Branch data Line data Source code
1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : : // Copyright (c) 2009-present The Bitcoin Core developers
3 : : // Distributed under the MIT software license, see the accompanying
4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 : :
6 : : #include <bitcoin-build-config.h> // IWYU pragma: keep
7 : :
8 : : #include <net.h>
9 : :
10 : : #include <addrdb.h>
11 : : #include <addrman.h>
12 : : #include <banman.h>
13 : : #include <clientversion.h>
14 : : #include <common/args.h>
15 : : #include <common/netif.h>
16 : : #include <compat/compat.h>
17 : : #include <consensus/consensus.h>
18 : : #include <crypto/sha256.h>
19 : : #include <i2p.h>
20 : : #include <key.h>
21 : : #include <logging.h>
22 : : #include <memusage.h>
23 : : #include <net_permissions.h>
24 : : #include <netaddress.h>
25 : : #include <netbase.h>
26 : : #include <node/eviction.h>
27 : : #include <node/interface_ui.h>
28 : : #include <protocol.h>
29 : : #include <random.h>
30 : : #include <scheduler.h>
31 : : #include <util/fs.h>
32 : : #include <util/sock.h>
33 : : #include <util/strencodings.h>
34 : : #include <util/thread.h>
35 : : #include <util/threadinterrupt.h>
36 : : #include <util/trace.h>
37 : : #include <util/translation.h>
38 : : #include <util/vector.h>
39 : :
40 : : #include <algorithm>
41 : : #include <array>
42 : : #include <cmath>
43 : : #include <cstdint>
44 : : #include <cstring>
45 : : #include <functional>
46 : : #include <optional>
47 : : #include <string_view>
48 : : #include <unordered_map>
49 : :
50 : : TRACEPOINT_SEMAPHORE(net, closed_connection);
51 : : TRACEPOINT_SEMAPHORE(net, evicted_inbound_connection);
52 : : TRACEPOINT_SEMAPHORE(net, inbound_connection);
53 : : TRACEPOINT_SEMAPHORE(net, outbound_connection);
54 : : TRACEPOINT_SEMAPHORE(net, outbound_message);
55 : :
56 : : /** Maximum number of block-relay-only anchor connections */
57 : : static constexpr size_t MAX_BLOCK_RELAY_ONLY_ANCHORS = 2;
58 : : static_assert (MAX_BLOCK_RELAY_ONLY_ANCHORS <= static_cast<size_t>(MAX_BLOCK_RELAY_ONLY_CONNECTIONS), "MAX_BLOCK_RELAY_ONLY_ANCHORS must not exceed MAX_BLOCK_RELAY_ONLY_CONNECTIONS.");
59 : : /** Anchor IP address database file name */
60 : : const char* const ANCHORS_DATABASE_FILENAME = "anchors.dat";
61 : :
62 : : // How often to dump addresses to peers.dat
63 : : static constexpr std::chrono::minutes DUMP_PEERS_INTERVAL{15};
64 : :
65 : : /** Number of DNS seeds to query when the number of connections is low. */
66 : : static constexpr int DNSSEEDS_TO_QUERY_AT_ONCE = 3;
67 : :
68 : : /** Minimum number of outbound connections under which we will keep fetching our address seeds. */
69 : : static constexpr int SEED_OUTBOUND_CONNECTION_THRESHOLD = 2;
70 : :
71 : : /** How long to delay before querying DNS seeds
72 : : *
73 : : * If we have more than THRESHOLD entries in addrman, then it's likely
74 : : * that we got those addresses from having previously connected to the P2P
75 : : * network, and that we'll be able to successfully reconnect to the P2P
76 : : * network via contacting one of them. So if that's the case, spend a
77 : : * little longer trying to connect to known peers before querying the
78 : : * DNS seeds.
79 : : */
80 : : static constexpr std::chrono::seconds DNSSEEDS_DELAY_FEW_PEERS{11};
81 : : static constexpr std::chrono::minutes DNSSEEDS_DELAY_MANY_PEERS{5};
82 : : static constexpr int DNSSEEDS_DELAY_PEER_THRESHOLD = 1000; // "many" vs "few" peers
83 : :
84 : : /** The default timeframe for -maxuploadtarget. 1 day. */
85 : : static constexpr std::chrono::seconds MAX_UPLOAD_TIMEFRAME{60 * 60 * 24};
86 : :
87 : : // A random time period (0 to 1 seconds) is added to feeler connections to prevent synchronization.
88 : : static constexpr auto FEELER_SLEEP_WINDOW{1s};
89 : :
90 : : /** Frequency to attempt extra connections to reachable networks we're not connected to yet **/
91 : : static constexpr auto EXTRA_NETWORK_PEER_INTERVAL{5min};
92 : :
93 : : /** Used to pass flags to the Bind() function */
94 : : enum BindFlags {
95 : : BF_NONE = 0,
96 : : BF_REPORT_ERROR = (1U << 0),
97 : : /**
98 : : * Do not call AddLocal() for our special addresses, e.g., for incoming
99 : : * Tor connections, to prevent gossiping them over the network.
100 : : */
101 : : BF_DONT_ADVERTISE = (1U << 1),
102 : : };
103 : :
104 : : // The set of sockets cannot be modified while waiting
105 : : // The sleep time needs to be small to avoid new sockets stalling
106 : : static const uint64_t SELECT_TIMEOUT_MILLISECONDS = 50;
107 : :
108 : : const std::string NET_MESSAGE_TYPE_OTHER = "*other*";
109 : :
110 : : static const uint64_t RANDOMIZER_ID_NETGROUP = 0x6c0edd8036ef4036ULL; // SHA256("netgroup")[0:8]
111 : : static const uint64_t RANDOMIZER_ID_LOCALHOSTNONCE = 0xd93e69e2bbfa5735ULL; // SHA256("localhostnonce")[0:8]
112 : : static const uint64_t RANDOMIZER_ID_NETWORKKEY = 0x0e8a2b136c592a7dULL; // SHA256("networkkey")[0:8]
113 : : //
114 : : // Global state variables
115 : : //
116 : : bool fDiscover = true;
117 : : bool fListen = true;
118 : : GlobalMutex g_maplocalhost_mutex;
119 : : std::map<CNetAddr, LocalServiceInfo> mapLocalHost GUARDED_BY(g_maplocalhost_mutex);
120 : : std::string strSubVersion;
121 : :
122 : 303826 : size_t CSerializedNetMsg::GetMemoryUsage() const noexcept
123 : : {
124 [ - + ]: 303826 : return sizeof(*this) + memusage::DynamicUsage(m_type) + memusage::DynamicUsage(data);
125 : : }
126 : :
127 : 118204 : size_t CNetMessage::GetMemoryUsage() const noexcept
128 : : {
129 : 118204 : return sizeof(*this) + memusage::DynamicUsage(m_type) + m_recv.GetMemoryUsage();
130 : : }
131 : :
132 : 0 : void CConnman::AddAddrFetch(const std::string& strDest)
133 : : {
134 : 0 : LOCK(m_addr_fetches_mutex);
135 [ # # ]: 0 : m_addr_fetches.push_back(strDest);
136 : 0 : }
137 : :
138 : 59215 : uint16_t GetListenPort()
139 : : {
140 : : // If -bind= is provided with ":port" part, use that (first one if multiple are provided).
141 [ + - - + ]: 59215 : for (const std::string& bind_arg : gArgs.GetArgs("-bind")) {
142 : 0 : constexpr uint16_t dummy_port = 0;
143 : :
144 [ # # # # ]: 0 : const std::optional<CService> bind_addr{Lookup(bind_arg, dummy_port, /*fAllowLookup=*/false)};
145 [ # # # # : 0 : if (bind_addr.has_value() && bind_addr->GetPort() != dummy_port) return bind_addr->GetPort();
# # # # ]
146 : 59215 : }
147 : :
148 : : // Otherwise, if -whitebind= without NetPermissionFlags::NoBan is provided, use that
149 : : // (-whitebind= is required to have ":port").
150 [ + - - + ]: 59215 : for (const std::string& whitebind_arg : gArgs.GetArgs("-whitebind")) {
151 [ # # ]: 0 : NetWhitebindPermissions whitebind;
152 [ # # ]: 0 : bilingual_str error;
153 [ # # # # ]: 0 : if (NetWhitebindPermissions::TryParse(whitebind_arg, whitebind, error)) {
154 [ # # ]: 0 : if (!NetPermissions::HasFlag(whitebind.m_flags, NetPermissionFlags::NoBan)) {
155 [ # # ]: 0 : return whitebind.m_service.GetPort();
156 : : }
157 : : }
158 : 0 : }
159 : :
160 : : // Otherwise, if -port= is provided, use that. Otherwise use the default port.
161 : 118430 : return static_cast<uint16_t>(gArgs.GetIntArg("-port", Params().GetDefaultPort()));
162 : : }
163 : :
164 : : // Determine the "best" local address for a particular peer.
165 : 58787 : [[nodiscard]] static std::optional<CService> GetLocal(const CNode& peer)
166 : : {
167 [ - + ]: 58787 : if (!fListen) return std::nullopt;
168 : :
169 : 58787 : std::optional<CService> addr;
170 : 58787 : int nBestScore = -1;
171 : 58787 : int nBestReachability = -1;
172 : 58787 : {
173 [ + - ]: 58787 : LOCK(g_maplocalhost_mutex);
174 [ + - + + ]: 7147664 : for (const auto& [local_addr, local_service_info] : mapLocalHost) {
175 : : // For privacy reasons, don't advertise our privacy-network address
176 : : // to other networks and don't advertise our other-network address
177 : : // to privacy networks.
178 [ + - + - ]: 7088877 : if (local_addr.GetNetwork() != peer.ConnectedThroughNetwork()
179 [ + + + - : 12450613 : && (local_addr.IsPrivacyNet() || peer.IsConnectedThroughPrivacyNet())) {
+ + ]
180 : 1824909 : continue;
181 : : }
182 : 5263968 : const int nScore{local_service_info.nScore};
183 [ + - ]: 5263968 : const int nReachability{local_addr.GetReachabilityFrom(peer.addr)};
184 [ + + + + ]: 5263968 : if (nReachability > nBestReachability || (nReachability == nBestReachability && nScore > nBestScore)) {
185 [ + - ]: 129802 : addr.emplace(CService{local_addr, local_service_info.nPort});
186 : 129802 : nBestReachability = nReachability;
187 : 129802 : nBestScore = nScore;
188 : : }
189 : : }
190 : 0 : }
191 [ + + ]: 102273 : return addr;
192 : 58787 : }
193 : :
194 : : //! Convert the serialized seeds into usable address objects.
195 : 0 : static std::vector<CAddress> ConvertSeeds(const std::vector<uint8_t> &vSeedsIn)
196 : : {
197 : : // It'll only connect to one or two seed nodes because once it connects,
198 : : // it'll get a pile of addresses with newer timestamps.
199 : : // Seed nodes are given a random 'last seen time' of between one and two
200 : : // weeks ago.
201 : 0 : const auto one_week{7 * 24h};
202 : 0 : std::vector<CAddress> vSeedsOut;
203 : 0 : FastRandomContext rng;
204 [ # # ]: 0 : ParamsStream s{SpanReader{vSeedsIn}, CAddress::V2_NETWORK};
205 [ # # ]: 0 : while (!s.empty()) {
206 [ # # ]: 0 : CService endpoint;
207 [ # # ]: 0 : s >> endpoint;
208 : 0 : CAddress addr{endpoint, SeedsServiceFlags()};
209 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - one_week, -one_week);
210 [ # # # # : 0 : LogDebug(BCLog::NET, "Added hardcoded seed: %s\n", addr.ToStringAddrPort());
# # # # ]
211 [ # # ]: 0 : vSeedsOut.push_back(addr);
212 : 0 : }
213 : 0 : return vSeedsOut;
214 : 0 : }
215 : :
216 : : // Determine the "best" local address for a particular peer.
217 : : // If none, return the unroutable 0.0.0.0 but filled in with
218 : : // the normal parameters, since the IP may be changed to a useful
219 : : // one by discovery.
220 : 58787 : CService GetLocalAddress(const CNode& peer)
221 : : {
222 [ + - + - : 58787 : return GetLocal(peer).value_or(CService{CNetAddr(), GetListenPort()});
+ - ]
223 : : }
224 : :
225 : 0 : static int GetnScore(const CService& addr)
226 : : {
227 : 0 : LOCK(g_maplocalhost_mutex);
228 [ # # ]: 0 : const auto it = mapLocalHost.find(addr);
229 [ # # ]: 0 : return (it != mapLocalHost.end()) ? it->second.nScore : 0;
230 : 0 : }
231 : :
232 : : // Is our peer's addrLocal potentially useful as an external IP source?
233 : 0 : [[nodiscard]] static bool IsPeerAddrLocalGood(CNode *pnode)
234 : : {
235 : 0 : CService addrLocal = pnode->GetAddrLocal();
236 [ # # # # : 0 : return fDiscover && pnode->addr.IsRoutable() && addrLocal.IsRoutable() &&
# # # # #
# # # ]
237 [ # # ]: 0 : g_reachable_nets.Contains(addrLocal);
238 : 0 : }
239 : :
240 : 0 : std::optional<CService> GetLocalAddrForPeer(CNode& node)
241 : : {
242 : 0 : CService addrLocal{GetLocalAddress(node)};
243 : : // If discovery is enabled, sometimes give our peer the address it
244 : : // tells us that it sees us as in case it has a better idea of our
245 : : // address than we do.
246 : 0 : FastRandomContext rng;
247 [ # # # # : 0 : if (IsPeerAddrLocalGood(&node) && (!addrLocal.IsRoutable() ||
# # # # #
# ]
248 [ # # # # ]: 0 : rng.randbits((GetnScore(addrLocal) > LOCAL_MANUAL) ? 3 : 1) == 0))
249 : : {
250 [ # # ]: 0 : if (node.IsInboundConn()) {
251 : : // For inbound connections, assume both the address and the port
252 : : // as seen from the peer.
253 [ # # ]: 0 : addrLocal = CService{node.GetAddrLocal()};
254 : : } else {
255 : : // For outbound connections, assume just the address as seen from
256 : : // the peer and leave the port in `addrLocal` as returned by
257 : : // `GetLocalAddress()` above. The peer has no way to observe our
258 : : // listening port when we have initiated the connection.
259 [ # # # # ]: 0 : addrLocal.SetIP(node.GetAddrLocal());
260 : : }
261 : : }
262 [ # # # # ]: 0 : if (addrLocal.IsRoutable()) {
263 [ # # # # : 0 : LogDebug(BCLog::NET, "Advertising address %s to peer=%d\n", addrLocal.ToStringAddrPort(), node.GetId());
# # # # ]
264 : 0 : return addrLocal;
265 : : }
266 : : // Address is unroutable. Don't advertise.
267 : 0 : return std::nullopt;
268 : 0 : }
269 : :
270 : 895 : void ClearLocal()
271 : : {
272 : 895 : LOCK(g_maplocalhost_mutex);
273 [ + - ]: 895 : return mapLocalHost.clear();
274 : 895 : }
275 : :
276 : : // learn a new local address
277 : 103776 : bool AddLocal(const CService& addr_, int nScore)
278 : : {
279 : 103776 : CService addr{MaybeFlipIPv6toCJDNS(addr_)};
280 : :
281 [ + - + + ]: 103776 : if (!addr.IsRoutable())
282 : : return false;
283 : :
284 [ - + - - ]: 83136 : if (!fDiscover && nScore < LOCAL_MANUAL)
285 : : return false;
286 : :
287 [ + - + - ]: 83136 : if (!g_reachable_nets.Contains(addr))
288 : : return false;
289 : :
290 [ - + ]: 83136 : if (fLogIPs) {
291 [ # # # # ]: 0 : LogInfo("AddLocal(%s,%i)\n", addr.ToStringAddrPort(), nScore);
292 : : }
293 : :
294 : 83136 : {
295 [ + - ]: 83136 : LOCK(g_maplocalhost_mutex);
296 [ + - + + ]: 83136 : const auto [it, is_newly_added] = mapLocalHost.emplace(addr, LocalServiceInfo());
297 [ + + ]: 83136 : LocalServiceInfo &info = it->second;
298 [ + + + + ]: 83136 : if (is_newly_added || nScore >= info.nScore) {
299 [ + + ]: 35445 : info.nScore = nScore + (is_newly_added ? 0 : 1);
300 [ + - ]: 35445 : info.nPort = addr.GetPort();
301 : : }
302 : 0 : }
303 : :
304 : 83136 : return true;
305 : 103776 : }
306 : :
307 : 0 : bool AddLocal(const CNetAddr &addr, int nScore)
308 : : {
309 [ # # ]: 0 : return AddLocal(CService(addr, GetListenPort()), nScore);
310 : : }
311 : :
312 : 31891 : void RemoveLocal(const CService& addr)
313 : : {
314 : 31891 : LOCK(g_maplocalhost_mutex);
315 [ - + ]: 31891 : if (fLogIPs) {
316 [ # # # # ]: 0 : LogInfo("RemoveLocal(%s)\n", addr.ToStringAddrPort());
317 : : }
318 : :
319 [ + - + - ]: 31891 : mapLocalHost.erase(addr);
320 : 31891 : }
321 : :
322 : : /** vote for a local address */
323 : 108841 : bool SeenLocal(const CService& addr)
324 : : {
325 : 108841 : LOCK(g_maplocalhost_mutex);
326 [ + - ]: 108841 : const auto it = mapLocalHost.find(addr);
327 [ + + ]: 108841 : if (it == mapLocalHost.end()) return false;
328 : 98560 : ++it->second.nScore;
329 : 98560 : return true;
330 : 108841 : }
331 : :
332 : :
333 : : /** check whether a given address is potentially local */
334 : 90436 : bool IsLocal(const CService& addr)
335 : : {
336 : 90436 : LOCK(g_maplocalhost_mutex);
337 [ + - + - ]: 90436 : return mapLocalHost.contains(addr);
338 : 90436 : }
339 : :
340 : 302 : bool CConnman::AlreadyConnectedToHost(std::string_view host) const
341 : : {
342 : 302 : LOCK(m_nodes_mutex);
343 [ + - - + ]: 11699 : return std::ranges::any_of(m_nodes, [&host](CNode* node) { return node->m_addr_name == host; });
344 : 302 : }
345 : :
346 : 493 : bool CConnman::AlreadyConnectedToAddressPort(const CService& addr_port) const
347 : : {
348 : 493 : LOCK(m_nodes_mutex);
349 [ + - + - ]: 8707 : return std::ranges::any_of(m_nodes, [&addr_port](CNode* node) { return node->addr == addr_port; });
350 : 493 : }
351 : :
352 : 438 : bool CConnman::AlreadyConnectedToAddress(const CNetAddr& addr) const
353 : : {
354 : 438 : LOCK(m_nodes_mutex);
355 [ + - + - ]: 7262 : return std::ranges::any_of(m_nodes, [&addr](CNode* node) { return node->addr == addr; });
356 : 438 : }
357 : :
358 : 7410 : bool CConnman::CheckIncomingNonce(uint64_t nonce)
359 : : {
360 : 7410 : LOCK(m_nodes_mutex);
361 [ + + ]: 202097 : for (const CNode* pnode : m_nodes) {
362 : : // Omit private broadcast connections from this check to prevent this privacy attack:
363 : : // - We connect to a peer in an attempt to privately broadcast a transaction. From our
364 : : // VERSION message the peer deducts that this is a short-lived connection for
365 : : // broadcasting a transaction, takes our nonce and delays their VERACK.
366 : : // - The peer starts connecting to (clearnet) nodes and sends them a VERSION message
367 : : // which contains our nonce. If the peer manages to connect to us we would disconnect.
368 : : // - Upon a disconnect, the peer knows our clearnet address. They go back to the short
369 : : // lived privacy broadcast connection and continue with VERACK.
370 [ + + + + : 194760 : if (!pnode->fSuccessfullyConnected && !pnode->IsInboundConn() && !pnode->IsPrivateBroadcastConn() &&
+ + ]
371 [ + + ]: 875 : pnode->GetLocalNonce() == nonce)
372 : : return false;
373 : : }
374 : : return true;
375 : 7410 : }
376 : :
377 : 693 : CNode* CConnman::ConnectNode(CAddress addrConnect,
378 : : const char* pszDest,
379 : : bool fCountFailure,
380 : : ConnectionType conn_type,
381 : : bool use_v2transport,
382 : : const std::optional<Proxy>& proxy_override)
383 : : {
384 : 693 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
385 [ - + ]: 693 : assert(conn_type != ConnectionType::INBOUND);
386 : :
387 [ + + ]: 693 : if (pszDest == nullptr) {
388 [ + - ]: 417 : if (IsLocal(addrConnect))
389 : : return nullptr;
390 : :
391 : : // Look for an existing connection
392 [ - + ]: 417 : if (AlreadyConnectedToAddressPort(addrConnect)) {
393 [ # # ]: 0 : LogInfo("Failed to open new connection to %s, already connected", addrConnect.ToStringAddrPort());
394 : 0 : return nullptr;
395 : : }
396 : : }
397 : :
398 [ - + - - : 693 : LogDebug(BCLog::NET, "trying %s connection (%s) to %s, lastseen=%.1fhrs\n",
- - - - -
- - - ]
399 : : use_v2transport ? "v2" : "v1",
400 : : ConnectionTypeAsString(conn_type),
401 : : pszDest ? pszDest : addrConnect.ToStringAddrPort(),
402 : : Ticks<HoursDouble>(pszDest ? 0h : Now<NodeSeconds>() - addrConnect.nTime));
403 : :
404 : : // Resolve
405 [ + + + - ]: 969 : const uint16_t default_port{pszDest != nullptr ? GetDefaultPort(pszDest) :
406 : 417 : m_params.GetDefaultPort()};
407 : :
408 : : // Collection of addresses to try to connect to: either all dns resolved addresses if a domain name (pszDest) is provided, or addrConnect otherwise.
409 : 693 : std::vector<CAddress> connect_to{};
410 [ + + ]: 693 : if (pszDest) {
411 [ + - + - : 552 : std::vector<CService> resolved{Lookup(pszDest, default_port, fNameLookup && !HaveNameProxy(), 256)};
+ - - + +
- + - ]
412 [ + + ]: 276 : if (!resolved.empty()) {
413 : 80 : std::shuffle(resolved.begin(), resolved.end(), FastRandomContext());
414 : : // If the connection is made by name, it can be the case that the name resolves to more than one address.
415 : : // We don't want to connect any more of them if we are already connected to one
416 [ + + ]: 148 : for (const auto& r : resolved) {
417 [ + - ]: 160 : addrConnect = CAddress{MaybeFlipIPv6toCJDNS(r), NODE_NONE};
418 [ + - + + ]: 80 : if (!addrConnect.IsValid()) {
419 [ + - - + : 4 : LogDebug(BCLog::NET, "Resolver returned invalid address %s for %s\n", addrConnect.ToStringAddrPort(), pszDest);
- - - - ]
420 : 4 : return nullptr;
421 : : }
422 : : // It is possible that we already have a connection to the IP/port pszDest resolved to.
423 : : // In that case, drop the connection that was just created.
424 [ + - + + ]: 76 : if (AlreadyConnectedToAddressPort(addrConnect)) {
425 [ + - + - ]: 8 : LogInfo("Not opening a connection to %s, already connected to %s\n", pszDest, addrConnect.ToStringAddrPort());
426 : 8 : return nullptr;
427 : : }
428 : : // Add the address to the resolved addresses vector so we can try to connect to it later on
429 [ + - ]: 68 : connect_to.push_back(addrConnect);
430 : : }
431 : : } else {
432 : : // For resolution via proxy
433 [ + - ]: 196 : connect_to.push_back(addrConnect);
434 : : }
435 : 276 : } else {
436 : : // Connect via addrConnect directly
437 [ + - ]: 417 : connect_to.push_back(addrConnect);
438 : : }
439 : :
440 : : // Connect
441 : 681 : std::unique_ptr<Sock> sock;
442 [ + - ]: 681 : CService addr_bind;
443 [ + - - + ]: 681 : assert(!addr_bind.IsValid());
444 : 681 : std::unique_ptr<i2p::sam::Session> i2p_transient_session;
445 : :
446 [ + + ]: 1206 : for (auto& target_addr : connect_to) {
447 [ + - + + ]: 681 : if (target_addr.IsValid()) {
448 [ - + ]: 287 : const std::optional<Proxy> use_proxy{
449 [ - + ]: 287 : proxy_override.has_value() ? proxy_override : GetProxy(target_addr.GetNetwork()),
450 [ + - + - ]: 287 : };
451 : 287 : bool proxyConnectionFailed = false;
452 : :
453 [ + + + - ]: 287 : if (target_addr.IsI2P() && use_proxy) {
454 [ # # ]: 0 : i2p::Connection conn;
455 : 0 : bool connected{false};
456 : :
457 : : // If an I2P SAM session already exists, normally we would re-use it. But in the case of
458 : : // private broadcast we force a new transient session. A Connect() using m_i2p_sam_session
459 : : // would use our permanent I2P address as a source address.
460 [ # # # # ]: 0 : if (m_i2p_sam_session && conn_type != ConnectionType::PRIVATE_BROADCAST) {
461 [ # # ]: 0 : connected = m_i2p_sam_session->Connect(target_addr, conn, proxyConnectionFailed);
462 : : } else {
463 : 0 : {
464 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
465 [ # # ]: 0 : if (m_unused_i2p_sessions.empty()) {
466 : 0 : i2p_transient_session =
467 [ # # ]: 0 : std::make_unique<i2p::sam::Session>(*use_proxy, m_interrupt_net);
468 : : } else {
469 : 0 : i2p_transient_session.swap(m_unused_i2p_sessions.front());
470 : 0 : m_unused_i2p_sessions.pop();
471 : : }
472 : 0 : }
473 [ # # ]: 0 : connected = i2p_transient_session->Connect(target_addr, conn, proxyConnectionFailed);
474 [ # # ]: 0 : if (!connected) {
475 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
476 [ # # # # ]: 0 : if (m_unused_i2p_sessions.size() < MAX_UNUSED_I2P_SESSIONS_SIZE) {
477 [ # # # # ]: 0 : m_unused_i2p_sessions.emplace(i2p_transient_session.release());
478 : : }
479 : 0 : }
480 : : }
481 : :
482 [ # # ]: 0 : if (connected) {
483 : 0 : sock = std::move(conn.sock);
484 : 0 : addr_bind = conn.me;
485 : : }
486 [ - + ]: 287 : } else if (use_proxy) {
487 [ # # # # : 0 : LogDebug(BCLog::PROXY, "Using proxy: %s to connect to %s\n", use_proxy->ToString(), target_addr.ToStringAddrPort());
# # # # #
# ]
488 [ # # # # : 0 : sock = ConnectThroughProxy(*use_proxy, target_addr.ToStringAddr(), target_addr.GetPort(), proxyConnectionFailed);
# # ]
489 : : } else {
490 : : // no proxy needed (none set for target network)
491 [ + - ]: 574 : sock = ConnectDirectly(target_addr, conn_type == ConnectionType::MANUAL);
492 : : }
493 [ + - ]: 287 : if (!proxyConnectionFailed) {
494 : : // If a connection to the node was attempted, and failure (if any) is not caused by a problem connecting to
495 : : // the proxy, mark this as an attempt.
496 [ + - ]: 287 : addrman.get().Attempt(target_addr, fCountFailure);
497 : : }
498 [ + + ]: 681 : } else if (pszDest) {
499 [ + - - + ]: 53 : if (const auto name_proxy = GetNameProxy()) {
500 [ # # ]: 0 : std::string host;
501 : 0 : uint16_t port{default_port};
502 [ # # ]: 0 : SplitHostPort(pszDest, port, host);
503 : 0 : bool proxyConnectionFailed;
504 [ # # ]: 0 : sock = ConnectThroughProxy(*name_proxy, host, port, proxyConnectionFailed);
505 : 53 : }
506 : : }
507 : : // Check any other resolved address (if any) if we fail to connect
508 [ + + ]: 681 : if (!sock) {
509 : 525 : continue;
510 : : }
511 : :
512 : 156 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
513 [ + + + - ]: 156 : std::vector<NetWhitelistPermissions> whitelist_permissions = conn_type == ConnectionType::MANUAL ? vWhitelistedRangeOutgoing : std::vector<NetWhitelistPermissions>{};
514 [ + - ]: 156 : AddWhitelistPermissionFlags(permission_flags, target_addr, whitelist_permissions);
515 : :
516 : : // Add node
517 [ + - ]: 156 : NodeId id = GetNewNodeId();
518 [ + - + - : 156 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
+ - ]
519 [ + - + - ]: 156 : if (!addr_bind.IsValid()) {
520 [ + - ]: 312 : addr_bind = GetBindAddress(*sock);
521 : : }
522 [ + - ]: 156 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
523 [ + - + - ]: 156 : .Write(target_addr.GetNetClass())
524 [ + - + - ]: 312 : .Write(addr_bind.GetAddrBytes())
525 : : // For outbound connections, the port of the bound address is randomly
526 : : // assigned by the OS and would therefore not be useful for seeding.
