Branch data Line data Source code
1 : : // Copyright (c) 2009-2010 Satoshi Nakamoto
2 : : // Copyright (c) 2009-present The Bitcoin Core developers
3 : : // Distributed under the MIT software license, see the accompanying
4 : : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5 : :
6 : : #include <bitcoin-build-config.h> // IWYU pragma: keep
7 : :
8 : : #include <net.h>
9 : :
10 : : #include <addrdb.h>
11 : : #include <addrman.h>
12 : : #include <banman.h>
13 : : #include <clientversion.h>
14 : : #include <common/args.h>
15 : : #include <common/netif.h>
16 : : #include <compat/compat.h>
17 : : #include <consensus/consensus.h>
18 : : #include <crypto/sha256.h>
19 : : #include <i2p.h>
20 : : #include <key.h>
21 : : #include <logging.h>
22 : : #include <memusage.h>
23 : : #include <net_permissions.h>
24 : : #include <netaddress.h>
25 : : #include <netbase.h>
26 : : #include <node/eviction.h>
27 : : #include <node/interface_ui.h>
28 : : #include <protocol.h>
29 : : #include <random.h>
30 : : #include <scheduler.h>
31 : : #include <util/fs.h>
32 : : #include <util/sock.h>
33 : : #include <util/strencodings.h>
34 : : #include <util/thread.h>
35 : : #include <util/threadinterrupt.h>
36 : : #include <util/trace.h>
37 : : #include <util/translation.h>
38 : : #include <util/vector.h>
39 : :
40 : : #include <algorithm>
41 : : #include <array>
42 : : #include <cstring>
43 : : #include <cmath>
44 : : #include <cstdint>
45 : : #include <functional>
46 : : #include <optional>
47 : : #include <unordered_map>
48 : :
49 : : TRACEPOINT_SEMAPHORE(net, closed_connection);
50 : : TRACEPOINT_SEMAPHORE(net, evicted_inbound_connection);
51 : : TRACEPOINT_SEMAPHORE(net, inbound_connection);
52 : : TRACEPOINT_SEMAPHORE(net, outbound_connection);
53 : : TRACEPOINT_SEMAPHORE(net, outbound_message);
54 : :
55 : : /** Maximum number of block-relay-only anchor connections */
56 : : static constexpr size_t MAX_BLOCK_RELAY_ONLY_ANCHORS = 2;
57 : : static_assert (MAX_BLOCK_RELAY_ONLY_ANCHORS <= static_cast<size_t>(MAX_BLOCK_RELAY_ONLY_CONNECTIONS), "MAX_BLOCK_RELAY_ONLY_ANCHORS must not exceed MAX_BLOCK_RELAY_ONLY_CONNECTIONS.");
58 : : /** Anchor IP address database file name */
59 : : const char* const ANCHORS_DATABASE_FILENAME = "anchors.dat";
60 : :
61 : : // How often to dump addresses to peers.dat
62 : : static constexpr std::chrono::minutes DUMP_PEERS_INTERVAL{15};
63 : :
64 : : /** Number of DNS seeds to query when the number of connections is low. */
65 : : static constexpr int DNSSEEDS_TO_QUERY_AT_ONCE = 3;
66 : :
67 : : /** Minimum number of outbound connections under which we will keep fetching our address seeds. */
68 : : static constexpr int SEED_OUTBOUND_CONNECTION_THRESHOLD = 2;
69 : :
70 : : /** How long to delay before querying DNS seeds
71 : : *
72 : : * If we have more than THRESHOLD entries in addrman, then it's likely
73 : : * that we got those addresses from having previously connected to the P2P
74 : : * network, and that we'll be able to successfully reconnect to the P2P
75 : : * network via contacting one of them. So if that's the case, spend a
76 : : * little longer trying to connect to known peers before querying the
77 : : * DNS seeds.
