Branch data Line data Source code
1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : : // Copyright (c) 2009-present The Bitcoin Core developers
3 : : // Distributed under the MIT software license, see the accompanying
4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 : :
6 : : #include <bitcoin-build-config.h> // IWYU pragma: keep
7 : :
8 : : #include <net.h>
9 : :
10 : : #include <addrdb.h>
11 : : #include <addrman.h>
12 : : #include <banman.h>
13 : : #include <clientversion.h>
14 : : #include <common/args.h>
15 : : #include <common/netif.h>
16 : : #include <compat/compat.h>
17 : : #include <consensus/consensus.h>
18 : : #include <crypto/sha256.h>
19 : : #include <i2p.h>
20 : : #include <key.h>
21 : : #include <logging.h>
22 : : #include <memusage.h>
23 : : #include <net_permissions.h>
24 : : #include <netaddress.h>
25 : : #include <netbase.h>
26 : : #include <node/eviction.h>
27 : : #include <node/interface_ui.h>
28 : : #include <protocol.h>
29 : : #include <random.h>
30 : : #include <scheduler.h>
31 : : #include <util/fs.h>
32 : : #include <util/sock.h>
33 : : #include <util/strencodings.h>
34 : : #include <util/thread.h>
35 : : #include <util/threadinterrupt.h>
36 : : #include <util/trace.h>
37 : : #include <util/translation.h>
38 : : #include <util/vector.h>
39 : :
40 : : #include <algorithm>
41 : : #include <array>
42 : : #include <cmath>
43 : : #include <cstdint>
44 : : #include <cstring>
45 : : #include <functional>
46 : : #include <optional>
47 : : #include <string_view>
48 : : #include <unordered_map>
49 : :
50 : : TRACEPOINT_SEMAPHORE(net, closed_connection);
51 : : TRACEPOINT_SEMAPHORE(net, evicted_inbound_connection);
52 : : TRACEPOINT_SEMAPHORE(net, inbound_connection);
53 : : TRACEPOINT_SEMAPHORE(net, outbound_connection);
54 : : TRACEPOINT_SEMAPHORE(net, outbound_message);
55 : :
56 : : /** Maximum number of block-relay-only anchor connections */
57 : : static constexpr size_t MAX_BLOCK_RELAY_ONLY_ANCHORS = 2;
58 : : static_assert (MAX_BLOCK_RELAY_ONLY_ANCHORS <= static_cast<size_t>(MAX_BLOCK_RELAY_ONLY_CONNECTIONS), "MAX_BLOCK_RELAY_ONLY_ANCHORS must not exceed MAX_BLOCK_RELAY_ONLY_CONNECTIONS.");
59 : : /** Anchor IP address database file name */
60 : : const char* const ANCHORS_DATABASE_FILENAME = "anchors.dat";
61 : :
62 : : // How often to dump addresses to peers.dat
63 : : static constexpr std::chrono::minutes DUMP_PEERS_INTERVAL{15};
64 : :
65 : : /** Number of DNS seeds to query when the number of connections is low. */
66 : : static constexpr int DNSSEEDS_TO_QUERY_AT_ONCE = 3;
67 : :
68 : : /** Minimum number of outbound connections under which we will keep fetching our address seeds. */
69 : : static constexpr int SEED_OUTBOUND_CONNECTION_THRESHOLD = 2;
70 : :
71 : : /** How long to delay before querying DNS seeds
72 : : *
73 : : * If we have more than THRESHOLD entries in addrman, then it's likely
74 : : * that we got those addresses from having previously connected to the P2P
75 : : * network, and that we'll be able to successfully reconnect to the P2P
76 : : * network via contacting one of them. So if that's the case, spend a
77 : : * little longer trying to connect to known peers before querying the
78 : : * DNS seeds.
79 : : */
80 : : static constexpr std::chrono::seconds DNSSEEDS_DELAY_FEW_PEERS{11};
81 : : static constexpr std::chrono::minutes DNSSEEDS_DELAY_MANY_PEERS{5};
82 : : static constexpr int DNSSEEDS_DELAY_PEER_THRESHOLD = 1000; // "many" vs "few" peers
83 : :
84 : : /** The default timeframe for -maxuploadtarget. 1 day. */
85 : : static constexpr std::chrono::seconds MAX_UPLOAD_TIMEFRAME{60 * 60 * 24};
86 : :
87 : : // A random time period (0 to 1 seconds) is added to feeler connections to prevent synchronization.
88 : : static constexpr auto FEELER_SLEEP_WINDOW{1s};
89 : :
90 : : /** Frequency to attempt extra connections to reachable networks we're not connected to yet **/
91 : : static constexpr auto EXTRA_NETWORK_PEER_INTERVAL{5min};
92 : :
93 : : /** Used to pass flags to the Bind() function */
94 : : enum BindFlags {
95 : : BF_NONE = 0,
96 : : BF_REPORT_ERROR = (1U << 0),
97 : : /**
98 : : * Do not call AddLocal() for our special addresses, e.g., for incoming
99 : : * Tor connections, to prevent gossiping them over the network.
100 : : */
101 : : BF_DONT_ADVERTISE = (1U << 1),
102 : : };
103 : :
104 : : // The set of sockets cannot be modified while waiting
105 : : // The sleep time needs to be small to avoid new sockets stalling
106 : : static const uint64_t SELECT_TIMEOUT_MILLISECONDS = 50;
107 : :
108 : : const std::string NET_MESSAGE_TYPE_OTHER = "*other*";
109 : :
110 : : static const uint64_t RANDOMIZER_ID_NETGROUP = 0x6c0edd8036ef4036ULL; // SHA256("netgroup")[0:8]
111 : : static const uint64_t RANDOMIZER_ID_LOCALHOSTNONCE = 0xd93e69e2bbfa5735ULL; // SHA256("localhostnonce")[0:8]
112 : : static const uint64_t RANDOMIZER_ID_NETWORKKEY = 0x0e8a2b136c592a7dULL; // SHA256("networkkey")[0:8]
113 : : //
114 : : // Global state variables
115 : : //
116 : : bool fDiscover = true;
117 : : bool fListen = true;
118 : : GlobalMutex g_maplocalhost_mutex;
119 : : std::map<CNetAddr, LocalServiceInfo> mapLocalHost GUARDED_BY(g_maplocalhost_mutex);
120 : : std::string strSubVersion;
121 : :
122 : 327674 : size_t CSerializedNetMsg::GetMemoryUsage() const noexcept
123 : : {
124 [ - + ]: 327674 : return sizeof(*this) + memusage::DynamicUsage(m_type) + memusage::DynamicUsage(data);
125 : : }
126 : :
127 : 208956 : size_t CNetMessage::GetMemoryUsage() const noexcept
128 : : {
129 : 208956 : return sizeof(*this) + memusage::DynamicUsage(m_type) + m_recv.GetMemoryUsage();
130 : : }
131 : :
132 : 0 : void CConnman::AddAddrFetch(const std::string& strDest)
133 : : {
134 : 0 : LOCK(m_addr_fetches_mutex);
135 [ # # ]: 0 : m_addr_fetches.push_back(strDest);
136 : 0 : }
137 : :
138 : 94950 : uint16_t GetListenPort()
139 : : {
140 : : // If -bind= is provided with ":port" part, use that (first one if multiple are provided).
141 [ + - - + ]: 94950 : for (const std::string& bind_arg : gArgs.GetArgs("-bind")) {
142 : 0 : constexpr uint16_t dummy_port = 0;
143 : :
144 [ # # # # ]: 0 : const std::optional<CService> bind_addr{Lookup(bind_arg, dummy_port, /*fAllowLookup=*/false)};
145 [ # # # # : 0 : if (bind_addr.has_value() && bind_addr->GetPort() != dummy_port) return bind_addr->GetPort();
# # # # ]
146 : 94950 : }
147 : :
148 : : // Otherwise, if -whitebind= without NetPermissionFlags::NoBan is provided, use that
149 : : // (-whitebind= is required to have ":port").
150 [ + - - + ]: 94950 : for (const std::string& whitebind_arg : gArgs.GetArgs("-whitebind")) {
151 [ # # ]: 0 : NetWhitebindPermissions whitebind;
152 [ # # ]: 0 : bilingual_str error;
153 [ # # # # ]: 0 : if (NetWhitebindPermissions::TryParse(whitebind_arg, whitebind, error)) {
154 [ # # ]: 0 : if (!NetPermissions::HasFlag(whitebind.m_flags, NetPermissionFlags::NoBan)) {
155 [ # # ]: 0 : return whitebind.m_service.GetPort();
156 : : }
157 : : }
158 : 0 : }
159 : :
160 : : // Otherwise, if -port= is provided, use that. Otherwise use the default port.
161 [ + - ]: 94950 : return static_cast<uint16_t>(gArgs.GetIntArg("-port", Params().GetDefaultPort()));
162 : : }
163 : :
164 : : // Determine the "best" local address for a particular peer.
165 : 94944 : [[nodiscard]] static std::optional<CService> GetLocal(const CNode& peer)
166 : : {
167 [ - + ]: 94944 : if (!fListen) return std::nullopt;
168 : :
169 : 94944 : std::optional<CService> addr;
170 : 94944 : int nBestScore = -1;
171 : 94944 : int nBestReachability = -1;
172 : 94944 : {
173 [ + - ]: 94944 : LOCK(g_maplocalhost_mutex);
174 [ + - + + ]: 12980913 : for (const auto& [local_addr, local_service_info] : mapLocalHost) {
175 : : // For privacy reasons, don't advertise our privacy-network address
176 : : // to other networks and don't advertise our other-network address
177 : : // to privacy networks.
178 [ + - + - ]: 12885969 : if (local_addr.GetNetwork() != peer.ConnectedThroughNetwork()
179 [ + + + - : 22326717 : && (local_addr.IsPrivacyNet() || peer.IsConnectedThroughPrivacyNet())) {
+ + ]
180 : 4389824 : continue;
181 : : }
182 : 8496145 : const int nScore{local_service_info.nScore};
183 [ + - ]: 8496145 : const int nReachability{local_addr.GetReachabilityFrom(peer.addr)};
184 [ + + + + ]: 8496145 : if (nReachability > nBestReachability || (nReachability == nBestReachability && nScore > nBestScore)) {
185 [ + - ]: 221462 : addr.emplace(CService{local_addr, local_service_info.nPort});
186 : 221462 : nBestReachability = nReachability;
187 : 221462 : nBestScore = nScore;
188 : : }
189 : : }
190 : 0 : }
191 [ + + ]: 159097 : return addr;
192 : 94944 : }
193 : :
194 : : //! Convert the serialized seeds into usable address objects.
195 : 0 : static std::vector<CAddress> ConvertSeeds(const std::vector<uint8_t> &vSeedsIn)
196 : : {
197 : : // It'll only connect to one or two seed nodes because once it connects,
198 : : // it'll get a pile of addresses with newer timestamps.
199 : : // Seed nodes are given a random 'last seen time' of between one and two
200 : : // weeks ago.
201 : 0 : const auto one_week{7 * 24h};
202 : 0 : std::vector<CAddress> vSeedsOut;
203 : 0 : FastRandomContext rng;
204 [ # # # # ]: 0 : ParamsStream s{DataStream{vSeedsIn}, CAddress::V2_NETWORK};
205 [ # # # # ]: 0 : while (!s.eof()) {
206 [ # # ]: 0 : CService endpoint;
207 [ # # ]: 0 : s >> endpoint;
208 : 0 : CAddress addr{endpoint, SeedsServiceFlags()};
209 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - one_week, -one_week);
210 [ # # # # : 0 : LogDebug(BCLog::NET, "Added hardcoded seed: %s\n", addr.ToStringAddrPort());
# # # # ]
211 [ # # ]: 0 : vSeedsOut.push_back(addr);
212 : 0 : }
213 : 0 : return vSeedsOut;
214 : 0 : }
215 : :
216 : : // Determine the "best" local address for a particular peer.
217 : : // If none, return the unroutable 0.0.0.0 but filled in with
218 : : // the normal parameters, since the IP may be changed to a useful
219 : : // one by discovery.
220 : 94944 : CService GetLocalAddress(const CNode& peer)
221 : : {
222 [ + - + - : 94944 : return GetLocal(peer).value_or(CService{CNetAddr(), GetListenPort()});
+ - ]
223 : : }
224 : :
225 : 0 : static int GetnScore(const CService& addr)
226 : : {
227 : 0 : LOCK(g_maplocalhost_mutex);
228 [ # # ]: 0 : const auto it = mapLocalHost.find(addr);
229 [ # # ]: 0 : return (it != mapLocalHost.end()) ? it->second.nScore : 0;
230 : 0 : }
231 : :
232 : : // Is our peer's addrLocal potentially useful as an external IP source?
233 : 0 : [[nodiscard]] static bool IsPeerAddrLocalGood(CNode *pnode)
234 : : {
235 : 0 : CService addrLocal = pnode->GetAddrLocal();
236 [ # # # # : 0 : return fDiscover && pnode->addr.IsRoutable() && addrLocal.IsRoutable() &&
# # # # #
# # # ]
237 [ # # ]: 0 : g_reachable_nets.Contains(addrLocal);
238 : 0 : }
239 : :
240 : 0 : std::optional<CService> GetLocalAddrForPeer(CNode& node)
241 : : {
242 : 0 : CService addrLocal{GetLocalAddress(node)};
243 : : // If discovery is enabled, sometimes give our peer the address it
244 : : // tells us that it sees us as in case it has a better idea of our
245 : : // address than we do.
246 : 0 : FastRandomContext rng;
247 [ # # # # : 0 : if (IsPeerAddrLocalGood(&node) && (!addrLocal.IsRoutable() ||
# # # # #
# ]
248 [ # # # # ]: 0 : rng.randbits((GetnScore(addrLocal) > LOCAL_MANUAL) ? 3 : 1) == 0))
249 : : {
250 [ # # ]: 0 : if (node.IsInboundConn()) {
251 : : // For inbound connections, assume both the address and the port
252 : : // as seen from the peer.
253 [ # # ]: 0 : addrLocal = CService{node.GetAddrLocal()};
254 : : } else {
255 : : // For outbound connections, assume just the address as seen from
256 : : // the peer and leave the port in `addrLocal` as returned by
257 : : // `GetLocalAddress()` above. The peer has no way to observe our
258 : : // listening port when we have initiated the connection.
259 [ # # # # ]: 0 : addrLocal.SetIP(node.GetAddrLocal());
260 : : }
261 : : }
262 [ # # # # ]: 0 : if (addrLocal.IsRoutable()) {
263 [ # # # # : 0 : LogDebug(BCLog::NET, "Advertising address %s to peer=%d\n", addrLocal.ToStringAddrPort(), node.GetId());
# # # # ]
264 : 0 : return addrLocal;
265 : : }
266 : : // Address is unroutable. Don't advertise.
267 : 0 : return std::nullopt;
268 : 0 : }
269 : :
270 : 1118 : void ClearLocal()
271 : : {
272 : 1118 : LOCK(g_maplocalhost_mutex);
273 [ + - ]: 1118 : return mapLocalHost.clear();
274 : 1118 : }
275 : :
276 : : // learn a new local address
277 : 183865 : bool AddLocal(const CService& addr_, int nScore)
278 : : {
279 : 183865 : CService addr{MaybeFlipIPv6toCJDNS(addr_)};
280 : :
281 [ + - + + ]: 183865 : if (!addr.IsRoutable())
282 : : return false;
283 : :
284 [ - + - - ]: 131939 : if (!fDiscover && nScore < LOCAL_MANUAL)
285 : : return false;
286 : :
287 [ + - + - ]: 131939 : if (!g_reachable_nets.Contains(addr))
288 : : return false;
289 : :
290 [ + - + - ]: 131939 : LogPrintf("AddLocal(%s,%i)\n", addr.ToStringAddrPort(), nScore);
291 : :
292 : 131939 : {
293 [ + - ]: 131939 : LOCK(g_maplocalhost_mutex);
294 [ + - + + ]: 131939 : const auto [it, is_newly_added] = mapLocalHost.emplace(addr, LocalServiceInfo());
295 [ + + ]: 131939 : LocalServiceInfo &info = it->second;
296 [ + + + + ]: 131939 : if (is_newly_added || nScore >= info.nScore) {
297 [ + + ]: 53651 : info.nScore = nScore + (is_newly_added ? 0 : 1);
298 [ + - ]: 53651 : info.nPort = addr.GetPort();
299 : : }
300 : 0 : }
301 : :
302 : 131939 : return true;
303 : 183865 : }
304 : :
305 : 0 : bool AddLocal(const CNetAddr &addr, int nScore)
306 : : {
307 [ # # ]: 0 : return AddLocal(CService(addr, GetListenPort()), nScore);
308 : : }
309 : :
310 : 43230 : void RemoveLocal(const CService& addr)
311 : : {
312 : 43230 : LOCK(g_maplocalhost_mutex);
313 [ + - + - ]: 43230 : LogPrintf("RemoveLocal(%s)\n", addr.ToStringAddrPort());
314 [ + - + - ]: 43230 : mapLocalHost.erase(addr);
315 : 43230 : }
316 : :
317 : : /** vote for a local address */
318 : 183079 : bool SeenLocal(const CService& addr)
319 : : {
320 : 183079 : LOCK(g_maplocalhost_mutex);
321 [ + - ]: 183079 : const auto it = mapLocalHost.find(addr);
322 [ + + ]: 183079 : if (it == mapLocalHost.end()) return false;
323 : 164310 : ++it->second.nScore;
324 : 164310 : return true;
325 : 183079 : }
326 : :
327 : :
328 : : /** check whether a given address is potentially local */
329 : 144549 : bool IsLocal(const CService& addr)
330 : : {
331 : 144549 : LOCK(g_maplocalhost_mutex);
332 [ + - + - ]: 144549 : return mapLocalHost.count(addr) > 0;
333 : 144549 : }
334 : :
335 : 16 : bool CConnman::AlreadyConnectedToHost(std::string_view host) const
336 : : {
337 : 16 : LOCK(m_nodes_mutex);
338 [ + - - + ]: 172 : return std::ranges::any_of(m_nodes, [&host](CNode* node) { return node->m_addr_name == host; });
339 : 16 : }
340 : :
341 : 34 : bool CConnman::AlreadyConnectedToAddressPort(const CService& addr_port) const
342 : : {
343 : 34 : LOCK(m_nodes_mutex);
344 [ + - + - ]: 506 : return std::ranges::any_of(m_nodes, [&addr_port](CNode* node) { return node->addr == addr_port; });
345 : 34 : }
346 : :
347 : 34 : bool CConnman::AlreadyConnectedToAddress(const CNetAddr& addr) const
348 : : {
349 : 34 : LOCK(m_nodes_mutex);
350 [ + - + - ]: 511 : return std::ranges::any_of(m_nodes, [&addr](CNode* node) { return node->addr == addr; });
351 : 34 : }
352 : :
353 : 7444 : bool CConnman::CheckIncomingNonce(uint64_t nonce)
354 : : {
355 : 7444 : LOCK(m_nodes_mutex);
356 [ + + ]: 40034 : for (const CNode* pnode : m_nodes) {
357 [ + + + + : 33315 : if (!pnode->fSuccessfullyConnected && !pnode->IsInboundConn() && pnode->GetLocalNonce() == nonce)
+ + ]
358 : : return false;
359 : : }
360 : : return true;
361 : 7444 : }
362 : :
363 : : /** Get the bind address for a socket as CService. */
364 : 5 : static CService GetBindAddress(const Sock& sock)
365 : : {
366 : 5 : CService addr_bind;
367 : 5 : struct sockaddr_storage sockaddr_bind;
368 : 5 : socklen_t sockaddr_bind_len = sizeof(sockaddr_bind);
369 [ + - - + ]: 5 : if (!sock.GetSockName((struct sockaddr*)&sockaddr_bind, &sockaddr_bind_len)) {
370 [ # # ]: 0 : addr_bind.SetSockAddr((const struct sockaddr*)&sockaddr_bind, sockaddr_bind_len);
371 : : } else {
372 [ + - + - : 5 : LogPrintLevel(BCLog::NET, BCLog::Level::Warning, "getsockname failed\n");
+ - ]
373 : : }
374 : 5 : return addr_bind;
375 : 0 : }
376 : :
377 : 49 : CNode* CConnman::ConnectNode(CAddress addrConnect,
378 : : const char* pszDest,
379 : : bool fCountFailure,
380 : : ConnectionType conn_type,
381 : : bool use_v2transport,
382 : : const std::optional<Proxy>& proxy_override)
383 : : {
384 : 49 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
385 [ - + ]: 49 : assert(conn_type != ConnectionType::INBOUND);
386 : :
387 [ + + ]: 49 : if (pszDest == nullptr) {
388 [ + - ]: 33 : if (IsLocal(addrConnect))
389 : : return nullptr;
390 : :
391 : : // Look for an existing connection
392 [ - + ]: 33 : if (AlreadyConnectedToAddressPort(addrConnect)) {
393 [ # # ]: 0 : LogInfo("Failed to open new connection to %s, already connected", addrConnect.ToStringAddrPort());
394 : 0 : return nullptr;
395 : : }
396 : : }
397 : :
398 [ - + - - : 49 : LogPrintLevel(BCLog::NET, BCLog::Level::Debug, "trying %s connection %s lastseen=%.1fhrs\n",
- - - - -
- ]
399 : : use_v2transport ? "v2" : "v1",
400 : : pszDest ? pszDest : addrConnect.ToStringAddrPort(),
401 : : Ticks<HoursDouble>(pszDest ? 0h : Now<NodeSeconds>() - addrConnect.nTime));
402 : :
403 : : // Resolve
404 [ + + + - ]: 65 : const uint16_t default_port{pszDest != nullptr ? GetDefaultPort(pszDest) :
405 : 33 : m_params.GetDefaultPort()};
406 : :
407 : : // Collection of addresses to try to connect to: either all dns resolved addresses if a domain name (pszDest) is provided, or addrConnect otherwise.
408 : 49 : std::vector<CAddress> connect_to{};
409 [ + + ]: 49 : if (pszDest) {
410 [ + - + - : 32 : std::vector<CService> resolved{Lookup(pszDest, default_port, fNameLookup && !HaveNameProxy(), 256)};
+ - - + +
- + - ]
411 [ + + ]: 16 : if (!resolved.empty()) {
412 : 1 : std::shuffle(resolved.begin(), resolved.end(), FastRandomContext());
413 : : // If the connection is made by name, it can be the case that the name resolves to more than one address.
414 : : // We don't want to connect any more of them if we are already connected to one
415 [ + + ]: 2 : for (const auto& r : resolved) {
416 [ + - ]: 2 : addrConnect = CAddress{MaybeFlipIPv6toCJDNS(r), NODE_NONE};
417 [ + - - + ]: 1 : if (!addrConnect.IsValid()) {
418 [ # # # # : 0 : LogDebug(BCLog::NET, "Resolver returned invalid address %s for %s\n", addrConnect.ToStringAddrPort(), pszDest);
# # # # ]
419 : 0 : return nullptr;
420 : : }
421 : : // It is possible that we already have a connection to the IP/port pszDest resolved to.
422 : : // In that case, drop the connection that was just created.
423 [ + - - + ]: 1 : if (AlreadyConnectedToAddressPort(addrConnect)) {
424 [ # # # # ]: 0 : LogPrintf("Not opening a connection to %s, already connected to %s\n", pszDest, addrConnect.ToStringAddrPort());
425 : 0 : return nullptr;
426 : : }
427 : : // Add the address to the resolved addresses vector so we can try to connect to it later on
428 [ + - ]: 1 : connect_to.push_back(addrConnect);
429 : : }
430 : : } else {
431 : : // For resolution via proxy
432 [ + - ]: 15 : connect_to.push_back(addrConnect);
433 : : }
434 : 16 : } else {
435 : : // Connect via addrConnect directly
436 [ + - ]: 33 : connect_to.push_back(addrConnect);
437 : : }
438 : :
439 : : // Connect
440 : 49 : std::unique_ptr<Sock> sock;
441 [ + - ]: 49 : Proxy proxy;
442 [ + - ]: 49 : CService addr_bind;
443 [ + - - + ]: 49 : assert(!addr_bind.IsValid());
444 : 49 : std::unique_ptr<i2p::sam::Session> i2p_transient_session;
445 : :
446 [ + + ]: 93 : for (auto& target_addr: connect_to) {
447 [ + - + + ]: 49 : if (target_addr.IsValid()) {
448 : 12 : bool use_proxy;
449 [ - + ]: 12 : if (proxy_override.has_value()) {
450 : 0 : use_proxy = true;
451 [ # # ]: 0 : proxy = proxy_override.value();
452 : : } else {
453 [ + - + - ]: 12 : use_proxy = GetProxy(target_addr.GetNetwork(), proxy);
454 : : }
455 : 12 : bool proxyConnectionFailed = false;
456 : :
457 [ + + + - ]: 12 : if (target_addr.IsI2P() && use_proxy) {
458 [ # # ]: 0 : i2p::Connection conn;
459 : 0 : bool connected{false};
460 : :
461 [ # # ]: 0 : if (m_i2p_sam_session) {
462 [ # # ]: 0 : connected = m_i2p_sam_session->Connect(target_addr, conn, proxyConnectionFailed);
463 : : } else {
464 : 0 : {
465 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
466 [ # # ]: 0 : if (m_unused_i2p_sessions.empty()) {
467 : 0 : i2p_transient_session =
468 [ # # ]: 0 : std::make_unique<i2p::sam::Session>(proxy, m_interrupt_net);
469 : : } else {
470 : 0 : i2p_transient_session.swap(m_unused_i2p_sessions.front());
471 : 0 : m_unused_i2p_sessions.pop();
472 : : }
473 : 0 : }
474 [ # # ]: 0 : connected = i2p_transient_session->Connect(target_addr, conn, proxyConnectionFailed);
475 [ # # ]: 0 : if (!connected) {
476 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
477 [ # # # # ]: 0 : if (m_unused_i2p_sessions.size() < MAX_UNUSED_I2P_SESSIONS_SIZE) {
478 [ # # # # ]: 0 : m_unused_i2p_sessions.emplace(i2p_transient_session.release());
479 : : }
480 : 0 : }
481 : : }
482 : :
483 [ # # ]: 0 : if (connected) {
484 : 0 : sock = std::move(conn.sock);
485 : 0 : addr_bind = conn.me;
486 : : }
487 [ - + ]: 12 : } else if (use_proxy) {
488 [ # # # # : 0 : LogPrintLevel(BCLog::PROXY, BCLog::Level::Debug, "Using proxy: %s to connect to %s\n", proxy.ToString(), target_addr.ToStringAddrPort());
# # # # #
# ]
489 [ # # # # : 0 : sock = ConnectThroughProxy(proxy, target_addr.ToStringAddr(), target_addr.GetPort(), proxyConnectionFailed);
# # ]
490 : : } else {
491 : : // no proxy needed (none set for target network)
492 [ + - ]: 24 : sock = ConnectDirectly(target_addr, conn_type == ConnectionType::MANUAL);
493 : : }
494 [ + - ]: 12 : if (!proxyConnectionFailed) {
495 : : // If a connection to the node was attempted, and failure (if any) is not caused by a problem connecting to
496 : : // the proxy, mark this as an attempt.