527 [ + - ]: 156 : .Write(0)
528 [ + - ]: 156 : .Finalize();
529 : 156 : CNode* pnode = new CNode(id,
530 : 156 : std::move(sock),
531 : : target_addr,
532 : : CalculateKeyedNetGroup(target_addr),
533 : : nonce,
534 : : addr_bind,
535 [ + - ]: 312 : pszDest ? pszDest : "",
536 : : conn_type,
537 : : /*inbound_onion=*/false,
538 : : network_id,
539 [ + + ]: 156 : CNodeOptions{
540 : : .permission_flags = permission_flags,
541 : : .i2p_sam_session = std::move(i2p_transient_session),
542 [ + + ]: 156 : .recv_flood_size = nReceiveFloodSize,
543 : : .use_v2transport = use_v2transport,
544 [ + - + - : 312 : });
+ - + - +
- ]
545 : 156 : pnode->AddRef();
546 : :
547 : : // We're making a new connection, harvest entropy from the time (and our peer count)
548 : 156 : RandAddEvent((uint32_t)id);
549 : :
550 : 156 : return pnode;
551 : 156 : }
552 : :
553 : : return nullptr;
554 : 693 : }
555 : :
556 : 20641 : void CNode::CloseSocketDisconnect()
557 : : {
558 : 20641 : fDisconnect = true;
559 : 20641 : LOCK(m_sock_mutex);
560 [ + + ]: 20641 : if (m_sock) {
561 [ + - - + : 7172 : LogDebug(BCLog::NET, "Resetting socket for %s", LogPeer());
- - - - ]
562 : 7172 : m_sock.reset();
563 : :
564 : : TRACEPOINT(net, closed_connection,
565 : : GetId(),
566 : : m_addr_name.c_str(),
567 : : ConnectionTypeAsString().c_str(),
568 : : ConnectedThroughNetwork(),
569 : 7172 : Ticks<std::chrono::seconds>(m_connected));
570 : : }
571 [ - + + - ]: 20641 : m_i2p_sam_session.reset();
572 : 20641 : }
573 : :
574 : 11245 : void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const {
575 [ + + ]: 38997 : for (const auto& subnet : ranges) {
576 [ + - + + ]: 27752 : if (addr.has_value() && subnet.m_subnet.Match(addr.value())) {
577 : 213 : NetPermissions::AddFlag(flags, subnet.m_flags);
578 : : }
579 : : }
580 [ + + ]: 11245 : if (NetPermissions::HasFlag(flags, NetPermissionFlags::Implicit)) {
581 [ - + ]: 8 : NetPermissions::ClearFlag(flags, NetPermissionFlags::Implicit);
582 [ - + ]: 8 : if (whitelist_forcerelay) NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);
583 [ + - ]: 8 : if (whitelist_relay) NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);
584 : 8 : NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);
585 : 8 : NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);
586 : : }
587 : 11245 : }
588 : :
589 : 118356 : CService CNode::GetAddrLocal() const
590 : : {
591 : 118356 : AssertLockNotHeld(m_addr_local_mutex);
592 : 118356 : LOCK(m_addr_local_mutex);
593 [ + - ]: 118356 : return m_addr_local;
594 : 118356 : }
595 : :
596 : 6551 : void CNode::SetAddrLocal(const CService& addrLocalIn) {
597 : 6551 : AssertLockNotHeld(m_addr_local_mutex);
598 : 6551 : LOCK(m_addr_local_mutex);
599 [ + - + - : 13102 : if (Assume(!m_addr_local.IsValid())) { // Addr local can only be set once during version msg processing
+ - ]
600 : 6551 : m_addr_local = addrLocalIn;
601 : : }
602 : 6551 : }
603 : :
604 : 7895498 : Network CNode::ConnectedThroughNetwork() const
605 : : {
606 [ + + ]: 7895498 : return m_inbound_onion ? NET_ONION : addr.GetNetClass();
607 : : }
608 : :
609 : 5361736 : bool CNode::IsConnectedThroughPrivacyNet() const
610 : : {
611 [ + + + + ]: 5361736 : return m_inbound_onion || addr.IsPrivacyNet();
612 : : }
613 : :
614 : : #undef X
615 : : #define X(name) stats.name = name
616 : 117479 : void CNode::CopyStats(CNodeStats& stats)
617 : : {
618 : 117479 : stats.nodeid = this->GetId();
619 : 117479 : X(addr);
620 : 117479 : X(addrBind);
621 : 117479 : stats.m_network = ConnectedThroughNetwork();
622 : 117479 : X(m_last_send);
623 : 117479 : X(m_last_recv);
624 : 117479 : X(m_last_tx_time);
625 : 117479 : X(m_last_block_time);
626 : 117479 : X(m_connected);
627 : 117479 : X(m_addr_name);
628 : 117479 : X(nVersion);
629 : 117479 : {
630 : 117479 : LOCK(m_subver_mutex);
631 [ + - + - ]: 234958 : X(cleanSubVer);
632 : 0 : }
633 : 117479 : stats.fInbound = IsInboundConn();
634 : 117479 : X(m_bip152_highbandwidth_to);
635 : 117479 : X(m_bip152_highbandwidth_from);
636 : 117479 : {
637 : 117479 : LOCK(cs_vSend);
638 [ + - ]: 117479 : X(mapSendBytesPerMsgType);
639 [ + - ]: 117479 : X(nSendBytes);
640 : 0 : }
641 : 117479 : {
642 : 117479 : LOCK(cs_vRecv);
643 [ + - ]: 117479 : X(mapRecvBytesPerMsgType);
644 : 117479 : X(nRecvBytes);
645 : 117479 : Transport::Info info = m_transport->GetInfo();
646 : 117479 : stats.m_transport_type = info.transport_type;
647 [ - + - - ]: 117479 : if (info.session_id) stats.m_session_id = HexStr(*info.session_id);
648 : 0 : }
649 : 117479 : X(m_permission_flags);
650 : :
651 : 117479 : X(m_last_ping_time);
652 : 117479 : X(m_min_ping_time);
653 : :
654 : : // Leave string empty if addrLocal invalid (not filled in yet)
655 : 117479 : CService addrLocalUnlocked = GetAddrLocal();
656 [ + - + + : 117479 : stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToStringAddrPort() : "";
+ - + - ]
657 : :
658 : 117479 : X(m_conn_type);
659 : 117479 : }
660 : : #undef X
661 : :
662 : 174073 : bool CNode::ReceiveMsgBytes(std::span<const uint8_t> msg_bytes, bool& complete)
663 : : {
664 : 174073 : complete = false;
665 : 174073 : const auto time = GetTime<std::chrono::microseconds>();
666 : 174073 : LOCK(cs_vRecv);
667 : 174073 : m_last_recv = std::chrono::duration_cast<std::chrono::seconds>(time);
668 : 174073 : nRecvBytes += msg_bytes.size();
669 [ + + ]: 534286 : while (msg_bytes.size() > 0) {
670 : : // absorb network data
671 [ + - + + ]: 214301 : if (!m_transport->ReceivedBytes(msg_bytes)) {
672 : : // Serious transport problem, disconnect from the peer.
673 : : return false;
674 : : }
675 : :
676 [ + - + + ]: 186140 : if (m_transport->ReceivedMessageComplete()) {
677 : : // decompose a transport agnostic CNetMessage from the deserializer
678 : 108287 : bool reject_message{false};
679 [ + - ]: 108287 : CNetMessage msg = m_transport->GetReceivedMessage(time, reject_message);
680 [ + + ]: 108287 : if (reject_message) {
681 : : // Message deserialization failed. Drop the message but don't disconnect the peer.
682 : : // store the size of the corrupt message
683 [ + - ]: 32013 : mapRecvBytesPerMsgType.at(NET_MESSAGE_TYPE_OTHER) += msg.m_raw_message_size;
684 : 32013 : continue;
685 : : }
686 : :
687 : : // Store received bytes per message type.
688 : : // To prevent a memory DOS, only allow known message types.
689 : 76274 : auto i = mapRecvBytesPerMsgType.find(msg.m_type);
690 [ + + ]: 76274 : if (i == mapRecvBytesPerMsgType.end()) {
691 : 14176 : i = mapRecvBytesPerMsgType.find(NET_MESSAGE_TYPE_OTHER);
692 : : }
693 [ - + ]: 76274 : assert(i != mapRecvBytesPerMsgType.end());
694 [ + - ]: 76274 : i->second += msg.m_raw_message_size;
695 : :
696 : : // push the message to the process queue,
697 [ + - ]: 76274 : vRecvMsg.push_back(std::move(msg));
698 : :
699 : 76274 : complete = true;
700 : 108287 : }
701 : : }
702 : :
703 : : return true;
704 : 174073 : }
705 : :
706 : 3148 : std::string CNode::LogPeer() const
707 : : {
708 : 3148 : auto peer_info{strprintf("peer=%d", GetId())};
709 [ - + ]: 3148 : if (fLogIPs) {
710 [ # # # # ]: 0 : return strprintf("%s, peeraddr=%s", peer_info, addr.ToStringAddrPort());
711 : : } else {
712 : 3148 : return peer_info;
713 : : }
714 : 3148 : }
715 : :
716 : 35 : std::string CNode::DisconnectMsg() const
717 : : {
718 [ + - ]: 70 : return strprintf("disconnecting %s", LogPeer());
719 : : }
720 : :
721 : 39765 : V1Transport::V1Transport(const NodeId node_id) noexcept
722 : 39765 : : m_magic_bytes{Params().MessageStart()}, m_node_id{node_id}
723 : : {
724 : 39765 : LOCK(m_recv_mutex);
725 [ + - ]: 39765 : Reset();
726 : 39765 : }
727 : :
728 : 121643 : Transport::Info V1Transport::GetInfo() const noexcept
729 : : {
730 : 121643 : return {.transport_type = TransportProtocolType::V1, .session_id = {}};
731 : : }
732 : :
733 : 230473 : int V1Transport::readHeader(std::span<const uint8_t> msg_bytes)
734 : : {
735 : 230473 : AssertLockHeld(m_recv_mutex);
736 : : // copy data to temporary parsing buffer
737 : 230473 : unsigned int nRemaining = CMessageHeader::HEADER_SIZE - nHdrPos;
738 [ + + ]: 230473 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
739 : :
740 [ + + ]: 230473 : memcpy(&hdrbuf[nHdrPos], msg_bytes.data(), nCopy);
741 : 230473 : nHdrPos += nCopy;
742 : :
743 : : // if header incomplete, exit
744 [ + + ]: 230473 : if (nHdrPos < CMessageHeader::HEADER_SIZE)
745 : 21063 : return nCopy;
746 : :
747 : : // deserialize to CMessageHeader
748 : 209410 : try {
749 [ + - ]: 209410 : hdrbuf >> hdr;
750 : : }
751 [ - - ]: 0 : catch (const std::exception&) {
752 [ - - - - : 0 : LogDebug(BCLog::NET, "Header error: Unable to deserialize, peer=%d\n", m_node_id);
- - ]
753 : 0 : return -1;
754 : 0 : }
755 : :
756 : : // Check start string, network magic
757 [ + + ]: 209410 : if (hdr.pchMessageStart != m_magic_bytes) {
758 [ - + - - ]: 21693 : LogDebug(BCLog::NET, "Header error: Wrong MessageStart %s received, peer=%d\n", HexStr(hdr.pchMessageStart), m_node_id);
759 : 21693 : return -1;
760 : : }
761 : :
762 : : // reject messages larger than MAX_SIZE or MAX_PROTOCOL_MESSAGE_LENGTH
763 : : // NOTE: failing to perform this check previously allowed a malicious peer to make us allocate 32MiB of memory per
764 : : // connection. See https://bitcoincore.org/en/2024/07/03/disclose_receive_buffer_oom.
765 [ + + ]: 187717 : if (hdr.nMessageSize > MAX_SIZE || hdr.nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
766 [ - + - - : 6533 : LogDebug(BCLog::NET, "Header error: Size too large (%s, %u bytes), peer=%d\n", SanitizeString(hdr.GetMessageType()), hdr.nMessageSize, m_node_id);
- - - - ]
767 : 6533 : return -1;
768 : : }
769 : :
770 : : // switch state to reading message data
771 : 181184 : in_data = true;
772 : :
773 : 181184 : return nCopy;
774 : : }
775 : :
776 : 102836 : int V1Transport::readData(std::span<const uint8_t> msg_bytes)
777 : : {
778 : 102836 : AssertLockHeld(m_recv_mutex);
779 : 102836 : unsigned int nRemaining = hdr.nMessageSize - nDataPos;
780 [ + + ]: 102836 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
781 : :
782 [ - + + + ]: 102836 : if (vRecv.size() < nDataPos + nCopy) {
783 : : // Allocate up to 256 KiB ahead, but never more than the total message size.
784 [ + + ]: 166213 : vRecv.resize(std::min(hdr.nMessageSize, nDataPos + nCopy + 256 * 1024));
785 : : }
786 : :
787 : 102836 : hasher.Write(msg_bytes.first(nCopy));
788 : 102836 : memcpy(&vRecv[nDataPos], msg_bytes.data(), nCopy);
789 : 102836 : nDataPos += nCopy;
790 : :
791 : 102836 : return nCopy;
792 : : }
793 : :
794 : 181107 : const uint256& V1Transport::GetMessageHash() const
795 : : {
796 : 181107 : AssertLockHeld(m_recv_mutex);
797 [ + - - + ]: 181107 : assert(CompleteInternal());
798 [ + - ]: 362214 : if (data_hash.IsNull())
799 : 181107 : hasher.Finalize(data_hash);
800 : 181107 : return data_hash;
801 : : }
802 : :
803 : 181107 : CNetMessage V1Transport::GetReceivedMessage(const std::chrono::microseconds time, bool& reject_message)
804 : : {
805 : 181107 : AssertLockNotHeld(m_recv_mutex);
806 : : // Initialize out parameter
807 : 181107 : reject_message = false;
808 : : // decompose a single CNetMessage from the TransportDeserializer
809 : 181107 : LOCK(m_recv_mutex);
810 [ + - ]: 181107 : CNetMessage msg(std::move(vRecv));
811 : :
812 : : // store message type string, time, and sizes
813 [ + - ]: 181107 : msg.m_type = hdr.GetMessageType();
814 : 181107 : msg.m_time = time;
815 : 181107 : msg.m_message_size = hdr.nMessageSize;
816 : 181107 : msg.m_raw_message_size = hdr.nMessageSize + CMessageHeader::HEADER_SIZE;
817 : :
818 [ + - ]: 181107 : uint256 hash = GetMessageHash();
819 : :
820 : : // We just received a message off the wire, harvest entropy from the time (and the message checksum)
821 : 181107 : RandAddEvent(ReadLE32(hash.begin()));
822 : :
823 : : // Check checksum and header message type string
824 [ + + ]: 181107 : if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) {
825 [ + - - + : 15113 : LogDebug(BCLog::NET, "Header error: Wrong checksum (%s, %u bytes), expected %s was %s, peer=%d\n",
- - - - -
- - - -
- ]
826 : : SanitizeString(msg.m_type), msg.m_message_size,
827 : : HexStr(std::span{hash}.first(CMessageHeader::CHECKSUM_SIZE)),
828 : : HexStr(hdr.pchChecksum),
829 : : m_node_id);
830 : 15113 : reject_message = true;
831 [ + - + + ]: 165994 : } else if (!hdr.IsMessageTypeValid()) {
832 [ + - - + : 52387 : LogDebug(BCLog::NET, "Header error: Invalid message type (%s, %u bytes), peer=%d\n",
- - - - -
- ]
833 : : SanitizeString(hdr.GetMessageType()), msg.m_message_size, m_node_id);
834 : 52387 : reject_message = true;
835 : : }
836 : :
837 : : // Always reset the network deserializer (prepare for the next message)
838 [ + - ]: 181107 : Reset();
839 [ + - ]: 181107 : return msg;
840 : 181107 : }
841 : :
842 : 286512 : bool V1Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
843 : : {
844 : 286512 : AssertLockNotHeld(m_send_mutex);
845 : : // Determine whether a new message can be set.
846 : 286512 : LOCK(m_send_mutex);
847 [ + + - + : 286512 : if (m_sending_header || m_bytes_sent < m_message_to_send.data.size()) return false;
+ + ]
848 : :
849 : : // create dbl-sha256 checksum
850 : 201146 : uint256 hash = Hash(msg.data);
851 : :
852 : : // create header
853 [ - + ]: 201146 : CMessageHeader hdr(m_magic_bytes, msg.m_type.c_str(), msg.data.size());
854 [ + + ]: 201146 : memcpy(hdr.pchChecksum, hash.begin(), CMessageHeader::CHECKSUM_SIZE);
855 : :
856 : : // serialize header
857 [ + + ]: 201146 : m_header_to_send.clear();
858 : 201146 : VectorWriter{m_header_to_send, 0, hdr};
859 : :
860 : : // update state
861 : 201146 : m_message_to_send = std::move(msg);
862 : 201146 : m_sending_header = true;
863 : 201146 : m_bytes_sent = 0;
864 : 201146 : return true;
865 : 286512 : }
866 : :
867 : 1703261 : Transport::BytesToSend V1Transport::GetBytesToSend(bool have_next_message) const noexcept
868 : : {
869 : 1703261 : AssertLockNotHeld(m_send_mutex);
870 : 1703261 : LOCK(m_send_mutex);
871 [ + + ]: 1703261 : if (m_sending_header) {
872 [ - + + + ]: 557021 : return {std::span{m_header_to_send}.subspan(m_bytes_sent),
873 : : // We have more to send after the header if the message has payload, or if there
874 : : // is a next message after that.
875 [ + + + + ]: 557021 : have_next_message || !m_message_to_send.data.empty(),
876 : 557021 : m_message_to_send.m_type
877 : 557021 : };
878 : : } else {
879 [ - + ]: 1146240 : return {std::span{m_message_to_send.data}.subspan(m_bytes_sent),
880 : : // We only have more to send after this message's payload if there is another
881 : : // message.
882 : : have_next_message,
883 : 1146240 : m_message_to_send.m_type
884 : 1146240 : };
885 : : }
886 : 1703261 : }
887 : :
888 : 393291 : void V1Transport::MarkBytesSent(size_t bytes_sent) noexcept
889 : : {
890 : 393291 : AssertLockNotHeld(m_send_mutex);
891 : 393291 : LOCK(m_send_mutex);
892 : 393291 : m_bytes_sent += bytes_sent;
893 [ + + - + : 393291 : if (m_sending_header && m_bytes_sent == m_header_to_send.size()) {
+ + ]
894 : : // We're done sending a message's header. Switch to sending its data bytes.
895 : 200027 : m_sending_header = false;
896 : 200027 : m_bytes_sent = 0;
897 [ + + - + : 193264 : } else if (!m_sending_header && m_bytes_sent == m_message_to_send.data.size()) {
+ + ]
898 : : // We're done sending a message's data. Wipe the data vector to reduce memory consumption.
899 : 127474 : ClearShrink(m_message_to_send.data);
900 : 127474 : m_bytes_sent = 0;
901 : : }
902 : 393291 : }
903 : :
904 : 151913 : size_t V1Transport::GetSendMemoryUsage() const noexcept
905 : : {
906 : 151913 : AssertLockNotHeld(m_send_mutex);
907 : 151913 : LOCK(m_send_mutex);
908 : : // Don't count sending-side fields besides m_message_to_send, as they're all small and bounded.
909 [ + - ]: 151913 : return m_message_to_send.GetMemoryUsage();
910 : 151913 : }
911 : :
912 : : namespace {
913 : :
914 : : /** List of short messages as defined in BIP324, in order.
915 : : *
916 : : * Only message types that are actually implemented in this codebase need to be listed, as other
917 : : * messages get ignored anyway - whether we know how to decode them or not.
918 : : */
919 : : const std::array<std::string, 33> V2_MESSAGE_IDS = {
920 : : "", // 12 bytes follow encoding the message type like in V1
921 : : NetMsgType::ADDR,
922 : : NetMsgType::BLOCK,
923 : : NetMsgType::BLOCKTXN,
924 : : NetMsgType::CMPCTBLOCK,
925 : : NetMsgType::FEEFILTER,
926 : : NetMsgType::FILTERADD,
927 : : NetMsgType::FILTERCLEAR,
928 : : NetMsgType::FILTERLOAD,
929 : : NetMsgType::GETBLOCKS,
930 : : NetMsgType::GETBLOCKTXN,
931 : : NetMsgType::GETDATA,
932 : : NetMsgType::GETHEADERS,
933 : : NetMsgType::HEADERS,
934 : : NetMsgType::INV,
935 : : NetMsgType::MEMPOOL,
936 : : NetMsgType::MERKLEBLOCK,
937 : : NetMsgType::NOTFOUND,
938 : : NetMsgType::PING,
939 : : NetMsgType::PONG,
940 : : NetMsgType::SENDCMPCT,
941 : : NetMsgType::TX,
942 : : NetMsgType::GETCFILTERS,
943 : : NetMsgType::CFILTER,
944 : : NetMsgType::GETCFHEADERS,
945 : : NetMsgType::CFHEADERS,
946 : : NetMsgType::GETCFCHECKPT,
947 : : NetMsgType::CFCHECKPT,
948 : : NetMsgType::ADDRV2,
949 : : // Unimplemented message types that are assigned in BIP324:
950 : : "",
951 : : "",
952 : : "",
953 : : ""
954 : : };
955 : :
956 : : class V2MessageMap
957 : : {
958 : : std::unordered_map<std::string, uint8_t> m_map;
959 : :
960 : : public:
961 : 229 : V2MessageMap() noexcept
962 : 229 : {
963 [ + + ]: 7557 : for (size_t i = 1; i < std::size(V2_MESSAGE_IDS); ++i) {
964 : 7328 : m_map.emplace(V2_MESSAGE_IDS[i], i);
965 : : }
966 : 229 : }
967 : :
968 : 33039 : std::optional<uint8_t> operator()(const std::string& message_name) const noexcept
969 : : {
970 : 33039 : auto it = m_map.find(message_name);
971 [ + + ]: 33039 : if (it == m_map.end()) return std::nullopt;
972 : 25892 : return it->second;
973 : : }
974 : : };
975 : :
976 : : const V2MessageMap V2_MESSAGE_MAP;
977 : :
978 : 10 : std::vector<uint8_t> GenerateRandomGarbage() noexcept
979 : : {
980 : 10 : std::vector<uint8_t> ret;
981 : 10 : FastRandomContext rng;
982 : 10 : ret.resize(rng.randrange(V2Transport::MAX_GARBAGE_LEN + 1));
983 : 10 : rng.fillrand(MakeWritableByteSpan(ret));
984 : 10 : return ret;
985 : 10 : }
986 : :
987 : : } // namespace
988 : :
989 : 2498 : void V2Transport::StartSendingHandshake() noexcept
990 : : {
991 : 2498 : AssertLockHeld(m_send_mutex);
992 [ - + ]: 2498 : Assume(m_send_state == SendState::AWAITING_KEY);
993 [ - + ]: 2498 : Assume(m_send_buffer.empty());
994 : : // Initialize the send buffer with ellswift pubkey + provided garbage.
995 [ - + ]: 2498 : m_send_buffer.resize(EllSwiftPubKey::size() + m_send_garbage.size());
996 : 2498 : std::copy(std::begin(m_cipher.GetOurPubKey()), std::end(m_cipher.GetOurPubKey()), MakeWritableByteSpan(m_send_buffer).begin());
997 : 2498 : std::copy(m_send_garbage.begin(), m_send_garbage.end(), m_send_buffer.begin() + EllSwiftPubKey::size());
998 : : // We cannot wipe m_send_garbage as it will still be used as AAD later in the handshake.
999 : 2498 : }
1000 : :
1001 : 3234 : V2Transport::V2Transport(NodeId nodeid, bool initiating, const CKey& key, std::span<const std::byte> ent32, std::vector<uint8_t> garbage) noexcept
1002 : 3234 : : m_cipher{key, ent32},
1003 : 3234 : m_initiating{initiating},
1004 : 3234 : m_nodeid{nodeid},
1005 : 3234 : m_v1_fallback{nodeid},
1006 [ + + ]: 3234 : m_recv_state{initiating ? RecvState::KEY : RecvState::KEY_MAYBE_V1},
1007 [ - + ]: 3234 : m_send_garbage{std::move(garbage)},
1008 [ + + - + ]: 8342 : m_send_state{initiating ? SendState::AWAITING_KEY : SendState::MAYBE_V1}
1009 : : {
1010 [ - + - + ]: 3234 : Assume(m_send_garbage.size() <= MAX_GARBAGE_LEN);
1011 : : // Start sending immediately if we're the initiator of the connection.
1012 [ + + ]: 3234 : if (initiating) {
1013 : 1360 : LOCK(m_send_mutex);
1014 [ + - ]: 1360 : StartSendingHandshake();
1015 : 1360 : }
1016 : 3234 : }
1017 : :
1018 : 10 : V2Transport::V2Transport(NodeId nodeid, bool initiating) noexcept
1019 : 20 : : V2Transport{nodeid, initiating, GenerateRandomKey(),
1020 : 20 : MakeByteSpan(GetRandHash()), GenerateRandomGarbage()} {}
1021 : :
1022 : 74553 : void V2Transport::SetReceiveState(RecvState recv_state) noexcept
1023 : : {
1024 : 74553 : AssertLockHeld(m_recv_mutex);
1025 : : // Enforce allowed state transitions.
1026 [ + + + + : 74553 : switch (m_recv_state) {
+ + - - ]
1027 : 1643 : case RecvState::KEY_MAYBE_V1:
1028 [ - + ]: 1643 : Assume(recv_state == RecvState::KEY || recv_state == RecvState::V1);
1029 : : break;
1030 : 2280 : case RecvState::KEY:
1031 [ - + ]: 2280 : Assume(recv_state == RecvState::GARB_GARBTERM);
1032 : : break;
1033 : 2276 : case RecvState::GARB_GARBTERM:
1034 [ - + ]: 2276 : Assume(recv_state == RecvState::VERSION);
1035 : : break;
1036 : 2276 : case RecvState::VERSION:
1037 [ - + ]: 2276 : Assume(recv_state == RecvState::APP);
1038 : : break;
1039 : 33039 : case RecvState::APP:
1040 [ - + ]: 33039 : Assume(recv_state == RecvState::APP_READY);
1041 : : break;
1042 : 33039 : case RecvState::APP_READY:
1043 [ - + ]: 33039 : Assume(recv_state == RecvState::APP);
1044 : : break;
1045 : 0 : case RecvState::V1:
1046 : 0 : Assume(false); // V1 state cannot be left
1047 : 0 : break;
1048 : : }
1049 : : // Change state.
1050 : 74553 : m_recv_state = recv_state;
1051 : 74553 : }
1052 : :
1053 : 3923 : void V2Transport::SetSendState(SendState send_state) noexcept
1054 : : {
1055 : 3923 : AssertLockHeld(m_send_mutex);
1056 : : // Enforce allowed state transitions.
1057 [ + + - - ]: 3923 : switch (m_send_state) {
1058 : 1643 : case SendState::MAYBE_V1:
1059 [ - + ]: 1643 : Assume(send_state == SendState::V1 || send_state == SendState::AWAITING_KEY);
1060 : : break;
1061 : 2280 : case SendState::AWAITING_KEY:
1062 [ - + ]: 2280 : Assume(send_state == SendState::READY);
1063 : : break;
1064 : 0 : case SendState::READY:
1065 : 0 : case SendState::V1:
1066 : 0 : Assume(false); // Final states
1067 : 0 : break;
1068 : : }
1069 : : // Change state.
1070 : 3923 : m_send_state = send_state;
1071 : 3923 : }
1072 : :
1073 : 92487 : bool V2Transport::ReceivedMessageComplete() const noexcept
1074 : : {
1075 : 92487 : AssertLockNotHeld(m_recv_mutex);
1076 : 92487 : LOCK(m_recv_mutex);
1077 [ + + ]: 92487 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedMessageComplete();
1078 : :
1079 : 69953 : return m_recv_state == RecvState::APP_READY;
1080 : 92487 : }
1081 : :
1082 : 1891 : void V2Transport::ProcessReceivedMaybeV1Bytes() noexcept
1083 : : {
1084 : 1891 : AssertLockHeld(m_recv_mutex);
1085 : 1891 : AssertLockNotHeld(m_send_mutex);
1086 [ - + ]: 1891 : Assume(m_recv_state == RecvState::KEY_MAYBE_V1);
1087 : : // We still have to determine if this is a v1 or v2 connection. The bytes being received could
1088 : : // be the beginning of either a v1 packet (network magic + "version\x00\x00\x00\x00\x00"), or
1089 : : // of a v2 public key. BIP324 specifies that a mismatch with this 16-byte string should trigger
1090 : : // sending of the key.
