the socket to become ready for sending) // before retrying if nothing was sent. const auto wait_time = std::min( deadline - now, std::chrono::milliseconds{MAX_WAIT_FOR_IO}); Wait(wait_time, SEND); } } std::string Sock::RecvUntilTerminator(uint8_t terminator, std::chrono::milliseconds timeout, CThreadInterrupt &interrupt, size_t max_data) const { const auto deadline = GetTime() + timeout; std::string data; bool terminator_found{false}; // We must not consume any bytes past the terminator from the socket. // One option is to read one byte at a time and check if we have read a // terminator. However that is very slow. Instead, we peek at what is in the // socket and only read as many bytes as possible without crossing the // terminator. Reading 64 MiB of random data with 262526 terminator chars // takes 37 seconds to read one byte at a time VS 0.71 seconds with the // "peek" solution below. Reading one byte at a time is about 50 times // slower. for (;;) { if (data.size() >= max_data) { throw std::runtime_error( strprintf("Received too many bytes without a terminator (%u)", data.size())); } char buf[512]; const ssize_t peek_ret{ Recv(buf, std::min(sizeof(buf), max_data - data.size()), MSG_PEEK)}; switch (peek_ret) { case -1: { const int err{WSAGetLastError()}; if (IOErrorIsPermanent(err)) { throw std::runtime_error( strprintf("recv(): %s", NetworkErrorString(err))); } break; } case 0: throw std::runtime_error( "Connection unexpectedly closed by peer"); default: auto end = buf + peek_ret; auto terminator_pos = std::find(buf, end, terminator); terminator_found = terminator_pos != end; const size_t try_len{terminator_found ? terminator_pos - buf + 1 : static_cast(peek_ret)}; const ssize_t read_ret{Recv(buf, try_len, 0)}; if (read_ret < 0 || static_cast(read_ret) != try_len) { throw std::runtime_error( strprintf("recv() returned %u bytes on attempt to read " "%u bytes but previous " "peek claimed %u bytes are available", read_ret, try_len, peek_ret)); } // Don't include the terminator in the output. const size_t append_len{terminator_found ? try_len - 1 : try_len}; data.append(buf, buf + append_len); if (terminator_found) { return data; } } const auto now = GetTime(); if (now >= deadline) { throw std::runtime_error( strprintf("Receive timeout (received %u bytes without " "terminator before that)", data.size())); } if (interrupt) { throw std::runtime_error( strprintf("Receive interrupted (received %u bytes without " "terminator before that)", data.size())); } // Wait for a short while (or the socket to become ready for reading) // before retrying. const auto wait_time = std::min( deadline - now, std::chrono::milliseconds{MAX_WAIT_FOR_IO}); Wait(wait_time, RECV); } } bool Sock::IsConnected(std::string &errmsg) const { if (m_socket == INVALID_SOCKET) { errmsg = "not connected"; return false; } char c; switch (Recv(&c, sizeof(c), MSG_PEEK)) { case -1: { const int err = WSAGetLastError(); if (IOErrorIsPermanent(err)) { errmsg = NetworkErrorString(err); return false; } return true; } case 0: errmsg = "closed"; return false; default: return true; } } #ifdef WIN32 std::string NetworkErrorString(int err) { wchar_t buf[256]; buf[0] = 0; if (FormatMessageW(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS | FORMAT_MESSAGE_MAX_WIDTH_MASK, nullptr, err, MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), buf, ARRAYSIZE(buf), nullptr)) { return strprintf( "%s (%d)", std::wstring_convert, wchar_t>() .to_bytes(buf), err); } else { return strprintf("Unknown error (%d)", err); } } #else std::string NetworkErrorString(int err) { char buf[256]; buf[0] = 0; /** * Too bad there are two incompatible implementations of the * thread-safe strerror. */ const char *s; #ifdef STRERROR_R_CHAR_P /* GNU variant can return a pointer outside the passed buffer */ s = strerror_r(err, buf, sizeof(buf)); #else s = buf; /* POSIX variant always returns message in buffer */ if (strerror_r(err, buf, sizeof(buf))) { buf[0] = 0; } #endif return strprintf("%s (%d)", s, err); } #endif bool CloseSocket(SOCKET &hSocket) { if (hSocket == INVALID_SOCKET) { return false; } #ifdef WIN32 int ret = closesocket(hSocket); #else int ret = close(hSocket); #endif if (ret) { LogPrintf("Socket close failed: %d. Error: %s\n", hSocket, NetworkErrorString(WSAGetLastError())); } hSocket = INVALID_SOCKET; return ret != SOCKET_ERROR; } diff --git a/src/util/sock.h b/src/util/sock.h index 88eff9e26..7d4d2ae12 100644 --- a/src/util/sock.h +++ b/src/util/sock.h @@ -1,181 +1,197 @@ // Copyright (c) 2020-2021 The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #ifndef BITCOIN_UTIL_SOCK_H #define BITCOIN_UTIL_SOCK_H #include #include #include #include #include /** * Maximum time to wait for I/O readiness. * It will take up until this time to break off in case of an interruption. */ static constexpr auto MAX_WAIT_FOR_IO = 1s; /** * RAII helper class that manages a socket. Mimics `std::unique_ptr`, but * instead of a pointer it contains a socket and closes it automatically when it * goes out of scope. */ class Sock { public: /** * Default constructor, creates an empty object that does nothing when * destroyed. */ Sock(); /** * Take ownership of an existent socket. */ explicit Sock(SOCKET s); /** * Copy constructor, disabled because closing the same socket twice is * undesirable. */ Sock(const Sock &) = delete; /** * Move constructor, grab the socket from another object and close ours (if * set). */ Sock(Sock &&other); /** * Destructor, close the socket or do nothing if empty. */ virtual ~Sock(); /** * Copy assignment operator, disabled because closing the same socket twice * is undesirable. */ Sock &operator=(const Sock &) = delete; /** * Move assignment operator, grab the socket from another object and close * ours (if set). */ virtual Sock &operator=(Sock &&other); /** * Get the value of the contained socket. * @return socket or INVALID_SOCKET if empty */ virtual SOCKET Get() const; /** * Get the value of the contained socket and drop ownership. It will not be * closed by the destructor after this call. * @return socket or INVALID_SOCKET if empty */ virtual SOCKET Release(); /** * Close if non-empty. */ virtual void Reset(); /** * send(2) wrapper. Equivalent to `send(this->Get(), data, len, flags);`. - * Code that uses this wrapper can be unit-tested if this method is + * Code that uses this wrapper can be unit tested if this method is * overridden by a mock Sock implementation. */ virtual ssize_t Send(const void *data, size_t len, int flags) const; /** * recv(2) wrapper. Equivalent to `recv(this->Get(), buf, len, flags);`. - * Code that uses this wrapper can be unit-tested if this method is + * Code that uses this wrapper can be unit tested if this method is * overridden by a mock Sock implementation. */ virtual ssize_t Recv(void *buf, size_t len, int flags) const; + /** + * connect(2) wrapper. Equivalent to `connect(this->Get(), addr, addrlen)`. + * Code that uses this wrapper can be unit tested if this method is + * overridden by a mock Sock implementation. + */ + virtual int Connect(const sockaddr *addr, socklen_t addr_len) const; + + /** + * getsockopt(2) wrapper. Equivalent to + * `getsockopt(this->Get(), level, opt_name, opt_val, opt_len)`. Code that + * uses this wrapper can be unit tested if this method is overridden by a + * mock Sock implementation. + */ + virtual int GetSockOpt(int level, int opt_name, void *opt_val, + socklen_t *opt_len) const; + using Event = uint8_t; /** * If passed to `Wait()`, then it will wait for readiness to read from the * socket. */ static constexpr Event RECV = 0b01; /** * If passed to `Wait()`, then it will wait for readiness to send to the * socket. */ static constexpr Event SEND = 0b10; /** * Wait for readiness for input (recv) or output (send). * @param[in] timeout Wait this much for at least one of the requested * events to occur. * @param[in] requested Wait for those events, bitwise-or of `RECV` and * `SEND`. * @param[out] occurred If not nullptr and `true` is returned, then upon * return this indicates which of the requested events occurred. A * timeout is indicated by return value of `true` and `occurred` being * set to 0. * @return true on success and false otherwise */ virtual bool Wait(std::chrono::milliseconds timeout, Event requested, Event *occurred = nullptr) const; /* Higher level, convenience, methods. These may throw. */ /** * Send the given data, retrying on transient errors. * @param[in] data Data to send. * @param[in] timeout Timeout for the entire operation. * @param[in] interrupt If this is signaled then the operation is canceled. * @throws std::runtime_error if the operation cannot be completed. In this * case only some of the data will be written to the socket. */ virtual void SendComplete(const std::string &data, std::chrono::milliseconds timeout, CThreadInterrupt &interrupt) const; /** * Read from socket until a terminator character is encountered. Will never * consume bytes past the terminator from the socket. * @param[in] terminator Character up to which to read from the socket. * @param[in] timeout Timeout for the entire operation. * @param[in] interrupt If this is signaled then the operation is canceled. * @param[in] max_data The maximum amount of data (in bytes) to receive. * If this many bytes are received and there is still no terminator, * then this method will throw an exception. * @return The data that has been read, without the terminating character. * @throws std::runtime_error if the operation cannot be completed. In this * case some bytes may have been consumed from the socket. */ virtual std::string RecvUntilTerminator(uint8_t terminator, std::chrono::milliseconds timeout, CThreadInterrupt &interrupt, size_t max_data) const; /** * Check if still connected. * @param[out] err The error string, if the socket has been disconnected. * @return true if connected */ virtual bool IsConnected(std::string &errmsg) const; -private: +protected: /** * Contained socket. `INVALID_SOCKET` designates the object is empty. */ SOCKET m_socket; }; /** Return readable error string for a network error code */ std::string NetworkErrorString(int err); /** Close socket and set hSocket to INVALID_SOCKET */ bool CloseSocket(SOCKET &hSocket); #endif // BITCOIN_UTIL_SOCK_H