497 [ + - ]: 12 : addrman.Attempt(target_addr, fCountFailure);
498 : : }
499 [ + + + - : 37 : } else if (pszDest && GetNameProxy(proxy)) {
- + ]
500 [ # # ]: 0 : std::string host;
501 : 0 : uint16_t port{default_port};
502 [ # # # # ]: 0 : SplitHostPort(std::string(pszDest), port, host);
503 : 0 : bool proxyConnectionFailed;
504 [ # # ]: 0 : sock = ConnectThroughProxy(proxy, host, port, proxyConnectionFailed);
505 : 0 : }
506 : : // Check any other resolved address (if any) if we fail to connect
507 [ + + ]: 49 : if (!sock) {
508 : 44 : continue;
509 : : }
510 : :
511 : 5 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
512 [ - + - - ]: 5 : std::vector<NetWhitelistPermissions> whitelist_permissions = conn_type == ConnectionType::MANUAL ? vWhitelistedRangeOutgoing : std::vector<NetWhitelistPermissions>{};
513 [ + - ]: 5 : AddWhitelistPermissionFlags(permission_flags, target_addr, whitelist_permissions);
514 : :
515 : : // Add node
516 [ + - ]: 5 : NodeId id = GetNewNodeId();
517 [ + - + - : 5 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
+ - ]
518 [ + - + - ]: 5 : if (!addr_bind.IsValid()) {
519 [ + - ]: 10 : addr_bind = GetBindAddress(*sock);
520 : : }
521 [ + - ]: 5 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
522 [ + - + - ]: 5 : .Write(target_addr.GetNetClass())
523 [ + - + - ]: 10 : .Write(addr_bind.GetAddrBytes())
524 : : // For outbound connections, the port of the bound address is randomly
525 : : // assigned by the OS and would therefore not be useful for seeding.
526 [ + - ]: 5 : .Write(0)
527 [ + - ]: 5 : .Finalize();
528 : 5 : CNode* pnode = new CNode(id,
529 : 5 : std::move(sock),
530 : : target_addr,
531 : : CalculateKeyedNetGroup(target_addr),
532 : : nonce,
533 : : addr_bind,
534 [ + - ]: 10 : pszDest ? pszDest : "",
535 : : conn_type,
536 : : /*inbound_onion=*/false,
537 : : network_id,
538 [ + + ]: 5 : CNodeOptions{
539 : : .permission_flags = permission_flags,
540 : : .i2p_sam_session = std::move(i2p_transient_session),
541 [ + + ]: 5 : .recv_flood_size = nReceiveFloodSize,
542 : : .use_v2transport = use_v2transport,
543 [ + - + - : 10 : });
+ - + - +
- ]
544 : 5 : pnode->AddRef();
545 : :
546 : : // We're making a new connection, harvest entropy from the time (and our peer count)
547 : 5 : RandAddEvent((uint32_t)id);
548 : :
549 : 5 : return pnode;
550 : 5 : }
551 : :
552 : : return nullptr;
553 : 98 : }
554 : :
555 : 34939 : void CNode::CloseSocketDisconnect()
556 : : {
557 : 34939 : fDisconnect = true;
558 : 34939 : LOCK(m_sock_mutex);
559 [ + + ]: 34939 : if (m_sock) {
560 [ + - - + : 13336 : LogDebug(BCLog::NET, "Resetting socket for peer=%d%s", GetId(), LogIP(fLogIPs));
- - - - ]
561 : 13336 : m_sock.reset();
562 : :
563 : : TRACEPOINT(net, closed_connection,
564 : : GetId(),
565 : : m_addr_name.c_str(),
566 : : ConnectionTypeAsString().c_str(),
567 : : ConnectedThroughNetwork(),
568 : 13336 : Ticks<std::chrono::seconds>(m_connected));
569 : : }
570 [ - + + - ]: 34939 : m_i2p_sam_session.reset();
571 : 34939 : }
572 : :
573 : 8827 : void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const {
574 [ - + ]: 8827 : for (const auto& subnet : ranges) {
575 [ # # # # ]: 0 : if (addr.has_value() && subnet.m_subnet.Match(addr.value())) {
576 : 0 : NetPermissions::AddFlag(flags, subnet.m_flags);
577 : : }
578 : : }
579 [ + + ]: 8827 : if (NetPermissions::HasFlag(flags, NetPermissionFlags::Implicit)) {
580 [ - + ]: 15 : NetPermissions::ClearFlag(flags, NetPermissionFlags::Implicit);
581 [ - + ]: 15 : if (whitelist_forcerelay) NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);
582 [ + - ]: 15 : if (whitelist_relay) NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);
583 : 15 : NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);
584 : 15 : NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);
585 : : }
586 : 8827 : }
587 : :
588 : 160780 : CService CNode::GetAddrLocal() const
589 : : {
590 : 160780 : AssertLockNotHeld(m_addr_local_mutex);
591 : 160780 : LOCK(m_addr_local_mutex);
592 [ + - ]: 160780 : return m_addr_local;
593 : 160780 : }
594 : :
595 : 11105 : void CNode::SetAddrLocal(const CService& addrLocalIn) {
596 : 11105 : AssertLockNotHeld(m_addr_local_mutex);
597 : 11105 : LOCK(m_addr_local_mutex);
598 [ + - + - : 11105 : if (Assume(!m_addr_local.IsValid())) { // Addr local can only be set once during version msg processing
+ - ]
599 : 11105 : m_addr_local = addrLocalIn;
600 : : }
601 : 11105 : }
602 : :
603 : 13323153 : Network CNode::ConnectedThroughNetwork() const
604 : : {
605 [ + + ]: 13323153 : return m_inbound_onion ? NET_ONION : addr.GetNetClass();
606 : : }
607 : :
608 : 9440748 : bool CNode::IsConnectedThroughPrivacyNet() const
609 : : {
610 [ + + + + ]: 9440748 : return m_inbound_onion || addr.IsPrivacyNet();
611 : : }
612 : :
613 : : #undef X
614 : : #define X(name) stats.name = name
615 : 159423 : void CNode::CopyStats(CNodeStats& stats)
616 : : {
617 : 159423 : stats.nodeid = this->GetId();
618 : 159423 : X(addr);
619 : 159423 : X(addrBind);
620 : 159423 : stats.m_network = ConnectedThroughNetwork();
621 : 159423 : X(m_last_send);
622 : 159423 : X(m_last_recv);
623 : 159423 : X(m_last_tx_time);
624 : 159423 : X(m_last_block_time);
625 : 159423 : X(m_connected);
626 : 159423 : X(m_addr_name);
627 : 159423 : X(nVersion);
628 : 159423 : {
629 : 159423 : LOCK(m_subver_mutex);
630 [ + - + - ]: 318846 : X(cleanSubVer);
631 : 0 : }
632 : 159423 : stats.fInbound = IsInboundConn();
633 : 159423 : X(m_bip152_highbandwidth_to);
634 : 159423 : X(m_bip152_highbandwidth_from);
635 : 159423 : {
636 : 159423 : LOCK(cs_vSend);
637 [ + - ]: 159423 : X(mapSendBytesPerMsgType);
638 [ + - ]: 159423 : X(nSendBytes);
639 : 0 : }
640 : 159423 : {
641 : 159423 : LOCK(cs_vRecv);
642 [ + - ]: 159423 : X(mapRecvBytesPerMsgType);
643 : 159423 : X(nRecvBytes);
644 : 159423 : Transport::Info info = m_transport->GetInfo();
645 : 159423 : stats.m_transport_type = info.transport_type;
646 [ - + - - ]: 159423 : if (info.session_id) stats.m_session_id = HexStr(*info.session_id);
647 : 0 : }
648 : 159423 : X(m_permission_flags);
649 : :
650 : 159423 : X(m_last_ping_time);
651 : 159423 : X(m_min_ping_time);
652 : :
653 : : // Leave string empty if addrLocal invalid (not filled in yet)
654 : 159423 : CService addrLocalUnlocked = GetAddrLocal();
655 [ + - + + : 159423 : stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToStringAddrPort() : "";
+ - + - ]
656 : :
657 : 159423 : X(m_conn_type);
658 : 159423 : }
659 : : #undef X
660 : :
661 : 310650 : bool CNode::ReceiveMsgBytes(std::span<const uint8_t> msg_bytes, bool& complete)
662 : : {
663 : 310650 : complete = false;
664 : 310650 : const auto time = GetTime<std::chrono::microseconds>();
665 : 310650 : LOCK(cs_vRecv);
666 : 310650 : m_last_recv = std::chrono::duration_cast<std::chrono::seconds>(time);
667 : 310650 : nRecvBytes += msg_bytes.size();
668 [ + + ]: 945259 : while (msg_bytes.size() > 0) {
669 : : // absorb network data
670 [ + - + + ]: 370461 : if (!m_transport->ReceivedBytes(msg_bytes)) {
671 : : // Serious transport problem, disconnect from the peer.
672 : : return false;
673 : : }
674 : :
675 [ + - + + ]: 323959 : if (m_transport->ReceivedMessageComplete()) {
676 : : // decompose a transport agnostic CNetMessage from the deserializer
677 : 180267 : bool reject_message{false};
678 [ + - ]: 180267 : CNetMessage msg = m_transport->GetReceivedMessage(time, reject_message);
679 [ + + ]: 180267 : if (reject_message) {
680 : : // Message deserialization failed. Drop the message but don't disconnect the peer.
681 : : // store the size of the corrupt message
682 [ + - ]: 42833 : mapRecvBytesPerMsgType.at(NET_MESSAGE_TYPE_OTHER) += msg.m_raw_message_size;
683 : 42833 : continue;
684 : : }
685 : :
686 : : // Store received bytes per message type.
687 : : // To prevent a memory DOS, only allow known message types.
688 : 137434 : auto i = mapRecvBytesPerMsgType.find(msg.m_type);
689 [ + + ]: 137434 : if (i == mapRecvBytesPerMsgType.end()) {
690 : 26593 : i = mapRecvBytesPerMsgType.find(NET_MESSAGE_TYPE_OTHER);
691 : : }
692 [ - + ]: 137434 : assert(i != mapRecvBytesPerMsgType.end());
693 [ + - ]: 137434 : i->second += msg.m_raw_message_size;
694 : :
695 : : // push the message to the process queue,
696 [ + - ]: 137434 : vRecvMsg.push_back(std::move(msg));
697 : :
698 : 137434 : complete = true;
699 : 180267 : }
700 : : }
701 : :
702 : : return true;
703 : 310650 : }
704 : :
705 : 3886 : std::string CNode::LogIP(bool log_ip) const
706 : : {
707 [ - + - - : 3886 : return log_ip ? strprintf(" peeraddr=%s", addr.ToStringAddrPort()) : "";
- - + - -
- ]
708 : : }
709 : :
710 : 0 : std::string CNode::DisconnectMsg(bool log_ip) const
711 : : {
712 : 0 : return strprintf("disconnecting peer=%d%s",
713 [ # # ]: 0 : GetId(),
714 [ # # ]: 0 : LogIP(log_ip));
715 : : }
716 : :
717 : 47606 : V1Transport::V1Transport(const NodeId node_id) noexcept
718 : 47606 : : m_magic_bytes{Params().MessageStart()}, m_node_id{node_id}
719 : : {
720 : 47606 : LOCK(m_recv_mutex);
721 [ + - ]: 47606 : Reset();
722 : 47606 : }
723 : :
724 : 165183 : Transport::Info V1Transport::GetInfo() const noexcept
725 : : {
726 : 165183 : return {.transport_type = TransportProtocolType::V1, .session_id = {}};
727 : : }
728 : :
729 : 367724 : int V1Transport::readHeader(std::span<const uint8_t> msg_bytes)
730 : : {
731 : 367724 : AssertLockHeld(m_recv_mutex);
732 : : // copy data to temporary parsing buffer
733 : 367724 : unsigned int nRemaining = CMessageHeader::HEADER_SIZE - nHdrPos;
734 [ + + ]: 367724 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
735 : :
736 [ + + ]: 367724 : memcpy(&hdrbuf[nHdrPos], msg_bytes.data(), nCopy);
737 : 367724 : nHdrPos += nCopy;
738 : :
739 : : // if header incomplete, exit
740 [ + + ]: 367724 : if (nHdrPos < CMessageHeader::HEADER_SIZE)
741 : 30646 : return nCopy;
742 : :
743 : : // deserialize to CMessageHeader
744 : 337078 : try {
745 [ + - ]: 337078 : hdrbuf >> hdr;
746 : : }
747 [ - - ]: 0 : catch (const std::exception&) {
748 [ - - - - : 0 : LogDebug(BCLog::NET, "Header error: Unable to deserialize, peer=%d\n", m_node_id);
- - ]
749 : 0 : return -1;
750 : 0 : }
751 : :
752 : : // Check start string, network magic
753 [ + + ]: 337078 : if (hdr.pchMessageStart != m_magic_bytes) {
754 [ - + - - ]: 36839 : LogDebug(BCLog::NET, "Header error: Wrong MessageStart %s received, peer=%d\n", HexStr(hdr.pchMessageStart), m_node_id);
755 : 36839 : return -1;
756 : : }
757 : :
758 : : // reject messages larger than MAX_SIZE or MAX_PROTOCOL_MESSAGE_LENGTH
759 : : // NOTE: failing to perform this check previously allowed a malicious peer to make us allocate 32MiB of memory per
760 : : // connection. See https://bitcoincore.org/en/2024/07/03/disclose_receive_buffer_oom.
761 [ + + ]: 300239 : if (hdr.nMessageSize > MAX_SIZE || hdr.nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
762 [ - + - - : 9762 : LogDebug(BCLog::NET, "Header error: Size too large (%s, %u bytes), peer=%d\n", SanitizeString(hdr.GetMessageType()), hdr.nMessageSize, m_node_id);
- - - - ]
763 : 9762 : return -1;
764 : : }
765 : :
766 : : // switch state to reading message data
767 : 290477 : in_data = true;
768 : :
769 : 290477 : return nCopy;
770 : : }
771 : :
772 : 178659 : int V1Transport::readData(std::span<const uint8_t> msg_bytes)
773 : : {
774 : 178659 : AssertLockHeld(m_recv_mutex);
775 : 178659 : unsigned int nRemaining = hdr.nMessageSize - nDataPos;
776 [ + + ]: 178659 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
777 : :
778 [ - + + + ]: 178659 : if (vRecv.size() < nDataPos + nCopy) {
779 : : // Allocate up to 256 KiB ahead, but never more than the total message size.
780 [ + + ]: 297072 : vRecv.resize(std::min(hdr.nMessageSize, nDataPos + nCopy + 256 * 1024));
781 : : }
782 : :
783 : 178659 : hasher.Write(msg_bytes.first(nCopy));
784 : 178659 : memcpy(&vRecv[nDataPos], msg_bytes.data(), nCopy);
785 : 178659 : nDataPos += nCopy;
786 : :
787 : 178659 : return nCopy;
788 : : }
789 : :
790 : 290379 : const uint256& V1Transport::GetMessageHash() const
791 : : {
792 : 290379 : AssertLockHeld(m_recv_mutex);
793 [ + - - + ]: 290379 : assert(CompleteInternal());
794 [ + - ]: 580758 : if (data_hash.IsNull())
795 : 290379 : hasher.Finalize(data_hash);
796 : 290379 : return data_hash;
797 : : }
798 : :
799 : 290379 : CNetMessage V1Transport::GetReceivedMessage(const std::chrono::microseconds time, bool& reject_message)
800 : : {
801 : 290379 : AssertLockNotHeld(m_recv_mutex);
802 : : // Initialize out parameter
803 : 290379 : reject_message = false;
804 : : // decompose a single CNetMessage from the TransportDeserializer
805 : 290379 : LOCK(m_recv_mutex);
806 [ + - ]: 290379 : CNetMessage msg(std::move(vRecv));
807 : :
808 : : // store message type string, time, and sizes
809 [ + - ]: 290379 : msg.m_type = hdr.GetMessageType();
810 : 290379 : msg.m_time = time;
811 : 290379 : msg.m_message_size = hdr.nMessageSize;
812 : 290379 : msg.m_raw_message_size = hdr.nMessageSize + CMessageHeader::HEADER_SIZE;
813 : :
814 [ + - ]: 290379 : uint256 hash = GetMessageHash();
815 : :
816 : : // We just received a message off the wire, harvest entropy from the time (and the message checksum)
817 : 290379 : RandAddEvent(ReadLE32(hash.begin()));
818 : :
819 : : // Check checksum and header message type string
820 [ + + ]: 290379 : if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) {
821 [ + - - + : 25437 : LogDebug(BCLog::NET, "Header error: Wrong checksum (%s, %u bytes), expected %s was %s, peer=%d\n",
- - - - -
- - - -
- ]
822 : : SanitizeString(msg.m_type), msg.m_message_size,
823 : : HexStr(std::span{hash}.first(CMessageHeader::CHECKSUM_SIZE)),
824 : : HexStr(hdr.pchChecksum),
825 : : m_node_id);
826 : 25437 : reject_message = true;
827 [ + - + + ]: 264942 : } else if (!hdr.IsMessageTypeValid()) {
828 [ + - - + : 76221 : LogDebug(BCLog::NET, "Header error: Invalid message type (%s, %u bytes), peer=%d\n",
- - - - -
- ]
829 : : SanitizeString(hdr.GetMessageType()), msg.m_message_size, m_node_id);
830 : 76221 : reject_message = true;
831 : : }
832 : :
833 : : // Always reset the network deserializer (prepare for the next message)
834 [ + - ]: 290379 : Reset();
835 [ + - ]: 290379 : return msg;
836 : 290379 : }
837 : :
838 : 395804 : bool V1Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
839 : : {
840 : 395804 : AssertLockNotHeld(m_send_mutex);
841 : : // Determine whether a new message can be set.
842 : 395804 : LOCK(m_send_mutex);
843 [ + + - + : 395804 : if (m_sending_header || m_bytes_sent < m_message_to_send.data.size()) return false;
+ + ]
844 : :
845 : : // create dbl-sha256 checksum
846 : 289980 : uint256 hash = Hash(msg.data);
847 : :
848 : : // create header
849 [ - + ]: 289980 : CMessageHeader hdr(m_magic_bytes, msg.m_type.c_str(), msg.data.size());
850 [ + + ]: 289980 : memcpy(hdr.pchChecksum, hash.begin(), CMessageHeader::CHECKSUM_SIZE);
851 : :
852 : : // serialize header
853 [ + + ]: 289980 : m_header_to_send.clear();
854 : 289980 : VectorWriter{m_header_to_send, 0, hdr};
855 : :
856 : : // update state
857 : 289980 : m_message_to_send = std::move(msg);
858 : 289980 : m_sending_header = true;
859 : 289980 : m_bytes_sent = 0;
860 : 289980 : return true;
861 : 395804 : }
862 : :
863 : 1997987 : Transport::BytesToSend V1Transport::GetBytesToSend(bool have_next_message) const noexcept
864 : : {
865 : 1997987 : AssertLockNotHeld(m_send_mutex);
866 : 1997987 : LOCK(m_send_mutex);
867 [ + + ]: 1997987 : if (m_sending_header) {
868 [ - + + + ]: 709986 : return {std::span{m_header_to_send}.subspan(m_bytes_sent),
869 : : // We have more to send after the header if the message has payload, or if there
870 : : // is a next message after that.
871 [ + + + + ]: 709986 : have_next_message || !m_message_to_send.data.empty(),
872 : 709986 : m_message_to_send.m_type
873 : 709986 : };
874 : : } else {
875 [ - + ]: 1288001 : return {std::span{m_message_to_send.data}.subspan(m_bytes_sent),
876 : : // We only have more to send after this message's payload if there is another
877 : : // message.
878 : : have_next_message,
879 : 1288001 : m_message_to_send.m_type
880 : 1288001 : };
881 : : }
882 : 1997987 : }
883 : :
884 : 555575 : void V1Transport::MarkBytesSent(size_t bytes_sent) noexcept
885 : : {
886 : 555575 : AssertLockNotHeld(m_send_mutex);
887 : 555575 : LOCK(m_send_mutex);
888 : 555575 : m_bytes_sent += bytes_sent;
889 [ + + - + : 555575 : if (m_sending_header && m_bytes_sent == m_header_to_send.size()) {
+ + ]
890 : : // We're done sending a message's header. Switch to sending its data bytes.
891 : 288763 : m_sending_header = false;
892 : 288763 : m_bytes_sent = 0;
893 [ + + - + : 266812 : } else if (!m_sending_header && m_bytes_sent == m_message_to_send.data.size()) {
+ + ]
894 : : // We're done sending a message's data. Wipe the data vector to reduce memory consumption.
895 : 184109 : ClearShrink(m_message_to_send.data);
896 : 184109 : m_bytes_sent = 0;
897 : : }
898 : 555575 : }
899 : :
900 : 163837 : size_t V1Transport::GetSendMemoryUsage() const noexcept
901 : : {
902 : 163837 : AssertLockNotHeld(m_send_mutex);
903 : 163837 : LOCK(m_send_mutex);
904 : : // Don't count sending-side fields besides m_message_to_send, as they're all small and bounded.
905 [ + - ]: 163837 : return m_message_to_send.GetMemoryUsage();
906 : 163837 : }
907 : :
908 : : namespace {
909 : :
910 : : /** List of short messages as defined in BIP324, in order.
911 : : *
912 : : * Only message types that are actually implemented in this codebase need to be listed, as other
913 : : * messages get ignored anyway - whether we know how to decode them or not.
914 : : */
915 : : const std::array<std::string, 33> V2_MESSAGE_IDS = {
916 : : "", // 12 bytes follow encoding the message type like in V1
917 : : NetMsgType::ADDR,
918 : : NetMsgType::BLOCK,
919 : : NetMsgType::BLOCKTXN,
920 : : NetMsgType::CMPCTBLOCK,
921 : : NetMsgType::FEEFILTER,
922 : : NetMsgType::FILTERADD,
923 : : NetMsgType::FILTERCLEAR,
924 : : NetMsgType::FILTERLOAD,
925 : : NetMsgType::GETBLOCKS,
926 : : NetMsgType::GETBLOCKTXN,
927 : : NetMsgType::GETDATA,
928 : : NetMsgType::GETHEADERS,
929 : : NetMsgType::HEADERS,
930 : : NetMsgType::INV,
931 : : NetMsgType::MEMPOOL,
932 : : NetMsgType::MERKLEBLOCK,
933 : : NetMsgType::NOTFOUND,
934 : : NetMsgType::PING,
935 : : NetMsgType::PONG,
936 : : NetMsgType::SENDCMPCT,
937 : : NetMsgType::TX,
938 : : NetMsgType::GETCFILTERS,
939 : : NetMsgType::CFILTER,
940 : : NetMsgType::GETCFHEADERS,
941 : : NetMsgType::CFHEADERS,
942 : : NetMsgType::GETCFCHECKPT,
943 : : NetMsgType::CFCHECKPT,
944 : : NetMsgType::ADDRV2,
945 : : // Unimplemented message types that are assigned in BIP324:
946 : : "",
947 : : "",
948 : : "",
949 : : ""
950 : : };
951 : :
952 : : class V2MessageMap
953 : : {
954 : : std::unordered_map<std::string, uint8_t> m_map;
955 : :
956 : : public:
957 : 229 : V2MessageMap() noexcept
958 : 229 : {
959 [ + + ]: 7557 : for (size_t i = 1; i < std::size(V2_MESSAGE_IDS); ++i) {
960 : 7328 : m_map.emplace(V2_MESSAGE_IDS[i], i);
961 : : }
962 : 229 : }
963 : :
964 : 33791 : std::optional<uint8_t> operator()(const std::string& message_name) const noexcept
965 : : {
966 : 33791 : auto it = m_map.find(message_name);
967 [ + + ]: 33791 : if (it == m_map.end()) return std::nullopt;
968 : 26348 : return it->second;
969 : : }
970 : : };
971 : :
972 : : const V2MessageMap V2_MESSAGE_MAP;
973 : :
974 : 4 : std::vector<uint8_t> GenerateRandomGarbage() noexcept
975 : : {
976 : 4 : std::vector<uint8_t> ret;
977 : 4 : FastRandomContext rng;
978 : 4 : ret.resize(rng.randrange(V2Transport::MAX_GARBAGE_LEN + 1));
979 : 4 : rng.fillrand(MakeWritableByteSpan(ret));
980 : 4 : return ret;
981 : 4 : }
982 : :
983 : : } // namespace
984 : :
985 : 2660 : void V2Transport::StartSendingHandshake() noexcept
986 : : {
987 : 2660 : AssertLockHeld(m_send_mutex);
988 : 2660 : Assume(m_send_state == SendState::AWAITING_KEY);
989 : 2660 : Assume(m_send_buffer.empty());
990 : : // Initialize the send buffer with ellswift pubkey + provided garbage.
991 [ - + ]: 2660 : m_send_buffer.resize(EllSwiftPubKey::size() + m_send_garbage.size());
992 : 2660 : std::copy(std::begin(m_cipher.GetOurPubKey()), std::end(m_cipher.GetOurPubKey()), MakeWritableByteSpan(m_send_buffer).begin());
993 : 2660 : std::copy(m_send_garbage.begin(), m_send_garbage.end(), m_send_buffer.begin() + EllSwiftPubKey::size());
994 : : // We cannot wipe m_send_garbage as it will still be used as AAD later in the handshake.
995 : 2660 : }
996 : :
997 : 3470 : V2Transport::V2Transport(NodeId nodeid, bool initiating, const CKey& key, std::span<const std::byte> ent32, std::vector<uint8_t> garbage) noexcept
998 : 3470 : : m_cipher{key, ent32}, m_initiating{initiating}, m_nodeid{nodeid},
999 : 3470 : m_v1_fallback{nodeid},
1000 [ + + ]: 3470 : m_recv_state{initiating ? RecvState::KEY : RecvState::KEY_MAYBE_V1},
1001 [ - + ]: 3470 : m_send_garbage{std::move(garbage)},
1002 [ + + - + ]: 8969 : m_send_state{initiating ? SendState::AWAITING_KEY : SendState::MAYBE_V1}
1003 : : {
1004 [ - + ]: 3470 : Assume(m_send_garbage.size() <= MAX_GARBAGE_LEN);
1005 : : // Start sending immediately if we're the initiator of the connection.
1006 [ + + ]: 3470 : if (initiating) {
1007 : 1441 : LOCK(m_send_mutex);
1008 [ + - ]: 1441 : StartSendingHandshake();
1009 : 1441 : }
1010 : 3470 : }
1011 : :
1012 : 4 : V2Transport::V2Transport(NodeId nodeid, bool initiating) noexcept
1013 : 8 : : V2Transport{nodeid, initiating, GenerateRandomKey(),
1014 : 8 : MakeByteSpan(GetRandHash()), GenerateRandomGarbage()} {}
1015 : :
1016 : 76681 : void V2Transport::SetReceiveState(RecvState recv_state) noexcept
1017 : : {
1018 : 76681 : AssertLockHeld(m_recv_mutex);
1019 : : // Enforce allowed state transitions.