1091 : 1891 : std::array<uint8_t, V1_PREFIX_LEN> v1_prefix = {0, 0, 0, 0, 'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1092 : 1891 : std::copy(std::begin(Params().MessageStart()), std::end(Params().MessageStart()), v1_prefix.begin());
1093 [ - + - + ]: 1891 : Assume(m_recv_buffer.size() <= v1_prefix.size());
1094 [ + + ]: 1891 : if (!std::equal(m_recv_buffer.begin(), m_recv_buffer.end(), v1_prefix.begin())) {
1095 : : // Mismatch with v1 prefix, so we can assume a v2 connection.
1096 : 1138 : SetReceiveState(RecvState::KEY); // Convert to KEY state, leaving received bytes around.
1097 : : // Transition the sender to AWAITING_KEY state and start sending.
1098 : 1138 : LOCK(m_send_mutex);
1099 : 1138 : SetSendState(SendState::AWAITING_KEY);
1100 [ + - ]: 1138 : StartSendingHandshake();
1101 [ - + + + ]: 1891 : } else if (m_recv_buffer.size() == v1_prefix.size()) {
1102 : : // Full match with the v1 prefix, so fall back to v1 behavior.
1103 : 505 : LOCK(m_send_mutex);
1104 [ - + ]: 505 : std::span<const uint8_t> feedback{m_recv_buffer};
1105 : : // Feed already received bytes to v1 transport. It should always accept these, because it's
1106 : : // less than the size of a v1 header, and these are the first bytes fed to m_v1_fallback.
1107 : 505 : bool ret = m_v1_fallback.ReceivedBytes(feedback);
1108 [ - + ]: 505 : Assume(feedback.empty());
1109 [ - + ]: 505 : Assume(ret);
1110 : 505 : SetReceiveState(RecvState::V1);
1111 : 505 : SetSendState(SendState::V1);
1112 : : // Reset v2 transport buffers to save memory.
1113 : 505 : ClearShrink(m_recv_buffer);
1114 [ + - ]: 505 : ClearShrink(m_send_buffer);
1115 : 505 : } else {
1116 : : // We have not received enough to distinguish v1 from v2 yet. Wait until more bytes come.
1117 : : }
1118 : 1891 : }
1119 : :
1120 : 3204 : bool V2Transport::ProcessReceivedKeyBytes() noexcept
1121 : : {
1122 : 3204 : AssertLockHeld(m_recv_mutex);
1123 : 3204 : AssertLockNotHeld(m_send_mutex);
1124 [ - + ]: 3204 : Assume(m_recv_state == RecvState::KEY);
1125 [ - + - + ]: 3204 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1126 : :
1127 : : // As a special exception, if bytes 4-16 of the key on a responder connection match the
1128 : : // corresponding bytes of a V1 version message, but bytes 0-4 don't match the network magic
1129 : : // (if they did, we'd have switched to V1 state already), assume this is a peer from
1130 : : // another network, and disconnect them. They will almost certainly disconnect us too when
1131 : : // they receive our uniformly random key and garbage, but detecting this case specially
1132 : : // means we can log it.
1133 : 3204 : static constexpr std::array<uint8_t, 12> MATCH = {'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1134 : 3204 : static constexpr size_t OFFSET = std::tuple_size_v<MessageStartChars>;
1135 [ + + - + : 3204 : if (!m_initiating && m_recv_buffer.size() >= OFFSET + MATCH.size()) {
+ + ]
1136 [ - + ]: 1591 : if (std::equal(MATCH.begin(), MATCH.end(), m_recv_buffer.begin() + OFFSET)) {
1137 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: V1 peer with wrong MessageStart %s\n",
1138 : : HexStr(std::span(m_recv_buffer).first(OFFSET)));
1139 : 0 : return false;
1140 : : }
1141 : : }
1142 : :
1143 [ - + + + ]: 3204 : if (m_recv_buffer.size() == EllSwiftPubKey::size()) {
1144 : : // Other side's key has been fully received, and can now be Diffie-Hellman combined with
1145 : : // our key to initialize the encryption ciphers.
1146 : :
1147 : : // Initialize the ciphers.
1148 : 2280 : EllSwiftPubKey ellswift(MakeByteSpan(m_recv_buffer));
1149 : 2280 : LOCK(m_send_mutex);
1150 : 2280 : m_cipher.Initialize(ellswift, m_initiating);
1151 : :
1152 : : // Switch receiver state to GARB_GARBTERM.
1153 : 2280 : SetReceiveState(RecvState::GARB_GARBTERM);
1154 [ + - ]: 2280 : m_recv_buffer.clear();
1155 : :
1156 : : // Switch sender state to READY.
1157 : 2280 : SetSendState(SendState::READY);
1158 : :
1159 : : // Append the garbage terminator to the send buffer.
1160 [ - + ]: 2280 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1161 : 2280 : std::copy(m_cipher.GetSendGarbageTerminator().begin(),
1162 : 2280 : m_cipher.GetSendGarbageTerminator().end(),
1163 : 2280 : MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN).begin());
1164 : :
1165 : : // Construct version packet in the send buffer, with the sent garbage data as AAD.
1166 [ - + ]: 2280 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::EXPANSION + VERSION_CONTENTS.size());
1167 : 2280 : m_cipher.Encrypt(
1168 : : /*contents=*/VERSION_CONTENTS,
1169 : 2280 : /*aad=*/MakeByteSpan(m_send_garbage),
1170 : : /*ignore=*/false,
1171 : 2280 : /*output=*/MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::EXPANSION + VERSION_CONTENTS.size()));
1172 : : // We no longer need the garbage.
1173 [ + - ]: 2280 : ClearShrink(m_send_garbage);
1174 : 2280 : } else {
1175 : : // We still have to receive more key bytes.
1176 : : }
1177 : : return true;
1178 : : }
1179 : :
1180 : 4015226 : bool V2Transport::ProcessReceivedGarbageBytes() noexcept
1181 : : {
1182 : 4015226 : AssertLockHeld(m_recv_mutex);
1183 [ - + ]: 4015226 : Assume(m_recv_state == RecvState::GARB_GARBTERM);
1184 [ - + - + ]: 4015226 : Assume(m_recv_buffer.size() <= MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1185 [ - + + + ]: 4015226 : if (m_recv_buffer.size() >= BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1186 [ + + ]: 3981026 : if (std::ranges::equal(MakeByteSpan(m_recv_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN), m_cipher.GetReceiveGarbageTerminator())) {
1187 : : // Garbage terminator received. Store garbage to authenticate it as AAD later.
1188 : 2276 : m_recv_aad = std::move(m_recv_buffer);
1189 [ - + ]: 2276 : m_recv_aad.resize(m_recv_aad.size() - BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1190 [ - + ]: 2276 : m_recv_buffer.clear();
1191 : 2276 : SetReceiveState(RecvState::VERSION);
1192 [ + + ]: 3978750 : } else if (m_recv_buffer.size() == MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1193 : : // We've reached the maximum length for garbage + garbage terminator, and the
1194 : : // terminator still does not match. Abort.
1195 [ - + ]: 4 : LogDebug(BCLog::NET, "V2 transport error: missing garbage terminator, peer=%d\n", m_nodeid);
1196 : 4 : return false;
1197 : : } else {
1198 : : // We still need to receive more garbage and/or garbage terminator bytes.
1199 : : }
1200 : : } else {
1201 : : // We have less than GARBAGE_TERMINATOR_LEN (16) bytes, so we certainly need to receive
1202 : : // more first.
1203 : : }
1204 : : return true;
1205 : : }
1206 : :
1207 : 97617 : bool V2Transport::ProcessReceivedPacketBytes() noexcept
1208 : : {
1209 : 97617 : AssertLockHeld(m_recv_mutex);
1210 [ - + ]: 97617 : Assume(m_recv_state == RecvState::VERSION || m_recv_state == RecvState::APP);
1211 : :
1212 : : // The maximum permitted contents length for a packet, consisting of:
1213 : : // - 0x00 byte: indicating long message type encoding
1214 : : // - 12 bytes of message type
1215 : : // - payload
1216 : 97617 : static constexpr size_t MAX_CONTENTS_LEN =
1217 : : 1 + CMessageHeader::MESSAGE_TYPE_SIZE +
1218 : : std::min<size_t>(MAX_SIZE, MAX_PROTOCOL_MESSAGE_LENGTH);
1219 : :
1220 [ - + + + ]: 97617 : if (m_recv_buffer.size() == BIP324Cipher::LENGTH_LEN) {
1221 : : // Length descriptor received.
1222 : 35315 : m_recv_len = m_cipher.DecryptLength(MakeByteSpan(m_recv_buffer));
1223 [ - + ]: 35315 : if (m_recv_len > MAX_CONTENTS_LEN) {
1224 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet too large (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1225 : 0 : return false;
1226 : : }
1227 [ + + + + ]: 62302 : } else if (m_recv_buffer.size() > BIP324Cipher::LENGTH_LEN && m_recv_buffer.size() == m_recv_len + BIP324Cipher::EXPANSION) {
1228 : : // Ciphertext received, decrypt it into m_recv_decode_buffer.
1229 : : // Note that it is impossible to reach this branch without hitting the branch above first,
1230 : : // as GetMaxBytesToProcess only allows up to LENGTH_LEN into the buffer before that point.
1231 : 35315 : m_recv_decode_buffer.resize(m_recv_len);
1232 : 35315 : bool ignore{false};
1233 : 70630 : bool ret = m_cipher.Decrypt(
1234 : 35315 : /*input=*/MakeByteSpan(m_recv_buffer).subspan(BIP324Cipher::LENGTH_LEN),
1235 : 35315 : /*aad=*/MakeByteSpan(m_recv_aad),
1236 : : /*ignore=*/ignore,
1237 : : /*contents=*/MakeWritableByteSpan(m_recv_decode_buffer));
1238 [ - + ]: 35315 : if (!ret) {
1239 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet decryption failure (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1240 : 0 : return false;
1241 : : }
1242 : : // We have decrypted a valid packet with the AAD we expected, so clear the expected AAD.
1243 : 35315 : ClearShrink(m_recv_aad);
1244 : : // Feed the last 4 bytes of the Poly1305 authentication tag (and its timing) into our RNG.
1245 [ - + ]: 35315 : RandAddEvent(ReadLE32(m_recv_buffer.data() + m_recv_buffer.size() - 4));
1246 : :
1247 : : // At this point we have a valid packet decrypted into m_recv_decode_buffer. If it's not a
1248 : : // decoy, which we simply ignore, use the current state to decide what to do with it.
1249 [ + - ]: 35315 : if (!ignore) {
1250 [ + + - ]: 35315 : switch (m_recv_state) {
1251 : 2276 : case RecvState::VERSION:
1252 : : // Version message received; transition to application phase. The contents is
1253 : : // ignored, but can be used for future extensions.
1254 : 2276 : SetReceiveState(RecvState::APP);
1255 : 2276 : break;
1256 : 33039 : case RecvState::APP:
1257 : : // Application message decrypted correctly. It can be extracted using GetMessage().
1258 : 33039 : SetReceiveState(RecvState::APP_READY);
1259 : 33039 : break;
1260 : 0 : default:
1261 : : // Any other state is invalid (this function should not have been called).
1262 : 0 : Assume(false);
1263 : : }
1264 : : }
1265 : : // Wipe the receive buffer where the next packet will be received into.
1266 : 35315 : ClearShrink(m_recv_buffer);
1267 : : // In all but APP_READY state, we can wipe the decoded contents.
1268 [ + + ]: 35315 : if (m_recv_state != RecvState::APP_READY) ClearShrink(m_recv_decode_buffer);
1269 : : } else {
1270 : : // We either have less than 3 bytes, so we don't know the packet's length yet, or more
1271 : : // than 3 bytes but less than the packet's full ciphertext. Wait until those arrive.
1272 : : }
1273 : : return true;
1274 : : }
1275 : :
1276 : 4149573 : size_t V2Transport::GetMaxBytesToProcess() noexcept
1277 : : {
1278 : 4149573 : AssertLockHeld(m_recv_mutex);
1279 [ + + + + : 4149573 : switch (m_recv_state) {
- - + ]
1280 : 1891 : case RecvState::KEY_MAYBE_V1:
1281 : : // During the KEY_MAYBE_V1 state we do not allow more than the length of v1 prefix into the
1282 : : // receive buffer.
1283 [ - + - + ]: 1891 : Assume(m_recv_buffer.size() <= V1_PREFIX_LEN);
1284 : : // As long as we're not sure if this is a v1 or v2 connection, don't receive more than what
1285 : : // is strictly necessary to distinguish the two (16 bytes). If we permitted more than
1286 : : // the v1 header size (24 bytes), we may not be able to feed the already-received bytes
1287 : : // back into the m_v1_fallback V1 transport.
1288 [ - + ]: 1891 : return V1_PREFIX_LEN - m_recv_buffer.size();
1289 : 3204 : case RecvState::KEY:
1290 : : // During the KEY state, we only allow the 64-byte key into the receive buffer.
1291 [ - + - + ]: 3204 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1292 : : // As long as we have not received the other side's public key, don't receive more than
1293 : : // that (64 bytes), as garbage follows, and locating the garbage terminator requires the
1294 : : // key exchange first.
1295 [ - + ]: 3204 : return EllSwiftPubKey::size() - m_recv_buffer.size();
1296 : : case RecvState::GARB_GARBTERM:
1297 : : // Process garbage bytes one by one (because terminator may appear anywhere).
1298 : : return 1;
1299 : 97617 : case RecvState::VERSION:
1300 : 97617 : case RecvState::APP:
1301 : : // These three states all involve decoding a packet. Process the length descriptor first,
1302 : : // so that we know where the current packet ends (and we don't process bytes from the next
1303 : : // packet or decoy yet). Then, process the ciphertext bytes of the current packet.
1304 [ - + + + ]: 97617 : if (m_recv_buffer.size() < BIP324Cipher::LENGTH_LEN) {
1305 : 36302 : return BIP324Cipher::LENGTH_LEN - m_recv_buffer.size();
1306 : : } else {
1307 : : // Note that BIP324Cipher::EXPANSION is the total difference between contents size
1308 : : // and encoded packet size, which includes the 3 bytes due to the packet length.
1309 : : // When transitioning from receiving the packet length to receiving its ciphertext,
1310 : : // the encrypted packet length is left in the receive buffer.
1311 : 61315 : return BIP324Cipher::EXPANSION + m_recv_len - m_recv_buffer.size();
1312 : : }
1313 : 31635 : case RecvState::APP_READY:
1314 : : // No bytes can be processed until GetMessage() is called.
1315 : 31635 : return 0;
1316 : 0 : case RecvState::V1:
1317 : : // Not allowed (must be dealt with by the caller).
1318 : 0 : Assume(false);
1319 : 0 : return 0;
1320 : : }
1321 : 0 : Assume(false); // unreachable
1322 : 0 : return 0;
1323 : : }
1324 : :
1325 : 92491 : bool V2Transport::ReceivedBytes(std::span<const uint8_t>& msg_bytes) noexcept
1326 : : {
1327 : 92491 : AssertLockNotHeld(m_recv_mutex);
1328 : : /** How many bytes to allocate in the receive buffer at most above what is received so far. */
1329 : 92491 : static constexpr size_t MAX_RESERVE_AHEAD = 256 * 1024;
1330 : :
1331 : 92491 : LOCK(m_recv_mutex);
1332 [ + + ]: 92491 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedBytes(msg_bytes);
1333 : :
1334 : : // Process the provided bytes in msg_bytes in a loop. In each iteration a nonzero number of
1335 : : // bytes (decided by GetMaxBytesToProcess) are taken from the beginning om msg_bytes, and
1336 : : // appended to m_recv_buffer. Then, depending on the receiver state, one of the
1337 : : // ProcessReceived*Bytes functions is called to process the bytes in that buffer.
1338 : 4187891 : while (!msg_bytes.empty()) {
1339 : : // Decide how many bytes to copy from msg_bytes to m_recv_buffer.
1340 : 4149573 : size_t max_read = GetMaxBytesToProcess();
1341 : :
1342 : : // Reserve space in the buffer if there is not enough.
1343 [ - + + + : 4187919 : if (m_recv_buffer.size() + std::min(msg_bytes.size(), max_read) > m_recv_buffer.capacity()) {
- + + + ]
1344 [ + + - - : 73415 : switch (m_recv_state) {
- ]
1345 : 2785 : case RecvState::KEY_MAYBE_V1:
1346 : 2785 : case RecvState::KEY:
1347 : 2785 : case RecvState::GARB_GARBTERM:
1348 : : // During the initial states (key/garbage), allocate once to fit the maximum (4111
1349 : : // bytes).
1350 : 2785 : m_recv_buffer.reserve(MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1351 : 2785 : break;
1352 : 70630 : case RecvState::VERSION:
1353 : 70630 : case RecvState::APP: {
1354 : : // During states where a packet is being received, as much as is expected but never
1355 : : // more than MAX_RESERVE_AHEAD bytes in addition to what is received so far.
1356 : : // This means attackers that want to cause us to waste allocated memory are limited
1357 : : // to MAX_RESERVE_AHEAD above the largest allowed message contents size, and to
1358 : : // MAX_RESERVE_AHEAD more than they've actually sent us.
1359 [ + - ]: 70630 : size_t alloc_add = std::min(max_read, msg_bytes.size() + MAX_RESERVE_AHEAD);
1360 : 70630 : m_recv_buffer.reserve(m_recv_buffer.size() + alloc_add);
1361 : 70630 : break;
1362 : : }
1363 : 0 : case RecvState::APP_READY:
1364 : : // The buffer is empty in this state.
1365 [ # # ]: 0 : Assume(m_recv_buffer.empty());
1366 : : break;
1367 : 0 : case RecvState::V1:
1368 : : // Should have bailed out above.
1369 : 0 : Assume(false);
1370 : 0 : break;
1371 : : }
1372 : : }
1373 : :
1374 : : // Can't read more than provided input.
1375 [ + + ]: 4149573 : max_read = std::min(msg_bytes.size(), max_read);
1376 : : // Copy data to buffer.
1377 : 4149573 : m_recv_buffer.insert(m_recv_buffer.end(), UCharCast(msg_bytes.data()), UCharCast(msg_bytes.data() + max_read));
1378 [ + + + + : 4149573 : msg_bytes = msg_bytes.subspan(max_read);
- - + ]
1379 : :
1380 : : // Process data in the buffer.
1381 [ + + + + : 4149573 : switch (m_recv_state) {
- - + ]
1382 : 1891 : case RecvState::KEY_MAYBE_V1:
1383 : 1891 : ProcessReceivedMaybeV1Bytes();
1384 [ + + ]: 1891 : if (m_recv_state == RecvState::V1) return true;
1385 : : break;
1386 : :
1387 : 3204 : case RecvState::KEY:
1388 [ + - ]: 3204 : if (!ProcessReceivedKeyBytes()) return false;
1389 : : break;
1390 : :
1391 : 4015226 : case RecvState::GARB_GARBTERM:
1392 [ + + ]: 4015226 : if (!ProcessReceivedGarbageBytes()) return false;
1393 : : break;
1394 : :
1395 : 97617 : case RecvState::VERSION:
1396 : 97617 : case RecvState::APP:
1397 [ + - ]: 97617 : if (!ProcessReceivedPacketBytes()) return false;
1398 : : break;
1399 : :
1400 : : case RecvState::APP_READY:
1401 : : return true;
1402 : :
1403 : 0 : case RecvState::V1:
1404 : : // We should have bailed out before.
1405 : 0 : Assume(false);
1406 : 0 : break;
1407 : : }
1408 : : // Make sure we have made progress before continuing.
1409 [ - + + + ]: 4187891 : Assume(max_read > 0);
1410 : : }
1411 : :
1412 : : return true;
1413 : 92491 : }
1414 : :
1415 : 33039 : std::optional<std::string> V2Transport::GetMessageType(std::span<const uint8_t>& contents) noexcept
1416 : : {
1417 [ - + ]: 33039 : if (contents.size() == 0) return std::nullopt; // Empty contents
1418 [ + + ]: 33039 : uint8_t first_byte = contents[0];
1419 [ + + ]: 33039 : contents = contents.subspan(1); // Strip first byte.
1420 : :
1421 [ + + ]: 33039 : if (first_byte != 0) {
1422 : : // Short (1 byte) encoding.
1423 [ + - ]: 25892 : if (first_byte < std::size(V2_MESSAGE_IDS)) {
1424 : : // Valid short message id.
1425 [ - + ]: 51784 : return V2_MESSAGE_IDS[first_byte];
1426 : : } else {
1427 : : // Unknown short message id.
1428 : 0 : return std::nullopt;
1429 : : }
1430 : : }
1431 : :
1432 [ - + ]: 7147 : if (contents.size() < CMessageHeader::MESSAGE_TYPE_SIZE) {
1433 : 0 : return std::nullopt; // Long encoding needs 12 message type bytes.
1434 : : }
1435 : :
1436 : : size_t msg_type_len{0};
1437 [ + + + + ]: 52849 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE && contents[msg_type_len] != 0) {
1438 : : // Verify that message type bytes before the first 0x00 are in range.
1439 [ - + + - ]: 45702 : if (contents[msg_type_len] < ' ' || contents[msg_type_len] > 0x7F) {
1440 : 0 : return {};
1441 : : }
1442 : 45702 : ++msg_type_len;
1443 : : }
1444 : 7147 : std::string ret{reinterpret_cast<const char*>(contents.data()), msg_type_len};
1445 [ + + ]: 47209 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE) {
1446 : : // Verify that message type bytes after the first 0x00 are also 0x00.
1447 [ - + ]: 40062 : if (contents[msg_type_len] != 0) return {};
1448 : 40062 : ++msg_type_len;
1449 : : }
1450 : : // Strip message type bytes of contents.
1451 : 7147 : contents = contents.subspan(CMessageHeader::MESSAGE_TYPE_SIZE);
1452 : 7147 : return ret;
1453 : 7147 : }
1454 : :
1455 : 43803 : CNetMessage V2Transport::GetReceivedMessage(std::chrono::microseconds time, bool& reject_message) noexcept
1456 : : {
1457 : 43803 : AssertLockNotHeld(m_recv_mutex);
1458 : 43803 : LOCK(m_recv_mutex);
1459 [ + + ]: 43803 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetReceivedMessage(time, reject_message);
1460 : :
1461 [ - + ]: 33039 : Assume(m_recv_state == RecvState::APP_READY);
1462 [ - + ]: 33039 : std::span<const uint8_t> contents{m_recv_decode_buffer};
1463 : 33039 : auto msg_type = GetMessageType(contents);
1464 : 33039 : CNetMessage msg{DataStream{}};
1465 : : // Note that BIP324Cipher::EXPANSION also includes the length descriptor size.
1466 [ - + ]: 33039 : msg.m_raw_message_size = m_recv_decode_buffer.size() + BIP324Cipher::EXPANSION;
1467 [ + - ]: 33039 : if (msg_type) {
1468 : 33039 : reject_message = false;
1469 : 33039 : msg.m_type = std::move(*msg_type);
1470 : 33039 : msg.m_time = time;
1471 : 33039 : msg.m_message_size = contents.size();
1472 : 33039 : msg.m_recv.resize(contents.size());
1473 : 33039 : std::copy(contents.begin(), contents.end(), UCharCast(msg.m_recv.data()));
1474 : : } else {
1475 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: invalid message type (%u bytes contents), peer=%d\n", m_recv_decode_buffer.size(), m_nodeid);
1476 : 0 : reject_message = true;
1477 : : }
1478 : 33039 : ClearShrink(m_recv_decode_buffer);
1479 : 33039 : SetReceiveState(RecvState::APP);
1480 : :
1481 : 33039 : return msg;
1482 : 33039 : }
1483 : :
1484 : 157783 : bool V2Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
1485 : : {
1486 : 157783 : AssertLockNotHeld(m_send_mutex);
1487 : 157783 : LOCK(m_send_mutex);
1488 [ + + ]: 157783 : if (m_send_state == SendState::V1) return m_v1_fallback.SetMessageToSend(msg);
1489 : : // We only allow adding a new message to be sent when in the READY state (so the packet cipher
1490 : : // is available) and the send buffer is empty. This limits the number of messages in the send
1491 : : // buffer to just one, and leaves the responsibility for queueing them up to the caller.
1492 [ + + + + ]: 149815 : if (!(m_send_state == SendState::READY && m_send_buffer.empty())) return false;
1493 : : // Construct contents (encoding message type + payload).
1494 : 33039 : std::vector<uint8_t> contents;
1495 : 33039 : auto short_message_id = V2_MESSAGE_MAP(msg.m_type);
1496 [ + + ]: 33039 : if (short_message_id) {
1497 [ - + ]: 25892 : contents.resize(1 + msg.data.size());
1498 : 25892 : contents[0] = *short_message_id;
1499 : 25892 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1);
1500 : : } else {
1501 : : // Initialize with zeroes, and then write the message type string starting at offset 1.
1502 : : // This means contents[0] and the unused positions in contents[1..13] remain 0x00.
1503 [ - + ]: 7147 : contents.resize(1 + CMessageHeader::MESSAGE_TYPE_SIZE + msg.data.size(), 0);
1504 [ - + ]: 7147 : std::copy(msg.m_type.begin(), msg.m_type.end(), contents.data() + 1);
1505 : 7147 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1 + CMessageHeader::MESSAGE_TYPE_SIZE);
1506 : : }
1507 : : // Construct ciphertext in send buffer.
1508 [ - + ]: 33039 : m_send_buffer.resize(contents.size() + BIP324Cipher::EXPANSION);
1509 : 33039 : m_cipher.Encrypt(MakeByteSpan(contents), {}, false, MakeWritableByteSpan(m_send_buffer));
1510 : 33039 : m_send_type = msg.m_type;
1511 : : // Release memory
1512 : 33039 : ClearShrink(msg.data);
1513 : 33039 : return true;
1514 : 33039 : }
1515 : :
1516 : 1224038 : Transport::BytesToSend V2Transport::GetBytesToSend(bool have_next_message) const noexcept
1517 : : {
1518 : 1224038 : AssertLockNotHeld(m_send_mutex);
1519 : 1224038 : LOCK(m_send_mutex);
1520 [ + + ]: 1224038 : if (m_send_state == SendState::V1) return m_v1_fallback.GetBytesToSend(have_next_message);
1521 : :
1522 [ + + - + ]: 1078900 : if (m_send_state == SendState::MAYBE_V1) Assume(m_send_buffer.empty());
1523 [ - + - + ]: 1078900 : Assume(m_send_pos <= m_send_buffer.size());
1524 : 1078900 : return {
1525 [ - + + + ]: 1078900 : std::span{m_send_buffer}.subspan(m_send_pos),
1526 : : // We only have more to send after the current m_send_buffer if there is a (next)
1527 : : // message to be sent, and we're capable of sending packets. */
1528 [ + + + + ]: 1078900 : have_next_message && m_send_state == SendState::READY,
1529 : 1078900 : m_send_type
1530 : 1078900 : };
1531 : 1224038 : }
1532 : :
1533 : 139728 : void V2Transport::MarkBytesSent(size_t bytes_sent) noexcept
1534 : : {
1535 : 139728 : AssertLockNotHeld(m_send_mutex);
1536 : 139728 : LOCK(m_send_mutex);
1537 [ + + + - ]: 139728 : if (m_send_state == SendState::V1) return m_v1_fallback.MarkBytesSent(bytes_sent);
1538 : :
1539 [ + + + + : 124615 : if (m_send_state == SendState::AWAITING_KEY && m_send_pos == 0 && bytes_sent > 0) {
+ - ]
1540 [ - + ]: 1242 : LogDebug(BCLog::NET, "start sending v2 handshake to peer=%d\n", m_nodeid);
1541 : : }
1542 : :
1543 : 124615 : m_send_pos += bytes_sent;
1544 [ - + - + ]: 124615 : Assume(m_send_pos <= m_send_buffer.size());
1545 [ + + ]: 124615 : if (m_send_pos >= CMessageHeader::HEADER_SIZE) {
1546 : 83620 : m_sent_v1_header_worth = true;
1547 : : }
1548 : : // Wipe the buffer when everything is sent.