78 : : */
79 : : static constexpr std::chrono::seconds DNSSEEDS_DELAY_FEW_PEERS{11};
80 : : static constexpr std::chrono::minutes DNSSEEDS_DELAY_MANY_PEERS{5};
81 : : static constexpr int DNSSEEDS_DELAY_PEER_THRESHOLD = 1000; // "many" vs "few" peers
82 : :
83 : : /** The default timeframe for -maxuploadtarget. 1 day. */
84 : : static constexpr std::chrono::seconds MAX_UPLOAD_TIMEFRAME{60 * 60 * 24};
85 : :
86 : : // A random time period (0 to 1 seconds) is added to feeler connections to prevent synchronization.
87 : : static constexpr auto FEELER_SLEEP_WINDOW{1s};
88 : :
89 : : /** Frequency to attempt extra connections to reachable networks we're not connected to yet **/
90 : : static constexpr auto EXTRA_NETWORK_PEER_INTERVAL{5min};
91 : :
92 : : /** Used to pass flags to the Bind() function */
93 : : enum BindFlags {
94 : : BF_NONE = 0,
95 : : BF_REPORT_ERROR = (1U << 0),
96 : : /**
97 : : * Do not call AddLocal() for our special addresses, e.g., for incoming
98 : : * Tor connections, to prevent gossiping them over the network.
99 : : */
100 : : BF_DONT_ADVERTISE = (1U << 1),
101 : : };
102 : :
103 : : // The set of sockets cannot be modified while waiting
104 : : // The sleep time needs to be small to avoid new sockets stalling
105 : : static const uint64_t SELECT_TIMEOUT_MILLISECONDS = 50;
106 : :
107 : : const std::string NET_MESSAGE_TYPE_OTHER = "*other*";
108 : :
109 : : static const uint64_t RANDOMIZER_ID_NETGROUP = 0x6c0edd8036ef4036ULL; // SHA256("netgroup")[0:8]
110 : : static const uint64_t RANDOMIZER_ID_LOCALHOSTNONCE = 0xd93e69e2bbfa5735ULL; // SHA256("localhostnonce")[0:8]
111 : : static const uint64_t RANDOMIZER_ID_NETWORKKEY = 0x0e8a2b136c592a7dULL; // SHA256("networkkey")[0:8]
112 : : //
113 : : // Global state variables
114 : : //
115 : : bool fDiscover = true;
116 : : bool fListen = true;
117 : : GlobalMutex g_maplocalhost_mutex;
118 : : std::map<CNetAddr, LocalServiceInfo> mapLocalHost GUARDED_BY(g_maplocalhost_mutex);
119 : : std::string strSubVersion;
120 : :
121 : 196578 : size_t CSerializedNetMsg::GetMemoryUsage() const noexcept
122 : : {
123 [ - + ]: 196578 : return sizeof(*this) + memusage::DynamicUsage(m_type) + memusage::DynamicUsage(data);
124 : : }
125 : :
126 : 132625 : size_t CNetMessage::GetMemoryUsage() const noexcept
127 : : {
128 : 132625 : return sizeof(*this) + memusage::DynamicUsage(m_type) + m_recv.GetMemoryUsage();
129 : : }
130 : :
131 : 0 : void CConnman::AddAddrFetch(const std::string& strDest)
132 : : {
133 : 0 : LOCK(m_addr_fetches_mutex);
134 [ # # ]: 0 : m_addr_fetches.push_back(strDest);
135 : 0 : }
136 : :
137 : 48544 : uint16_t GetListenPort()
138 : : {
139 : : // If -bind= is provided with ":port" part, use that (first one if multiple are provided).
140 [ + - - + ]: 48544 : for (const std::string& bind_arg : gArgs.GetArgs("-bind")) {
141 : 0 : constexpr uint16_t dummy_port = 0;
142 : :
143 [ # # # # ]: 0 : const std::optional<CService> bind_addr{Lookup(bind_arg, dummy_port, /*fAllowLookup=*/false)};
144 [ # # # # : 0 : if (bind_addr.has_value() && bind_addr->GetPort() != dummy_port) return bind_addr->GetPort();
# # # # ]
145 : 48544 : }
146 : :
147 : : // Otherwise, if -whitebind= without NetPermissionFlags::NoBan is provided, use that
148 : : // (-whitebind= is required to have ":port").