1020 [ + + + + : 76681 : switch (m_recv_state) {
+ + - - ]
1021 : 1785 : case RecvState::KEY_MAYBE_V1:
1022 : 1785 : Assume(recv_state == RecvState::KEY || recv_state == RecvState::V1);
1023 : 1785 : break;
1024 : 2438 : case RecvState::KEY:
1025 : 2438 : Assume(recv_state == RecvState::GARB_GARBTERM);
1026 : 2438 : break;
1027 : 2438 : case RecvState::GARB_GARBTERM:
1028 : 2438 : Assume(recv_state == RecvState::VERSION);
1029 : 2438 : break;
1030 : 2438 : case RecvState::VERSION:
1031 : 2438 : Assume(recv_state == RecvState::APP);
1032 : 2438 : break;
1033 : 33791 : case RecvState::APP:
1034 : 33791 : Assume(recv_state == RecvState::APP_READY);
1035 : 33791 : break;
1036 : 33791 : case RecvState::APP_READY:
1037 : 33791 : Assume(recv_state == RecvState::APP);
1038 : 33791 : break;
1039 : 0 : case RecvState::V1:
1040 : 0 : Assume(false); // V1 state cannot be left
1041 : 0 : break;
1042 : : }
1043 : : // Change state.
1044 : 76681 : m_recv_state = recv_state;
1045 : 76681 : }
1046 : :
1047 : 4223 : void V2Transport::SetSendState(SendState send_state) noexcept
1048 : : {
1049 : 4223 : AssertLockHeld(m_send_mutex);
1050 : : // Enforce allowed state transitions.
1051 [ + + - - ]: 4223 : switch (m_send_state) {
1052 : 1785 : case SendState::MAYBE_V1:
1053 : 1785 : Assume(send_state == SendState::V1 || send_state == SendState::AWAITING_KEY);
1054 : 1785 : break;
1055 : 2438 : case SendState::AWAITING_KEY:
1056 : 2438 : Assume(send_state == SendState::READY);
1057 : 2438 : break;
1058 : 0 : case SendState::READY:
1059 : 0 : case SendState::V1:
1060 : 0 : Assume(false); // Final states
1061 : 0 : break;
1062 : : }
1063 : : // Change state.
1064 : 4223 : m_send_state = send_state;
1065 : 4223 : }
1066 : :
1067 : 100825 : bool V2Transport::ReceivedMessageComplete() const noexcept
1068 : : {
1069 : 100825 : AssertLockNotHeld(m_recv_mutex);
1070 : 100825 : LOCK(m_recv_mutex);
1071 [ + + ]: 100825 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedMessageComplete();
1072 : :
1073 : 74686 : return m_recv_state == RecvState::APP_READY;
1074 : 100825 : }
1075 : :
1076 : 2076 : void V2Transport::ProcessReceivedMaybeV1Bytes() noexcept
1077 : : {
1078 : 2076 : AssertLockHeld(m_recv_mutex);
1079 : 2076 : AssertLockNotHeld(m_send_mutex);
1080 : 2076 : Assume(m_recv_state == RecvState::KEY_MAYBE_V1);
1081 : : // We still have to determine if this is a v1 or v2 connection. The bytes being received could
1082 : : // be the beginning of either a v1 packet (network magic + "version\x00\x00\x00\x00\x00"), or
1083 : : // of a v2 public key. BIP324 specifies that a mismatch with this 16-byte string should trigger
1084 : : // sending of the key.
1085 : 2076 : std::array<uint8_t, V1_PREFIX_LEN> v1_prefix = {0, 0, 0, 0, 'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1086 : 2076 : std::copy(std::begin(Params().MessageStart()), std::end(Params().MessageStart()), v1_prefix.begin());
1087 [ - + ]: 2076 : Assume(m_recv_buffer.size() <= v1_prefix.size());
1088 [ + + ]: 2076 : if (!std::equal(m_recv_buffer.begin(), m_recv_buffer.end(), v1_prefix.begin())) {
1089 : : // Mismatch with v1 prefix, so we can assume a v2 connection.
1090 : 1219 : SetReceiveState(RecvState::KEY); // Convert to KEY state, leaving received bytes around.
1091 : : // Transition the sender to AWAITING_KEY state and start sending.
1092 : 1219 : LOCK(m_send_mutex);
1093 : 1219 : SetSendState(SendState::AWAITING_KEY);
1094 [ + - ]: 1219 : StartSendingHandshake();
1095 [ - + + + ]: 2076 : } else if (m_recv_buffer.size() == v1_prefix.size()) {
1096 : : // Full match with the v1 prefix, so fall back to v1 behavior.
1097 : 566 : LOCK(m_send_mutex);
1098 [ - + ]: 566 : std::span<const uint8_t> feedback{m_recv_buffer};
1099 : : // Feed already received bytes to v1 transport. It should always accept these, because it's
1100 : : // less than the size of a v1 header, and these are the first bytes fed to m_v1_fallback.
1101 : 566 : bool ret = m_v1_fallback.ReceivedBytes(feedback);
1102 : 566 : Assume(feedback.empty());
1103 : 566 : Assume(ret);
1104 : 566 : SetReceiveState(RecvState::V1);
1105 : 566 : SetSendState(SendState::V1);
1106 : : // Reset v2 transport buffers to save memory.
1107 : 566 : ClearShrink(m_recv_buffer);
1108 [ + - ]: 566 : ClearShrink(m_send_buffer);
1109 : 566 : } else {
1110 : : // We have not received enough to distinguish v1 from v2 yet. Wait until more bytes come.
1111 : : }
1112 : 2076 : }
1113 : :
1114 : 3432 : bool V2Transport::ProcessReceivedKeyBytes() noexcept
1115 : : {
1116 : 3432 : AssertLockHeld(m_recv_mutex);
1117 : 3432 : AssertLockNotHeld(m_send_mutex);
1118 : 3432 : Assume(m_recv_state == RecvState::KEY);
1119 [ - + ]: 3432 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1120 : :
1121 : : // As a special exception, if bytes 4-16 of the key on a responder connection match the
1122 : : // corresponding bytes of a V1 version message, but bytes 0-4 don't match the network magic
1123 : : // (if they did, we'd have switched to V1 state already), assume this is a peer from
1124 : : // another network, and disconnect them. They will almost certainly disconnect us too when
1125 : : // they receive our uniformly random key and garbage, but detecting this case specially
1126 : : // means we can log it.
1127 : 3432 : static constexpr std::array<uint8_t, 12> MATCH = {'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1128 : 3432 : static constexpr size_t OFFSET = std::tuple_size_v<MessageStartChars>;
1129 [ + + - + : 3432 : if (!m_initiating && m_recv_buffer.size() >= OFFSET + MATCH.size()) {
+ + ]
1130 [ - + ]: 1716 : if (std::equal(MATCH.begin(), MATCH.end(), m_recv_buffer.begin() + OFFSET)) {
1131 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: V1 peer with wrong MessageStart %s\n",
1132 : : HexStr(std::span(m_recv_buffer).first(OFFSET)));
1133 : 0 : return false;
1134 : : }
1135 : : }
1136 : :
1137 [ - + + + ]: 3432 : if (m_recv_buffer.size() == EllSwiftPubKey::size()) {
1138 : : // Other side's key has been fully received, and can now be Diffie-Hellman combined with
1139 : : // our key to initialize the encryption ciphers.
1140 : :
1141 : : // Initialize the ciphers.
1142 : 2438 : EllSwiftPubKey ellswift(MakeByteSpan(m_recv_buffer));
1143 : 2438 : LOCK(m_send_mutex);
1144 : 2438 : m_cipher.Initialize(ellswift, m_initiating);
1145 : :
1146 : : // Switch receiver state to GARB_GARBTERM.
1147 : 2438 : SetReceiveState(RecvState::GARB_GARBTERM);
1148 [ + - ]: 2438 : m_recv_buffer.clear();
1149 : :
1150 : : // Switch sender state to READY.
1151 : 2438 : SetSendState(SendState::READY);
1152 : :
1153 : : // Append the garbage terminator to the send buffer.
1154 [ - + ]: 2438 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1155 : 2438 : std::copy(m_cipher.GetSendGarbageTerminator().begin(),
1156 : 2438 : m_cipher.GetSendGarbageTerminator().end(),
1157 : 2438 : MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN).begin());
1158 : :
1159 : : // Construct version packet in the send buffer, with the sent garbage data as AAD.
1160 [ - + ]: 2438 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::EXPANSION + VERSION_CONTENTS.size());
1161 : 2438 : m_cipher.Encrypt(
1162 : : /*contents=*/VERSION_CONTENTS,
1163 : 2438 : /*aad=*/MakeByteSpan(m_send_garbage),
1164 : : /*ignore=*/false,
1165 : 2438 : /*output=*/MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::EXPANSION + VERSION_CONTENTS.size()));
1166 : : // We no longer need the garbage.
1167 [ + - ]: 2438 : ClearShrink(m_send_garbage);
1168 : 2438 : } else {
1169 : : // We still have to receive more key bytes.
1170 : : }
1171 : : return true;
1172 : : }
1173 : :
1174 : 4288177 : bool V2Transport::ProcessReceivedGarbageBytes() noexcept
1175 : : {
1176 : 4288177 : AssertLockHeld(m_recv_mutex);
1177 : 4288177 : Assume(m_recv_state == RecvState::GARB_GARBTERM);
1178 [ - + ]: 4288177 : Assume(m_recv_buffer.size() <= MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1179 [ - + + + ]: 4288177 : if (m_recv_buffer.size() >= BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1180 [ + + ]: 4251607 : if (std::ranges::equal(MakeByteSpan(m_recv_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN), m_cipher.GetReceiveGarbageTerminator())) {
1181 : : // Garbage terminator received. Store garbage to authenticate it as AAD later.
1182 : 2438 : m_recv_aad = std::move(m_recv_buffer);
1183 [ - + ]: 2438 : m_recv_aad.resize(m_recv_aad.size() - BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1184 [ - + ]: 2438 : m_recv_buffer.clear();
1185 : 2438 : SetReceiveState(RecvState::VERSION);
1186 [ - + ]: 4249169 : } else if (m_recv_buffer.size() == MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1187 : : // We've reached the maximum length for garbage + garbage terminator, and the
1188 : : // terminator still does not match. Abort.
1189 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: missing garbage terminator, peer=%d\n", m_nodeid);
1190 : 0 : return false;
1191 : : } else {
1192 : : // We still need to receive more garbage and/or garbage terminator bytes.
1193 : : }
1194 : : } else {
1195 : : // We have less than GARBAGE_TERMINATOR_LEN (16) bytes, so we certainly need to receive
1196 : : // more first.
1197 : : }
1198 : : return true;
1199 : : }
1200 : :
1201 : 102384 : bool V2Transport::ProcessReceivedPacketBytes() noexcept
1202 : : {
1203 : 102384 : AssertLockHeld(m_recv_mutex);
1204 : 102384 : Assume(m_recv_state == RecvState::VERSION || m_recv_state == RecvState::APP);
1205 : :
1206 : : // The maximum permitted contents length for a packet, consisting of:
1207 : : // - 0x00 byte: indicating long message type encoding
1208 : : // - 12 bytes of message type
1209 : : // - payload
1210 : 102384 : static constexpr size_t MAX_CONTENTS_LEN =
1211 : : 1 + CMessageHeader::MESSAGE_TYPE_SIZE +
1212 : : std::min<size_t>(MAX_SIZE, MAX_PROTOCOL_MESSAGE_LENGTH);
1213 : :
1214 [ - + + + ]: 102384 : if (m_recv_buffer.size() == BIP324Cipher::LENGTH_LEN) {
1215 : : // Length descriptor received.
1216 : 36229 : m_recv_len = m_cipher.DecryptLength(MakeByteSpan(m_recv_buffer));
1217 [ - + ]: 36229 : if (m_recv_len > MAX_CONTENTS_LEN) {
1218 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet too large (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1219 : 0 : return false;
1220 : : }
1221 [ + + + + ]: 66155 : } else if (m_recv_buffer.size() > BIP324Cipher::LENGTH_LEN && m_recv_buffer.size() == m_recv_len + BIP324Cipher::EXPANSION) {
1222 : : // Ciphertext received, decrypt it into m_recv_decode_buffer.
1223 : : // Note that it is impossible to reach this branch without hitting the branch above first,
1224 : : // as GetMaxBytesToProcess only allows up to LENGTH_LEN into the buffer before that point.
1225 : 36229 : m_recv_decode_buffer.resize(m_recv_len);
1226 : 36229 : bool ignore{false};
1227 : 72458 : bool ret = m_cipher.Decrypt(
1228 : 36229 : /*input=*/MakeByteSpan(m_recv_buffer).subspan(BIP324Cipher::LENGTH_LEN),
1229 : 36229 : /*aad=*/MakeByteSpan(m_recv_aad),
1230 : : /*ignore=*/ignore,
1231 : : /*contents=*/MakeWritableByteSpan(m_recv_decode_buffer));
1232 [ - + ]: 36229 : if (!ret) {
1233 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet decryption failure (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1234 : 0 : return false;
1235 : : }
1236 : : // We have decrypted a valid packet with the AAD we expected, so clear the expected AAD.
1237 : 36229 : ClearShrink(m_recv_aad);
1238 : : // Feed the last 4 bytes of the Poly1305 authentication tag (and its timing) into our RNG.
1239 [ - + ]: 36229 : RandAddEvent(ReadLE32(m_recv_buffer.data() + m_recv_buffer.size() - 4));
1240 : :
1241 : : // At this point we have a valid packet decrypted into m_recv_decode_buffer. If it's not a
1242 : : // decoy, which we simply ignore, use the current state to decide what to do with it.
1243 [ + - ]: 36229 : if (!ignore) {
1244 [ + + - ]: 36229 : switch (m_recv_state) {
1245 : 2438 : case RecvState::VERSION:
1246 : : // Version message received; transition to application phase. The contents is
1247 : : // ignored, but can be used for future extensions.
1248 : 2438 : SetReceiveState(RecvState::APP);
1249 : 2438 : break;
1250 : 33791 : case RecvState::APP:
1251 : : // Application message decrypted correctly. It can be extracted using GetMessage().
1252 : 33791 : SetReceiveState(RecvState::APP_READY);
1253 : 33791 : break;
1254 : 0 : default:
1255 : : // Any other state is invalid (this function should not have been called).
1256 : 0 : Assume(false);
1257 : : }
1258 : : }
1259 : : // Wipe the receive buffer where the next packet will be received into.
1260 : 36229 : ClearShrink(m_recv_buffer);
1261 : : // In all but APP_READY state, we can wipe the decoded contents.
1262 [ + + ]: 36229 : if (m_recv_state != RecvState::APP_READY) ClearShrink(m_recv_decode_buffer);
1263 : : } else {
1264 : : // We either have less than 3 bytes, so we don't know the packet's length yet, or more
1265 : : // than 3 bytes but less than the packet's full ciphertext. Wait until those arrive.
1266 : : }
1267 : : return true;
1268 : : }
1269 : :
1270 : 4428314 : size_t V2Transport::GetMaxBytesToProcess() noexcept
1271 : : {
1272 : 4428314 : AssertLockHeld(m_recv_mutex);
1273 [ + + + + : 4428314 : switch (m_recv_state) {
- - + ]
1274 : 2076 : case RecvState::KEY_MAYBE_V1:
1275 : : // During the KEY_MAYBE_V1 state we do not allow more than the length of v1 prefix into the
1276 : : // receive buffer.
1277 [ - + ]: 2076 : Assume(m_recv_buffer.size() <= V1_PREFIX_LEN);
1278 : : // As long as we're not sure if this is a v1 or v2 connection, don't receive more than what
1279 : : // is strictly necessary to distinguish the two (16 bytes). If we permitted more than
1280 : : // the v1 header size (24 bytes), we may not be able to feed the already-received bytes
1281 : : // back into the m_v1_fallback V1 transport.
1282 [ - + ]: 2076 : return V1_PREFIX_LEN - m_recv_buffer.size();
1283 : 3432 : case RecvState::KEY:
1284 : : // During the KEY state, we only allow the 64-byte key into the receive buffer.
1285 [ - + ]: 3432 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1286 : : // As long as we have not received the other side's public key, don't receive more than
1287 : : // that (64 bytes), as garbage follows, and locating the garbage terminator requires the
1288 : : // key exchange first.
1289 [ - + ]: 3432 : return EllSwiftPubKey::size() - m_recv_buffer.size();
1290 : : case RecvState::GARB_GARBTERM:
1291 : : // Process garbage bytes one by one (because terminator may appear anywhere).
1292 : : return 1;
1293 : 102384 : case RecvState::VERSION:
1294 : 102384 : case RecvState::APP:
1295 : : // These three states all involve decoding a packet. Process the length descriptor first,
1296 : : // so that we know where the current packet ends (and we don't process bytes from the next
1297 : : // packet or decoy yet). Then, process the ciphertext bytes of the current packet.
1298 [ - + + + ]: 102384 : if (m_recv_buffer.size() < BIP324Cipher::LENGTH_LEN) {
1299 : 37249 : return BIP324Cipher::LENGTH_LEN - m_recv_buffer.size();
1300 : : } else {
1301 : : // Note that BIP324Cipher::EXPANSION is the total difference between contents size
1302 : : // and encoded packet size, which includes the 3 bytes due to the packet length.
1303 : : // When transitioning from receiving the packet length to receiving its ciphertext,
1304 : : // the encrypted packet length is left in the receive buffer.
1305 : 65135 : return BIP324Cipher::EXPANSION + m_recv_len - m_recv_buffer.size();
1306 : : }
1307 : 32245 : case RecvState::APP_READY:
1308 : : // No bytes can be processed until GetMessage() is called.
1309 : 32245 : return 0;
1310 : 0 : case RecvState::V1:
1311 : : // Not allowed (must be dealt with by the caller).
1312 : 0 : Assume(false);
1313 : 0 : return 0;
1314 : : }
1315 : 0 : Assume(false); // unreachable
1316 : 0 : return 0;
1317 : : }
1318 : :
1319 : 100825 : bool V2Transport::ReceivedBytes(std::span<const uint8_t>& msg_bytes) noexcept
1320 : : {
1321 : 100825 : AssertLockNotHeld(m_recv_mutex);
1322 : : /** How many bytes to allocate in the receive buffer at most above what is received so far. */
1323 : 100825 : static constexpr size_t MAX_RESERVE_AHEAD = 256 * 1024;
1324 : :
1325 : 100825 : LOCK(m_recv_mutex);
1326 [ + + ]: 100825 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedBytes(msg_bytes);
1327 : :
1328 : : // Process the provided bytes in msg_bytes in a loop. In each iteration a nonzero number of
1329 : : // bytes (decided by GetMaxBytesToProcess) are taken from the beginning om msg_bytes, and
1330 : : // appended to m_recv_buffer. Then, depending on the receiver state, one of the
1331 : : // ProcessReceived*Bytes functions is called to process the bytes in that buffer.
1332 [ + + ]: 4470755 : while (!msg_bytes.empty()) {
1333 : : // Decide how many bytes to copy from msg_bytes to m_recv_buffer.
1334 : 4428314 : size_t max_read = GetMaxBytesToProcess();
1335 : :
1336 : : // Reserve space in the buffer if there is not enough.
1337 [ - + + + : 4470783 : if (m_recv_buffer.size() + std::min(msg_bytes.size(), max_read) > m_recv_buffer.capacity()) {
- + + + ]
1338 [ + + - - : 75462 : switch (m_recv_state) {
- ]
1339 : 3004 : case RecvState::KEY_MAYBE_V1:
1340 : 3004 : case RecvState::KEY:
1341 : 3004 : case RecvState::GARB_GARBTERM:
1342 : : // During the initial states (key/garbage), allocate once to fit the maximum (4111
1343 : : // bytes).
1344 : 3004 : m_recv_buffer.reserve(MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1345 : 3004 : break;
1346 : 72458 : case RecvState::VERSION:
1347 : 72458 : case RecvState::APP: {
1348 : : // During states where a packet is being received, as much as is expected but never
1349 : : // more than MAX_RESERVE_AHEAD bytes in addition to what is received so far.
1350 : : // This means attackers that want to cause us to waste allocated memory are limited
1351 : : // to MAX_RESERVE_AHEAD above the largest allowed message contents size, and to
1352 : : // MAX_RESERVE_AHEAD more than they've actually sent us.
1353 [ + - ]: 72458 : size_t alloc_add = std::min(max_read, msg_bytes.size() + MAX_RESERVE_AHEAD);
1354 : 72458 : m_recv_buffer.reserve(m_recv_buffer.size() + alloc_add);
1355 : 72458 : break;
1356 : : }
1357 : 0 : case RecvState::APP_READY:
1358 : : // The buffer is empty in this state.
1359 : 0 : Assume(m_recv_buffer.empty());
1360 : 0 : break;
1361 : 0 : case RecvState::V1:
1362 : : // Should have bailed out above.
1363 : 0 : Assume(false);
1364 : 0 : break;
1365 : : }
1366 : : }
1367 : :
1368 : : // Can't read more than provided input.
1369 [ + + ]: 4428314 : max_read = std::min(msg_bytes.size(), max_read);
1370 : : // Copy data to buffer.
1371 : 4428314 : m_recv_buffer.insert(m_recv_buffer.end(), UCharCast(msg_bytes.data()), UCharCast(msg_bytes.data() + max_read));
1372 [ + + + + : 4428314 : msg_bytes = msg_bytes.subspan(max_read);
- - + ]
1373 : :
1374 : : // Process data in the buffer.
1375 [ + + + + : 4428314 : switch (m_recv_state) {
- - + ]
1376 : 2076 : case RecvState::KEY_MAYBE_V1:
1377 : 2076 : ProcessReceivedMaybeV1Bytes();
1378 [ + + ]: 2076 : if (m_recv_state == RecvState::V1) return true;
1379 : : break;
1380 : :
1381 : 3432 : case RecvState::KEY:
1382 [ + - ]: 3432 : if (!ProcessReceivedKeyBytes()) return false;
1383 : : break;
1384 : :
1385 : 4288177 : case RecvState::GARB_GARBTERM:
1386 [ + - ]: 4288177 : if (!ProcessReceivedGarbageBytes()) return false;
1387 : : break;
1388 : :
1389 : 102384 : case RecvState::VERSION:
1390 : 102384 : case RecvState::APP:
1391 [ + - ]: 102384 : if (!ProcessReceivedPacketBytes()) return false;
1392 : : break;
1393 : :
1394 : : case RecvState::APP_READY:
1395 : : return true;
1396 : :
1397 : 0 : case RecvState::V1:
1398 : : // We should have bailed out before.
1399 : 0 : Assume(false);
1400 : 0 : break;
1401 : : }
1402 : : // Make sure we have made progress before continuing.
1403 : 4395503 : Assume(max_read > 0);
1404 : : }
1405 : :
1406 : : return true;
1407 : 100825 : }
1408 : :
1409 : 33791 : std::optional<std::string> V2Transport::GetMessageType(std::span<const uint8_t>& contents) noexcept
1410 : : {
1411 [ - + ]: 33791 : if (contents.size() == 0) return std::nullopt; // Empty contents
1412 [ + + ]: 33791 : uint8_t first_byte = contents[0];
1413 [ + + ]: 33791 : contents = contents.subspan(1); // Strip first byte.
1414 : :
1415 [ + + ]: 33791 : if (first_byte != 0) {
1416 : : // Short (1 byte) encoding.
1417 [ + - ]: 26348 : if (first_byte < std::size(V2_MESSAGE_IDS)) {
1418 : : // Valid short message id.
1419 [ - + ]: 52696 : return V2_MESSAGE_IDS[first_byte];
1420 : : } else {
1421 : : // Unknown short message id.
1422 : 0 : return std::nullopt;
1423 : : }
1424 : : }
1425 : :
1426 [ - + ]: 7443 : if (contents.size() < CMessageHeader::MESSAGE_TYPE_SIZE) {
1427 : 0 : return std::nullopt; // Long encoding needs 12 message type bytes.
1428 : : }
1429 : :
1430 : : size_t msg_type_len{0};
1431 [ + + + + ]: 55932 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE && contents[msg_type_len] != 0) {
1432 : : // Verify that message type bytes before the first 0x00 are in range.
1433 [ - + + - ]: 48489 : if (contents[msg_type_len] < ' ' || contents[msg_type_len] > 0x7F) {
1434 : 0 : return {};
1435 : : }
1436 : 48489 : ++msg_type_len;
1437 : : }
1438 : 7443 : std::string ret{reinterpret_cast<const char*>(contents.data()), msg_type_len};
1439 [ + + ]: 48270 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE) {
1440 : : // Verify that message type bytes after the first 0x00 are also 0x00.
1441 [ - + ]: 40827 : if (contents[msg_type_len] != 0) return {};
1442 : 40827 : ++msg_type_len;
1443 : : }
1444 : : // Strip message type bytes of contents.
1445 : 7443 : contents = contents.subspan(CMessageHeader::MESSAGE_TYPE_SIZE);
1446 : 7443 : return ret;
1447 : 7443 : }
1448 : :
1449 : 45800 : CNetMessage V2Transport::GetReceivedMessage(std::chrono::microseconds time, bool& reject_message) noexcept
1450 : : {
1451 : 45800 : AssertLockNotHeld(m_recv_mutex);
1452 : 45800 : LOCK(m_recv_mutex);
1453 [ + + ]: 45800 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetReceivedMessage(time, reject_message);
1454 : :
1455 : 33791 : Assume(m_recv_state == RecvState::APP_READY);
1456 [ - + ]: 33791 : std::span<const uint8_t> contents{m_recv_decode_buffer};
1457 : 33791 : auto msg_type = GetMessageType(contents);
1458 : 33791 : CNetMessage msg{DataStream{}};
1459 : : // Note that BIP324Cipher::EXPANSION also includes the length descriptor size.
1460 [ - + ]: 33791 : msg.m_raw_message_size = m_recv_decode_buffer.size() + BIP324Cipher::EXPANSION;
1461 [ + - ]: 33791 : if (msg_type) {
1462 : 33791 : reject_message = false;
1463 : 33791 : msg.m_type = std::move(*msg_type);
1464 : 33791 : msg.m_time = time;
1465 : 33791 : msg.m_message_size = contents.size();
1466 : 33791 : msg.m_recv.resize(contents.size());
1467 : 33791 : std::copy(contents.begin(), contents.end(), UCharCast(msg.m_recv.data()));
1468 : : } else {
1469 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: invalid message type (%u bytes contents), peer=%d\n", m_recv_decode_buffer.size(), m_nodeid);
1470 : 0 : reject_message = true;
1471 : : }
1472 : 33791 : ClearShrink(m_recv_decode_buffer);
1473 : 33791 : SetReceiveState(RecvState::APP);
1474 : :
1475 : 33791 : return msg;
1476 : 33791 : }
1477 : :
1478 : 172029 : bool V2Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
1479 : : {
1480 : 172029 : AssertLockNotHeld(m_send_mutex);
1481 : 172029 : LOCK(m_send_mutex);
1482 [ + + ]: 172029 : if (m_send_state == SendState::V1) return m_v1_fallback.SetMessageToSend(msg);
1483 : : // We only allow adding a new message to be sent when in the READY state (so the packet cipher
1484 : : // is available) and the send buffer is empty. This limits the number of messages in the send
1485 : : // buffer to just one, and leaves the responsibility for queueing them up to the caller.
1486 [ + + + + ]: 162100 : if (!(m_send_state == SendState::READY && m_send_buffer.empty())) return false;
1487 : : // Construct contents (encoding message type + payload).
1488 : 33791 : std::vector<uint8_t> contents;
1489 : 33791 : auto short_message_id = V2_MESSAGE_MAP(msg.m_type);
1490 [ + + ]: 33791 : if (short_message_id) {
1491 [ - + ]: 26348 : contents.resize(1 + msg.data.size());
1492 : 26348 : contents[0] = *short_message_id;
1493 : 26348 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1);
1494 : : } else {
1495 : : // Initialize with zeroes, and then write the message type string starting at offset 1.