1549 [ - + + + ]: 124615 : if (m_send_pos == m_send_buffer.size()) {
1550 : 36008 : m_send_pos = 0;
1551 : 36008 : ClearShrink(m_send_buffer);
1552 : : }
1553 : 139728 : }
1554 : :
1555 : 0 : bool V2Transport::ShouldReconnectV1() const noexcept
1556 : : {
1557 : 0 : AssertLockNotHeld(m_send_mutex);
1558 : 0 : AssertLockNotHeld(m_recv_mutex);
1559 : : // Only outgoing connections need reconnection.
1560 [ # # ]: 0 : if (!m_initiating) return false;
1561 : :
1562 : 0 : LOCK(m_recv_mutex);
1563 : : // We only reconnect in the very first state and when the receive buffer is empty. Together
1564 : : // these conditions imply nothing has been received so far.
1565 [ # # ]: 0 : if (m_recv_state != RecvState::KEY) return false;
1566 [ # # ]: 0 : if (!m_recv_buffer.empty()) return false;
1567 : : // Check if we've sent enough for the other side to disconnect us (if it was V1).
1568 : 0 : LOCK(m_send_mutex);
1569 [ # # ]: 0 : return m_sent_v1_header_worth;
1570 : 0 : }
1571 : :
1572 : 0 : size_t V2Transport::GetSendMemoryUsage() const noexcept
1573 : : {
1574 : 0 : AssertLockNotHeld(m_send_mutex);
1575 : 0 : LOCK(m_send_mutex);
1576 [ # # ]: 0 : if (m_send_state == SendState::V1) return m_v1_fallback.GetSendMemoryUsage();
1577 : :
1578 [ # # ]: 0 : return sizeof(m_send_buffer) + memusage::DynamicUsage(m_send_buffer);
1579 : 0 : }
1580 : :
1581 : 3016 : Transport::Info V2Transport::GetInfo() const noexcept
1582 : : {
1583 : 3016 : AssertLockNotHeld(m_recv_mutex);
1584 : 3016 : LOCK(m_recv_mutex);
1585 [ + + ]: 3016 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetInfo();
1586 : :
1587 [ + + ]: 2511 : Transport::Info info;
1588 : :
1589 : : // Do not report v2 and session ID until the version packet has been received
1590 : : // and verified (confirming that the other side very likely has the same keys as us).
1591 [ + + ]: 2511 : if (m_recv_state != RecvState::KEY_MAYBE_V1 && m_recv_state != RecvState::KEY &&
1592 : : m_recv_state != RecvState::GARB_GARBTERM && m_recv_state != RecvState::VERSION) {
1593 : 2276 : info.transport_type = TransportProtocolType::V2;
1594 : 2276 : info.session_id = uint256(MakeUCharSpan(m_cipher.GetSessionID()));
1595 : : } else {
1596 : 235 : info.transport_type = TransportProtocolType::DETECTING;
1597 : : }
1598 : :
1599 : 2511 : return info;
1600 : 3016 : }
1601 : :
1602 : 64083 : std::pair<size_t, bool> CConnman::SocketSendData(CNode& node) const
1603 : : {
1604 : 64083 : auto it = node.vSendMsg.begin();
1605 : 64083 : size_t nSentSize = 0;
1606 : 64083 : bool data_left{false}; //!< second return value (whether unsent data remains)
1607 : 64083 : std::optional<bool> expected_more;
1608 : :
1609 : 153436 : while (true) {
1610 [ + + ]: 153436 : if (it != node.vSendMsg.end()) {
1611 : : // If possible, move one message from the send queue to the transport. This fails when
1612 : : // there is an existing message still being sent, or (for v2 transports) when the
1613 : : // handshake has not yet completed.
1614 : 64083 : size_t memusage = it->GetMemoryUsage();
1615 [ + - ]: 64083 : if (node.m_transport->SetMessageToSend(*it)) {
1616 : : // Update memory usage of send buffer (as *it will be deleted).
1617 : 64083 : node.m_send_memusage -= memusage;
1618 : 64083 : ++it;
1619 : : }
1620 : : }
1621 [ + + ]: 153436 : const auto& [data, more, msg_type] = node.m_transport->GetBytesToSend(it != node.vSendMsg.end());
1622 : : // We rely on the 'more' value returned by GetBytesToSend to correctly predict whether more
1623 : : // bytes are still to be sent, to correctly set the MSG_MORE flag. As a sanity check,
1624 : : // verify that the previously returned 'more' was correct.
1625 [ + + - + ]: 153436 : if (expected_more.has_value()) Assume(!data.empty() == *expected_more);
1626 [ + + ]: 153436 : expected_more = more;
1627 [ + + ]: 153436 : data_left = !data.empty(); // will be overwritten on next loop if all of data gets sent
1628 : 153436 : int nBytes = 0;
1629 [ + + ]: 153436 : if (!data.empty()) {
1630 : 102501 : LOCK(node.m_sock_mutex);
1631 : : // There is no socket in case we've already disconnected, or in test cases without
1632 : : // real connections. In these cases, we bail out immediately and just leave things
1633 : : // in the send queue and transport.
1634 [ + + ]: 102501 : if (!node.m_sock) {
1635 : : break;
1636 : : }
1637 : 95323 : int flags = MSG_NOSIGNAL | MSG_DONTWAIT;
1638 : : #ifdef MSG_MORE
1639 [ + + ]: 95323 : if (more) {
1640 : 41890 : flags |= MSG_MORE;
1641 : : }
1642 : : #endif
1643 [ + - + - ]: 95323 : nBytes = node.m_sock->Send(data.data(), data.size(), flags);
1644 : 7178 : }
1645 [ + + ]: 95323 : if (nBytes > 0) {
1646 : 93687 : node.m_last_send = GetTime<std::chrono::seconds>();
1647 : 93687 : node.nSendBytes += nBytes;
1648 : : // Notify transport that bytes have been processed.
1649 : 93687 : node.m_transport->MarkBytesSent(nBytes);
1650 : : // Update statistics per message type.
1651 [ + + ]: 93687 : if (!msg_type.empty()) { // don't report v2 handshake bytes for now
1652 : 88051 : node.AccountForSentBytes(msg_type, nBytes);
1653 : : }
1654 : 93687 : nSentSize += nBytes;
1655 [ + + ]: 93687 : if ((size_t)nBytes != data.size()) {
1656 : : // could not send full message; stop sending more
1657 : : break;
1658 : : }
1659 : : } else {
1660 [ + + ]: 52571 : if (nBytes < 0) {
1661 : : // error
1662 : 1312 : int nErr = WSAGetLastError();
1663 [ + + + + ]: 1312 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) {
1664 [ - + - - : 1033 : LogDebug(BCLog::NET, "socket send error, %s: %s", node.DisconnectMsg(), NetworkErrorString(nErr));
- - ]
1665 : 1033 : node.CloseSocketDisconnect();
1666 : : }
1667 : : }
1668 : : break;
1669 : : }
1670 : : }
1671 : :
1672 [ + - ]: 64083 : node.fPauseSend = node.m_send_memusage + node.m_transport->GetSendMemoryUsage() > nSendBufferMaxSize;
1673 : :
1674 [ + - ]: 64083 : if (it == node.vSendMsg.end()) {
1675 [ - + ]: 64083 : assert(node.m_send_memusage == 0);
1676 : : }
1677 : 64083 : node.vSendMsg.erase(node.vSendMsg.begin(), it);
1678 : 64083 : return {nSentSize, data_left};
1679 : : }
1680 : :
1681 : : /** Try to find a connection to evict when the node is full.
1682 : : * Extreme care must be taken to avoid opening the node to attacker
1683 : : * triggered network partitioning.
1684 : : * The strategy used here is to protect a small number of peers
1685 : : * for each of several distinct characteristics which are difficult
1686 : : * to forge. In order to partition a node the attacker must be
1687 : : * simultaneously better at all of them than honest peers.
1688 : : */
1689 : 10899 : bool CConnman::AttemptToEvictConnection()
1690 : : {
1691 : 10899 : std::vector<NodeEvictionCandidate> vEvictionCandidates;
1692 : 10899 : {
1693 : :
1694 [ + - ]: 10899 : LOCK(m_nodes_mutex);
1695 [ + + ]: 836146 : for (const CNode* node : m_nodes) {
1696 [ + + ]: 825247 : if (node->fDisconnect)
1697 : 136982 : continue;
1698 : 688265 : NodeEvictionCandidate candidate{
1699 : 688265 : .id = node->GetId(),
1700 : : .m_connected = node->m_connected,
1701 : 688265 : .m_min_ping_time = node->m_min_ping_time,
1702 : 688265 : .m_last_block_time = node->m_last_block_time,
1703 : 688265 : .m_last_tx_time = node->m_last_tx_time,
1704 [ + - ]: 688265 : .fRelevantServices = node->m_has_all_wanted_services,
1705 : 688265 : .m_relay_txs = node->m_relays_txs.load(),
1706 : 688265 : .fBloomFilter = node->m_bloom_filter_loaded.load(),
1707 : 688265 : .nKeyedNetGroup = node->nKeyedNetGroup,
1708 : 688265 : .prefer_evict = node->m_prefer_evict,
1709 [ + - ]: 688265 : .m_is_local = node->addr.IsLocal(),
1710 : 688265 : .m_network = node->ConnectedThroughNetwork(),
1711 : 688265 : .m_noban = node->HasPermission(NetPermissionFlags::NoBan),
1712 : 688265 : .m_conn_type = node->m_conn_type,
1713 [ + - + - : 1376530 : };
+ - ]
1714 [ + - ]: 688265 : vEvictionCandidates.push_back(candidate);
1715 : : }
1716 : 0 : }
1717 [ + - ]: 10899 : const std::optional<NodeId> node_id_to_evict = SelectNodeToEvict(std::move(vEvictionCandidates));
1718 [ + + ]: 10899 : if (!node_id_to_evict) {
1719 : : return false;
1720 : : }
1721 [ + - ]: 2672 : LOCK(m_nodes_mutex);
1722 [ + - ]: 272610 : for (CNode* pnode : m_nodes) {
1723 [ + + ]: 272610 : if (pnode->GetId() == *node_id_to_evict) {
1724 [ + - - + : 2672 : LogDebug(BCLog::NET, "selected %s connection for eviction, %s", pnode->ConnectionTypeAsString(), pnode->DisconnectMsg());
- - - - ]
1725 : : TRACEPOINT(net, evicted_inbound_connection,
1726 : : pnode->GetId(),
1727 : : pnode->m_addr_name.c_str(),
1728 : : pnode->ConnectionTypeAsString().c_str(),
1729 : : pnode->ConnectedThroughNetwork(),
1730 : 2672 : Ticks<std::chrono::seconds>(pnode->m_connected));
1731 : 2672 : pnode->fDisconnect = true;
1732 : 2672 : return true;
1733 : : }
1734 : : }
1735 : : return false;
1736 : 13571 : }
1737 : :
1738 : 0 : void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
1739 : 0 : struct sockaddr_storage sockaddr;
1740 : 0 : socklen_t len = sizeof(sockaddr);
1741 : 0 : auto sock = hListenSocket.sock->Accept((struct sockaddr*)&sockaddr, &len);
1742 : :
1743 [ # # ]: 0 : if (!sock) {
1744 : 0 : const int nErr = WSAGetLastError();
1745 [ # # ]: 0 : if (nErr != WSAEWOULDBLOCK) {
1746 [ # # # # ]: 0 : LogInfo("socket error accept failed: %s\n", NetworkErrorString(nErr));
1747 : : }
1748 : 0 : return;
1749 : : }
1750 : :
1751 [ # # ]: 0 : CService addr;
1752 [ # # # # ]: 0 : if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr, len)) {
1753 [ # # ]: 0 : LogWarning("Unknown socket family\n");
1754 : : } else {
1755 [ # # ]: 0 : addr = MaybeFlipIPv6toCJDNS(addr);
1756 : : }
1757 : :
1758 [ # # # # ]: 0 : const CService addr_bind{MaybeFlipIPv6toCJDNS(GetBindAddress(*sock))};
1759 : :
1760 : 0 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
1761 [ # # ]: 0 : hListenSocket.AddSocketPermissionFlags(permission_flags);
1762 : :
1763 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(sock), permission_flags, addr_bind, addr);
1764 : 0 : }
1765 : :
1766 : 11089 : void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
1767 : : NetPermissionFlags permission_flags,
1768 : : const CService& addr_bind,
1769 : : const CService& addr)
1770 : : {
1771 : 11089 : int nInbound = 0;
1772 : :
1773 [ - + ]: 11089 : const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
1774 : :
1775 : : // Tor inbound connections do not reveal the peer's actual network address.
1776 : : // Therefore do not apply address-based whitelist permissions to them.
1777 [ - + + - ]: 22178 : AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr, vWhitelistedRangeIncoming);
1778 : :
1779 : 11089 : {
1780 : 11089 : LOCK(m_nodes_mutex);
1781 [ + + ]: 842703 : for (const CNode* pnode : m_nodes) {
1782 [ + + ]: 831614 : if (pnode->IsInboundConn()) nInbound++;
1783 : : }
1784 : 11089 : }
1785 : :
1786 [ + + ]: 11089 : if (!fNetworkActive) {
1787 [ - + - - ]: 15 : LogDebug(BCLog::NET, "connection from %s dropped: not accepting new connections\n", addr.ToStringAddrPort());
1788 : 15 : return;
1789 : : }
1790 : :
1791 [ + + ]: 11074 : if (!sock->IsSelectable()) {
1792 [ + - ]: 175 : LogInfo("connection from %s dropped: non-selectable socket\n", addr.ToStringAddrPort());
1793 : 175 : return;
1794 : : }
1795 : :
1796 : : // According to the internet TCP_NODELAY is not carried into accepted sockets
1797 : : // on all platforms. Set it again here just to be sure.
1798 : 10899 : const int on{1};
1799 [ + + ]: 10899 : if (sock->SetSockOpt(IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == SOCKET_ERROR) {
1800 [ - + - - ]: 10705 : LogDebug(BCLog::NET, "connection from %s: unable to set TCP_NODELAY, continuing anyway\n",
1801 : : addr.ToStringAddrPort());
1802 : : }
1803 : :
1804 : : // Don't accept connections from banned peers.
1805 [ - + - - ]: 10899 : bool banned = m_banman && m_banman->IsBanned(addr);
1806 [ + + - + ]: 10899 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && banned)
1807 : : {
1808 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToStringAddrPort());
1809 : 0 : return;
1810 : : }
1811 : :
1812 : : // Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
1813 [ - + - - ]: 10899 : bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
1814 [ + + + - : 10899 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && nInbound + 1 >= m_max_inbound && discouraged)
+ - ]
1815 : : {
1816 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToStringAddrPort());
1817 : 0 : return;
1818 : : }
1819 : :
1820 [ + - ]: 10899 : if (nInbound >= m_max_inbound)
1821 : : {
1822 [ + + ]: 10899 : if (!AttemptToEvictConnection()) {
1823 : : // No connection to evict, disconnect the new connection
1824 [ - + ]: 8227 : LogDebug(BCLog::NET, "failed to find an eviction candidate - connection dropped (full)\n");
1825 : 8227 : return;
1826 : : }
1827 : : }
1828 : :
1829 : 2672 : NodeId id = GetNewNodeId();
1830 : 2672 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
1831 : :
1832 : : // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
1833 : : // detected, so use it whenever we signal NODE_P2P_V2.
1834 : 2672 : ServiceFlags local_services = GetLocalServices();
1835 : 2672 : const bool use_v2transport(local_services & NODE_P2P_V2);
1836 : :
1837 : 2672 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
1838 [ + - ]: 2672 : .Write(inbound_onion ? NET_ONION : addr.GetNetClass())
1839 [ - + + - ]: 2672 : .Write(addr_bind.GetAddrBytes())
1840 [ + - + - ]: 2672 : .Write(addr_bind.GetPort()) // inbound connections use bind port
1841 [ + - ]: 2672 : .Finalize();
1842 : 2672 : CNode* pnode = new CNode(id,
1843 : 2672 : std::move(sock),
1844 [ + - ]: 5344 : CAddress{addr, NODE_NONE},
1845 : : CalculateKeyedNetGroup(addr),
1846 : : nonce,
1847 : : addr_bind,
1848 : 2672 : /*addrNameIn=*/"",
1849 : : ConnectionType::INBOUND,
1850 : : inbound_onion,
1851 : : network_id,
1852 : 0 : CNodeOptions{
1853 : : .permission_flags = permission_flags,
1854 : : .prefer_evict = discouraged,
1855 : 2672 : .recv_flood_size = nReceiveFloodSize,
1856 : : .use_v2transport = use_v2transport,
1857 [ + - + - : 5344 : });
+ - + - ]
1858 : 2672 : pnode->AddRef();
1859 : 2672 : m_msgproc->InitializeNode(*pnode, local_services);
1860 : 2672 : {
1861 : 2672 : LOCK(m_nodes_mutex);
1862 [ + - ]: 2672 : m_nodes.push_back(pnode);
1863 : 0 : }
1864 [ - + - - ]: 2672 : LogDebug(BCLog::NET, "connection from %s accepted\n", addr.ToStringAddrPort());
1865 : : TRACEPOINT(net, inbound_connection,
1866 : : pnode->GetId(),
1867 : : pnode->m_addr_name.c_str(),
1868 : : pnode->ConnectionTypeAsString().c_str(),
1869 : : pnode->ConnectedThroughNetwork(),
1870 : 2672 : GetNodeCount(ConnectionDirection::In));
1871 : :
1872 : : // We received a new connection, harvest entropy from the time (and our peer count)
1873 : 2672 : RandAddEvent((uint32_t)id);
1874 : : }
1875 : :
1876 : 0 : bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport = false)
1877 : : {
1878 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
1879 : 0 : std::optional<int> max_connections;
1880 [ # # # # ]: 0 : switch (conn_type) {
1881 : : case ConnectionType::INBOUND:
1882 : : case ConnectionType::MANUAL:
1883 : : case ConnectionType::PRIVATE_BROADCAST:
1884 : : return false;
1885 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
1886 : 0 : max_connections = m_max_outbound_full_relay;
1887 : 0 : break;
1888 : 0 : case ConnectionType::BLOCK_RELAY:
1889 : 0 : max_connections = m_max_outbound_block_relay;
1890 : 0 : break;
1891 : : // no limit for ADDR_FETCH because -seednode has no limit either
1892 : : case ConnectionType::ADDR_FETCH:
1893 : : break;
1894 : : // no limit for FEELER connections since they're short-lived
1895 : : case ConnectionType::FEELER:
1896 : : break;
1897 : : } // no default case, so the compiler can warn about missing cases
1898 : :
1899 : : // Count existing connections
1900 [ # # # # ]: 0 : int existing_connections = WITH_LOCK(m_nodes_mutex,
1901 : : return std::count_if(m_nodes.begin(), m_nodes.end(), [conn_type](CNode* node) { return node->m_conn_type == conn_type; }););
1902 : :
1903 : : // Max connections of specified type already exist
1904 [ # # ]: 0 : if (max_connections != std::nullopt && existing_connections >= max_connections) return false;
1905 : :
1906 : : // Max total outbound connections already exist
1907 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, true);
1908 [ # # ]: 0 : if (!grant) return false;
1909 : :
1910 [ # # # # : 0 : OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/use_v2transport);
# # ]
1911 : 0 : return true;
1912 : : }
1913 : :
1914 : 0 : void CConnman::DisconnectNodes()
1915 : : {
1916 : 0 : AssertLockNotHeld(m_nodes_mutex);
1917 : 0 : AssertLockNotHeld(m_reconnections_mutex);
1918 : :
1919 : : // Use a temporary variable to accumulate desired reconnections, so we don't need
1920 : : // m_reconnections_mutex while holding m_nodes_mutex.
1921 [ # # ]: 0 : decltype(m_reconnections) reconnections_to_add;
1922 : :
1923 : 0 : {
1924 [ # # ]: 0 : LOCK(m_nodes_mutex);
1925 : :
1926 [ # # ]: 0 : const bool network_active{fNetworkActive};
1927 [ # # ]: 0 : if (!network_active) {
1928 : : // Disconnect any connected nodes
1929 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1930 [ # # ]: 0 : if (!pnode->fDisconnect) {
1931 [ # # # # : 0 : LogDebug(BCLog::NET, "Network not active, %s", pnode->DisconnectMsg());
# # # # ]
1932 : 0 : pnode->fDisconnect = true;
1933 : : }
1934 : : }
1935 : : }
1936 : :
1937 : : // Disconnect unused nodes
1938 [ # # ]: 0 : std::vector<CNode*> nodes_copy = m_nodes;
1939 [ # # ]: 0 : for (CNode* pnode : nodes_copy)
1940 : : {
1941 [ # # ]: 0 : if (pnode->fDisconnect)
1942 : : {
1943 : : // remove from m_nodes
1944 : 0 : m_nodes.erase(remove(m_nodes.begin(), m_nodes.end(), pnode), m_nodes.end());
1945 : :
1946 : : // Add to reconnection list if appropriate. We don't reconnect right here, because
1947 : : // the creation of a connection is a blocking operation (up to several seconds),
1948 : : // and we don't want to hold up the socket handler thread for that long.
1949 [ # # # # ]: 0 : if (network_active && pnode->m_transport->ShouldReconnectV1()) {
1950 : 0 : reconnections_to_add.push_back({
1951 : 0 : .addr_connect = pnode->addr,
1952 [ # # ]: 0 : .grant = std::move(pnode->grantOutbound),
1953 : 0 : .destination = pnode->m_dest,
1954 : 0 : .conn_type = pnode->m_conn_type,
1955 : : .use_v2transport = false});
1956 [ # # # # : 0 : LogDebug(BCLog::NET, "retrying with v1 transport protocol for peer=%d\n", pnode->GetId());
# # ]
1957 : : }
1958 : :
1959 : : // release outbound grant (if any)
1960 : 0 : pnode->grantOutbound.Release();
1961 : :
1962 : : // close socket and cleanup
1963 [ # # ]: 0 : pnode->CloseSocketDisconnect();
1964 : :
1965 : : // update connection count by network
1966 [ # # # # ]: 0 : if (pnode->IsManualOrFullOutboundConn()) --m_network_conn_counts[pnode->addr.GetNetwork()];
1967 : :
1968 : : // hold in disconnected pool until all refs are released
1969 [ # # ]: 0 : pnode->Release();
1970 [ # # ]: 0 : m_nodes_disconnected.push_back(pnode);
1971 : : }
1972 : : }
1973 [ # # ]: 0 : }
1974 : 0 : {
1975 : : // Delete disconnected nodes
1976 [ # # ]: 0 : std::list<CNode*> nodes_disconnected_copy = m_nodes_disconnected;
1977 [ # # ]: 0 : for (CNode* pnode : nodes_disconnected_copy)
1978 : : {
1979 : : // Destroy the object only after other threads have stopped using it.
1980 [ # # ]: 0 : if (pnode->GetRefCount() <= 0) {
1981 : 0 : m_nodes_disconnected.remove(pnode);
1982 [ # # ]: 0 : DeleteNode(pnode);
1983 : : }
1984 : : }
1985 : 0 : }
1986 : 0 : {
1987 : : // Move entries from reconnections_to_add to m_reconnections.
1988 [ # # ]: 0 : LOCK(m_reconnections_mutex);
1989 [ # # ]: 0 : m_reconnections.splice(m_reconnections.end(), std::move(reconnections_to_add));
1990 : 0 : }
1991 [ # # # # : 0 : }
# # ]
1992 : :
1993 : 0 : void CConnman::NotifyNumConnectionsChanged()
1994 : : {
1995 : 0 : size_t nodes_size;
1996 : 0 : {
1997 : 0 : LOCK(m_nodes_mutex);
1998 [ # # # # ]: 0 : nodes_size = m_nodes.size();
1999 : 0 : }
2000 [ # # ]: 0 : if(nodes_size != nPrevNodeCount) {
2001 : 0 : nPrevNodeCount = nodes_size;
2002 [ # # ]: 0 : if (m_client_interface) {
2003 : 0 : m_client_interface->NotifyNumConnectionsChanged(nodes_size);
2004 : : }
2005 : : }
2006 : 0 : }
2007 : :
2008 : 792095 : bool CConnman::ShouldRunInactivityChecks(const CNode& node, std::chrono::microseconds now) const
2009 : : {
2010 : 792095 : return node.m_connected + m_peer_connect_timeout < now;
2011 : : }
2012 : :
2013 : 786 : bool CConnman::InactivityCheck(const CNode& node, std::chrono::microseconds now) const
2014 : : {
2015 : : // Tests that see disconnects after using mocktime can start nodes with a
2016 : : // large timeout. For example, -peertimeout=999999999.
2017 : 786 : const auto last_send{node.m_last_send.load()};
2018 : 786 : const auto last_recv{node.m_last_recv.load()};
2019 : :
2020 [ - + ]: 786 : if (!ShouldRunInactivityChecks(node, now)) return false;
2021 : :
2022 [ # # ]: 0 : bool has_received{last_recv.count() != 0};
2023 : 0 : bool has_sent{last_send.count() != 0};
2024 : :
2025 [ # # ]: 0 : if (!has_received || !has_sent) {
2026 [ # # ]: 0 : std::string has_never;
2027 [ # # # # ]: 0 : if (!has_received) has_never += ", never received from peer";
2028 [ # # # # ]: 0 : if (!has_sent) has_never += ", never sent to peer";
2029 [ # # # # : 0 : LogDebug(BCLog::NET,
# # # # ]
2030 : : "socket no message in first %i seconds%s, %s",
2031 : : count_seconds(m_peer_connect_timeout),
2032 : : has_never,
2033 : : node.DisconnectMsg()
2034 : : );
2035 : 0 : return true;
2036 : 0 : }
2037 : :
2038 [ # # ]: 0 : if (now > last_send + TIMEOUT_INTERVAL) {
2039 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2040 : : "socket sending timeout: %is, %s", Ticks<std::chrono::seconds>(now - last_send),
2041 : : node.DisconnectMsg()
2042 : : );
2043 : 0 : return true;
2044 : : }
2045 : :
2046 [ # # ]: 0 : if (now > last_recv + TIMEOUT_INTERVAL) {
2047 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2048 : : "socket receive timeout: %is, %s", Ticks<std::chrono::seconds>(now - last_recv),
2049 : : node.DisconnectMsg()
2050 : : );
2051 : 0 : return true;
2052 : : }
2053 : :
2054 [ # # ]: 0 : if (!node.fSuccessfullyConnected) {
2055 [ # # ]: 0 : if (node.m_transport->GetInfo().transport_type == TransportProtocolType::DETECTING) {
2056 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 handshake timeout, %s", node.DisconnectMsg());
2057 : : } else {
2058 [ # # # # ]: 0 : LogDebug(BCLog::NET, "version handshake timeout, %s", node.DisconnectMsg());
2059 : : }
2060 : 0 : return true;
2061 : : }
2062 : :
2063 : : return false;
2064 : : }
2065 : :
2066 : 1325 : Sock::EventsPerSock CConnman::GenerateWaitSockets(std::span<CNode* const> nodes)
2067 : : {
2068 : 1325 : Sock::EventsPerSock events_per_sock;
2069 : :
2070 [ + + ]: 3733 : for (const ListenSocket& hListenSocket : vhListenSocket) {
2071 [ + - ]: 2408 : events_per_sock.emplace(hListenSocket.sock, Sock::Events{Sock::RECV});
2072 : : }
2073 : :
2074 [ + + ]: 223565 : for (CNode* pnode : nodes) {
2075 [ + - ]: 222240 : bool select_recv = !pnode->fPauseRecv;
2076 : 222240 : bool select_send;
2077 : 222240 : {
2078 [ + - ]: 222240 : LOCK(pnode->cs_vSend);
2079 : : // Sending is possible if either there are bytes to send right now, or if there will be
2080 : : // once a potential message from vSendMsg is handed to the transport. GetBytesToSend
2081 : : // determines both of these in a single call.
2082 [ + + ]: 222240 : const auto& [to_send, more, _msg_type] = pnode->m_transport->GetBytesToSend(!pnode->vSendMsg.empty());
2083 [ + + + - : 444476 : select_send = !to_send.empty() || more;
+ - ]
2084 : 222240 : }
2085 [ - + ]: 222240 : if (!select_recv && !select_send) continue;
2086 : :
2087 [ + - ]: 222240 : LOCK(pnode->m_sock_mutex);
2088 [ + - ]: 222240 : if (pnode->m_sock) {
2089 [ + + - + ]: 444476 : Sock::Event event = (select_send ? Sock::SEND : 0) | (select_recv ? Sock::RECV : 0);
2090 [ + - ]: 222240 : events_per_sock.emplace(pnode->m_sock, Sock::Events{event});
2091 : : }
2092 : 222240 : }
2093 : :
2094 : 1325 : return events_per_sock;
2095 : 0 : }
2096 : :
2097 : 1325 : void CConnman::SocketHandler()
2098 : : {
2099 : 1325 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2100 : :
2101 [ + - ]: 1325 : Sock::EventsPerSock events_per_sock;
2102 : :
2103 : 1325 : {
2104 [ + - ]: 1325 : const NodesSnapshot snap{*this, /*shuffle=*/false};
2105 : :
2106 : 1325 : const auto timeout = std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS);
2107 : :
2108 : : // Check for the readiness of the already connected sockets and the
2109 : : // listening sockets in one call ("readiness" as in poll(2) or
2110 : : // select(2)). If none are ready, wait for a short while and return
2111 : : // empty sets.