149 [ + - - + ]: 48544 : for (const std::string& whitebind_arg : gArgs.GetArgs("-whitebind")) {
150 [ # # ]: 0 : NetWhitebindPermissions whitebind;
151 [ # # ]: 0 : bilingual_str error;
152 [ # # # # ]: 0 : if (NetWhitebindPermissions::TryParse(whitebind_arg, whitebind, error)) {
153 [ # # ]: 0 : if (!NetPermissions::HasFlag(whitebind.m_flags, NetPermissionFlags::NoBan)) {
154 [ # # ]: 0 : return whitebind.m_service.GetPort();
155 : : }
156 : : }
157 : 0 : }
158 : :
159 : : // Otherwise, if -port= is provided, use that. Otherwise use the default port.
160 [ + - ]: 48544 : return static_cast<uint16_t>(gArgs.GetIntArg("-port", Params().GetDefaultPort()));
161 : : }
162 : :
163 : : // Determine the "best" local address for a particular peer.
164 : 48542 : [[nodiscard]] static std::optional<CService> GetLocal(const CNode& peer)
165 : : {
166 [ - + ]: 48542 : if (!fListen) return std::nullopt;
167 : :
168 : 48542 : std::optional<CService> addr;
169 : 48542 : int nBestScore = -1;
170 : 48542 : int nBestReachability = -1;
171 : 48542 : {
172 [ + - ]: 48542 : LOCK(g_maplocalhost_mutex);
173 [ + - + + ]: 6486715 : for (const auto& [local_addr, local_service_info] : mapLocalHost) {
174 : : // For privacy reasons, don't advertise our privacy-network address
175 : : // to other networks and don't advertise our other-network address
176 : : // to privacy networks.
177 [ + - + - ]: 6438173 : if (local_addr.GetNetwork() != peer.ConnectedThroughNetwork()
178 [ + + + - : 11170631 : && (local_addr.IsPrivacyNet() || peer.IsConnectedThroughPrivacyNet())) {
+ + ]
179 : 2112189 : continue;
180 : : }
181 : 4325984 : const int nScore{local_service_info.nScore};
182 [ + - ]: 4325984 : const int nReachability{local_addr.GetReachabilityFrom(peer.addr)};
183 [ + + + + ]: 4325984 : if (nReachability > nBestReachability || (nReachability == nBestReachability && nScore > nBestScore)) {
184 [ + - ]: 130865 : addr.emplace(CService{local_addr, local_service_info.nPort});
185 : 130865 : nBestReachability = nReachability;
186 : 130865 : nBestScore = nScore;
187 : : }
188 : : }
189 : 0 : }
190 [ + + ]: 84395 : return addr;
191 : 48542 : }
192 : :
193 : : //! Convert the serialized seeds into usable address objects.
194 : 0 : static std::vector<CAddress> ConvertSeeds(const std::vector<uint8_t> &vSeedsIn)
195 : : {
196 : : // It'll only connect to one or two seed nodes because once it connects,
197 : : // it'll get a pile of addresses with newer timestamps.
198 : : // Seed nodes are given a random 'last seen time' of between one and two
199 : : // weeks ago.
200 : 0 : const auto one_week{7 * 24h};
201 : 0 : std::vector<CAddress> vSeedsOut;
202 : 0 : FastRandomContext rng;
203 [ # # # # ]: 0 : ParamsStream s{DataStream{vSeedsIn}, CAddress::V2_NETWORK};
204 [ # # # # ]: 0 : while (!s.eof()) {
205 [ # # ]: 0 : CService endpoint;
206 [ # # ]: 0 : s >> endpoint;
207 : 0 : CAddress addr{endpoint, SeedsServiceFlags()};
208 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - one_week, -one_week);
209 [ # # # # : 0 : LogDebug(BCLog::NET, "Added hardcoded seed: %s\n", addr.ToStringAddrPort());
# # # # ]
210 [ # # ]: 0 : vSeedsOut.push_back(addr);
211 : 0 : }
212 : 0 : return vSeedsOut;
213 : 0 : }
214 : :
215 : : // Determine the "best" local address for a particular peer.
