Branch data Line data Source code
1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : : // Copyright (c) 2009-present The Bitcoin Core developers
3 : : // Distributed under the MIT software license, see the accompanying
4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 : :
6 : : #include <bitcoin-build-config.h> // IWYU pragma: keep
7 : :
8 : : #include <net.h>
9 : :
10 : : #include <addrdb.h>
11 : : #include <addrman.h>
12 : : #include <banman.h>
13 : : #include <clientversion.h>
14 : : #include <common/args.h>
15 : : #include <common/netif.h>
16 : : #include <compat/compat.h>
17 : : #include <consensus/consensus.h>
18 : : #include <crypto/sha256.h>
19 : : #include <i2p.h>
20 : : #include <key.h>
21 : : #include <logging.h>
22 : : #include <memusage.h>
23 : : #include <net_permissions.h>
24 : : #include <netaddress.h>
25 : : #include <netbase.h>
26 : : #include <node/eviction.h>
27 : : #include <node/interface_ui.h>
28 : : #include <protocol.h>
29 : : #include <random.h>
30 : : #include <scheduler.h>
31 : : #include <util/fs.h>
32 : : #include <util/sock.h>
33 : : #include <util/strencodings.h>
34 : : #include <util/thread.h>
35 : : #include <util/threadinterrupt.h>
36 : : #include <util/trace.h>
37 : : #include <util/translation.h>
38 : : #include <util/vector.h>
39 : :
40 : : #include <algorithm>
41 : : #include <array>
42 : : #include <cmath>
43 : : #include <cstdint>
44 : : #include <cstring>
45 : : #include <functional>
46 : : #include <optional>
47 : : #include <string_view>
48 : : #include <unordered_map>
49 : :
50 : : TRACEPOINT_SEMAPHORE(net, closed_connection);
51 : : TRACEPOINT_SEMAPHORE(net, evicted_inbound_connection);
52 : : TRACEPOINT_SEMAPHORE(net, inbound_connection);
53 : : TRACEPOINT_SEMAPHORE(net, outbound_connection);
54 : : TRACEPOINT_SEMAPHORE(net, outbound_message);
55 : :
56 : : /** Maximum number of block-relay-only anchor connections */
57 : : static constexpr size_t MAX_BLOCK_RELAY_ONLY_ANCHORS = 2;
58 : : static_assert (MAX_BLOCK_RELAY_ONLY_ANCHORS <= static_cast<size_t>(MAX_BLOCK_RELAY_ONLY_CONNECTIONS), "MAX_BLOCK_RELAY_ONLY_ANCHORS must not exceed MAX_BLOCK_RELAY_ONLY_CONNECTIONS.");
59 : : /** Anchor IP address database file name */
60 : : const char* const ANCHORS_DATABASE_FILENAME = "anchors.dat";
61 : :
62 : : // How often to dump addresses to peers.dat
63 : : static constexpr std::chrono::minutes DUMP_PEERS_INTERVAL{15};
64 : :
65 : : /** Number of DNS seeds to query when the number of connections is low. */
66 : : static constexpr int DNSSEEDS_TO_QUERY_AT_ONCE = 3;
67 : :
68 : : /** Minimum number of outbound connections under which we will keep fetching our address seeds. */
69 : : static constexpr int SEED_OUTBOUND_CONNECTION_THRESHOLD = 2;
70 : :
71 : : /** How long to delay before querying DNS seeds
72 : : *
73 : : * If we have more than THRESHOLD entries in addrman, then it's likely
74 : : * that we got those addresses from having previously connected to the P2P
75 : : * network, and that we'll be able to successfully reconnect to the P2P
76 : : * network via contacting one of them. So if that's the case, spend a
77 : : * little longer trying to connect to known peers before querying the
78 : : * DNS seeds.
79 : : */
80 : : static constexpr std::chrono::seconds DNSSEEDS_DELAY_FEW_PEERS{11};
81 : : static constexpr std::chrono::minutes DNSSEEDS_DELAY_MANY_PEERS{5};
82 : : static constexpr int DNSSEEDS_DELAY_PEER_THRESHOLD = 1000; // "many" vs "few" peers
83 : :
84 : : /** The default timeframe for -maxuploadtarget. 1 day. */
85 : : static constexpr std::chrono::seconds MAX_UPLOAD_TIMEFRAME{60 * 60 * 24};
86 : :
87 : : // A random time period (0 to 1 seconds) is added to feeler connections to prevent synchronization.
88 : : static constexpr auto FEELER_SLEEP_WINDOW{1s};
89 : :
90 : : /** Frequency to attempt extra connections to reachable networks we're not connected to yet **/
91 : : static constexpr auto EXTRA_NETWORK_PEER_INTERVAL{5min};
92 : :
93 : : /** Used to pass flags to the Bind() function */
94 : : enum BindFlags {
95 : : BF_NONE = 0,
96 : : BF_REPORT_ERROR = (1U << 0),
97 : : /**
98 : : * Do not call AddLocal() for our special addresses, e.g., for incoming
99 : : * Tor connections, to prevent gossiping them over the network.
100 : : */
101 : : BF_DONT_ADVERTISE = (1U << 1),
102 : : };
103 : :
104 : : // The set of sockets cannot be modified while waiting
105 : : // The sleep time needs to be small to avoid new sockets stalling
106 : : static const uint64_t SELECT_TIMEOUT_MILLISECONDS = 50;
107 : :
108 : : const std::string NET_MESSAGE_TYPE_OTHER = "*other*";
109 : :
110 : : static const uint64_t RANDOMIZER_ID_NETGROUP = 0x6c0edd8036ef4036ULL; // SHA256("netgroup")[0:8]
111 : : static const uint64_t RANDOMIZER_ID_LOCALHOSTNONCE = 0xd93e69e2bbfa5735ULL; // SHA256("localhostnonce")[0:8]
112 : : static const uint64_t RANDOMIZER_ID_NETWORKKEY = 0x0e8a2b136c592a7dULL; // SHA256("networkkey")[0:8]
113 : : //
114 : : // Global state variables
115 : : //
116 : : bool fDiscover = true;
117 : : bool fListen = true;
118 : : GlobalMutex g_maplocalhost_mutex;
119 : : std::map<CNetAddr, LocalServiceInfo> mapLocalHost GUARDED_BY(g_maplocalhost_mutex);
120 : : std::string strSubVersion;
121 : :
122 : 520729 : size_t CSerializedNetMsg::GetMemoryUsage() const noexcept
123 : : {
124 [ - + ]: 520729 : return sizeof(*this) + memusage::DynamicUsage(m_type) + memusage::DynamicUsage(data);
125 : : }
126 : :
127 : 278861 : size_t CNetMessage::GetMemoryUsage() const noexcept
128 : : {
129 : 278861 : return sizeof(*this) + memusage::DynamicUsage(m_type) + m_recv.GetMemoryUsage();
130 : : }
131 : :
132 : 0 : void CConnman::AddAddrFetch(const std::string& strDest)
133 : : {
134 : 0 : LOCK(m_addr_fetches_mutex);
135 [ # # ]: 0 : m_addr_fetches.push_back(strDest);
136 : 0 : }
137 : :
138 : 147167 : uint16_t GetListenPort()
139 : : {
140 : : // If -bind= is provided with ":port" part, use that (first one if multiple are provided).
141 [ + - - + ]: 147167 : for (const std::string& bind_arg : gArgs.GetArgs("-bind")) {
142 : 0 : constexpr uint16_t dummy_port = 0;
143 : :
144 [ # # # # ]: 0 : const std::optional<CService> bind_addr{Lookup(bind_arg, dummy_port, /*fAllowLookup=*/false)};
145 [ # # # # : 0 : if (bind_addr.has_value() && bind_addr->GetPort() != dummy_port) return bind_addr->GetPort();
# # # # ]
146 : 147167 : }
147 : :
148 : : // Otherwise, if -whitebind= without NetPermissionFlags::NoBan is provided, use that
149 : : // (-whitebind= is required to have ":port").
150 [ + - - + ]: 147167 : for (const std::string& whitebind_arg : gArgs.GetArgs("-whitebind")) {
151 [ # # ]: 0 : NetWhitebindPermissions whitebind;
152 [ # # ]: 0 : bilingual_str error;
153 [ # # # # ]: 0 : if (NetWhitebindPermissions::TryParse(whitebind_arg, whitebind, error)) {
154 [ # # ]: 0 : if (!NetPermissions::HasFlag(whitebind.m_flags, NetPermissionFlags::NoBan)) {
155 [ # # ]: 0 : return whitebind.m_service.GetPort();
156 : : }
157 : : }
158 : 0 : }
159 : :
160 : : // Otherwise, if -port= is provided, use that. Otherwise use the default port.
161 [ + - ]: 147167 : return static_cast<uint16_t>(gArgs.GetIntArg("-port", Params().GetDefaultPort()));
162 : : }
163 : :
164 : : // Determine the "best" local address for a particular peer.
165 : 146037 : [[nodiscard]] static std::optional<CService> GetLocal(const CNode& peer)
166 : : {
167 [ - + ]: 146037 : if (!fListen) return std::nullopt;
168 : :
169 : 146037 : std::optional<CService> addr;
170 : 146037 : int nBestScore = -1;
171 : 146037 : int nBestReachability = -1;
172 : 146037 : {
173 [ + - ]: 146037 : LOCK(g_maplocalhost_mutex);
174 [ + - + + ]: 18999167 : for (const auto& [local_addr, local_service_info] : mapLocalHost) {
175 : : // For privacy reasons, don't advertise our privacy-network address
176 : : // to other networks and don't advertise our other-network address
177 : : // to privacy networks.
178 [ + - + - ]: 18853130 : if (local_addr.GetNetwork() != peer.ConnectedThroughNetwork()
179 [ + + + - : 32166247 : && (local_addr.IsPrivacyNet() || peer.IsConnectedThroughPrivacyNet())) {
+ + ]
180 : 5279050 : continue;
181 : : }
182 : 13574080 : const int nScore{local_service_info.nScore};
183 [ + - ]: 13574080 : const int nReachability{local_addr.GetReachabilityFrom(peer.addr)};
184 [ + + + + ]: 13574080 : if (nReachability > nBestReachability || (nReachability == nBestReachability && nScore > nBestScore)) {
185 [ + - ]: 387605 : addr.emplace(CService{local_addr, local_service_info.nPort});
186 : 387605 : nBestReachability = nReachability;
187 : 387605 : nBestScore = nScore;
188 : : }
189 : : }
190 : 0 : }
191 [ + + ]: 250702 : return addr;
192 : 146037 : }
193 : :
194 : : //! Convert the serialized seeds into usable address objects.
195 : 0 : static std::vector<CAddress> ConvertSeeds(const std::vector<uint8_t> &vSeedsIn)
196 : : {
197 : : // It'll only connect to one or two seed nodes because once it connects,
198 : : // it'll get a pile of addresses with newer timestamps.
199 : : // Seed nodes are given a random 'last seen time' of between one and two
200 : : // weeks ago.
201 : 0 : const auto one_week{7 * 24h};
202 : 0 : std::vector<CAddress> vSeedsOut;
203 : 0 : FastRandomContext rng;
204 [ # # # # ]: 0 : ParamsStream s{DataStream{vSeedsIn}, CAddress::V2_NETWORK};
205 [ # # # # ]: 0 : while (!s.eof()) {
206 [ # # ]: 0 : CService endpoint;
207 [ # # ]: 0 : s >> endpoint;
208 : 0 : CAddress addr{endpoint, SeedsServiceFlags()};
209 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - one_week, -one_week);
210 [ # # # # : 0 : LogDebug(BCLog::NET, "Added hardcoded seed: %s\n", addr.ToStringAddrPort());
# # # # ]
211 [ # # ]: 0 : vSeedsOut.push_back(addr);
212 : 0 : }
213 : 0 : return vSeedsOut;
214 : 0 : }
215 : :
216 : : // Determine the "best" local address for a particular peer.
217 : : // If none, return the unroutable 0.0.0.0 but filled in with
218 : : // the normal parameters, since the IP may be changed to a useful
219 : : // one by discovery.
220 : 146037 : CService GetLocalAddress(const CNode& peer)
221 : : {
222 [ + - + - : 146037 : return GetLocal(peer).value_or(CService{CNetAddr(), GetListenPort()});
+ - ]
223 : : }
224 : :
225 : 0 : static int GetnScore(const CService& addr)
226 : : {
227 : 0 : LOCK(g_maplocalhost_mutex);
228 [ # # ]: 0 : const auto it = mapLocalHost.find(addr);
229 [ # # ]: 0 : return (it != mapLocalHost.end()) ? it->second.nScore : 0;
230 : 0 : }
231 : :
232 : : // Is our peer's addrLocal potentially useful as an external IP source?
233 : 1258 : [[nodiscard]] static bool IsPeerAddrLocalGood(CNode *pnode)
234 : : {
235 : 1258 : CService addrLocal = pnode->GetAddrLocal();
236 [ + - + - : 1258 : return fDiscover && pnode->addr.IsRoutable() && addrLocal.IsRoutable() &&
+ + + - -
+ - - ]
237 [ - - ]: 1258 : g_reachable_nets.Contains(addrLocal);
238 : 1258 : }
239 : :
240 : 1258 : std::optional<CService> GetLocalAddrForPeer(CNode& node)
241 : : {
242 : 1258 : CService addrLocal{GetLocalAddress(node)};
243 : : // If discovery is enabled, sometimes give our peer the address it
244 : : // tells us that it sees us as in case it has a better idea of our
245 : : // address than we do.
246 : 1258 : FastRandomContext rng;
247 [ + - - + : 1258 : if (IsPeerAddrLocalGood(&node) && (!addrLocal.IsRoutable() ||
- - - - -
- ]
248 [ # # # # ]: 0 : rng.randbits((GetnScore(addrLocal) > LOCAL_MANUAL) ? 3 : 1) == 0))
249 : : {
250 [ # # ]: 0 : if (node.IsInboundConn()) {
251 : : // For inbound connections, assume both the address and the port
252 : : // as seen from the peer.
253 [ # # ]: 0 : addrLocal = CService{node.GetAddrLocal()};
254 : : } else {
255 : : // For outbound connections, assume just the address as seen from
256 : : // the peer and leave the port in `addrLocal` as returned by
257 : : // `GetLocalAddress()` above. The peer has no way to observe our
258 : : // listening port when we have initiated the connection.
259 [ # # # # ]: 0 : addrLocal.SetIP(node.GetAddrLocal());
260 : : }
261 : : }
262 [ + - - + ]: 1258 : if (addrLocal.IsRoutable()) {
263 [ # # # # : 0 : LogDebug(BCLog::NET, "Advertising address %s to peer=%d\n", addrLocal.ToStringAddrPort(), node.GetId());
# # # # ]
264 : 0 : return addrLocal;
265 : : }
266 : : // Address is unroutable. Don't advertise.
267 : 1258 : return std::nullopt;
268 : 1258 : }
269 : :
270 : 1474 : void ClearLocal()
271 : : {
272 : 1474 : LOCK(g_maplocalhost_mutex);
273 [ + - ]: 1474 : return mapLocalHost.clear();
274 : 1474 : }
275 : :
276 : : // learn a new local address
277 : 318903 : bool AddLocal(const CService& addr_, int nScore)
278 : : {
279 : 318903 : CService addr{MaybeFlipIPv6toCJDNS(addr_)};
280 : :
281 [ + - + + ]: 318903 : if (!addr.IsRoutable())
282 : : return false;
283 : :
284 [ - + - - ]: 230053 : if (!fDiscover && nScore < LOCAL_MANUAL)
285 : : return false;
286 : :
287 [ + - + - ]: 230053 : if (!g_reachable_nets.Contains(addr))
288 : : return false;
289 : :
290 [ + - + - ]: 230053 : LogInfo("AddLocal(%s,%i)\n", addr.ToStringAddrPort(), nScore);
291 : :
292 : 230053 : {
293 [ + - ]: 230053 : LOCK(g_maplocalhost_mutex);
294 [ + - + + ]: 230053 : const auto [it, is_newly_added] = mapLocalHost.emplace(addr, LocalServiceInfo());
295 [ + + ]: 230053 : LocalServiceInfo &info = it->second;
296 [ + + + + ]: 230053 : if (is_newly_added || nScore >= info.nScore) {
297 [ + + ]: 94882 : info.nScore = nScore + (is_newly_added ? 0 : 1);
298 [ + - ]: 94882 : info.nPort = addr.GetPort();
299 : : }
300 : 0 : }
301 : :
302 : 230053 : return true;
303 : 318903 : }
304 : :
305 : 0 : bool AddLocal(const CNetAddr &addr, int nScore)
306 : : {
307 [ # # ]: 0 : return AddLocal(CService(addr, GetListenPort()), nScore);
308 : : }
309 : :
310 : 78832 : void RemoveLocal(const CService& addr)
311 : : {
312 : 78832 : LOCK(g_maplocalhost_mutex);
313 [ + - + - ]: 78832 : LogInfo("RemoveLocal(%s)\n", addr.ToStringAddrPort());
314 [ + - + - ]: 78832 : mapLocalHost.erase(addr);
315 : 78832 : }
316 : :
317 : : /** vote for a local address */
318 : 294645 : bool SeenLocal(const CService& addr)
319 : : {
320 : 294645 : LOCK(g_maplocalhost_mutex);
321 [ + - ]: 294645 : const auto it = mapLocalHost.find(addr);
322 [ + + ]: 294645 : if (it == mapLocalHost.end()) return false;
323 : 265772 : ++it->second.nScore;
324 : 265772 : return true;
325 : 294645 : }
326 : :
327 : :
328 : : /** check whether a given address is potentially local */
329 : 240593 : bool IsLocal(const CService& addr)
330 : : {
331 : 240593 : LOCK(g_maplocalhost_mutex);
332 [ + - + - ]: 240593 : return mapLocalHost.contains(addr);
333 : 240593 : }
334 : :
335 : 24733 : bool CConnman::AlreadyConnectedToHost(std::string_view host) const
336 : : {
337 : 24733 : LOCK(m_nodes_mutex);
338 [ + - - + ]: 6010460 : return std::ranges::any_of(m_nodes, [&host](CNode* node) { return node->m_addr_name == host; });
339 : 24733 : }
340 : :
341 : 1834 : bool CConnman::AlreadyConnectedToAddressPort(const CService& addr_port) const
342 : : {
343 : 1834 : LOCK(m_nodes_mutex);
344 [ + - + - ]: 12917 : return std::ranges::any_of(m_nodes, [&addr_port](CNode* node) { return node->addr == addr_port; });
345 : 1834 : }
346 : :
347 : 2008 : bool CConnman::AlreadyConnectedToAddress(const CNetAddr& addr) const
348 : : {
349 : 2008 : LOCK(m_nodes_mutex);
350 [ + - + - ]: 42441 : return std::ranges::any_of(m_nodes, [&addr](CNode* node) { return node->addr == addr; });
351 : 2008 : }
352 : :
353 : 31185 : bool CConnman::CheckIncomingNonce(uint64_t nonce)
354 : : {
355 : 31185 : LOCK(m_nodes_mutex);
356 [ + + ]: 1284886 : for (const CNode* pnode : m_nodes) {
357 : : // Omit private broadcast connections from this check to prevent this privacy attack:
358 : : // - We connect to a peer in an attempt to privately broadcast a transaction. From our
359 : : // VERSION message the peer deducts that this is a short-lived connection for
360 : : // broadcasting a transaction, takes our nonce and delays their VERACK.
361 : : // - The peer starts connecting to (clearnet) nodes and sends them a VERSION message
362 : : // which contains our nonce. If the peer manages to connect to us we would disconnect.
363 : : // - Upon a disconnect, the peer knows our clearnet address. They go back to the short
364 : : // lived privacy broadcast connection and continue with VERACK.
365 [ + + + + : 1255193 : if (!pnode->fSuccessfullyConnected && !pnode->IsInboundConn() && !pnode->IsPrivateBroadcastConn() &&
+ + ]
366 [ + + ]: 349414 : pnode->GetLocalNonce() == nonce)
367 : : return false;
368 : : }
369 : : return true;
370 : 31185 : }
371 : :
372 : 25838 : CNode* CConnman::ConnectNode(CAddress addrConnect,
373 : : const char* pszDest,
374 : : bool fCountFailure,
375 : : ConnectionType conn_type,
376 : : bool use_v2transport,
377 : : const std::optional<Proxy>& proxy_override)
378 : : {
379 : 25838 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
380 [ - + ]: 25838 : assert(conn_type != ConnectionType::INBOUND);
381 : :
382 [ + + ]: 25838 : if (pszDest == nullptr) {
383 [ + - ]: 1162 : if (IsLocal(addrConnect))
384 : : return nullptr;
385 : :
386 : : // Look for an existing connection
387 [ - + ]: 1162 : if (AlreadyConnectedToAddressPort(addrConnect)) {
388 [ # # ]: 0 : LogInfo("Failed to open new connection to %s, already connected", addrConnect.ToStringAddrPort());
389 : 0 : return nullptr;
390 : : }
391 : : }
392 : :
393 [ - + - - : 25838 : LogDebug(BCLog::NET, "trying %s connection %s lastseen=%.1fhrs\n",
- - - - -
- ]
394 : : use_v2transport ? "v2" : "v1",
395 : : pszDest ? pszDest : addrConnect.ToStringAddrPort(),
396 : : Ticks<HoursDouble>(pszDest ? 0h : Now<NodeSeconds>() - addrConnect.nTime));
397 : :
398 : : // Resolve
399 [ + + + - ]: 50514 : const uint16_t default_port{pszDest != nullptr ? GetDefaultPort(pszDest) :
400 : 1162 : m_params.GetDefaultPort()};
401 : :
402 : : // Collection of addresses to try to connect to: either all dns resolved addresses if a domain name (pszDest) is provided, or addrConnect otherwise.
403 : 25838 : std::vector<CAddress> connect_to{};
404 [ + + ]: 25838 : if (pszDest) {
405 [ + - + - : 49352 : std::vector<CService> resolved{Lookup(pszDest, default_port, fNameLookup && !HaveNameProxy(), 256)};
+ - - + +
- + - ]
406 [ + + ]: 24676 : if (!resolved.empty()) {
407 : 708 : std::shuffle(resolved.begin(), resolved.end(), FastRandomContext());
408 : : // If the connection is made by name, it can be the case that the name resolves to more than one address.
409 : : // We don't want to connect any more of them if we are already connected to one
410 [ + + ]: 1317 : for (const auto& r : resolved) {
411 [ + - ]: 1416 : addrConnect = CAddress{MaybeFlipIPv6toCJDNS(r), NODE_NONE};
412 [ + - + + ]: 708 : if (!addrConnect.IsValid()) {
413 [ + - - + : 36 : LogDebug(BCLog::NET, "Resolver returned invalid address %s for %s\n", addrConnect.ToStringAddrPort(), pszDest);
- - - - ]
414 : 36 : return nullptr;
415 : : }
416 : : // It is possible that we already have a connection to the IP/port pszDest resolved to.
417 : : // In that case, drop the connection that was just created.
418 [ + - + + ]: 672 : if (AlreadyConnectedToAddressPort(addrConnect)) {
419 [ + - + - ]: 63 : LogInfo("Not opening a connection to %s, already connected to %s\n", pszDest, addrConnect.ToStringAddrPort());
420 : 63 : return nullptr;
421 : : }
422 : : // Add the address to the resolved addresses vector so we can try to connect to it later on
423 [ + - ]: 609 : connect_to.push_back(addrConnect);
424 : : }
425 : : } else {
426 : : // For resolution via proxy
427 [ + - ]: 23968 : connect_to.push_back(addrConnect);
428 : : }
429 : 24676 : } else {
430 : : // Connect via addrConnect directly
431 [ + - ]: 1162 : connect_to.push_back(addrConnect);
432 : : }
433 : :
434 : : // Connect
435 : 25739 : std::unique_ptr<Sock> sock;
436 [ + - ]: 25739 : Proxy proxy;
437 [ + - ]: 25739 : CService addr_bind;
438 [ + - - + ]: 25739 : assert(!addr_bind.IsValid());
439 : 25739 : std::unique_ptr<i2p::sam::Session> i2p_transient_session;
440 : :
441 [ + + ]: 28076 : for (auto& target_addr: connect_to) {
442 [ + - + + ]: 25739 : if (target_addr.IsValid()) {
443 : 24932 : bool use_proxy;
444 [ - + ]: 24932 : if (proxy_override.has_value()) {
445 : 0 : use_proxy = true;
446 [ # # ]: 0 : proxy = proxy_override.value();
447 : : } else {
448 [ + - + - ]: 24932 : use_proxy = GetProxy(target_addr.GetNetwork(), proxy);
449 : : }
450 : 24932 : bool proxyConnectionFailed = false;
451 : :
452 [ + + + - ]: 24932 : if (target_addr.IsI2P() && use_proxy) {
453 [ # # ]: 0 : i2p::Connection conn;
454 : 0 : bool connected{false};
455 : :
456 : : // If an I2P SAM session already exists, normally we would re-use it. But in the case of
457 : : // private broadcast we force a new transient session. A Connect() using m_i2p_sam_session
458 : : // would use our permanent I2P address as a source address.
459 [ # # # # ]: 0 : if (m_i2p_sam_session && conn_type != ConnectionType::PRIVATE_BROADCAST) {
460 [ # # ]: 0 : connected = m_i2p_sam_session->Connect(target_addr, conn, proxyConnectionFailed);
461 : : } else {
462 : 0 : {
463 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
464 [ # # ]: 0 : if (m_unused_i2p_sessions.empty()) {
465 : 0 : i2p_transient_session =
466 [ # # ]: 0 : std::make_unique<i2p::sam::Session>(proxy, m_interrupt_net);
467 : : } else {
468 : 0 : i2p_transient_session.swap(m_unused_i2p_sessions.front());
469 : 0 : m_unused_i2p_sessions.pop();
470 : : }
471 : 0 : }
472 [ # # ]: 0 : connected = i2p_transient_session->Connect(target_addr, conn, proxyConnectionFailed);
473 [ # # ]: 0 : if (!connected) {
474 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
475 [ # # # # ]: 0 : if (m_unused_i2p_sessions.size() < MAX_UNUSED_I2P_SESSIONS_SIZE) {
476 [ # # # # ]: 0 : m_unused_i2p_sessions.emplace(i2p_transient_session.release());
477 : : }
478 : 0 : }
479 : : }
480 : :
481 [ # # ]: 0 : if (connected) {
482 : 0 : sock = std::move(conn.sock);
483 : 0 : addr_bind = conn.me;
484 : : }
485 [ - + ]: 24932 : } else if (use_proxy) {
486 [ # # # # : 0 : LogDebug(BCLog::PROXY, "Using proxy: %s to connect to %s\n", proxy.ToString(), target_addr.ToStringAddrPort());
# # # # #
# ]
487 [ # # # # : 0 : sock = ConnectThroughProxy(proxy, target_addr.ToStringAddr(), target_addr.GetPort(), proxyConnectionFailed);
# # ]
488 : : } else {
489 : : // no proxy needed (none set for target network)
490 [ + - ]: 49864 : sock = ConnectDirectly(target_addr, conn_type == ConnectionType::MANUAL);
491 : : }
492 [ + - ]: 24932 : if (!proxyConnectionFailed) {
493 : : // If a connection to the node was attempted, and failure (if any) is not caused by a problem connecting to
494 : : // the proxy, mark this as an attempt.
495 [ + - ]: 24932 : addrman.get().Attempt(target_addr, fCountFailure);
496 : : }
497 [ + + + - : 807 : } else if (pszDest && GetNameProxy(proxy)) {
- + ]
498 [ # # ]: 0 : std::string host;
499 : 0 : uint16_t port{default_port};
500 [ # # # # ]: 0 : SplitHostPort(std::string(pszDest), port, host);
501 : 0 : bool proxyConnectionFailed;
502 [ # # ]: 0 : sock = ConnectThroughProxy(proxy, host, port, proxyConnectionFailed);
503 : 0 : }
504 : : // Check any other resolved address (if any) if we fail to connect
505 [ + + ]: 25739 : if (!sock) {
506 : 2337 : continue;
507 : : }
508 : :
509 : 23402 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
510 [ + + + - ]: 23402 : std::vector<NetWhitelistPermissions> whitelist_permissions = conn_type == ConnectionType::MANUAL ? vWhitelistedRangeOutgoing : std::vector<NetWhitelistPermissions>{};
511 [ + - ]: 23402 : AddWhitelistPermissionFlags(permission_flags, target_addr, whitelist_permissions);
512 : :
513 : : // Add node
514 [ + - ]: 23402 : NodeId id = GetNewNodeId();
515 [ + - + - : 23402 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
+ - ]
516 [ + - + - ]: 23402 : if (!addr_bind.IsValid()) {
517 [ + - ]: 46804 : addr_bind = GetBindAddress(*sock);
518 : : }
519 [ + - ]: 23402 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
520 [ + - + - ]: 23402 : .Write(target_addr.GetNetClass())
521 [ + - + - ]: 46804 : .Write(addr_bind.GetAddrBytes())
522 : : // For outbound connections, the port of the bound address is randomly
523 : : // assigned by the OS and would therefore not be useful for seeding.