2112 [ - + + - ]: 2650 : events_per_sock = GenerateWaitSockets(snap.Nodes());
2113 [ + + + - : 1325 : if (events_per_sock.empty() || !events_per_sock.begin()->first->WaitMany(timeout, events_per_sock)) {
- + ]
2114 [ + - ]: 67 : m_interrupt_net->sleep_for(timeout);
2115 : : }
2116 : :
2117 : : // Service (send/receive) each of the already connected nodes.
2118 [ + - ]: 1325 : SocketHandlerConnected(snap.Nodes(), events_per_sock);
2119 : 1325 : }
2120 : :
2121 : : // Accept new connections from listening sockets.
2122 [ + - ]: 1325 : SocketHandlerListening(events_per_sock);
2123 : 1325 : }
2124 : :
2125 : 1325 : void CConnman::SocketHandlerConnected(const std::vector<CNode*>& nodes,
2126 : : const Sock::EventsPerSock& events_per_sock)
2127 : : {
2128 : 1325 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2129 : :
2130 : 1325 : auto now = GetTime<std::chrono::microseconds>();
2131 : :
2132 [ + + ]: 2111 : for (CNode* pnode : nodes) {
2133 [ + + ]: 2038 : if (m_interrupt_net->interrupted()) {
2134 : : return;
2135 : : }
2136 : :
2137 : : //
2138 : : // Receive
2139 : : //
2140 : 786 : bool recvSet = false;
2141 : 786 : bool sendSet = false;
2142 : 786 : bool errorSet = false;
2143 : 786 : {
2144 : 786 : LOCK(pnode->m_sock_mutex);
2145 [ - + ]: 786 : if (!pnode->m_sock) {
2146 [ # # ]: 0 : continue;
2147 : : }
2148 [ + - + - ]: 1572 : const auto it = events_per_sock.find(pnode->m_sock);
2149 [ + - + - ]: 1572 : if (it != events_per_sock.end()) {
2150 : 786 : recvSet = it->second.occurred & Sock::RECV;
2151 : 786 : sendSet = it->second.occurred & Sock::SEND;
2152 : 786 : errorSet = it->second.occurred & Sock::ERR;
2153 : : }
2154 : 0 : }
2155 : :
2156 [ - + ]: 786 : if (sendSet) {
2157 : : // Send data
2158 [ # # # # ]: 0 : auto [bytes_sent, data_left] = WITH_LOCK(pnode->cs_vSend, return SocketSendData(*pnode));
2159 [ # # ]: 0 : if (bytes_sent) {
2160 : 0 : RecordBytesSent(bytes_sent);
2161 : :
2162 : : // If both receiving and (non-optimistic) sending were possible, we first attempt
2163 : : // sending. If that succeeds, but does not fully drain the send queue, do not
2164 : : // attempt to receive. This avoids needlessly queueing data if the remote peer
2165 : : // is slow at receiving data, by means of TCP flow control. We only do this when
2166 : : // sending actually succeeded to make sure progress is always made; otherwise a
2167 : : // deadlock would be possible when both sides have data to send, but neither is
2168 : : // receiving.
2169 [ # # ]: 0 : if (data_left) recvSet = false;
2170 : : }
2171 : : }
2172 : :
2173 [ + + ]: 786 : if (recvSet || errorSet)
2174 : : {
2175 : : // typical socket buffer is 8K-64K
2176 : 556 : uint8_t pchBuf[0x10000];
2177 : 556 : int nBytes = 0;
2178 : 556 : {
2179 : 556 : LOCK(pnode->m_sock_mutex);
2180 [ - + ]: 556 : if (!pnode->m_sock) {
2181 [ # # ]: 0 : continue;
2182 : : }
2183 [ + - + - ]: 556 : nBytes = pnode->m_sock->Recv(pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
2184 : 0 : }
2185 [ + + ]: 556 : if (nBytes > 0)
2186 : : {
2187 : 276 : bool notify = false;
2188 [ + - ]: 276 : if (!pnode->ReceiveMsgBytes({pchBuf, (size_t)nBytes}, notify)) {
2189 [ - + - - ]: 276 : LogDebug(BCLog::NET,
2190 : : "receiving message bytes failed, %s",
2191 : : pnode->DisconnectMsg()
2192 : : );
2193 : 276 : pnode->CloseSocketDisconnect();
2194 : : }
2195 : 276 : RecordBytesRecv(nBytes);
2196 [ - + ]: 276 : if (notify) {
2197 : 0 : pnode->MarkReceivedMsgsForProcessing();
2198 : 0 : WakeMessageHandler();
2199 : : }
2200 : : }
2201 [ + + ]: 280 : else if (nBytes == 0)
2202 : : {
2203 : : // socket closed gracefully
2204 [ + + ]: 279 : if (!pnode->fDisconnect) {
2205 [ - + - - ]: 265 : LogDebug(BCLog::NET, "socket closed, %s", pnode->DisconnectMsg());
2206 : : }
2207 : 279 : pnode->CloseSocketDisconnect();
2208 : : }
2209 [ + - ]: 1 : else if (nBytes < 0)
2210 : : {
2211 : : // error
2212 : 1 : int nErr = WSAGetLastError();
2213 [ + - + - ]: 1 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS)
2214 : : {
2215 [ + - ]: 1 : if (!pnode->fDisconnect) {
2216 [ - + - - : 1 : LogDebug(BCLog::NET, "socket recv error, %s: %s", pnode->DisconnectMsg(), NetworkErrorString(nErr));
- - ]
2217 : : }
2218 : 1 : pnode->CloseSocketDisconnect();
2219 : : }
2220 : : }
2221 : : }
2222 : :
2223 [ - + ]: 786 : if (InactivityCheck(*pnode, now)) pnode->fDisconnect = true;
2224 : : }
2225 : : }
2226 : :
2227 : 1325 : void CConnman::SocketHandlerListening(const Sock::EventsPerSock& events_per_sock)
2228 : : {
2229 [ + + ]: 1453 : for (const ListenSocket& listen_socket : vhListenSocket) {
2230 [ + + ]: 184 : if (m_interrupt_net->interrupted()) {
2231 : : return;
2232 : : }
2233 [ + - + - ]: 256 : const auto it = events_per_sock.find(listen_socket.sock);
2234 [ + - - + ]: 128 : if (it != events_per_sock.end() && it->second.occurred & Sock::RECV) {
2235 : 0 : AcceptConnection(listen_socket);
2236 : : }
2237 : : }
2238 : : }
2239 : :
2240 : 0 : void CConnman::ThreadSocketHandler()
2241 : : {
2242 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2243 : :
2244 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2245 : 0 : DisconnectNodes();
2246 : 0 : NotifyNumConnectionsChanged();
2247 : 0 : SocketHandler();
2248 : : }
2249 : 0 : }
2250 : :
2251 : 0 : void CConnman::WakeMessageHandler()
2252 : : {
2253 : 0 : {
2254 : 0 : LOCK(mutexMsgProc);
2255 [ # # ]: 0 : fMsgProcWake = true;
2256 : 0 : }
2257 : 0 : condMsgProc.notify_one();
2258 : 0 : }
2259 : :
2260 : 0 : void CConnman::ThreadDNSAddressSeed()
2261 : : {
2262 : 0 : int outbound_connection_count = 0;
2263 : :
2264 [ # # # # ]: 0 : if (!gArgs.GetArgs("-seednode").empty()) {
2265 : 0 : auto start = NodeClock::now();
2266 : 0 : constexpr std::chrono::seconds SEEDNODE_TIMEOUT = 30s;
2267 : 0 : LogInfo("-seednode enabled. Trying the provided seeds for %d seconds before defaulting to the dnsseeds.\n", SEEDNODE_TIMEOUT.count());
2268 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2269 [ # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2270 : : return;
2271 : : }
2272 : :
2273 : : // Abort if we have spent enough time without reaching our target.
2274 : : // Giving seed nodes 30 seconds so this does not become a race against fixedseeds (which triggers after 1 min)
2275 [ # # ]: 0 : if (NodeClock::now() > start + SEEDNODE_TIMEOUT) {
2276 : 0 : LogInfo("Couldn't connect to enough peers via seed nodes. Handing fetch logic to the DNS seeds.\n");
2277 : 0 : break;
2278 : : }
2279 : :
2280 : 0 : outbound_connection_count = GetFullOutboundConnCount();
2281 [ # # ]: 0 : if (outbound_connection_count >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2282 : 0 : LogInfo("P2P peers available. Finished fetching data from seed nodes.\n");
2283 : 0 : break;
2284 : : }
2285 : : }
2286 : : }
2287 : :
2288 : 0 : FastRandomContext rng;
2289 [ # # ]: 0 : std::vector<std::string> seeds = m_params.DNSSeeds();
2290 : 0 : std::shuffle(seeds.begin(), seeds.end(), rng);
2291 : 0 : int seeds_right_now = 0; // Number of seeds left before testing if we have enough connections
2292 : :
2293 [ # # # # : 0 : if (gArgs.GetBoolArg("-forcednsseed", DEFAULT_FORCEDNSSEED)) {
# # ]
2294 : : // When -forcednsseed is provided, query all.
2295 [ # # ]: 0 : seeds_right_now = seeds.size();
2296 [ # # # # ]: 0 : } else if (addrman.get().Size() == 0) {
2297 : : // If we have no known peers, query all.
2298 : : // This will occur on the first run, or if peers.dat has been
2299 : : // deleted.
2300 [ # # ]: 0 : seeds_right_now = seeds.size();
2301 : : }
2302 : :
2303 : : // Proceed with dnsseeds if seednodes hasn't reached the target or if forcednsseed is set
2304 [ # # ]: 0 : if (outbound_connection_count < SEED_OUTBOUND_CONNECTION_THRESHOLD || seeds_right_now) {
2305 : : // goal: only query DNS seed if address need is acute
2306 : : // * If we have a reasonable number of peers in addrman, spend
2307 : : // some time trying them first. This improves user privacy by
2308 : : // creating fewer identifying DNS requests, reduces trust by
2309 : : // giving seeds less influence on the network topology, and
2310 : : // reduces traffic to the seeds.
2311 : : // * When querying DNS seeds query a few at once, this ensures
2312 : : // that we don't give DNS seeds the ability to eclipse nodes
2313 : : // that query them.
2314 : : // * If we continue having problems, eventually query all the
2315 : : // DNS seeds, and if that fails too, also try the fixed seeds.
2316 : : // (done in ThreadOpenConnections)
2317 : 0 : int found = 0;
2318 [ # # # # ]: 0 : const std::chrono::seconds seeds_wait_time = (addrman.get().Size() >= DNSSEEDS_DELAY_PEER_THRESHOLD ? DNSSEEDS_DELAY_MANY_PEERS : DNSSEEDS_DELAY_FEW_PEERS);
2319 : :
2320 [ # # ]: 0 : for (const std::string& seed : seeds) {
2321 [ # # ]: 0 : if (seeds_right_now == 0) {
2322 : 0 : seeds_right_now += DNSSEEDS_TO_QUERY_AT_ONCE;
2323 : :
2324 [ # # # # ]: 0 : if (addrman.get().Size() > 0) {
2325 [ # # ]: 0 : LogInfo("Waiting %d seconds before querying DNS seeds.\n", seeds_wait_time.count());
2326 : 0 : std::chrono::seconds to_wait = seeds_wait_time;
2327 [ # # ]: 0 : while (to_wait.count() > 0) {
2328 : : // if sleeping for the MANY_PEERS interval, wake up
2329 : : // early to see if we have enough peers and can stop
2330 : : // this thread entirely freeing up its resources
2331 : 0 : std::chrono::seconds w = std::min(DNSSEEDS_DELAY_FEW_PEERS, to_wait);
2332 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(w)) return;
2333 [ # # ]: 0 : to_wait -= w;
2334 : :
2335 [ # # # # ]: 0 : if (GetFullOutboundConnCount() >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2336 [ # # ]: 0 : if (found > 0) {
2337 [ # # ]: 0 : LogInfo("%d addresses found from DNS seeds\n", found);
2338 [ # # ]: 0 : LogInfo("P2P peers available. Finished DNS seeding.\n");
2339 : : } else {
2340 [ # # ]: 0 : LogInfo("P2P peers available. Skipped DNS seeding.\n");
2341 : : }
2342 : 0 : return;
2343 : : }
2344 : : }
2345 : : }
2346 : : }
2347 : :
2348 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) return;
2349 : :
2350 : : // hold off on querying seeds if P2P network deactivated
2351 [ # # ]: 0 : if (!fNetworkActive) {
2352 [ # # ]: 0 : LogInfo("Waiting for network to be reactivated before querying DNS seeds.\n");
2353 : 0 : do {
2354 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(1s)) return;
2355 [ # # ]: 0 : } while (!fNetworkActive);
2356 : : }
2357 : :
2358 [ # # ]: 0 : LogInfo("Loading addresses from DNS seed %s\n", seed);
2359 : : // If -proxy is in use, we make an ADDR_FETCH connection to the DNS resolved peer address
2360 : : // for the base dns seed domain in chainparams
2361 [ # # # # ]: 0 : if (HaveNameProxy()) {
2362 [ # # ]: 0 : AddAddrFetch(seed);
2363 : : } else {
2364 : 0 : std::vector<CAddress> vAdd;
2365 : 0 : constexpr ServiceFlags requiredServiceBits{SeedsServiceFlags()};
2366 [ # # ]: 0 : std::string host = strprintf("x%x.%s", requiredServiceBits, seed);
2367 [ # # ]: 0 : CNetAddr resolveSource;
2368 [ # # # # ]: 0 : if (!resolveSource.SetInternal(host)) {
2369 : 0 : continue;
2370 : : }
2371 : : // Limit number of IPs learned from a single DNS seed. This limit exists to prevent the results from
2372 : : // one DNS seed from dominating AddrMan. Note that the number of results from a UDP DNS query is
2373 : : // bounded to 33 already, but it is possible for it to use TCP where a larger number of results can be
2374 : : // returned.
2375 : 0 : unsigned int nMaxIPs = 32;
2376 [ # # # # ]: 0 : const auto addresses{LookupHost(host, nMaxIPs, true)};
2377 [ # # ]: 0 : if (!addresses.empty()) {
2378 [ # # ]: 0 : for (const CNetAddr& ip : addresses) {
2379 [ # # ]: 0 : CAddress addr = CAddress(CService(ip, m_params.GetDefaultPort()), requiredServiceBits);
2380 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - 3 * 24h, -4 * 24h); // use a random age between 3 and 7 days old
2381 [ # # ]: 0 : vAdd.push_back(addr);
2382 : 0 : found++;
2383 : 0 : }
2384 [ # # ]: 0 : addrman.get().Add(vAdd, resolveSource);
2385 : : } else {
2386 : : // If the seed does not support a subdomain with our desired service bits,
2387 : : // we make an ADDR_FETCH connection to the DNS resolved peer address for the
2388 : : // base dns seed domain in chainparams
2389 [ # # ]: 0 : AddAddrFetch(seed);
2390 : : }
2391 : 0 : }
2392 : 0 : --seeds_right_now;
2393 : : }
2394 [ # # ]: 0 : LogInfo("%d addresses found from DNS seeds\n", found);
2395 : : } else {
2396 [ # # ]: 0 : LogInfo("Skipping DNS seeds. Enough peers have been found\n");
2397 : : }
2398 : 0 : }
2399 : :
2400 : 0 : void CConnman::DumpAddresses()
2401 : : {
2402 : 0 : const auto start{SteadyClock::now()};
2403 : :
2404 : 0 : DumpPeerAddresses(::gArgs, addrman);
2405 : :
2406 [ # # ]: 0 : LogDebug(BCLog::NET, "Flushed %d addresses to peers.dat %dms",
2407 : : addrman.get().Size(), Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
2408 : 0 : }
2409 : :
2410 : 0 : void CConnman::ProcessAddrFetch()
2411 : : {
2412 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2413 [ # # ]: 0 : std::string strDest;
2414 : 0 : {
2415 [ # # ]: 0 : LOCK(m_addr_fetches_mutex);
2416 [ # # ]: 0 : if (m_addr_fetches.empty())
2417 [ # # ]: 0 : return;
2418 [ # # ]: 0 : strDest = m_addr_fetches.front();
2419 [ # # ]: 0 : m_addr_fetches.pop_front();
2420 : 0 : }
2421 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2422 : : // peer doesn't support it or immediately disconnects us for another reason.
2423 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2424 [ # # ]: 0 : CAddress addr;
2425 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, /*fTry=*/true);
2426 [ # # ]: 0 : if (grant) {
2427 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), strDest.c_str(), ConnectionType::ADDR_FETCH, use_v2transport);
2428 : : }
2429 : 0 : }
2430 : :
2431 : 2074 : bool CConnman::GetTryNewOutboundPeer() const
2432 : : {
2433 : 2074 : return m_try_another_outbound_peer;
2434 : : }
2435 : :
2436 : 2340 : void CConnman::SetTryNewOutboundPeer(bool flag)
2437 : : {
2438 : 2340 : m_try_another_outbound_peer = flag;
2439 [ - + - - ]: 2340 : LogDebug(BCLog::NET, "setting try another outbound peer=%s\n", flag ? "true" : "false");
2440 : 2340 : }
2441 : :
2442 : 0 : void CConnman::StartExtraBlockRelayPeers()
2443 : : {
2444 [ # # ]: 0 : LogDebug(BCLog::NET, "enabling extra block-relay-only peers\n");
2445 : 0 : m_start_extra_block_relay_peers = true;
2446 : 0 : }
2447 : :
2448 : : // Return the number of outbound connections that are full relay (not blocks only)
2449 : 0 : int CConnman::GetFullOutboundConnCount() const
2450 : : {
2451 : 0 : int nRelevant = 0;
2452 : 0 : {
2453 : 0 : LOCK(m_nodes_mutex);
2454 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2455 [ # # # # ]: 0 : if (pnode->fSuccessfullyConnected && pnode->IsFullOutboundConn()) ++nRelevant;
2456 : : }
2457 : 0 : }
2458 : 0 : return nRelevant;
2459 : : }
2460 : :
2461 : : // Return the number of peers we have over our outbound connection limit
2462 : : // Exclude peers that are marked for disconnect, or are going to be
2463 : : // disconnected soon (eg ADDR_FETCH and FEELER)
2464 : : // Also exclude peers that haven't finished initial connection handshake yet
2465 : : // (so that we don't decide we're over our desired connection limit, and then
2466 : : // evict some peer that has finished the handshake)
2467 : 2074 : int CConnman::GetExtraFullOutboundCount() const
2468 : : {
2469 : 2074 : int full_outbound_peers = 0;
2470 : 2074 : {
2471 : 2074 : LOCK(m_nodes_mutex);
2472 [ + + ]: 25437 : for (const CNode* pnode : m_nodes) {
2473 [ + + + + : 23363 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsFullOutboundConn()) {
+ + ]
2474 : 1937 : ++full_outbound_peers;
2475 : : }
2476 : : }
2477 : 2074 : }
2478 [ + - ]: 2074 : return std::max(full_outbound_peers - m_max_outbound_full_relay, 0);
2479 : : }
2480 : :
2481 : 0 : int CConnman::GetExtraBlockRelayCount() const
2482 : : {
2483 : 0 : int block_relay_peers = 0;
2484 : 0 : {
2485 : 0 : LOCK(m_nodes_mutex);
2486 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2487 [ # # # # : 0 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsBlockOnlyConn()) {
# # ]
2488 : 0 : ++block_relay_peers;
2489 : : }
2490 : : }
2491 : 0 : }
2492 [ # # ]: 0 : return std::max(block_relay_peers - m_max_outbound_block_relay, 0);
2493 : : }
2494 : :
2495 : 0 : std::unordered_set<Network> CConnman::GetReachableEmptyNetworks() const
2496 : : {
2497 : 0 : std::unordered_set<Network> networks{};
2498 [ # # ]: 0 : for (int n = 0; n < NET_MAX; n++) {
2499 : 0 : enum Network net = (enum Network)n;
2500 [ # # ]: 0 : if (net == NET_UNROUTABLE || net == NET_INTERNAL) continue;
2501 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && addrman.get().Size(net, std::nullopt) == 0) {
# # # # ]
2502 [ # # ]: 0 : networks.insert(net);
2503 : : }
2504 : : }
2505 : 0 : return networks;
2506 : 0 : }
2507 : :
2508 : 0 : bool CConnman::MultipleManualOrFullOutboundConns(Network net) const
2509 : : {
2510 : 0 : AssertLockHeld(m_nodes_mutex);
2511 : 0 : return m_network_conn_counts[net] > 1;
2512 : : }
2513 : :
2514 : 0 : bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)
2515 : : {
2516 : 0 : std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};
2517 : 0 : std::shuffle(nets.begin(), nets.end(), FastRandomContext());
2518 : :
2519 : 0 : LOCK(m_nodes_mutex);
2520 [ # # ]: 0 : for (const auto net : nets) {
2521 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && m_network_conn_counts[net] == 0 && addrman.get().Size(net) != 0) {
# # # # #
# ]
2522 : 0 : network = net;
2523 : 0 : return true;
2524 : : }
2525 : : }
2526 : :
2527 : : return false;
2528 : 0 : }
2529 : :
2530 : 0 : void CConnman::ThreadOpenConnections(const std::vector<std::string> connect, std::span<const std::string> seed_nodes)
2531 : : {
2532 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2533 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2534 : 0 : FastRandomContext rng;
2535 : : // Connect to specific addresses
2536 [ # # ]: 0 : if (!connect.empty())
2537 : : {
2538 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2539 : : // peer doesn't support it or immediately disconnects us for another reason.
2540 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2541 : 0 : for (int64_t nLoop = 0;; nLoop++)
2542 : : {
2543 [ # # ]: 0 : for (const std::string& strAddr : connect)
2544 : : {
2545 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2546 [ # # # # ]: 0 : OpenNetworkConnection(addr, false, {}, strAddr.c_str(), ConnectionType::MANUAL, /*use_v2transport=*/use_v2transport);
2547 [ # # # # ]: 0 : for (int i = 0; i < 10 && i < nLoop; i++)
2548 : : {
2549 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2550 : 0 : return;
2551 : : }
2552 : : }
2553 : 0 : }
2554 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2555 : : return;
2556 : : }
2557 [ # # ]: 0 : PerformReconnections();
2558 : 0 : }
2559 : : }
2560 : :
2561 : : // Initiate network connections
2562 : 0 : auto start = GetTime<std::chrono::microseconds>();
2563 : :
2564 : : // Minimum time before next feeler connection (in microseconds).
2565 : 0 : auto next_feeler = start + rng.rand_exp_duration(FEELER_INTERVAL);
2566 : 0 : auto next_extra_block_relay = start + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2567 [ # # ]: 0 : auto next_extra_network_peer{start + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL)};
2568 [ # # # # ]: 0 : const bool dnsseed = gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED);
2569 [ # # # # ]: 0 : bool add_fixed_seeds = gArgs.GetBoolArg("-fixedseeds", DEFAULT_FIXEDSEEDS);
2570 [ # # # # ]: 0 : const bool use_seednodes{!gArgs.GetArgs("-seednode").empty()};
2571 : :
2572 : 0 : auto seed_node_timer = NodeClock::now();
2573 [ # # # # : 0 : bool add_addr_fetch{addrman.get().Size() == 0 && !seed_nodes.empty()};
# # ]
2574 : 0 : constexpr std::chrono::seconds ADD_NEXT_SEEDNODE = 10s;
2575 : :
2576 [ # # ]: 0 : if (!add_fixed_seeds) {
2577 [ # # ]: 0 : LogInfo("Fixed seeds are disabled\n");
2578 : : }
2579 : :
2580 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2581 [ # # ]: 0 : if (add_addr_fetch) {
2582 : 0 : add_addr_fetch = false;
2583 : 0 : const auto& seed{SpanPopBack(seed_nodes)};
2584 [ # # ]: 0 : AddAddrFetch(seed);
2585 : :
2586 [ # # # # ]: 0 : if (addrman.get().Size() == 0) {
2587 [ # # ]: 0 : LogInfo("Empty addrman, adding seednode (%s) to addrfetch\n", seed);
2588 : : } else {
2589 [ # # ]: 0 : LogInfo("Couldn't connect to peers from addrman after %d seconds. Adding seednode (%s) to addrfetch\n", ADD_NEXT_SEEDNODE.count(), seed);
2590 : : }
2591 : : }
2592 : :
2593 [ # # ]: 0 : ProcessAddrFetch();
2594 : :
2595 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2596 : : return;
2597 : : }
2598 : :
2599 [ # # ]: 0 : PerformReconnections();
2600 : :
2601 : 0 : CountingSemaphoreGrant<> grant(*semOutbound);
2602 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
2603 : : return;
2604 : : }
2605 : :
2606 [ # # ]: 0 : const std::unordered_set<Network> fixed_seed_networks{GetReachableEmptyNetworks()};
2607 [ # # # # ]: 0 : if (add_fixed_seeds && !fixed_seed_networks.empty()) {
2608 : : // When the node starts with an empty peers.dat, there are a few other sources of peers before
2609 : : // we fallback on to fixed seeds: -dnsseed, -seednode, -addnode
2610 : : // If none of those are available, we fallback on to fixed seeds immediately, else we allow
2611 : : // 60 seconds for any of those sources to populate addrman.
2612 : 0 : bool add_fixed_seeds_now = false;
2613 : : // It is cheapest to check if enough time has passed first.
2614 [ # # ]: 0 : if (GetTime<std::chrono::seconds>() > start + std::chrono::minutes{1}) {
2615 : 0 : add_fixed_seeds_now = true;
2616 [ # # ]: 0 : LogInfo("Adding fixed seeds as 60 seconds have passed and addrman is empty for at least one reachable network\n");
2617 : : }
2618 : :
2619 : : // Perform cheap checks before locking a mutex.
2620 [ # # ]: 0 : else if (!dnsseed && !use_seednodes) {
2621 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
2622 [ # # ]: 0 : if (m_added_node_params.empty()) {
2623 : 0 : add_fixed_seeds_now = true;
2624 [ # # ]: 0 : LogInfo("Adding fixed seeds as -dnsseed=0 (or IPv4/IPv6 connections are disabled via -onlynet) and neither -addnode nor -seednode are provided\n");
2625 : : }
2626 : 0 : }
2627 : :
2628 [ # # ]: 0 : if (add_fixed_seeds_now) {
2629 [ # # ]: 0 : std::vector<CAddress> seed_addrs{ConvertSeeds(m_params.FixedSeeds())};
2630 : : // We will not make outgoing connections to peers that are unreachable
2631 : : // (e.g. because of -onlynet configuration).
2632 : : // Therefore, we do not add them to addrman in the first place.
2633 : : // In case previously unreachable networks become reachable
2634 : : // (e.g. in case of -onlynet changes by the user), fixed seeds will
2635 : : // be loaded only for networks for which we have no addresses.
2636 [ # # ]: 0 : seed_addrs.erase(std::remove_if(seed_addrs.begin(), seed_addrs.end(),
2637 : 0 : [&fixed_seed_networks](const CAddress& addr) { return !fixed_seed_networks.contains(addr.GetNetwork()); }),
2638 [ # # ]: 0 : seed_addrs.end());
2639 [ # # ]: 0 : CNetAddr local;
2640 [ # # # # ]: 0 : local.SetInternal("fixedseeds");
2641 [ # # ]: 0 : addrman.get().Add(seed_addrs, local);
2642 : 0 : add_fixed_seeds = false;
2643 [ # # # # ]: 0 : LogInfo("Added %d fixed seeds from reachable networks.\n", seed_addrs.size());
2644 : 0 : }
2645 : : }
2646 : :
2647 : : //
2648 : : // Choose an address to connect to based on most recently seen
2649 : : //
2650 [ # # ]: 0 : CAddress addrConnect;
2651 : :
2652 : : // Only connect out to one peer per ipv4/ipv6 network group (/16 for IPv4).