1496 : : // This means contents[0] and the unused positions in contents[1..13] remain 0x00.
1497 [ - + ]: 7443 : contents.resize(1 + CMessageHeader::MESSAGE_TYPE_SIZE + msg.data.size(), 0);
1498 [ - + ]: 7443 : std::copy(msg.m_type.begin(), msg.m_type.end(), contents.data() + 1);
1499 : 7443 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1 + CMessageHeader::MESSAGE_TYPE_SIZE);
1500 : : }
1501 : : // Construct ciphertext in send buffer.
1502 [ - + ]: 33791 : m_send_buffer.resize(contents.size() + BIP324Cipher::EXPANSION);
1503 : 33791 : m_cipher.Encrypt(MakeByteSpan(contents), {}, false, MakeWritableByteSpan(m_send_buffer));
1504 : 33791 : m_send_type = msg.m_type;
1505 : : // Release memory
1506 : 33791 : ClearShrink(msg.data);
1507 : 33791 : return true;
1508 : 33791 : }
1509 : :
1510 : 1333458 : Transport::BytesToSend V2Transport::GetBytesToSend(bool have_next_message) const noexcept
1511 : : {
1512 : 1333458 : AssertLockNotHeld(m_send_mutex);
1513 : 1333458 : LOCK(m_send_mutex);
1514 [ + + ]: 1333458 : if (m_send_state == SendState::V1) return m_v1_fallback.GetBytesToSend(have_next_message);
1515 : :
1516 [ + + ]: 1156032 : if (m_send_state == SendState::MAYBE_V1) Assume(m_send_buffer.empty());
1517 [ - + ]: 1156032 : Assume(m_send_pos <= m_send_buffer.size());
1518 : 1156032 : return {
1519 [ - + + + ]: 1156032 : std::span{m_send_buffer}.subspan(m_send_pos),
1520 : : // We only have more to send after the current m_send_buffer if there is a (next)
1521 : : // message to be sent, and we're capable of sending packets. */
1522 [ + + + + ]: 1156032 : have_next_message && m_send_state == SendState::READY,
1523 : 1156032 : m_send_type
1524 : 1156032 : };
1525 : 1333458 : }
1526 : :
1527 : 151264 : void V2Transport::MarkBytesSent(size_t bytes_sent) noexcept
1528 : : {
1529 : 151264 : AssertLockNotHeld(m_send_mutex);
1530 : 151264 : LOCK(m_send_mutex);
1531 [ + + + - ]: 151264 : if (m_send_state == SendState::V1) return m_v1_fallback.MarkBytesSent(bytes_sent);
1532 : :
1533 [ + + + + : 132487 : if (m_send_state == SendState::AWAITING_KEY && m_send_pos == 0 && bytes_sent > 0) {
+ - ]
1534 [ - + ]: 1337 : LogDebug(BCLog::NET, "start sending v2 handshake to peer=%d\n", m_nodeid);
1535 : : }
1536 : :
1537 : 132487 : m_send_pos += bytes_sent;
1538 [ - + ]: 132487 : Assume(m_send_pos <= m_send_buffer.size());
1539 [ + + ]: 132487 : if (m_send_pos >= CMessageHeader::HEADER_SIZE) {
1540 : 90689 : m_sent_v1_header_worth = true;
1541 : : }
1542 : : // Wipe the buffer when everything is sent.
1543 [ - + + + ]: 132487 : if (m_send_pos == m_send_buffer.size()) {
1544 : 36969 : m_send_pos = 0;
1545 : 36969 : ClearShrink(m_send_buffer);
1546 : : }
1547 : 151264 : }
1548 : :
1549 : 0 : bool V2Transport::ShouldReconnectV1() const noexcept
1550 : : {
1551 : 0 : AssertLockNotHeld(m_send_mutex);
1552 : 0 : AssertLockNotHeld(m_recv_mutex);
1553 : : // Only outgoing connections need reconnection.
1554 [ # # ]: 0 : if (!m_initiating) return false;
1555 : :
1556 : 0 : LOCK(m_recv_mutex);
1557 : : // We only reconnect in the very first state and when the receive buffer is empty. Together
1558 : : // these conditions imply nothing has been received so far.
1559 [ # # ]: 0 : if (m_recv_state != RecvState::KEY) return false;
1560 [ # # ]: 0 : if (!m_recv_buffer.empty()) return false;
1561 : : // Check if we've sent enough for the other side to disconnect us (if it was V1).
1562 : 0 : LOCK(m_send_mutex);
1563 [ # # ]: 0 : return m_sent_v1_header_worth;
1564 : 0 : }
1565 : :
1566 : 0 : size_t V2Transport::GetSendMemoryUsage() const noexcept
1567 : : {
1568 : 0 : AssertLockNotHeld(m_send_mutex);
1569 : 0 : LOCK(m_send_mutex);
1570 [ # # ]: 0 : if (m_send_state == SendState::V1) return m_v1_fallback.GetSendMemoryUsage();
1571 : :
1572 [ # # ]: 0 : return sizeof(m_send_buffer) + memusage::DynamicUsage(m_send_buffer);
1573 : 0 : }
1574 : :
1575 : 3246 : Transport::Info V2Transport::GetInfo() const noexcept
1576 : : {
1577 : 3246 : AssertLockNotHeld(m_recv_mutex);
1578 : 3246 : LOCK(m_recv_mutex);
1579 [ + + ]: 3246 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetInfo();
1580 : :
1581 [ + + ]: 2680 : Transport::Info info;
1582 : :
1583 : : // Do not report v2 and session ID until the version packet has been received
1584 : : // and verified (confirming that the other side very likely has the same keys as us).
1585 [ + + ]: 2680 : if (m_recv_state != RecvState::KEY_MAYBE_V1 && m_recv_state != RecvState::KEY &&
1586 : : m_recv_state != RecvState::GARB_GARBTERM && m_recv_state != RecvState::VERSION) {
1587 : 2438 : info.transport_type = TransportProtocolType::V2;
1588 : 2438 : info.session_id = uint256(MakeUCharSpan(m_cipher.GetSessionID()));
1589 : : } else {
1590 : 242 : info.transport_type = TransportProtocolType::DETECTING;
1591 : : }
1592 : :
1593 : 2680 : return info;
1594 : 3246 : }
1595 : :
1596 : 63421 : std::pair<size_t, bool> CConnman::SocketSendData(CNode& node) const
1597 : : {
1598 : 63421 : auto it = node.vSendMsg.begin();
1599 : 63421 : size_t nSentSize = 0;
1600 : 63421 : bool data_left{false}; //!< second return value (whether unsent data remains)
1601 : 63421 : std::optional<bool> expected_more;
1602 : :
1603 : 136569 : while (true) {
1604 [ + + ]: 136569 : if (it != node.vSendMsg.end()) {
1605 : : // If possible, move one message from the send queue to the transport. This fails when
1606 : : // there is an existing message still being sent, or (for v2 transports) when the
1607 : : // handshake has not yet completed.
1608 : 63421 : size_t memusage = it->GetMemoryUsage();
1609 [ + - ]: 63421 : if (node.m_transport->SetMessageToSend(*it)) {
1610 : : // Update memory usage of send buffer (as *it will be deleted).
1611 : 63421 : node.m_send_memusage -= memusage;
1612 : 63421 : ++it;
1613 : : }
1614 : : }
1615 [ + + ]: 136569 : const auto& [data, more, msg_type] = node.m_transport->GetBytesToSend(it != node.vSendMsg.end());
1616 : : // We rely on the 'more' value returned by GetBytesToSend to correctly predict whether more
1617 : : // bytes are still to be sent, to correctly set the MSG_MORE flag. As a sanity check,
1618 : : // verify that the previously returned 'more' was correct.
1619 [ + + ]: 136569 : if (expected_more.has_value()) Assume(!data.empty() == *expected_more);
1620 [ + + ]: 136569 : expected_more = more;
1621 [ + + ]: 136569 : data_left = !data.empty(); // will be overwritten on next loop if all of data gets sent
1622 : 136569 : int nBytes = 0;
1623 [ + + ]: 136569 : if (!data.empty()) {
1624 : 92541 : LOCK(node.m_sock_mutex);
1625 : : // There is no socket in case we've already disconnected, or in test cases without
1626 : : // real connections. In these cases, we bail out immediately and just leave things
1627 : : // in the send queue and transport.
1628 [ + + ]: 92541 : if (!node.m_sock) {
1629 : : break;
1630 : : }
1631 : 83026 : int flags = MSG_NOSIGNAL | MSG_DONTWAIT;
1632 : : #ifdef MSG_MORE
1633 [ + + ]: 83026 : if (more) {
1634 : 34929 : flags |= MSG_MORE;
1635 : : }
1636 : : #endif
1637 [ + - + - ]: 83026 : nBytes = node.m_sock->Send(data.data(), data.size(), flags);
1638 : 9515 : }
1639 [ + + ]: 83026 : if (nBytes > 0) {
1640 : 79889 : node.m_last_send = GetTime<std::chrono::seconds>();
1641 : 79889 : node.nSendBytes += nBytes;
1642 : : // Notify transport that bytes have been processed.
1643 : 79889 : node.m_transport->MarkBytesSent(nBytes);
1644 : : // Update statistics per message type.
1645 [ + + ]: 79889 : if (!msg_type.empty()) { // don't report v2 handshake bytes for now
1646 : 79819 : node.AccountForSentBytes(msg_type, nBytes);
1647 : : }
1648 : 79889 : nSentSize += nBytes;
1649 [ + + ]: 79889 : if ((size_t)nBytes != data.size()) {
1650 : : // could not send full message; stop sending more
1651 : : break;
1652 : : }
1653 : : } else {
1654 [ + + ]: 47165 : if (nBytes < 0) {
1655 : : // error
1656 : 2515 : int nErr = WSAGetLastError();
1657 [ + + + + ]: 2515 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) {
1658 [ - + - - : 2161 : LogDebug(BCLog::NET, "socket send error, %s: %s\n", node.DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
1659 : 2161 : node.CloseSocketDisconnect();
1660 : : }
1661 : : }
1662 : : break;
1663 : : }
1664 : : }
1665 : :
1666 [ + - ]: 63421 : node.fPauseSend = node.m_send_memusage + node.m_transport->GetSendMemoryUsage() > nSendBufferMaxSize;
1667 : :
1668 [ + - ]: 63421 : if (it == node.vSendMsg.end()) {
1669 [ - + ]: 63421 : assert(node.m_send_memusage == 0);
1670 : : }
1671 : 63421 : node.vSendMsg.erase(node.vSendMsg.begin(), it);
1672 : 63421 : return {nSentSize, data_left};
1673 : : }
1674 : :
1675 : : /** Try to find a connection to evict when the node is full.
1676 : : * Extreme care must be taken to avoid opening the node to attacker
1677 : : * triggered network partitioning.
1678 : : * The strategy used here is to protect a small number of peers
1679 : : * for each of several distinct characteristics which are difficult
1680 : : * to forge. In order to partition a node the attacker must be
1681 : : * simultaneously better at all of them than honest peers.
1682 : : */
1683 : 8368 : bool CConnman::AttemptToEvictConnection()
1684 : : {
1685 : 8368 : std::vector<NodeEvictionCandidate> vEvictionCandidates;
1686 : 8368 : {
1687 : :
1688 [ + - ]: 8368 : LOCK(m_nodes_mutex);
1689 [ + + ]: 284772 : for (const CNode* node : m_nodes) {
1690 [ - + ]: 276404 : if (node->fDisconnect)
1691 : 0 : continue;
1692 : 276404 : NodeEvictionCandidate candidate{
1693 : 276404 : .id = node->GetId(),
1694 : : .m_connected = node->m_connected,
1695 : 276404 : .m_min_ping_time = node->m_min_ping_time,
1696 : 276404 : .m_last_block_time = node->m_last_block_time,
1697 : 276404 : .m_last_tx_time = node->m_last_tx_time,
1698 [ + - ]: 276404 : .fRelevantServices = node->m_has_all_wanted_services,
1699 : 276404 : .m_relay_txs = node->m_relays_txs.load(),
1700 : 276404 : .fBloomFilter = node->m_bloom_filter_loaded.load(),
1701 : 276404 : .nKeyedNetGroup = node->nKeyedNetGroup,
1702 : 276404 : .prefer_evict = node->m_prefer_evict,
1703 [ + - ]: 276404 : .m_is_local = node->addr.IsLocal(),
1704 : 276404 : .m_network = node->ConnectedThroughNetwork(),
1705 : 276404 : .m_noban = node->HasPermission(NetPermissionFlags::NoBan),
1706 : 276404 : .m_conn_type = node->m_conn_type,
1707 [ + - + - : 552808 : };
+ - ]
1708 [ + - ]: 276404 : vEvictionCandidates.push_back(candidate);
1709 : : }
1710 : 0 : }
1711 [ + - ]: 8368 : const std::optional<NodeId> node_id_to_evict = SelectNodeToEvict(std::move(vEvictionCandidates));
1712 [ - + ]: 8368 : if (!node_id_to_evict) {
1713 : : return false;
1714 : : }
1715 [ # # ]: 0 : LOCK(m_nodes_mutex);
1716 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1717 [ # # ]: 0 : if (pnode->GetId() == *node_id_to_evict) {
1718 [ # # # # : 0 : LogDebug(BCLog::NET, "selected %s connection for eviction, %s", pnode->ConnectionTypeAsString(), pnode->DisconnectMsg(fLogIPs));
# # # # ]
1719 : : TRACEPOINT(net, evicted_inbound_connection,
1720 : : pnode->GetId(),
1721 : : pnode->m_addr_name.c_str(),
1722 : : pnode->ConnectionTypeAsString().c_str(),
1723 : : pnode->ConnectedThroughNetwork(),
1724 : 0 : Ticks<std::chrono::seconds>(pnode->m_connected));
1725 : 0 : pnode->fDisconnect = true;
1726 : 0 : return true;
1727 : : }
1728 : : }
1729 : : return false;
1730 : 8368 : }
1731 : :
1732 : 0 : void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
1733 : 0 : struct sockaddr_storage sockaddr;
1734 : 0 : socklen_t len = sizeof(sockaddr);
1735 : 0 : auto sock = hListenSocket.sock->Accept((struct sockaddr*)&sockaddr, &len);
1736 : :
1737 [ # # ]: 0 : if (!sock) {
1738 : 0 : const int nErr = WSAGetLastError();
1739 [ # # ]: 0 : if (nErr != WSAEWOULDBLOCK) {
1740 [ # # # # ]: 0 : LogPrintf("socket error accept failed: %s\n", NetworkErrorString(nErr));
1741 : : }
1742 : 0 : return;
1743 : : }
1744 : :
1745 [ # # ]: 0 : CService addr;
1746 [ # # # # ]: 0 : if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr, len)) {
1747 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Warning, "Unknown socket family\n");
# # ]
1748 : : } else {
1749 [ # # ]: 0 : addr = MaybeFlipIPv6toCJDNS(addr);
1750 : : }
1751 : :
1752 [ # # # # ]: 0 : const CService addr_bind{MaybeFlipIPv6toCJDNS(GetBindAddress(*sock))};
1753 : :
1754 : 0 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
1755 [ # # ]: 0 : hListenSocket.AddSocketPermissionFlags(permission_flags);
1756 : :
1757 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(sock), permission_flags, addr_bind, addr);
1758 : 0 : }
1759 : :
1760 : 8822 : void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
1761 : : NetPermissionFlags permission_flags,
1762 : : const CService& addr_bind,
1763 : : const CService& addr)
1764 : : {
1765 : 8822 : int nInbound = 0;
1766 : :
1767 [ - + ]: 8822 : const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
1768 : :
1769 : : // Tor inbound connections do not reveal the peer's actual network address.
1770 : : // Therefore do not apply address-based whitelist permissions to them.
1771 [ - + + - ]: 17644 : AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr, vWhitelistedRangeIncoming);
1772 : :
1773 : 8822 : {
1774 : 8822 : LOCK(m_nodes_mutex);
1775 [ + + ]: 290557 : for (const CNode* pnode : m_nodes) {
1776 [ + + ]: 281735 : if (pnode->IsInboundConn()) nInbound++;
1777 : : }
1778 : 8822 : }
1779 : :
1780 [ + + ]: 8822 : if (!fNetworkActive) {
1781 [ - + - - ]: 19 : LogDebug(BCLog::NET, "connection from %s dropped: not accepting new connections\n", addr.ToStringAddrPort());
1782 : 19 : return;
1783 : : }
1784 : :
1785 [ + + ]: 8803 : if (!sock->IsSelectable()) {
1786 [ + - ]: 435 : LogPrintf("connection from %s dropped: non-selectable socket\n", addr.ToStringAddrPort());
1787 : 435 : return;
1788 : : }
1789 : :
1790 : : // According to the internet TCP_NODELAY is not carried into accepted sockets
1791 : : // on all platforms. Set it again here just to be sure.
1792 : 8368 : const int on{1};
1793 [ + + ]: 8368 : if (sock->SetSockOpt(IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == SOCKET_ERROR) {
1794 [ - + - - ]: 8166 : LogDebug(BCLog::NET, "connection from %s: unable to set TCP_NODELAY, continuing anyway\n",
1795 : : addr.ToStringAddrPort());
1796 : : }
1797 : :
1798 : : // Don't accept connections from banned peers.
1799 [ - + - - ]: 8368 : bool banned = m_banman && m_banman->IsBanned(addr);
1800 [ + + - + ]: 8368 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && banned)
1801 : : {
1802 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToStringAddrPort());
1803 : 0 : return;
1804 : : }
1805 : :
1806 : : // Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
1807 [ - + - - ]: 8368 : bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
1808 [ + + + - : 8368 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && nInbound + 1 >= m_max_inbound && discouraged)
+ - ]
1809 : : {
1810 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToStringAddrPort());
1811 : 0 : return;
1812 : : }
1813 : :
1814 [ + - ]: 8368 : if (nInbound >= m_max_inbound)
1815 : : {
1816 [ + - ]: 8368 : if (!AttemptToEvictConnection()) {
1817 : : // No connection to evict, disconnect the new connection
1818 [ - + ]: 8368 : LogDebug(BCLog::NET, "failed to find an eviction candidate - connection dropped (full)\n");
1819 : 8368 : return;
1820 : : }
1821 : : }
1822 : :
1823 : 0 : NodeId id = GetNewNodeId();
1824 : 0 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
1825 : :
1826 : : // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
1827 : : // detected, so use it whenever we signal NODE_P2P_V2.
1828 : 0 : ServiceFlags local_services = GetLocalServices();
1829 : 0 : const bool use_v2transport(local_services & NODE_P2P_V2);
1830 : :
1831 : 0 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
1832 [ # # ]: 0 : .Write(inbound_onion ? NET_ONION : addr.GetNetClass())
1833 [ # # # # ]: 0 : .Write(addr_bind.GetAddrBytes())
1834 [ # # # # ]: 0 : .Write(addr_bind.GetPort()) // inbound connections use bind port
1835 [ # # ]: 0 : .Finalize();
1836 : 0 : CNode* pnode = new CNode(id,
1837 : 0 : std::move(sock),
1838 [ # # ]: 0 : CAddress{addr, NODE_NONE},
1839 : : CalculateKeyedNetGroup(addr),
1840 : : nonce,
1841 : : addr_bind,
1842 : 0 : /*addrNameIn=*/"",
1843 : : ConnectionType::INBOUND,
1844 : : inbound_onion,
1845 : : network_id,
1846 : 0 : CNodeOptions{
1847 : : .permission_flags = permission_flags,
1848 : : .prefer_evict = discouraged,
1849 : 0 : .recv_flood_size = nReceiveFloodSize,
1850 : : .use_v2transport = use_v2transport,
1851 [ # # # # : 0 : });
# # # # ]
1852 : 0 : pnode->AddRef();
1853 : 0 : m_msgproc->InitializeNode(*pnode, local_services);
1854 : 0 : {
1855 : 0 : LOCK(m_nodes_mutex);
1856 [ # # ]: 0 : m_nodes.push_back(pnode);
1857 : 0 : }
1858 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s accepted\n", addr.ToStringAddrPort());
1859 : : TRACEPOINT(net, inbound_connection,
1860 : : pnode->GetId(),
1861 : : pnode->m_addr_name.c_str(),
1862 : : pnode->ConnectionTypeAsString().c_str(),
1863 : : pnode->ConnectedThroughNetwork(),
1864 : 0 : GetNodeCount(ConnectionDirection::In));
1865 : :
1866 : : // We received a new connection, harvest entropy from the time (and our peer count)
1867 : 0 : RandAddEvent((uint32_t)id);
1868 : : }
1869 : :
1870 : 0 : bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport = false)
1871 : : {
1872 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
1873 : 0 : std::optional<int> max_connections;
1874 [ # # # # ]: 0 : switch (conn_type) {
1875 : : case ConnectionType::INBOUND:
1876 : : case ConnectionType::MANUAL:
1877 : : return false;
1878 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
1879 : 0 : max_connections = m_max_outbound_full_relay;
1880 : 0 : break;
1881 : 0 : case ConnectionType::BLOCK_RELAY:
1882 : 0 : max_connections = m_max_outbound_block_relay;
1883 : 0 : break;
1884 : : // no limit for ADDR_FETCH because -seednode has no limit either
1885 : : case ConnectionType::ADDR_FETCH:
1886 : : break;
1887 : : // no limit for FEELER connections since they're short-lived
1888 : : case ConnectionType::FEELER:
1889 : : break;
1890 : : } // no default case, so the compiler can warn about missing cases
1891 : :
1892 : : // Count existing connections
1893 [ # # # # ]: 0 : int existing_connections = WITH_LOCK(m_nodes_mutex,
1894 : : return std::count_if(m_nodes.begin(), m_nodes.end(), [conn_type](CNode* node) { return node->m_conn_type == conn_type; }););
1895 : :
1896 : : // Max connections of specified type already exist
1897 [ # # ]: 0 : if (max_connections != std::nullopt && existing_connections >= max_connections) return false;
1898 : :
1899 : : // Max total outbound connections already exist
1900 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, true);
1901 [ # # ]: 0 : if (!grant) return false;
1902 : :
1903 [ # # # # : 0 : OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/use_v2transport);
# # ]
1904 : 0 : return true;
1905 : : }
1906 : :
1907 : 0 : void CConnman::DisconnectNodes()
1908 : : {
1909 : 0 : AssertLockNotHeld(m_nodes_mutex);
1910 : 0 : AssertLockNotHeld(m_reconnections_mutex);
1911 : :
1912 : : // Use a temporary variable to accumulate desired reconnections, so we don't need
1913 : : // m_reconnections_mutex while holding m_nodes_mutex.
1914 [ # # ]: 0 : decltype(m_reconnections) reconnections_to_add;
1915 : :
1916 : 0 : {
1917 [ # # ]: 0 : LOCK(m_nodes_mutex);
1918 : :
1919 [ # # ]: 0 : const bool network_active{fNetworkActive};
1920 [ # # ]: 0 : if (!network_active) {
1921 : : // Disconnect any connected nodes
1922 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1923 [ # # ]: 0 : if (!pnode->fDisconnect) {
1924 [ # # # # : 0 : LogDebug(BCLog::NET, "Network not active, %s\n", pnode->DisconnectMsg(fLogIPs));
# # # # ]
1925 : 0 : pnode->fDisconnect = true;
1926 : : }
1927 : : }
1928 : : }
1929 : :
1930 : : // Disconnect unused nodes
1931 [ # # ]: 0 : std::vector<CNode*> nodes_copy = m_nodes;
1932 [ # # ]: 0 : for (CNode* pnode : nodes_copy)
1933 : : {
1934 [ # # ]: 0 : if (pnode->fDisconnect)
1935 : : {
1936 : : // remove from m_nodes
1937 : 0 : m_nodes.erase(remove(m_nodes.begin(), m_nodes.end(), pnode), m_nodes.end());
1938 : :
1939 : : // Add to reconnection list if appropriate. We don't reconnect right here, because
1940 : : // the creation of a connection is a blocking operation (up to several seconds),
1941 : : // and we don't want to hold up the socket handler thread for that long.
1942 [ # # # # ]: 0 : if (network_active && pnode->m_transport->ShouldReconnectV1()) {
1943 : 0 : reconnections_to_add.push_back({
1944 : 0 : .addr_connect = pnode->addr,
1945 [ # # ]: 0 : .grant = std::move(pnode->grantOutbound),
1946 : 0 : .destination = pnode->m_dest,
1947 : 0 : .conn_type = pnode->m_conn_type,
1948 : : .use_v2transport = false});
1949 [ # # # # : 0 : LogDebug(BCLog::NET, "retrying with v1 transport protocol for peer=%d\n", pnode->GetId());
# # ]
1950 : : }
1951 : :
1952 : : // release outbound grant (if any)
1953 : 0 : pnode->grantOutbound.Release();
1954 : :
1955 : : // close socket and cleanup
1956 [ # # ]: 0 : pnode->CloseSocketDisconnect();
1957 : :
1958 : : // update connection count by network
1959 [ # # # # ]: 0 : if (pnode->IsManualOrFullOutboundConn()) --m_network_conn_counts[pnode->addr.GetNetwork()];
1960 : :
1961 : : // hold in disconnected pool until all refs are released
1962 [ # # ]: 0 : pnode->Release();
1963 [ # # ]: 0 : m_nodes_disconnected.push_back(pnode);
1964 : : }
1965 : : }
1966 [ # # ]: 0 : }
1967 : 0 : {
1968 : : // Delete disconnected nodes
1969 [ # # ]: 0 : std::list<CNode*> nodes_disconnected_copy = m_nodes_disconnected;
1970 [ # # ]: 0 : for (CNode* pnode : nodes_disconnected_copy)
1971 : : {
1972 : : // Destroy the object only after other threads have stopped using it.
1973 [ # # ]: 0 : if (pnode->GetRefCount() <= 0) {
1974 : 0 : m_nodes_disconnected.remove(pnode);
1975 [ # # ]: 0 : DeleteNode(pnode);
1976 : : }
1977 : : }
1978 : 0 : }
1979 : 0 : {
1980 : : // Move entries from reconnections_to_add to m_reconnections.
1981 [ # # ]: 0 : LOCK(m_reconnections_mutex);
1982 [ # # ]: 0 : m_reconnections.splice(m_reconnections.end(), std::move(reconnections_to_add));
1983 : 0 : }
1984 [ # # # # : 0 : }
# # ]
1985 : :
1986 : 0 : void CConnman::NotifyNumConnectionsChanged()
1987 : : {
1988 : 0 : size_t nodes_size;
1989 : 0 : {
1990 : 0 : LOCK(m_nodes_mutex);
1991 [ # # # # ]: 0 : nodes_size = m_nodes.size();
1992 : 0 : }
1993 [ # # ]: 0 : if(nodes_size != nPrevNodeCount) {
1994 : 0 : nPrevNodeCount = nodes_size;
1995 [ # # ]: 0 : if (m_client_interface) {
1996 : 0 : m_client_interface->NotifyNumConnectionsChanged(nodes_size);
1997 : : }
1998 : : }
1999 : 0 : }
2000 : :
2001 : 32465 : bool CConnman::ShouldRunInactivityChecks(const CNode& node, std::chrono::seconds now) const
2002 : : {
2003 : 32465 : return node.m_connected + m_peer_connect_timeout < now;
2004 : : }
2005 : :
2006 : 65 : bool CConnman::InactivityCheck(const CNode& node) const
2007 : : {
2008 : : // Tests that see disconnects after using mocktime can start nodes with a
2009 : : // large timeout. For example, -peertimeout=999999999.