216 : : // If none, return the unroutable 0.0.0.0 but filled in with
217 : : // the normal parameters, since the IP may be changed to a useful
218 : : // one by discovery.
219 : 48542 : CService GetLocalAddress(const CNode& peer)
220 : : {
221 [ + - + - : 48542 : return GetLocal(peer).value_or(CService{CNetAddr(), GetListenPort()});
+ - ]
222 : : }
223 : :
224 : 0 : static int GetnScore(const CService& addr)
225 : : {
226 : 0 : LOCK(g_maplocalhost_mutex);
227 [ # # ]: 0 : const auto it = mapLocalHost.find(addr);
228 [ # # ]: 0 : return (it != mapLocalHost.end()) ? it->second.nScore : 0;
229 : 0 : }
230 : :
231 : : // Is our peer's addrLocal potentially useful as an external IP source?
232 : 0 : [[nodiscard]] static bool IsPeerAddrLocalGood(CNode *pnode)
233 : : {
234 : 0 : CService addrLocal = pnode->GetAddrLocal();
235 [ # # # # : 0 : return fDiscover && pnode->addr.IsRoutable() && addrLocal.IsRoutable() &&
# # # # #
# # # ]
236 [ # # ]: 0 : g_reachable_nets.Contains(addrLocal);
237 : 0 : }
238 : :
239 : 0 : std::optional<CService> GetLocalAddrForPeer(CNode& node)
240 : : {
241 : 0 : CService addrLocal{GetLocalAddress(node)};
242 : : // If discovery is enabled, sometimes give our peer the address it
243 : : // tells us that it sees us as in case it has a better idea of our
244 : : // address than we do.
245 : 0 : FastRandomContext rng;
246 [ # # # # : 0 : if (IsPeerAddrLocalGood(&node) && (!addrLocal.IsRoutable() ||
# # # # #
# ]
247 [ # # # # ]: 0 : rng.randbits((GetnScore(addrLocal) > LOCAL_MANUAL) ? 3 : 1) == 0))
248 : : {
249 [ # # ]: 0 : if (node.IsInboundConn()) {
250 : : // For inbound connections, assume both the address and the port
251 : : // as seen from the peer.
252 [ # # ]: 0 : addrLocal = CService{node.GetAddrLocal()};
253 : : } else {
254 : : // For outbound connections, assume just the address as seen from
255 : : // the peer and leave the port in `addrLocal` as returned by
256 : : // `GetLocalAddress()` above. The peer has no way to observe our
257 : : // listening port when we have initiated the connection.
258 [ # # # # ]: 0 : addrLocal.SetIP(node.GetAddrLocal());
259 : : }
260 : : }
261 [ # # # # ]: 0 : if (addrLocal.IsRoutable()) {
262 [ # # # # : 0 : LogDebug(BCLog::NET, "Advertising address %s to peer=%d\n", addrLocal.ToStringAddrPort(), node.GetId());
# # # # ]
263 : 0 : return addrLocal;
264 : : }
265 : : // Address is unroutable. Don't advertise.