2653 : 0 : int nOutboundFullRelay = 0;
2654 : 0 : int nOutboundBlockRelay = 0;
2655 : 0 : int outbound_privacy_network_peers = 0;
2656 [ # # ]: 0 : std::set<std::vector<unsigned char>> outbound_ipv46_peer_netgroups;
2657 : :
2658 : 0 : {
2659 [ # # ]: 0 : LOCK(m_nodes_mutex);
2660 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2661 [ # # ]: 0 : if (pnode->IsFullOutboundConn()) nOutboundFullRelay++;
2662 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) nOutboundBlockRelay++;
2663 : :
2664 : : // Make sure our persistent outbound slots to ipv4/ipv6 peers belong to different netgroups.
2665 [ # # ]: 0 : switch (pnode->m_conn_type) {
2666 : : // We currently don't take inbound connections into account. Since they are
2667 : : // free to make, an attacker could make them to prevent us from connecting to
2668 : : // certain peers.
2669 : : case ConnectionType::INBOUND:
2670 : : // Short-lived outbound connections should not affect how we select outbound
2671 : : // peers from addrman.
2672 : : case ConnectionType::ADDR_FETCH:
2673 : : case ConnectionType::FEELER:
2674 : : case ConnectionType::PRIVATE_BROADCAST:
2675 : : break;
2676 : 0 : case ConnectionType::MANUAL:
2677 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
2678 : 0 : case ConnectionType::BLOCK_RELAY:
2679 : 0 : const CAddress address{pnode->addr};
2680 [ # # # # : 0 : if (address.IsTor() || address.IsI2P() || address.IsCJDNS()) {
# # ]
2681 : : // Since our addrman-groups for these networks are
2682 : : // random, without relation to the route we
2683 : : // take to connect to these peers or to the
2684 : : // difficulty in obtaining addresses with diverse
2685 : : // groups, we don't worry about diversity with
2686 : : // respect to our addrman groups when connecting to
2687 : : // these networks.
2688 : 0 : ++outbound_privacy_network_peers;
2689 : : } else {
2690 [ # # # # ]: 0 : outbound_ipv46_peer_netgroups.insert(m_netgroupman.GetGroup(address));
2691 : : }
2692 : : } // no default case, so the compiler can warn about missing cases
2693 : : }
2694 : 0 : }
2695 : :
2696 [ # # # # ]: 0 : if (!seed_nodes.empty() && nOutboundFullRelay < SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2697 [ # # ]: 0 : if (NodeClock::now() > seed_node_timer + ADD_NEXT_SEEDNODE) {
2698 : 0 : seed_node_timer = NodeClock::now();
2699 : 0 : add_addr_fetch = true;
2700 : : }
2701 : : }
2702 : :
2703 : 0 : ConnectionType conn_type = ConnectionType::OUTBOUND_FULL_RELAY;
2704 : 0 : auto now = GetTime<std::chrono::microseconds>();
2705 : 0 : bool anchor = false;
2706 : 0 : bool fFeeler = false;
2707 : 0 : std::optional<Network> preferred_net;
2708 : :
2709 : : // Determine what type of connection to open. Opening
2710 : : // BLOCK_RELAY connections to addresses from anchors.dat gets the highest
2711 : : // priority. Then we open OUTBOUND_FULL_RELAY priority until we
2712 : : // meet our full-relay capacity. Then we open BLOCK_RELAY connection
2713 : : // until we hit our block-relay-only peer limit.
2714 : : // GetTryNewOutboundPeer() gets set when a stale tip is detected, so we
2715 : : // try opening an additional OUTBOUND_FULL_RELAY connection. If none of
2716 : : // these conditions are met, check to see if it's time to try an extra
2717 : : // block-relay-only peer (to confirm our tip is current, see below) or the next_feeler
2718 : : // timer to decide if we should open a FEELER.
2719 : :
2720 [ # # # # ]: 0 : if (!m_anchors.empty() && (nOutboundBlockRelay < m_max_outbound_block_relay)) {
2721 : : conn_type = ConnectionType::BLOCK_RELAY;
2722 : : anchor = true;
2723 [ # # ]: 0 : } else if (nOutboundFullRelay < m_max_outbound_full_relay) {
2724 : : // OUTBOUND_FULL_RELAY
2725 [ # # ]: 0 : } else if (nOutboundBlockRelay < m_max_outbound_block_relay) {
2726 : : conn_type = ConnectionType::BLOCK_RELAY;
2727 [ # # # # ]: 0 : } else if (GetTryNewOutboundPeer()) {
2728 : : // OUTBOUND_FULL_RELAY
2729 [ # # # # ]: 0 : } else if (now > next_extra_block_relay && m_start_extra_block_relay_peers) {
2730 : : // Periodically connect to a peer (using regular outbound selection
2731 : : // methodology from addrman) and stay connected long enough to sync
2732 : : // headers, but not much else.
2733 : : //
2734 : : // Then disconnect the peer, if we haven't learned anything new.
2735 : : //
2736 : : // The idea is to make eclipse attacks very difficult to pull off,
2737 : : // because every few minutes we're finding a new peer to learn headers
2738 : : // from.
2739 : : //
2740 : : // This is similar to the logic for trying extra outbound (full-relay)
2741 : : // peers, except:
2742 : : // - we do this all the time on an exponential timer, rather than just when
2743 : : // our tip is stale
2744 : : // - we potentially disconnect our next-youngest block-relay-only peer, if our
2745 : : // newest block-relay-only peer delivers a block more recently.
2746 : : // See the eviction logic in net_processing.cpp.
2747 : : //
2748 : : // Because we can promote these connections to block-relay-only
2749 : : // connections, they do not get their own ConnectionType enum
2750 : : // (similar to how we deal with extra outbound peers).
2751 : 0 : next_extra_block_relay = now + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2752 : 0 : conn_type = ConnectionType::BLOCK_RELAY;
2753 [ # # ]: 0 : } else if (now > next_feeler) {
2754 : 0 : next_feeler = now + rng.rand_exp_duration(FEELER_INTERVAL);
2755 : 0 : conn_type = ConnectionType::FEELER;
2756 : 0 : fFeeler = true;
2757 [ # # ]: 0 : } else if (nOutboundFullRelay == m_max_outbound_full_relay &&
2758 [ # # ]: 0 : m_max_outbound_full_relay == MAX_OUTBOUND_FULL_RELAY_CONNECTIONS &&
2759 [ # # # # : 0 : now > next_extra_network_peer &&
# # ]
2760 [ # # ]: 0 : MaybePickPreferredNetwork(preferred_net)) {
2761 : : // Full outbound connection management: Attempt to get at least one
2762 : : // outbound peer from each reachable network by making extra connections
2763 : : // and then protecting "only" peers from a network during outbound eviction.
2764 : : // This is not attempted if the user changed -maxconnections to a value
2765 : : // so low that less than MAX_OUTBOUND_FULL_RELAY_CONNECTIONS are made,
2766 : : // to prevent interactions with otherwise protected outbound peers.
2767 : 0 : next_extra_network_peer = now + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL);
2768 : : } else {
2769 : : // skip to next iteration of while loop
2770 : 0 : continue;
2771 : : }
2772 : :
2773 [ # # ]: 0 : addrman.get().ResolveCollisions();
2774 : :
2775 : 0 : const auto current_time{NodeClock::now()};
2776 : 0 : int nTries = 0;
2777 [ # # ]: 0 : const auto reachable_nets{g_reachable_nets.All()};
2778 : :
2779 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2780 [ # # # # ]: 0 : if (anchor && !m_anchors.empty()) {
2781 : 0 : const CAddress addr = m_anchors.back();
2782 : 0 : m_anchors.pop_back();
2783 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr) || !g_reachable_nets.Contains(addr) ||
# # # # #
# # # #
# ]
2784 [ # # # # : 0 : !m_msgproc->HasAllDesirableServiceFlags(addr.nServices) ||
# # ]
2785 [ # # ]: 0 : outbound_ipv46_peer_netgroups.contains(m_netgroupman.GetGroup(addr))) continue;
2786 : 0 : addrConnect = addr;
2787 [ # # # # : 0 : LogDebug(BCLog::NET, "Trying to make an anchor connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2788 : 0 : break;
2789 : 0 : }
2790 : :
2791 : : // If we didn't find an appropriate destination after trying 100 addresses fetched from addrman,
2792 : : // stop this loop, and let the outer loop run again (which sleeps, adds seed nodes, recalculates
2793 : : // already-connected network ranges, ...) before trying new addrman addresses.
2794 : 0 : nTries++;
2795 [ # # ]: 0 : if (nTries > 100)
2796 : : break;
2797 : :
2798 [ # # ]: 0 : CAddress addr;
2799 : 0 : NodeSeconds addr_last_try{0s};
2800 : :
2801 [ # # ]: 0 : if (fFeeler) {
2802 : : // First, try to get a tried table collision address. This returns
2803 : : // an empty (invalid) address if there are no collisions to try.
2804 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().SelectTriedCollision();
2805 : :
2806 [ # # # # ]: 0 : if (!addr.IsValid()) {
2807 : : // No tried table collisions. Select a new table address
2808 : : // for our feeler.
2809 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().Select(true, reachable_nets);
2810 [ # # # # ]: 0 : } else if (AlreadyConnectedToAddress(addr)) {
2811 : : // If test-before-evict logic would have us connect to a
2812 : : // peer that we're already connected to, just mark that
2813 : : // address as Good(). We won't be able to initiate the
2814 : : // connection anyway, so this avoids inadvertently evicting
2815 : : // a currently-connected peer.
2816 [ # # ]: 0 : addrman.get().Good(addr);
2817 : : // Select a new table address for our feeler instead.
2818 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().Select(true, reachable_nets);
2819 : : }
2820 : : } else {
2821 : : // Not a feeler
2822 : : // If preferred_net has a value set, pick an extra outbound
2823 : : // peer from that network. The eviction logic in net_processing
2824 : : // ensures that a peer from another network will be evicted.
2825 [ # # ]: 0 : std::tie(addr, addr_last_try) = preferred_net.has_value()
2826 [ # # # # : 0 : ? addrman.get().Select(false, {*preferred_net})
# # # # #
# # # ]
2827 [ # # ]: 0 : : addrman.get().Select(false, reachable_nets);
2828 : : }
2829 : :
2830 : : // Require outbound IPv4/IPv6 connections, other than feelers, to be to distinct network groups
2831 [ # # # # : 0 : if (!fFeeler && outbound_ipv46_peer_netgroups.contains(m_netgroupman.GetGroup(addr))) {
# # # # ]
2832 : 0 : continue;
2833 : : }
2834 : :
2835 : : // if we selected an invalid or local address, restart
2836 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
2837 : : break;
2838 : : }
2839 : :
2840 [ # # # # ]: 0 : if (!g_reachable_nets.Contains(addr)) {
2841 : 0 : continue;
2842 : : }
2843 : :
2844 : : // only consider very recently tried nodes after 30 failed attempts
2845 [ # # # # ]: 0 : if (current_time - addr_last_try < 10min && nTries < 30) {
2846 : 0 : continue;
2847 : : }
2848 : :
2849 : : // for non-feelers, require all the services we'll want,
2850 : : // for feelers, only require they be a full node (only because most
2851 : : // SPV clients don't have a good address DB available)
2852 [ # # # # : 0 : if (!fFeeler && !m_msgproc->HasAllDesirableServiceFlags(addr.nServices)) {
# # ]
2853 : 0 : continue;
2854 [ # # # # ]: 0 : } else if (fFeeler && !MayHaveUsefulAddressDB(addr.nServices)) {
2855 : 0 : continue;
2856 : : }
2857 : :
2858 : : // Do not connect to bad ports, unless 50 invalid addresses have been selected already.
2859 [ # # # # : 0 : if (nTries < 50 && (addr.IsIPv4() || addr.IsIPv6()) && IsBadPort(addr.GetPort())) {
# # # # #
# # # ]
2860 : 0 : continue;
2861 : : }
2862 : :
2863 : : // Do not make automatic outbound connections to addnode peers, to
2864 : : // not use our limited outbound slots for them and to ensure
2865 : : // addnode connections benefit from their intended protections.
2866 [ # # # # ]: 0 : if (AddedNodesContain(addr)) {
2867 [ # # # # : 0 : LogDebug(BCLog::NET, "Not making automatic %s%s connection to %s peer selected for manual (addnode) connection%s\n",
# # # # #
# # # # #
# # # # #
# # # # #
# # ]
2868 : : preferred_net.has_value() ? "network-specific " : "",
2869 : : ConnectionTypeAsString(conn_type), GetNetworkName(addr.GetNetwork()),
2870 : : fLogIPs ? strprintf(": %s", addr.ToStringAddrPort()) : "");
2871 : 0 : continue;
2872 : 0 : }
2873 : :
2874 : 0 : addrConnect = addr;
2875 : : break;
2876 : 0 : }
2877 : :
2878 [ # # # # ]: 0 : if (addrConnect.IsValid()) {
2879 [ # # ]: 0 : if (fFeeler) {
2880 : : // Add small amount of random noise before connection to avoid synchronization.
2881 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(rng.rand_uniform_duration<CThreadInterrupt::Clock>(FEELER_SLEEP_WINDOW))) {
2882 : 0 : return;
2883 : : }
2884 [ # # # # : 0 : LogDebug(BCLog::NET, "Making feeler connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2885 : : }
2886 : :
2887 [ # # # # : 0 : if (preferred_net != std::nullopt) LogDebug(BCLog::NET, "Making network specific connection to %s on %s.\n", addrConnect.ToStringAddrPort(), GetNetworkName(preferred_net.value()));
# # # # #
# # # #
# ]
2888 : :
2889 : : // Record addrman failure attempts when node has at least 2 persistent outbound connections to peers with
2890 : : // different netgroups in ipv4/ipv6 networks + all peers in Tor/I2P/CJDNS networks.
2891 : : // Don't record addrman failure attempts when node is offline. This can be identified since all local
2892 : : // network connections (if any) belong in the same netgroup, and the size of `outbound_ipv46_peer_netgroups` would only be 1.
2893 [ # # ]: 0 : const bool count_failures{((int)outbound_ipv46_peer_netgroups.size() + outbound_privacy_network_peers) >= std::min(m_max_automatic_connections - 1, 2)};
2894 : : // Use BIP324 transport when both us and them have NODE_V2_P2P set.
2895 [ # # ]: 0 : const bool use_v2transport(addrConnect.nServices & GetLocalServices() & NODE_P2P_V2);
2896 [ # # ]: 0 : OpenNetworkConnection(addrConnect, count_failures, std::move(grant), /*pszDest=*/nullptr, conn_type, use_v2transport);
2897 : : }
2898 : 0 : }
2899 : 0 : }
2900 : :
2901 : 0 : std::vector<CAddress> CConnman::GetCurrentBlockRelayOnlyConns() const
2902 : : {
2903 : 0 : std::vector<CAddress> ret;
2904 [ # # ]: 0 : LOCK(m_nodes_mutex);
2905 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2906 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) {
2907 [ # # ]: 0 : ret.push_back(pnode->addr);
2908 : : }
2909 : : }
2910 : :
2911 [ # # ]: 0 : return ret;
2912 : 0 : }
2913 : :
2914 : 2076 : std::vector<AddedNodeInfo> CConnman::GetAddedNodeInfo(bool include_connected) const
2915 : : {
2916 : 2076 : std::vector<AddedNodeInfo> ret;
2917 : :
2918 [ + - ]: 2076 : std::list<AddedNodeParams> lAddresses(0);
2919 : 2076 : {
2920 [ + - ]: 2076 : LOCK(m_added_nodes_mutex);
2921 [ - + + - ]: 2076 : ret.reserve(m_added_node_params.size());
2922 [ + - ]: 2076 : std::copy(m_added_node_params.cbegin(), m_added_node_params.cend(), std::back_inserter(lAddresses));
2923 : 0 : }
2924 : :
2925 : :
2926 : : // Build a map of all already connected addresses (by IP:port and by name) to inbound/outbound and resolved CService
2927 [ + - ]: 2076 : std::map<CService, bool> mapConnected;
2928 : 2076 : std::map<std::string, std::pair<bool, CService>> mapConnectedByName;
2929 : 2076 : {
2930 [ + - ]: 2076 : LOCK(m_nodes_mutex);
2931 [ + + ]: 25439 : for (const CNode* pnode : m_nodes) {
2932 [ + - + + ]: 23363 : if (pnode->addr.IsValid()) {
2933 [ + - ]: 19189 : mapConnected[pnode->addr] = pnode->IsInboundConn();
2934 : : }
2935 [ - + ]: 23363 : std::string addrName{pnode->m_addr_name};
2936 [ + - ]: 23363 : if (!addrName.empty()) {
2937 [ + - ]: 23363 : mapConnectedByName[std::move(addrName)] = std::make_pair(pnode->IsInboundConn(), static_cast<const CService&>(pnode->addr));
2938 : : }
2939 : 23363 : }
2940 : 0 : }
2941 : :
2942 [ + + ]: 2431 : for (const auto& addr : lAddresses) {
2943 [ + - + - : 710 : CService service{MaybeFlipIPv6toCJDNS(LookupNumeric(addr.m_added_node, GetDefaultPort(addr.m_added_node)))};
+ - + - ]
2944 [ + - + - ]: 355 : AddedNodeInfo addedNode{addr, CService(), false, false};
2945 [ + - + + ]: 355 : if (service.IsValid()) {
2946 : : // strAddNode is an IP:port
2947 [ + - ]: 51 : auto it = mapConnected.find(service);
2948 [ + + ]: 51 : if (it != mapConnected.end()) {
2949 [ + + ]: 4 : if (!include_connected) {
2950 : 3 : continue;
2951 : : }
2952 : 1 : addedNode.resolvedAddress = service;
2953 : 1 : addedNode.fConnected = true;
2954 : 1 : addedNode.fInbound = it->second;
2955 : : }
2956 : : } else {
2957 : : // strAddNode is a name
2958 : 304 : auto it = mapConnectedByName.find(addr.m_added_node);
2959 [ + + ]: 304 : if (it != mapConnectedByName.end()) {
2960 [ + + ]: 38 : if (!include_connected) {
2961 : 35 : continue;
2962 : : }
2963 : 3 : addedNode.resolvedAddress = it->second.second;
2964 : 3 : addedNode.fConnected = true;
2965 : 3 : addedNode.fInbound = it->second.first;
2966 : : }
2967 : : }
2968 [ + - ]: 317 : ret.emplace_back(std::move(addedNode));
2969 : 355 : }
2970 : :
2971 : 2076 : return ret;
2972 : 2076 : }
2973 : :
2974 : 0 : void CConnman::ThreadOpenAddedConnections()
2975 : : {
2976 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2977 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2978 : 0 : while (true)
2979 : : {
2980 : 0 : CountingSemaphoreGrant<> grant(*semAddnode);
2981 [ # # ]: 0 : std::vector<AddedNodeInfo> vInfo = GetAddedNodeInfo(/*include_connected=*/false);
2982 : 0 : bool tried = false;
2983 [ # # ]: 0 : for (const AddedNodeInfo& info : vInfo) {
2984 [ # # ]: 0 : if (!grant) {
2985 : : // If we've used up our semaphore and need a new one, let's not wait here since while we are waiting
2986 : : // the addednodeinfo state might change.
2987 : : break;
2988 : : }
2989 : 0 : tried = true;
2990 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2991 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), info.m_params.m_added_node.c_str(), ConnectionType::MANUAL, info.m_params.m_use_v2transport);
2992 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) return;
2993 : 0 : grant = CountingSemaphoreGrant<>(*semAddnode, /*fTry=*/true);
2994 : 0 : }
2995 : : // See if any reconnections are desired.
2996 [ # # ]: 0 : PerformReconnections();
2997 : : // Retry every 60 seconds if a connection was attempted, otherwise two seconds
2998 [ # # # # : 0 : if (!m_interrupt_net->sleep_for(tried ? 60s : 2s)) {
# # ]
2999 : : return;
3000 : : }
3001 : 0 : }
3002 : : }
3003 : :
3004 : : // if successful, this moves the passed grant to the constructed node
3005 : 25988 : bool CConnman::OpenNetworkConnection(const CAddress& addrConnect,
3006 : : bool fCountFailure,
3007 : : CountingSemaphoreGrant<>&& grant_outbound,
3008 : : const char* pszDest,
3009 : : ConnectionType conn_type,
3010 : : bool use_v2transport,
3011 : : const std::optional<Proxy>& proxy_override)
3012 : : {
3013 : 25988 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3014 [ - + ]: 25988 : assert(conn_type != ConnectionType::INBOUND);
3015 : :
3016 : : //
3017 : : // Initiate outbound network connection
3018 : : //
3019 [ + + ]: 25988 : if (m_interrupt_net->interrupted()) {
3020 : : return false;
3021 : : }
3022 [ + + ]: 777 : if (!fNetworkActive) {
3023 : : return false;
3024 : : }
3025 [ + + ]: 742 : if (!pszDest) {
3026 [ - + - - : 440 : bool banned_or_discouraged = m_banman && (m_banman->IsDiscouraged(addrConnect) || m_banman->IsBanned(addrConnect));
- - ]
3027 [ + + + - : 440 : if (IsLocal(addrConnect) || banned_or_discouraged || AlreadyConnectedToAddress(addrConnect)) {
+ + ]
3028 : 23 : return false;
3029 : : }
3030 [ + + ]: 302 : } else if (AlreadyConnectedToHost(pszDest)) {
3031 : : return false;
3032 : : }
3033 : :
3034 [ + - ]: 693 : CNode* pnode = ConnectNode(addrConnect, pszDest, fCountFailure, conn_type, use_v2transport, proxy_override);
3035 : :
3036 [ + + ]: 693 : if (!pnode)
3037 : : return false;
3038 : 156 : pnode->grantOutbound = std::move(grant_outbound);
3039 : :
3040 : 156 : m_msgproc->InitializeNode(*pnode, m_local_services);
3041 : 156 : {
3042 : 156 : LOCK(m_nodes_mutex);
3043 [ + - ]: 156 : m_nodes.push_back(pnode);
3044 : :
3045 : : // update connection count by network
3046 [ + + + - ]: 156 : if (pnode->IsManualOrFullOutboundConn()) ++m_network_conn_counts[pnode->addr.GetNetwork()];
3047 : 156 : }
3048 : :
3049 : : TRACEPOINT(net, outbound_connection,
3050 : : pnode->GetId(),
3051 : : pnode->m_addr_name.c_str(),
3052 : : pnode->ConnectionTypeAsString().c_str(),
3053 : : pnode->ConnectedThroughNetwork(),
3054 : 156 : GetNodeCount(ConnectionDirection::Out));
3055 : :
3056 : 156 : return true;
3057 : : }
3058 : :
3059 : 0 : std::optional<Network> CConnman::PrivateBroadcast::PickNetwork(std::optional<Proxy>& proxy) const
3060 : : {
3061 : 0 : prevector<4, Network> nets;
3062 : 0 : std::optional<Proxy> clearnet_proxy;
3063 [ # # ]: 0 : proxy.reset();
3064 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_ONION)) {
3065 : 0 : nets.push_back(NET_ONION);
3066 : :
3067 [ # # # # ]: 0 : clearnet_proxy = ProxyForIPv4or6();
3068 [ # # ]: 0 : if (clearnet_proxy.has_value()) {
3069 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_IPV4)) {
3070 : 0 : nets.push_back(NET_IPV4);
3071 : : }
3072 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_IPV6)) {
3073 : 0 : nets.push_back(NET_IPV6);
3074 : : }
3075 : : }
3076 : : }
3077 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_I2P)) {
3078 : 0 : nets.push_back(NET_I2P);
3079 : : }
3080 : :
3081 [ # # # # ]: 0 : if (nets.empty()) {
3082 : 0 : return std::nullopt;
3083 : : }
3084 : :
3085 [ # # # # ]: 0 : const Network net{nets[FastRandomContext{}.randrange(nets.size())]};
3086 [ # # ]: 0 : if (net == NET_IPV4 || net == NET_IPV6) {
3087 [ # # ]: 0 : proxy = clearnet_proxy;
3088 : : }
3089 : 0 : return net;
3090 : 0 : }
3091 : :
3092 : 0 : size_t CConnman::PrivateBroadcast::NumToOpen() const
3093 : : {
3094 : 0 : return m_num_to_open;
3095 : : }
3096 : :
3097 : 2098 : void CConnman::PrivateBroadcast::NumToOpenAdd(size_t n)
3098 : : {
3099 : 2098 : m_num_to_open += n;
3100 : 2098 : m_num_to_open.notify_all();
3101 : 2098 : }
3102 : :
3103 : 1 : size_t CConnman::PrivateBroadcast::NumToOpenSub(size_t n)
3104 : : {
3105 : 1 : size_t current_value{m_num_to_open.load()};
3106 : 1 : size_t new_value;
3107 : 1 : do {
3108 [ - + ]: 1 : new_value = current_value > n ? current_value - n : 0;
3109 [ - + ]: 1 : } while (!m_num_to_open.compare_exchange_strong(current_value, new_value));
3110 : 1 : return new_value;
3111 : : }
3112 : :
3113 : 0 : void CConnman::PrivateBroadcast::NumToOpenWait() const
3114 : : {
3115 : 0 : m_num_to_open.wait(0);
3116 : 0 : }
3117 : :
3118 : 0 : std::optional<Proxy> CConnman::PrivateBroadcast::ProxyForIPv4or6() const
3119 : : {
3120 [ # # ]: 0 : if (m_outbound_tor_ok_at_least_once.load()) {
3121 [ # # ]: 0 : if (const auto tor_proxy = GetProxy(NET_ONION)) {
3122 : : return tor_proxy;
3123 : 0 : }
3124 : : }
3125 : 0 : return std::nullopt;
3126 : : }
3127 : :
3128 : : Mutex NetEventsInterface::g_msgproc_mutex;
3129 : :
3130 : 0 : void CConnman::ThreadMessageHandler()
3131 : : {
3132 : 0 : LOCK(NetEventsInterface::g_msgproc_mutex);
3133 : :
3134 [ # # ]: 0 : while (!flagInterruptMsgProc)
3135 : : {
3136 : 0 : bool fMoreWork = false;
3137 : :
3138 : 0 : {
3139 : : // Randomize the order in which we process messages from/to our peers.
3140 : : // This prevents attacks in which an attacker exploits having multiple
3141 : : // consecutive connections in the m_nodes list.
3142 [ # # ]: 0 : const NodesSnapshot snap{*this, /*shuffle=*/true};
3143 : :
3144 [ # # ]: 0 : for (CNode* pnode : snap.Nodes()) {
3145 [ # # ]: 0 : if (pnode->fDisconnect)
3146 : 0 : continue;
3147 : :
3148 : : // Receive messages
3149 [ # # ]: 0 : bool fMoreNodeWork{m_msgproc->ProcessMessages(*pnode, flagInterruptMsgProc)};
3150 [ # # # # ]: 0 : fMoreWork |= (fMoreNodeWork && !pnode->fPauseSend);
3151 [ # # ]: 0 : if (flagInterruptMsgProc)
3152 : : return;
3153 : : // Send messages
3154 [ # # ]: 0 : m_msgproc->SendMessages(*pnode);
3155 : :
3156 [ # # ]: 0 : if (flagInterruptMsgProc)
3157 : : return;
3158 : : }
3159 [ # # ]: 0 : }
3160 : :
3161 [ # # ]: 0 : WAIT_LOCK(mutexMsgProc, lock);
3162 [ # # ]: 0 : if (!fMoreWork) {
3163 [ # # # # ]: 0 : condMsgProc.wait_until(lock, std::chrono::steady_clock::now() + std::chrono::milliseconds(100), [this]() EXCLUSIVE_LOCKS_REQUIRED(mutexMsgProc) { return fMsgProcWake; });
3164 : : }
3165 [ # # ]: 0 : fMsgProcWake = false;
3166 : 0 : }
3167 : 0 : }
3168 : :
3169 : 0 : void CConnman::ThreadI2PAcceptIncoming()
3170 : : {
3171 : 0 : static constexpr auto err_wait_begin = 1s;
3172 : 0 : static constexpr auto err_wait_cap = 5min;
3173 : 0 : auto err_wait = err_wait_begin;
3174 : :
3175 : 0 : bool advertising_listen_addr = false;
3176 : 0 : i2p::Connection conn;
3177 : :
3178 : 0 : auto SleepOnFailure = [&]() {
3179 : 0 : m_interrupt_net->sleep_for(err_wait);
3180 [ # # ]: 0 : if (err_wait < err_wait_cap) {
3181 : 0 : err_wait += 1s;
3182 : : }
3183 : 0 : };
3184 : :
3185 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3186 : :
3187 [ # # # # ]: 0 : if (!m_i2p_sam_session->Listen(conn)) {
3188 [ # # # # : 0 : if (advertising_listen_addr && conn.me.IsValid()) {
# # ]
3189 [ # # ]: 0 : RemoveLocal(conn.me);
3190 : : advertising_listen_addr = false;
3191 : : }
3192 [ # # ]: 0 : SleepOnFailure();
3193 : 0 : continue;
3194 : : }
3195 : :
3196 [ # # ]: 0 : if (!advertising_listen_addr) {
3197 [ # # ]: 0 : AddLocal(conn.me, LOCAL_MANUAL);
3198 : : advertising_listen_addr = true;
3199 : : }
3200 : :
3201 [ # # # # ]: 0 : if (!m_i2p_sam_session->Accept(conn)) {
3202 [ # # ]: 0 : SleepOnFailure();
3203 : 0 : continue;
3204 : : }
3205 : :
3206 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(conn.sock), NetPermissionFlags::None, conn.me, conn.peer);
3207 : :
3208 : 0 : err_wait = err_wait_begin;
3209 : : }
3210 : 0 : }
3211 : :
3212 : 0 : void CConnman::ThreadPrivateBroadcast()
3213 : : {
3214 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3215 : :
3216 : 0 : size_t addrman_num_bad_addresses{0};
3217 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3218 : :
3219 [ # # ]: 0 : if (!fNetworkActive) {
3220 : 0 : m_interrupt_net->sleep_for(5s);
3221 : 0 : continue;
3222 : : }
3223 : :
3224 : 0 : CountingSemaphoreGrant<> conn_max_grant{m_private_broadcast.m_sem_conn_max}; // Would block if too many are opened.