524 [ + - ]: 23402 : .Write(0)
525 [ + - ]: 23402 : .Finalize();
526 : 23402 : CNode* pnode = new CNode(id,
527 : 23402 : std::move(sock),
528 : : target_addr,
529 : : CalculateKeyedNetGroup(target_addr),
530 : : nonce,
531 : : addr_bind,
532 [ + - ]: 46804 : pszDest ? pszDest : "",
533 : : conn_type,
534 : : /*inbound_onion=*/false,
535 : : network_id,
536 [ + + ]: 23402 : CNodeOptions{
537 : : .permission_flags = permission_flags,
538 : : .i2p_sam_session = std::move(i2p_transient_session),
539 [ + + ]: 23402 : .recv_flood_size = nReceiveFloodSize,
540 : : .use_v2transport = use_v2transport,
541 [ + - + - : 46804 : });
+ - + - +
- ]
542 : 23402 : pnode->AddRef();
543 : :
544 : : // We're making a new connection, harvest entropy from the time (and our peer count)
545 : 23402 : RandAddEvent((uint32_t)id);
546 : :
547 : 23402 : return pnode;
548 : 23402 : }
549 : :
550 : : return nullptr;
551 : 51577 : }
552 : :
553 : 59529 : void CNode::CloseSocketDisconnect()
554 : : {
555 : 59529 : fDisconnect = true;
556 : 59529 : LOCK(m_sock_mutex);
557 [ + + ]: 59529 : if (m_sock) {
558 [ + - - + : 25462 : LogDebug(BCLog::NET, "Resetting socket for peer=%d%s", GetId(), LogIP(fLogIPs));
- - - - ]
559 : 25462 : m_sock.reset();
560 : :
561 : : TRACEPOINT(net, closed_connection,
562 : : GetId(),
563 : : m_addr_name.c_str(),
564 : : ConnectionTypeAsString().c_str(),
565 : : ConnectedThroughNetwork(),
566 : 25462 : Ticks<std::chrono::seconds>(m_connected));
567 : : }
568 [ - + + - ]: 59529 : m_i2p_sam_session.reset();
569 : 59529 : }
570 : :
571 : 55846 : void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const {
572 [ - + ]: 55846 : for (const auto& subnet : ranges) {
573 [ # # # # ]: 0 : if (addr.has_value() && subnet.m_subnet.Match(addr.value())) {
574 : 0 : NetPermissions::AddFlag(flags, subnet.m_flags);
575 : : }
576 : : }
577 [ + + ]: 55846 : if (NetPermissions::HasFlag(flags, NetPermissionFlags::Implicit)) {
578 [ - + ]: 1371 : NetPermissions::ClearFlag(flags, NetPermissionFlags::Implicit);
579 [ - + ]: 1371 : if (whitelist_forcerelay) NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);
580 [ + - ]: 1371 : if (whitelist_relay) NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);
581 : 1371 : NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);
582 : 1371 : NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);
583 : : }
584 : 55846 : }
585 : :
586 : 257769 : CService CNode::GetAddrLocal() const
587 : : {
588 : 257769 : AssertLockNotHeld(m_addr_local_mutex);
589 : 257769 : LOCK(m_addr_local_mutex);
590 [ + - ]: 257769 : return m_addr_local;
591 : 257769 : }
592 : :
593 : 15178 : void CNode::SetAddrLocal(const CService& addrLocalIn) {
594 : 15178 : AssertLockNotHeld(m_addr_local_mutex);
595 : 15178 : LOCK(m_addr_local_mutex);
596 [ + - + - : 30356 : if (Assume(!m_addr_local.IsValid())) { // Addr local can only be set once during version msg processing
+ - ]
597 : 15178 : m_addr_local = addrLocalIn;
598 : : }
599 : 15178 : }
600 : :
601 : 19968081 : Network CNode::ConnectedThroughNetwork() const
602 : : {
603 [ + + ]: 19968081 : return m_inbound_onion ? NET_ONION : addr.GetNetClass();
604 : : }
605 : :
606 : 13313117 : bool CNode::IsConnectedThroughPrivacyNet() const
607 : : {
608 [ + + + + ]: 13313117 : return m_inbound_onion || addr.IsPrivacyNet();
609 : : }
610 : :
611 : : #undef X
612 : : #define X(name) stats.name = name
613 : 254511 : void CNode::CopyStats(CNodeStats& stats)
614 : : {
615 : 254511 : stats.nodeid = this->GetId();
616 : 254511 : X(addr);
617 : 254511 : X(addrBind);
618 : 254511 : stats.m_network = ConnectedThroughNetwork();
619 : 254511 : X(m_last_send);
620 : 254511 : X(m_last_recv);
621 : 254511 : X(m_last_tx_time);
622 : 254511 : X(m_last_block_time);
623 : 254511 : X(m_connected);
624 : 254511 : X(m_addr_name);
625 : 254511 : X(nVersion);
626 : 254511 : {
627 : 254511 : LOCK(m_subver_mutex);
628 [ + - + - ]: 509022 : X(cleanSubVer);
629 : 0 : }
630 : 254511 : stats.fInbound = IsInboundConn();
631 : 254511 : X(m_bip152_highbandwidth_to);
632 : 254511 : X(m_bip152_highbandwidth_from);
633 : 254511 : {
634 : 254511 : LOCK(cs_vSend);
635 [ + - ]: 254511 : X(mapSendBytesPerMsgType);
636 [ + - ]: 254511 : X(nSendBytes);
637 : 0 : }
638 : 254511 : {
639 : 254511 : LOCK(cs_vRecv);
640 [ + - ]: 254511 : X(mapRecvBytesPerMsgType);
641 : 254511 : X(nRecvBytes);
642 : 254511 : Transport::Info info = m_transport->GetInfo();
643 : 254511 : stats.m_transport_type = info.transport_type;
644 [ - + - - ]: 254511 : if (info.session_id) stats.m_session_id = HexStr(*info.session_id);
645 : 0 : }
646 : 254511 : X(m_permission_flags);
647 : :
648 : 254511 : X(m_last_ping_time);
649 : 254511 : X(m_min_ping_time);
650 : :
651 : : // Leave string empty if addrLocal invalid (not filled in yet)
652 : 254511 : CService addrLocalUnlocked = GetAddrLocal();
653 [ + - + + : 254511 : stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToStringAddrPort() : "";
+ - + - ]
654 : :
655 : 254511 : X(m_conn_type);
656 : 254511 : }
657 : : #undef X
658 : :
659 : 461815 : bool CNode::ReceiveMsgBytes(std::span<const uint8_t> msg_bytes, bool& complete)
660 : : {
661 : 461815 : complete = false;
662 : 461815 : const auto time = GetTime<std::chrono::microseconds>();
663 : 461815 : LOCK(cs_vRecv);
664 : 461815 : m_last_recv = std::chrono::duration_cast<std::chrono::seconds>(time);
665 : 461815 : nRecvBytes += msg_bytes.size();
666 [ + + ]: 1405615 : while (msg_bytes.size() > 0) {
667 : : // absorb network data
668 [ + - + + ]: 552714 : if (!m_transport->ReceivedBytes(msg_bytes)) {
669 : : // Serious transport problem, disconnect from the peer.
670 : : return false;
671 : : }
672 : :
673 [ + - + + ]: 481985 : if (m_transport->ReceivedMessageComplete()) {
674 : : // decompose a transport agnostic CNetMessage from the deserializer
675 : 270524 : bool reject_message{false};
676 [ + - ]: 270524 : CNetMessage msg = m_transport->GetReceivedMessage(time, reject_message);
677 [ + + ]: 270524 : if (reject_message) {
678 : : // Message deserialization failed. Drop the message but don't disconnect the peer.
679 : : // store the size of the corrupt message
680 [ + - ]: 67274 : mapRecvBytesPerMsgType.at(NET_MESSAGE_TYPE_OTHER) += msg.m_raw_message_size;
681 : 67274 : continue;
682 : : }
683 : :
684 : : // Store received bytes per message type.
685 : : // To prevent a memory DOS, only allow known message types.
686 : 203250 : auto i = mapRecvBytesPerMsgType.find(msg.m_type);
687 [ + + ]: 203250 : if (i == mapRecvBytesPerMsgType.end()) {
688 : 37572 : i = mapRecvBytesPerMsgType.find(NET_MESSAGE_TYPE_OTHER);
689 : : }
690 [ - + ]: 203250 : assert(i != mapRecvBytesPerMsgType.end());
691 [ + - ]: 203250 : i->second += msg.m_raw_message_size;
692 : :
693 : : // push the message to the process queue,
694 [ + - ]: 203250 : vRecvMsg.push_back(std::move(msg));
695 : :
696 : 203250 : complete = true;
697 : 270524 : }
698 : : }
699 : :
700 : : return true;
701 : 461815 : }
702 : :
703 : 3971 : std::string CNode::LogIP(bool log_ip) const
704 : : {
705 [ - + - - : 3971 : return log_ip ? strprintf(" peeraddr=%s", addr.ToStringAddrPort()) : "";
- - + - -
- ]
706 : : }
707 : :
708 : 11 : std::string CNode::DisconnectMsg(bool log_ip) const
709 : : {
710 : 11 : return strprintf("disconnecting peer=%d%s",
711 [ + - ]: 11 : GetId(),
712 [ + - ]: 22 : LogIP(log_ip));
713 : : }
714 : :
715 : 103320 : V1Transport::V1Transport(const NodeId node_id) noexcept
716 : 103320 : : m_magic_bytes{Params().MessageStart()}, m_node_id{node_id}
717 : : {
718 : 103320 : LOCK(m_recv_mutex);
719 [ + - ]: 103320 : Reset();
720 : 103320 : }
721 : :
722 : 239440 : Transport::Info V1Transport::GetInfo() const noexcept
723 : : {
724 : 239440 : return {.transport_type = TransportProtocolType::V1, .session_id = {}};
725 : : }
726 : :
727 : 549377 : int V1Transport::readHeader(std::span<const uint8_t> msg_bytes)
728 : : {
729 : 549377 : AssertLockHeld(m_recv_mutex);
730 : : // copy data to temporary parsing buffer
731 : 549377 : unsigned int nRemaining = CMessageHeader::HEADER_SIZE - nHdrPos;
732 [ + + ]: 549377 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
733 : :
734 [ + + ]: 549377 : memcpy(&hdrbuf[nHdrPos], msg_bytes.data(), nCopy);
735 : 549377 : nHdrPos += nCopy;
736 : :
737 : : // if header incomplete, exit
738 [ + + ]: 549377 : if (nHdrPos < CMessageHeader::HEADER_SIZE)
739 : 42162 : return nCopy;
740 : :
741 : : // deserialize to CMessageHeader
742 : 507215 : try {
743 [ + - ]: 507215 : hdrbuf >> hdr;
744 : : }
745 [ - - ]: 0 : catch (const std::exception&) {
746 [ - - - - : 0 : LogDebug(BCLog::NET, "Header error: Unable to deserialize, peer=%d\n", m_node_id);
- - ]
747 : 0 : return -1;
748 : 0 : }
749 : :
750 : : // Check start string, network magic
751 [ + + ]: 507215 : if (hdr.pchMessageStart != m_magic_bytes) {
752 [ - + - - ]: 53900 : LogDebug(BCLog::NET, "Header error: Wrong MessageStart %s received, peer=%d\n", HexStr(hdr.pchMessageStart), m_node_id);
753 : 53900 : return -1;
754 : : }
755 : :
756 : : // reject messages larger than MAX_SIZE or MAX_PROTOCOL_MESSAGE_LENGTH
757 : : // NOTE: failing to perform this check previously allowed a malicious peer to make us allocate 32MiB of memory per
758 : : // connection. See https://bitcoincore.org/en/2024/07/03/disclose_receive_buffer_oom.
759 [ + + ]: 453315 : if (hdr.nMessageSize > MAX_SIZE || hdr.nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
760 [ - + - - : 14867 : LogDebug(BCLog::NET, "Header error: Size too large (%s, %u bytes), peer=%d\n", SanitizeString(hdr.GetMessageType()), hdr.nMessageSize, m_node_id);
- - - - ]
761 : 14867 : return -1;
762 : : }
763 : :
764 : : // switch state to reading message data
765 : 438448 : in_data = true;
766 : :
767 : 438448 : return nCopy;
768 : : }
769 : :
770 : 257490 : int V1Transport::readData(std::span<const uint8_t> msg_bytes)
771 : : {
772 : 257490 : AssertLockHeld(m_recv_mutex);
773 : 257490 : unsigned int nRemaining = hdr.nMessageSize - nDataPos;
774 [ + + ]: 257490 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
775 : :
776 [ - + + + ]: 257490 : if (vRecv.size() < nDataPos + nCopy) {
777 : : // Allocate up to 256 KiB ahead, but never more than the total message size.
778 [ + + ]: 437593 : vRecv.resize(std::min(hdr.nMessageSize, nDataPos + nCopy + 256 * 1024));
779 : : }
780 : :
781 : 257490 : hasher.Write(msg_bytes.first(nCopy));
782 : 257490 : memcpy(&vRecv[nDataPos], msg_bytes.data(), nCopy);
783 : 257490 : nDataPos += nCopy;
784 : :
785 : 257490 : return nCopy;
786 : : }
787 : :
788 : 438299 : const uint256& V1Transport::GetMessageHash() const
789 : : {
790 : 438299 : AssertLockHeld(m_recv_mutex);
791 [ + - - + ]: 438299 : assert(CompleteInternal());
792 [ + - ]: 876598 : if (data_hash.IsNull())
793 : 438299 : hasher.Finalize(data_hash);
794 : 438299 : return data_hash;
795 : : }
796 : :
797 : 438299 : CNetMessage V1Transport::GetReceivedMessage(const std::chrono::microseconds time, bool& reject_message)
798 : : {
799 : 438299 : AssertLockNotHeld(m_recv_mutex);
800 : : // Initialize out parameter
801 : 438299 : reject_message = false;
802 : : // decompose a single CNetMessage from the TransportDeserializer
803 : 438299 : LOCK(m_recv_mutex);
804 [ + - ]: 438299 : CNetMessage msg(std::move(vRecv));
805 : :
806 : : // store message type string, time, and sizes
807 [ + - ]: 438299 : msg.m_type = hdr.GetMessageType();
808 : 438299 : msg.m_time = time;
809 : 438299 : msg.m_message_size = hdr.nMessageSize;
810 : 438299 : msg.m_raw_message_size = hdr.nMessageSize + CMessageHeader::HEADER_SIZE;
811 : :
812 [ + - ]: 438299 : uint256 hash = GetMessageHash();
813 : :
814 : : // We just received a message off the wire, harvest entropy from the time (and the message checksum)
815 : 438299 : RandAddEvent(ReadLE32(hash.begin()));
816 : :
817 : : // Check checksum and header message type string
818 [ + + ]: 438299 : if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) {
819 [ + - - + : 37627 : LogDebug(BCLog::NET, "Header error: Wrong checksum (%s, %u bytes), expected %s was %s, peer=%d\n",
- - - - -
- - - -
- ]
820 : : SanitizeString(msg.m_type), msg.m_message_size,
821 : : HexStr(std::span{hash}.first(CMessageHeader::CHECKSUM_SIZE)),
822 : : HexStr(hdr.pchChecksum),
823 : : m_node_id);
824 : 37627 : reject_message = true;
825 [ + - + + ]: 400672 : } else if (!hdr.IsMessageTypeValid()) {
826 [ + - - + : 125303 : LogDebug(BCLog::NET, "Header error: Invalid message type (%s, %u bytes), peer=%d\n",
- - - - -
- ]
827 : : SanitizeString(hdr.GetMessageType()), msg.m_message_size, m_node_id);
828 : 125303 : reject_message = true;
829 : : }
830 : :
831 : : // Always reset the network deserializer (prepare for the next message)
832 [ + - ]: 438299 : Reset();
833 [ + - ]: 438299 : return msg;
834 : 438299 : }
835 : :
836 : 574533 : bool V1Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
837 : : {
838 : 574533 : AssertLockNotHeld(m_send_mutex);
839 : : // Determine whether a new message can be set.
840 : 574533 : LOCK(m_send_mutex);
841 [ + + - + : 574533 : if (m_sending_header || m_bytes_sent < m_message_to_send.data.size()) return false;
+ + ]
842 : :
843 : : // create dbl-sha256 checksum
844 : 444323 : uint256 hash = Hash(msg.data);
845 : :
846 : : // create header
847 [ - + ]: 444323 : CMessageHeader hdr(m_magic_bytes, msg.m_type.c_str(), msg.data.size());
848 [ + + ]: 444323 : memcpy(hdr.pchChecksum, hash.begin(), CMessageHeader::CHECKSUM_SIZE);
849 : :
850 : : // serialize header
851 [ + + ]: 444323 : m_header_to_send.clear();
852 : 444323 : VectorWriter{m_header_to_send, 0, hdr};
853 : :
854 : : // update state
855 : 444323 : m_message_to_send = std::move(msg);
856 : 444323 : m_sending_header = true;
857 : 444323 : m_bytes_sent = 0;
858 : 444323 : return true;
859 : 574533 : }
860 : :
861 : 2825574 : Transport::BytesToSend V1Transport::GetBytesToSend(bool have_next_message) const noexcept
862 : : {
863 : 2825574 : AssertLockNotHeld(m_send_mutex);
864 : 2825574 : LOCK(m_send_mutex);
865 [ + + ]: 2825574 : if (m_sending_header) {
866 [ - + + + ]: 982655 : return {std::span{m_header_to_send}.subspan(m_bytes_sent),
867 : : // We have more to send after the header if the message has payload, or if there
868 : : // is a next message after that.
869 [ + + + + ]: 982655 : have_next_message || !m_message_to_send.data.empty(),
870 : 982655 : m_message_to_send.m_type
871 : 982655 : };
872 : : } else {
873 [ - + ]: 1842919 : return {std::span{m_message_to_send.data}.subspan(m_bytes_sent),
874 : : // We only have more to send after this message's payload if there is another
875 : : // message.
876 : : have_next_message,
877 : 1842919 : m_message_to_send.m_type
878 : 1842919 : };
879 : : }
880 : 2825574 : }
881 : :
882 : 826773 : void V1Transport::MarkBytesSent(size_t bytes_sent) noexcept
883 : : {
884 : 826773 : AssertLockNotHeld(m_send_mutex);
885 : 826773 : LOCK(m_send_mutex);
886 : 826773 : m_bytes_sent += bytes_sent;
887 [ + + - + : 826773 : if (m_sending_header && m_bytes_sent == m_header_to_send.size()) {
+ + ]
888 : : // We're done sending a message's header. Switch to sending its data bytes.
889 : 441690 : m_sending_header = false;
890 : 441690 : m_bytes_sent = 0;
891 [ + + - + : 385083 : } else if (!m_sending_header && m_bytes_sent == m_message_to_send.data.size()) {
+ + ]
892 : : // We're done sending a message's data. Wipe the data vector to reduce memory consumption.
893 : 284633 : ClearShrink(m_message_to_send.data);
894 : 284633 : m_bytes_sent = 0;
895 : : }
896 : 826773 : }
897 : :
898 : 260386 : size_t V1Transport::GetSendMemoryUsage() const noexcept
899 : : {
900 : 260386 : AssertLockNotHeld(m_send_mutex);
901 : 260386 : LOCK(m_send_mutex);
902 : : // Don't count sending-side fields besides m_message_to_send, as they're all small and bounded.
903 [ + - ]: 260386 : return m_message_to_send.GetMemoryUsage();
904 : 260386 : }
905 : :
906 : : namespace {
907 : :
908 : : /** List of short messages as defined in BIP324, in order.
909 : : *
910 : : * Only message types that are actually implemented in this codebase need to be listed, as other
911 : : * messages get ignored anyway - whether we know how to decode them or not.
912 : : */
913 : : const std::array<std::string, 33> V2_MESSAGE_IDS = {
914 : : "", // 12 bytes follow encoding the message type like in V1
915 : : NetMsgType::ADDR,
916 : : NetMsgType::BLOCK,
917 : : NetMsgType::BLOCKTXN,
918 : : NetMsgType::CMPCTBLOCK,
919 : : NetMsgType::FEEFILTER,
920 : : NetMsgType::FILTERADD,
921 : : NetMsgType::FILTERCLEAR,
922 : : NetMsgType::FILTERLOAD,
923 : : NetMsgType::GETBLOCKS,
924 : : NetMsgType::GETBLOCKTXN,
925 : : NetMsgType::GETDATA,
926 : : NetMsgType::GETHEADERS,
927 : : NetMsgType::HEADERS,
928 : : NetMsgType::INV,
929 : : NetMsgType::MEMPOOL,
930 : : NetMsgType::MERKLEBLOCK,
931 : : NetMsgType::NOTFOUND,
932 : : NetMsgType::PING,
933 : : NetMsgType::PONG,
934 : : NetMsgType::SENDCMPCT,
935 : : NetMsgType::TX,
936 : : NetMsgType::GETCFILTERS,
937 : : NetMsgType::CFILTER,
938 : : NetMsgType::GETCFHEADERS,
939 : : NetMsgType::CFHEADERS,
940 : : NetMsgType::GETCFCHECKPT,
941 : : NetMsgType::CFCHECKPT,
942 : : NetMsgType::ADDRV2,
943 : : // Unimplemented message types that are assigned in BIP324:
944 : : "",
945 : : "",
946 : : "",
947 : : ""
948 : : };
949 : :
950 : : class V2MessageMap
951 : : {
952 : : std::unordered_map<std::string, uint8_t> m_map;
953 : :
954 : : public:
955 : 225 : V2MessageMap() noexcept
956 : 225 : {
957 [ + + ]: 7425 : for (size_t i = 1; i < std::size(V2_MESSAGE_IDS); ++i) {
958 : 7200 : m_map.emplace(V2_MESSAGE_IDS[i], i);
959 : : }
960 : 225 : }
961 : :
962 : 39726 : std::optional<uint8_t> operator()(const std::string& message_name) const noexcept
963 : : {
964 : 39726 : auto it = m_map.find(message_name);
965 [ + + ]: 39726 : if (it == m_map.end()) return std::nullopt;
966 : 30737 : return it->second;
967 : : }
968 : : };
969 : :
970 : : const V2MessageMap V2_MESSAGE_MAP;
971 : :
972 : 21404 : std::vector<uint8_t> GenerateRandomGarbage() noexcept
973 : : {
974 : 21404 : std::vector<uint8_t> ret;
975 : 21404 : FastRandomContext rng;
976 : 21404 : ret.resize(rng.randrange(V2Transport::MAX_GARBAGE_LEN + 1));
977 : 21404 : rng.fillrand(MakeWritableByteSpan(ret));
978 : 21404 : return ret;
979 : 21404 : }
980 : :
981 : : } // namespace
982 : :
983 : 24419 : void V2Transport::StartSendingHandshake() noexcept
984 : : {
985 : 24419 : AssertLockHeld(m_send_mutex);
986 [ - + ]: 24419 : Assume(m_send_state == SendState::AWAITING_KEY);
987 [ - + ]: 24419 : Assume(m_send_buffer.empty());
988 : : // Initialize the send buffer with ellswift pubkey + provided garbage.
989 [ - + ]: 24419 : m_send_buffer.resize(EllSwiftPubKey::size() + m_send_garbage.size());
990 : 24419 : std::copy(std::begin(m_cipher.GetOurPubKey()), std::end(m_cipher.GetOurPubKey()), MakeWritableByteSpan(m_send_buffer).begin());
991 : 24419 : std::copy(m_send_garbage.begin(), m_send_garbage.end(), m_send_buffer.begin() + EllSwiftPubKey::size());
992 : : // We cannot wipe m_send_garbage as it will still be used as AAD later in the handshake.
993 : 24419 : }
994 : :
995 : 25368 : V2Transport::V2Transport(NodeId nodeid, bool initiating, const CKey& key, std::span<const std::byte> ent32, std::vector<uint8_t> garbage) noexcept
996 : 25368 : : m_cipher{key, ent32},
997 : 25368 : m_initiating{initiating},
998 : 25368 : m_nodeid{nodeid},
999 : 25368 : m_v1_fallback{nodeid},
1000 [ + + ]: 25368 : m_recv_state{initiating ? RecvState::KEY : RecvState::KEY_MAYBE_V1},
1001 [ - + ]: 25368 : m_send_garbage{std::move(garbage)},
1002 [ + + - + ]: 53078 : m_send_state{initiating ? SendState::AWAITING_KEY : SendState::MAYBE_V1}
1003 : : {
1004 [ - + - + ]: 25368 : Assume(m_send_garbage.size() <= MAX_GARBAGE_LEN);
1005 : : // Start sending immediately if we're the initiator of the connection.
1006 [ + + ]: 25368 : if (initiating) {
1007 : 23026 : LOCK(m_send_mutex);
1008 [ + - ]: 23026 : StartSendingHandshake();
1009 : 23026 : }
1010 : 25368 : }
1011 : :
1012 : 21404 : V2Transport::V2Transport(NodeId nodeid, bool initiating) noexcept
1013 : 42808 : : V2Transport{nodeid, initiating, GenerateRandomKey(),
1014 : 42808 : MakeByteSpan(GetRandHash()), GenerateRandomGarbage()} {}
1015 : :
1016 : 92028 : void V2Transport::SetReceiveState(RecvState recv_state) noexcept
1017 : : {
1018 : 92028 : AssertLockHeld(m_recv_mutex);
1019 : : // Enforce allowed state transitions.
1020 [ + + + + : 92028 : switch (m_recv_state) {
+ + - - ]
1021 : 2079 : case RecvState::KEY_MAYBE_V1:
1022 [ - + ]: 2079 : Assume(recv_state == RecvState::KEY || recv_state == RecvState::V1);
1023 : : break;
1024 : 4925 : case RecvState::KEY:
1025 [ - + ]: 4925 : Assume(recv_state == RecvState::GARB_GARBTERM);
1026 : : break;
1027 : 2786 : case RecvState::GARB_GARBTERM:
1028 [ - + ]: 2786 : Assume(recv_state == RecvState::VERSION);
1029 : : break;
1030 : 2786 : case RecvState::VERSION:
1031 [ - + ]: 2786 : Assume(recv_state == RecvState::APP);
1032 : : break;
1033 : 39726 : case RecvState::APP:
1034 [ - + ]: 39726 : Assume(recv_state == RecvState::APP_READY);
1035 : : break;
1036 : 39726 : case RecvState::APP_READY:
1037 [ - + ]: 39726 : Assume(recv_state == RecvState::APP);
1038 : : break;
1039 : 0 : case RecvState::V1:
1040 : 0 : Assume(false); // V1 state cannot be left
1041 : 0 : break;
1042 : : }
1043 : : // Change state.
1044 : 92028 : m_recv_state = recv_state;
1045 : 92028 : }
1046 : :
1047 : 7004 : void V2Transport::SetSendState(SendState send_state) noexcept
1048 : : {
1049 : 7004 : AssertLockHeld(m_send_mutex);
1050 : : // Enforce allowed state transitions.
1051 [ + + - - ]: 7004 : switch (m_send_state) {
1052 : 2079 : case SendState::MAYBE_V1:
1053 [ - + ]: 2079 : Assume(send_state == SendState::V1 || send_state == SendState::AWAITING_KEY);
1054 : : break;
1055 : 4925 : case SendState::AWAITING_KEY:
1056 [ - + ]: 4925 : Assume(send_state == SendState::READY);
1057 : : break;
1058 : 0 : case SendState::READY:
1059 : 0 : case SendState::V1:
1060 : 0 : Assume(false); // Final states
1061 : 0 : break;
1062 : : }
1063 : : // Change state.
1064 : 7004 : m_send_state = send_state;
1065 : 7004 : }
1066 : :
1067 : 124412 : bool V2Transport::ReceivedMessageComplete() const noexcept
1068 : : {
1069 : 124412 : AssertLockNotHeld(m_recv_mutex);
1070 : 124412 : LOCK(m_recv_mutex);
1071 [ + + ]: 124412 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedMessageComplete();
1072 : :
1073 : 88824 : return m_recv_state == RecvState::APP_READY;
1074 : 124412 : }
1075 : :
1076 : 2471 : void V2Transport::ProcessReceivedMaybeV1Bytes() noexcept
1077 : : {
1078 : 2471 : AssertLockHeld(m_recv_mutex);
1079 : 2471 : AssertLockNotHeld(m_send_mutex);
1080 [ - + ]: 2471 : Assume(m_recv_state == RecvState::KEY_MAYBE_V1);
1081 : : // We still have to determine if this is a v1 or v2 connection. The bytes being received could
1082 : : // be the beginning of either a v1 packet (network magic + "version\x00\x00\x00\x00\x00"), or
1083 : : // of a v2 public key. BIP324 specifies that a mismatch with this 16-byte string should trigger
1084 : : // sending of the key.