2010 : 65 : const auto now{GetTime<std::chrono::seconds>()};
2011 : 65 : const auto last_send{node.m_last_send.load()};
2012 : 65 : const auto last_recv{node.m_last_recv.load()};
2013 : :
2014 [ - + ]: 65 : if (!ShouldRunInactivityChecks(node, now)) return false;
2015 : :
2016 [ # # ]: 0 : bool has_received{last_recv.count() != 0};
2017 : 0 : bool has_sent{last_send.count() != 0};
2018 : :
2019 [ # # ]: 0 : if (!has_received || !has_sent) {
2020 [ # # ]: 0 : std::string has_never;
2021 [ # # # # ]: 0 : if (!has_received) has_never += ", never received from peer";
2022 [ # # # # ]: 0 : if (!has_sent) has_never += ", never sent to peer";
2023 [ # # # # : 0 : LogDebug(BCLog::NET,
# # # # ]
2024 : : "socket no message in first %i seconds%s, %s\n",
2025 : : count_seconds(m_peer_connect_timeout),
2026 : : has_never,
2027 : : node.DisconnectMsg(fLogIPs)
2028 : : );
2029 : 0 : return true;
2030 : 0 : }
2031 : :
2032 [ # # ]: 0 : if (now > last_send + TIMEOUT_INTERVAL) {
2033 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2034 : : "socket sending timeout: %is, %s\n", count_seconds(now - last_send),
2035 : : node.DisconnectMsg(fLogIPs)
2036 : : );
2037 : 0 : return true;
2038 : : }
2039 : :
2040 [ # # ]: 0 : if (now > last_recv + TIMEOUT_INTERVAL) {
2041 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2042 : : "socket receive timeout: %is, %s\n", count_seconds(now - last_recv),
2043 : : node.DisconnectMsg(fLogIPs)
2044 : : );
2045 : 0 : return true;
2046 : : }
2047 : :
2048 [ # # ]: 0 : if (!node.fSuccessfullyConnected) {
2049 [ # # ]: 0 : if (node.m_transport->GetInfo().transport_type == TransportProtocolType::DETECTING) {
2050 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2051 : : } else {
2052 [ # # # # ]: 0 : LogDebug(BCLog::NET, "version handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2053 : : }
2054 : 0 : return true;
2055 : : }
2056 : :
2057 : : return false;
2058 : : }
2059 : :
2060 : 773 : Sock::EventsPerSock CConnman::GenerateWaitSockets(std::span<CNode* const> nodes)
2061 : : {
2062 : 773 : Sock::EventsPerSock events_per_sock;
2063 : :
2064 [ + + ]: 775 : for (const ListenSocket& hListenSocket : vhListenSocket) {
2065 [ + - ]: 2 : events_per_sock.emplace(hListenSocket.sock, Sock::Events{Sock::RECV});
2066 : : }
2067 : :
2068 [ + + ]: 42804 : for (CNode* pnode : nodes) {
2069 [ + - ]: 42031 : bool select_recv = !pnode->fPauseRecv;
2070 : 42031 : bool select_send;
2071 : 42031 : {
2072 [ + - ]: 42031 : LOCK(pnode->cs_vSend);
2073 : : // Sending is possible if either there are bytes to send right now, or if there will be
2074 : : // once a potential message from vSendMsg is handed to the transport. GetBytesToSend
2075 : : // determines both of these in a single call.
2076 [ + - ]: 42031 : const auto& [to_send, more, _msg_type] = pnode->m_transport->GetBytesToSend(!pnode->vSendMsg.empty());
2077 [ + - + - : 84062 : select_send = !to_send.empty() || more;
+ - ]
2078 : 42031 : }
2079 [ - + ]: 42031 : if (!select_recv && !select_send) continue;
2080 : :
2081 [ + - ]: 42031 : LOCK(pnode->m_sock_mutex);
2082 [ + + ]: 42031 : if (pnode->m_sock) {
2083 [ + - - + ]: 84056 : Sock::Event event = (select_send ? Sock::SEND : 0) | (select_recv ? Sock::RECV : 0);
2084 [ + - ]: 42028 : events_per_sock.emplace(pnode->m_sock, Sock::Events{event});
2085 : : }
2086 : 42031 : }
2087 : :
2088 : 773 : return events_per_sock;
2089 : 0 : }
2090 : :
2091 : 773 : void CConnman::SocketHandler()
2092 : : {
2093 : 773 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2094 : :
2095 [ + - ]: 773 : Sock::EventsPerSock events_per_sock;
2096 : :
2097 : 773 : {
2098 [ + - ]: 773 : const NodesSnapshot snap{*this, /*shuffle=*/false};
2099 : :
2100 : 773 : const auto timeout = std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS);
2101 : :
2102 : : // Check for the readiness of the already connected sockets and the
2103 : : // listening sockets in one call ("readiness" as in poll(2) or
2104 : : // select(2)). If none are ready, wait for a short while and return
2105 : : // empty sets.
2106 [ - + + - ]: 1546 : events_per_sock = GenerateWaitSockets(snap.Nodes());
2107 [ + + + - : 773 : if (events_per_sock.empty() || !events_per_sock.begin()->first->WaitMany(timeout, events_per_sock)) {
- + ]
2108 [ + - ]: 31 : m_interrupt_net->sleep_for(timeout);
2109 : : }
2110 : :
2111 : : // Service (send/receive) each of the already connected nodes.
2112 [ + - ]: 773 : SocketHandlerConnected(snap.Nodes(), events_per_sock);
2113 : 773 : }
2114 : :
2115 : : // Accept new connections from listening sockets.
2116 [ + - ]: 773 : SocketHandlerListening(events_per_sock);
2117 : 773 : }
2118 : :
2119 : 773 : void CConnman::SocketHandlerConnected(const std::vector<CNode*>& nodes,
2120 : : const Sock::EventsPerSock& events_per_sock)
2121 : : {
2122 : 773 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2123 : :
2124 [ + + ]: 838 : for (CNode* pnode : nodes) {
2125 [ + + ]: 796 : if (m_interrupt_net->interrupted()) {
2126 : : return;
2127 : : }
2128 : :
2129 : : //
2130 : : // Receive
2131 : : //
2132 : 65 : bool recvSet = false;
2133 : 65 : bool sendSet = false;
2134 : 65 : bool errorSet = false;
2135 : 65 : {
2136 : 65 : LOCK(pnode->m_sock_mutex);
2137 [ - + ]: 65 : if (!pnode->m_sock) {
2138 [ # # ]: 0 : continue;
2139 : : }
2140 [ + - + - ]: 130 : const auto it = events_per_sock.find(pnode->m_sock);
2141 [ + - + - ]: 130 : if (it != events_per_sock.end()) {
2142 : 65 : recvSet = it->second.occurred & Sock::RECV;
2143 : 65 : sendSet = it->second.occurred & Sock::SEND;
2144 : 65 : errorSet = it->second.occurred & Sock::ERR;
2145 : : }
2146 : 0 : }
2147 : :
2148 [ - + ]: 65 : if (sendSet) {
2149 : : // Send data
2150 [ # # # # ]: 0 : auto [bytes_sent, data_left] = WITH_LOCK(pnode->cs_vSend, return SocketSendData(*pnode));
2151 [ # # ]: 0 : if (bytes_sent) {
2152 : 0 : RecordBytesSent(bytes_sent);
2153 : :
2154 : : // If both receiving and (non-optimistic) sending were possible, we first attempt
2155 : : // sending. If that succeeds, but does not fully drain the send queue, do not
2156 : : // attempt to receive. This avoids needlessly queueing data if the remote peer
2157 : : // is slow at receiving data, by means of TCP flow control. We only do this when
2158 : : // sending actually succeeded to make sure progress is always made; otherwise a
2159 : : // deadlock would be possible when both sides have data to send, but neither is
2160 : : // receiving.
2161 [ # # ]: 0 : if (data_left) recvSet = false;
2162 : : }
2163 : : }
2164 : :
2165 [ + + ]: 65 : if (recvSet || errorSet)
2166 : : {
2167 : : // typical socket buffer is 8K-64K
2168 : 43 : uint8_t pchBuf[0x10000];
2169 : 43 : int nBytes = 0;
2170 : 43 : {
2171 : 43 : LOCK(pnode->m_sock_mutex);
2172 [ - + ]: 43 : if (!pnode->m_sock) {
2173 [ # # ]: 0 : continue;
2174 : : }
2175 [ + - + - ]: 43 : nBytes = pnode->m_sock->Recv(pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
2176 : 0 : }
2177 [ + + ]: 43 : if (nBytes > 0)
2178 : : {
2179 : 17 : bool notify = false;
2180 [ + + ]: 17 : if (!pnode->ReceiveMsgBytes({pchBuf, (size_t)nBytes}, notify)) {
2181 [ - + - - ]: 16 : LogDebug(BCLog::NET,
2182 : : "receiving message bytes failed, %s\n",
2183 : : pnode->DisconnectMsg(fLogIPs)
2184 : : );
2185 : 16 : pnode->CloseSocketDisconnect();
2186 : : }
2187 : 17 : RecordBytesRecv(nBytes);
2188 [ - + ]: 17 : if (notify) {
2189 : 0 : pnode->MarkReceivedMsgsForProcessing();
2190 : 0 : WakeMessageHandler();
2191 : : }
2192 : : }
2193 [ + + ]: 26 : else if (nBytes == 0)
2194 : : {
2195 : : // socket closed gracefully
2196 [ + - ]: 20 : if (!pnode->fDisconnect) {
2197 [ - + - - ]: 20 : LogDebug(BCLog::NET, "socket closed, %s\n", pnode->DisconnectMsg(fLogIPs));
2198 : : }
2199 : 20 : pnode->CloseSocketDisconnect();
2200 : : }
2201 [ + - ]: 6 : else if (nBytes < 0)
2202 : : {
2203 : : // error
2204 : 6 : int nErr = WSAGetLastError();
2205 [ + + + - ]: 6 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS)
2206 : : {
2207 [ + - ]: 5 : if (!pnode->fDisconnect) {
2208 [ - + - - : 5 : LogDebug(BCLog::NET, "socket recv error, %s: %s\n", pnode->DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
2209 : : }
2210 : 5 : pnode->CloseSocketDisconnect();
2211 : : }
2212 : : }
2213 : : }
2214 : :
2215 [ - + ]: 65 : if (InactivityCheck(*pnode)) pnode->fDisconnect = true;
2216 : : }
2217 : : }
2218 : :
2219 : 773 : void CConnman::SocketHandlerListening(const Sock::EventsPerSock& events_per_sock)
2220 : : {
2221 [ + + ]: 774 : for (const ListenSocket& listen_socket : vhListenSocket) {
2222 [ + + ]: 2 : if (m_interrupt_net->interrupted()) {
2223 : : return;
2224 : : }
2225 [ + - + - ]: 2 : const auto it = events_per_sock.find(listen_socket.sock);
2226 [ + - - + ]: 1 : if (it != events_per_sock.end() && it->second.occurred & Sock::RECV) {
2227 : 0 : AcceptConnection(listen_socket);
2228 : : }
2229 : : }
2230 : : }
2231 : :
2232 : 0 : void CConnman::ThreadSocketHandler()
2233 : : {
2234 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2235 : :
2236 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2237 : 0 : DisconnectNodes();
2238 : 0 : NotifyNumConnectionsChanged();
2239 : 0 : SocketHandler();
2240 : : }
2241 : 0 : }
2242 : :
2243 : 0 : void CConnman::WakeMessageHandler()
2244 : : {
2245 : 0 : {
2246 : 0 : LOCK(mutexMsgProc);
2247 [ # # ]: 0 : fMsgProcWake = true;
2248 : 0 : }
2249 : 0 : condMsgProc.notify_one();
2250 : 0 : }
2251 : :
2252 : 0 : void CConnman::ThreadDNSAddressSeed()
2253 : : {
2254 : 0 : int outbound_connection_count = 0;
2255 : :
2256 [ # # # # ]: 0 : if (!gArgs.GetArgs("-seednode").empty()) {
2257 : 0 : auto start = NodeClock::now();
2258 : 0 : constexpr std::chrono::seconds SEEDNODE_TIMEOUT = 30s;
2259 : 0 : LogPrintf("-seednode enabled. Trying the provided seeds for %d seconds before defaulting to the dnsseeds.\n", SEEDNODE_TIMEOUT.count());
2260 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2261 [ # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2262 : : return;
2263 : : }
2264 : :
2265 : : // Abort if we have spent enough time without reaching our target.
2266 : : // Giving seed nodes 30 seconds so this does not become a race against fixedseeds (which triggers after 1 min)
2267 [ # # ]: 0 : if (NodeClock::now() > start + SEEDNODE_TIMEOUT) {
2268 : 0 : LogPrintf("Couldn't connect to enough peers via seed nodes. Handing fetch logic to the DNS seeds.\n");
2269 : 0 : break;
2270 : : }
2271 : :
2272 : 0 : outbound_connection_count = GetFullOutboundConnCount();
2273 [ # # ]: 0 : if (outbound_connection_count >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2274 : 0 : LogPrintf("P2P peers available. Finished fetching data from seed nodes.\n");
2275 : 0 : break;
2276 : : }
2277 : : }
2278 : : }
2279 : :
2280 : 0 : FastRandomContext rng;
2281 [ # # ]: 0 : std::vector<std::string> seeds = m_params.DNSSeeds();
2282 : 0 : std::shuffle(seeds.begin(), seeds.end(), rng);
2283 : 0 : int seeds_right_now = 0; // Number of seeds left before testing if we have enough connections
2284 : :
2285 [ # # # # : 0 : if (gArgs.GetBoolArg("-forcednsseed", DEFAULT_FORCEDNSSEED)) {
# # ]
2286 : : // When -forcednsseed is provided, query all.
2287 [ # # ]: 0 : seeds_right_now = seeds.size();
2288 [ # # # # ]: 0 : } else if (addrman.Size() == 0) {
2289 : : // If we have no known peers, query all.
2290 : : // This will occur on the first run, or if peers.dat has been
2291 : : // deleted.
2292 [ # # ]: 0 : seeds_right_now = seeds.size();
2293 : : }
2294 : :
2295 : : // Proceed with dnsseeds if seednodes hasn't reached the target or if forcednsseed is set
2296 [ # # ]: 0 : if (outbound_connection_count < SEED_OUTBOUND_CONNECTION_THRESHOLD || seeds_right_now) {
2297 : : // goal: only query DNS seed if address need is acute
2298 : : // * If we have a reasonable number of peers in addrman, spend
2299 : : // some time trying them first. This improves user privacy by
2300 : : // creating fewer identifying DNS requests, reduces trust by
2301 : : // giving seeds less influence on the network topology, and
2302 : : // reduces traffic to the seeds.
2303 : : // * When querying DNS seeds query a few at once, this ensures
2304 : : // that we don't give DNS seeds the ability to eclipse nodes
2305 : : // that query them.
2306 : : // * If we continue having problems, eventually query all the
2307 : : // DNS seeds, and if that fails too, also try the fixed seeds.
2308 : : // (done in ThreadOpenConnections)
2309 : 0 : int found = 0;
2310 [ # # # # ]: 0 : const std::chrono::seconds seeds_wait_time = (addrman.Size() >= DNSSEEDS_DELAY_PEER_THRESHOLD ? DNSSEEDS_DELAY_MANY_PEERS : DNSSEEDS_DELAY_FEW_PEERS);
2311 : :
2312 [ # # ]: 0 : for (const std::string& seed : seeds) {
2313 [ # # ]: 0 : if (seeds_right_now == 0) {
2314 : 0 : seeds_right_now += DNSSEEDS_TO_QUERY_AT_ONCE;
2315 : :
2316 [ # # # # ]: 0 : if (addrman.Size() > 0) {
2317 [ # # ]: 0 : LogPrintf("Waiting %d seconds before querying DNS seeds.\n", seeds_wait_time.count());
2318 : 0 : std::chrono::seconds to_wait = seeds_wait_time;
2319 [ # # ]: 0 : while (to_wait.count() > 0) {
2320 : : // if sleeping for the MANY_PEERS interval, wake up
2321 : : // early to see if we have enough peers and can stop
2322 : : // this thread entirely freeing up its resources
2323 : 0 : std::chrono::seconds w = std::min(DNSSEEDS_DELAY_FEW_PEERS, to_wait);
2324 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(w)) return;
2325 [ # # ]: 0 : to_wait -= w;
2326 : :
2327 [ # # # # ]: 0 : if (GetFullOutboundConnCount() >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2328 [ # # ]: 0 : if (found > 0) {
2329 [ # # ]: 0 : LogPrintf("%d addresses found from DNS seeds\n", found);
2330 [ # # ]: 0 : LogPrintf("P2P peers available. Finished DNS seeding.\n");
2331 : : } else {
2332 [ # # ]: 0 : LogPrintf("P2P peers available. Skipped DNS seeding.\n");
2333 : : }
2334 : 0 : return;
2335 : : }
2336 : : }
2337 : : }
2338 : : }
2339 : :
2340 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) return;
2341 : :
2342 : : // hold off on querying seeds if P2P network deactivated
2343 [ # # ]: 0 : if (!fNetworkActive) {
2344 [ # # ]: 0 : LogPrintf("Waiting for network to be reactivated before querying DNS seeds.\n");
2345 : 0 : do {
2346 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(1s)) return;
2347 [ # # ]: 0 : } while (!fNetworkActive);
2348 : : }
2349 : :
2350 [ # # ]: 0 : LogPrintf("Loading addresses from DNS seed %s\n", seed);
2351 : : // If -proxy is in use, we make an ADDR_FETCH connection to the DNS resolved peer address
2352 : : // for the base dns seed domain in chainparams
2353 [ # # # # ]: 0 : if (HaveNameProxy()) {
2354 [ # # ]: 0 : AddAddrFetch(seed);
2355 : : } else {
2356 : 0 : std::vector<CAddress> vAdd;
2357 : 0 : constexpr ServiceFlags requiredServiceBits{SeedsServiceFlags()};
2358 [ # # ]: 0 : std::string host = strprintf("x%x.%s", requiredServiceBits, seed);
2359 [ # # ]: 0 : CNetAddr resolveSource;
2360 [ # # # # ]: 0 : if (!resolveSource.SetInternal(host)) {
2361 : 0 : continue;
2362 : : }
2363 : : // Limit number of IPs learned from a single DNS seed. This limit exists to prevent the results from
2364 : : // one DNS seed from dominating AddrMan. Note that the number of results from a UDP DNS query is
2365 : : // bounded to 33 already, but it is possible for it to use TCP where a larger number of results can be
2366 : : // returned.
2367 : 0 : unsigned int nMaxIPs = 32;
2368 [ # # # # ]: 0 : const auto addresses{LookupHost(host, nMaxIPs, true)};
2369 [ # # ]: 0 : if (!addresses.empty()) {
2370 [ # # ]: 0 : for (const CNetAddr& ip : addresses) {
2371 [ # # ]: 0 : CAddress addr = CAddress(CService(ip, m_params.GetDefaultPort()), requiredServiceBits);
2372 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - 3 * 24h, -4 * 24h); // use a random age between 3 and 7 days old
2373 [ # # ]: 0 : vAdd.push_back(addr);
2374 : 0 : found++;
2375 : 0 : }
2376 [ # # ]: 0 : addrman.Add(vAdd, resolveSource);
2377 : : } else {
2378 : : // If the seed does not support a subdomain with our desired service bits,
2379 : : // we make an ADDR_FETCH connection to the DNS resolved peer address for the
2380 : : // base dns seed domain in chainparams
2381 [ # # ]: 0 : AddAddrFetch(seed);
2382 : : }
2383 : 0 : }
2384 : 0 : --seeds_right_now;
2385 : : }
2386 [ # # ]: 0 : LogPrintf("%d addresses found from DNS seeds\n", found);
2387 : : } else {
2388 [ # # ]: 0 : LogPrintf("Skipping DNS seeds. Enough peers have been found\n");
2389 : : }
2390 : 0 : }
2391 : :
2392 : 0 : void CConnman::DumpAddresses()
2393 : : {
2394 : 0 : const auto start{SteadyClock::now()};
2395 : :
2396 : 0 : DumpPeerAddresses(::gArgs, addrman);
2397 : :
2398 [ # # ]: 0 : LogDebug(BCLog::NET, "Flushed %d addresses to peers.dat %dms\n",
2399 : : addrman.Size(), Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
2400 : 0 : }
2401 : :
2402 : 0 : void CConnman::ProcessAddrFetch()
2403 : : {
2404 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2405 [ # # ]: 0 : std::string strDest;
2406 : 0 : {
2407 [ # # ]: 0 : LOCK(m_addr_fetches_mutex);
2408 [ # # ]: 0 : if (m_addr_fetches.empty())
2409 [ # # ]: 0 : return;
2410 [ # # ]: 0 : strDest = m_addr_fetches.front();
2411 [ # # ]: 0 : m_addr_fetches.pop_front();
2412 : 0 : }
2413 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2414 : : // peer doesn't support it or immediately disconnects us for another reason.
2415 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2416 [ # # ]: 0 : CAddress addr;
2417 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, /*fTry=*/true);
2418 [ # # ]: 0 : if (grant) {
2419 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), strDest.c_str(), ConnectionType::ADDR_FETCH, use_v2transport);
2420 : : }
2421 : 0 : }
2422 : :
2423 : 2707 : bool CConnman::GetTryNewOutboundPeer() const
2424 : : {
2425 : 2707 : return m_try_another_outbound_peer;
2426 : : }
2427 : :
2428 : 2853 : void CConnman::SetTryNewOutboundPeer(bool flag)
2429 : : {
2430 : 2853 : m_try_another_outbound_peer = flag;
2431 [ - + - - ]: 2853 : LogDebug(BCLog::NET, "setting try another outbound peer=%s\n", flag ? "true" : "false");
2432 : 2853 : }
2433 : :
2434 : 0 : void CConnman::StartExtraBlockRelayPeers()
2435 : : {
2436 [ # # ]: 0 : LogDebug(BCLog::NET, "enabling extra block-relay-only peers\n");
2437 : 0 : m_start_extra_block_relay_peers = true;
2438 : 0 : }
2439 : :
2440 : : // Return the number of outbound connections that are full relay (not blocks only)
2441 : 0 : int CConnman::GetFullOutboundConnCount() const
2442 : : {
2443 : 0 : int nRelevant = 0;
2444 : 0 : {
2445 : 0 : LOCK(m_nodes_mutex);
2446 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2447 [ # # # # ]: 0 : if (pnode->fSuccessfullyConnected && pnode->IsFullOutboundConn()) ++nRelevant;
2448 : : }
2449 : 0 : }
2450 : 0 : return nRelevant;
2451 : : }
2452 : :
2453 : : // Return the number of peers we have over our outbound connection limit
2454 : : // Exclude peers that are marked for disconnect, or are going to be
2455 : : // disconnected soon (eg ADDR_FETCH and FEELER)
2456 : : // Also exclude peers that haven't finished initial connection handshake yet
2457 : : // (so that we don't decide we're over our desired connection limit, and then
2458 : : // evict some peer that has finished the handshake)
2459 : 2707 : int CConnman::GetExtraFullOutboundCount() const
2460 : : {
2461 : 2707 : int full_outbound_peers = 0;
2462 : 2707 : {
2463 : 2707 : LOCK(m_nodes_mutex);
2464 [ + + ]: 24727 : for (const CNode* pnode : m_nodes) {
2465 [ - + - - : 22020 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsFullOutboundConn()) {
- - ]
2466 : 0 : ++full_outbound_peers;
2467 : : }
2468 : : }
2469 : 2707 : }
2470 [ + - ]: 2707 : return std::max(full_outbound_peers - m_max_outbound_full_relay, 0);
2471 : : }
2472 : :
2473 : 0 : int CConnman::GetExtraBlockRelayCount() const
2474 : : {
2475 : 0 : int block_relay_peers = 0;
2476 : 0 : {
2477 : 0 : LOCK(m_nodes_mutex);
2478 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2479 [ # # # # : 0 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsBlockOnlyConn()) {
# # ]
2480 : 0 : ++block_relay_peers;
2481 : : }
2482 : : }
2483 : 0 : }
2484 [ # # ]: 0 : return std::max(block_relay_peers - m_max_outbound_block_relay, 0);
2485 : : }
2486 : :
2487 : 0 : std::unordered_set<Network> CConnman::GetReachableEmptyNetworks() const
2488 : : {
2489 : 0 : std::unordered_set<Network> networks{};
2490 [ # # ]: 0 : for (int n = 0; n < NET_MAX; n++) {
2491 : 0 : enum Network net = (enum Network)n;
2492 [ # # ]: 0 : if (net == NET_UNROUTABLE || net == NET_INTERNAL) continue;
2493 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && addrman.Size(net, std::nullopt) == 0) {
# # # # ]
2494 [ # # ]: 0 : networks.insert(net);
2495 : : }
2496 : : }
2497 : 0 : return networks;
2498 : 0 : }
2499 : :
2500 : 0 : bool CConnman::MultipleManualOrFullOutboundConns(Network net) const
2501 : : {
2502 : 0 : AssertLockHeld(m_nodes_mutex);
2503 : 0 : return m_network_conn_counts[net] > 1;
2504 : : }
2505 : :
2506 : 0 : bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)
2507 : : {
2508 : 0 : std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};
2509 : 0 : std::shuffle(nets.begin(), nets.end(), FastRandomContext());
2510 : :
2511 : 0 : LOCK(m_nodes_mutex);
2512 [ # # ]: 0 : for (const auto net : nets) {
2513 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && m_network_conn_counts[net] == 0 && addrman.Size(net) != 0) {
# # # # #
# ]
2514 : 0 : network = net;
2515 : 0 : return true;
2516 : : }
2517 : : }
2518 : :
2519 : : return false;
2520 : 0 : }
2521 : :
2522 : 0 : void CConnman::ThreadOpenConnections(const std::vector<std::string> connect, std::span<const std::string> seed_nodes)
2523 : : {
2524 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2525 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2526 : 0 : FastRandomContext rng;
2527 : : // Connect to specific addresses
2528 [ # # ]: 0 : if (!connect.empty())
2529 : : {
2530 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2531 : : // peer doesn't support it or immediately disconnects us for another reason.
2532 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2533 : 0 : for (int64_t nLoop = 0;; nLoop++)
2534 : : {
2535 [ # # ]: 0 : for (const std::string& strAddr : connect)
2536 : : {
2537 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2538 [ # # # # ]: 0 : OpenNetworkConnection(addr, false, {}, strAddr.c_str(), ConnectionType::MANUAL, /*use_v2transport=*/use_v2transport);
2539 [ # # # # ]: 0 : for (int i = 0; i < 10 && i < nLoop; i++)
2540 : : {
2541 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2542 : 0 : return;
2543 : : }
2544 : : }
2545 : 0 : }
2546 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2547 : : return;
2548 : : }
2549 [ # # ]: 0 : PerformReconnections();
2550 : 0 : }
2551 : : }
2552 : :
2553 : : // Initiate network connections
2554 : 0 : auto start = GetTime<std::chrono::microseconds>();
2555 : :
2556 : : // Minimum time before next feeler connection (in microseconds).