3225 : :
3226 [ # # ]: 0 : m_private_broadcast.NumToOpenWait();
3227 : :
3228 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
3229 : : break;
3230 : : }
3231 : :
3232 : 0 : std::optional<Proxy> proxy;
3233 [ # # ]: 0 : const std::optional<Network> net{m_private_broadcast.PickNetwork(proxy)};
3234 [ # # ]: 0 : if (!net.has_value()) {
3235 [ # # ]: 0 : LogWarning("Unable to open -privatebroadcast connections: neither Tor nor I2P is reachable");
3236 [ # # ]: 0 : m_interrupt_net->sleep_for(5s);
3237 : 0 : continue;
3238 : : }
3239 : :
3240 [ # # # # : 0 : const auto [addr, _] = addrman.get().Select(/*new_only=*/false, {net.value()});
# # ]
3241 : :
3242 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
3243 : 0 : ++addrman_num_bad_addresses;
3244 [ # # ]: 0 : if (addrman_num_bad_addresses > 100) {
3245 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Connections needed but addrman keeps returning bad addresses, will retry");
# # ]
3246 [ # # ]: 0 : m_interrupt_net->sleep_for(500ms);
3247 : : }
3248 : 0 : continue;
3249 : 0 : }
3250 : 0 : addrman_num_bad_addresses = 0;
3251 : :
3252 [ # # ]: 0 : auto target_str{addr.ToStringAddrPort()};
3253 [ # # ]: 0 : if (proxy.has_value()) {
3254 [ # # # # ]: 0 : target_str += " through the proxy at " + proxy->ToString();
3255 : : }
3256 : :
3257 [ # # ]: 0 : const bool use_v2transport(addr.nServices & GetLocalServices() & NODE_P2P_V2);
3258 : :
3259 [ # # # # ]: 0 : if (OpenNetworkConnection(addr,
3260 : : /*fCountFailure=*/true,
3261 : : std::move(conn_max_grant),
3262 : : /*pszDest=*/nullptr,
3263 : : ConnectionType::PRIVATE_BROADCAST,
3264 : : use_v2transport,
3265 : : proxy)) {
3266 [ # # ]: 0 : const size_t remaining{m_private_broadcast.NumToOpenSub(1)};
3267 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Socket connected to %s; remaining connections to open: %d", target_str, remaining);
# # ]
3268 : : } else {
3269 [ # # ]: 0 : const size_t remaining{m_private_broadcast.NumToOpen()};
3270 [ # # ]: 0 : if (remaining == 0) {
3271 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Failed to connect to %s, will not retry, no more connections needed", target_str);
# # ]
3272 : : } else {
3273 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Failed to connect to %s, will retry to a different address; remaining connections to open: %d", target_str, remaining);
# # ]
3274 [ # # ]: 0 : m_interrupt_net->sleep_for(100ms); // Prevent busy loop if OpenNetworkConnection() fails fast repeatedly.
3275 : : }
3276 : : }
3277 [ # # ]: 0 : }
3278 : 0 : }
3279 : :
3280 : 3645 : bool CConnman::BindListenPort(const CService& addrBind, bilingual_str& strError, NetPermissionFlags permissions)
3281 : : {
3282 : 3645 : int nOne = 1;
3283 : :
3284 : : // Create socket for listening for incoming connections
3285 : 3645 : struct sockaddr_storage sockaddr;
3286 : 3645 : socklen_t len = sizeof(sockaddr);
3287 [ + + ]: 3645 : if (!addrBind.GetSockAddr((struct sockaddr*)&sockaddr, &len))
3288 : : {
3289 [ + - + - ]: 788 : strError = Untranslated(strprintf("Bind address family for %s not supported", addrBind.ToStringAddrPort()));
3290 : 394 : LogError("%s\n", strError.original);
3291 : 394 : return false;
3292 : : }
3293 : :
3294 : 3251 : std::unique_ptr<Sock> sock = CreateSock(addrBind.GetSAFamily(), SOCK_STREAM, IPPROTO_TCP);
3295 [ - + ]: 3251 : if (!sock) {
3296 [ # # # # : 0 : strError = Untranslated(strprintf("Couldn't open socket for incoming connections (socket returned error %s)", NetworkErrorString(WSAGetLastError())));
# # ]
3297 [ # # ]: 0 : LogError("%s\n", strError.original);
3298 : : return false;
3299 : : }
3300 : :
3301 : : // Allow binding if the port is still in TIME_WAIT state after
3302 : : // the program was closed and restarted.
3303 [ + - + + ]: 3251 : if (sock->SetSockOpt(SOL_SOCKET, SO_REUSEADDR, &nOne, sizeof(int)) == SOCKET_ERROR) {
3304 [ + - + - : 2214 : strError = Untranslated(strprintf("Error setting SO_REUSEADDR on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3305 [ + - ]: 1107 : LogInfo("%s\n", strError.original);
3306 : : }
3307 : :
3308 : : // some systems don't have IPV6_V6ONLY but are always v6only; others do have the option
3309 : : // and enable it by default or not. Try to enable it, if possible.
3310 [ + + ]: 3251 : if (addrBind.IsIPv6()) {
3311 : : #ifdef IPV6_V6ONLY
3312 [ + - + + ]: 1128 : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_V6ONLY, &nOne, sizeof(int)) == SOCKET_ERROR) {
3313 [ + - + - : 1386 : strError = Untranslated(strprintf("Error setting IPV6_V6ONLY on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3314 [ + - ]: 693 : LogInfo("%s\n", strError.original);
3315 : : }
3316 : : #endif
3317 : : #ifdef WIN32
3318 : : int nProtLevel = PROTECTION_LEVEL_UNRESTRICTED;
3319 : : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_PROTECTION_LEVEL, &nProtLevel, sizeof(int)) == SOCKET_ERROR) {
3320 : : strError = Untranslated(strprintf("Error setting IPV6_PROTECTION_LEVEL on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
3321 : : LogInfo("%s\n", strError.original);
3322 : : }
3323 : : #endif
3324 : : }
3325 : :
3326 [ + - + + ]: 3251 : if (sock->Bind(reinterpret_cast<struct sockaddr*>(&sockaddr), len) == SOCKET_ERROR) {
3327 : 1164 : int nErr = WSAGetLastError();
3328 [ + + ]: 1164 : if (nErr == WSAEADDRINUSE)
3329 [ + - + - ]: 620 : strError = strprintf(_("Unable to bind to %s on this computer. %s is probably already running."), addrBind.ToStringAddrPort(), CLIENT_NAME);
3330 : : else
3331 [ + - + - : 1708 : strError = strprintf(_("Unable to bind to %s on this computer (bind returned error %s)"), addrBind.ToStringAddrPort(), NetworkErrorString(nErr));
+ - ]
3332 [ + - ]: 1164 : LogError("%s\n", strError.original);
3333 : : return false;
3334 : : }
3335 [ + - + - ]: 2087 : LogInfo("Bound to %s\n", addrBind.ToStringAddrPort());
3336 : :
3337 : : // Listen for incoming connections
3338 [ + - + + ]: 2087 : if (sock->Listen(SOMAXCONN) == SOCKET_ERROR)
3339 : : {
3340 [ + - + - ]: 168 : strError = strprintf(_("Listening for incoming connections failed (listen returned error %s)"), NetworkErrorString(WSAGetLastError()));
3341 [ + - ]: 84 : LogError("%s\n", strError.original);
3342 : : return false;
3343 : : }
3344 : :
3345 [ + - ]: 2003 : vhListenSocket.emplace_back(std::move(sock), permissions);
3346 : : return true;
3347 : 3251 : }
3348 : :
3349 : 0 : void Discover()
3350 : : {
3351 [ # # ]: 0 : if (!fDiscover)
3352 : : return;
3353 : :
3354 [ # # ]: 0 : for (const CNetAddr &addr: GetLocalAddresses()) {
3355 [ # # # # : 0 : if (AddLocal(addr, LOCAL_IF) && fLogIPs) {
# # ]
3356 [ # # # # ]: 0 : LogInfo("%s: %s\n", __func__, addr.ToStringAddr());
3357 : : }
3358 : : }
3359 : : }
3360 : :
3361 : 46554 : void CConnman::SetNetworkActive(bool active)
3362 : : {
3363 : 46554 : LogInfo("%s: %s\n", __func__, active);
3364 : :
3365 [ + + ]: 46554 : if (fNetworkActive == active) {
3366 : : return;
3367 : : }
3368 : :
3369 [ - + ]: 1122 : fNetworkActive = active;
3370 : :
3371 [ - + ]: 1122 : if (m_client_interface) {
3372 : 0 : m_client_interface->NotifyNetworkActiveChanged(fNetworkActive);
3373 : : }
3374 : : }
3375 : :
3376 : 2098 : CConnman::CConnman(uint64_t nSeed0In,
3377 : : uint64_t nSeed1In,
3378 : : AddrMan& addrman_in,
3379 : : const NetGroupManager& netgroupman,
3380 : : const CChainParams& params,
3381 : : bool network_active,
3382 : 2098 : std::shared_ptr<CThreadInterrupt> interrupt_net)
3383 [ + - ]: 2098 : : addrman(addrman_in)
3384 [ + - ]: 2098 : , m_netgroupman{netgroupman}
3385 : 2098 : , nSeed0(nSeed0In)
3386 : 2098 : , nSeed1(nSeed1In)
3387 [ + - - - ]: 2098 : , m_interrupt_net{interrupt_net}
3388 [ + - + - : 4196 : , m_params(params)
+ - + - ]
3389 : : {
3390 [ + - ]: 2098 : SetTryNewOutboundPeer(false);
3391 : :
3392 : 2098 : Options connOptions;
3393 [ + - ]: 2098 : Init(connOptions);
3394 [ + - ]: 2098 : SetNetworkActive(network_active);
3395 : 2098 : }
3396 : :
3397 : 2828 : NodeId CConnman::GetNewNodeId()
3398 : : {
3399 : 2828 : return nLastNodeId.fetch_add(1, std::memory_order_relaxed);
3400 : : }
3401 : :
3402 : 0 : uint16_t CConnman::GetDefaultPort(Network net) const
3403 : : {
3404 [ # # ]: 0 : return net == NET_I2P ? I2P_SAM31_PORT : m_params.GetDefaultPort();
3405 : : }
3406 : :
3407 : 15862 : uint16_t CConnman::GetDefaultPort(const std::string& addr) const
3408 : : {
3409 : 15862 : CNetAddr a;
3410 [ - + + - : 15862 : return a.SetSpecial(addr) ? GetDefaultPort(a.GetNetwork()) : m_params.GetDefaultPort();
- + - - -
- ]
3411 : 15862 : }
3412 : :
3413 : 3645 : bool CConnman::Bind(const CService& addr_, unsigned int flags, NetPermissionFlags permissions)
3414 : : {
3415 : 3645 : const CService addr{MaybeFlipIPv6toCJDNS(addr_)};
3416 : :
3417 [ + - ]: 3645 : bilingual_str strError;
3418 [ + - + + ]: 3645 : if (!BindListenPort(addr, strError, permissions)) {
3419 [ + + - + ]: 1642 : if ((flags & BF_REPORT_ERROR) && m_client_interface) {
3420 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(strError, CClientUIInterface::MSG_ERROR);
3421 : : }
3422 : 1642 : return false;
3423 : : }
3424 : :
3425 [ + - + + : 2003 : if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::NoBan)) {
+ - + + +
+ ]
3426 [ + - ]: 729 : AddLocal(addr, LOCAL_BIND);
3427 : : }
3428 : :
3429 : : return true;
3430 : 3645 : }
3431 : :
3432 : 1857 : bool CConnman::InitBinds(const Options& options)
3433 : : {
3434 [ + + ]: 2353 : for (const auto& addrBind : options.vBinds) {
3435 [ + + ]: 1870 : if (!Bind(addrBind, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3436 : : return false;
3437 : : }
3438 : : }
3439 [ + + ]: 1319 : for (const auto& addrBind : options.vWhiteBinds) {
3440 [ + + ]: 937 : if (!Bind(addrBind.m_service, BF_REPORT_ERROR, addrBind.m_flags)) {
3441 : : return false;
3442 : : }
3443 : : }
3444 [ + + ]: 633 : for (const auto& addr_bind : options.onion_binds) {
3445 [ + + ]: 410 : if (!Bind(addr_bind, BF_REPORT_ERROR | BF_DONT_ADVERTISE, NetPermissionFlags::None)) {
3446 : : return false;
3447 : : }
3448 : : }
3449 [ + + ]: 223 : if (options.bind_on_any) {
3450 : : // Don't consider errors to bind on IPv6 "::" fatal because the host OS
3451 : : // may not have IPv6 support and the user did not explicitly ask us to
3452 : : // bind on that.
3453 : 214 : const CService ipv6_any{in6_addr(COMPAT_IN6ADDR_ANY_INIT), GetListenPort()}; // ::
3454 [ + - ]: 214 : Bind(ipv6_any, BF_NONE, NetPermissionFlags::None);
3455 : :
3456 : 214 : struct in_addr inaddr_any;
3457 : 214 : inaddr_any.s_addr = htonl(INADDR_ANY);
3458 [ + - + - ]: 214 : const CService ipv4_any{inaddr_any, GetListenPort()}; // 0.0.0.0
3459 [ + - + + ]: 214 : if (!Bind(ipv4_any, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3460 : 4 : return false;
3461 : : }
3462 : 214 : }
3463 : : return true;
3464 : : }
3465 : :
3466 : 0 : bool CConnman::Start(CScheduler& scheduler, const Options& connOptions)
3467 : : {
3468 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3469 : 0 : Init(connOptions);
3470 : :
3471 [ # # # # ]: 0 : if (fListen && !InitBinds(connOptions)) {
3472 [ # # ]: 0 : if (m_client_interface) {
3473 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3474 : 0 : _("Failed to listen on any port. Use -listen=0 if you want this."),
3475 : : CClientUIInterface::MSG_ERROR);
3476 : : }
3477 : 0 : return false;
3478 : : }
3479 : :
3480 [ # # ]: 0 : if (connOptions.m_i2p_accept_incoming) {
3481 [ # # ]: 0 : if (const auto i2p_sam = GetProxy(NET_I2P)) {
3482 [ # # ]: 0 : m_i2p_sam_session = std::make_unique<i2p::sam::Session>(gArgs.GetDataDirNet() / "i2p_private_key",
3483 [ # # ]: 0 : *i2p_sam, m_interrupt_net);
3484 : 0 : }
3485 : : }
3486 : :
3487 : : // Randomize the order in which we may query seednode to potentially prevent connecting to the same one every restart (and signal that we have restarted)
3488 : 0 : std::vector<std::string> seed_nodes = connOptions.vSeedNodes;
3489 [ # # ]: 0 : if (!seed_nodes.empty()) {
3490 : 0 : std::shuffle(seed_nodes.begin(), seed_nodes.end(), FastRandomContext{});
3491 : : }
3492 : :
3493 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3494 : : // Load addresses from anchors.dat
3495 [ # # # # ]: 0 : m_anchors = ReadAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME);
3496 [ # # # # ]: 0 : if (m_anchors.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3497 [ # # ]: 0 : m_anchors.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3498 : : }
3499 [ # # # # ]: 0 : LogInfo("%i block-relay-only anchors will be tried for connections.\n", m_anchors.size());
3500 : : }
3501 : :
3502 [ # # ]: 0 : if (m_client_interface) {
3503 [ # # # # ]: 0 : m_client_interface->InitMessage(_("Starting network threads…"));
3504 : : }
3505 : :
3506 : 0 : fAddressesInitialized = true;
3507 : :
3508 [ # # ]: 0 : if (semOutbound == nullptr) {
3509 : : // initialize semaphore
3510 [ # # # # ]: 0 : semOutbound = std::make_unique<std::counting_semaphore<>>(std::min(m_max_automatic_outbound, m_max_automatic_connections));
3511 : : }
3512 [ # # ]: 0 : if (semAddnode == nullptr) {
3513 : : // initialize semaphore
3514 [ # # ]: 0 : semAddnode = std::make_unique<std::counting_semaphore<>>(m_max_addnode);
3515 : : }
3516 : :
3517 : : //
3518 : : // Start threads
3519 : : //
3520 [ # # ]: 0 : assert(m_msgproc);
3521 [ # # ]: 0 : m_interrupt_net->reset();
3522 [ # # ]: 0 : flagInterruptMsgProc = false;
3523 : :
3524 : 0 : {
3525 [ # # ]: 0 : LOCK(mutexMsgProc);
3526 [ # # ]: 0 : fMsgProcWake = false;
3527 : 0 : }
3528 : :
3529 : : // Send and receive from sockets, accept connections
3530 [ # # ]: 0 : threadSocketHandler = std::thread(&util::TraceThread, "net", [this] { ThreadSocketHandler(); });
3531 : :
3532 [ # # # # : 0 : if (!gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED))
# # ]
3533 [ # # ]: 0 : LogInfo("DNS seeding disabled\n");
3534 : : else
3535 [ # # ]: 0 : threadDNSAddressSeed = std::thread(&util::TraceThread, "dnsseed", [this] { ThreadDNSAddressSeed(); });
3536 : :
3537 : : // Initiate manual connections
3538 [ # # ]: 0 : threadOpenAddedConnections = std::thread(&util::TraceThread, "addcon", [this] { ThreadOpenAddedConnections(); });
3539 : :
3540 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing && !connOptions.m_specified_outgoing.empty()) {
3541 [ # # ]: 0 : if (m_client_interface) {
3542 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3543 [ # # ]: 0 : _("Cannot provide specific connections and have addrman find outgoing connections at the same time."),
3544 : : CClientUIInterface::MSG_ERROR);
3545 : : }
3546 : 0 : return false;
3547 : : }
3548 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing || !connOptions.m_specified_outgoing.empty()) {
3549 : 0 : threadOpenConnections = std::thread(
3550 [ # # ]: 0 : &util::TraceThread, "opencon",
3551 [ # # # # : 0 : [this, connect = connOptions.m_specified_outgoing, seed_nodes = std::move(seed_nodes)] { ThreadOpenConnections(connect, seed_nodes); });
# # # # ]
3552 : : }
3553 : :
3554 : : // Process messages
3555 [ # # ]: 0 : threadMessageHandler = std::thread(&util::TraceThread, "msghand", [this] { ThreadMessageHandler(); });
3556 : :
3557 [ # # ]: 0 : if (m_i2p_sam_session) {
3558 : 0 : threadI2PAcceptIncoming =
3559 [ # # ]: 0 : std::thread(&util::TraceThread, "i2paccept", [this] { ThreadI2PAcceptIncoming(); });
3560 : : }
3561 : :
3562 [ # # # # : 0 : if (gArgs.GetBoolArg("-privatebroadcast", DEFAULT_PRIVATE_BROADCAST)) {
# # ]
3563 : 0 : threadPrivateBroadcast =
3564 [ # # ]: 0 : std::thread(&util::TraceThread, "privbcast", [this] { ThreadPrivateBroadcast(); });
3565 : : }
3566 : :
3567 : : // Dump network addresses
3568 [ # # ]: 0 : scheduler.scheduleEvery([this] { DumpAddresses(); }, DUMP_PEERS_INTERVAL);
3569 : :
3570 : : // Run the ASMap Health check once and then schedule it to run every 24h.
3571 [ # # # # ]: 0 : if (m_netgroupman.UsingASMap()) {
3572 [ # # ]: 0 : ASMapHealthCheck();
3573 [ # # ]: 0 : scheduler.scheduleEvery([this] { ASMapHealthCheck(); }, ASMAP_HEALTH_CHECK_INTERVAL);
3574 : : }
3575 : :
3576 : : return true;
3577 : 0 : }
3578 : :
3579 : : class CNetCleanup
3580 : : {
3581 : : public:
3582 : : CNetCleanup() = default;
3583 : :
3584 : : ~CNetCleanup()
3585 : : {
3586 : : #ifdef WIN32
3587 : : // Shutdown Windows Sockets
3588 : : WSACleanup();
3589 : : #endif
3590 : : }
3591 : : };
3592 : : static CNetCleanup instance_of_cnetcleanup;
3593 : :
3594 : 2098 : void CConnman::Interrupt()
3595 : : {
3596 : 2098 : {
3597 : 2098 : LOCK(mutexMsgProc);
3598 [ + - ]: 2098 : flagInterruptMsgProc = true;
3599 : 2098 : }
3600 : 2098 : condMsgProc.notify_all();
3601 : :
3602 : 2098 : (*m_interrupt_net)();
3603 : 2098 : g_socks5_interrupt();
3604 : :
3605 [ - + ]: 2098 : if (semOutbound) {
3606 [ # # ]: 0 : for (int i=0; i<m_max_automatic_outbound; i++) {
3607 : 0 : semOutbound->release();
3608 : : }
3609 : : }
3610 : :
3611 [ - + ]: 2098 : if (semAddnode) {
3612 [ # # ]: 0 : for (int i=0; i<m_max_addnode; i++) {
3613 : 0 : semAddnode->release();
3614 : : }
3615 : : }
3616 : :
3617 : 2098 : m_private_broadcast.m_sem_conn_max.release();
3618 : 2098 : m_private_broadcast.NumToOpenAdd(1); // Just unblock NumToOpenWait() to be able to continue with shutdown.
3619 : 2098 : }
3620 : :
3621 : 2098 : void CConnman::StopThreads()
3622 : : {
3623 [ - + ]: 2098 : if (threadPrivateBroadcast.joinable()) {
3624 : 0 : threadPrivateBroadcast.join();
3625 : : }
3626 [ - + ]: 2098 : if (threadI2PAcceptIncoming.joinable()) {
3627 : 0 : threadI2PAcceptIncoming.join();
3628 : : }
3629 [ - + ]: 2098 : if (threadMessageHandler.joinable())
3630 : 0 : threadMessageHandler.join();
3631 [ - + ]: 2098 : if (threadOpenConnections.joinable())
3632 : 0 : threadOpenConnections.join();
3633 [ - + ]: 2098 : if (threadOpenAddedConnections.joinable())
3634 : 0 : threadOpenAddedConnections.join();
3635 [ - + ]: 2098 : if (threadDNSAddressSeed.joinable())
3636 : 0 : threadDNSAddressSeed.join();
3637 [ - + ]: 2098 : if (threadSocketHandler.joinable())
3638 : 0 : threadSocketHandler.join();
3639 : 2098 : }
3640 : :
3641 : 6777 : void CConnman::StopNodes()
3642 : : {
3643 : 6777 : AssertLockNotHeld(m_reconnections_mutex);
3644 : :
3645 [ - + ]: 6777 : if (fAddressesInitialized) {
3646 : 0 : DumpAddresses();
3647 : 0 : fAddressesInitialized = false;
3648 : :
3649 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3650 : : // Anchor connections are only dumped during clean shutdown.
3651 : 0 : std::vector<CAddress> anchors_to_dump = GetCurrentBlockRelayOnlyConns();
3652 [ # # # # ]: 0 : if (anchors_to_dump.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3653 [ # # ]: 0 : anchors_to_dump.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3654 : : }
3655 [ # # # # ]: 0 : DumpAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME, anchors_to_dump);
3656 : 0 : }
3657 : : }
3658 : :
3659 : : // Delete peer connections.
3660 : 6777 : std::vector<CNode*> nodes;
3661 [ + - + - ]: 13554 : WITH_LOCK(m_nodes_mutex, nodes.swap(m_nodes));
3662 [ + + ]: 14444 : for (CNode* pnode : nodes) {
3663 [ + - - + : 7667 : LogDebug(BCLog::NET, "Stopping node, %s", pnode->DisconnectMsg());
- - - - ]
3664 [ + - ]: 7667 : pnode->CloseSocketDisconnect();
3665 [ + - ]: 7667 : DeleteNode(pnode);
3666 : : }
3667 : :
3668 [ - + ]: 6777 : for (CNode* pnode : m_nodes_disconnected) {
3669 [ # # ]: 0 : DeleteNode(pnode);
3670 : : }
3671 : 6777 : m_nodes_disconnected.clear();
3672 [ + - + - ]: 13554 : WITH_LOCK(m_reconnections_mutex, m_reconnections.clear());
3673 : 6777 : vhListenSocket.clear();
3674 [ - + ]: 6777 : semOutbound.reset();
3675 [ - + ]: 6777 : semAddnode.reset();
3676 : 6777 : }
3677 : :
3678 : 7667 : void CConnman::DeleteNode(CNode* pnode)
3679 : : {
3680 [ - + ]: 7667 : assert(pnode);
3681 : 7667 : m_msgproc->FinalizeNode(*pnode);
3682 : 7667 : delete pnode;
3683 : 7667 : }
3684 : :
3685 [ + - ]: 2098 : CConnman::~CConnman()
3686 : : {
3687 : 2098 : Interrupt();
3688 : 2098 : Stop();
3689 : 4196 : }
3690 : :
3691 : 10830 : std::vector<CAddress> CConnman::GetAddressesUnsafe(size_t max_addresses, size_t max_pct, std::optional<Network> network, const bool filtered) const
3692 : : {
3693 : 10830 : std::vector<CAddress> addresses = addrman.get().GetAddr(max_addresses, max_pct, network, filtered);
3694 [ - + ]: 10830 : if (m_banman) {
3695 [ # # ]: 0 : addresses.erase(std::remove_if(addresses.begin(), addresses.end(),
3696 [ # # # # ]: 0 : [this](const CAddress& addr){return m_banman->IsDiscouraged(addr) || m_banman->IsBanned(addr);}),
3697 [ # # ]: 0 : addresses.end());
3698 : : }
3699 : 10830 : return addresses;
3700 : 0 : }
3701 : :
3702 : 860 : std::vector<CAddress> CConnman::GetAddresses(CNode& requestor, size_t max_addresses, size_t max_pct)
3703 : : {
3704 : 860 : uint64_t network_id = requestor.m_network_key;
3705 : 860 : const auto current_time = GetTime<std::chrono::microseconds>();
3706 [ + - ]: 860 : auto r = m_addr_response_caches.emplace(network_id, CachedAddrResponse{});
3707 [ + + ]: 860 : CachedAddrResponse& cache_entry = r.first->second;
3708 [ + + ]: 860 : if (cache_entry.m_cache_entry_expiration < current_time) { // If emplace() added new one it has expiration 0.
3709 : 184 : cache_entry.m_addrs_response_cache = GetAddressesUnsafe(max_addresses, max_pct, /*network=*/std::nullopt);
3710 : : // Choosing a proper cache lifetime is a trade-off between the privacy leak minimization
3711 : : // and the usefulness of ADDR responses to honest users.
3712 : : //
3713 : : // Longer cache lifetime makes it more difficult for an attacker to scrape
3714 : : // enough AddrMan data to maliciously infer something useful.
3715 : : // By the time an attacker scraped enough AddrMan records, most of
3716 : : // the records should be old enough to not leak topology info by
3717 : : // e.g. analyzing real-time changes in timestamps.
3718 : : //
3719 : : // It takes only several hundred requests to scrape everything from an AddrMan containing 100,000 nodes,
3720 : : // so ~24 hours of cache lifetime indeed makes the data less inferable by the time
3721 : : // most of it could be scraped (considering that timestamps are updated via
3722 : : // ADDR self-announcements and when nodes communicate).