1085 : 2471 : std::array<uint8_t, V1_PREFIX_LEN> v1_prefix = {0, 0, 0, 0, 'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1086 : 2471 : std::copy(std::begin(Params().MessageStart()), std::end(Params().MessageStart()), v1_prefix.begin());
1087 [ - + - + ]: 2471 : Assume(m_recv_buffer.size() <= v1_prefix.size());
1088 [ + + ]: 2471 : if (!std::equal(m_recv_buffer.begin(), m_recv_buffer.end(), v1_prefix.begin())) {
1089 : : // Mismatch with v1 prefix, so we can assume a v2 connection.
1090 : 1393 : SetReceiveState(RecvState::KEY); // Convert to KEY state, leaving received bytes around.
1091 : : // Transition the sender to AWAITING_KEY state and start sending.
1092 : 1393 : LOCK(m_send_mutex);
1093 : 1393 : SetSendState(SendState::AWAITING_KEY);
1094 [ + - ]: 1393 : StartSendingHandshake();
1095 [ - + + + ]: 2471 : } else if (m_recv_buffer.size() == v1_prefix.size()) {
1096 : : // Full match with the v1 prefix, so fall back to v1 behavior.
1097 : 686 : LOCK(m_send_mutex);
1098 [ - + ]: 686 : std::span<const uint8_t> feedback{m_recv_buffer};
1099 : : // Feed already received bytes to v1 transport. It should always accept these, because it's
1100 : : // less than the size of a v1 header, and these are the first bytes fed to m_v1_fallback.
1101 : 686 : bool ret = m_v1_fallback.ReceivedBytes(feedback);
1102 [ - + ]: 686 : Assume(feedback.empty());
1103 [ - + ]: 686 : Assume(ret);
1104 : 686 : SetReceiveState(RecvState::V1);
1105 : 686 : SetSendState(SendState::V1);
1106 : : // Reset v2 transport buffers to save memory.
1107 : 686 : ClearShrink(m_recv_buffer);
1108 [ + - ]: 686 : ClearShrink(m_send_buffer);
1109 : 686 : } else {
1110 : : // We have not received enough to distinguish v1 from v2 yet. Wait until more bytes come.
1111 : : }
1112 : 2471 : }
1113 : :
1114 : 6366 : bool V2Transport::ProcessReceivedKeyBytes() noexcept
1115 : : {
1116 : 6366 : AssertLockHeld(m_recv_mutex);
1117 : 6366 : AssertLockNotHeld(m_send_mutex);
1118 [ - + ]: 6366 : Assume(m_recv_state == RecvState::KEY);
1119 [ - + - + ]: 6366 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1120 : :
1121 : : // As a special exception, if bytes 4-16 of the key on a responder connection match the
1122 : : // corresponding bytes of a V1 version message, but bytes 0-4 don't match the network magic
1123 : : // (if they did, we'd have switched to V1 state already), assume this is a peer from
1124 : : // another network, and disconnect them. They will almost certainly disconnect us too when
1125 : : // they receive our uniformly random key and garbage, but detecting this case specially
1126 : : // means we can log it.
1127 : 6366 : static constexpr std::array<uint8_t, 12> MATCH = {'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1128 : 6366 : static constexpr size_t OFFSET = std::tuple_size_v<MessageStartChars>;
1129 [ + + - + : 6366 : if (!m_initiating && m_recv_buffer.size() >= OFFSET + MATCH.size()) {
+ + ]
1130 [ - + ]: 2109 : if (std::equal(MATCH.begin(), MATCH.end(), m_recv_buffer.begin() + OFFSET)) {
1131 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: V1 peer with wrong MessageStart %s\n",
1132 : : HexStr(std::span(m_recv_buffer).first(OFFSET)));
1133 : 0 : return false;
1134 : : }
1135 : : }
1136 : :
1137 [ - + + + ]: 6366 : if (m_recv_buffer.size() == EllSwiftPubKey::size()) {
1138 : : // Other side's key has been fully received, and can now be Diffie-Hellman combined with
1139 : : // our key to initialize the encryption ciphers.
1140 : :
1141 : : // Initialize the ciphers.
1142 : 4925 : EllSwiftPubKey ellswift(MakeByteSpan(m_recv_buffer));
1143 : 4925 : LOCK(m_send_mutex);
1144 : 4925 : m_cipher.Initialize(ellswift, m_initiating);
1145 : :
1146 : : // Switch receiver state to GARB_GARBTERM.
1147 : 4925 : SetReceiveState(RecvState::GARB_GARBTERM);
1148 [ + - ]: 4925 : m_recv_buffer.clear();
1149 : :
1150 : : // Switch sender state to READY.
1151 : 4925 : SetSendState(SendState::READY);
1152 : :
1153 : : // Append the garbage terminator to the send buffer.
1154 [ - + ]: 4925 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1155 : 4925 : std::copy(m_cipher.GetSendGarbageTerminator().begin(),
1156 : 4925 : m_cipher.GetSendGarbageTerminator().end(),
1157 : 4925 : MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN).begin());
1158 : :
1159 : : // Construct version packet in the send buffer, with the sent garbage data as AAD.
1160 [ - + ]: 4925 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::EXPANSION + VERSION_CONTENTS.size());
1161 : 4925 : m_cipher.Encrypt(
1162 : : /*contents=*/VERSION_CONTENTS,
1163 : 4925 : /*aad=*/MakeByteSpan(m_send_garbage),
1164 : : /*ignore=*/false,
1165 : 4925 : /*output=*/MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::EXPANSION + VERSION_CONTENTS.size()));
1166 : : // We no longer need the garbage.
1167 [ + - ]: 4925 : ClearShrink(m_send_garbage);
1168 : 4925 : } else {
1169 : : // We still have to receive more key bytes.
1170 : : }
1171 : : return true;
1172 : : }
1173 : :
1174 : 13370290 : bool V2Transport::ProcessReceivedGarbageBytes() noexcept
1175 : : {
1176 : 13370290 : AssertLockHeld(m_recv_mutex);
1177 [ - + ]: 13370290 : Assume(m_recv_state == RecvState::GARB_GARBTERM);
1178 [ - + - + ]: 13370290 : Assume(m_recv_buffer.size() <= MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1179 [ - + + + ]: 13370290 : if (m_recv_buffer.size() >= BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1180 [ + + ]: 13296648 : if (std::ranges::equal(MakeByteSpan(m_recv_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN), m_cipher.GetReceiveGarbageTerminator())) {
1181 : : // Garbage terminator received. Store garbage to authenticate it as AAD later.
1182 : 2786 : m_recv_aad = std::move(m_recv_buffer);
1183 [ - + ]: 2786 : m_recv_aad.resize(m_recv_aad.size() - BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1184 [ - + ]: 2786 : m_recv_buffer.clear();
1185 : 2786 : SetReceiveState(RecvState::VERSION);
1186 [ + + ]: 13293862 : } else if (m_recv_buffer.size() == MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1187 : : // We've reached the maximum length for garbage + garbage terminator, and the
1188 : : // terminator still does not match. Abort.
1189 [ - + ]: 2102 : LogDebug(BCLog::NET, "V2 transport error: missing garbage terminator, peer=%d\n", m_nodeid);
1190 : 2102 : return false;
1191 : : } else {
1192 : : // We still need to receive more garbage and/or garbage terminator bytes.
1193 : : }
1194 : : } else {
1195 : : // We have less than GARBAGE_TERMINATOR_LEN (16) bytes, so we certainly need to receive
1196 : : // more first.
1197 : : }
1198 : : return true;
1199 : : }
1200 : :
1201 : 120658 : bool V2Transport::ProcessReceivedPacketBytes() noexcept
1202 : : {
1203 : 120658 : AssertLockHeld(m_recv_mutex);
1204 [ - + ]: 120658 : Assume(m_recv_state == RecvState::VERSION || m_recv_state == RecvState::APP);
1205 : :
1206 : : // The maximum permitted contents length for a packet, consisting of:
1207 : : // - 0x00 byte: indicating long message type encoding
1208 : : // - 12 bytes of message type
1209 : : // - payload
1210 : 120658 : static constexpr size_t MAX_CONTENTS_LEN =
1211 : : 1 + CMessageHeader::MESSAGE_TYPE_SIZE +
1212 : : std::min<size_t>(MAX_SIZE, MAX_PROTOCOL_MESSAGE_LENGTH);
1213 : :
1214 [ - + + + ]: 120658 : if (m_recv_buffer.size() == BIP324Cipher::LENGTH_LEN) {
1215 : : // Length descriptor received.
1216 : 42512 : m_recv_len = m_cipher.DecryptLength(MakeByteSpan(m_recv_buffer));
1217 [ - + ]: 42512 : if (m_recv_len > MAX_CONTENTS_LEN) {
1218 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet too large (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1219 : 0 : return false;
1220 : : }
1221 [ + + + + ]: 78146 : } else if (m_recv_buffer.size() > BIP324Cipher::LENGTH_LEN && m_recv_buffer.size() == m_recv_len + BIP324Cipher::EXPANSION) {
1222 : : // Ciphertext received, decrypt it into m_recv_decode_buffer.
1223 : : // Note that it is impossible to reach this branch without hitting the branch above first,
1224 : : // as GetMaxBytesToProcess only allows up to LENGTH_LEN into the buffer before that point.
1225 : 42512 : m_recv_decode_buffer.resize(m_recv_len);
1226 : 42512 : bool ignore{false};
1227 : 85024 : bool ret = m_cipher.Decrypt(
1228 : 42512 : /*input=*/MakeByteSpan(m_recv_buffer).subspan(BIP324Cipher::LENGTH_LEN),
1229 : 42512 : /*aad=*/MakeByteSpan(m_recv_aad),
1230 : : /*ignore=*/ignore,
1231 : : /*contents=*/MakeWritableByteSpan(m_recv_decode_buffer));
1232 [ - + ]: 42512 : if (!ret) {
1233 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet decryption failure (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1234 : 0 : return false;
1235 : : }
1236 : : // We have decrypted a valid packet with the AAD we expected, so clear the expected AAD.
1237 : 42512 : ClearShrink(m_recv_aad);
1238 : : // Feed the last 4 bytes of the Poly1305 authentication tag (and its timing) into our RNG.
1239 [ - + ]: 42512 : RandAddEvent(ReadLE32(m_recv_buffer.data() + m_recv_buffer.size() - 4));
1240 : :
1241 : : // At this point we have a valid packet decrypted into m_recv_decode_buffer. If it's not a
1242 : : // decoy, which we simply ignore, use the current state to decide what to do with it.
1243 [ + - ]: 42512 : if (!ignore) {
1244 [ + + - ]: 42512 : switch (m_recv_state) {
1245 : 2786 : case RecvState::VERSION:
1246 : : // Version message received; transition to application phase. The contents is
1247 : : // ignored, but can be used for future extensions.
1248 : 2786 : SetReceiveState(RecvState::APP);
1249 : 2786 : break;
1250 : 39726 : case RecvState::APP:
1251 : : // Application message decrypted correctly. It can be extracted using GetMessage().
1252 : 39726 : SetReceiveState(RecvState::APP_READY);
1253 : 39726 : break;
1254 : 0 : default:
1255 : : // Any other state is invalid (this function should not have been called).
1256 : 0 : Assume(false);
1257 : : }
1258 : : }
1259 : : // Wipe the receive buffer where the next packet will be received into.
1260 : 42512 : ClearShrink(m_recv_buffer);
1261 : : // In all but APP_READY state, we can wipe the decoded contents.
1262 [ + + ]: 42512 : if (m_recv_state != RecvState::APP_READY) ClearShrink(m_recv_decode_buffer);
1263 : : } else {
1264 : : // We either have less than 3 bytes, so we don't know the packet's length yet, or more
1265 : : // than 3 bytes but less than the packet's full ciphertext. Wait until those arrive.
1266 : : }
1267 : : return true;
1268 : : }
1269 : :
1270 : 13537658 : size_t V2Transport::GetMaxBytesToProcess() noexcept
1271 : : {
1272 : 13537658 : AssertLockHeld(m_recv_mutex);
1273 [ + + + + : 13537658 : switch (m_recv_state) {
- - + ]
1274 : 2471 : case RecvState::KEY_MAYBE_V1:
1275 : : // During the KEY_MAYBE_V1 state we do not allow more than the length of v1 prefix into the
1276 : : // receive buffer.
1277 [ - + - + ]: 2471 : Assume(m_recv_buffer.size() <= V1_PREFIX_LEN);
1278 : : // As long as we're not sure if this is a v1 or v2 connection, don't receive more than what
1279 : : // is strictly necessary to distinguish the two (16 bytes). If we permitted more than
1280 : : // the v1 header size (24 bytes), we may not be able to feed the already-received bytes
1281 : : // back into the m_v1_fallback V1 transport.
1282 [ - + ]: 2471 : return V1_PREFIX_LEN - m_recv_buffer.size();
1283 : 6366 : case RecvState::KEY:
1284 : : // During the KEY state, we only allow the 64-byte key into the receive buffer.
1285 [ - + - + ]: 6366 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1286 : : // As long as we have not received the other side's public key, don't receive more than
1287 : : // that (64 bytes), as garbage follows, and locating the garbage terminator requires the
1288 : : // key exchange first.
1289 [ - + ]: 6366 : return EllSwiftPubKey::size() - m_recv_buffer.size();
1290 : : case RecvState::GARB_GARBTERM:
1291 : : // Process garbage bytes one by one (because terminator may appear anywhere).
1292 : : return 1;
1293 : 120658 : case RecvState::VERSION:
1294 : 120658 : case RecvState::APP:
1295 : : // These three states all involve decoding a packet. Process the length descriptor first,
1296 : : // so that we know where the current packet ends (and we don't process bytes from the next
1297 : : // packet or decoy yet). Then, process the ciphertext bytes of the current packet.
1298 [ - + + + ]: 120658 : if (m_recv_buffer.size() < BIP324Cipher::LENGTH_LEN) {
1299 : 43736 : return BIP324Cipher::LENGTH_LEN - m_recv_buffer.size();
1300 : : } else {
1301 : : // Note that BIP324Cipher::EXPANSION is the total difference between contents size
1302 : : // and encoded packet size, which includes the 3 bytes due to the packet length.
1303 : : // When transitioning from receiving the packet length to receiving its ciphertext,
1304 : : // the encrypted packet length is left in the receive buffer.
1305 : 76922 : return BIP324Cipher::EXPANSION + m_recv_len - m_recv_buffer.size();
1306 : : }
1307 : 37873 : case RecvState::APP_READY:
1308 : : // No bytes can be processed until GetMessage() is called.
1309 : 37873 : return 0;
1310 : 0 : case RecvState::V1:
1311 : : // Not allowed (must be dealt with by the caller).
1312 : 0 : Assume(false);
1313 : 0 : return 0;
1314 : : }
1315 : 0 : Assume(false); // unreachable
1316 : 0 : return 0;
1317 : : }
1318 : :
1319 : 126514 : bool V2Transport::ReceivedBytes(std::span<const uint8_t>& msg_bytes) noexcept
1320 : : {
1321 : 126514 : AssertLockNotHeld(m_recv_mutex);
1322 : : /** How many bytes to allocate in the receive buffer at most above what is received so far. */
1323 : 126514 : static constexpr size_t MAX_RESERVE_AHEAD = 256 * 1024;
1324 : :
1325 : 126514 : LOCK(m_recv_mutex);
1326 [ + + ]: 126514 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedBytes(msg_bytes);
1327 : :
1328 : : // Process the provided bytes in msg_bytes in a loop. In each iteration a nonzero number of
1329 : : // bytes (decided by GetMaxBytesToProcess) are taken from the beginning om msg_bytes, and
1330 : : // appended to m_recv_buffer. Then, depending on the receiver state, one of the
1331 : : // ProcessReceived*Bytes functions is called to process the bytes in that buffer.
1332 : 13588609 : while (!msg_bytes.empty()) {
1333 : : // Decide how many bytes to copy from msg_bytes to m_recv_buffer.
1334 : 13537658 : size_t max_read = GetMaxBytesToProcess();
1335 : :
1336 : : // Reserve space in the buffer if there is not enough.
1337 [ - + + + : 13588643 : if (m_recv_buffer.size() + std::min(msg_bytes.size(), max_read) > m_recv_buffer.capacity()) {
- + + + ]
1338 [ + + - - : 90664 : switch (m_recv_state) {
- ]
1339 : 5640 : case RecvState::KEY_MAYBE_V1:
1340 : 5640 : case RecvState::KEY:
1341 : 5640 : case RecvState::GARB_GARBTERM:
1342 : : // During the initial states (key/garbage), allocate once to fit the maximum (4111
1343 : : // bytes).
1344 : 5640 : m_recv_buffer.reserve(MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1345 : 5640 : break;
1346 : 85024 : case RecvState::VERSION:
1347 : 85024 : case RecvState::APP: {
1348 : : // During states where a packet is being received, as much as is expected but never
1349 : : // more than MAX_RESERVE_AHEAD bytes in addition to what is received so far.
1350 : : // This means attackers that want to cause us to waste allocated memory are limited
1351 : : // to MAX_RESERVE_AHEAD above the largest allowed message contents size, and to
1352 : : // MAX_RESERVE_AHEAD more than they've actually sent us.
1353 [ + - ]: 85024 : size_t alloc_add = std::min(max_read, msg_bytes.size() + MAX_RESERVE_AHEAD);
1354 : 85024 : m_recv_buffer.reserve(m_recv_buffer.size() + alloc_add);
1355 : 85024 : break;
1356 : : }
1357 : 0 : case RecvState::APP_READY:
1358 : : // The buffer is empty in this state.
1359 [ # # ]: 0 : Assume(m_recv_buffer.empty());
1360 : : break;
1361 : 0 : case RecvState::V1:
1362 : : // Should have bailed out above.
1363 : 0 : Assume(false);
1364 : 0 : break;
1365 : : }
1366 : : }
1367 : :
1368 : : // Can't read more than provided input.
1369 [ + + ]: 13537658 : max_read = std::min(msg_bytes.size(), max_read);
1370 : : // Copy data to buffer.
1371 : 13537658 : m_recv_buffer.insert(m_recv_buffer.end(), UCharCast(msg_bytes.data()), UCharCast(msg_bytes.data() + max_read));
1372 [ + + + + : 13537658 : msg_bytes = msg_bytes.subspan(max_read);
- - + ]
1373 : :
1374 : : // Process data in the buffer.
1375 [ + + + + : 13537658 : switch (m_recv_state) {
- - + ]
1376 : 2471 : case RecvState::KEY_MAYBE_V1:
1377 : 2471 : ProcessReceivedMaybeV1Bytes();
1378 [ + + ]: 2471 : if (m_recv_state == RecvState::V1) return true;
1379 : : break;
1380 : :
1381 : 6366 : case RecvState::KEY:
1382 [ + - ]: 6366 : if (!ProcessReceivedKeyBytes()) return false;
1383 : : break;
1384 : :
1385 : 13370290 : case RecvState::GARB_GARBTERM:
1386 [ + + ]: 13370290 : if (!ProcessReceivedGarbageBytes()) return false;
1387 : : break;
1388 : :
1389 : 120658 : case RecvState::VERSION:
1390 : 120658 : case RecvState::APP:
1391 [ + - ]: 120658 : if (!ProcessReceivedPacketBytes()) return false;
1392 : : break;
1393 : :
1394 : : case RecvState::APP_READY:
1395 : : return true;
1396 : :
1397 : 0 : case RecvState::V1:
1398 : : // We should have bailed out before.
1399 : 0 : Assume(false);
1400 : 0 : break;
1401 : : }
1402 : : // Make sure we have made progress before continuing.
1403 [ - + + + ]: 13588609 : Assume(max_read > 0);
1404 : : }
1405 : :
1406 : : return true;
1407 : 126514 : }
1408 : :
1409 : 39726 : std::optional<std::string> V2Transport::GetMessageType(std::span<const uint8_t>& contents) noexcept
1410 : : {
1411 [ - + ]: 39726 : if (contents.size() == 0) return std::nullopt; // Empty contents
1412 [ + + ]: 39726 : uint8_t first_byte = contents[0];
1413 [ + + ]: 39726 : contents = contents.subspan(1); // Strip first byte.
1414 : :
1415 [ + + ]: 39726 : if (first_byte != 0) {
1416 : : // Short (1 byte) encoding.
1417 [ + - ]: 30737 : if (first_byte < std::size(V2_MESSAGE_IDS)) {
1418 : : // Valid short message id.
1419 [ - + ]: 61474 : return V2_MESSAGE_IDS[first_byte];
1420 : : } else {
1421 : : // Unknown short message id.
1422 : 0 : return std::nullopt;
1423 : : }
1424 : : }
1425 : :
1426 [ - + ]: 8989 : if (contents.size() < CMessageHeader::MESSAGE_TYPE_SIZE) {
1427 : 0 : return std::nullopt; // Long encoding needs 12 message type bytes.
1428 : : }
1429 : :
1430 : : size_t msg_type_len{0};
1431 [ + + + + ]: 69107 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE && contents[msg_type_len] != 0) {
1432 : : // Verify that message type bytes before the first 0x00 are in range.
1433 [ - + + - ]: 60118 : if (contents[msg_type_len] < ' ' || contents[msg_type_len] > 0x7F) {
1434 : 0 : return {};
1435 : : }
1436 : 60118 : ++msg_type_len;
1437 : : }
1438 : 8989 : std::string ret{reinterpret_cast<const char*>(contents.data()), msg_type_len};
1439 [ + + ]: 56739 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE) {
1440 : : // Verify that message type bytes after the first 0x00 are also 0x00.
1441 [ - + ]: 47750 : if (contents[msg_type_len] != 0) return {};
1442 : 47750 : ++msg_type_len;
1443 : : }
1444 : : // Strip message type bytes of contents.
1445 : 8989 : contents = contents.subspan(CMessageHeader::MESSAGE_TYPE_SIZE);
1446 : 8989 : return ret;
1447 : 8989 : }
1448 : :
1449 : 56345 : CNetMessage V2Transport::GetReceivedMessage(std::chrono::microseconds time, bool& reject_message) noexcept
1450 : : {
1451 : 56345 : AssertLockNotHeld(m_recv_mutex);
1452 : 56345 : LOCK(m_recv_mutex);
1453 [ + + ]: 56345 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetReceivedMessage(time, reject_message);
1454 : :
1455 [ - + ]: 39726 : Assume(m_recv_state == RecvState::APP_READY);
1456 [ - + ]: 39726 : std::span<const uint8_t> contents{m_recv_decode_buffer};
1457 : 39726 : auto msg_type = GetMessageType(contents);
1458 : 39726 : CNetMessage msg{DataStream{}};
1459 : : // Note that BIP324Cipher::EXPANSION also includes the length descriptor size.
1460 [ - + ]: 39726 : msg.m_raw_message_size = m_recv_decode_buffer.size() + BIP324Cipher::EXPANSION;
1461 [ + - ]: 39726 : if (msg_type) {
1462 : 39726 : reject_message = false;
1463 : 39726 : msg.m_type = std::move(*msg_type);
1464 : 39726 : msg.m_time = time;
1465 : 39726 : msg.m_message_size = contents.size();
1466 : 39726 : msg.m_recv.resize(contents.size());
1467 : 39726 : std::copy(contents.begin(), contents.end(), UCharCast(msg.m_recv.data()));
1468 : : } else {
1469 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: invalid message type (%u bytes contents), peer=%d\n", m_recv_decode_buffer.size(), m_nodeid);
1470 : 0 : reject_message = true;
1471 : : }
1472 : 39726 : ClearShrink(m_recv_decode_buffer);
1473 : 39726 : SetReceiveState(RecvState::APP);
1474 : :
1475 : 39726 : return msg;
1476 : 39726 : }
1477 : :
1478 : 201153 : bool V2Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
1479 : : {
1480 : 201153 : AssertLockNotHeld(m_send_mutex);
1481 : 201153 : LOCK(m_send_mutex);
1482 [ + + ]: 201153 : if (m_send_state == SendState::V1) return m_v1_fallback.SetMessageToSend(msg);
1483 : : // We only allow adding a new message to be sent when in the READY state (so the packet cipher
1484 : : // is available) and the send buffer is empty. This limits the number of messages in the send
1485 : : // buffer to just one, and leaves the responsibility for queueing them up to the caller.
1486 [ + + + + ]: 188797 : if (!(m_send_state == SendState::READY && m_send_buffer.empty())) return false;
1487 : : // Construct contents (encoding message type + payload).
1488 : 39726 : std::vector<uint8_t> contents;
1489 : 39726 : auto short_message_id = V2_MESSAGE_MAP(msg.m_type);
1490 [ + + ]: 39726 : if (short_message_id) {
1491 [ - + ]: 30737 : contents.resize(1 + msg.data.size());
1492 : 30737 : contents[0] = *short_message_id;
1493 : 30737 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1);
1494 : : } else {
1495 : : // Initialize with zeroes, and then write the message type string starting at offset 1.
1496 : : // This means contents[0] and the unused positions in contents[1..13] remain 0x00.
1497 [ - + ]: 8989 : contents.resize(1 + CMessageHeader::MESSAGE_TYPE_SIZE + msg.data.size(), 0);
1498 [ - + ]: 8989 : std::copy(msg.m_type.begin(), msg.m_type.end(), contents.data() + 1);
1499 : 8989 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1 + CMessageHeader::MESSAGE_TYPE_SIZE);
1500 : : }
1501 : : // Construct ciphertext in send buffer.
1502 [ - + ]: 39726 : m_send_buffer.resize(contents.size() + BIP324Cipher::EXPANSION);
1503 : 39726 : m_cipher.Encrypt(MakeByteSpan(contents), {}, false, MakeWritableByteSpan(m_send_buffer));
1504 : 39726 : m_send_type = msg.m_type;
1505 : : // Release memory
1506 : 39726 : ClearShrink(msg.data);
1507 : 39726 : return true;
1508 : 39726 : }
1509 : :
1510 : 2392651 : Transport::BytesToSend V2Transport::GetBytesToSend(bool have_next_message) const noexcept
1511 : : {
1512 : 2392651 : AssertLockNotHeld(m_send_mutex);
1513 : 2392651 : LOCK(m_send_mutex);
1514 [ + + ]: 2392651 : if (m_send_state == SendState::V1) return m_v1_fallback.GetBytesToSend(have_next_message);
1515 : :
1516 [ + + - + ]: 2168223 : if (m_send_state == SendState::MAYBE_V1) Assume(m_send_buffer.empty());
1517 [ - + - + ]: 2168223 : Assume(m_send_pos <= m_send_buffer.size());
1518 : 2168223 : return {
1519 [ - + + + ]: 2168223 : std::span{m_send_buffer}.subspan(m_send_pos),
1520 : : // We only have more to send after the current m_send_buffer if there is a (next)
1521 : : // message to be sent, and we're capable of sending packets. */
1522 [ + + + + ]: 2168223 : have_next_message && m_send_state == SendState::READY,
1523 : 2168223 : m_send_type
1524 : 2168223 : };
1525 : 2392651 : }
1526 : :
1527 : 176282 : void V2Transport::MarkBytesSent(size_t bytes_sent) noexcept
1528 : : {
1529 : 176282 : AssertLockNotHeld(m_send_mutex);
1530 : 176282 : LOCK(m_send_mutex);
1531 [ + + + - ]: 176282 : if (m_send_state == SendState::V1) return m_v1_fallback.MarkBytesSent(bytes_sent);
1532 : :
1533 [ + + + + : 153523 : if (m_send_state == SendState::AWAITING_KEY && m_send_pos == 0 && bytes_sent > 0) {
+ - ]
1534 [ - + ]: 2137 : LogDebug(BCLog::NET, "start sending v2 handshake to peer=%d\n", m_nodeid);
1535 : : }
1536 : :
1537 : 153523 : m_send_pos += bytes_sent;
1538 [ - + - + ]: 153523 : Assume(m_send_pos <= m_send_buffer.size());
1539 [ + + ]: 153523 : if (m_send_pos >= CMessageHeader::HEADER_SIZE) {
1540 : 104498 : m_sent_v1_header_worth = true;
1541 : : }
1542 : : // Wipe the buffer when everything is sent.