2557 : 0 : auto next_feeler = start + rng.rand_exp_duration(FEELER_INTERVAL);
2558 : 0 : auto next_extra_block_relay = start + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2559 [ # # ]: 0 : auto next_extra_network_peer{start + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL)};
2560 [ # # # # ]: 0 : const bool dnsseed = gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED);
2561 [ # # # # ]: 0 : bool add_fixed_seeds = gArgs.GetBoolArg("-fixedseeds", DEFAULT_FIXEDSEEDS);
2562 [ # # # # ]: 0 : const bool use_seednodes{!gArgs.GetArgs("-seednode").empty()};
2563 : :
2564 : 0 : auto seed_node_timer = NodeClock::now();
2565 [ # # # # : 0 : bool add_addr_fetch{addrman.Size() == 0 && !seed_nodes.empty()};
# # ]
2566 : 0 : constexpr std::chrono::seconds ADD_NEXT_SEEDNODE = 10s;
2567 : :
2568 [ # # ]: 0 : if (!add_fixed_seeds) {
2569 [ # # ]: 0 : LogPrintf("Fixed seeds are disabled\n");
2570 : : }
2571 : :
2572 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2573 [ # # ]: 0 : if (add_addr_fetch) {
2574 : 0 : add_addr_fetch = false;
2575 : 0 : const auto& seed{SpanPopBack(seed_nodes)};
2576 [ # # ]: 0 : AddAddrFetch(seed);
2577 : :
2578 [ # # # # ]: 0 : if (addrman.Size() == 0) {
2579 [ # # ]: 0 : LogInfo("Empty addrman, adding seednode (%s) to addrfetch\n", seed);
2580 : : } else {
2581 [ # # ]: 0 : LogInfo("Couldn't connect to peers from addrman after %d seconds. Adding seednode (%s) to addrfetch\n", ADD_NEXT_SEEDNODE.count(), seed);
2582 : : }
2583 : : }
2584 : :
2585 [ # # ]: 0 : ProcessAddrFetch();
2586 : :
2587 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2588 : : return;
2589 : : }
2590 : :
2591 [ # # ]: 0 : PerformReconnections();
2592 : :
2593 : 0 : CountingSemaphoreGrant<> grant(*semOutbound);
2594 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
2595 : : return;
2596 : : }
2597 : :
2598 [ # # ]: 0 : const std::unordered_set<Network> fixed_seed_networks{GetReachableEmptyNetworks()};
2599 [ # # # # ]: 0 : if (add_fixed_seeds && !fixed_seed_networks.empty()) {
2600 : : // When the node starts with an empty peers.dat, there are a few other sources of peers before
2601 : : // we fallback on to fixed seeds: -dnsseed, -seednode, -addnode
2602 : : // If none of those are available, we fallback on to fixed seeds immediately, else we allow
2603 : : // 60 seconds for any of those sources to populate addrman.
2604 : 0 : bool add_fixed_seeds_now = false;
2605 : : // It is cheapest to check if enough time has passed first.
2606 [ # # ]: 0 : if (GetTime<std::chrono::seconds>() > start + std::chrono::minutes{1}) {
2607 : 0 : add_fixed_seeds_now = true;
2608 [ # # ]: 0 : LogPrintf("Adding fixed seeds as 60 seconds have passed and addrman is empty for at least one reachable network\n");
2609 : : }
2610 : :
2611 : : // Perform cheap checks before locking a mutex.
2612 [ # # ]: 0 : else if (!dnsseed && !use_seednodes) {
2613 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
2614 [ # # ]: 0 : if (m_added_node_params.empty()) {
2615 : 0 : add_fixed_seeds_now = true;
2616 [ # # ]: 0 : LogPrintf("Adding fixed seeds as -dnsseed=0 (or IPv4/IPv6 connections are disabled via -onlynet) and neither -addnode nor -seednode are provided\n");
2617 : : }
2618 : 0 : }
2619 : :
2620 [ # # ]: 0 : if (add_fixed_seeds_now) {
2621 [ # # ]: 0 : std::vector<CAddress> seed_addrs{ConvertSeeds(m_params.FixedSeeds())};
2622 : : // We will not make outgoing connections to peers that are unreachable
2623 : : // (e.g. because of -onlynet configuration).
2624 : : // Therefore, we do not add them to addrman in the first place.
2625 : : // In case previously unreachable networks become reachable
2626 : : // (e.g. in case of -onlynet changes by the user), fixed seeds will
2627 : : // be loaded only for networks for which we have no addresses.
2628 [ # # ]: 0 : seed_addrs.erase(std::remove_if(seed_addrs.begin(), seed_addrs.end(),
2629 : 0 : [&fixed_seed_networks](const CAddress& addr) { return fixed_seed_networks.count(addr.GetNetwork()) == 0; }),
2630 [ # # ]: 0 : seed_addrs.end());
2631 [ # # ]: 0 : CNetAddr local;
2632 [ # # # # ]: 0 : local.SetInternal("fixedseeds");
2633 [ # # ]: 0 : addrman.Add(seed_addrs, local);
2634 : 0 : add_fixed_seeds = false;
2635 [ # # # # ]: 0 : LogPrintf("Added %d fixed seeds from reachable networks.\n", seed_addrs.size());
2636 : 0 : }
2637 : : }
2638 : :
2639 : : //
2640 : : // Choose an address to connect to based on most recently seen
2641 : : //
2642 [ # # ]: 0 : CAddress addrConnect;
2643 : :
2644 : : // Only connect out to one peer per ipv4/ipv6 network group (/16 for IPv4).
2645 : 0 : int nOutboundFullRelay = 0;
2646 : 0 : int nOutboundBlockRelay = 0;
2647 : 0 : int outbound_privacy_network_peers = 0;
2648 [ # # ]: 0 : std::set<std::vector<unsigned char>> outbound_ipv46_peer_netgroups;
2649 : :
2650 : 0 : {
2651 [ # # ]: 0 : LOCK(m_nodes_mutex);
2652 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2653 [ # # ]: 0 : if (pnode->IsFullOutboundConn()) nOutboundFullRelay++;
2654 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) nOutboundBlockRelay++;
2655 : :
2656 : : // Make sure our persistent outbound slots to ipv4/ipv6 peers belong to different netgroups.
2657 [ # # ]: 0 : switch (pnode->m_conn_type) {
2658 : : // We currently don't take inbound connections into account. Since they are
2659 : : // free to make, an attacker could make them to prevent us from connecting to
2660 : : // certain peers.
2661 : : case ConnectionType::INBOUND:
2662 : : // Short-lived outbound connections should not affect how we select outbound
2663 : : // peers from addrman.
2664 : : case ConnectionType::ADDR_FETCH:
2665 : : case ConnectionType::FEELER:
2666 : : break;
2667 : 0 : case ConnectionType::MANUAL:
2668 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
2669 : 0 : case ConnectionType::BLOCK_RELAY:
2670 : 0 : const CAddress address{pnode->addr};
2671 [ # # # # : 0 : if (address.IsTor() || address.IsI2P() || address.IsCJDNS()) {
# # ]
2672 : : // Since our addrman-groups for these networks are
2673 : : // random, without relation to the route we
2674 : : // take to connect to these peers or to the
2675 : : // difficulty in obtaining addresses with diverse
2676 : : // groups, we don't worry about diversity with
2677 : : // respect to our addrman groups when connecting to
2678 : : // these networks.
2679 : 0 : ++outbound_privacy_network_peers;
2680 : : } else {
2681 [ # # # # ]: 0 : outbound_ipv46_peer_netgroups.insert(m_netgroupman.GetGroup(address));
2682 : : }
2683 : : } // no default case, so the compiler can warn about missing cases
2684 : : }
2685 : 0 : }
2686 : :
2687 [ # # # # ]: 0 : if (!seed_nodes.empty() && nOutboundFullRelay < SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2688 [ # # ]: 0 : if (NodeClock::now() > seed_node_timer + ADD_NEXT_SEEDNODE) {
2689 : 0 : seed_node_timer = NodeClock::now();
2690 : 0 : add_addr_fetch = true;
2691 : : }
2692 : : }
2693 : :
2694 : 0 : ConnectionType conn_type = ConnectionType::OUTBOUND_FULL_RELAY;
2695 : 0 : auto now = GetTime<std::chrono::microseconds>();
2696 : 0 : bool anchor = false;
2697 : 0 : bool fFeeler = false;
2698 : 0 : std::optional<Network> preferred_net;
2699 : :
2700 : : // Determine what type of connection to open. Opening
2701 : : // BLOCK_RELAY connections to addresses from anchors.dat gets the highest
2702 : : // priority. Then we open OUTBOUND_FULL_RELAY priority until we
2703 : : // meet our full-relay capacity. Then we open BLOCK_RELAY connection
2704 : : // until we hit our block-relay-only peer limit.
2705 : : // GetTryNewOutboundPeer() gets set when a stale tip is detected, so we
2706 : : // try opening an additional OUTBOUND_FULL_RELAY connection. If none of
2707 : : // these conditions are met, check to see if it's time to try an extra
2708 : : // block-relay-only peer (to confirm our tip is current, see below) or the next_feeler
2709 : : // timer to decide if we should open a FEELER.
2710 : :
2711 [ # # # # ]: 0 : if (!m_anchors.empty() && (nOutboundBlockRelay < m_max_outbound_block_relay)) {
2712 : : conn_type = ConnectionType::BLOCK_RELAY;
2713 : : anchor = true;
2714 [ # # ]: 0 : } else if (nOutboundFullRelay < m_max_outbound_full_relay) {
2715 : : // OUTBOUND_FULL_RELAY
2716 [ # # ]: 0 : } else if (nOutboundBlockRelay < m_max_outbound_block_relay) {
2717 : : conn_type = ConnectionType::BLOCK_RELAY;
2718 [ # # # # ]: 0 : } else if (GetTryNewOutboundPeer()) {
2719 : : // OUTBOUND_FULL_RELAY
2720 [ # # # # ]: 0 : } else if (now > next_extra_block_relay && m_start_extra_block_relay_peers) {
2721 : : // Periodically connect to a peer (using regular outbound selection
2722 : : // methodology from addrman) and stay connected long enough to sync
2723 : : // headers, but not much else.
2724 : : //
2725 : : // Then disconnect the peer, if we haven't learned anything new.
2726 : : //
2727 : : // The idea is to make eclipse attacks very difficult to pull off,
2728 : : // because every few minutes we're finding a new peer to learn headers
2729 : : // from.
2730 : : //
2731 : : // This is similar to the logic for trying extra outbound (full-relay)
2732 : : // peers, except:
2733 : : // - we do this all the time on an exponential timer, rather than just when
2734 : : // our tip is stale
2735 : : // - we potentially disconnect our next-youngest block-relay-only peer, if our
2736 : : // newest block-relay-only peer delivers a block more recently.
2737 : : // See the eviction logic in net_processing.cpp.
2738 : : //
2739 : : // Because we can promote these connections to block-relay-only
2740 : : // connections, they do not get their own ConnectionType enum
2741 : : // (similar to how we deal with extra outbound peers).
2742 : 0 : next_extra_block_relay = now + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2743 : 0 : conn_type = ConnectionType::BLOCK_RELAY;
2744 [ # # ]: 0 : } else if (now > next_feeler) {
2745 : 0 : next_feeler = now + rng.rand_exp_duration(FEELER_INTERVAL);
2746 : 0 : conn_type = ConnectionType::FEELER;
2747 : 0 : fFeeler = true;
2748 [ # # ]: 0 : } else if (nOutboundFullRelay == m_max_outbound_full_relay &&
2749 [ # # ]: 0 : m_max_outbound_full_relay == MAX_OUTBOUND_FULL_RELAY_CONNECTIONS &&
2750 [ # # # # : 0 : now > next_extra_network_peer &&
# # ]
2751 [ # # ]: 0 : MaybePickPreferredNetwork(preferred_net)) {
2752 : : // Full outbound connection management: Attempt to get at least one
2753 : : // outbound peer from each reachable network by making extra connections
2754 : : // and then protecting "only" peers from a network during outbound eviction.
2755 : : // This is not attempted if the user changed -maxconnections to a value
2756 : : // so low that less than MAX_OUTBOUND_FULL_RELAY_CONNECTIONS are made,
2757 : : // to prevent interactions with otherwise protected outbound peers.
2758 : 0 : next_extra_network_peer = now + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL);
2759 : : } else {
2760 : : // skip to next iteration of while loop
2761 : 0 : continue;
2762 : : }
2763 : :
2764 [ # # ]: 0 : addrman.ResolveCollisions();
2765 : :
2766 : 0 : const auto current_time{NodeClock::now()};
2767 : 0 : int nTries = 0;
2768 [ # # ]: 0 : const auto reachable_nets{g_reachable_nets.All()};
2769 : :
2770 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2771 [ # # # # ]: 0 : if (anchor && !m_anchors.empty()) {
2772 : 0 : const CAddress addr = m_anchors.back();
2773 : 0 : m_anchors.pop_back();
2774 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr) || !g_reachable_nets.Contains(addr) ||
# # # # #
# # # #
# ]
2775 [ # # # # : 0 : !m_msgproc->HasAllDesirableServiceFlags(addr.nServices) ||
# # ]
2776 [ # # ]: 0 : outbound_ipv46_peer_netgroups.count(m_netgroupman.GetGroup(addr))) continue;
2777 : 0 : addrConnect = addr;
2778 [ # # # # : 0 : LogDebug(BCLog::NET, "Trying to make an anchor connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2779 : 0 : break;
2780 : 0 : }
2781 : :
2782 : : // If we didn't find an appropriate destination after trying 100 addresses fetched from addrman,
2783 : : // stop this loop, and let the outer loop run again (which sleeps, adds seed nodes, recalculates
2784 : : // already-connected network ranges, ...) before trying new addrman addresses.
2785 : 0 : nTries++;
2786 [ # # ]: 0 : if (nTries > 100)
2787 : : break;
2788 : :
2789 [ # # ]: 0 : CAddress addr;
2790 : 0 : NodeSeconds addr_last_try{0s};
2791 : :
2792 [ # # ]: 0 : if (fFeeler) {
2793 : : // First, try to get a tried table collision address. This returns
2794 : : // an empty (invalid) address if there are no collisions to try.
2795 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.SelectTriedCollision();
2796 : :
2797 [ # # # # ]: 0 : if (!addr.IsValid()) {
2798 : : // No tried table collisions. Select a new table address
2799 : : // for our feeler.
2800 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.Select(true, reachable_nets);
2801 [ # # # # ]: 0 : } else if (AlreadyConnectedToAddress(addr)) {
2802 : : // If test-before-evict logic would have us connect to a
2803 : : // peer that we're already connected to, just mark that
2804 : : // address as Good(). We won't be able to initiate the
2805 : : // connection anyway, so this avoids inadvertently evicting
2806 : : // a currently-connected peer.
2807 [ # # ]: 0 : addrman.Good(addr);
2808 : : // Select a new table address for our feeler instead.
2809 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.Select(true, reachable_nets);
2810 : : }
2811 : : } else {
2812 : : // Not a feeler
2813 : : // If preferred_net has a value set, pick an extra outbound
2814 : : // peer from that network. The eviction logic in net_processing
2815 : : // ensures that a peer from another network will be evicted.
2816 [ # # ]: 0 : std::tie(addr, addr_last_try) = preferred_net.has_value()
2817 [ # # # # : 0 : ? addrman.Select(false, {*preferred_net})
# # # # #
# ]
2818 [ # # ]: 0 : : addrman.Select(false, reachable_nets);
2819 : : }
2820 : :
2821 : : // Require outbound IPv4/IPv6 connections, other than feelers, to be to distinct network groups
2822 [ # # # # : 0 : if (!fFeeler && outbound_ipv46_peer_netgroups.count(m_netgroupman.GetGroup(addr))) {
# # # # ]
2823 : 0 : continue;
2824 : : }
2825 : :
2826 : : // if we selected an invalid or local address, restart
2827 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
2828 : : break;
2829 : : }
2830 : :
2831 [ # # # # ]: 0 : if (!g_reachable_nets.Contains(addr)) {
2832 : 0 : continue;
2833 : : }
2834 : :
2835 : : // only consider very recently tried nodes after 30 failed attempts
2836 [ # # # # ]: 0 : if (current_time - addr_last_try < 10min && nTries < 30) {
2837 : 0 : continue;
2838 : : }
2839 : :
2840 : : // for non-feelers, require all the services we'll want,
2841 : : // for feelers, only require they be a full node (only because most
2842 : : // SPV clients don't have a good address DB available)
2843 [ # # # # : 0 : if (!fFeeler && !m_msgproc->HasAllDesirableServiceFlags(addr.nServices)) {
# # ]
2844 : 0 : continue;
2845 [ # # # # ]: 0 : } else if (fFeeler && !MayHaveUsefulAddressDB(addr.nServices)) {
2846 : 0 : continue;
2847 : : }
2848 : :
2849 : : // Do not connect to bad ports, unless 50 invalid addresses have been selected already.
2850 [ # # # # : 0 : if (nTries < 50 && (addr.IsIPv4() || addr.IsIPv6()) && IsBadPort(addr.GetPort())) {
# # # # #
# # # ]
2851 : 0 : continue;
2852 : : }
2853 : :
2854 : : // Do not make automatic outbound connections to addnode peers, to
2855 : : // not use our limited outbound slots for them and to ensure
2856 : : // addnode connections benefit from their intended protections.
2857 [ # # # # ]: 0 : if (AddedNodesContain(addr)) {
2858 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Debug, "Not making automatic %s%s connection to %s peer selected for manual (addnode) connection%s\n",
# # # # #
# # # # #
# # # # #
# # # # #
# # ]
2859 : : preferred_net.has_value() ? "network-specific " : "",
2860 : : ConnectionTypeAsString(conn_type), GetNetworkName(addr.GetNetwork()),
2861 : : fLogIPs ? strprintf(": %s", addr.ToStringAddrPort()) : "");
2862 : 0 : continue;
2863 : 0 : }
2864 : :
2865 : 0 : addrConnect = addr;
2866 : : break;
2867 : 0 : }
2868 : :
2869 [ # # # # ]: 0 : if (addrConnect.IsValid()) {
2870 [ # # ]: 0 : if (fFeeler) {
2871 : : // Add small amount of random noise before connection to avoid synchronization.
2872 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(rng.rand_uniform_duration<CThreadInterrupt::Clock>(FEELER_SLEEP_WINDOW))) {
2873 : 0 : return;
2874 : : }
2875 [ # # # # : 0 : LogDebug(BCLog::NET, "Making feeler connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2876 : : }
2877 : :
2878 [ # # # # : 0 : if (preferred_net != std::nullopt) LogDebug(BCLog::NET, "Making network specific connection to %s on %s.\n", addrConnect.ToStringAddrPort(), GetNetworkName(preferred_net.value()));
# # # # #
# # # #
# ]
2879 : :
2880 : : // Record addrman failure attempts when node has at least 2 persistent outbound connections to peers with
2881 : : // different netgroups in ipv4/ipv6 networks + all peers in Tor/I2P/CJDNS networks.
2882 : : // Don't record addrman failure attempts when node is offline. This can be identified since all local
2883 : : // network connections (if any) belong in the same netgroup, and the size of `outbound_ipv46_peer_netgroups` would only be 1.
2884 [ # # ]: 0 : const bool count_failures{((int)outbound_ipv46_peer_netgroups.size() + outbound_privacy_network_peers) >= std::min(m_max_automatic_connections - 1, 2)};
2885 : : // Use BIP324 transport when both us and them have NODE_V2_P2P set.
2886 [ # # ]: 0 : const bool use_v2transport(addrConnect.nServices & GetLocalServices() & NODE_P2P_V2);
2887 [ # # ]: 0 : OpenNetworkConnection(addrConnect, count_failures, std::move(grant), /*pszDest=*/nullptr, conn_type, use_v2transport);
2888 : : }
2889 : 0 : }
2890 : 0 : }
2891 : :
2892 : 0 : std::vector<CAddress> CConnman::GetCurrentBlockRelayOnlyConns() const
2893 : : {
2894 : 0 : std::vector<CAddress> ret;
2895 [ # # ]: 0 : LOCK(m_nodes_mutex);
2896 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2897 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) {
2898 [ # # ]: 0 : ret.push_back(pnode->addr);
2899 : : }
2900 : : }
2901 : :
2902 [ # # ]: 0 : return ret;
2903 : 0 : }
2904 : :
2905 : 2715 : std::vector<AddedNodeInfo> CConnman::GetAddedNodeInfo(bool include_connected) const
2906 : : {
2907 : 2715 : std::vector<AddedNodeInfo> ret;
2908 : :
2909 [ + - ]: 2715 : std::list<AddedNodeParams> lAddresses(0);
2910 : 2715 : {
2911 [ + - ]: 2715 : LOCK(m_added_nodes_mutex);
2912 [ - + + - ]: 2715 : ret.reserve(m_added_node_params.size());
2913 [ + - ]: 2715 : std::copy(m_added_node_params.cbegin(), m_added_node_params.cend(), std::back_inserter(lAddresses));
2914 : 0 : }
2915 : :
2916 : :
2917 : : // Build a map of all already connected addresses (by IP:port and by name) to inbound/outbound and resolved CService
2918 [ + - ]: 2715 : std::map<CService, bool> mapConnected;
2919 : 2715 : std::map<std::string, std::pair<bool, CService>> mapConnectedByName;
2920 : 2715 : {
2921 [ + - ]: 2715 : LOCK(m_nodes_mutex);
2922 [ + + ]: 24735 : for (const CNode* pnode : m_nodes) {
2923 [ + - + + ]: 22020 : if (pnode->addr.IsValid()) {
2924 [ + - ]: 18006 : mapConnected[pnode->addr] = pnode->IsInboundConn();
2925 : : }
2926 [ - + ]: 22020 : std::string addrName{pnode->m_addr_name};
2927 [ + - ]: 22020 : if (!addrName.empty()) {
2928 [ + - ]: 22020 : mapConnectedByName[std::move(addrName)] = std::make_pair(pnode->IsInboundConn(), static_cast<const CService&>(pnode->addr));
2929 : : }
2930 : 22020 : }
2931 : 0 : }
2932 : :
2933 [ + + ]: 2791 : for (const auto& addr : lAddresses) {
2934 [ + - + - : 152 : CService service{MaybeFlipIPv6toCJDNS(LookupNumeric(addr.m_added_node, GetDefaultPort(addr.m_added_node)))};
+ - + - ]
2935 [ + - + - ]: 76 : AddedNodeInfo addedNode{addr, CService(), false, false};
2936 [ + - + + ]: 76 : if (service.IsValid()) {
2937 : : // strAddNode is an IP:port
2938 [ + - ]: 13 : auto it = mapConnected.find(service);
2939 [ - + ]: 13 : if (it != mapConnected.end()) {
2940 [ # # ]: 0 : if (!include_connected) {
2941 : 0 : continue;
2942 : : }
2943 : 0 : addedNode.resolvedAddress = service;
2944 : 0 : addedNode.fConnected = true;
2945 : 0 : addedNode.fInbound = it->second;
2946 : : }
2947 : : } else {
2948 : : // strAddNode is a name
2949 : 63 : auto it = mapConnectedByName.find(addr.m_added_node);
2950 [ + + ]: 63 : if (it != mapConnectedByName.end()) {
2951 [ + - ]: 1 : if (!include_connected) {
2952 : 1 : continue;
2953 : : }
2954 : 0 : addedNode.resolvedAddress = it->second.second;
2955 : 0 : addedNode.fConnected = true;
2956 : 0 : addedNode.fInbound = it->second.first;
2957 : : }
2958 : : }
2959 [ + - ]: 75 : ret.emplace_back(std::move(addedNode));
2960 : 76 : }
2961 : :
2962 : 2715 : return ret;
2963 : 2715 : }
2964 : :
2965 : 0 : void CConnman::ThreadOpenAddedConnections()
2966 : : {
2967 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2968 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2969 : 0 : while (true)
2970 : : {
2971 : 0 : CountingSemaphoreGrant<> grant(*semAddnode);
2972 [ # # ]: 0 : std::vector<AddedNodeInfo> vInfo = GetAddedNodeInfo(/*include_connected=*/false);
2973 : 0 : bool tried = false;
2974 [ # # ]: 0 : for (const AddedNodeInfo& info : vInfo) {
2975 [ # # ]: 0 : if (!grant) {
2976 : : // If we've used up our semaphore and need a new one, let's not wait here since while we are waiting
2977 : : // the addednodeinfo state might change.
2978 : : break;
2979 : : }
2980 : 0 : tried = true;
2981 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2982 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), info.m_params.m_added_node.c_str(), ConnectionType::MANUAL, info.m_params.m_use_v2transport);
2983 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) return;
2984 : 0 : grant = CountingSemaphoreGrant<>(*semAddnode, /*fTry=*/true);
2985 : 0 : }
2986 : : // See if any reconnections are desired.
2987 [ # # ]: 0 : PerformReconnections();
2988 : : // Retry every 60 seconds if a connection was attempted, otherwise two seconds
2989 [ # # # # : 0 : if (!m_interrupt_net->sleep_for(tried ? 60s : 2s)) {
# # ]
2990 : : return;
2991 : : }
2992 : 0 : }
2993 : : }
2994 : :
2995 : : // if successful, this moves the passed grant to the constructed node
2996 : 2556 : bool CConnman::OpenNetworkConnection(const CAddress& addrConnect,
2997 : : bool fCountFailure,
2998 : : CountingSemaphoreGrant<>&& grant_outbound,
2999 : : const char* pszDest,
3000 : : ConnectionType conn_type,
3001 : : bool use_v2transport,
3002 : : const std::optional<Proxy>& proxy_override)
3003 : : {
3004 : 2556 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3005 [ - + ]: 2556 : assert(conn_type != ConnectionType::INBOUND);
3006 : :
3007 : : //
3008 : : // Initiate outbound network connection
3009 : : //
3010 [ + + ]: 2556 : if (m_interrupt_net->interrupted()) {
3011 : : return false;
3012 : : }
3013 [ + + ]: 58 : if (!fNetworkActive) {
3014 : : return false;
3015 : : }
3016 [ + + ]: 50 : if (!pszDest) {
3017 [ - + - - : 34 : bool banned_or_discouraged = m_banman && (m_banman->IsDiscouraged(addrConnect) || m_banman->IsBanned(addrConnect));
- - ]
3018 [ + - + - : 34 : if (IsLocal(addrConnect) || banned_or_discouraged || AlreadyConnectedToAddress(addrConnect)) {
+ + ]
3019 : 1 : return false;
3020 : : }
3021 [ + - ]: 16 : } else if (AlreadyConnectedToHost(pszDest)) {
3022 : : return false;
3023 : : }
3024 : :
3025 [ + - ]: 49 : CNode* pnode = ConnectNode(addrConnect, pszDest, fCountFailure, conn_type, use_v2transport, proxy_override);
3026 : :
3027 [ + + ]: 49 : if (!pnode)
3028 : : return false;
3029 : 5 : pnode->grantOutbound = std::move(grant_outbound);
3030 : :
3031 : 5 : m_msgproc->InitializeNode(*pnode, m_local_services);
3032 : 5 : {
3033 : 5 : LOCK(m_nodes_mutex);
3034 [ + - ]: 5 : m_nodes.push_back(pnode);
3035 : :
3036 : : // update connection count by network
3037 [ + - + - ]: 5 : if (pnode->IsManualOrFullOutboundConn()) ++m_network_conn_counts[pnode->addr.GetNetwork()];
3038 : 5 : }
3039 : :
3040 : : TRACEPOINT(net, outbound_connection,
3041 : : pnode->GetId(),
3042 : : pnode->m_addr_name.c_str(),
3043 : : pnode->ConnectionTypeAsString().c_str(),
3044 : : pnode->ConnectedThroughNetwork(),
3045 : 5 : GetNodeCount(ConnectionDirection::Out));
3046 : :
3047 : 5 : return true;
3048 : : }
3049 : :
3050 : : Mutex NetEventsInterface::g_msgproc_mutex;
3051 : :
3052 : 0 : void CConnman::ThreadMessageHandler()
3053 : : {
3054 : 0 : LOCK(NetEventsInterface::g_msgproc_mutex);
3055 : :
3056 [ # # ]: 0 : while (!flagInterruptMsgProc)
3057 : : {
3058 : 0 : bool fMoreWork = false;
3059 : :
3060 : 0 : {
3061 : : // Randomize the order in which we process messages from/to our peers.