3723 : : // We also should be robust to those attacks which may not require scraping *full* victim's AddrMan
3724 : : // (because even several timestamps of the same handful of nodes may leak privacy).
3725 : : //
3726 : : // On the other hand, longer cache lifetime makes ADDR responses
3727 : : // outdated and less useful for an honest requestor, e.g. if most nodes
3728 : : // in the ADDR response are no longer active.
3729 : : //
3730 : : // However, the churn in the network is known to be rather low. Since we consider
3731 : : // nodes to be "terrible" (see IsTerrible()) if the timestamps are older than 30 days,
3732 : : // max. 24 hours of "penalty" due to cache shouldn't make any meaningful difference
3733 : : // in terms of the freshness of the response.
3734 : 184 : cache_entry.m_cache_entry_expiration = current_time +
3735 : 184 : 21h + FastRandomContext().randrange<std::chrono::microseconds>(6h);
3736 : : }
3737 : 860 : return cache_entry.m_addrs_response_cache;
3738 : : }
3739 : :
3740 : 10943 : bool CConnman::AddNode(const AddedNodeParams& add)
3741 : : {
3742 [ + - + - ]: 10943 : const CService resolved(LookupNumeric(add.m_added_node, GetDefaultPort(add.m_added_node)));
3743 [ + - ]: 10943 : const bool resolved_is_valid{resolved.IsValid()};
3744 : :
3745 [ + - ]: 10943 : LOCK(m_added_nodes_mutex);
3746 [ + + ]: 164793 : for (const auto& it : m_added_node_params) {
3747 [ + + + + : 172814 : if (add.m_added_node == it.m_added_node || (resolved_is_valid && resolved == LookupNumeric(it.m_added_node, GetDefaultPort(it.m_added_node)))) return false;
+ - + - +
- + - + +
+ + + + -
- - - ]
3748 : : }
3749 : :
3750 [ + - ]: 555 : m_added_node_params.push_back(add);
3751 : : return true;
3752 : 10943 : }
3753 : :
3754 : 2897 : bool CConnman::RemoveAddedNode(std::string_view node)
3755 : : {
3756 : 2897 : LOCK(m_added_nodes_mutex);
3757 [ + + ]: 54064 : for (auto it = m_added_node_params.begin(); it != m_added_node_params.end(); ++it) {
3758 [ - + + + ]: 51367 : if (node == it->m_added_node) {
3759 : 200 : m_added_node_params.erase(it);
3760 : 200 : return true;
3761 : : }
3762 : : }
3763 : : return false;
3764 : 2897 : }
3765 : :
3766 : 0 : bool CConnman::AddedNodesContain(const CAddress& addr) const
3767 : : {
3768 : 0 : AssertLockNotHeld(m_added_nodes_mutex);
3769 : 0 : const std::string addr_str{addr.ToStringAddr()};
3770 [ # # ]: 0 : const std::string addr_port_str{addr.ToStringAddrPort()};
3771 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
3772 [ # # ]: 0 : return (m_added_node_params.size() < 24 // bound the query to a reasonable limit
3773 [ # # # # ]: 0 : && std::any_of(m_added_node_params.cbegin(), m_added_node_params.cend(),
3774 [ # # # # : 0 : [&](const auto& p) { return p.m_added_node == addr_str || p.m_added_node == addr_port_str; }));
# # ]
3775 : 0 : }
3776 : :
3777 : 5982 : size_t CConnman::GetNodeCount(ConnectionDirection flags) const
3778 : : {
3779 : 5982 : LOCK(m_nodes_mutex);
3780 [ + + ]: 5982 : if (flags == ConnectionDirection::Both) // Shortcut if we want total
3781 [ - + ]: 297 : return m_nodes.size();
3782 : :
3783 : 5685 : int nNum = 0;
3784 [ + + ]: 107539 : for (const auto& pnode : m_nodes) {
3785 [ + + + + ]: 167784 : if (flags & (pnode->IsInboundConn() ? ConnectionDirection::In : ConnectionDirection::Out)) {
3786 : 36044 : nNum++;
3787 : : }
3788 : : }
3789 : :
3790 : 5685 : return nNum;
3791 : 5982 : }
3792 : :
3793 : :
3794 : 0 : std::map<CNetAddr, LocalServiceInfo> CConnman::getNetLocalAddresses() const
3795 : : {
3796 : 0 : LOCK(g_maplocalhost_mutex);
3797 [ # # # # ]: 0 : return mapLocalHost;
3798 : 0 : }
3799 : :
3800 : 31935 : uint32_t CConnman::GetMappedAS(const CNetAddr& addr) const
3801 : : {
3802 : 31935 : return m_netgroupman.GetMappedAS(addr);
3803 : : }
3804 : :
3805 : 2075 : void CConnman::GetNodeStats(std::vector<CNodeStats>& vstats) const
3806 : : {
3807 : 2075 : vstats.clear();
3808 : 2075 : LOCK(m_nodes_mutex);
3809 [ - + + - ]: 2075 : vstats.reserve(m_nodes.size());
3810 [ + + ]: 25438 : for (CNode* pnode : m_nodes) {
3811 [ + - ]: 23363 : vstats.emplace_back();
3812 [ + - ]: 23363 : pnode->CopyStats(vstats.back());
3813 [ + - ]: 23363 : vstats.back().m_mapped_as = GetMappedAS(pnode->addr);
3814 : : }
3815 : 2075 : }
3816 : :
3817 : 439 : bool CConnman::DisconnectNode(std::string_view strNode)
3818 : : {
3819 : 439 : LOCK(m_nodes_mutex);
3820 [ - + ]: 45748 : auto it = std::ranges::find_if(m_nodes, [&strNode](CNode* node) { return node->m_addr_name == strNode; });
3821 [ + + ]: 439 : if (it != m_nodes.end()) {
3822 : 8 : CNode* node{*it};
3823 [ + - - + : 8 : LogDebug(BCLog::NET, "disconnect by address%s match, %s", (fLogIPs ? strprintf("=%s", strNode) : ""), node->DisconnectMsg());
- - - - -
- - - -
- ]
3824 : 8 : node->fDisconnect = true;
3825 : 8 : return true;
3826 : : }
3827 : : return false;
3828 : 439 : }
3829 : :
3830 : 2008 : bool CConnman::DisconnectNode(const CSubNet& subnet)
3831 : : {
3832 : 2008 : bool disconnected = false;
3833 : 2008 : LOCK(m_nodes_mutex);
3834 [ + + ]: 161344 : for (CNode* pnode : m_nodes) {
3835 [ + - + + ]: 159336 : if (subnet.Match(pnode->addr)) {
3836 [ + - - + : 174 : LogDebug(BCLog::NET, "disconnect by subnet%s match, %s", (fLogIPs ? strprintf("=%s", subnet.ToString()) : ""), pnode->DisconnectMsg());
- - - - -
- - - - -
- - - - -
- ]
3837 : 174 : pnode->fDisconnect = true;
3838 : 174 : disconnected = true;
3839 : : }
3840 : : }
3841 [ + - ]: 2008 : return disconnected;
3842 : 2008 : }
3843 : :
3844 : 1939 : bool CConnman::DisconnectNode(const CNetAddr& addr)
3845 : : {
3846 [ + - ]: 1939 : return DisconnectNode(CSubNet(addr));
3847 : : }
3848 : :
3849 : 2655 : bool CConnman::DisconnectNode(NodeId id)
3850 : : {
3851 : 2655 : LOCK(m_nodes_mutex);
3852 [ + + ]: 264697 : for(CNode* pnode : m_nodes) {
3853 [ + + ]: 262055 : if (id == pnode->GetId()) {
3854 [ + - - + : 13 : LogDebug(BCLog::NET, "disconnect by id, %s", pnode->DisconnectMsg());
- - - - ]
3855 : 13 : pnode->fDisconnect = true;
3856 : 13 : return true;
3857 : : }
3858 : : }
3859 : : return false;
3860 : 2655 : }
3861 : :
3862 : 276 : void CConnman::RecordBytesRecv(uint64_t bytes)
3863 : : {
3864 : 276 : nTotalBytesRecv += bytes;
3865 : 276 : }
3866 : :
3867 : 55496 : void CConnman::RecordBytesSent(uint64_t bytes)
3868 : : {
3869 : 55496 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3870 : 55496 : LOCK(m_total_bytes_sent_mutex);
3871 : :
3872 : 55496 : nTotalBytesSent += bytes;
3873 : :
3874 : 55496 : const auto now = GetTime<std::chrono::seconds>();
3875 [ + + ]: 55496 : if (nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME < now)
3876 : : {
3877 : : // timeframe expired, reset cycle
3878 : 4220 : nMaxOutboundCycleStartTime = now;
3879 : 4220 : nMaxOutboundTotalBytesSentInCycle = 0;
3880 : : }
3881 : :
3882 [ + - ]: 55496 : nMaxOutboundTotalBytesSentInCycle += bytes;
3883 : 55496 : }
3884 : :
3885 : 2075 : uint64_t CConnman::GetMaxOutboundTarget() const
3886 : : {
3887 : 2075 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3888 : 2075 : LOCK(m_total_bytes_sent_mutex);
3889 [ + - ]: 2075 : return nMaxOutboundLimit;
3890 : 2075 : }
3891 : :
3892 : 2075 : std::chrono::seconds CConnman::GetMaxOutboundTimeframe() const
3893 : : {
3894 : 2075 : return MAX_UPLOAD_TIMEFRAME;
3895 : : }
3896 : :
3897 : 2075 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle() const
3898 : : {
3899 : 2075 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3900 : 2075 : LOCK(m_total_bytes_sent_mutex);
3901 [ + - ]: 2075 : return GetMaxOutboundTimeLeftInCycle_();
3902 : 2075 : }
3903 : :
3904 : 78929 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle_() const
3905 : : {
3906 : 78929 : AssertLockHeld(m_total_bytes_sent_mutex);
3907 : :
3908 [ + + ]: 78929 : if (nMaxOutboundLimit == 0)
3909 : 670 : return 0s;
3910 : :
3911 [ + + ]: 78259 : if (nMaxOutboundCycleStartTime.count() == 0)
3912 : 78152 : return MAX_UPLOAD_TIMEFRAME;
3913 : :
3914 : 107 : const std::chrono::seconds cycleEndTime = nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME;
3915 : 107 : const auto now = GetTime<std::chrono::seconds>();
3916 [ - + ]: 107 : return (cycleEndTime < now) ? 0s : cycleEndTime - now;
3917 : : }
3918 : :
3919 : 81237 : bool CConnman::OutboundTargetReached(bool historicalBlockServingLimit) const
3920 : : {
3921 : 81237 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3922 : 81237 : LOCK(m_total_bytes_sent_mutex);
3923 [ + + ]: 81237 : if (nMaxOutboundLimit == 0)
3924 : : return false;
3925 : :
3926 [ + + ]: 77048 : if (historicalBlockServingLimit)
3927 : : {
3928 : : // keep a large enough buffer to at least relay each block once
3929 [ + - ]: 76854 : const std::chrono::seconds timeLeftInCycle = GetMaxOutboundTimeLeftInCycle_();
3930 : 76854 : const uint64_t buffer = timeLeftInCycle / std::chrono::minutes{10} * MAX_BLOCK_SERIALIZED_SIZE;
3931 [ + + - + ]: 76854 : if (buffer >= nMaxOutboundLimit || nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit - buffer)
3932 : 4461 : return true;
3933 : : }
3934 [ - + ]: 194 : else if (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit)
3935 : 0 : return true;
3936 : :
3937 : : return false;
3938 : 81237 : }
3939 : :
3940 : 2075 : uint64_t CConnman::GetOutboundTargetBytesLeft() const
3941 : : {
3942 : 2075 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3943 : 2075 : LOCK(m_total_bytes_sent_mutex);
3944 [ + + ]: 2075 : if (nMaxOutboundLimit == 0)
3945 : : return 0;
3946 : :
3947 [ + - ]: 1405 : return (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) ? 0 : nMaxOutboundLimit - nMaxOutboundTotalBytesSentInCycle;
3948 : 2075 : }
3949 : :
3950 : 2075 : uint64_t CConnman::GetTotalBytesRecv() const
3951 : : {
3952 : 2075 : return nTotalBytesRecv;
3953 : : }
3954 : :
3955 : 2075 : uint64_t CConnman::GetTotalBytesSent() const
3956 : : {
3957 : 2075 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3958 : 2075 : LOCK(m_total_bytes_sent_mutex);
3959 [ + - ]: 2075 : return nTotalBytesSent;
3960 : 2075 : }
3961 : :
3962 : 8944 : ServiceFlags CConnman::GetLocalServices() const
3963 : : {
3964 : 8944 : return m_local_services;
3965 : : }
3966 : :
3967 : 34726 : static std::unique_ptr<Transport> MakeTransport(NodeId id, bool use_v2transport, bool inbound) noexcept
3968 : : {
3969 [ + + ]: 34726 : if (use_v2transport) {
3970 [ - + ]: 10 : return std::make_unique<V2Transport>(id, /*initiating=*/!inbound);
3971 : : } else {
3972 [ - + ]: 34716 : return std::make_unique<V1Transport>(id);
3973 : : }
3974 : : }
3975 : :
3976 : 34726 : CNode::CNode(NodeId idIn,
3977 : : std::shared_ptr<Sock> sock,
3978 : : const CAddress& addrIn,
3979 : : uint64_t nKeyedNetGroupIn,
3980 : : uint64_t nLocalHostNonceIn,
3981 : : const CService& addrBindIn,
3982 : : const std::string& addrNameIn,
3983 : : ConnectionType conn_type_in,
3984 : : bool inbound_onion,
3985 : : uint64_t network_key,
3986 : 34726 : CNodeOptions&& node_opts)
3987 : 34726 : : m_transport{MakeTransport(idIn, node_opts.use_v2transport, conn_type_in == ConnectionType::INBOUND)},
3988 : 34726 : m_permission_flags{node_opts.permission_flags},
3989 [ + + ]: 34726 : m_sock{sock},
3990 : 34726 : m_connected{GetTime<std::chrono::seconds>()},
3991 : 34726 : addr{addrIn},
3992 : 34726 : addrBind{addrBindIn},
3993 [ + + + - ]: 34726 : m_addr_name{addrNameIn.empty() ? addr.ToStringAddrPort() : addrNameIn},
3994 [ - + ]: 34726 : m_dest(addrNameIn),
3995 : 34726 : m_inbound_onion{inbound_onion},
3996 [ + - ]: 34726 : m_prefer_evict{node_opts.prefer_evict},
3997 : 34726 : nKeyedNetGroup{nKeyedNetGroupIn},
3998 : 34726 : m_network_key{network_key},
3999 : 34726 : m_conn_type{conn_type_in},
4000 : 34726 : id{idIn},
4001 : 34726 : nLocalHostNonce{nLocalHostNonceIn},
4002 [ + - ]: 34726 : m_recv_flood_size{node_opts.recv_flood_size},
4003 [ + - + - : 69452 : m_i2p_sam_session{std::move(node_opts.i2p_sam_session)}
+ + ]
4004 : : {
4005 [ + + + - ]: 34726 : if (inbound_onion) assert(conn_type_in == ConnectionType::INBOUND);
4006 : :
4007 [ + + ]: 1250136 : for (const auto& msg : ALL_NET_MESSAGE_TYPES) {
4008 [ + - ]: 1215410 : mapRecvBytesPerMsgType[msg] = 0;
4009 : : }
4010 [ + - ]: 34726 : mapRecvBytesPerMsgType[NET_MESSAGE_TYPE_OTHER] = 0;
4011 : :
4012 [ - + ]: 34726 : if (fLogIPs) {
4013 [ # # # # : 0 : LogDebug(BCLog::NET, "Added connection to %s peer=%d\n", m_addr_name, id);
# # ]
4014 : : } else {
4015 [ + - - + : 34726 : LogDebug(BCLog::NET, "Added connection peer=%d\n", id);
- - ]
4016 : : }
4017 [ - - ]: 34726 : }
4018 : :
4019 : 60459 : void CNode::MarkReceivedMsgsForProcessing()
4020 : : {
4021 : 60459 : AssertLockNotHeld(m_msg_process_queue_mutex);
4022 : :
4023 : 60459 : size_t nSizeAdded = 0;
4024 [ + + ]: 120918 : for (const auto& msg : vRecvMsg) {
4025 : : // vRecvMsg contains only completed CNetMessage
4026 : : // the single possible partially deserialized message are held by TransportDeserializer
4027 : 60459 : nSizeAdded += msg.GetMemoryUsage();
4028 : : }
4029 : :
4030 : 60459 : LOCK(m_msg_process_queue_mutex);
4031 : 60459 : m_msg_process_queue.splice(m_msg_process_queue.end(), vRecvMsg);
4032 : 60459 : m_msg_process_queue_size += nSizeAdded;
4033 [ + - ]: 60459 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
4034 : 60459 : }
4035 : :
4036 : 61377 : std::optional<std::pair<CNetMessage, bool>> CNode::PollMessage()
4037 : : {
4038 : 61377 : LOCK(m_msg_process_queue_mutex);
4039 [ + + ]: 61377 : if (m_msg_process_queue.empty()) return std::nullopt;
4040 : :
4041 : 57745 : std::list<CNetMessage> msgs;
4042 : : // Just take one message
4043 : 57745 : msgs.splice(msgs.begin(), m_msg_process_queue, m_msg_process_queue.begin());
4044 : 57745 : m_msg_process_queue_size -= msgs.front().GetMemoryUsage();
4045 : 57745 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
4046 : :
4047 : 115490 : return std::make_pair(std::move(msgs.front()), !m_msg_process_queue.empty());
4048 : 57745 : }
4049 : :
4050 : 1080518 : bool CConnman::NodeFullyConnected(const CNode* pnode)
4051 : : {
4052 [ + - + + : 1080518 : return pnode && pnode->fSuccessfullyConnected && !pnode->fDisconnect;
+ + ]
4053 : : }
4054 : :
4055 : : /// Private broadcast connections only need to send certain message types.
4056 : : /// Other messages are not needed and may degrade privacy.
4057 : 6914 : static bool IsOutboundMessageAllowedInPrivateBroadcast(std::string_view type) noexcept
4058 : : {
4059 : 13573 : return type == NetMsgType::VERSION ||
4060 [ + + ]: 6659 : type == NetMsgType::VERACK ||
4061 [ + + ]: 6571 : type == NetMsgType::INV ||
4062 [ + + + - ]: 13481 : type == NetMsgType::TX ||
4063 [ - + ]: 6567 : type == NetMsgType::PING;
4064 : : }
4065 : :
4066 : 94397 : void CConnman::PushMessage(CNode* pnode, CSerializedNetMsg&& msg)
4067 : : {
4068 : 94397 : AssertLockNotHeld(m_total_bytes_sent_mutex);
4069 : :
4070 [ + + - + : 94397 : if (pnode->IsPrivateBroadcastConn() && !IsOutboundMessageAllowedInPrivateBroadcast(msg.m_type)) {
+ + ]
4071 [ - + - - ]: 6567 : LogDebug(BCLog::PRIVBROADCAST, "Omitting send of message '%s', %s", msg.m_type, pnode->LogPeer());
4072 : 6567 : return;
4073 : : }
4074 : :
4075 [ + + + + : 87830 : if (!m_private_broadcast.m_outbound_tor_ok_at_least_once.load() && !pnode->IsInboundConn() &&
+ + ]
4076 [ + + + + : 127421 : pnode->addr.IsTor() && msg.m_type == NetMsgType::VERACK) {
+ + ]
4077 : : // If we are sending the peer VERACK that means we successfully sent
4078 : : // and received another message to/from that peer (VERSION).
4079 : 153 : m_private_broadcast.m_outbound_tor_ok_at_least_once.store(true);
4080 : : }
4081 : :
4082 [ - + ]: 87830 : size_t nMessageSize = msg.data.size();
4083 [ - + ]: 87830 : LogDebug(BCLog::NET, "sending %s (%d bytes) peer=%d\n", msg.m_type, nMessageSize, pnode->GetId());
4084 [ - + ]: 87830 : if (m_capture_messages) {
4085 [ # # ]: 0 : CaptureMessage(pnode->addr, msg.m_type, msg.data, /*is_incoming=*/false);
4086 : : }
4087 : :
4088 : : TRACEPOINT(net, outbound_message,
4089 : : pnode->GetId(),
4090 : : pnode->m_addr_name.c_str(),
4091 : : pnode->ConnectionTypeAsString().c_str(),
4092 : : msg.m_type.c_str(),
4093 : : msg.data.size(),
4094 : : msg.data.data()
4095 : 87830 : );
4096 : :
4097 : 87830 : size_t nBytesSent = 0;
4098 : 87830 : {
4099 : 87830 : LOCK(pnode->cs_vSend);
4100 : : // Check if the transport still has unsent bytes, and indicate to it that we're about to
4101 : : // give it a message to send.
4102 [ + + ]: 87830 : const auto& [to_send, more, _msg_type] =
4103 [ + + ]: 87830 : pnode->m_transport->GetBytesToSend(/*have_next_message=*/true);
4104 [ + + - + ]: 87830 : const bool queue_was_empty{to_send.empty() && pnode->vSendMsg.empty()};
4105 : :
4106 : : // Update memory usage of send buffer.
4107 : 87830 : pnode->m_send_memusage += msg.GetMemoryUsage();
4108 [ + - ]: 87830 : if (pnode->m_send_memusage + pnode->m_transport->GetSendMemoryUsage() > nSendBufferMaxSize) pnode->fPauseSend = true;
4109 : : // Move message to vSendMsg queue.
4110 [ + - ]: 87830 : pnode->vSendMsg.push_back(std::move(msg));
4111 : :
4112 : : // If there was nothing to send before, and there is now (predicted by the "more" value
4113 : : // returned by the GetBytesToSend call above), attempt "optimistic write":
4114 : : // because the poll/select loop may pause for SELECT_TIMEOUT_MILLISECONDS before actually
4115 : : // doing a send, try sending from the calling thread if the queue was empty before.
4116 : : // With a V1Transport, more will always be true here, because adding a message always
4117 : : // results in sendable bytes there, but with V2Transport this is not the case (it may
4118 : : // still be in the handshake).
4119 [ + + + - ]: 87830 : if (queue_was_empty && more) {
4120 [ + - ]: 64083 : std::tie(nBytesSent, std::ignore) = SocketSendData(*pnode);
4121 : : }
4122 : 87830 : }
4123 [ + + ]: 87830 : if (nBytesSent) RecordBytesSent(nBytesSent);
4124 : : }
4125 : :
4126 : 153 : bool CConnman::ForNode(NodeId id, std::function<bool(CNode* pnode)> func)
4127 : : {
4128 : 153 : CNode* found = nullptr;
4129 : 153 : LOCK(m_nodes_mutex);
4130 [ + + ]: 6979 : for (auto&& pnode : m_nodes) {
4131 [ + + ]: 6840 : if(pnode->GetId() == id) {
4132 : : found = pnode;
4133 : : break;
4134 : : }
4135 : : }
4136 [ + + + - : 153 : return found != nullptr && NodeFullyConnected(found) && func(found);
+ - + - -
+ + - ]
4137 : 153 : }
4138 : :
4139 : 8968 : CSipHasher CConnman::GetDeterministicRandomizer(uint64_t id) const
4140 : : {
4141 : 8968 : return CSipHasher(nSeed0, nSeed1).Write(id);
4142 : : }
4143 : :
4144 : 2828 : uint64_t CConnman::CalculateKeyedNetGroup(const CNetAddr& address) const
4145 : : {
4146 : 2828 : std::vector<unsigned char> vchNetGroup(m_netgroupman.GetGroup(address));
4147 : :
4148 [ + - + - : 5656 : return GetDeterministicRandomizer(RANDOMIZER_ID_NETGROUP).Write(vchNetGroup).Finalize();
+ - ]
4149 : 2828 : }
4150 : :
4151 : 0 : void CConnman::PerformReconnections()
4152 : : {
4153 : 0 : AssertLockNotHeld(m_reconnections_mutex);
4154 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
4155 : 0 : while (true) {
4156 : : // Move first element of m_reconnections to todo (avoiding an allocation inside the lock).
4157 [ # # ]: 0 : decltype(m_reconnections) todo;
4158 : 0 : {
4159 [ # # ]: 0 : LOCK(m_reconnections_mutex);
4160 [ # # ]: 0 : if (m_reconnections.empty()) break;
4161 [ # # ]: 0 : todo.splice(todo.end(), m_reconnections, m_reconnections.begin());
4162 : 0 : }
4163 : :
4164 [ # # ]: 0 : auto& item = *todo.begin();
4165 [ # # ]: 0 : OpenNetworkConnection(item.addr_connect,
4166 : : // We only reconnect if the first attempt to connect succeeded at
4167 : : // connection time, but then failed after the CNode object was
4168 : : // created. Since we already know connecting is possible, do not
4169 : : // count failure to reconnect.
4170 : : /*fCountFailure=*/false,
4171 [ # # ]: 0 : std::move(item.grant),
4172 : 0 : item.destination.empty() ? nullptr : item.destination.c_str(),
4173 : : item.conn_type,
4174 [ # # ]: 0 : item.use_v2transport);
4175 : 0 : }
4176 : 0 : }
4177 : :
4178 : 2074 : void CConnman::ASMapHealthCheck()
4179 : : {
4180 : 2074 : const std::vector<CAddress> v4_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV4, /*filtered=*/false)};
4181 [ + - ]: 2074 : const std::vector<CAddress> v6_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV6, /*filtered=*/false)};
4182 : 2074 : std::vector<CNetAddr> clearnet_addrs;
4183 [ - + - + : 2074 : clearnet_addrs.reserve(v4_addrs.size() + v6_addrs.size());
+ - ]
4184 [ + - ]: 2074 : std::transform(v4_addrs.begin(), v4_addrs.end(), std::back_inserter(clearnet_addrs),
4185 [ + - ]: 65 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4186 [ + - ]: 2074 : std::transform(v6_addrs.begin(), v6_addrs.end(), std::back_inserter(clearnet_addrs),
4187 [ + - ]: 849 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4188 [ + - ]: 2074 : m_netgroupman.ASMapHealthCheck(clearnet_addrs);
4189 : 2074 : }
4190 : :
4191 : : // Dump binary message to file, with timestamp.
4192 : 0 : static void CaptureMessageToFile(const CAddress& addr,
4193 : : const std::string& msg_type,
4194 : : std::span<const unsigned char> data,
4195 : : bool is_incoming)
4196 : : {
4197 : : // Note: This function captures the message at the time of processing,
4198 : : // not at socket receive/send time.
4199 : : // This ensures that the messages are always in order from an application
4200 : : // layer (processing) perspective.
4201 : 0 : auto now = GetTime<std::chrono::microseconds>();
4202 : :
4203 : : // Windows folder names cannot include a colon
4204 : 0 : std::string clean_addr = addr.ToStringAddrPort();
4205 [ # # ]: 0 : std::replace(clean_addr.begin(), clean_addr.end(), ':', '_');
4206 : :
4207 [ # # # # : 0 : fs::path base_path = gArgs.GetDataDirNet() / "message_capture" / fs::u8path(clean_addr);
# # # # ]
4208 [ # # ]: 0 : fs::create_directories(base_path);
4209 : :
4210 [ # # # # ]: 0 : fs::path path = base_path / (is_incoming ? "msgs_recv.dat" : "msgs_sent.dat");
4211 [ # # # # ]: 0 : AutoFile f{fsbridge::fopen(path, "ab")};
4212 : :
4213 [ # # ]: 0 : ser_writedata64(f, now.count());
4214 [ # # # # ]: 0 : f << std::span{msg_type};
4215 [ # # # # ]: 0 : for (auto i = msg_type.length(); i < CMessageHeader::MESSAGE_TYPE_SIZE; ++i) {
4216 [ # # ]: 0 : f << uint8_t{'\0'};
4217 : : }
4218 [ # # ]: 0 : uint32_t size = data.size();
4219 [ # # ]: 0 : ser_writedata32(f, size);
4220 [ # # ]: 0 : f << data;
4221 : :
4222 [ # # # # ]: 0 : if (f.fclose() != 0) {
4223 : 0 : throw std::ios_base::failure(
4224 [ # # # # : 0 : strprintf("Error closing %s after write, file contents are likely incomplete", fs::PathToString(path)));
# # ]
4225 : : }
4226 : 0 : }
4227 : :
4228 : : std::function<void(const CAddress& addr,
4229 : : const std::string& msg_type,
4230 : : std::span<const unsigned char> data,
4231 : : bool is_incoming)>
4232 : : CaptureMessage = CaptureMessageToFile;
|