1543 [ - + + + ]: 153523 : if (m_send_pos == m_send_buffer.size()) {
1544 : 43610 : m_send_pos = 0;
1545 : 43610 : ClearShrink(m_send_buffer);
1546 : : }
1547 : 176282 : }
1548 : :
1549 : 0 : bool V2Transport::ShouldReconnectV1() const noexcept
1550 : : {
1551 : 0 : AssertLockNotHeld(m_send_mutex);
1552 : 0 : AssertLockNotHeld(m_recv_mutex);
1553 : : // Only outgoing connections need reconnection.
1554 [ # # ]: 0 : if (!m_initiating) return false;
1555 : :
1556 : 0 : LOCK(m_recv_mutex);
1557 : : // We only reconnect in the very first state and when the receive buffer is empty. Together
1558 : : // these conditions imply nothing has been received so far.
1559 [ # # ]: 0 : if (m_recv_state != RecvState::KEY) return false;
1560 [ # # ]: 0 : if (!m_recv_buffer.empty()) return false;
1561 : : // Check if we've sent enough for the other side to disconnect us (if it was V1).
1562 : 0 : LOCK(m_send_mutex);
1563 [ # # ]: 0 : return m_sent_v1_header_worth;
1564 : 0 : }
1565 : :
1566 : 1703 : size_t V2Transport::GetSendMemoryUsage() const noexcept
1567 : : {
1568 : 1703 : AssertLockNotHeld(m_send_mutex);
1569 : 1703 : LOCK(m_send_mutex);
1570 [ - + ]: 1703 : if (m_send_state == SendState::V1) return m_v1_fallback.GetSendMemoryUsage();
1571 : :
1572 [ - + ]: 3406 : return sizeof(m_send_buffer) + memusage::DynamicUsage(m_send_buffer);
1573 : 1703 : }
1574 : :
1575 : 25131 : Transport::Info V2Transport::GetInfo() const noexcept
1576 : : {
1577 : 25131 : AssertLockNotHeld(m_recv_mutex);
1578 : 25131 : LOCK(m_recv_mutex);
1579 [ + + ]: 25131 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetInfo();
1580 : :
1581 [ + + ]: 24445 : Transport::Info info;
1582 : :
1583 : : // Do not report v2 and session ID until the version packet has been received
1584 : : // and verified (confirming that the other side very likely has the same keys as us).
1585 [ + + ]: 24445 : if (m_recv_state != RecvState::KEY_MAYBE_V1 && m_recv_state != RecvState::KEY &&
1586 : : m_recv_state != RecvState::GARB_GARBTERM && m_recv_state != RecvState::VERSION) {
1587 : 2786 : info.transport_type = TransportProtocolType::V2;
1588 : 2786 : info.session_id = uint256(MakeUCharSpan(m_cipher.GetSessionID()));
1589 : : } else {
1590 : 21659 : info.transport_type = TransportProtocolType::DETECTING;
1591 : : }
1592 : :
1593 : 24445 : return info;
1594 : 25131 : }
1595 : :
1596 : 105189 : std::pair<size_t, bool> CConnman::SocketSendData(CNode& node) const
1597 : : {
1598 : 105189 : auto it = node.vSendMsg.begin();
1599 : 105189 : size_t nSentSize = 0;
1600 : 105189 : bool data_left{false}; //!< second return value (whether unsent data remains)
1601 : 105189 : std::optional<bool> expected_more;
1602 : :
1603 : 234422 : while (true) {
1604 [ + + ]: 234422 : if (it != node.vSendMsg.end()) {
1605 : : // If possible, move one message from the send queue to the transport. This fails when
1606 : : // there is an existing message still being sent, or (for v2 transports) when the
1607 : : // handshake has not yet completed.
1608 : 103443 : size_t memusage = it->GetMemoryUsage();
1609 [ + - ]: 103443 : if (node.m_transport->SetMessageToSend(*it)) {
1610 : : // Update memory usage of send buffer (as *it will be deleted).
1611 : 103443 : node.m_send_memusage -= memusage;
1612 : 103443 : ++it;
1613 : : }
1614 : : }
1615 [ + + ]: 234422 : const auto& [data, more, msg_type] = node.m_transport->GetBytesToSend(it != node.vSendMsg.end());
1616 : : // We rely on the 'more' value returned by GetBytesToSend to correctly predict whether more
1617 : : // bytes are still to be sent, to correctly set the MSG_MORE flag. As a sanity check,
1618 : : // verify that the previously returned 'more' was correct.
1619 [ + + - + ]: 234422 : if (expected_more.has_value()) Assume(!data.empty() == *expected_more);
1620 [ + + ]: 234422 : expected_more = more;
1621 [ + + ]: 234422 : data_left = !data.empty(); // will be overwritten on next loop if all of data gets sent
1622 : 234422 : int nBytes = 0;
1623 [ + + ]: 234422 : if (!data.empty()) {
1624 : 160318 : LOCK(node.m_sock_mutex);
1625 : : // There is no socket in case we've already disconnected, or in test cases without
1626 : : // real connections. In these cases, we bail out immediately and just leave things
1627 : : // in the send queue and transport.
1628 [ + + ]: 160318 : if (!node.m_sock) {
1629 : : break;
1630 : : }
1631 : 146383 : int flags = MSG_NOSIGNAL | MSG_DONTWAIT;
1632 : : #ifdef MSG_MORE
1633 [ + + ]: 146383 : if (more) {
1634 : 64425 : flags |= MSG_MORE;
1635 : : }
1636 : : #endif
1637 [ + - + - ]: 146383 : nBytes = node.m_sock->Send(data.data(), data.size(), flags);
1638 : 13935 : }
1639 [ + + ]: 146383 : if (nBytes > 0) {
1640 : 140508 : node.m_last_send = GetTime<std::chrono::seconds>();
1641 : 140508 : node.nSendBytes += nBytes;
1642 : : // Notify transport that bytes have been processed.
1643 : 140508 : node.m_transport->MarkBytesSent(nBytes);
1644 : : // Update statistics per message type.
1645 [ + + ]: 140508 : if (!msg_type.empty()) { // don't report v2 handshake bytes for now
1646 : 136661 : node.AccountForSentBytes(msg_type, nBytes);
1647 : : }
1648 : 140508 : nSentSize += nBytes;
1649 [ + + ]: 140508 : if ((size_t)nBytes != data.size()) {
1650 : : // could not send full message; stop sending more
1651 : : break;
1652 : : }
1653 : : } else {
1654 [ + + ]: 79979 : if (nBytes < 0) {
1655 : : // error
1656 : 4964 : int nErr = WSAGetLastError();
1657 [ + + + + ]: 4964 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) {
1658 [ - + - - : 4444 : LogDebug(BCLog::NET, "socket send error, %s: %s\n", node.DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
1659 : 4444 : node.CloseSocketDisconnect();
1660 : : }
1661 : : }
1662 : : break;
1663 : : }
1664 : : }
1665 : :
1666 [ + - ]: 105189 : node.fPauseSend = node.m_send_memusage + node.m_transport->GetSendMemoryUsage() > nSendBufferMaxSize;
1667 : :
1668 [ + - ]: 105189 : if (it == node.vSendMsg.end()) {
1669 [ - + ]: 105189 : assert(node.m_send_memusage == 0);
1670 : : }
1671 : 105189 : node.vSendMsg.erase(node.vSendMsg.begin(), it);
1672 : 105189 : return {nSentSize, data_left};
1673 : : }
1674 : :
1675 : : /** Try to find a connection to evict when the node is full.
1676 : : * Extreme care must be taken to avoid opening the node to attacker
1677 : : * triggered network partitioning.
1678 : : * The strategy used here is to protect a small number of peers
1679 : : * for each of several distinct characteristics which are difficult
1680 : : * to forge. In order to partition a node the attacker must be
1681 : : * simultaneously better at all of them than honest peers.
1682 : : */
1683 : 17602 : bool CConnman::AttemptToEvictConnection()
1684 : : {
1685 : 17602 : std::vector<NodeEvictionCandidate> vEvictionCandidates;
1686 : 17602 : {
1687 : :
1688 [ + - ]: 17602 : LOCK(m_nodes_mutex);
1689 [ + + ]: 877215 : for (const CNode* node : m_nodes) {
1690 [ + + ]: 859613 : if (node->fDisconnect)
1691 : 1173 : continue;
1692 : 858440 : NodeEvictionCandidate candidate{
1693 : 858440 : .id = node->GetId(),
1694 : : .m_connected = node->m_connected,
1695 : 858440 : .m_min_ping_time = node->m_min_ping_time,
1696 : 858440 : .m_last_block_time = node->m_last_block_time,
1697 : 858440 : .m_last_tx_time = node->m_last_tx_time,
1698 [ + - ]: 858440 : .fRelevantServices = node->m_has_all_wanted_services,
1699 : 858440 : .m_relay_txs = node->m_relays_txs.load(),
1700 : 858440 : .fBloomFilter = node->m_bloom_filter_loaded.load(),
1701 : 858440 : .nKeyedNetGroup = node->nKeyedNetGroup,
1702 : 858440 : .prefer_evict = node->m_prefer_evict,
1703 [ + - ]: 858440 : .m_is_local = node->addr.IsLocal(),
1704 : 858440 : .m_network = node->ConnectedThroughNetwork(),
1705 : 858440 : .m_noban = node->HasPermission(NetPermissionFlags::NoBan),
1706 : 858440 : .m_conn_type = node->m_conn_type,
1707 [ + - + - : 1716880 : };
+ - ]
1708 [ + - ]: 858440 : vEvictionCandidates.push_back(candidate);
1709 : : }
1710 : 0 : }
1711 [ + - ]: 17602 : const std::optional<NodeId> node_id_to_evict = SelectNodeToEvict(std::move(vEvictionCandidates));
1712 [ + + ]: 17602 : if (!node_id_to_evict) {
1713 : : return false;
1714 : : }
1715 [ + - ]: 44 : LOCK(m_nodes_mutex);
1716 [ + - ]: 261 : for (CNode* pnode : m_nodes) {
1717 [ + + ]: 261 : if (pnode->GetId() == *node_id_to_evict) {
1718 [ + - - + : 44 : LogDebug(BCLog::NET, "selected %s connection for eviction, %s", pnode->ConnectionTypeAsString(), pnode->DisconnectMsg(fLogIPs));
- - - - ]
1719 : : TRACEPOINT(net, evicted_inbound_connection,
1720 : : pnode->GetId(),
1721 : : pnode->m_addr_name.c_str(),
1722 : : pnode->ConnectionTypeAsString().c_str(),
1723 : : pnode->ConnectedThroughNetwork(),
1724 : 44 : Ticks<std::chrono::seconds>(pnode->m_connected));
1725 : 44 : pnode->fDisconnect = true;
1726 : 44 : return true;
1727 : : }
1728 : : }
1729 : : return false;
1730 : 17646 : }
1731 : :
1732 : 12947 : void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
1733 : 12947 : struct sockaddr_storage sockaddr;
1734 : 12947 : socklen_t len = sizeof(sockaddr);
1735 : 25738 : auto sock = hListenSocket.sock->Accept((struct sockaddr*)&sockaddr, &len);
1736 : :
1737 [ + + ]: 12947 : if (!sock) {
1738 : 156 : const int nErr = WSAGetLastError();
1739 [ + - ]: 156 : if (nErr != WSAEWOULDBLOCK) {
1740 [ + - + - ]: 312 : LogInfo("socket error accept failed: %s\n", NetworkErrorString(nErr));
1741 : : }
1742 : 156 : return;
1743 : : }
1744 : :
1745 [ + - ]: 12791 : CService addr;
1746 [ + - - + ]: 12791 : if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr, len)) {
1747 [ # # ]: 0 : LogWarning("Unknown socket family\n");
1748 : : } else {
1749 [ + - ]: 25582 : addr = MaybeFlipIPv6toCJDNS(addr);
1750 : : }
1751 : :
1752 [ + - + - ]: 12791 : const CService addr_bind{MaybeFlipIPv6toCJDNS(GetBindAddress(*sock))};
1753 : :
1754 : 12791 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
1755 [ + - ]: 12791 : hListenSocket.AddSocketPermissionFlags(permission_flags);
1756 : :
1757 [ + - ]: 12791 : CreateNodeFromAcceptedSocket(std::move(sock), permission_flags, addr_bind, addr);
1758 : 12947 : }
1759 : :
1760 : 32444 : void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
1761 : : NetPermissionFlags permission_flags,
1762 : : const CService& addr_bind,
1763 : : const CService& addr)
1764 : : {
1765 : 32444 : int nInbound = 0;
1766 : :
1767 [ - + ]: 32444 : const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
1768 : :
1769 : : // Tor inbound connections do not reveal the peer's actual network address.
1770 : : // Therefore do not apply address-based whitelist permissions to them.
1771 [ - + + - ]: 64888 : AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr, vWhitelistedRangeIncoming);
1772 : :
1773 : 32444 : {
1774 : 32444 : LOCK(m_nodes_mutex);
1775 [ + + ]: 930480 : for (const CNode* pnode : m_nodes) {
1776 [ + + ]: 898036 : if (pnode->IsInboundConn()) nInbound++;
1777 : : }
1778 : 32444 : }
1779 : :
1780 [ + + ]: 32444 : if (!fNetworkActive) {
1781 [ - + - - ]: 12328 : LogDebug(BCLog::NET, "connection from %s dropped: not accepting new connections\n", addr.ToStringAddrPort());
1782 : 12328 : return;
1783 : : }
1784 : :
1785 [ + + ]: 20116 : if (!sock->IsSelectable()) {
1786 [ + - ]: 2514 : LogInfo("connection from %s dropped: non-selectable socket\n", addr.ToStringAddrPort());
1787 : 2514 : return;
1788 : : }
1789 : :
1790 : : // According to the internet TCP_NODELAY is not carried into accepted sockets
1791 : : // on all platforms. Set it again here just to be sure.
1792 : 17602 : const int on{1};
1793 [ + + ]: 17602 : if (sock->SetSockOpt(IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == SOCKET_ERROR) {
1794 [ - + - - ]: 16916 : LogDebug(BCLog::NET, "connection from %s: unable to set TCP_NODELAY, continuing anyway\n",
1795 : : addr.ToStringAddrPort());
1796 : : }
1797 : :
1798 : : // Don't accept connections from banned peers.
1799 [ - + - - ]: 17602 : bool banned = m_banman && m_banman->IsBanned(addr);
1800 [ + + - + ]: 17602 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && banned)
1801 : : {
1802 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToStringAddrPort());
1803 : 0 : return;
1804 : : }
1805 : :
1806 : : // Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
1807 [ - + - - ]: 17602 : bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
1808 [ + + + - : 17602 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && nInbound + 1 >= m_max_inbound && discouraged)
+ - ]
1809 : : {
1810 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToStringAddrPort());
1811 : 0 : return;
1812 : : }
1813 : :
1814 [ + - ]: 17602 : if (nInbound >= m_max_inbound)
1815 : : {
1816 [ + + ]: 17602 : if (!AttemptToEvictConnection()) {
1817 : : // No connection to evict, disconnect the new connection
1818 [ - + ]: 17558 : LogDebug(BCLog::NET, "failed to find an eviction candidate - connection dropped (full)\n");
1819 : 17558 : return;
1820 : : }
1821 : : }
1822 : :
1823 : 44 : NodeId id = GetNewNodeId();
1824 : 44 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
1825 : :
1826 : : // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
1827 : : // detected, so use it whenever we signal NODE_P2P_V2.
1828 : 44 : ServiceFlags local_services = GetLocalServices();
1829 : 44 : const bool use_v2transport(local_services & NODE_P2P_V2);
1830 : :
1831 : 44 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
1832 [ + - ]: 44 : .Write(inbound_onion ? NET_ONION : addr.GetNetClass())
1833 [ - + + - ]: 44 : .Write(addr_bind.GetAddrBytes())
1834 [ + - + - ]: 44 : .Write(addr_bind.GetPort()) // inbound connections use bind port
1835 [ + - ]: 44 : .Finalize();
1836 : 44 : CNode* pnode = new CNode(id,
1837 : 44 : std::move(sock),
1838 [ + - ]: 88 : CAddress{addr, NODE_NONE},
1839 : : CalculateKeyedNetGroup(addr),
1840 : : nonce,
1841 : : addr_bind,
1842 : 44 : /*addrNameIn=*/"",
1843 : : ConnectionType::INBOUND,
1844 : : inbound_onion,
1845 : : network_id,
1846 : 0 : CNodeOptions{
1847 : : .permission_flags = permission_flags,
1848 : : .prefer_evict = discouraged,
1849 : 44 : .recv_flood_size = nReceiveFloodSize,
1850 : : .use_v2transport = use_v2transport,
1851 [ + - + - : 88 : });
+ - + - ]
1852 : 44 : pnode->AddRef();
1853 : 44 : m_msgproc->InitializeNode(*pnode, local_services);
1854 : 44 : {
1855 : 44 : LOCK(m_nodes_mutex);
1856 [ + - ]: 44 : m_nodes.push_back(pnode);
1857 : 0 : }
1858 [ - + - - ]: 44 : LogDebug(BCLog::NET, "connection from %s accepted\n", addr.ToStringAddrPort());
1859 : : TRACEPOINT(net, inbound_connection,
1860 : : pnode->GetId(),
1861 : : pnode->m_addr_name.c_str(),
1862 : : pnode->ConnectionTypeAsString().c_str(),
1863 : : pnode->ConnectedThroughNetwork(),
1864 : 44 : GetNodeCount(ConnectionDirection::In));
1865 : :
1866 : : // We received a new connection, harvest entropy from the time (and our peer count)
1867 : 44 : RandAddEvent((uint32_t)id);
1868 : : }
1869 : :
1870 : 0 : bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport = false)
1871 : : {
1872 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
1873 : 0 : std::optional<int> max_connections;
1874 [ # # # # ]: 0 : switch (conn_type) {
1875 : : case ConnectionType::INBOUND:
1876 : : case ConnectionType::MANUAL:
1877 : : case ConnectionType::PRIVATE_BROADCAST:
1878 : : return false;
1879 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
1880 : 0 : max_connections = m_max_outbound_full_relay;
1881 : 0 : break;
1882 : 0 : case ConnectionType::BLOCK_RELAY:
1883 : 0 : max_connections = m_max_outbound_block_relay;
1884 : 0 : break;
1885 : : // no limit for ADDR_FETCH because -seednode has no limit either
1886 : : case ConnectionType::ADDR_FETCH:
1887 : : break;
1888 : : // no limit for FEELER connections since they're short-lived
1889 : : case ConnectionType::FEELER:
1890 : : break;
1891 : : } // no default case, so the compiler can warn about missing cases
1892 : :
1893 : : // Count existing connections
1894 [ # # # # ]: 0 : int existing_connections = WITH_LOCK(m_nodes_mutex,
1895 : : return std::count_if(m_nodes.begin(), m_nodes.end(), [conn_type](CNode* node) { return node->m_conn_type == conn_type; }););
1896 : :
1897 : : // Max connections of specified type already exist
1898 [ # # ]: 0 : if (max_connections != std::nullopt && existing_connections >= max_connections) return false;
1899 : :
1900 : : // Max total outbound connections already exist
1901 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, true);
1902 [ # # ]: 0 : if (!grant) return false;
1903 : :
1904 [ # # # # : 0 : OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/use_v2transport);
# # ]
1905 : 0 : return true;
1906 : : }
1907 : :
1908 : 0 : void CConnman::DisconnectNodes()
1909 : : {
1910 : 0 : AssertLockNotHeld(m_nodes_mutex);
1911 : 0 : AssertLockNotHeld(m_reconnections_mutex);
1912 : :
1913 : : // Use a temporary variable to accumulate desired reconnections, so we don't need
1914 : : // m_reconnections_mutex while holding m_nodes_mutex.
1915 [ # # ]: 0 : decltype(m_reconnections) reconnections_to_add;
1916 : :
1917 : 0 : {
1918 [ # # ]: 0 : LOCK(m_nodes_mutex);
1919 : :
1920 [ # # ]: 0 : const bool network_active{fNetworkActive};
1921 [ # # ]: 0 : if (!network_active) {
1922 : : // Disconnect any connected nodes
1923 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1924 [ # # ]: 0 : if (!pnode->fDisconnect) {
1925 [ # # # # : 0 : LogDebug(BCLog::NET, "Network not active, %s\n", pnode->DisconnectMsg(fLogIPs));
# # # # ]
1926 : 0 : pnode->fDisconnect = true;
1927 : : }
1928 : : }
1929 : : }
1930 : :
1931 : : // Disconnect unused nodes
1932 [ # # ]: 0 : std::vector<CNode*> nodes_copy = m_nodes;
1933 [ # # ]: 0 : for (CNode* pnode : nodes_copy)
1934 : : {
1935 [ # # ]: 0 : if (pnode->fDisconnect)
1936 : : {
1937 : : // remove from m_nodes
1938 : 0 : m_nodes.erase(remove(m_nodes.begin(), m_nodes.end(), pnode), m_nodes.end());
1939 : :
1940 : : // Add to reconnection list if appropriate. We don't reconnect right here, because
1941 : : // the creation of a connection is a blocking operation (up to several seconds),
1942 : : // and we don't want to hold up the socket handler thread for that long.
1943 [ # # # # ]: 0 : if (network_active && pnode->m_transport->ShouldReconnectV1()) {
1944 : 0 : reconnections_to_add.push_back({
1945 : 0 : .addr_connect = pnode->addr,
1946 [ # # ]: 0 : .grant = std::move(pnode->grantOutbound),
1947 : 0 : .destination = pnode->m_dest,
1948 : 0 : .conn_type = pnode->m_conn_type,
1949 : : .use_v2transport = false});
1950 [ # # # # : 0 : LogDebug(BCLog::NET, "retrying with v1 transport protocol for peer=%d\n", pnode->GetId());
# # ]
1951 : : }
1952 : :
1953 : : // release outbound grant (if any)
1954 : 0 : pnode->grantOutbound.Release();
1955 : :
1956 : : // close socket and cleanup
1957 [ # # ]: 0 : pnode->CloseSocketDisconnect();
1958 : :
1959 : : // update connection count by network
1960 [ # # # # ]: 0 : if (pnode->IsManualOrFullOutboundConn()) --m_network_conn_counts[pnode->addr.GetNetwork()];
1961 : :
1962 : : // hold in disconnected pool until all refs are released
1963 [ # # ]: 0 : pnode->Release();
1964 [ # # ]: 0 : m_nodes_disconnected.push_back(pnode);
1965 : : }
1966 : : }
1967 [ # # ]: 0 : }
1968 : 0 : {
1969 : : // Delete disconnected nodes
1970 [ # # ]: 0 : std::list<CNode*> nodes_disconnected_copy = m_nodes_disconnected;
1971 [ # # ]: 0 : for (CNode* pnode : nodes_disconnected_copy)
1972 : : {
1973 : : // Destroy the object only after other threads have stopped using it.
1974 [ # # ]: 0 : if (pnode->GetRefCount() <= 0) {
1975 : 0 : m_nodes_disconnected.remove(pnode);
1976 [ # # ]: 0 : DeleteNode(pnode);
1977 : : }
1978 : : }
1979 : 0 : }
1980 : 0 : {
1981 : : // Move entries from reconnections_to_add to m_reconnections.
1982 [ # # ]: 0 : LOCK(m_reconnections_mutex);
1983 [ # # ]: 0 : m_reconnections.splice(m_reconnections.end(), std::move(reconnections_to_add));
1984 : 0 : }
1985 [ # # # # : 0 : }
# # ]
1986 : :
1987 : 0 : void CConnman::NotifyNumConnectionsChanged()
1988 : : {
1989 : 0 : size_t nodes_size;
1990 : 0 : {
1991 : 0 : LOCK(m_nodes_mutex);
1992 [ # # # # ]: 0 : nodes_size = m_nodes.size();
1993 : 0 : }
1994 [ # # ]: 0 : if(nodes_size != nPrevNodeCount) {
1995 : 0 : nPrevNodeCount = nodes_size;
1996 [ # # ]: 0 : if (m_client_interface) {
1997 : 0 : m_client_interface->NotifyNumConnectionsChanged(nodes_size);
1998 : : }
1999 : : }
2000 : 0 : }
2001 : :
2002 : 671334 : bool CConnman::ShouldRunInactivityChecks(const CNode& node, std::chrono::microseconds now) const
2003 : : {
2004 : 671334 : return node.m_connected + m_peer_connect_timeout < now;
2005 : : }
2006 : :
2007 : 4748 : bool CConnman::InactivityCheck(const CNode& node, std::chrono::microseconds now) const
2008 : : {
2009 : : // Tests that see disconnects after using mocktime can start nodes with a
2010 : : // large timeout. For example, -peertimeout=999999999.
2011 : 4748 : const auto last_send{node.m_last_send.load()};
2012 : 4748 : const auto last_recv{node.m_last_recv.load()};
2013 : :
2014 [ - + ]: 4748 : if (!ShouldRunInactivityChecks(node, now)) return false;
2015 : :
2016 [ # # ]: 0 : bool has_received{last_recv.count() != 0};
2017 : 0 : bool has_sent{last_send.count() != 0};
2018 : :
2019 [ # # ]: 0 : if (!has_received || !has_sent) {
2020 [ # # ]: 0 : std::string has_never;
2021 [ # # # # ]: 0 : if (!has_received) has_never += ", never received from peer";
2022 [ # # # # ]: 0 : if (!has_sent) has_never += ", never sent to peer";
2023 [ # # # # : 0 : LogDebug(BCLog::NET,
# # # # ]
2024 : : "socket no message in first %i seconds%s, %s\n",
2025 : : count_seconds(m_peer_connect_timeout),
2026 : : has_never,
2027 : : node.DisconnectMsg(fLogIPs)
2028 : : );
2029 : 0 : return true;
2030 : 0 : }
2031 : :
2032 [ # # ]: 0 : if (now > last_send + TIMEOUT_INTERVAL) {
2033 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2034 : : "socket sending timeout: %is, %s\n", Ticks<std::chrono::seconds>(now - last_send),
2035 : : node.DisconnectMsg(fLogIPs)
2036 : : );
2037 : 0 : return true;
2038 : : }
2039 : :
2040 [ # # ]: 0 : if (now > last_recv + TIMEOUT_INTERVAL) {
2041 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2042 : : "socket receive timeout: %is, %s\n", Ticks<std::chrono::seconds>(now - last_recv),
2043 : : node.DisconnectMsg(fLogIPs)
2044 : : );
2045 : 0 : return true;
2046 : : }
2047 : :
2048 [ # # ]: 0 : if (!node.fSuccessfullyConnected) {
2049 [ # # ]: 0 : if (node.m_transport->GetInfo().transport_type == TransportProtocolType::DETECTING) {
2050 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2051 : : } else {
2052 [ # # # # ]: 0 : LogDebug(BCLog::NET, "version handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2053 : : }
2054 : 0 : return true;
2055 : : }
2056 : :
2057 : : return false;
2058 : : }
2059 : :
2060 : 10654 : Sock::EventsPerSock CConnman::GenerateWaitSockets(std::span<CNode* const> nodes)
2061 : : {
2062 : 10654 : Sock::EventsPerSock events_per_sock;
2063 : :
2064 [ + + ]: 1404381 : for (const ListenSocket& hListenSocket : vhListenSocket) {
2065 [ + - ]: 1393727 : events_per_sock.emplace(hListenSocket.sock, Sock::Events{Sock::RECV});
2066 : : }
2067 : :
2068 [ + + ]: 955852 : for (CNode* pnode : nodes) {
2069 [ + - ]: 945198 : bool select_recv = !pnode->fPauseRecv;
2070 : 945198 : bool select_send;
2071 : 945198 : {
2072 [ + - ]: 945198 : LOCK(pnode->cs_vSend);
2073 : : // Sending is possible if either there are bytes to send right now, or if there will be
2074 : : // once a potential message from vSendMsg is handed to the transport. GetBytesToSend
2075 : : // determines both of these in a single call.
2076 [ + + ]: 945198 : const auto& [to_send, more, _msg_type] = pnode->m_transport->GetBytesToSend(!pnode->vSendMsg.empty());
2077 [ + + + - : 1067534 : select_send = !to_send.empty() || more;
+ - ]
2078 : 945198 : }
2079 [ - + ]: 945198 : if (!select_recv && !select_send) continue;
2080 : :
2081 [ + - ]: 945198 : LOCK(pnode->m_sock_mutex);
2082 [ + + ]: 945198 : if (pnode->m_sock) {
2083 [ + + - + ]: 1064758 : Sock::Event event = (select_send ? Sock::SEND : 0) | (select_recv ? Sock::RECV : 0);
2084 [ + - ]: 942833 : events_per_sock.emplace(pnode->m_sock, Sock::Events{event});
2085 : : }
2086 : 945198 : }
2087 : :
2088 : 10654 : return events_per_sock;
2089 : 0 : }
2090 : :
2091 : 10654 : void CConnman::SocketHandler()
2092 : : {
2093 : 10654 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2094 : :
2095 [ + - ]: 10654 : Sock::EventsPerSock events_per_sock;
2096 : :
2097 : 10654 : {
2098 [ + - ]: 10654 : const NodesSnapshot snap{*this, /*shuffle=*/false};
2099 : :
2100 : 10654 : const auto timeout = std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS);
2101 : :
2102 : : // Check for the readiness of the already connected sockets and the
2103 : : // listening sockets in one call ("readiness" as in poll(2) or
2104 : : // select(2)). If none are ready, wait for a short while and return
2105 : : // empty sets.