3062 : : // This prevents attacks in which an attacker exploits having multiple
3063 : : // consecutive connections in the m_nodes list.
3064 [ # # ]: 0 : const NodesSnapshot snap{*this, /*shuffle=*/true};
3065 : :
3066 [ # # ]: 0 : for (CNode* pnode : snap.Nodes()) {
3067 [ # # ]: 0 : if (pnode->fDisconnect)
3068 : 0 : continue;
3069 : :
3070 : : // Receive messages
3071 [ # # ]: 0 : bool fMoreNodeWork = m_msgproc->ProcessMessages(pnode, flagInterruptMsgProc);
3072 [ # # # # ]: 0 : fMoreWork |= (fMoreNodeWork && !pnode->fPauseSend);
3073 [ # # ]: 0 : if (flagInterruptMsgProc)
3074 : : return;
3075 : : // Send messages
3076 [ # # ]: 0 : m_msgproc->SendMessages(pnode);
3077 : :
3078 [ # # ]: 0 : if (flagInterruptMsgProc)
3079 : : return;
3080 : : }
3081 [ # # ]: 0 : }
3082 : :
3083 [ # # ]: 0 : WAIT_LOCK(mutexMsgProc, lock);
3084 [ # # ]: 0 : if (!fMoreWork) {
3085 [ # # # # ]: 0 : condMsgProc.wait_until(lock, std::chrono::steady_clock::now() + std::chrono::milliseconds(100), [this]() EXCLUSIVE_LOCKS_REQUIRED(mutexMsgProc) { return fMsgProcWake; });
3086 : : }
3087 [ # # ]: 0 : fMsgProcWake = false;
3088 : 0 : }
3089 : 0 : }
3090 : :
3091 : 0 : void CConnman::ThreadI2PAcceptIncoming()
3092 : : {
3093 : 0 : static constexpr auto err_wait_begin = 1s;
3094 : 0 : static constexpr auto err_wait_cap = 5min;
3095 : 0 : auto err_wait = err_wait_begin;
3096 : :
3097 : 0 : bool advertising_listen_addr = false;
3098 : 0 : i2p::Connection conn;
3099 : :
3100 : 0 : auto SleepOnFailure = [&]() {
3101 : 0 : m_interrupt_net->sleep_for(err_wait);
3102 [ # # ]: 0 : if (err_wait < err_wait_cap) {
3103 : 0 : err_wait += 1s;
3104 : : }
3105 : 0 : };
3106 : :
3107 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3108 : :
3109 [ # # # # ]: 0 : if (!m_i2p_sam_session->Listen(conn)) {
3110 [ # # # # : 0 : if (advertising_listen_addr && conn.me.IsValid()) {
# # ]
3111 [ # # ]: 0 : RemoveLocal(conn.me);
3112 : : advertising_listen_addr = false;
3113 : : }
3114 [ # # ]: 0 : SleepOnFailure();
3115 : 0 : continue;
3116 : : }
3117 : :
3118 [ # # ]: 0 : if (!advertising_listen_addr) {
3119 [ # # ]: 0 : AddLocal(conn.me, LOCAL_MANUAL);
3120 : : advertising_listen_addr = true;
3121 : : }
3122 : :
3123 [ # # # # ]: 0 : if (!m_i2p_sam_session->Accept(conn)) {
3124 [ # # ]: 0 : SleepOnFailure();
3125 : 0 : continue;
3126 : : }
3127 : :
3128 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(conn.sock), NetPermissionFlags::None, conn.me, conn.peer);
3129 : :
3130 : 0 : err_wait = err_wait_begin;
3131 : : }
3132 : 0 : }
3133 : :
3134 : 350 : bool CConnman::BindListenPort(const CService& addrBind, bilingual_str& strError, NetPermissionFlags permissions)
3135 : : {
3136 : 350 : int nOne = 1;
3137 : :
3138 : : // Create socket for listening for incoming connections
3139 : 350 : struct sockaddr_storage sockaddr;
3140 : 350 : socklen_t len = sizeof(sockaddr);
3141 [ + + ]: 350 : if (!addrBind.GetSockAddr((struct sockaddr*)&sockaddr, &len))
3142 : : {
3143 [ + - + - ]: 72 : strError = Untranslated(strprintf("Bind address family for %s not supported", addrBind.ToStringAddrPort()));
3144 [ + - ]: 36 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
3145 : 36 : return false;
3146 : : }
3147 : :
3148 : 314 : std::unique_ptr<Sock> sock = CreateSock(addrBind.GetSAFamily(), SOCK_STREAM, IPPROTO_TCP);
3149 [ - + ]: 314 : if (!sock) {
3150 [ # # # # : 0 : strError = Untranslated(strprintf("Couldn't open socket for incoming connections (socket returned error %s)", NetworkErrorString(WSAGetLastError())));
# # ]
3151 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
# # ]
3152 : 0 : return false;
3153 : : }
3154 : :
3155 : : // Allow binding if the port is still in TIME_WAIT state after
3156 : : // the program was closed and restarted.
3157 [ + - + + ]: 314 : if (sock->SetSockOpt(SOL_SOCKET, SO_REUSEADDR, &nOne, sizeof(int)) == SOCKET_ERROR) {
3158 [ + - + - : 384 : strError = Untranslated(strprintf("Error setting SO_REUSEADDR on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3159 [ + - ]: 192 : LogPrintf("%s\n", strError.original);
3160 : : }
3161 : :
3162 : : // some systems don't have IPV6_V6ONLY but are always v6only; others do have the option
3163 : : // and enable it by default or not. Try to enable it, if possible.
3164 [ + + ]: 314 : if (addrBind.IsIPv6()) {
3165 : : #ifdef IPV6_V6ONLY
3166 [ + - + + ]: 238 : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_V6ONLY, &nOne, sizeof(int)) == SOCKET_ERROR) {
3167 [ + - + - : 356 : strError = Untranslated(strprintf("Error setting IPV6_V6ONLY on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3168 [ + - ]: 178 : LogPrintf("%s\n", strError.original);
3169 : : }
3170 : : #endif
3171 : : #ifdef WIN32
3172 : : int nProtLevel = PROTECTION_LEVEL_UNRESTRICTED;
3173 : : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_PROTECTION_LEVEL, &nProtLevel, sizeof(int)) == SOCKET_ERROR) {
3174 : : strError = Untranslated(strprintf("Error setting IPV6_PROTECTION_LEVEL on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
3175 : : LogPrintf("%s\n", strError.original);
3176 : : }
3177 : : #endif
3178 : : }
3179 : :
3180 [ + - + + ]: 314 : if (sock->Bind(reinterpret_cast<struct sockaddr*>(&sockaddr), len) == SOCKET_ERROR) {
3181 : 186 : int nErr = WSAGetLastError();
3182 [ + + ]: 186 : if (nErr == WSAEADDRINUSE)
3183 [ + - + - ]: 22 : strError = strprintf(_("Unable to bind to %s on this computer. %s is probably already running."), addrBind.ToStringAddrPort(), CLIENT_NAME);
3184 : : else
3185 [ + - + - : 350 : strError = strprintf(_("Unable to bind to %s on this computer (bind returned error %s)"), addrBind.ToStringAddrPort(), NetworkErrorString(nErr));
+ - ]
3186 [ + - + - : 186 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
+ - ]
3187 : 186 : return false;
3188 : : }
3189 [ + - + - ]: 128 : LogPrintf("Bound to %s\n", addrBind.ToStringAddrPort());
3190 : :
3191 : : // Listen for incoming connections
3192 [ + - + + ]: 128 : if (sock->Listen(SOMAXCONN) == SOCKET_ERROR)
3193 : : {
3194 [ + - + - ]: 16 : strError = strprintf(_("Listening for incoming connections failed (listen returned error %s)"), NetworkErrorString(WSAGetLastError()));
3195 [ + - + - : 8 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
+ - ]
3196 : 8 : return false;
3197 : : }
3198 : :
3199 [ + - ]: 120 : vhListenSocket.emplace_back(std::move(sock), permissions);
3200 : : return true;
3201 : 314 : }
3202 : :
3203 : 0 : void Discover()
3204 : : {
3205 [ # # ]: 0 : if (!fDiscover)
3206 : : return;
3207 : :
3208 [ # # ]: 0 : for (const CNetAddr &addr: GetLocalAddresses()) {
3209 [ # # # # ]: 0 : if (AddLocal(addr, LOCAL_IF))
3210 [ # # # # ]: 0 : LogPrintf("%s: %s\n", __func__, addr.ToStringAddr());
3211 : : }
3212 : : }
3213 : :
3214 : 36762 : void CConnman::SetNetworkActive(bool active)
3215 : : {
3216 : 36762 : LogPrintf("%s: %s\n", __func__, active);
3217 : :
3218 [ + + ]: 36762 : if (fNetworkActive == active) {
3219 : : return;
3220 : : }
3221 : :
3222 [ - + ]: 1762 : fNetworkActive = active;
3223 : :
3224 [ - + ]: 1762 : if (m_client_interface) {
3225 : 0 : m_client_interface->NotifyNetworkActiveChanged(fNetworkActive);
3226 : : }
3227 : : }
3228 : :
3229 : 2730 : CConnman::CConnman(uint64_t nSeed0In,
3230 : : uint64_t nSeed1In,
3231 : : AddrMan& addrman_in,
3232 : : const NetGroupManager& netgroupman,
3233 : : const CChainParams& params,
3234 : : bool network_active,
3235 : 2730 : std::shared_ptr<CThreadInterrupt> interrupt_net)
3236 : 2730 : : addrman(addrman_in)
3237 [ + - ]: 2730 : , m_netgroupman{netgroupman}
3238 : 2730 : , nSeed0(nSeed0In)
3239 : 2730 : , nSeed1(nSeed1In)
3240 [ + - - - ]: 2730 : , m_interrupt_net{interrupt_net}
3241 [ + - + - : 5460 : , m_params(params)
+ - + - ]
3242 : : {
3243 [ + - ]: 2730 : SetTryNewOutboundPeer(false);
3244 : :
3245 : 2730 : Options connOptions;
3246 [ + - ]: 2730 : Init(connOptions);
3247 [ + - ]: 2730 : SetNetworkActive(network_active);
3248 : 2730 : }
3249 : :
3250 : 5 : NodeId CConnman::GetNewNodeId()
3251 : : {
3252 : 5 : return nLastNodeId.fetch_add(1, std::memory_order_relaxed);
3253 : : }
3254 : :
3255 : 0 : uint16_t CConnman::GetDefaultPort(Network net) const
3256 : : {
3257 [ # # ]: 0 : return net == NET_I2P ? I2P_SAM31_PORT : m_params.GetDefaultPort();
3258 : : }
3259 : :
3260 : 826 : uint16_t CConnman::GetDefaultPort(const std::string& addr) const
3261 : : {
3262 : 826 : CNetAddr a;
3263 [ - + + - : 826 : return a.SetSpecial(addr) ? GetDefaultPort(a.GetNetwork()) : m_params.GetDefaultPort();
- + - - -
- ]
3264 : 826 : }
3265 : :
3266 : 350 : bool CConnman::Bind(const CService& addr_, unsigned int flags, NetPermissionFlags permissions)
3267 : : {
3268 : 350 : const CService addr{MaybeFlipIPv6toCJDNS(addr_)};
3269 : :
3270 [ + - ]: 350 : bilingual_str strError;
3271 [ + - + + ]: 350 : if (!BindListenPort(addr, strError, permissions)) {
3272 [ + - - + ]: 230 : if ((flags & BF_REPORT_ERROR) && m_client_interface) {
3273 [ # # # # ]: 0 : m_client_interface->ThreadSafeMessageBox(strError, "", CClientUIInterface::MSG_ERROR);
3274 : : }
3275 : 230 : return false;
3276 : : }
3277 : :
3278 [ + - + + : 120 : if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::NoBan)) {
+ - + + +
+ ]
3279 [ + - ]: 84 : AddLocal(addr, LOCAL_BIND);
3280 : : }
3281 : :
3282 : : return true;
3283 : 350 : }
3284 : :
3285 : 251 : bool CConnman::InitBinds(const Options& options)
3286 : : {
3287 [ + + ]: 334 : for (const auto& addrBind : options.vBinds) {
3288 [ + + ]: 291 : if (!Bind(addrBind, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3289 : : return false;
3290 : : }
3291 : : }
3292 [ + + ]: 73 : for (const auto& addrBind : options.vWhiteBinds) {
3293 [ + + ]: 46 : if (!Bind(addrBind.m_service, BF_REPORT_ERROR, addrBind.m_flags)) {
3294 : : return false;
3295 : : }
3296 : : }
3297 [ + + ]: 28 : for (const auto& addr_bind : options.onion_binds) {
3298 [ + + ]: 7 : if (!Bind(addr_bind, BF_REPORT_ERROR | BF_DONT_ADVERTISE, NetPermissionFlags::None)) {
3299 : : return false;
3300 : : }
3301 : : }
3302 [ + + ]: 21 : if (options.bind_on_any) {
3303 : : // Don't consider errors to bind on IPv6 "::" fatal because the host OS
3304 : : // may not have IPv6 support and the user did not explicitly ask us to
3305 : : // bind on that.
3306 : 3 : const CService ipv6_any{in6_addr(IN6ADDR_ANY_INIT), GetListenPort()}; // ::
3307 [ + - ]: 3 : Bind(ipv6_any, BF_NONE, NetPermissionFlags::None);
3308 : :
3309 : 3 : struct in_addr inaddr_any;
3310 : 3 : inaddr_any.s_addr = htonl(INADDR_ANY);
3311 [ + - + - ]: 3 : const CService ipv4_any{inaddr_any, GetListenPort()}; // 0.0.0.0
3312 [ + - - + ]: 3 : if (!Bind(ipv4_any, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3313 : 0 : return false;
3314 : : }
3315 : 3 : }
3316 : : return true;
3317 : : }
3318 : :
3319 : 0 : bool CConnman::Start(CScheduler& scheduler, const Options& connOptions)
3320 : : {
3321 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3322 : 0 : Init(connOptions);
3323 : :
3324 [ # # # # ]: 0 : if (fListen && !InitBinds(connOptions)) {
3325 [ # # ]: 0 : if (m_client_interface) {
3326 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3327 [ # # ]: 0 : _("Failed to listen on any port. Use -listen=0 if you want this."),
3328 : 0 : "", CClientUIInterface::MSG_ERROR);
3329 : : }
3330 : 0 : return false;
3331 : : }
3332 : :
3333 : 0 : Proxy i2p_sam;
3334 [ # # # # : 0 : if (GetProxy(NET_I2P, i2p_sam) && connOptions.m_i2p_accept_incoming) {
# # ]
3335 [ # # # # ]: 0 : m_i2p_sam_session = std::make_unique<i2p::sam::Session>(gArgs.GetDataDirNet() / "i2p_private_key",
3336 [ # # ]: 0 : i2p_sam, m_interrupt_net);
3337 : : }
3338 : :
3339 : : // Randomize the order in which we may query seednode to potentially prevent connecting to the same one every restart (and signal that we have restarted)
3340 [ # # ]: 0 : std::vector<std::string> seed_nodes = connOptions.vSeedNodes;
3341 [ # # ]: 0 : if (!seed_nodes.empty()) {
3342 : 0 : std::shuffle(seed_nodes.begin(), seed_nodes.end(), FastRandomContext{});
3343 : : }
3344 : :
3345 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3346 : : // Load addresses from anchors.dat
3347 [ # # # # : 0 : m_anchors = ReadAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME);
# # ]
3348 [ # # # # ]: 0 : if (m_anchors.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3349 [ # # ]: 0 : m_anchors.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3350 : : }
3351 [ # # # # ]: 0 : LogPrintf("%i block-relay-only anchors will be tried for connections.\n", m_anchors.size());
3352 : : }
3353 : :
3354 [ # # ]: 0 : if (m_client_interface) {
3355 [ # # # # ]: 0 : m_client_interface->InitMessage(_("Starting network threads…"));
3356 : : }
3357 : :
3358 : 0 : fAddressesInitialized = true;
3359 : :
3360 [ # # ]: 0 : if (semOutbound == nullptr) {
3361 : : // initialize semaphore
3362 [ # # # # ]: 0 : semOutbound = std::make_unique<std::counting_semaphore<>>(std::min(m_max_automatic_outbound, m_max_automatic_connections));
3363 : : }
3364 [ # # ]: 0 : if (semAddnode == nullptr) {
3365 : : // initialize semaphore
3366 [ # # ]: 0 : semAddnode = std::make_unique<std::counting_semaphore<>>(m_max_addnode);
3367 : : }
3368 : :
3369 : : //
3370 : : // Start threads
3371 : : //
3372 [ # # ]: 0 : assert(m_msgproc);
3373 [ # # ]: 0 : m_interrupt_net->reset();
3374 [ # # ]: 0 : flagInterruptMsgProc = false;
3375 : :
3376 : 0 : {
3377 [ # # ]: 0 : LOCK(mutexMsgProc);
3378 [ # # ]: 0 : fMsgProcWake = false;
3379 : 0 : }
3380 : :
3381 : : // Send and receive from sockets, accept connections
3382 [ # # ]: 0 : threadSocketHandler = std::thread(&util::TraceThread, "net", [this] { ThreadSocketHandler(); });
3383 : :
3384 [ # # # # : 0 : if (!gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED))
# # ]
3385 [ # # ]: 0 : LogPrintf("DNS seeding disabled\n");
3386 : : else
3387 [ # # ]: 0 : threadDNSAddressSeed = std::thread(&util::TraceThread, "dnsseed", [this] { ThreadDNSAddressSeed(); });
3388 : :
3389 : : // Initiate manual connections
3390 [ # # ]: 0 : threadOpenAddedConnections = std::thread(&util::TraceThread, "addcon", [this] { ThreadOpenAddedConnections(); });
3391 : :
3392 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing && !connOptions.m_specified_outgoing.empty()) {
3393 [ # # ]: 0 : if (m_client_interface) {
3394 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3395 [ # # ]: 0 : _("Cannot provide specific connections and have addrman find outgoing connections at the same time."),
3396 [ # # ]: 0 : "", CClientUIInterface::MSG_ERROR);
3397 : : }
3398 : 0 : return false;
3399 : : }
3400 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing || !connOptions.m_specified_outgoing.empty()) {
3401 : 0 : threadOpenConnections = std::thread(
3402 [ # # ]: 0 : &util::TraceThread, "opencon",
3403 [ # # # # : 0 : [this, connect = connOptions.m_specified_outgoing, seed_nodes = std::move(seed_nodes)] { ThreadOpenConnections(connect, seed_nodes); });
# # # # ]
3404 : : }
3405 : :
3406 : : // Process messages
3407 [ # # ]: 0 : threadMessageHandler = std::thread(&util::TraceThread, "msghand", [this] { ThreadMessageHandler(); });
3408 : :
3409 [ # # ]: 0 : if (m_i2p_sam_session) {
3410 : 0 : threadI2PAcceptIncoming =
3411 [ # # ]: 0 : std::thread(&util::TraceThread, "i2paccept", [this] { ThreadI2PAcceptIncoming(); });
3412 : : }
3413 : :
3414 : : // Dump network addresses
3415 [ # # ]: 0 : scheduler.scheduleEvery([this] { DumpAddresses(); }, DUMP_PEERS_INTERVAL);
3416 : :
3417 : : // Run the ASMap Health check once and then schedule it to run every 24h.
3418 [ # # # # ]: 0 : if (m_netgroupman.UsingASMap()) {
3419 [ # # ]: 0 : ASMapHealthCheck();
3420 [ # # ]: 0 : scheduler.scheduleEvery([this] { ASMapHealthCheck(); }, ASMAP_HEALTH_CHECK_INTERVAL);
3421 : : }
3422 : :
3423 : : return true;
3424 : 0 : }
3425 : :
3426 : : class CNetCleanup
3427 : : {
3428 : : public:
3429 : : CNetCleanup() = default;
3430 : :
3431 : : ~CNetCleanup()
3432 : : {
3433 : : #ifdef WIN32
3434 : : // Shutdown Windows Sockets
3435 : : WSACleanup();
3436 : : #endif
3437 : : }
3438 : : };
3439 : : static CNetCleanup instance_of_cnetcleanup;
3440 : :
3441 : 2730 : void CConnman::Interrupt()
3442 : : {
3443 : 2730 : {
3444 : 2730 : LOCK(mutexMsgProc);
3445 [ + - ]: 2730 : flagInterruptMsgProc = true;
3446 : 2730 : }
3447 : 2730 : condMsgProc.notify_all();
3448 : :
3449 : 2730 : (*m_interrupt_net)();
3450 : 2730 : g_socks5_interrupt();
3451 : :
3452 [ - + ]: 2730 : if (semOutbound) {
3453 [ # # ]: 0 : for (int i=0; i<m_max_automatic_outbound; i++) {
3454 : 0 : semOutbound->release();
3455 : : }
3456 : : }
3457 : :
3458 [ - + ]: 2730 : if (semAddnode) {
3459 [ # # ]: 0 : for (int i=0; i<m_max_addnode; i++) {
3460 : 0 : semAddnode->release();
3461 : : }
3462 : : }
3463 : 2730 : }
3464 : :
3465 : 2730 : void CConnman::StopThreads()
3466 : : {
3467 [ - + ]: 2730 : if (threadI2PAcceptIncoming.joinable()) {
3468 : 0 : threadI2PAcceptIncoming.join();
3469 : : }
3470 [ - + ]: 2730 : if (threadMessageHandler.joinable())
3471 : 0 : threadMessageHandler.join();
3472 [ - + ]: 2730 : if (threadOpenConnections.joinable())
3473 : 0 : threadOpenConnections.join();
3474 [ - + ]: 2730 : if (threadOpenAddedConnections.joinable())
3475 : 0 : threadOpenAddedConnections.join();
3476 [ - + ]: 2730 : if (threadDNSAddressSeed.joinable())
3477 : 0 : threadDNSAddressSeed.join();
3478 [ - + ]: 2730 : if (threadSocketHandler.joinable())
3479 : 0 : threadSocketHandler.join();
3480 : 2730 : }
3481 : :
3482 : 12018 : void CConnman::StopNodes()
3483 : : {
3484 [ - + ]: 12018 : if (fAddressesInitialized) {
3485 : 0 : DumpAddresses();
3486 : 0 : fAddressesInitialized = false;
3487 : :
3488 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3489 : : // Anchor connections are only dumped during clean shutdown.
3490 : 0 : std::vector<CAddress> anchors_to_dump = GetCurrentBlockRelayOnlyConns();
3491 [ # # # # ]: 0 : if (anchors_to_dump.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3492 [ # # ]: 0 : anchors_to_dump.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3493 : : }
3494 [ # # # # : 0 : DumpAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME, anchors_to_dump);
# # ]
3495 : 0 : }
3496 : : }
3497 : :
3498 : : // Delete peer connections.
3499 : 12018 : std::vector<CNode*> nodes;
3500 [ + - + - ]: 24036 : WITH_LOCK(m_nodes_mutex, nodes.swap(m_nodes));
3501 [ + + ]: 26662 : for (CNode* pnode : nodes) {
3502 [ + - - + : 14644 : LogDebug(BCLog::NET, "Stopping node, %s", pnode->DisconnectMsg(fLogIPs));
- - - - ]
3503 [ + - ]: 14644 : pnode->CloseSocketDisconnect();
3504 [ + - ]: 14644 : DeleteNode(pnode);
3505 : : }
3506 : :
3507 [ - + ]: 12018 : for (CNode* pnode : m_nodes_disconnected) {
3508 [ # # ]: 0 : DeleteNode(pnode);
3509 : : }
3510 : 12018 : m_nodes_disconnected.clear();
3511 : 12018 : vhListenSocket.clear();
3512 [ - + ]: 12018 : semOutbound.reset();
3513 [ - + ]: 12018 : semAddnode.reset();
3514 : 12018 : }
3515 : :
3516 : 14644 : void CConnman::DeleteNode(CNode* pnode)
3517 : : {
3518 [ - + ]: 14644 : assert(pnode);
3519 : 14644 : m_msgproc->FinalizeNode(*pnode);
3520 : 14644 : delete pnode;
3521 : 14644 : }
3522 : :
3523 [ + - ]: 2730 : CConnman::~CConnman()
3524 : : {
3525 : 2730 : Interrupt();
3526 : 2730 : Stop();
3527 : 5460 : }
3528 : :
3529 : 8643 : std::vector<CAddress> CConnman::GetAddressesUnsafe(size_t max_addresses, size_t max_pct, std::optional<Network> network, const bool filtered) const
3530 : : {
3531 : 8643 : std::vector<CAddress> addresses = addrman.GetAddr(max_addresses, max_pct, network, filtered);
3532 [ - + ]: 8643 : if (m_banman) {
3533 [ # # ]: 0 : addresses.erase(std::remove_if(addresses.begin(), addresses.end(),
3534 [ # # # # ]: 0 : [this](const CAddress& addr){return m_banman->IsDiscouraged(addr) || m_banman->IsBanned(addr);}),
3535 [ # # ]: 0 : addresses.end());
3536 : : }
3537 : 8643 : return addresses;
3538 : 0 : }
3539 : :
3540 : 675 : std::vector<CAddress> CConnman::GetAddresses(CNode& requestor, size_t max_addresses, size_t max_pct)
3541 : : {
3542 : 675 : auto local_socket_bytes = requestor.addrBind.GetAddrBytes();
3543 : 675 : uint64_t network_id = requestor.m_network_key;
3544 : 675 : const auto current_time = GetTime<std::chrono::microseconds>();
3545 [ + - ]: 675 : auto r = m_addr_response_caches.emplace(network_id, CachedAddrResponse{});
3546 [ + + ]: 675 : CachedAddrResponse& cache_entry = r.first->second;
3547 [ + + ]: 675 : if (cache_entry.m_cache_entry_expiration < current_time) { // If emplace() added new one it has expiration 0.
3548 [ + - ]: 260 : cache_entry.m_addrs_response_cache = GetAddressesUnsafe(max_addresses, max_pct, /*network=*/std::nullopt);
3549 : : // Choosing a proper cache lifetime is a trade-off between the privacy leak minimization
3550 : : // and the usefulness of ADDR responses to honest users.
3551 : : //
3552 : : // Longer cache lifetime makes it more difficult for an attacker to scrape
3553 : : // enough AddrMan data to maliciously infer something useful.