266 : 0 : return std::nullopt;
267 : 0 : }
268 : :
269 : 918 : void ClearLocal()
270 : : {
271 : 918 : LOCK(g_maplocalhost_mutex);
272 [ + - ]: 918 : return mapLocalHost.clear();
273 : 918 : }
274 : :
275 : : // learn a new local address
276 : 87601 : bool AddLocal(const CService& addr_, int nScore)
277 : : {
278 : 87601 : CService addr{MaybeFlipIPv6toCJDNS(addr_)};
279 : :
280 [ + - + + ]: 87601 : if (!addr.IsRoutable())
281 : : return false;
282 : :
283 [ - + - - ]: 59129 : if (!fDiscover && nScore < LOCAL_MANUAL)
284 : : return false;
285 : :
286 [ + - + - ]: 59129 : if (!g_reachable_nets.Contains(addr))
287 : : return false;
288 : :
289 [ + - + - ]: 59129 : LogPrintf("AddLocal(%s,%i)\n", addr.ToStringAddrPort(), nScore);
290 : :
291 : 59129 : {
292 [ + - ]: 59129 : LOCK(g_maplocalhost_mutex);
293 [ + - + + ]: 59129 : const auto [it, is_newly_added] = mapLocalHost.emplace(addr, LocalServiceInfo());
294 [ + + ]: 59129 : LocalServiceInfo &info = it->second;
295 [ + + + + ]: 59129 : if (is_newly_added || nScore >= info.nScore) {
296 [ + + ]: 25878 : info.nScore = nScore + (is_newly_added ? 0 : 1);
297 [ + - ]: 25878 : info.nPort = addr.GetPort();
298 : : }
299 : 0 : }
300 : :
301 : 59129 : return true;
302 : 87601 : }
303 : :
304 : 0 : bool AddLocal(const CNetAddr &addr, int nScore)
305 : : {
306 [ # # ]: 0 : return AddLocal(CService(addr, GetListenPort()), nScore);
307 : : }
308 : :
309 : 20599 : void RemoveLocal(const CService& addr)
310 : : {
311 : 20599 : LOCK(g_maplocalhost_mutex);
312 [ + - + - ]: 20599 : LogPrintf("RemoveLocal(%s)\n", addr.ToStringAddrPort());
313 [ + - + - ]: 20599 : mapLocalHost.erase(addr);
314 : 20599 : }
315 : :
316 : : /** vote for a local address */
317 : 83358 : bool SeenLocal(const CService& addr)
318 : : {
319 : 83358 : LOCK(g_maplocalhost_mutex);
320 [ + - ]: 83358 : const auto it = mapLocalHost.find(addr);
321 [ + + ]: 83358 : if (it == mapLocalHost.end()) return false;
322 : 74464 : ++it->second.nScore;
323 : 74464 : return true;
324 : 83358 : }
325 : :
326 : :
327 : : /** check whether a given address is potentially local */
328 : 65401 : bool IsLocal(const CService& addr)
329 : : {
330 : 65401 : LOCK(g_maplocalhost_mutex);
331 [ + - + - ]: 65401 : return mapLocalHost.count(addr) > 0;
332 : 65401 : }
333 : :
334 : 3 : bool CConnman::AlreadyConnectedToHost(const std::string& host) const
335 : : {
336 : 3 : LOCK(m_nodes_mutex);
337 [ + - + - ]: 104 : return std::ranges::any_of(m_nodes, [&host](CNode* node) { return node->m_addr_name == host; });
338 : 3 : }
339 : :
340 : 8 : bool CConnman::AlreadyConnectedToAddressPort(const CService& addr_port) const
341 : : {
342 : 8 : LOCK(m_nodes_mutex);
343 [ + - + - ]: 15 : return std::ranges::any_of(m_nodes, [&addr_port](CNode* node) { return node->addr == addr_port; });
344 : 8 : }
345 : :
346 : 8 : bool CConnman::AlreadyConnectedToAddress(const CNetAddr& addr) const
347 : : {
348 : 8 : LOCK(m_nodes_mutex);
349 [ + - + - ]: 15 : return std::ranges::any_of(m_nodes, [&addr](CNode* node) { return node->addr == addr; });
350 : 8 : }
351 : :
352 : 4263 : bool CConnman::CheckIncomingNonce(uint64_t nonce)
353 : : {
354 : 4263 : LOCK(m_nodes_mutex);
355 [ + + ]: 13203 : for (const CNode* pnode : m_nodes) {