2106 [ - + + - ]: 21308 : events_per_sock = GenerateWaitSockets(snap.Nodes());
2107 [ + + + - : 10654 : if (events_per_sock.empty() || !events_per_sock.begin()->first->WaitMany(timeout, events_per_sock)) {
- + ]
2108 [ + - ]: 991 : m_interrupt_net->sleep_for(timeout);
2109 : : }
2110 : :
2111 : : // Service (send/receive) each of the already connected nodes.
2112 [ + - ]: 10654 : SocketHandlerConnected(snap.Nodes(), events_per_sock);
2113 : 10654 : }
2114 : :
2115 : : // Accept new connections from listening sockets.
2116 [ + - ]: 10654 : SocketHandlerListening(events_per_sock);
2117 : 10654 : }
2118 : :
2119 : 10654 : void CConnman::SocketHandlerConnected(const std::vector<CNode*>& nodes,
2120 : : const Sock::EventsPerSock& events_per_sock)
2121 : : {
2122 : 10654 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2123 : :
2124 : 10654 : auto now = GetTime<std::chrono::microseconds>();
2125 : :
2126 [ + + ]: 17364 : for (CNode* pnode : nodes) {
2127 [ + + ]: 13665 : if (m_interrupt_net->interrupted()) {
2128 : : return;
2129 : : }
2130 : :
2131 : : //
2132 : : // Receive
2133 : : //
2134 : 6710 : bool recvSet = false;
2135 : 6710 : bool sendSet = false;
2136 : 6710 : bool errorSet = false;
2137 : 6710 : {
2138 : 6710 : LOCK(pnode->m_sock_mutex);
2139 [ + + ]: 6710 : if (!pnode->m_sock) {
2140 [ + - ]: 1101 : continue;
2141 : : }
2142 [ + - + - ]: 11218 : const auto it = events_per_sock.find(pnode->m_sock);
2143 [ + - + - ]: 11218 : if (it != events_per_sock.end()) {
2144 : 5609 : recvSet = it->second.occurred & Sock::RECV;
2145 : 5609 : sendSet = it->second.occurred & Sock::SEND;
2146 : 5609 : errorSet = it->second.occurred & Sock::ERR;
2147 : : }
2148 : 1101 : }
2149 : :
2150 [ + + ]: 5609 : if (sendSet) {
2151 : : // Send data
2152 [ + + + - ]: 5238 : auto [bytes_sent, data_left] = WITH_LOCK(pnode->cs_vSend, return SocketSendData(*pnode));
2153 [ + + ]: 1746 : if (bytes_sent) {
2154 : 765 : RecordBytesSent(bytes_sent);
2155 : :
2156 : : // If both receiving and (non-optimistic) sending were possible, we first attempt
2157 : : // sending. If that succeeds, but does not fully drain the send queue, do not
2158 : : // attempt to receive. This avoids needlessly queueing data if the remote peer
2159 : : // is slow at receiving data, by means of TCP flow control. We only do this when
2160 : : // sending actually succeeded to make sure progress is always made; otherwise a
2161 : : // deadlock would be possible when both sides have data to send, but neither is
2162 : : // receiving.
2163 [ + + ]: 765 : if (data_left) recvSet = false;
2164 : : }
2165 : : }
2166 : :
2167 [ + + ]: 5609 : if (recvSet || errorSet)
2168 : : {
2169 : : // typical socket buffer is 8K-64K
2170 : 4805 : uint8_t pchBuf[0x10000];
2171 : 4805 : int nBytes = 0;
2172 : 4805 : {
2173 : 4805 : LOCK(pnode->m_sock_mutex);
2174 [ + + ]: 4805 : if (!pnode->m_sock) {
2175 [ + - ]: 861 : continue;
2176 : : }
2177 [ + - + - ]: 3944 : nBytes = pnode->m_sock->Recv(pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
2178 : 861 : }
2179 [ + + ]: 3944 : if (nBytes > 0)
2180 : : {
2181 : 2356 : bool notify = false;
2182 [ + + ]: 2356 : if (!pnode->ReceiveMsgBytes({pchBuf, (size_t)nBytes}, notify)) {
2183 [ - + - - ]: 2264 : LogDebug(BCLog::NET,
2184 : : "receiving message bytes failed, %s\n",
2185 : : pnode->DisconnectMsg(fLogIPs)
2186 : : );
2187 : 2264 : pnode->CloseSocketDisconnect();
2188 : : }
2189 : 2356 : RecordBytesRecv(nBytes);
2190 [ - + ]: 2356 : if (notify) {
2191 : 0 : pnode->MarkReceivedMsgsForProcessing();
2192 : 0 : WakeMessageHandler();
2193 : : }
2194 : : }
2195 [ + + ]: 1588 : else if (nBytes == 0)
2196 : : {
2197 : : // socket closed gracefully
2198 [ + + ]: 1479 : if (!pnode->fDisconnect) {
2199 [ - + - - ]: 1458 : LogDebug(BCLog::NET, "socket closed, %s\n", pnode->DisconnectMsg(fLogIPs));
2200 : : }
2201 : 1479 : pnode->CloseSocketDisconnect();
2202 : : }
2203 [ + - ]: 109 : else if (nBytes < 0)
2204 : : {
2205 : : // error
2206 : 109 : int nErr = WSAGetLastError();
2207 [ + + + + ]: 109 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS)
2208 : : {
2209 [ + + ]: 22 : if (!pnode->fDisconnect) {
2210 [ - + - - : 21 : LogDebug(BCLog::NET, "socket recv error, %s: %s\n", pnode->DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
2211 : : }
2212 : 22 : pnode->CloseSocketDisconnect();
2213 : : }
2214 : : }
2215 : : }
2216 : :
2217 [ - + ]: 4748 : if (InactivityCheck(*pnode, now)) pnode->fDisconnect = true;
2218 : : }
2219 : : }
2220 : :
2221 : 10654 : void CConnman::SocketHandlerListening(const Sock::EventsPerSock& events_per_sock)
2222 : : {
2223 [ + + ]: 23904 : for (const ListenSocket& listen_socket : vhListenSocket) {
2224 [ + + ]: 16360 : if (m_interrupt_net->interrupted()) {
2225 : : return;
2226 : : }
2227 [ + - + - ]: 26500 : const auto it = events_per_sock.find(listen_socket.sock);
2228 [ + - + + ]: 26197 : if (it != events_per_sock.end() && it->second.occurred & Sock::RECV) {
2229 : 12947 : AcceptConnection(listen_socket);
2230 : : }
2231 : : }
2232 : : }
2233 : :
2234 : 0 : void CConnman::ThreadSocketHandler()
2235 : : {
2236 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2237 : :
2238 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2239 : 0 : DisconnectNodes();
2240 : 0 : NotifyNumConnectionsChanged();
2241 : 0 : SocketHandler();
2242 : : }
2243 : 0 : }
2244 : :
2245 : 0 : void CConnman::WakeMessageHandler()
2246 : : {
2247 : 0 : {
2248 : 0 : LOCK(mutexMsgProc);
2249 [ # # ]: 0 : fMsgProcWake = true;
2250 : 0 : }
2251 : 0 : condMsgProc.notify_one();
2252 : 0 : }
2253 : :
2254 : 0 : void CConnman::ThreadDNSAddressSeed()
2255 : : {
2256 : 0 : int outbound_connection_count = 0;
2257 : :
2258 [ # # # # ]: 0 : if (!gArgs.GetArgs("-seednode").empty()) {
2259 : 0 : auto start = NodeClock::now();
2260 : 0 : constexpr std::chrono::seconds SEEDNODE_TIMEOUT = 30s;
2261 : 0 : LogInfo("-seednode enabled. Trying the provided seeds for %d seconds before defaulting to the dnsseeds.\n", SEEDNODE_TIMEOUT.count());
2262 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2263 [ # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2264 : : return;
2265 : : }
2266 : :
2267 : : // Abort if we have spent enough time without reaching our target.
2268 : : // Giving seed nodes 30 seconds so this does not become a race against fixedseeds (which triggers after 1 min)
2269 [ # # ]: 0 : if (NodeClock::now() > start + SEEDNODE_TIMEOUT) {
2270 : 0 : LogInfo("Couldn't connect to enough peers via seed nodes. Handing fetch logic to the DNS seeds.\n");
2271 : 0 : break;
2272 : : }
2273 : :
2274 : 0 : outbound_connection_count = GetFullOutboundConnCount();
2275 [ # # ]: 0 : if (outbound_connection_count >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2276 : 0 : LogInfo("P2P peers available. Finished fetching data from seed nodes.\n");
2277 : 0 : break;
2278 : : }
2279 : : }
2280 : : }
2281 : :
2282 : 0 : FastRandomContext rng;
2283 [ # # ]: 0 : std::vector<std::string> seeds = m_params.DNSSeeds();
2284 : 0 : std::shuffle(seeds.begin(), seeds.end(), rng);
2285 : 0 : int seeds_right_now = 0; // Number of seeds left before testing if we have enough connections
2286 : :
2287 [ # # # # : 0 : if (gArgs.GetBoolArg("-forcednsseed", DEFAULT_FORCEDNSSEED)) {
# # ]
2288 : : // When -forcednsseed is provided, query all.
2289 [ # # ]: 0 : seeds_right_now = seeds.size();
2290 [ # # # # ]: 0 : } else if (addrman.get().Size() == 0) {
2291 : : // If we have no known peers, query all.
2292 : : // This will occur on the first run, or if peers.dat has been
2293 : : // deleted.
2294 [ # # ]: 0 : seeds_right_now = seeds.size();
2295 : : }
2296 : :
2297 : : // Proceed with dnsseeds if seednodes hasn't reached the target or if forcednsseed is set
2298 [ # # ]: 0 : if (outbound_connection_count < SEED_OUTBOUND_CONNECTION_THRESHOLD || seeds_right_now) {
2299 : : // goal: only query DNS seed if address need is acute
2300 : : // * If we have a reasonable number of peers in addrman, spend
2301 : : // some time trying them first. This improves user privacy by
2302 : : // creating fewer identifying DNS requests, reduces trust by
2303 : : // giving seeds less influence on the network topology, and
2304 : : // reduces traffic to the seeds.
2305 : : // * When querying DNS seeds query a few at once, this ensures
2306 : : // that we don't give DNS seeds the ability to eclipse nodes
2307 : : // that query them.
2308 : : // * If we continue having problems, eventually query all the
2309 : : // DNS seeds, and if that fails too, also try the fixed seeds.
2310 : : // (done in ThreadOpenConnections)
2311 : 0 : int found = 0;
2312 [ # # # # ]: 0 : const std::chrono::seconds seeds_wait_time = (addrman.get().Size() >= DNSSEEDS_DELAY_PEER_THRESHOLD ? DNSSEEDS_DELAY_MANY_PEERS : DNSSEEDS_DELAY_FEW_PEERS);
2313 : :
2314 [ # # ]: 0 : for (const std::string& seed : seeds) {
2315 [ # # ]: 0 : if (seeds_right_now == 0) {
2316 : 0 : seeds_right_now += DNSSEEDS_TO_QUERY_AT_ONCE;
2317 : :
2318 [ # # # # ]: 0 : if (addrman.get().Size() > 0) {
2319 [ # # ]: 0 : LogInfo("Waiting %d seconds before querying DNS seeds.\n", seeds_wait_time.count());
2320 : 0 : std::chrono::seconds to_wait = seeds_wait_time;
2321 [ # # ]: 0 : while (to_wait.count() > 0) {
2322 : : // if sleeping for the MANY_PEERS interval, wake up
2323 : : // early to see if we have enough peers and can stop
2324 : : // this thread entirely freeing up its resources
2325 : 0 : std::chrono::seconds w = std::min(DNSSEEDS_DELAY_FEW_PEERS, to_wait);
2326 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(w)) return;
2327 [ # # ]: 0 : to_wait -= w;
2328 : :
2329 [ # # # # ]: 0 : if (GetFullOutboundConnCount() >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2330 [ # # ]: 0 : if (found > 0) {
2331 [ # # ]: 0 : LogInfo("%d addresses found from DNS seeds\n", found);
2332 [ # # ]: 0 : LogInfo("P2P peers available. Finished DNS seeding.\n");
2333 : : } else {
2334 [ # # ]: 0 : LogInfo("P2P peers available. Skipped DNS seeding.\n");
2335 : : }
2336 : 0 : return;
2337 : : }
2338 : : }
2339 : : }
2340 : : }
2341 : :
2342 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) return;
2343 : :
2344 : : // hold off on querying seeds if P2P network deactivated
2345 [ # # ]: 0 : if (!fNetworkActive) {
2346 [ # # ]: 0 : LogInfo("Waiting for network to be reactivated before querying DNS seeds.\n");
2347 : 0 : do {
2348 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(1s)) return;
2349 [ # # ]: 0 : } while (!fNetworkActive);
2350 : : }
2351 : :
2352 [ # # ]: 0 : LogInfo("Loading addresses from DNS seed %s\n", seed);
2353 : : // If -proxy is in use, we make an ADDR_FETCH connection to the DNS resolved peer address
2354 : : // for the base dns seed domain in chainparams
2355 [ # # # # ]: 0 : if (HaveNameProxy()) {
2356 [ # # ]: 0 : AddAddrFetch(seed);
2357 : : } else {
2358 : 0 : std::vector<CAddress> vAdd;
2359 : 0 : constexpr ServiceFlags requiredServiceBits{SeedsServiceFlags()};
2360 [ # # ]: 0 : std::string host = strprintf("x%x.%s", requiredServiceBits, seed);
2361 [ # # ]: 0 : CNetAddr resolveSource;
2362 [ # # # # ]: 0 : if (!resolveSource.SetInternal(host)) {
2363 : 0 : continue;
2364 : : }
2365 : : // Limit number of IPs learned from a single DNS seed. This limit exists to prevent the results from
2366 : : // one DNS seed from dominating AddrMan. Note that the number of results from a UDP DNS query is
2367 : : // bounded to 33 already, but it is possible for it to use TCP where a larger number of results can be
2368 : : // returned.
2369 : 0 : unsigned int nMaxIPs = 32;
2370 [ # # # # ]: 0 : const auto addresses{LookupHost(host, nMaxIPs, true)};
2371 [ # # ]: 0 : if (!addresses.empty()) {
2372 [ # # ]: 0 : for (const CNetAddr& ip : addresses) {
2373 [ # # ]: 0 : CAddress addr = CAddress(CService(ip, m_params.GetDefaultPort()), requiredServiceBits);
2374 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - 3 * 24h, -4 * 24h); // use a random age between 3 and 7 days old
2375 [ # # ]: 0 : vAdd.push_back(addr);
2376 : 0 : found++;
2377 : 0 : }
2378 [ # # ]: 0 : addrman.get().Add(vAdd, resolveSource);
2379 : : } else {
2380 : : // If the seed does not support a subdomain with our desired service bits,
2381 : : // we make an ADDR_FETCH connection to the DNS resolved peer address for the
2382 : : // base dns seed domain in chainparams
2383 [ # # ]: 0 : AddAddrFetch(seed);
2384 : : }
2385 : 0 : }
2386 : 0 : --seeds_right_now;
2387 : : }
2388 [ # # ]: 0 : LogInfo("%d addresses found from DNS seeds\n", found);
2389 : : } else {
2390 [ # # ]: 0 : LogInfo("Skipping DNS seeds. Enough peers have been found\n");
2391 : : }
2392 : 0 : }
2393 : :
2394 : 0 : void CConnman::DumpAddresses()
2395 : : {
2396 : 0 : const auto start{SteadyClock::now()};
2397 : :
2398 : 0 : DumpPeerAddresses(::gArgs, addrman);
2399 : :
2400 [ # # ]: 0 : LogDebug(BCLog::NET, "Flushed %d addresses to peers.dat %dms\n",
2401 : : addrman.get().Size(), Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
2402 : 0 : }
2403 : :
2404 : 0 : void CConnman::ProcessAddrFetch()
2405 : : {
2406 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2407 [ # # ]: 0 : std::string strDest;
2408 : 0 : {
2409 [ # # ]: 0 : LOCK(m_addr_fetches_mutex);
2410 [ # # ]: 0 : if (m_addr_fetches.empty())
2411 [ # # ]: 0 : return;
2412 [ # # ]: 0 : strDest = m_addr_fetches.front();
2413 [ # # ]: 0 : m_addr_fetches.pop_front();
2414 : 0 : }
2415 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2416 : : // peer doesn't support it or immediately disconnects us for another reason.
2417 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2418 [ # # ]: 0 : CAddress addr;
2419 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, /*fTry=*/true);
2420 [ # # ]: 0 : if (grant) {
2421 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), strDest.c_str(), ConnectionType::ADDR_FETCH, use_v2transport);
2422 : : }
2423 : 0 : }
2424 : :
2425 : 4796 : bool CConnman::GetTryNewOutboundPeer() const
2426 : : {
2427 : 4796 : return m_try_another_outbound_peer;
2428 : : }
2429 : :
2430 : 6047 : void CConnman::SetTryNewOutboundPeer(bool flag)
2431 : : {
2432 : 6047 : m_try_another_outbound_peer = flag;
2433 [ - + - - ]: 6047 : LogDebug(BCLog::NET, "setting try another outbound peer=%s\n", flag ? "true" : "false");
2434 : 6047 : }
2435 : :
2436 : 0 : void CConnman::StartExtraBlockRelayPeers()
2437 : : {
2438 [ # # ]: 0 : LogDebug(BCLog::NET, "enabling extra block-relay-only peers\n");
2439 : 0 : m_start_extra_block_relay_peers = true;
2440 : 0 : }
2441 : :
2442 : : // Return the number of outbound connections that are full relay (not blocks only)
2443 : 0 : int CConnman::GetFullOutboundConnCount() const
2444 : : {
2445 : 0 : int nRelevant = 0;
2446 : 0 : {
2447 : 0 : LOCK(m_nodes_mutex);
2448 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2449 [ # # # # ]: 0 : if (pnode->fSuccessfullyConnected && pnode->IsFullOutboundConn()) ++nRelevant;
2450 : : }
2451 : 0 : }
2452 : 0 : return nRelevant;
2453 : : }
2454 : :
2455 : : // Return the number of peers we have over our outbound connection limit
2456 : : // Exclude peers that are marked for disconnect, or are going to be
2457 : : // disconnected soon (eg ADDR_FETCH and FEELER)
2458 : : // Also exclude peers that haven't finished initial connection handshake yet
2459 : : // (so that we don't decide we're over our desired connection limit, and then
2460 : : // evict some peer that has finished the handshake)
2461 : 4796 : int CConnman::GetExtraFullOutboundCount() const
2462 : : {
2463 : 4796 : int full_outbound_peers = 0;
2464 : 4796 : {
2465 : 4796 : LOCK(m_nodes_mutex);
2466 [ + + ]: 70000 : for (const CNode* pnode : m_nodes) {
2467 [ - + - - : 65204 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsFullOutboundConn()) {
- - ]
2468 : 0 : ++full_outbound_peers;
2469 : : }
2470 : : }
2471 : 4796 : }
2472 [ + - ]: 4796 : return std::max(full_outbound_peers - m_max_outbound_full_relay, 0);
2473 : : }
2474 : :
2475 : 0 : int CConnman::GetExtraBlockRelayCount() const
2476 : : {
2477 : 0 : int block_relay_peers = 0;
2478 : 0 : {
2479 : 0 : LOCK(m_nodes_mutex);
2480 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2481 [ # # # # : 0 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsBlockOnlyConn()) {
# # ]
2482 : 0 : ++block_relay_peers;
2483 : : }
2484 : : }
2485 : 0 : }
2486 [ # # ]: 0 : return std::max(block_relay_peers - m_max_outbound_block_relay, 0);
2487 : : }
2488 : :
2489 : 0 : std::unordered_set<Network> CConnman::GetReachableEmptyNetworks() const
2490 : : {
2491 : 0 : std::unordered_set<Network> networks{};
2492 [ # # ]: 0 : for (int n = 0; n < NET_MAX; n++) {
2493 : 0 : enum Network net = (enum Network)n;
2494 [ # # ]: 0 : if (net == NET_UNROUTABLE || net == NET_INTERNAL) continue;
2495 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && addrman.get().Size(net, std::nullopt) == 0) {
# # # # ]
2496 [ # # ]: 0 : networks.insert(net);
2497 : : }
2498 : : }
2499 : 0 : return networks;
2500 : 0 : }
2501 : :
2502 : 0 : bool CConnman::MultipleManualOrFullOutboundConns(Network net) const
2503 : : {
2504 : 0 : AssertLockHeld(m_nodes_mutex);
2505 : 0 : return m_network_conn_counts[net] > 1;
2506 : : }
2507 : :
2508 : 0 : bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)
2509 : : {
2510 : 0 : std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};
2511 : 0 : std::shuffle(nets.begin(), nets.end(), FastRandomContext());
2512 : :
2513 : 0 : LOCK(m_nodes_mutex);
2514 [ # # ]: 0 : for (const auto net : nets) {
2515 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && m_network_conn_counts[net] == 0 && addrman.get().Size(net) != 0) {
# # # # #
# ]
2516 : 0 : network = net;
2517 : 0 : return true;
2518 : : }
2519 : : }
2520 : :
2521 : : return false;
2522 : 0 : }
2523 : :
2524 : 0 : void CConnman::ThreadOpenConnections(const std::vector<std::string> connect, std::span<const std::string> seed_nodes)
2525 : : {
2526 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2527 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2528 : 0 : FastRandomContext rng;
2529 : : // Connect to specific addresses
2530 [ # # ]: 0 : if (!connect.empty())
2531 : : {
2532 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2533 : : // peer doesn't support it or immediately disconnects us for another reason.
2534 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2535 : 0 : for (int64_t nLoop = 0;; nLoop++)
2536 : : {
2537 [ # # ]: 0 : for (const std::string& strAddr : connect)
2538 : : {
2539 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2540 [ # # # # ]: 0 : OpenNetworkConnection(addr, false, {}, strAddr.c_str(), ConnectionType::MANUAL, /*use_v2transport=*/use_v2transport);
2541 [ # # # # ]: 0 : for (int i = 0; i < 10 && i < nLoop; i++)
2542 : : {
2543 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2544 : 0 : return;
2545 : : }
2546 : : }
2547 : 0 : }
2548 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2549 : : return;
2550 : : }
2551 [ # # ]: 0 : PerformReconnections();
2552 : 0 : }
2553 : : }
2554 : :
2555 : : // Initiate network connections
2556 : 0 : auto start = GetTime<std::chrono::microseconds>();
2557 : :
2558 : : // Minimum time before next feeler connection (in microseconds).
2559 : 0 : auto next_feeler = start + rng.rand_exp_duration(FEELER_INTERVAL);
2560 : 0 : auto next_extra_block_relay = start + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2561 [ # # ]: 0 : auto next_extra_network_peer{start + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL)};
2562 [ # # # # ]: 0 : const bool dnsseed = gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED);
2563 [ # # # # ]: 0 : bool add_fixed_seeds = gArgs.GetBoolArg("-fixedseeds", DEFAULT_FIXEDSEEDS);
2564 [ # # # # ]: 0 : const bool use_seednodes{!gArgs.GetArgs("-seednode").empty()};
2565 : :
2566 : 0 : auto seed_node_timer = NodeClock::now();
2567 [ # # # # : 0 : bool add_addr_fetch{addrman.get().Size() == 0 && !seed_nodes.empty()};
# # ]
2568 : 0 : constexpr std::chrono::seconds ADD_NEXT_SEEDNODE = 10s;
2569 : :
2570 [ # # ]: 0 : if (!add_fixed_seeds) {
2571 [ # # ]: 0 : LogInfo("Fixed seeds are disabled\n");
2572 : : }
2573 : :
2574 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2575 [ # # ]: 0 : if (add_addr_fetch) {
2576 : 0 : add_addr_fetch = false;
2577 : 0 : const auto& seed{SpanPopBack(seed_nodes)};
2578 [ # # ]: 0 : AddAddrFetch(seed);
2579 : :
2580 [ # # # # ]: 0 : if (addrman.get().Size() == 0) {
2581 [ # # ]: 0 : LogInfo("Empty addrman, adding seednode (%s) to addrfetch\n", seed);
2582 : : } else {
2583 [ # # ]: 0 : LogInfo("Couldn't connect to peers from addrman after %d seconds. Adding seednode (%s) to addrfetch\n", ADD_NEXT_SEEDNODE.count(), seed);
2584 : : }
2585 : : }
2586 : :
2587 [ # # ]: 0 : ProcessAddrFetch();
2588 : :
2589 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2590 : : return;
2591 : : }
2592 : :
2593 [ # # ]: 0 : PerformReconnections();
2594 : :
2595 : 0 : CountingSemaphoreGrant<> grant(*semOutbound);
2596 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
2597 : : return;
2598 : : }
2599 : :
2600 [ # # ]: 0 : const std::unordered_set<Network> fixed_seed_networks{GetReachableEmptyNetworks()};
2601 [ # # # # ]: 0 : if (add_fixed_seeds && !fixed_seed_networks.empty()) {
2602 : : // When the node starts with an empty peers.dat, there are a few other sources of peers before
2603 : : // we fallback on to fixed seeds: -dnsseed, -seednode, -addnode
2604 : : // If none of those are available, we fallback on to fixed seeds immediately, else we allow
2605 : : // 60 seconds for any of those sources to populate addrman.
2606 : 0 : bool add_fixed_seeds_now = false;
2607 : : // It is cheapest to check if enough time has passed first.
2608 [ # # ]: 0 : if (GetTime<std::chrono::seconds>() > start + std::chrono::minutes{1}) {
2609 : 0 : add_fixed_seeds_now = true;
2610 [ # # ]: 0 : LogInfo("Adding fixed seeds as 60 seconds have passed and addrman is empty for at least one reachable network\n");
2611 : : }
2612 : :
2613 : : // Perform cheap checks before locking a mutex.
2614 [ # # ]: 0 : else if (!dnsseed && !use_seednodes) {
2615 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
2616 [ # # ]: 0 : if (m_added_node_params.empty()) {
2617 : 0 : add_fixed_seeds_now = true;
2618 [ # # ]: 0 : LogInfo("Adding fixed seeds as -dnsseed=0 (or IPv4/IPv6 connections are disabled via -onlynet) and neither -addnode nor -seednode are provided\n");
2619 : : }
2620 : 0 : }
2621 : :
2622 [ # # ]: 0 : if (add_fixed_seeds_now) {
2623 [ # # ]: 0 : std::vector<CAddress> seed_addrs{ConvertSeeds(m_params.FixedSeeds())};
2624 : : // We will not make outgoing connections to peers that are unreachable
2625 : : // (e.g. because of -onlynet configuration).
2626 : : // Therefore, we do not add them to addrman in the first place.
2627 : : // In case previously unreachable networks become reachable
2628 : : // (e.g. in case of -onlynet changes by the user), fixed seeds will
2629 : : // be loaded only for networks for which we have no addresses.
2630 [ # # ]: 0 : seed_addrs.erase(std::remove_if(seed_addrs.begin(), seed_addrs.end(),
2631 : 0 : [&fixed_seed_networks](const CAddress& addr) { return !fixed_seed_networks.contains(addr.GetNetwork()); }),
2632 [ # # ]: 0 : seed_addrs.end());
2633 [ # # ]: 0 : CNetAddr local;
2634 [ # # # # ]: 0 : local.SetInternal("fixedseeds");
2635 [ # # ]: 0 : addrman.get().Add(seed_addrs, local);
2636 : 0 : add_fixed_seeds = false;
2637 [ # # # # ]: 0 : LogInfo("Added %d fixed seeds from reachable networks.\n", seed_addrs.size());
2638 : 0 : }
2639 : : }
2640 : :
2641 : : //
2642 : : // Choose an address to connect to based on most recently seen
2643 : : //
2644 [ # # ]: 0 : CAddress addrConnect;
2645 : :
2646 : : // Only connect out to one peer per ipv4/ipv6 network group (/16 for IPv4).