3554 : : // By the time an attacker scraped enough AddrMan records, most of
3555 : : // the records should be old enough to not leak topology info by
3556 : : // e.g. analyzing real-time changes in timestamps.
3557 : : //
3558 : : // It takes only several hundred requests to scrape everything from an AddrMan containing 100,000 nodes,
3559 : : // so ~24 hours of cache lifetime indeed makes the data less inferable by the time
3560 : : // most of it could be scraped (considering that timestamps are updated via
3561 : : // ADDR self-announcements and when nodes communicate).
3562 : : // We also should be robust to those attacks which may not require scraping *full* victim's AddrMan
3563 : : // (because even several timestamps of the same handful of nodes may leak privacy).
3564 : : //
3565 : : // On the other hand, longer cache lifetime makes ADDR responses
3566 : : // outdated and less useful for an honest requestor, e.g. if most nodes
3567 : : // in the ADDR response are no longer active.
3568 : : //
3569 : : // However, the churn in the network is known to be rather low. Since we consider
3570 : : // nodes to be "terrible" (see IsTerrible()) if the timestamps are older than 30 days,
3571 : : // max. 24 hours of "penalty" due to cache shouldn't make any meaningful difference
3572 : : // in terms of the freshness of the response.
3573 : 260 : cache_entry.m_cache_entry_expiration = current_time +
3574 : 260 : 21h + FastRandomContext().randrange<std::chrono::microseconds>(6h);
3575 : : }
3576 [ + - ]: 675 : return cache_entry.m_addrs_response_cache;
3577 : 675 : }
3578 : :
3579 : 663 : bool CConnman::AddNode(const AddedNodeParams& add)
3580 : : {
3581 [ + - + - ]: 663 : const CService resolved(LookupNumeric(add.m_added_node, GetDefaultPort(add.m_added_node)));
3582 [ + - ]: 663 : const bool resolved_is_valid{resolved.IsValid()};
3583 : :
3584 [ + - ]: 663 : LOCK(m_added_nodes_mutex);
3585 [ + + ]: 807 : for (const auto& it : m_added_node_params) {
3586 [ + + + + : 858 : if (add.m_added_node == it.m_added_node || (resolved_is_valid && resolved == LookupNumeric(it.m_added_node, GetDefaultPort(it.m_added_node)))) return false;
+ - + - +
- + - + +
+ + + + -
- - - ]
3587 : : }
3588 : :
3589 [ + - ]: 91 : m_added_node_params.push_back(add);
3590 : : return true;
3591 : 663 : }
3592 : :
3593 : 654 : bool CConnman::RemoveAddedNode(std::string_view node)
3594 : : {
3595 : 654 : LOCK(m_added_nodes_mutex);
3596 [ + + ]: 659 : for (auto it = m_added_node_params.begin(); it != m_added_node_params.end(); ++it) {
3597 [ - + + + ]: 20 : if (node == it->m_added_node) {
3598 : 15 : m_added_node_params.erase(it);
3599 : 15 : return true;
3600 : : }
3601 : : }
3602 : : return false;
3603 : 654 : }
3604 : :
3605 : 0 : bool CConnman::AddedNodesContain(const CAddress& addr) const
3606 : : {
3607 : 0 : AssertLockNotHeld(m_added_nodes_mutex);
3608 : 0 : const std::string addr_str{addr.ToStringAddr()};
3609 [ # # ]: 0 : const std::string addr_port_str{addr.ToStringAddrPort()};
3610 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
3611 [ # # ]: 0 : return (m_added_node_params.size() < 24 // bound the query to a reasonable limit
3612 [ # # # # ]: 0 : && std::any_of(m_added_node_params.cbegin(), m_added_node_params.cend(),
3613 [ # # # # : 0 : [&](const auto& p) { return p.m_added_node == addr_str || p.m_added_node == addr_port_str; }));
# # ]
3614 : 0 : }
3615 : :
3616 : 2644 : size_t CConnman::GetNodeCount(ConnectionDirection flags) const
3617 : : {
3618 : 2644 : LOCK(m_nodes_mutex);
3619 [ + + ]: 2644 : if (flags == ConnectionDirection::Both) // Shortcut if we want total
3620 [ - + ]: 1597 : return m_nodes.size();
3621 : :
3622 : 1047 : int nNum = 0;
3623 [ + + ]: 26342 : for (const auto& pnode : m_nodes) {
3624 [ + + + + ]: 50526 : if (flags & (pnode->IsInboundConn() ? ConnectionDirection::In : ConnectionDirection::Out)) {
3625 : 1301 : nNum++;
3626 : : }
3627 : : }
3628 : :
3629 : 1047 : return nNum;
3630 : 2644 : }
3631 : :
3632 : :
3633 : 0 : std::map<CNetAddr, LocalServiceInfo> CConnman::getNetLocalAddresses() const
3634 : : {
3635 : 0 : LOCK(g_maplocalhost_mutex);
3636 [ # # # # ]: 0 : return mapLocalHost;
3637 : 0 : }
3638 : :
3639 : 36296 : uint32_t CConnman::GetMappedAS(const CNetAddr& addr) const
3640 : : {
3641 : 36296 : return m_netgroupman.GetMappedAS(addr);
3642 : : }
3643 : :
3644 : 2708 : void CConnman::GetNodeStats(std::vector<CNodeStats>& vstats) const
3645 : : {
3646 : 2708 : vstats.clear();
3647 : 2708 : LOCK(m_nodes_mutex);
3648 [ - + + - ]: 2708 : vstats.reserve(m_nodes.size());
3649 [ + + ]: 24728 : for (CNode* pnode : m_nodes) {
3650 [ + - ]: 22020 : vstats.emplace_back();
3651 [ + - ]: 22020 : pnode->CopyStats(vstats.back());
3652 [ + - ]: 22020 : vstats.back().m_mapped_as = GetMappedAS(pnode->addr);
3653 : : }
3654 : 2708 : }
3655 : :
3656 : 411 : bool CConnman::DisconnectNode(std::string_view strNode)
3657 : : {
3658 : 411 : LOCK(m_nodes_mutex);
3659 [ - + ]: 26385 : auto it = std::ranges::find_if(m_nodes, [&strNode](CNode* node) { return node->m_addr_name == strNode; });
3660 [ - + ]: 411 : if (it != m_nodes.end()) {
3661 : 0 : CNode* node{*it};
3662 [ # # # # : 0 : LogDebug(BCLog::NET, "disconnect by address%s match, %s", (fLogIPs ? strprintf("=%s", strNode) : ""), node->DisconnectMsg(fLogIPs));
# # # # #
# # # #
# ]
3663 : 0 : node->fDisconnect = true;
3664 : 0 : return true;
3665 : : }
3666 : : return false;
3667 : 411 : }
3668 : :
3669 : 976 : bool CConnman::DisconnectNode(const CSubNet& subnet)
3670 : : {
3671 : 976 : bool disconnected = false;
3672 : 976 : LOCK(m_nodes_mutex);
3673 [ + + ]: 40342 : for (CNode* pnode : m_nodes) {
3674 [ + - + + ]: 39366 : if (subnet.Match(pnode->addr)) {
3675 [ + - - + : 73 : LogDebug(BCLog::NET, "disconnect by subnet%s match, %s", (fLogIPs ? strprintf("=%s", subnet.ToString()) : ""), pnode->DisconnectMsg(fLogIPs));
- - - - -
- - - - -
- - - - -
- ]
3676 : 73 : pnode->fDisconnect = true;
3677 : 73 : disconnected = true;
3678 : : }
3679 : : }
3680 [ + - ]: 976 : return disconnected;
3681 : 976 : }
3682 : :
3683 : 805 : bool CConnman::DisconnectNode(const CNetAddr& addr)
3684 : : {
3685 [ + - ]: 805 : return DisconnectNode(CSubNet(addr));
3686 : : }
3687 : :
3688 : 2568 : bool CConnman::DisconnectNode(NodeId id)
3689 : : {
3690 : 2568 : LOCK(m_nodes_mutex);
3691 [ + + ]: 157294 : for(CNode* pnode : m_nodes) {
3692 [ + + ]: 154750 : if (id == pnode->GetId()) {
3693 [ + - - + : 24 : LogDebug(BCLog::NET, "disconnect by id, %s", pnode->DisconnectMsg(fLogIPs));
- - - - ]
3694 : 24 : pnode->fDisconnect = true;
3695 : 24 : return true;
3696 : : }
3697 : : }
3698 : : return false;
3699 : 2568 : }
3700 : :
3701 : 17 : void CConnman::RecordBytesRecv(uint64_t bytes)
3702 : : {
3703 : 17 : nTotalBytesRecv += bytes;
3704 : 17 : }
3705 : :
3706 : 51291 : void CConnman::RecordBytesSent(uint64_t bytes)
3707 : : {
3708 : 51291 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3709 : 51291 : LOCK(m_total_bytes_sent_mutex);
3710 : :
3711 : 51291 : nTotalBytesSent += bytes;
3712 : :
3713 : 51291 : const auto now = GetTime<std::chrono::seconds>();
3714 [ + + ]: 51291 : if (nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME < now)
3715 : : {
3716 : : // timeframe expired, reset cycle
3717 : 7581 : nMaxOutboundCycleStartTime = now;
3718 : 7581 : nMaxOutboundTotalBytesSentInCycle = 0;
3719 : : }
3720 : :
3721 [ + - ]: 51291 : nMaxOutboundTotalBytesSentInCycle += bytes;
3722 : 51291 : }
3723 : :
3724 : 2708 : uint64_t CConnman::GetMaxOutboundTarget() const
3725 : : {
3726 : 2708 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3727 : 2708 : LOCK(m_total_bytes_sent_mutex);
3728 [ + - ]: 2708 : return nMaxOutboundLimit;
3729 : 2708 : }
3730 : :
3731 : 2708 : std::chrono::seconds CConnman::GetMaxOutboundTimeframe() const
3732 : : {
3733 : 2708 : return MAX_UPLOAD_TIMEFRAME;
3734 : : }
3735 : :
3736 : 2708 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle() const
3737 : : {
3738 : 2708 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3739 : 2708 : LOCK(m_total_bytes_sent_mutex);
3740 [ + - ]: 2708 : return GetMaxOutboundTimeLeftInCycle_();
3741 : 2708 : }
3742 : :
3743 : 32615 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle_() const
3744 : : {
3745 : 32615 : AssertLockHeld(m_total_bytes_sent_mutex);
3746 : :
3747 [ + + ]: 32615 : if (nMaxOutboundLimit == 0)
3748 : 1178 : return 0s;
3749 : :
3750 [ + + ]: 31437 : if (nMaxOutboundCycleStartTime.count() == 0)
3751 : 30897 : return MAX_UPLOAD_TIMEFRAME;
3752 : :
3753 : 540 : const std::chrono::seconds cycleEndTime = nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME;
3754 : 540 : const auto now = GetTime<std::chrono::seconds>();
3755 [ + + ]: 540 : return (cycleEndTime < now) ? 0s : cycleEndTime - now;
3756 : : }
3757 : :
3758 : 34508 : bool CConnman::OutboundTargetReached(bool historicalBlockServingLimit) const
3759 : : {
3760 : 34508 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3761 : 34508 : LOCK(m_total_bytes_sent_mutex);
3762 [ + + ]: 34508 : if (nMaxOutboundLimit == 0)
3763 : : return false;
3764 : :
3765 [ + + ]: 29947 : if (historicalBlockServingLimit)
3766 : : {
3767 : : // keep a large enough buffer to at least relay each block once
3768 [ + - ]: 29907 : const std::chrono::seconds timeLeftInCycle = GetMaxOutboundTimeLeftInCycle_();
3769 : 29907 : const uint64_t buffer = timeLeftInCycle / std::chrono::minutes{10} * MAX_BLOCK_SERIALIZED_SIZE;
3770 [ + + - + ]: 29907 : if (buffer >= nMaxOutboundLimit || nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit - buffer)
3771 : 92 : return true;
3772 : : }
3773 [ - + ]: 40 : else if (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit)
3774 : 0 : return true;
3775 : :
3776 : : return false;
3777 : 34508 : }
3778 : :
3779 : 2708 : uint64_t CConnman::GetOutboundTargetBytesLeft() const
3780 : : {
3781 : 2708 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3782 : 2708 : LOCK(m_total_bytes_sent_mutex);
3783 [ + + ]: 2708 : if (nMaxOutboundLimit == 0)
3784 : : return 0;
3785 : :
3786 [ + + ]: 1530 : return (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) ? 0 : nMaxOutboundLimit - nMaxOutboundTotalBytesSentInCycle;
3787 : 2708 : }
3788 : :
3789 : 2708 : uint64_t CConnman::GetTotalBytesRecv() const
3790 : : {
3791 : 2708 : return nTotalBytesRecv;
3792 : : }
3793 : :
3794 : 2708 : uint64_t CConnman::GetTotalBytesSent() const
3795 : : {
3796 : 2708 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3797 : 2708 : LOCK(m_total_bytes_sent_mutex);
3798 [ + - ]: 2708 : return nTotalBytesSent;
3799 : 2708 : }
3800 : :
3801 : 8169 : ServiceFlags CConnman::GetLocalServices() const
3802 : : {
3803 : 8169 : return m_local_services;
3804 : : }
3805 : :
3806 : 41954 : static std::unique_ptr<Transport> MakeTransport(NodeId id, bool use_v2transport, bool inbound) noexcept
3807 : : {
3808 [ + + ]: 41954 : if (use_v2transport) {
3809 [ - + ]: 4 : return std::make_unique<V2Transport>(id, /*initiating=*/!inbound);
3810 : : } else {
3811 [ - + ]: 41950 : return std::make_unique<V1Transport>(id);
3812 : : }
3813 : : }
3814 : :
3815 : 41954 : CNode::CNode(NodeId idIn,
3816 : : std::shared_ptr<Sock> sock,
3817 : : const CAddress& addrIn,
3818 : : uint64_t nKeyedNetGroupIn,
3819 : : uint64_t nLocalHostNonceIn,
3820 : : const CService& addrBindIn,
3821 : : const std::string& addrNameIn,
3822 : : ConnectionType conn_type_in,
3823 : : bool inbound_onion,
3824 : : uint64_t network_key,
3825 : 41954 : CNodeOptions&& node_opts)
3826 : 41954 : : m_transport{MakeTransport(idIn, node_opts.use_v2transport, conn_type_in == ConnectionType::INBOUND)},
3827 : 41954 : m_permission_flags{node_opts.permission_flags},
3828 [ + + ]: 41954 : m_sock{sock},
3829 : 41954 : m_connected{GetTime<std::chrono::seconds>()},
3830 : 41954 : addr{addrIn},
3831 : 41954 : addrBind{addrBindIn},
3832 [ + + + - ]: 41954 : m_addr_name{addrNameIn.empty() ? addr.ToStringAddrPort() : addrNameIn},
3833 [ - + ]: 41954 : m_dest(addrNameIn),
3834 : 41954 : m_inbound_onion{inbound_onion},
3835 [ + - ]: 41954 : m_prefer_evict{node_opts.prefer_evict},
3836 : 41954 : nKeyedNetGroup{nKeyedNetGroupIn},
3837 : 41954 : m_network_key{network_key},
3838 : 41954 : m_conn_type{conn_type_in},
3839 : 41954 : id{idIn},
3840 : 41954 : nLocalHostNonce{nLocalHostNonceIn},
3841 [ + - ]: 41954 : m_recv_flood_size{node_opts.recv_flood_size},
3842 [ + - + - : 83908 : m_i2p_sam_session{std::move(node_opts.i2p_sam_session)}
+ + ]
3843 : : {
3844 [ + + + - ]: 41954 : if (inbound_onion) assert(conn_type_in == ConnectionType::INBOUND);
3845 : :
3846 [ + + ]: 1510344 : for (const auto& msg : ALL_NET_MESSAGE_TYPES) {
3847 [ + - ]: 1468390 : mapRecvBytesPerMsgType[msg] = 0;
3848 : : }
3849 [ + - ]: 41954 : mapRecvBytesPerMsgType[NET_MESSAGE_TYPE_OTHER] = 0;
3850 : :
3851 [ - + ]: 41954 : if (fLogIPs) {
3852 [ # # # # : 0 : LogDebug(BCLog::NET, "Added connection to %s peer=%d\n", m_addr_name, id);
# # ]
3853 : : } else {
3854 [ + - - + : 41954 : LogDebug(BCLog::NET, "Added connection peer=%d\n", id);
- - ]
3855 : : }
3856 [ - - ]: 41954 : }
3857 : :
3858 : 110002 : void CNode::MarkReceivedMsgsForProcessing()
3859 : : {
3860 : 110002 : AssertLockNotHeld(m_msg_process_queue_mutex);
3861 : :
3862 : 110002 : size_t nSizeAdded = 0;
3863 [ + + ]: 220004 : for (const auto& msg : vRecvMsg) {
3864 : : // vRecvMsg contains only completed CNetMessage
3865 : : // the single possible partially deserialized message are held by TransportDeserializer
3866 : 110002 : nSizeAdded += msg.GetMemoryUsage();
3867 : : }
3868 : :
3869 : 110002 : LOCK(m_msg_process_queue_mutex);
3870 : 110002 : m_msg_process_queue.splice(m_msg_process_queue.end(), vRecvMsg);
3871 : 110002 : m_msg_process_queue_size += nSizeAdded;
3872 [ + - ]: 110002 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
3873 : 110002 : }
3874 : :
3875 : 103952 : std::optional<std::pair<CNetMessage, bool>> CNode::PollMessage()
3876 : : {
3877 : 103952 : LOCK(m_msg_process_queue_mutex);
3878 [ + + ]: 103952 : if (m_msg_process_queue.empty()) return std::nullopt;
3879 : :
3880 : 98954 : std::list<CNetMessage> msgs;
3881 : : // Just take one message
3882 : 98954 : msgs.splice(msgs.begin(), m_msg_process_queue, m_msg_process_queue.begin());
3883 : 98954 : m_msg_process_queue_size -= msgs.front().GetMemoryUsage();
3884 : 98954 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
3885 : :
3886 : 197908 : return std::make_pair(std::move(msgs.front()), !m_msg_process_queue.empty());
3887 : 98954 : }
3888 : :
3889 : 232159 : bool CConnman::NodeFullyConnected(const CNode* pnode)
3890 : : {
3891 [ + - - + : 232159 : return pnode && pnode->fSuccessfullyConnected && !pnode->fDisconnect;
- - ]
3892 : : }
3893 : :
3894 : 100416 : void CConnman::PushMessage(CNode* pnode, CSerializedNetMsg&& msg)
3895 : : {
3896 : 100416 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3897 [ - + ]: 100416 : size_t nMessageSize = msg.data.size();
3898 [ - + ]: 100416 : LogDebug(BCLog::NET, "sending %s (%d bytes) peer=%d\n", msg.m_type, nMessageSize, pnode->GetId());
3899 [ + - - + ]: 100416 : if (gArgs.GetBoolArg("-capturemessages", false)) {
3900 [ # # ]: 0 : CaptureMessage(pnode->addr, msg.m_type, msg.data, /*is_incoming=*/false);
3901 : : }
3902 : :
3903 : : TRACEPOINT(net, outbound_message,
3904 : : pnode->GetId(),
3905 : : pnode->m_addr_name.c_str(),
3906 : : pnode->ConnectionTypeAsString().c_str(),
3907 : : msg.m_type.c_str(),
3908 : : msg.data.size(),
3909 : : msg.data.data()
3910 : 100416 : );
3911 : :
3912 : 100416 : size_t nBytesSent = 0;
3913 : 100416 : {
3914 : 100416 : LOCK(pnode->cs_vSend);
3915 : : // Check if the transport still has unsent bytes, and indicate to it that we're about to
3916 : : // give it a message to send.
3917 [ + + ]: 100416 : const auto& [to_send, more, _msg_type] =
3918 [ + + ]: 100416 : pnode->m_transport->GetBytesToSend(/*have_next_message=*/true);
3919 [ + + - + ]: 100416 : const bool queue_was_empty{to_send.empty() && pnode->vSendMsg.empty()};
3920 : :
3921 : : // Update memory usage of send buffer.
3922 : 100416 : pnode->m_send_memusage += msg.GetMemoryUsage();
3923 [ + - ]: 100416 : if (pnode->m_send_memusage + pnode->m_transport->GetSendMemoryUsage() > nSendBufferMaxSize) pnode->fPauseSend = true;
3924 : : // Move message to vSendMsg queue.
3925 [ + - ]: 100416 : pnode->vSendMsg.push_back(std::move(msg));
3926 : :
3927 : : // If there was nothing to send before, and there is now (predicted by the "more" value
3928 : : // returned by the GetBytesToSend call above), attempt "optimistic write":
3929 : : // because the poll/select loop may pause for SELECT_TIMEOUT_MILLISECONDS before actually
3930 : : // doing a send, try sending from the calling thread if the queue was empty before.
3931 : : // With a V1Transport, more will always be true here, because adding a message always
3932 : : // results in sendable bytes there, but with V2Transport this is not the case (it may
3933 : : // still be in the handshake).
3934 [ + + + - ]: 100416 : if (queue_was_empty && more) {
3935 [ + - ]: 63421 : std::tie(nBytesSent, std::ignore) = SocketSendData(*pnode);
3936 : : }
3937 : 100416 : }
3938 [ + + ]: 100416 : if (nBytesSent) RecordBytesSent(nBytesSent);
3939 : 100416 : }
3940 : :
3941 : 190 : bool CConnman::ForNode(NodeId id, std::function<bool(CNode* pnode)> func)
3942 : : {
3943 : 190 : CNode* found = nullptr;
3944 : 190 : LOCK(m_nodes_mutex);
3945 [ + + ]: 4017 : for (auto&& pnode : m_nodes) {
3946 [ + + ]: 3828 : if(pnode->GetId() == id) {
3947 : : found = pnode;
3948 : : break;
3949 : : }
3950 : : }
3951 [ + + + - : 190 : return found != nullptr && NodeFullyConnected(found) && func(found);
- + - - -
- + - ]
3952 : 190 : }
3953 : :
3954 : 623 : CSipHasher CConnman::GetDeterministicRandomizer(uint64_t id) const
3955 : : {
3956 : 623 : return CSipHasher(nSeed0, nSeed1).Write(id);
3957 : : }
3958 : :
3959 : 5 : uint64_t CConnman::CalculateKeyedNetGroup(const CNetAddr& address) const
3960 : : {
3961 : 5 : std::vector<unsigned char> vchNetGroup(m_netgroupman.GetGroup(address));
3962 : :
3963 [ + - + - : 10 : return GetDeterministicRandomizer(RANDOMIZER_ID_NETGROUP).Write(vchNetGroup).Finalize();
+ - ]
3964 : 5 : }
3965 : :
3966 : 0 : void CConnman::PerformReconnections()
3967 : : {
3968 : 0 : AssertLockNotHeld(m_reconnections_mutex);
3969 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3970 : 0 : while (true) {
3971 : : // Move first element of m_reconnections to todo (avoiding an allocation inside the lock).
3972 [ # # ]: 0 : decltype(m_reconnections) todo;
3973 : 0 : {
3974 [ # # ]: 0 : LOCK(m_reconnections_mutex);
3975 [ # # ]: 0 : if (m_reconnections.empty()) break;
3976 [ # # ]: 0 : todo.splice(todo.end(), m_reconnections, m_reconnections.begin());
3977 : 0 : }
3978 : :
3979 [ # # ]: 0 : auto& item = *todo.begin();
3980 [ # # ]: 0 : OpenNetworkConnection(item.addr_connect,
3981 : : // We only reconnect if the first attempt to connect succeeded at
3982 : : // connection time, but then failed after the CNode object was
3983 : : // created. Since we already know connecting is possible, do not
3984 : : // count failure to reconnect.
3985 : : /*fCountFailure=*/false,
3986 [ # # ]: 0 : std::move(item.grant),
3987 : 0 : item.destination.empty() ? nullptr : item.destination.c_str(),
3988 : : item.conn_type,
3989 [ # # ]: 0 : item.use_v2transport);
3990 : 0 : }
3991 : 0 : }
3992 : :
3993 : 2707 : void CConnman::ASMapHealthCheck()
3994 : : {
3995 : 2707 : const std::vector<CAddress> v4_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV4, /*filtered=*/false)};
3996 [ + - ]: 2707 : const std::vector<CAddress> v6_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV6, /*filtered=*/false)};
3997 : 2707 : std::vector<CNetAddr> clearnet_addrs;
3998 [ - + - + : 2707 : clearnet_addrs.reserve(v4_addrs.size() + v6_addrs.size());
+ - ]
3999 [ + - ]: 2707 : std::transform(v4_addrs.begin(), v4_addrs.end(), std::back_inserter(clearnet_addrs),
4000 [ + - ]: 155 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4001 [ + - ]: 2707 : std::transform(v6_addrs.begin(), v6_addrs.end(), std::back_inserter(clearnet_addrs),
4002 [ + - ]: 1625 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4003 [ + - ]: 2707 : m_netgroupman.ASMapHealthCheck(clearnet_addrs);
4004 : 2707 : }
4005 : :
4006 : : // Dump binary message to file, with timestamp.
4007 : 0 : static void CaptureMessageToFile(const CAddress& addr,
4008 : : const std::string& msg_type,
4009 : : std::span<const unsigned char> data,
4010 : : bool is_incoming)
4011 : : {
4012 : : // Note: This function captures the message at the time of processing,
4013 : : // not at socket receive/send time.
4014 : : // This ensures that the messages are always in order from an application
4015 : : // layer (processing) perspective.
4016 : 0 : auto now = GetTime<std::chrono::microseconds>();
4017 : :
4018 : : // Windows folder names cannot include a colon
4019 : 0 : std::string clean_addr = addr.ToStringAddrPort();
4020 [ # # ]: 0 : std::replace(clean_addr.begin(), clean_addr.end(), ':', '_');
4021 : :
4022 [ # # # # : 0 : fs::path base_path = gArgs.GetDataDirNet() / "message_capture" / fs::u8path(clean_addr);
# # # # ]
4023 [ # # ]: 0 : fs::create_directories(base_path);
4024 : :
4025 [ # # # # ]: 0 : fs::path path = base_path / (is_incoming ? "msgs_recv.dat" : "msgs_sent.dat");
4026 [ # # # # ]: 0 : AutoFile f{fsbridge::fopen(path, "ab")};
4027 : :
4028 [ # # ]: 0 : ser_writedata64(f, now.count());
4029 [ # # # # ]: 0 : f << std::span{msg_type};
4030 [ # # # # ]: 0 : for (auto i = msg_type.length(); i < CMessageHeader::MESSAGE_TYPE_SIZE; ++i) {
4031 [ # # ]: 0 : f << uint8_t{'\0'};
4032 : : }
4033 [ # # ]: 0 : uint32_t size = data.size();
4034 [ # # ]: 0 : ser_writedata32(f, size);
4035 [ # # ]: 0 : f << data;
4036 : :
4037 [ # # # # ]: 0 : if (f.fclose() != 0) {
4038 : 0 : throw std::ios_base::failure(
4039 [ # # # # : 0 : strprintf("Error closing %s after write, file contents are likely incomplete", fs::PathToString(path)));
# # ]
4040 : : }
4041 : 0 : }
4042 : :
4043 : : std::function<void(const CAddress& addr,
4044 : : const std::string& msg_type,
4045 : : std::span<const unsigned char> data,
4046 : : bool is_incoming)>
4047 : : CaptureMessage = CaptureMessageToFile;
|