356 [ + + + + : 9143 : if (!pnode->fSuccessfullyConnected && !pnode->IsInboundConn() && pnode->GetLocalNonce() == nonce)
+ + ]
357 : : return false;
358 : : }
359 : : return true;
360 : 4263 : }
361 : :
362 : : /** Get the bind address for a socket as CService. */
363 : 0 : static CService GetBindAddress(const Sock& sock)
364 : : {
365 : 0 : CService addr_bind;
366 : 0 : struct sockaddr_storage sockaddr_bind;
367 : 0 : socklen_t sockaddr_bind_len = sizeof(sockaddr_bind);
368 [ # # # # ]: 0 : if (!sock.GetSockName((struct sockaddr*)&sockaddr_bind, &sockaddr_bind_len)) {
369 [ # # ]: 0 : addr_bind.SetSockAddr((const struct sockaddr*)&sockaddr_bind, sockaddr_bind_len);
370 : : } else {
371 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Warning, "getsockname failed\n");
# # ]
372 : : }
373 : 0 : return addr_bind;
374 : 0 : }
375 : :
376 : 11 : CNode* CConnman::ConnectNode(CAddress addrConnect,
377 : : const char* pszDest,
378 : : bool fCountFailure,
379 : : ConnectionType conn_type,
380 : : bool use_v2transport,
381 : : const std::optional<Proxy>& proxy_override)
382 : : {
383 : 11 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
384 [ - + ]: 11 : assert(conn_type != ConnectionType::INBOUND);
385 : :
386 [ + + ]: 11 : if (pszDest == nullptr) {
387 [ + - ]: 8 : if (IsLocal(addrConnect))
388 : : return nullptr;
389 : :
390 : : // Look for an existing connection
391 [ - + ]: 8 : if (AlreadyConnectedToAddressPort(addrConnect)) {
392 [ # # ]: 0 : LogInfo("Failed to open new connection to %s, already connected", addrConnect.ToStringAddrPort());
393 : 0 : return nullptr;
394 : : }
395 : : }
396 : :
397 [ - + - - : 11 : LogPrintLevel(BCLog::NET, BCLog::Level::Debug, "trying %s connection %s lastseen=%.1fhrs\n",
- - - - -
- ]
398 : : use_v2transport ? "v2" : "v1",
399 : : pszDest ? pszDest : addrConnect.ToStringAddrPort(),
400 : : Ticks<HoursDouble>(pszDest ? 0h : Now<NodeSeconds>() - addrConnect.nTime));
401 : :
402 : : // Resolve
403 [ + + + - ]: 14 : const uint16_t default_port{pszDest != nullptr ? GetDefaultPort(pszDest) :
404 : 8 : m_params.GetDefaultPort()};
405 : :
406 : : // Collection of addresses to try to connect to: either all dns resolved addresses if a domain name (pszDest) is provided, or addrConnect otherwise.
407 : 11 : std::vector<CAddress> connect_to{};
408 [ + + ]: 11 : if (pszDest) {
409 [ + - + - : 6 : std::vector<CService> resolved{Lookup(pszDest, default_port, fNameLookup && !HaveNameProxy(), 256)};
+ - - + +
- + - ]
410 [ - + ]: 3 : if (!resolved.empty()) {
411 : 0 : std::shuffle(resolved.begin(), resolved.end(), FastRandomContext());
412 : : // If the connection is made by name, it can be the case that the name resolves to more than one address.
413 : : // We don't want to connect any more of them if we are already connected to one
414 [ # # ]: 0 : for (const auto& r : resolved) {
415 [ # # ]: 0 : addrConnect = CAddress{MaybeFlipIPv6toCJDNS(r), NODE_NONE};
416 [ # # # # ]: 0 : if (!addrConnect.IsValid()) {
417 [ # # # # : 0 : LogDebug(BCLog::NET, "Resolver returned invalid address %s for %s\n", addrConnect.ToStringAddrPort(), pszDest);
# # # # ]
418 : 0 : return nullptr;
419 : : }
420 : : // It is possible that we already have a connection to the IP/port pszDest resolved to.