2647 : 0 : int nOutboundFullRelay = 0;
2648 : 0 : int nOutboundBlockRelay = 0;
2649 : 0 : int outbound_privacy_network_peers = 0;
2650 [ # # ]: 0 : std::set<std::vector<unsigned char>> outbound_ipv46_peer_netgroups;
2651 : :
2652 : 0 : {
2653 [ # # ]: 0 : LOCK(m_nodes_mutex);
2654 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2655 [ # # ]: 0 : if (pnode->IsFullOutboundConn()) nOutboundFullRelay++;
2656 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) nOutboundBlockRelay++;
2657 : :
2658 : : // Make sure our persistent outbound slots to ipv4/ipv6 peers belong to different netgroups.
2659 [ # # ]: 0 : switch (pnode->m_conn_type) {
2660 : : // We currently don't take inbound connections into account. Since they are
2661 : : // free to make, an attacker could make them to prevent us from connecting to
2662 : : // certain peers.
2663 : : case ConnectionType::INBOUND:
2664 : : // Short-lived outbound connections should not affect how we select outbound
2665 : : // peers from addrman.
2666 : : case ConnectionType::ADDR_FETCH:
2667 : : case ConnectionType::FEELER:
2668 : : case ConnectionType::PRIVATE_BROADCAST:
2669 : : break;
2670 : 0 : case ConnectionType::MANUAL:
2671 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
2672 : 0 : case ConnectionType::BLOCK_RELAY:
2673 : 0 : const CAddress address{pnode->addr};
2674 [ # # # # : 0 : if (address.IsTor() || address.IsI2P() || address.IsCJDNS()) {
# # ]
2675 : : // Since our addrman-groups for these networks are
2676 : : // random, without relation to the route we
2677 : : // take to connect to these peers or to the
2678 : : // difficulty in obtaining addresses with diverse
2679 : : // groups, we don't worry about diversity with
2680 : : // respect to our addrman groups when connecting to
2681 : : // these networks.
2682 : 0 : ++outbound_privacy_network_peers;
2683 : : } else {
2684 [ # # # # ]: 0 : outbound_ipv46_peer_netgroups.insert(m_netgroupman.GetGroup(address));
2685 : : }
2686 : : } // no default case, so the compiler can warn about missing cases
2687 : : }
2688 : 0 : }
2689 : :
2690 [ # # # # ]: 0 : if (!seed_nodes.empty() && nOutboundFullRelay < SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2691 [ # # ]: 0 : if (NodeClock::now() > seed_node_timer + ADD_NEXT_SEEDNODE) {
2692 : 0 : seed_node_timer = NodeClock::now();
2693 : 0 : add_addr_fetch = true;
2694 : : }
2695 : : }
2696 : :
2697 : 0 : ConnectionType conn_type = ConnectionType::OUTBOUND_FULL_RELAY;
2698 : 0 : auto now = GetTime<std::chrono::microseconds>();
2699 : 0 : bool anchor = false;
2700 : 0 : bool fFeeler = false;
2701 : 0 : std::optional<Network> preferred_net;
2702 : :
2703 : : // Determine what type of connection to open. Opening
2704 : : // BLOCK_RELAY connections to addresses from anchors.dat gets the highest
2705 : : // priority. Then we open OUTBOUND_FULL_RELAY priority until we
2706 : : // meet our full-relay capacity. Then we open BLOCK_RELAY connection
2707 : : // until we hit our block-relay-only peer limit.
2708 : : // GetTryNewOutboundPeer() gets set when a stale tip is detected, so we
2709 : : // try opening an additional OUTBOUND_FULL_RELAY connection. If none of
2710 : : // these conditions are met, check to see if it's time to try an extra
2711 : : // block-relay-only peer (to confirm our tip is current, see below) or the next_feeler
2712 : : // timer to decide if we should open a FEELER.
2713 : :
2714 [ # # # # ]: 0 : if (!m_anchors.empty() && (nOutboundBlockRelay < m_max_outbound_block_relay)) {
2715 : : conn_type = ConnectionType::BLOCK_RELAY;
2716 : : anchor = true;
2717 [ # # ]: 0 : } else if (nOutboundFullRelay < m_max_outbound_full_relay) {
2718 : : // OUTBOUND_FULL_RELAY
2719 [ # # ]: 0 : } else if (nOutboundBlockRelay < m_max_outbound_block_relay) {
2720 : : conn_type = ConnectionType::BLOCK_RELAY;
2721 [ # # # # ]: 0 : } else if (GetTryNewOutboundPeer()) {
2722 : : // OUTBOUND_FULL_RELAY
2723 [ # # # # ]: 0 : } else if (now > next_extra_block_relay && m_start_extra_block_relay_peers) {
2724 : : // Periodically connect to a peer (using regular outbound selection
2725 : : // methodology from addrman) and stay connected long enough to sync
2726 : : // headers, but not much else.
2727 : : //
2728 : : // Then disconnect the peer, if we haven't learned anything new.
2729 : : //
2730 : : // The idea is to make eclipse attacks very difficult to pull off,
2731 : : // because every few minutes we're finding a new peer to learn headers
2732 : : // from.
2733 : : //
2734 : : // This is similar to the logic for trying extra outbound (full-relay)
2735 : : // peers, except:
2736 : : // - we do this all the time on an exponential timer, rather than just when
2737 : : // our tip is stale
2738 : : // - we potentially disconnect our next-youngest block-relay-only peer, if our
2739 : : // newest block-relay-only peer delivers a block more recently.
2740 : : // See the eviction logic in net_processing.cpp.
2741 : : //
2742 : : // Because we can promote these connections to block-relay-only
2743 : : // connections, they do not get their own ConnectionType enum
2744 : : // (similar to how we deal with extra outbound peers).
2745 : 0 : next_extra_block_relay = now + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2746 : 0 : conn_type = ConnectionType::BLOCK_RELAY;
2747 [ # # ]: 0 : } else if (now > next_feeler) {
2748 : 0 : next_feeler = now + rng.rand_exp_duration(FEELER_INTERVAL);
2749 : 0 : conn_type = ConnectionType::FEELER;
2750 : 0 : fFeeler = true;
2751 [ # # ]: 0 : } else if (nOutboundFullRelay == m_max_outbound_full_relay &&
2752 [ # # ]: 0 : m_max_outbound_full_relay == MAX_OUTBOUND_FULL_RELAY_CONNECTIONS &&
2753 [ # # # # : 0 : now > next_extra_network_peer &&
# # ]
2754 [ # # ]: 0 : MaybePickPreferredNetwork(preferred_net)) {
2755 : : // Full outbound connection management: Attempt to get at least one
2756 : : // outbound peer from each reachable network by making extra connections
2757 : : // and then protecting "only" peers from a network during outbound eviction.
2758 : : // This is not attempted if the user changed -maxconnections to a value
2759 : : // so low that less than MAX_OUTBOUND_FULL_RELAY_CONNECTIONS are made,
2760 : : // to prevent interactions with otherwise protected outbound peers.
2761 : 0 : next_extra_network_peer = now + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL);
2762 : : } else {
2763 : : // skip to next iteration of while loop
2764 : 0 : continue;
2765 : : }
2766 : :
2767 [ # # ]: 0 : addrman.get().ResolveCollisions();
2768 : :
2769 : 0 : const auto current_time{NodeClock::now()};
2770 : 0 : int nTries = 0;
2771 [ # # ]: 0 : const auto reachable_nets{g_reachable_nets.All()};
2772 : :
2773 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2774 [ # # # # ]: 0 : if (anchor && !m_anchors.empty()) {
2775 : 0 : const CAddress addr = m_anchors.back();
2776 : 0 : m_anchors.pop_back();
2777 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr) || !g_reachable_nets.Contains(addr) ||
# # # # #
# # # #
# ]
2778 [ # # # # : 0 : !m_msgproc->HasAllDesirableServiceFlags(addr.nServices) ||
# # ]
2779 [ # # ]: 0 : outbound_ipv46_peer_netgroups.contains(m_netgroupman.GetGroup(addr))) continue;
2780 : 0 : addrConnect = addr;
2781 [ # # # # : 0 : LogDebug(BCLog::NET, "Trying to make an anchor connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2782 : 0 : break;
2783 : 0 : }
2784 : :
2785 : : // If we didn't find an appropriate destination after trying 100 addresses fetched from addrman,
2786 : : // stop this loop, and let the outer loop run again (which sleeps, adds seed nodes, recalculates
2787 : : // already-connected network ranges, ...) before trying new addrman addresses.
2788 : 0 : nTries++;
2789 [ # # ]: 0 : if (nTries > 100)
2790 : : break;
2791 : :
2792 [ # # ]: 0 : CAddress addr;
2793 : 0 : NodeSeconds addr_last_try{0s};
2794 : :
2795 [ # # ]: 0 : if (fFeeler) {
2796 : : // First, try to get a tried table collision address. This returns
2797 : : // an empty (invalid) address if there are no collisions to try.
2798 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().SelectTriedCollision();
2799 : :
2800 [ # # # # ]: 0 : if (!addr.IsValid()) {
2801 : : // No tried table collisions. Select a new table address
2802 : : // for our feeler.
2803 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().Select(true, reachable_nets);
2804 [ # # # # ]: 0 : } else if (AlreadyConnectedToAddress(addr)) {
2805 : : // If test-before-evict logic would have us connect to a
2806 : : // peer that we're already connected to, just mark that
2807 : : // address as Good(). We won't be able to initiate the
2808 : : // connection anyway, so this avoids inadvertently evicting
2809 : : // a currently-connected peer.
2810 [ # # ]: 0 : addrman.get().Good(addr);
2811 : : // Select a new table address for our feeler instead.
2812 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.get().Select(true, reachable_nets);
2813 : : }
2814 : : } else {
2815 : : // Not a feeler
2816 : : // If preferred_net has a value set, pick an extra outbound
2817 : : // peer from that network. The eviction logic in net_processing
2818 : : // ensures that a peer from another network will be evicted.
2819 [ # # ]: 0 : std::tie(addr, addr_last_try) = preferred_net.has_value()
2820 [ # # # # : 0 : ? addrman.get().Select(false, {*preferred_net})
# # # # #
# # # ]
2821 [ # # ]: 0 : : addrman.get().Select(false, reachable_nets);
2822 : : }
2823 : :
2824 : : // Require outbound IPv4/IPv6 connections, other than feelers, to be to distinct network groups
2825 [ # # # # : 0 : if (!fFeeler && outbound_ipv46_peer_netgroups.contains(m_netgroupman.GetGroup(addr))) {
# # # # ]
2826 : 0 : continue;
2827 : : }
2828 : :
2829 : : // if we selected an invalid or local address, restart
2830 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
2831 : : break;
2832 : : }
2833 : :
2834 [ # # # # ]: 0 : if (!g_reachable_nets.Contains(addr)) {
2835 : 0 : continue;
2836 : : }
2837 : :
2838 : : // only consider very recently tried nodes after 30 failed attempts
2839 [ # # # # ]: 0 : if (current_time - addr_last_try < 10min && nTries < 30) {
2840 : 0 : continue;
2841 : : }
2842 : :
2843 : : // for non-feelers, require all the services we'll want,
2844 : : // for feelers, only require they be a full node (only because most
2845 : : // SPV clients don't have a good address DB available)
2846 [ # # # # : 0 : if (!fFeeler && !m_msgproc->HasAllDesirableServiceFlags(addr.nServices)) {
# # ]
2847 : 0 : continue;
2848 [ # # # # ]: 0 : } else if (fFeeler && !MayHaveUsefulAddressDB(addr.nServices)) {
2849 : 0 : continue;
2850 : : }
2851 : :
2852 : : // Do not connect to bad ports, unless 50 invalid addresses have been selected already.
2853 [ # # # # : 0 : if (nTries < 50 && (addr.IsIPv4() || addr.IsIPv6()) && IsBadPort(addr.GetPort())) {
# # # # #
# # # ]
2854 : 0 : continue;
2855 : : }
2856 : :
2857 : : // Do not make automatic outbound connections to addnode peers, to
2858 : : // not use our limited outbound slots for them and to ensure
2859 : : // addnode connections benefit from their intended protections.
2860 [ # # # # ]: 0 : if (AddedNodesContain(addr)) {
2861 [ # # # # : 0 : LogDebug(BCLog::NET, "Not making automatic %s%s connection to %s peer selected for manual (addnode) connection%s\n",
# # # # #
# # # # #
# # # # #
# # # # #
# # ]
2862 : : preferred_net.has_value() ? "network-specific " : "",
2863 : : ConnectionTypeAsString(conn_type), GetNetworkName(addr.GetNetwork()),
2864 : : fLogIPs ? strprintf(": %s", addr.ToStringAddrPort()) : "");
2865 : 0 : continue;
2866 : 0 : }
2867 : :
2868 : 0 : addrConnect = addr;
2869 : : break;
2870 : 0 : }
2871 : :
2872 [ # # # # ]: 0 : if (addrConnect.IsValid()) {
2873 [ # # ]: 0 : if (fFeeler) {
2874 : : // Add small amount of random noise before connection to avoid synchronization.
2875 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(rng.rand_uniform_duration<CThreadInterrupt::Clock>(FEELER_SLEEP_WINDOW))) {
2876 : 0 : return;
2877 : : }
2878 [ # # # # : 0 : LogDebug(BCLog::NET, "Making feeler connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2879 : : }
2880 : :
2881 [ # # # # : 0 : if (preferred_net != std::nullopt) LogDebug(BCLog::NET, "Making network specific connection to %s on %s.\n", addrConnect.ToStringAddrPort(), GetNetworkName(preferred_net.value()));
# # # # #
# # # #
# ]
2882 : :
2883 : : // Record addrman failure attempts when node has at least 2 persistent outbound connections to peers with
2884 : : // different netgroups in ipv4/ipv6 networks + all peers in Tor/I2P/CJDNS networks.
2885 : : // Don't record addrman failure attempts when node is offline. This can be identified since all local
2886 : : // network connections (if any) belong in the same netgroup, and the size of `outbound_ipv46_peer_netgroups` would only be 1.
2887 [ # # ]: 0 : const bool count_failures{((int)outbound_ipv46_peer_netgroups.size() + outbound_privacy_network_peers) >= std::min(m_max_automatic_connections - 1, 2)};
2888 : : // Use BIP324 transport when both us and them have NODE_V2_P2P set.
2889 [ # # ]: 0 : const bool use_v2transport(addrConnect.nServices & GetLocalServices() & NODE_P2P_V2);
2890 [ # # ]: 0 : OpenNetworkConnection(addrConnect, count_failures, std::move(grant), /*pszDest=*/nullptr, conn_type, use_v2transport);
2891 : : }
2892 : 0 : }
2893 : 0 : }
2894 : :
2895 : 0 : std::vector<CAddress> CConnman::GetCurrentBlockRelayOnlyConns() const
2896 : : {
2897 : 0 : std::vector<CAddress> ret;
2898 [ # # ]: 0 : LOCK(m_nodes_mutex);
2899 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2900 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) {
2901 [ # # ]: 0 : ret.push_back(pnode->addr);
2902 : : }
2903 : : }
2904 : :
2905 [ # # ]: 0 : return ret;
2906 : 0 : }
2907 : :
2908 : 4809 : std::vector<AddedNodeInfo> CConnman::GetAddedNodeInfo(bool include_connected) const
2909 : : {
2910 : 4809 : std::vector<AddedNodeInfo> ret;
2911 : :
2912 [ + - ]: 4809 : std::list<AddedNodeParams> lAddresses(0);
2913 : 4809 : {
2914 [ + - ]: 4809 : LOCK(m_added_nodes_mutex);
2915 [ - + + - ]: 4809 : ret.reserve(m_added_node_params.size());
2916 [ + - ]: 4809 : std::copy(m_added_node_params.cbegin(), m_added_node_params.cend(), std::back_inserter(lAddresses));
2917 : 0 : }
2918 : :
2919 : :
2920 : : // Build a map of all already connected addresses (by IP:port and by name) to inbound/outbound and resolved CService
2921 [ + - ]: 4809 : std::map<CService, bool> mapConnected;
2922 : 4809 : std::map<std::string, std::pair<bool, CService>> mapConnectedByName;
2923 : 4809 : {
2924 [ + - ]: 4809 : LOCK(m_nodes_mutex);
2925 [ + + ]: 70013 : for (const CNode* pnode : m_nodes) {
2926 [ + - + + ]: 65204 : if (pnode->addr.IsValid()) {
2927 [ + - ]: 57581 : mapConnected[pnode->addr] = pnode->IsInboundConn();
2928 : : }
2929 [ - + ]: 65204 : std::string addrName{pnode->m_addr_name};
2930 [ + - ]: 65204 : if (!addrName.empty()) {
2931 [ + - ]: 65204 : mapConnectedByName[std::move(addrName)] = std::make_pair(pnode->IsInboundConn(), static_cast<const CService&>(pnode->addr));
2932 : : }
2933 : 65204 : }
2934 : 0 : }
2935 : :
2936 [ + + ]: 5670 : for (const auto& addr : lAddresses) {
2937 [ + - + - : 1722 : CService service{MaybeFlipIPv6toCJDNS(LookupNumeric(addr.m_added_node, GetDefaultPort(addr.m_added_node)))};
+ - + - ]
2938 [ + - + - ]: 861 : AddedNodeInfo addedNode{addr, CService(), false, false};
2939 [ + - + + ]: 861 : if (service.IsValid()) {
2940 : : // strAddNode is an IP:port
2941 [ + - ]: 211 : auto it = mapConnected.find(service);
2942 [ + + ]: 211 : if (it != mapConnected.end()) {
2943 [ + + ]: 15 : if (!include_connected) {
2944 : 7 : continue;
2945 : : }
2946 : 8 : addedNode.resolvedAddress = service;
2947 : 8 : addedNode.fConnected = true;
2948 : 8 : addedNode.fInbound = it->second;
2949 : : }
2950 : : } else {
2951 : : // strAddNode is a name
2952 : 650 : auto it = mapConnectedByName.find(addr.m_added_node);
2953 [ + + ]: 650 : if (it != mapConnectedByName.end()) {
2954 [ + + ]: 16 : if (!include_connected) {
2955 : 15 : continue;
2956 : : }
2957 : 1 : addedNode.resolvedAddress = it->second.second;
2958 : 1 : addedNode.fConnected = true;
2959 : 1 : addedNode.fInbound = it->second.first;
2960 : : }
2961 : : }
2962 [ + - ]: 839 : ret.emplace_back(std::move(addedNode));
2963 : 861 : }
2964 : :
2965 : 4809 : return ret;
2966 : 4809 : }
2967 : :
2968 : 0 : void CConnman::ThreadOpenAddedConnections()
2969 : : {
2970 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2971 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2972 : 0 : while (true)
2973 : : {
2974 : 0 : CountingSemaphoreGrant<> grant(*semAddnode);
2975 [ # # ]: 0 : std::vector<AddedNodeInfo> vInfo = GetAddedNodeInfo(/*include_connected=*/false);
2976 : 0 : bool tried = false;
2977 [ # # ]: 0 : for (const AddedNodeInfo& info : vInfo) {
2978 [ # # ]: 0 : if (!grant) {
2979 : : // If we've used up our semaphore and need a new one, let's not wait here since while we are waiting
2980 : : // the addednodeinfo state might change.
2981 : : break;
2982 : : }
2983 : 0 : tried = true;
2984 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2985 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), info.m_params.m_added_node.c_str(), ConnectionType::MANUAL, info.m_params.m_use_v2transport);
2986 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) return;
2987 : 0 : grant = CountingSemaphoreGrant<>(*semAddnode, /*fTry=*/true);
2988 : 0 : }
2989 : : // See if any reconnections are desired.
2990 [ # # ]: 0 : PerformReconnections();
2991 : : // Retry every 60 seconds if a connection was attempted, otherwise two seconds
2992 [ # # # # : 0 : if (!m_interrupt_net->sleep_for(tried ? 60s : 2s)) {
# # ]
2993 : : return;
2994 : : }
2995 : 0 : }
2996 : : }
2997 : :
2998 : : // if successful, this moves the passed grant to the constructed node
2999 : 80293 : bool CConnman::OpenNetworkConnection(const CAddress& addrConnect,
3000 : : bool fCountFailure,
3001 : : CountingSemaphoreGrant<>&& grant_outbound,
3002 : : const char* pszDest,
3003 : : ConnectionType conn_type,
3004 : : bool use_v2transport,
3005 : : const std::optional<Proxy>& proxy_override)
3006 : : {
3007 : 80293 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3008 [ - + ]: 80293 : assert(conn_type != ConnectionType::INBOUND);
3009 : :
3010 : : //
3011 : : // Initiate outbound network connection
3012 : : //
3013 [ + + ]: 80293 : if (m_interrupt_net->interrupted()) {
3014 : : return false;
3015 : : }
3016 [ + + ]: 26888 : if (!fNetworkActive) {
3017 : : return false;
3018 : : }
3019 [ + + ]: 26802 : if (!pszDest) {
3020 [ - + - - : 2069 : bool banned_or_discouraged = m_banman && (m_banman->IsDiscouraged(addrConnect) || m_banman->IsBanned(addrConnect));
- - ]
3021 [ + + + - : 2069 : if (IsLocal(addrConnect) || banned_or_discouraged || AlreadyConnectedToAddress(addrConnect)) {
+ + ]
3022 : 907 : return false;
3023 : : }
3024 [ + + ]: 24733 : } else if (AlreadyConnectedToHost(pszDest)) {
3025 : : return false;
3026 : : }
3027 : :
3028 [ + - ]: 25838 : CNode* pnode = ConnectNode(addrConnect, pszDest, fCountFailure, conn_type, use_v2transport, proxy_override);
3029 : :
3030 [ + + ]: 25838 : if (!pnode)
3031 : : return false;
3032 : 23402 : pnode->grantOutbound = std::move(grant_outbound);
3033 : :
3034 : 23402 : m_msgproc->InitializeNode(*pnode, m_local_services);
3035 : 23402 : {
3036 : 23402 : LOCK(m_nodes_mutex);
3037 [ + - ]: 23402 : m_nodes.push_back(pnode);
3038 : :
3039 : : // update connection count by network
3040 [ + + + - ]: 23402 : if (pnode->IsManualOrFullOutboundConn()) ++m_network_conn_counts[pnode->addr.GetNetwork()];
3041 : 23402 : }
3042 : :
3043 : : TRACEPOINT(net, outbound_connection,
3044 : : pnode->GetId(),
3045 : : pnode->m_addr_name.c_str(),
3046 : : pnode->ConnectionTypeAsString().c_str(),
3047 : : pnode->ConnectedThroughNetwork(),
3048 : 23402 : GetNodeCount(ConnectionDirection::Out));
3049 : :
3050 : 23402 : return true;
3051 : : }
3052 : :
3053 : 0 : std::optional<Network> CConnman::PrivateBroadcast::PickNetwork(std::optional<Proxy>& proxy) const
3054 : : {
3055 : 0 : prevector<4, Network> nets;
3056 : 0 : std::optional<Proxy> clearnet_proxy;
3057 [ # # ]: 0 : proxy.reset();
3058 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_ONION)) {
3059 : 0 : nets.push_back(NET_ONION);
3060 : :
3061 [ # # # # ]: 0 : clearnet_proxy = ProxyForIPv4or6();
3062 [ # # ]: 0 : if (clearnet_proxy.has_value()) {
3063 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_IPV4)) {
3064 : 0 : nets.push_back(NET_IPV4);
3065 : : }
3066 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_IPV6)) {
3067 : 0 : nets.push_back(NET_IPV6);
3068 : : }
3069 : : }
3070 : : }
3071 [ # # # # ]: 0 : if (g_reachable_nets.Contains(NET_I2P)) {
3072 : 0 : nets.push_back(NET_I2P);
3073 : : }
3074 : :
3075 [ # # # # ]: 0 : if (nets.empty()) {
3076 : 0 : return std::nullopt;
3077 : : }
3078 : :
3079 [ # # # # ]: 0 : const Network net{nets[FastRandomContext{}.randrange(nets.size())]};
3080 [ # # ]: 0 : if (net == NET_IPV4 || net == NET_IPV6) {
3081 [ # # ]: 0 : proxy = clearnet_proxy;
3082 : : }
3083 : 0 : return net;
3084 : 0 : }
3085 : :
3086 : 0 : size_t CConnman::PrivateBroadcast::NumToOpen() const
3087 : : {
3088 : 0 : return m_num_to_open;
3089 : : }
3090 : :
3091 : 4819 : void CConnman::PrivateBroadcast::NumToOpenAdd(size_t n)
3092 : : {
3093 : 4819 : m_num_to_open += n;
3094 : 4819 : m_num_to_open.notify_all();
3095 : 4819 : }
3096 : :
3097 : 0 : size_t CConnman::PrivateBroadcast::NumToOpenSub(size_t n)
3098 : : {
3099 : 0 : size_t current_value{m_num_to_open.load()};
3100 : 0 : size_t new_value;
3101 : 0 : do {
3102 [ # # ]: 0 : new_value = current_value > n ? current_value - n : 0;
3103 [ # # ]: 0 : } while (!m_num_to_open.compare_exchange_strong(current_value, new_value));
3104 : 0 : return new_value;
3105 : : }
3106 : :
3107 : 0 : void CConnman::PrivateBroadcast::NumToOpenWait() const
3108 : : {
3109 : 0 : m_num_to_open.wait(0);
3110 : 0 : }
3111 : :
3112 : 0 : std::optional<Proxy> CConnman::PrivateBroadcast::ProxyForIPv4or6() const
3113 : : {
3114 : 0 : Proxy tor_proxy;
3115 [ # # # # : 0 : if (m_outbound_tor_ok_at_least_once.load() && GetProxy(NET_ONION, tor_proxy)) {
# # ]
3116 : 0 : return tor_proxy;
3117 : : }
3118 : 0 : return std::nullopt;
3119 : 0 : }
3120 : :
3121 : : Mutex NetEventsInterface::g_msgproc_mutex;
3122 : :
3123 : 0 : void CConnman::ThreadMessageHandler()
3124 : : {
3125 : 0 : LOCK(NetEventsInterface::g_msgproc_mutex);
3126 : :
3127 [ # # ]: 0 : while (!flagInterruptMsgProc)
3128 : : {
3129 : 0 : bool fMoreWork = false;
3130 : :
3131 : 0 : {
3132 : : // Randomize the order in which we process messages from/to our peers.
3133 : : // This prevents attacks in which an attacker exploits having multiple
3134 : : // consecutive connections in the m_nodes list.
3135 [ # # ]: 0 : const NodesSnapshot snap{*this, /*shuffle=*/true};
3136 : :
3137 [ # # ]: 0 : for (CNode* pnode : snap.Nodes()) {
3138 [ # # ]: 0 : if (pnode->fDisconnect)
3139 : 0 : continue;
3140 : :
3141 : : // Receive messages
3142 [ # # ]: 0 : bool fMoreNodeWork = m_msgproc->ProcessMessages(pnode, flagInterruptMsgProc);
3143 [ # # # # ]: 0 : fMoreWork |= (fMoreNodeWork && !pnode->fPauseSend);
3144 [ # # ]: 0 : if (flagInterruptMsgProc)
3145 : : return;
3146 : : // Send messages
3147 [ # # ]: 0 : m_msgproc->SendMessages(pnode);
3148 : :
3149 [ # # ]: 0 : if (flagInterruptMsgProc)
3150 : : return;
3151 : : }
3152 [ # # ]: 0 : }
3153 : :
3154 [ # # ]: 0 : WAIT_LOCK(mutexMsgProc, lock);
3155 [ # # ]: 0 : if (!fMoreWork) {
3156 [ # # # # ]: 0 : condMsgProc.wait_until(lock, std::chrono::steady_clock::now() + std::chrono::milliseconds(100), [this]() EXCLUSIVE_LOCKS_REQUIRED(mutexMsgProc) { return fMsgProcWake; });
3157 : : }
3158 [ # # ]: 0 : fMsgProcWake = false;
3159 : 0 : }
3160 : 0 : }
3161 : :
3162 : 0 : void CConnman::ThreadI2PAcceptIncoming()
3163 : : {
3164 : 0 : static constexpr auto err_wait_begin = 1s;
3165 : 0 : static constexpr auto err_wait_cap = 5min;
3166 : 0 : auto err_wait = err_wait_begin;
3167 : :
3168 : 0 : bool advertising_listen_addr = false;
3169 : 0 : i2p::Connection conn;
3170 : :
3171 : 0 : auto SleepOnFailure = [&]() {
3172 : 0 : m_interrupt_net->sleep_for(err_wait);
3173 [ # # ]: 0 : if (err_wait < err_wait_cap) {
3174 : 0 : err_wait += 1s;
3175 : : }
3176 : 0 : };
3177 : :
3178 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3179 : :
3180 [ # # # # ]: 0 : if (!m_i2p_sam_session->Listen(conn)) {
3181 [ # # # # : 0 : if (advertising_listen_addr && conn.me.IsValid()) {
# # ]
3182 [ # # ]: 0 : RemoveLocal(conn.me);
3183 : : advertising_listen_addr = false;
3184 : : }
3185 [ # # ]: 0 : SleepOnFailure();
3186 : 0 : continue;
3187 : : }
3188 : :
3189 [ # # ]: 0 : if (!advertising_listen_addr) {
3190 [ # # ]: 0 : AddLocal(conn.me, LOCAL_MANUAL);
3191 : : advertising_listen_addr = true;
3192 : : }
3193 : :
3194 [ # # # # ]: 0 : if (!m_i2p_sam_session->Accept(conn)) {
3195 [ # # ]: 0 : SleepOnFailure();
3196 : 0 : continue;
3197 : : }
3198 : :
3199 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(conn.sock), NetPermissionFlags::None, conn.me, conn.peer);
3200 : :
3201 : 0 : err_wait = err_wait_begin;
3202 : : }
3203 : 0 : }
3204 : :
3205 : 0 : void CConnman::ThreadPrivateBroadcast()
3206 : : {
3207 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3208 : :
3209 : 0 : size_t addrman_num_bad_addresses{0};
3210 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3211 : :
3212 [ # # ]: 0 : if (!fNetworkActive) {
3213 : 0 : m_interrupt_net->sleep_for(5s);
3214 : 0 : continue;
3215 : : }
3216 : :
3217 : 0 : CountingSemaphoreGrant<> conn_max_grant{m_private_broadcast.m_sem_conn_max}; // Would block if too many are opened.
3218 : :
3219 [ # # ]: 0 : m_private_broadcast.NumToOpenWait();
3220 : :
3221 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
3222 : : break;
3223 : : }
3224 : :
3225 : 0 : std::optional<Proxy> proxy;
3226 [ # # ]: 0 : const std::optional<Network> net{m_private_broadcast.PickNetwork(proxy)};
3227 [ # # ]: 0 : if (!net.has_value()) {
3228 [ # # ]: 0 : LogWarning("[privatebroadcast] Connections needed but none of the Tor or I2P networks is reachable");
3229 [ # # ]: 0 : m_interrupt_net->sleep_for(5s);
3230 : 0 : continue;
3231 : : }
3232 : :
3233 [ # # # # : 0 : const auto [addr, _] = addrman.get().Select(/*new_only=*/false, {net.value()});
# # ]
3234 : :
3235 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
3236 : 0 : ++addrman_num_bad_addresses;
3237 [ # # ]: 0 : if (addrman_num_bad_addresses > 100) {
3238 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Connections needed but addrman keeps returning bad addresses, will retry");
# # ]
3239 [ # # ]: 0 : m_interrupt_net->sleep_for(500ms);
3240 : : }
3241 : 0 : continue;
3242 : 0 : }
3243 : 0 : addrman_num_bad_addresses = 0;
3244 : :
3245 [ # # ]: 0 : auto target_str{addr.ToStringAddrPort()};
3246 [ # # ]: 0 : if (proxy.has_value()) {
3247 [ # # # # ]: 0 : target_str += " through the proxy at " + proxy->ToString();
3248 : : }
3249 : :
3250 [ # # ]: 0 : const bool use_v2transport(addr.nServices & GetLocalServices() & NODE_P2P_V2);
3251 : :
3252 [ # # # # ]: 0 : if (OpenNetworkConnection(addr,
3253 : : /*fCountFailure=*/true,
3254 : : std::move(conn_max_grant),
3255 : : /*pszDest=*/nullptr,
3256 : : ConnectionType::PRIVATE_BROADCAST,
3257 : : use_v2transport,
3258 : : proxy)) {
3259 [ # # ]: 0 : const size_t remaining{m_private_broadcast.NumToOpenSub(1)};
3260 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Socket connected to %s; remaining connections to open: %d", target_str, remaining);
# # ]
3261 : : } else {
3262 [ # # ]: 0 : const size_t remaining{m_private_broadcast.NumToOpen()};
3263 [ # # ]: 0 : if (remaining == 0) {
3264 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Failed to connect to %s, will not retry, no more connections needed", target_str);
# # ]
3265 : : } else {
3266 [ # # # # : 0 : LogDebug(BCLog::PRIVBROADCAST, "Failed to connect to %s, will retry to a different address; remaining connections to open: %d", target_str, remaining);
# # ]
3267 [ # # ]: 0 : m_interrupt_net->sleep_for(100ms); // Prevent busy loop if OpenNetworkConnection() fails fast repeatedly.
3268 : : }
3269 : : }
3270 [ # # ]: 0 : }
3271 : 0 : }
3272 : :
3273 : 21316 : bool CConnman::BindListenPort(const CService& addrBind, bilingual_str& strError, NetPermissionFlags permissions)
3274 : : {
3275 : 21316 : int nOne = 1;
3276 : :
3277 : : // Create socket for listening for incoming connections
3278 : 21316 : struct sockaddr_storage sockaddr;
3279 : 21316 : socklen_t len = sizeof(sockaddr);
3280 [ + + ]: 21316 : if (!addrBind.GetSockAddr((struct sockaddr*)&sockaddr, &len))
3281 : : {
3282 [ + - + - ]: 2498 : strError = Untranslated(strprintf("Bind address family for %s not supported", addrBind.ToStringAddrPort()));
3283 : 1249 : LogError("%s\n", strError.original);
3284 : 1249 : return false;
3285 : : }
3286 : :
3287 : 20067 : std::unique_ptr<Sock> sock = CreateSock(addrBind.GetSAFamily(), SOCK_STREAM, IPPROTO_TCP);
3288 [ - + ]: 20067 : if (!sock) {
3289 [ # # # # : 0 : strError = Untranslated(strprintf("Couldn't open socket for incoming connections (socket returned error %s)", NetworkErrorString(WSAGetLastError())));
# # ]
3290 [ # # ]: 0 : LogError("%s\n", strError.original);
3291 : : return false;
3292 : : }
3293 : :
3294 : : // Allow binding if the port is still in TIME_WAIT state after
3295 : : // the program was closed and restarted.
3296 [ + - + + ]: 20067 : if (sock->SetSockOpt(SOL_SOCKET, SO_REUSEADDR, &nOne, sizeof(int)) == SOCKET_ERROR) {
3297 [ + - + - : 5332 : strError = Untranslated(strprintf("Error setting SO_REUSEADDR on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3298 [ + - ]: 2666 : LogInfo("%s\n", strError.original);
3299 : : }
3300 : :
3301 : : // some systems don't have IPV6_V6ONLY but are always v6only; others do have the option
3302 : : // and enable it by default or not. Try to enable it, if possible.
3303 [ + + ]: 20067 : if (addrBind.IsIPv6()) {
3304 : : #ifdef IPV6_V6ONLY
3305 [ + - + + ]: 7725 : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_V6ONLY, &nOne, sizeof(int)) == SOCKET_ERROR) {
3306 [ + - + - : 3670 : strError = Untranslated(strprintf("Error setting IPV6_V6ONLY on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3307 [ + - ]: 1835 : LogInfo("%s\n", strError.original);
3308 : : }
3309 : : #endif
3310 : : #ifdef WIN32
3311 : : int nProtLevel = PROTECTION_LEVEL_UNRESTRICTED;
3312 : : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_PROTECTION_LEVEL, &nProtLevel, sizeof(int)) == SOCKET_ERROR) {
3313 : : strError = Untranslated(strprintf("Error setting IPV6_PROTECTION_LEVEL on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
3314 : : LogInfo("%s\n", strError.original);
3315 : : }
3316 : : #endif
3317 : : }
3318 : :
3319 [ + - + + ]: 20067 : if (sock->Bind(reinterpret_cast<struct sockaddr*>(&sockaddr), len) == SOCKET_ERROR) {
3320 : 2428 : int nErr = WSAGetLastError();
3321 [ + + ]: 2428 : if (nErr == WSAEADDRINUSE)
3322 [ + - + - ]: 852 : strError = strprintf(_("Unable to bind to %s on this computer. %s is probably already running."), addrBind.ToStringAddrPort(), CLIENT_NAME);
3323 : : else
3324 [ + - + - : 4004 : strError = strprintf(_("Unable to bind to %s on this computer (bind returned error %s)"), addrBind.ToStringAddrPort(), NetworkErrorString(nErr));
+ - ]
3325 [ + - ]: 2428 : LogError("%s\n", strError.original);
3326 : : return false;
3327 : : }
3328 [ + - + - ]: 17639 : LogInfo("Bound to %s\n", addrBind.ToStringAddrPort());
3329 : :
3330 : : // Listen for incoming connections
3331 [ + - + + ]: 17639 : if (sock->Listen(SOMAXCONN) == SOCKET_ERROR)
3332 : : {
3333 [ + - + - ]: 2264 : strError = strprintf(_("Listening for incoming connections failed (listen returned error %s)"), NetworkErrorString(WSAGetLastError()));
3334 [ + - ]: 1132 : LogError("%s\n", strError.original);
3335 : : return false;
3336 : : }
3337 : :
3338 [ + - ]: 16507 : vhListenSocket.emplace_back(std::move(sock), permissions);
3339 : : return true;
3340 : 20067 : }
3341 : :
3342 : 0 : void Discover()
3343 : : {
3344 [ # # ]: 0 : if (!fDiscover)
3345 : : return;
3346 : :
3347 [ # # ]: 0 : for (const CNetAddr &addr: GetLocalAddresses()) {
3348 [ # # # # ]: 0 : if (AddLocal(addr, LOCAL_IF))
3349 [ # # # # ]: 0 : LogInfo("%s: %s\n", __func__, addr.ToStringAddr());
3350 : : }
3351 : : }
3352 : :
3353 : 90039 : void CConnman::SetNetworkActive(bool active)
3354 : : {
3355 : 90039 : LogInfo("%s: %s\n", __func__, active);
3356 : :
3357 [ + + ]: 90039 : if (fNetworkActive == active) {
3358 : : return;
3359 : : }
3360 : :
3361 [ - + ]: 2742 : fNetworkActive = active;
3362 : :
3363 [ - + ]: 2742 : if (m_client_interface) {
3364 : 0 : m_client_interface->NotifyNetworkActiveChanged(fNetworkActive);
3365 : : }
3366 : : }
3367 : :
3368 : 4819 : CConnman::CConnman(uint64_t nSeed0In,
3369 : : uint64_t nSeed1In,
3370 : : AddrMan& addrman_in,
3371 : : const NetGroupManager& netgroupman,
3372 : : const CChainParams& params,
3373 : : bool network_active,
3374 : 4819 : std::shared_ptr<CThreadInterrupt> interrupt_net)
3375 [ + - ]: 4819 : : addrman(addrman_in)
3376 [ + - ]: 4819 : , m_netgroupman{netgroupman}
3377 : 4819 : , nSeed0(nSeed0In)
3378 : 4819 : , nSeed1(nSeed1In)
3379 [ + - - - ]: 4819 : , m_interrupt_net{interrupt_net}
3380 [ + - + - : 9638 : , m_params(params)
+ - + - ]
3381 : : {
3382 [ + - ]: 4819 : SetTryNewOutboundPeer(false);
3383 : :
3384 : 4819 : Options connOptions;
3385 [ + - ]: 4819 : Init(connOptions);
3386 [ + - ]: 4819 : SetNetworkActive(network_active);
3387 : 4819 : }
3388 : :
3389 : 23446 : NodeId CConnman::GetNewNodeId()
3390 : : {
3391 : 23446 : return nLastNodeId.fetch_add(1, std::memory_order_relaxed);
3392 : : }
3393 : :
3394 : 2137 : uint16_t CConnman::GetDefaultPort(Network net) const
3395 : : {
3396 [ + + ]: 2137 : return net == NET_I2P ? I2P_SAM31_PORT : m_params.GetDefaultPort();
3397 : : }
3398 : :
3399 : 60264 : uint16_t CConnman::GetDefaultPort(const std::string& addr) const
3400 : : {
3401 : 60264 : CNetAddr a;
3402 [ - + + - : 60264 : return a.SetSpecial(addr) ? GetDefaultPort(a.GetNetwork()) : m_params.GetDefaultPort();
+ + + - +
- ]
3403 : 60264 : }
3404 : :
3405 : 21316 : bool CConnman::Bind(const CService& addr_, unsigned int flags, NetPermissionFlags permissions)
3406 : : {
3407 : 21316 : const CService addr{MaybeFlipIPv6toCJDNS(addr_)};
3408 : :
3409 [ + - ]: 21316 : bilingual_str strError;
3410 [ + - + + ]: 21316 : if (!BindListenPort(addr, strError, permissions)) {
3411 [ + + - + ]: 4809 : if ((flags & BF_REPORT_ERROR) && m_client_interface) {
3412 [ # # # # ]: 0 : m_client_interface->ThreadSafeMessageBox(strError, "", CClientUIInterface::MSG_ERROR);
3413 : : }
3414 : 4809 : return false;
3415 : : }
3416 : :
3417 [ + - + + : 16507 : if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::NoBan)) {
+ - + + +
+ ]
3418 [ + - ]: 12258 : AddLocal(addr, LOCAL_BIND);
3419 : : }
3420 : :
3421 : : return true;
3422 : 21316 : }
3423 : :
3424 : 5447 : bool CConnman::InitBinds(const Options& options)
3425 : : {
3426 [ + + ]: 14521 : for (const auto& addrBind : options.vBinds) {
3427 [ + + ]: 12089 : if (!Bind(addrBind, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3428 : : return false;
3429 : : }
3430 : : }
3431 [ + + ]: 8499 : for (const auto& addrBind : options.vWhiteBinds) {
3432 [ + + ]: 7696 : if (!Bind(addrBind.m_service, BF_REPORT_ERROR, addrBind.m_flags)) {
3433 : : return false;
3434 : : }
3435 : : }
3436 [ + + ]: 1077 : for (const auto& addr_bind : options.onion_binds) {
3437 [ + + ]: 401 : if (!Bind(addr_bind, BF_REPORT_ERROR | BF_DONT_ADVERTISE, NetPermissionFlags::None)) {
3438 : : return false;
3439 : : }
3440 : : }
3441 [ + + ]: 676 : if (options.bind_on_any) {
3442 : : // Don't consider errors to bind on IPv6 "::" fatal because the host OS
3443 : : // may not have IPv6 support and the user did not explicitly ask us to
3444 : : // bind on that.
3445 : 565 : const CService ipv6_any{in6_addr(COMPAT_IN6ADDR_ANY_INIT), GetListenPort()}; // ::
3446 [ + - ]: 565 : Bind(ipv6_any, BF_NONE, NetPermissionFlags::None);
3447 : :
3448 : 565 : struct in_addr inaddr_any;
3449 : 565 : inaddr_any.s_addr = htonl(INADDR_ANY);
3450 [ + - + - ]: 565 : const CService ipv4_any{inaddr_any, GetListenPort()}; // 0.0.0.0
3451 [ + - + + ]: 565 : if (!Bind(ipv4_any, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3452 : 21 : return false;
3453 : : }
3454 : 565 : }
3455 : : return true;
3456 : : }
3457 : :
3458 : 0 : bool CConnman::Start(CScheduler& scheduler, const Options& connOptions)
3459 : : {
3460 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3461 : 0 : Init(connOptions);
3462 : :
3463 [ # # # # ]: 0 : if (fListen && !InitBinds(connOptions)) {
3464 [ # # ]: 0 : if (m_client_interface) {
3465 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3466 [ # # ]: 0 : _("Failed to listen on any port. Use -listen=0 if you want this."),
3467 : 0 : "", CClientUIInterface::MSG_ERROR);
3468 : : }
3469 : 0 : return false;
3470 : : }
3471 : :
3472 : 0 : Proxy i2p_sam;
3473 [ # # # # : 0 : if (GetProxy(NET_I2P, i2p_sam) && connOptions.m_i2p_accept_incoming) {
# # ]
3474 [ # # # # ]: 0 : m_i2p_sam_session = std::make_unique<i2p::sam::Session>(gArgs.GetDataDirNet() / "i2p_private_key",
3475 [ # # ]: 0 : i2p_sam, m_interrupt_net);
3476 : : }
3477 : :
3478 : : // Randomize the order in which we may query seednode to potentially prevent connecting to the same one every restart (and signal that we have restarted)
3479 [ # # ]: 0 : std::vector<std::string> seed_nodes = connOptions.vSeedNodes;
3480 [ # # ]: 0 : if (!seed_nodes.empty()) {
3481 : 0 : std::shuffle(seed_nodes.begin(), seed_nodes.end(), FastRandomContext{});
3482 : : }
3483 : :
3484 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3485 : : // Load addresses from anchors.dat
3486 [ # # # # : 0 : m_anchors = ReadAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME);
# # ]
3487 [ # # # # ]: 0 : if (m_anchors.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3488 [ # # ]: 0 : m_anchors.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3489 : : }
3490 [ # # # # ]: 0 : LogInfo("%i block-relay-only anchors will be tried for connections.\n", m_anchors.size());
3491 : : }
3492 : :
3493 [ # # ]: 0 : if (m_client_interface) {
3494 [ # # # # ]: 0 : m_client_interface->InitMessage(_("Starting network threads…"));
3495 : : }
3496 : :
3497 : 0 : fAddressesInitialized = true;
3498 : :
3499 [ # # ]: 0 : if (semOutbound == nullptr) {
3500 : : // initialize semaphore
3501 [ # # # # ]: 0 : semOutbound = std::make_unique<std::counting_semaphore<>>(std::min(m_max_automatic_outbound, m_max_automatic_connections));
3502 : : }
3503 [ # # ]: 0 : if (semAddnode == nullptr) {
3504 : : // initialize semaphore
3505 [ # # ]: 0 : semAddnode = std::make_unique<std::counting_semaphore<>>(m_max_addnode);
3506 : : }
3507 : :
3508 : : //
3509 : : // Start threads
3510 : : //
3511 [ # # ]: 0 : assert(m_msgproc);
3512 [ # # ]: 0 : m_interrupt_net->reset();
3513 [ # # ]: 0 : flagInterruptMsgProc = false;
3514 : :
3515 : 0 : {
3516 [ # # ]: 0 : LOCK(mutexMsgProc);
3517 [ # # ]: 0 : fMsgProcWake = false;
3518 : 0 : }
3519 : :
3520 : : // Send and receive from sockets, accept connections
3521 [ # # ]: 0 : threadSocketHandler = std::thread(&util::TraceThread, "net", [this] { ThreadSocketHandler(); });
3522 : :
3523 [ # # # # : 0 : if (!gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED))
# # ]
3524 [ # # ]: 0 : LogInfo("DNS seeding disabled\n");
3525 : : else
3526 [ # # ]: 0 : threadDNSAddressSeed = std::thread(&util::TraceThread, "dnsseed", [this] { ThreadDNSAddressSeed(); });
3527 : :
3528 : : // Initiate manual connections
3529 [ # # ]: 0 : threadOpenAddedConnections = std::thread(&util::TraceThread, "addcon", [this] { ThreadOpenAddedConnections(); });
3530 : :
3531 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing && !connOptions.m_specified_outgoing.empty()) {
3532 [ # # ]: 0 : if (m_client_interface) {
3533 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3534 [ # # ]: 0 : _("Cannot provide specific connections and have addrman find outgoing connections at the same time."),
3535 [ # # ]: 0 : "", CClientUIInterface::MSG_ERROR);
3536 : : }
3537 : 0 : return false;
3538 : : }
3539 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing || !connOptions.m_specified_outgoing.empty()) {
3540 : 0 : threadOpenConnections = std::thread(
3541 [ # # ]: 0 : &util::TraceThread, "opencon",
3542 [ # # # # : 0 : [this, connect = connOptions.m_specified_outgoing, seed_nodes = std::move(seed_nodes)] { ThreadOpenConnections(connect, seed_nodes); });
# # # # ]
3543 : : }
3544 : :
3545 : : // Process messages
3546 [ # # ]: 0 : threadMessageHandler = std::thread(&util::TraceThread, "msghand", [this] { ThreadMessageHandler(); });
3547 : :
3548 [ # # ]: 0 : if (m_i2p_sam_session) {
3549 : 0 : threadI2PAcceptIncoming =
3550 [ # # ]: 0 : std::thread(&util::TraceThread, "i2paccept", [this] { ThreadI2PAcceptIncoming(); });
3551 : : }
3552 : :
3553 [ # # # # : 0 : if (gArgs.GetBoolArg("-privatebroadcast", DEFAULT_PRIVATE_BROADCAST)) {
# # ]
3554 : 0 : threadPrivateBroadcast =
3555 [ # # ]: 0 : std::thread(&util::TraceThread, "privbcast", [this] { ThreadPrivateBroadcast(); });
3556 : : }
3557 : :
3558 : : // Dump network addresses
3559 [ # # ]: 0 : scheduler.scheduleEvery([this] { DumpAddresses(); }, DUMP_PEERS_INTERVAL);
3560 : :
3561 : : // Run the ASMap Health check once and then schedule it to run every 24h.
3562 [ # # # # ]: 0 : if (m_netgroupman.UsingASMap()) {
3563 [ # # ]: 0 : ASMapHealthCheck();
3564 [ # # ]: 0 : scheduler.scheduleEvery([this] { ASMapHealthCheck(); }, ASMAP_HEALTH_CHECK_INTERVAL);
3565 : : }
3566 : :
3567 : : return true;
3568 : 0 : }
3569 : :
3570 : : class CNetCleanup
3571 : : {
3572 : : public:
3573 : : CNetCleanup() = default;
3574 : :
3575 : : ~CNetCleanup()
3576 : : {
3577 : : #ifdef WIN32
3578 : : // Shutdown Windows Sockets
3579 : : WSACleanup();
3580 : : #endif
3581 : : }
3582 : : };
3583 : : static CNetCleanup instance_of_cnetcleanup;
3584 : :
3585 : 4819 : void CConnman::Interrupt()
3586 : : {
3587 : 4819 : {
3588 : 4819 : LOCK(mutexMsgProc);
3589 [ + - ]: 4819 : flagInterruptMsgProc = true;
3590 : 4819 : }
3591 : 4819 : condMsgProc.notify_all();
3592 : :
3593 : 4819 : (*m_interrupt_net)();
3594 : 4819 : g_socks5_interrupt();
3595 : :
3596 [ - + ]: 4819 : if (semOutbound) {
3597 [ # # ]: 0 : for (int i=0; i<m_max_automatic_outbound; i++) {
3598 : 0 : semOutbound->release();
3599 : : }
3600 : : }
3601 : :
3602 [ - + ]: 4819 : if (semAddnode) {
3603 [ # # ]: 0 : for (int i=0; i<m_max_addnode; i++) {
3604 : 0 : semAddnode->release();
3605 : : }
3606 : : }
3607 : :
3608 : 4819 : m_private_broadcast.m_sem_conn_max.release();
3609 : 4819 : m_private_broadcast.NumToOpenAdd(1); // Just unblock NumToOpenWait() to be able to continue with shutdown.
3610 : 4819 : }
3611 : :
3612 : 4819 : void CConnman::StopThreads()
3613 : : {
3614 [ - + ]: 4819 : if (threadPrivateBroadcast.joinable()) {
3615 : 0 : threadPrivateBroadcast.join();
3616 : : }
3617 [ - + ]: 4819 : if (threadI2PAcceptIncoming.joinable()) {
3618 : 0 : threadI2PAcceptIncoming.join();
3619 : : }
3620 [ - + ]: 4819 : if (threadMessageHandler.joinable())
3621 : 0 : threadMessageHandler.join();
3622 [ - + ]: 4819 : if (threadOpenConnections.joinable())
3623 : 0 : threadOpenConnections.join();
3624 [ - + ]: 4819 : if (threadOpenAddedConnections.joinable())
3625 : 0 : threadOpenAddedConnections.join();
3626 [ - + ]: 4819 : if (threadDNSAddressSeed.joinable())
3627 : 0 : threadDNSAddressSeed.join();
3628 [ - + ]: 4819 : if (threadSocketHandler.joinable())
3629 : 0 : threadSocketHandler.join();
3630 : 4819 : }
3631 : :
3632 : 19462 : void CConnman::StopNodes()
3633 : : {
3634 : 19462 : AssertLockNotHeld(m_reconnections_mutex);
3635 : :
3636 [ - + ]: 19462 : if (fAddressesInitialized) {
3637 : 0 : DumpAddresses();
3638 : 0 : fAddressesInitialized = false;
3639 : :
3640 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3641 : : // Anchor connections are only dumped during clean shutdown.
3642 : 0 : std::vector<CAddress> anchors_to_dump = GetCurrentBlockRelayOnlyConns();
3643 [ # # # # ]: 0 : if (anchors_to_dump.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3644 [ # # ]: 0 : anchors_to_dump.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3645 : : }
3646 [ # # # # : 0 : DumpAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME, anchors_to_dump);
# # ]
3647 : 0 : }
3648 : : }
3649 : :
3650 : : // Delete peer connections.
3651 : 19462 : std::vector<CNode*> nodes;
3652 [ + - + - ]: 38924 : WITH_LOCK(m_nodes_mutex, nodes.swap(m_nodes));
3653 [ + + ]: 42151 : for (CNode* pnode : nodes) {
3654 [ + - - + : 22689 : LogDebug(BCLog::NET, "Stopping node, %s", pnode->DisconnectMsg(fLogIPs));
- - - - ]
3655 [ + - ]: 22689 : pnode->CloseSocketDisconnect();
3656 [ + - ]: 22689 : DeleteNode(pnode);
3657 : : }
3658 : :
3659 [ - + ]: 19462 : for (CNode* pnode : m_nodes_disconnected) {
3660 [ # # ]: 0 : DeleteNode(pnode);
3661 : : }
3662 : 19462 : m_nodes_disconnected.clear();
3663 [ + - + - ]: 38924 : WITH_LOCK(m_reconnections_mutex, m_reconnections.clear());
3664 : 19462 : vhListenSocket.clear();
3665 [ - + ]: 19462 : semOutbound.reset();
3666 [ - + ]: 19462 : semAddnode.reset();
3667 : 19462 : }
3668 : :
3669 : 22689 : void CConnman::DeleteNode(CNode* pnode)
3670 : : {
3671 [ - + ]: 22689 : assert(pnode);
3672 : 22689 : m_msgproc->FinalizeNode(*pnode);
3673 : 22689 : delete pnode;
3674 : 22689 : }
3675 : :
3676 [ + - ]: 4819 : CConnman::~CConnman()
3677 : : {
3678 : 4819 : Interrupt();
3679 : 4819 : Stop();
3680 : 9638 : }
3681 : :
3682 : 27139 : std::vector<CAddress> CConnman::GetAddressesUnsafe(size_t max_addresses, size_t max_pct, std::optional<Network> network, const bool filtered) const
3683 : : {
3684 : 27139 : std::vector<CAddress> addresses = addrman.get().GetAddr(max_addresses, max_pct, network, filtered);
3685 [ - + ]: 27139 : if (m_banman) {
3686 [ # # ]: 0 : addresses.erase(std::remove_if(addresses.begin(), addresses.end(),
3687 [ # # # # ]: 0 : [this](const CAddress& addr){return m_banman->IsDiscouraged(addr) || m_banman->IsBanned(addr);}),
3688 [ # # ]: 0 : addresses.end());
3689 : : }
3690 : 27139 : return addresses;
3691 : 0 : }
3692 : :
3693 : 5870 : std::vector<CAddress> CConnman::GetAddresses(CNode& requestor, size_t max_addresses, size_t max_pct)
3694 : : {
3695 : 5870 : uint64_t network_id = requestor.m_network_key;
3696 : 5870 : const auto current_time = GetTime<std::chrono::microseconds>();
3697 [ + - ]: 5870 : auto r = m_addr_response_caches.emplace(network_id, CachedAddrResponse{});
3698 [ + + ]: 5870 : CachedAddrResponse& cache_entry = r.first->second;
3699 [ + + ]: 5870 : if (cache_entry.m_cache_entry_expiration < current_time) { // If emplace() added new one it has expiration 0.
3700 : 696 : cache_entry.m_addrs_response_cache = GetAddressesUnsafe(max_addresses, max_pct, /*network=*/std::nullopt);
3701 : : // Choosing a proper cache lifetime is a trade-off between the privacy leak minimization
3702 : : // and the usefulness of ADDR responses to honest users.
3703 : : //
3704 : : // Longer cache lifetime makes it more difficult for an attacker to scrape
3705 : : // enough AddrMan data to maliciously infer something useful.
3706 : : // By the time an attacker scraped enough AddrMan records, most of
3707 : : // the records should be old enough to not leak topology info by
3708 : : // e.g. analyzing real-time changes in timestamps.
3709 : : //
3710 : : // It takes only several hundred requests to scrape everything from an AddrMan containing 100,000 nodes,
3711 : : // so ~24 hours of cache lifetime indeed makes the data less inferable by the time
3712 : : // most of it could be scraped (considering that timestamps are updated via
3713 : : // ADDR self-announcements and when nodes communicate).
3714 : : // We also should be robust to those attacks which may not require scraping *full* victim's AddrMan
3715 : : // (because even several timestamps of the same handful of nodes may leak privacy).
3716 : : //
3717 : : // On the other hand, longer cache lifetime makes ADDR responses
3718 : : // outdated and less useful for an honest requestor, e.g. if most nodes
3719 : : // in the ADDR response are no longer active.
3720 : : //
3721 : : // However, the churn in the network is known to be rather low. Since we consider
3722 : : // nodes to be "terrible" (see IsTerrible()) if the timestamps are older than 30 days,
3723 : : // max. 24 hours of "penalty" due to cache shouldn't make any meaningful difference
3724 : : // in terms of the freshness of the response.
3725 : 696 : cache_entry.m_cache_entry_expiration = current_time +
3726 : 696 : 21h + FastRandomContext().randrange<std::chrono::microseconds>(6h);
3727 : : }
3728 : 5870 : return cache_entry.m_addrs_response_cache;
3729 : : }
3730 : :
3731 : 27082 : bool CConnman::AddNode(const AddedNodeParams& add)
3732 : : {
3733 [ + - + - ]: 27082 : const CService resolved(LookupNumeric(add.m_added_node, GetDefaultPort(add.m_added_node)));
3734 [ + - ]: 27082 : const bool resolved_is_valid{resolved.IsValid()};
3735 : :
3736 [ + - ]: 27082 : LOCK(m_added_nodes_mutex);
3737 [ + + ]: 117425 : for (const auto& it : m_added_node_params) {
3738 [ + + + + : 131178 : if (add.m_added_node == it.m_added_node || (resolved_is_valid && resolved == LookupNumeric(it.m_added_node, GetDefaultPort(it.m_added_node)))) return false;
+ - + - +
- + - + +
+ + + + -
- - - ]
3739 : : }
3740 : :
3741 [ + - ]: 1537 : m_added_node_params.push_back(add);
3742 : : return true;
3743 : 27082 : }
3744 : :
3745 : 12643 : bool CConnman::RemoveAddedNode(std::string_view node)
3746 : : {
3747 : 12643 : LOCK(m_added_nodes_mutex);
3748 [ + + ]: 70763 : for (auto it = m_added_node_params.begin(); it != m_added_node_params.end(); ++it) {
3749 [ - + + + ]: 58796 : if (node == it->m_added_node) {
3750 : 676 : m_added_node_params.erase(it);
3751 : 676 : return true;
3752 : : }
3753 : : }
3754 : : return false;
3755 : 12643 : }
3756 : :
3757 : 0 : bool CConnman::AddedNodesContain(const CAddress& addr) const
3758 : : {
3759 : 0 : AssertLockNotHeld(m_added_nodes_mutex);
3760 : 0 : const std::string addr_str{addr.ToStringAddr()};
3761 [ # # ]: 0 : const std::string addr_port_str{addr.ToStringAddrPort()};
3762 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
3763 [ # # ]: 0 : return (m_added_node_params.size() < 24 // bound the query to a reasonable limit
3764 [ # # # # ]: 0 : && std::any_of(m_added_node_params.cbegin(), m_added_node_params.cend(),
3765 [ # # # # : 0 : [&](const auto& p) { return p.m_added_node == addr_str || p.m_added_node == addr_port_str; }));
# # ]
3766 : 0 : }
3767 : :
3768 : 11952 : size_t CConnman::GetNodeCount(ConnectionDirection flags) const
3769 : : {
3770 : 11952 : LOCK(m_nodes_mutex);
3771 [ + + ]: 11952 : if (flags == ConnectionDirection::Both) // Shortcut if we want total
3772 [ - + ]: 1955 : return m_nodes.size();
3773 : :
3774 : 9997 : int nNum = 0;
3775 [ + + ]: 389860 : for (const auto& pnode : m_nodes) {
3776 [ + + + + ]: 757268 : if (flags & (pnode->IsInboundConn() ? ConnectionDirection::In : ConnectionDirection::Out)) {
3777 : 6156 : nNum++;
3778 : : }
3779 : : }
3780 : :
3781 : 9997 : return nNum;
3782 : 11952 : }
3783 : :
3784 : :
3785 : 0 : std::map<CNetAddr, LocalServiceInfo> CConnman::getNetLocalAddresses() const
3786 : : {
3787 : 0 : LOCK(g_maplocalhost_mutex);
3788 [ # # # # ]: 0 : return mapLocalHost;
3789 : 0 : }
3790 : :
3791 : 83466 : uint32_t CConnman::GetMappedAS(const CNetAddr& addr) const
3792 : : {
3793 : 83466 : return m_netgroupman.GetMappedAS(addr);
3794 : : }
3795 : :
3796 : 4797 : void CConnman::GetNodeStats(std::vector<CNodeStats>& vstats) const
3797 : : {
3798 : 4797 : vstats.clear();
3799 : 4797 : LOCK(m_nodes_mutex);
3800 [ - + + - ]: 4797 : vstats.reserve(m_nodes.size());
3801 [ + + ]: 70001 : for (CNode* pnode : m_nodes) {
3802 [ + - ]: 65204 : vstats.emplace_back();
3803 [ + - ]: 65204 : pnode->CopyStats(vstats.back());
3804 [ + - ]: 65204 : vstats.back().m_mapped_as = GetMappedAS(pnode->addr);
3805 : : }
3806 : 4797 : }
3807 : :
3808 : 1743 : bool CConnman::DisconnectNode(std::string_view strNode)
3809 : : {
3810 : 1743 : LOCK(m_nodes_mutex);
3811 [ - + ]: 60988 : auto it = std::ranges::find_if(m_nodes, [&strNode](CNode* node) { return node->m_addr_name == strNode; });
3812 [ + + ]: 1743 : if (it != m_nodes.end()) {
3813 : 239 : CNode* node{*it};
3814 [ + - - + : 239 : LogDebug(BCLog::NET, "disconnect by address%s match, %s", (fLogIPs ? strprintf("=%s", strNode) : ""), node->DisconnectMsg(fLogIPs));
- - - - -
- - - -
- ]
3815 : 239 : node->fDisconnect = true;
3816 : 239 : return true;
3817 : : }
3818 : : return false;
3819 : 1743 : }
3820 : :
3821 : 22452 : bool CConnman::DisconnectNode(const CSubNet& subnet)
3822 : : {
3823 : 22452 : bool disconnected = false;
3824 : 22452 : LOCK(m_nodes_mutex);
3825 [ + + ]: 293863 : for (CNode* pnode : m_nodes) {
3826 [ + - + + ]: 271411 : if (subnet.Match(pnode->addr)) {
3827 [ + - - + : 1005 : LogDebug(BCLog::NET, "disconnect by subnet%s match, %s", (fLogIPs ? strprintf("=%s", subnet.ToString()) : ""), pnode->DisconnectMsg(fLogIPs));
- - - - -
- - - - -
- - - - -
- ]
3828 : 1005 : pnode->fDisconnect = true;
3829 : 1005 : disconnected = true;
3830 : : }
3831 : : }
3832 [ + - ]: 22452 : return disconnected;
3833 : 22452 : }
3834 : :
3835 : 5402 : bool CConnman::DisconnectNode(const CNetAddr& addr)
3836 : : {
3837 [ + - ]: 5402 : return DisconnectNode(CSubNet(addr));
3838 : : }
3839 : :
3840 : 5163 : bool CConnman::DisconnectNode(NodeId id)
3841 : : {
3842 : 5163 : LOCK(m_nodes_mutex);
3843 [ + + ]: 308339 : for(CNode* pnode : m_nodes) {
3844 [ + + ]: 303518 : if (id == pnode->GetId()) {
3845 [ + - - + : 342 : LogDebug(BCLog::NET, "disconnect by id, %s", pnode->DisconnectMsg(fLogIPs));
- - - - ]
3846 : 342 : pnode->fDisconnect = true;
3847 : 342 : return true;
3848 : : }
3849 : : }
3850 : : return false;
3851 : 5163 : }
3852 : :
3853 : 2356 : void CConnman::RecordBytesRecv(uint64_t bytes)
3854 : : {
3855 : 2356 : nTotalBytesRecv += bytes;
3856 : 2356 : }
3857 : :
3858 : 85977 : void CConnman::RecordBytesSent(uint64_t bytes)
3859 : : {
3860 : 85977 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3861 : 85977 : LOCK(m_total_bytes_sent_mutex);
3862 : :
3863 : 85977 : nTotalBytesSent += bytes;
3864 : :
3865 : 85977 : const auto now = GetTime<std::chrono::seconds>();
3866 [ + + ]: 85977 : if (nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME < now)
3867 : : {
3868 : : // timeframe expired, reset cycle
3869 : 12141 : nMaxOutboundCycleStartTime = now;
3870 : 12141 : nMaxOutboundTotalBytesSentInCycle = 0;
3871 : : }
3872 : :
3873 [ + - ]: 85977 : nMaxOutboundTotalBytesSentInCycle += bytes;
3874 : 85977 : }
3875 : :
3876 : 4797 : uint64_t CConnman::GetMaxOutboundTarget() const
3877 : : {
3878 : 4797 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3879 : 4797 : LOCK(m_total_bytes_sent_mutex);
3880 [ + - ]: 4797 : return nMaxOutboundLimit;
3881 : 4797 : }
3882 : :
3883 : 4797 : std::chrono::seconds CConnman::GetMaxOutboundTimeframe() const
3884 : : {
3885 : 4797 : return MAX_UPLOAD_TIMEFRAME;
3886 : : }
3887 : :
3888 : 4797 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle() const
3889 : : {
3890 : 4797 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3891 : 4797 : LOCK(m_total_bytes_sent_mutex);
3892 [ + - ]: 4797 : return GetMaxOutboundTimeLeftInCycle_();
3893 : 4797 : }
3894 : :
3895 : 147806 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle_() const
3896 : : {
3897 : 147806 : AssertLockHeld(m_total_bytes_sent_mutex);
3898 : :
3899 [ + + ]: 147806 : if (nMaxOutboundLimit == 0)
3900 : 1517 : return 0s;
3901 : :
3902 [ + + ]: 146289 : if (nMaxOutboundCycleStartTime.count() == 0)
3903 : 145292 : return MAX_UPLOAD_TIMEFRAME;
3904 : :
3905 : 997 : const std::chrono::seconds cycleEndTime = nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME;
3906 : 997 : const auto now = GetTime<std::chrono::seconds>();
3907 [ + + ]: 997 : return (cycleEndTime < now) ? 0s : cycleEndTime - now;
3908 : : }
3909 : :
3910 : 156022 : bool CConnman::OutboundTargetReached(bool historicalBlockServingLimit) const
3911 : : {
3912 : 156022 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3913 : 156022 : LOCK(m_total_bytes_sent_mutex);
3914 [ + + ]: 156022 : if (nMaxOutboundLimit == 0)
3915 : : return false;
3916 : :
3917 [ + + ]: 143550 : if (historicalBlockServingLimit)
3918 : : {
3919 : : // keep a large enough buffer to at least relay each block once
3920 [ + - ]: 143009 : const std::chrono::seconds timeLeftInCycle = GetMaxOutboundTimeLeftInCycle_();
3921 : 143009 : const uint64_t buffer = timeLeftInCycle / std::chrono::minutes{10} * MAX_BLOCK_SERIALIZED_SIZE;
3922 [ + + + + ]: 143009 : if (buffer >= nMaxOutboundLimit || nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit - buffer)
3923 : 224 : return true;
3924 : : }
3925 [ + + ]: 541 : else if (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit)
3926 : 14 : return true;
3927 : :
3928 : : return false;
3929 : 156022 : }
3930 : :
3931 : 4797 : uint64_t CConnman::GetOutboundTargetBytesLeft() const
3932 : : {
3933 : 4797 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3934 : 4797 : LOCK(m_total_bytes_sent_mutex);
3935 [ + + ]: 4797 : if (nMaxOutboundLimit == 0)
3936 : : return 0;
3937 : :
3938 [ + + ]: 3280 : return (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) ? 0 : nMaxOutboundLimit - nMaxOutboundTotalBytesSentInCycle;
3939 : 4797 : }
3940 : :
3941 : 4797 : uint64_t CConnman::GetTotalBytesRecv() const
3942 : : {
3943 : 4797 : return nTotalBytesRecv;
3944 : : }
3945 : :
3946 : 4797 : uint64_t CConnman::GetTotalBytesSent() const
3947 : : {
3948 : 4797 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3949 : 4797 : LOCK(m_total_bytes_sent_mutex);
3950 [ + - ]: 4797 : return nTotalBytesSent;
3951 : 4797 : }
3952 : :
3953 : 14480 : ServiceFlags CConnman::GetLocalServices() const
3954 : : {
3955 : 14480 : return m_local_services;
3956 : : }
3957 : :
3958 : 96581 : static std::unique_ptr<Transport> MakeTransport(NodeId id, bool use_v2transport, bool inbound) noexcept
3959 : : {
3960 [ + + ]: 96581 : if (use_v2transport) {
3961 [ - + ]: 21404 : return std::make_unique<V2Transport>(id, /*initiating=*/!inbound);
3962 : : } else {
3963 [ - + ]: 75177 : return std::make_unique<V1Transport>(id);
3964 : : }
3965 : : }
3966 : :
3967 : 96581 : CNode::CNode(NodeId idIn,
3968 : : std::shared_ptr<Sock> sock,
3969 : : const CAddress& addrIn,
3970 : : uint64_t nKeyedNetGroupIn,
3971 : : uint64_t nLocalHostNonceIn,
3972 : : const CService& addrBindIn,
3973 : : const std::string& addrNameIn,
3974 : : ConnectionType conn_type_in,
3975 : : bool inbound_onion,
3976 : : uint64_t network_key,
3977 : 96581 : CNodeOptions&& node_opts)
3978 : 96581 : : m_transport{MakeTransport(idIn, node_opts.use_v2transport, conn_type_in == ConnectionType::INBOUND)},
3979 : 96581 : m_permission_flags{node_opts.permission_flags},
3980 [ + + ]: 96581 : m_sock{sock},
3981 : 96581 : m_connected{GetTime<std::chrono::seconds>()},
3982 : 96581 : addr{addrIn},
3983 : 96581 : addrBind{addrBindIn},
3984 [ + + + - ]: 96581 : m_addr_name{addrNameIn.empty() ? addr.ToStringAddrPort() : addrNameIn},
3985 [ - + ]: 96581 : m_dest(addrNameIn),
3986 : 96581 : m_inbound_onion{inbound_onion},
3987 [ + - ]: 96581 : m_prefer_evict{node_opts.prefer_evict},
3988 : 96581 : nKeyedNetGroup{nKeyedNetGroupIn},
3989 : 96581 : m_network_key{network_key},
3990 : 96581 : m_conn_type{conn_type_in},
3991 : 96581 : id{idIn},
3992 : 96581 : nLocalHostNonce{nLocalHostNonceIn},
3993 [ + - ]: 96581 : m_recv_flood_size{node_opts.recv_flood_size},
3994 [ + - + - : 193162 : m_i2p_sam_session{std::move(node_opts.i2p_sam_session)}
+ + ]
3995 : : {
3996 [ + + + - ]: 96581 : if (inbound_onion) assert(conn_type_in == ConnectionType::INBOUND);
3997 : :
3998 [ + + ]: 3476916 : for (const auto& msg : ALL_NET_MESSAGE_TYPES) {
3999 [ + - ]: 3380335 : mapRecvBytesPerMsgType[msg] = 0;
4000 : : }
4001 [ + - ]: 96581 : mapRecvBytesPerMsgType[NET_MESSAGE_TYPE_OTHER] = 0;
4002 : :
4003 [ - + ]: 96581 : if (fLogIPs) {
4004 [ # # # # : 0 : LogDebug(BCLog::NET, "Added connection to %s peer=%d\n", m_addr_name, id);
# # ]
4005 : : } else {
4006 [ + - - + : 96581 : LogDebug(BCLog::NET, "Added connection peer=%d\n", id);
- - ]
4007 : : }
4008 [ - - ]: 96581 : }
4009 : :
4010 : 163211 : void CNode::MarkReceivedMsgsForProcessing()
4011 : : {
4012 : 163211 : AssertLockNotHeld(m_msg_process_queue_mutex);
4013 : :
4014 : 163211 : size_t nSizeAdded = 0;
4015 [ + + ]: 326422 : for (const auto& msg : vRecvMsg) {
4016 : : // vRecvMsg contains only completed CNetMessage
4017 : : // the single possible partially deserialized message are held by TransportDeserializer
4018 : 163211 : nSizeAdded += msg.GetMemoryUsage();
4019 : : }
4020 : :
4021 : 163211 : LOCK(m_msg_process_queue_mutex);
4022 : 163211 : m_msg_process_queue.splice(m_msg_process_queue.end(), vRecvMsg);
4023 : 163211 : m_msg_process_queue_size += nSizeAdded;
4024 [ + - ]: 163211 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
4025 : 163211 : }
4026 : :
4027 : 120118 : std::optional<std::pair<CNetMessage, bool>> CNode::PollMessage()
4028 : : {
4029 : 120118 : LOCK(m_msg_process_queue_mutex);
4030 [ + + ]: 120118 : if (m_msg_process_queue.empty()) return std::nullopt;
4031 : :
4032 : 115650 : std::list<CNetMessage> msgs;
4033 : : // Just take one message
4034 : 115650 : msgs.splice(msgs.begin(), m_msg_process_queue, m_msg_process_queue.begin());
4035 : 115650 : m_msg_process_queue_size -= msgs.front().GetMemoryUsage();
4036 : 115650 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
4037 : :
4038 : 231300 : return std::make_pair(std::move(msgs.front()), !m_msg_process_queue.empty());
4039 : 115650 : }
4040 : :
4041 : 2916318 : bool CConnman::NodeFullyConnected(const CNode* pnode)
4042 : : {
4043 [ + - - + : 2916318 : return pnode && pnode->fSuccessfullyConnected && !pnode->fDisconnect;
- - ]
4044 : : }
4045 : :
4046 : : /// Private broadcast connections only need to send certain message types.
4047 : : /// Other messages are not needed and may degrade privacy.
4048 : 1860 : static bool IsOutboundMessageAllowedInPrivateBroadcast(std::string_view type) noexcept
4049 : : {
4050 : 2385 : return type == NetMsgType::VERSION ||
4051 [ + + ]: 525 : type == NetMsgType::VERACK ||
4052 [ + - ]: 440 : type == NetMsgType::INV ||
4053 [ + + + - ]: 2300 : type == NetMsgType::TX ||
4054 [ - + ]: 440 : type == NetMsgType::PING;
4055 : : }
4056 : :
4057 : 157340 : void CConnman::PushMessage(CNode* pnode, CSerializedNetMsg&& msg)
4058 : : {
4059 : 157340 : AssertLockNotHeld(m_total_bytes_sent_mutex);
4060 : :
4061 [ + + - + : 157340 : if (pnode->IsPrivateBroadcastConn() && !IsOutboundMessageAllowedInPrivateBroadcast(msg.m_type)) {
+ + ]
4062 [ - + - - ]: 440 : LogDebug(BCLog::PRIVBROADCAST, "Omitting send of message '%s', peer=%d%s", msg.m_type, pnode->GetId(), pnode->LogIP(fLogIPs));
4063 : 440 : return;
4064 : : }
4065 : :
4066 [ + + + + : 156900 : if (!m_private_broadcast.m_outbound_tor_ok_at_least_once.load() && !pnode->IsInboundConn() &&
+ + ]
4067 [ + + + + : 203975 : pnode->addr.IsTor() && msg.m_type == NetMsgType::VERACK) {
+ + ]
4068 : : // If we are sending the peer VERACK that means we successfully sent
4069 : : // and received another message to/from that peer (VERSION).
4070 : 3 : m_private_broadcast.m_outbound_tor_ok_at_least_once.store(true);
4071 : : }
4072 : :
4073 [ - + ]: 156900 : size_t nMessageSize = msg.data.size();
4074 [ - + ]: 156900 : LogDebug(BCLog::NET, "sending %s (%d bytes) peer=%d\n", msg.m_type, nMessageSize, pnode->GetId());
4075 [ - + ]: 156900 : if (m_capture_messages) {
4076 [ # # ]: 0 : CaptureMessage(pnode->addr, msg.m_type, msg.data, /*is_incoming=*/false);
4077 : : }
4078 : :
4079 : : TRACEPOINT(net, outbound_message,
4080 : : pnode->GetId(),
4081 : : pnode->m_addr_name.c_str(),
4082 : : pnode->ConnectionTypeAsString().c_str(),
4083 : : msg.m_type.c_str(),
4084 : : msg.data.size(),
4085 : : msg.data.data()
4086 : 156900 : );
4087 : :
4088 : 156900 : size_t nBytesSent = 0;
4089 : 156900 : {
4090 : 156900 : LOCK(pnode->cs_vSend);
4091 : : // Check if the transport still has unsent bytes, and indicate to it that we're about to
4092 : : // give it a message to send.
4093 [ + + ]: 156900 : const auto& [to_send, more, _msg_type] =
4094 [ + + ]: 156900 : pnode->m_transport->GetBytesToSend(/*have_next_message=*/true);
4095 [ + + - + ]: 156900 : const bool queue_was_empty{to_send.empty() && pnode->vSendMsg.empty()};
4096 : :
4097 : : // Update memory usage of send buffer.
4098 : 156900 : pnode->m_send_memusage += msg.GetMemoryUsage();
4099 [ + - ]: 156900 : if (pnode->m_send_memusage + pnode->m_transport->GetSendMemoryUsage() > nSendBufferMaxSize) pnode->fPauseSend = true;
4100 : : // Move message to vSendMsg queue.
4101 [ + - ]: 156900 : pnode->vSendMsg.push_back(std::move(msg));
4102 : :
4103 : : // If there was nothing to send before, and there is now (predicted by the "more" value
4104 : : // returned by the GetBytesToSend call above), attempt "optimistic write":
4105 : : // because the poll/select loop may pause for SELECT_TIMEOUT_MILLISECONDS before actually
4106 : : // doing a send, try sending from the calling thread if the queue was empty before.
4107 : : // With a V1Transport, more will always be true here, because adding a message always
4108 : : // results in sendable bytes there, but with V2Transport this is not the case (it may
4109 : : // still be in the handshake).
4110 [ + + + - ]: 156900 : if (queue_was_empty && more) {
4111 [ + - ]: 103443 : std::tie(nBytesSent, std::ignore) = SocketSendData(*pnode);
4112 : : }
4113 : 156900 : }
4114 [ + + ]: 156900 : if (nBytesSent) RecordBytesSent(nBytesSent);
4115 : : }
4116 : :
4117 : 1773 : bool CConnman::ForNode(NodeId id, std::function<bool(CNode* pnode)> func)
4118 : : {
4119 : 1773 : CNode* found = nullptr;
4120 : 1773 : LOCK(m_nodes_mutex);
4121 [ + + ]: 124807 : for (auto&& pnode : m_nodes) {
4122 [ + + ]: 123130 : if(pnode->GetId() == id) {
4123 : : found = pnode;
4124 : : break;
4125 : : }
4126 : : }
4127 [ + + + - : 1773 : return found != nullptr && NodeFullyConnected(found) && func(found);
- + - - -
- + - ]
4128 : 1773 : }
4129 : :
4130 : 71522 : CSipHasher CConnman::GetDeterministicRandomizer(uint64_t id) const
4131 : : {
4132 : 71522 : return CSipHasher(nSeed0, nSeed1).Write(id);
4133 : : }
4134 : :
4135 : 23446 : uint64_t CConnman::CalculateKeyedNetGroup(const CNetAddr& address) const
4136 : : {
4137 : 23446 : std::vector<unsigned char> vchNetGroup(m_netgroupman.GetGroup(address));
4138 : :
4139 [ + - + - : 46892 : return GetDeterministicRandomizer(RANDOMIZER_ID_NETGROUP).Write(vchNetGroup).Finalize();
+ - ]
4140 : 23446 : }
4141 : :
4142 : 0 : void CConnman::PerformReconnections()
4143 : : {
4144 : 0 : AssertLockNotHeld(m_reconnections_mutex);
4145 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
4146 : 0 : while (true) {
4147 : : // Move first element of m_reconnections to todo (avoiding an allocation inside the lock).
4148 [ # # ]: 0 : decltype(m_reconnections) todo;
4149 : 0 : {
4150 [ # # ]: 0 : LOCK(m_reconnections_mutex);
4151 [ # # ]: 0 : if (m_reconnections.empty()) break;
4152 [ # # ]: 0 : todo.splice(todo.end(), m_reconnections, m_reconnections.begin());
4153 : 0 : }
4154 : :
4155 [ # # ]: 0 : auto& item = *todo.begin();
4156 [ # # ]: 0 : OpenNetworkConnection(item.addr_connect,
4157 : : // We only reconnect if the first attempt to connect succeeded at
4158 : : // connection time, but then failed after the CNode object was
4159 : : // created. Since we already know connecting is possible, do not
4160 : : // count failure to reconnect.
4161 : : /*fCountFailure=*/false,
4162 [ # # ]: 0 : std::move(item.grant),
4163 : 0 : item.destination.empty() ? nullptr : item.destination.c_str(),
4164 : : item.conn_type,
4165 [ # # ]: 0 : item.use_v2transport);
4166 : 0 : }
4167 : 0 : }
4168 : :
4169 : 4796 : void CConnman::ASMapHealthCheck()
4170 : : {
4171 : 4796 : const std::vector<CAddress> v4_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV4, /*filtered=*/false)};
4172 [ + - ]: 4796 : const std::vector<CAddress> v6_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV6, /*filtered=*/false)};
4173 : 4796 : std::vector<CNetAddr> clearnet_addrs;
4174 [ - + - + : 4796 : clearnet_addrs.reserve(v4_addrs.size() + v6_addrs.size());
+ - ]
4175 [ + - ]: 4796 : std::transform(v4_addrs.begin(), v4_addrs.end(), std::back_inserter(clearnet_addrs),
4176 [ + - ]: 192 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4177 [ + - ]: 4796 : std::transform(v6_addrs.begin(), v6_addrs.end(), std::back_inserter(clearnet_addrs),
4178 [ + - ]: 2281 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4179 [ + - ]: 4796 : m_netgroupman.ASMapHealthCheck(clearnet_addrs);
4180 : 4796 : }
4181 : :
4182 : : // Dump binary message to file, with timestamp.
4183 : 0 : static void CaptureMessageToFile(const CAddress& addr,
4184 : : const std::string& msg_type,
4185 : : std::span<const unsigned char> data,
4186 : : bool is_incoming)
4187 : : {
4188 : : // Note: This function captures the message at the time of processing,
4189 : : // not at socket receive/send time.
4190 : : // This ensures that the messages are always in order from an application
4191 : : // layer (processing) perspective.
4192 : 0 : auto now = GetTime<std::chrono::microseconds>();
4193 : :
4194 : : // Windows folder names cannot include a colon
4195 : 0 : std::string clean_addr = addr.ToStringAddrPort();
4196 [ # # ]: 0 : std::replace(clean_addr.begin(), clean_addr.end(), ':', '_');
4197 : :
4198 [ # # # # : 0 : fs::path base_path = gArgs.GetDataDirNet() / "message_capture" / fs::u8path(clean_addr);
# # # # ]
4199 [ # # ]: 0 : fs::create_directories(base_path);
4200 : :
4201 [ # # # # ]: 0 : fs::path path = base_path / (is_incoming ? "msgs_recv.dat" : "msgs_sent.dat");
4202 [ # # # # ]: 0 : AutoFile f{fsbridge::fopen(path, "ab")};
4203 : :
4204 [ # # ]: 0 : ser_writedata64(f, now.count());
4205 [ # # # # ]: 0 : f << std::span{msg_type};
4206 [ # # # # ]: 0 : for (auto i = msg_type.length(); i < CMessageHeader::MESSAGE_TYPE_SIZE; ++i) {
4207 [ # # ]: 0 : f << uint8_t{'\0'};
4208 : : }
4209 [ # # ]: 0 : uint32_t size = data.size();
4210 [ # # ]: 0 : ser_writedata32(f, size);
4211 [ # # ]: 0 : f << data;
4212 : :
4213 [ # # # # ]: 0 : if (f.fclose() != 0) {
4214 : 0 : throw std::ios_base::failure(
4215 [ # # # # : 0 : strprintf("Error closing %s after write, file contents are likely incomplete", fs::PathToString(path)));
# # ]
4216 : : }
4217 : 0 : }
4218 : :
4219 : : std::function<void(const CAddress& addr,
4220 : : const std::string& msg_type,
4221 : : std::span<const unsigned char> data,
4222 : : bool is_incoming)>
4223 : : CaptureMessage = CaptureMessageToFile;
|