421 : : // In that case, drop the connection that was just created.
422 [ # # # # ]: 0 : if (AlreadyConnectedToAddressPort(addrConnect)) {
423 [ # # # # ]: 0 : LogPrintf("Not opening a connection to %s, already connected to %s\n", pszDest, addrConnect.ToStringAddrPort());
424 : 0 : return nullptr;
425 : : }
426 : : // Add the address to the resolved addresses vector so we can try to connect to it later on
427 [ # # ]: 0 : connect_to.push_back(addrConnect);
428 : : }
429 : : } else {
430 : : // For resolution via proxy
431 [ + - ]: 3 : connect_to.push_back(addrConnect);
432 : : }
433 : 3 : } else {
434 : : // Connect via addrConnect directly
435 [ + - ]: 8 : connect_to.push_back(addrConnect);
436 : : }
437 : :
438 : : // Connect
439 : 11 : std::unique_ptr<Sock> sock;
440 [ + - ]: 11 : Proxy proxy;
441 [ + - ]: 11 : CService addr_bind;
442 [ + - - + ]: 11 : assert(!addr_bind.IsValid());
443 : 11 : std::unique_ptr<i2p::sam::Session> i2p_transient_session;
444 : :
445 [ + + ]: 22 : for (auto& target_addr: connect_to) {
446 [ + - + + ]: 11 : if (target_addr.IsValid()) {
447 : 1 : bool use_proxy;
448 [ - + ]: 1 : if (proxy_override.has_value()) {
449 : 0 : use_proxy = true;
450 [ # # ]: 0 : proxy = proxy_override.value();
451 : : } else {
452 [ + - + - ]: 1 : use_proxy = GetProxy(target_addr.GetNetwork(), proxy);
453 : : }
454 : 1 : bool proxyConnectionFailed = false;
455 : :
456 [ - + - - ]: 1 : if (target_addr.IsI2P() && use_proxy) {
457 [ # # ]: 0 : i2p::Connection conn;
458 : 0 : bool connected{false};
459 : :
460 [ # # ]: 0 : if (m_i2p_sam_session) {
461 [ # # ]: 0 : connected = m_i2p_sam_session->Connect(target_addr, conn, proxyConnectionFailed);
462 : : } else {
463 : 0 : {
464 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
465 [ # # ]: 0 : if (m_unused_i2p_sessions.empty()) {
466 : 0 : i2p_transient_session =
467 [ # # ]: 0 : std::make_unique<i2p::sam::Session>(proxy, m_interrupt_net);
468 : : } else {
469 : 0 : i2p_transient_session.swap(m_unused_i2p_sessions.front());
470 : 0 : m_unused_i2p_sessions.pop();
471 : : }
472 : 0 : }
473 [ # # ]: 0 : connected = i2p_transient_session->Connect(target_addr, conn, proxyConnectionFailed);
474 [ # # ]: 0 : if (!connected) {
475 [ # # ]: 0 : LOCK(m_unused_i2p_sessions_mutex);
476 [ # # # # ]: 0 : if (m_unused_i2p_sessions.size() < MAX_UNUSED_I2P_SESSIONS_SIZE) {
477 [ # # # # ]: 0 : m_unused_i2p_sessions.emplace(i2p_transient_session.release());
478 : : }
479 : 0 : }
480 : : }
481 : :
482 [ # # ]: 0 : if (connected) {
483 : 0 : sock = std::move(conn.sock);
484 : 0 : addr_bind = conn.me;
485 : : }
486 [ - + ]: 1 : } else if (use_proxy) {
487 [ # # # # : 0 : LogPrintLevel(BCLog::PROXY, BCLog::Level::Debug, "Using proxy: %s to connect to %s\n", proxy.ToString(), target_addr.ToStringAddrPort());
# # # # #
# ]
488 [ # # # # : 0 : sock = ConnectThroughProxy(proxy, target_addr.ToStringAddr(), target_addr.GetPort(), proxyConnectionFailed);
# # ]
489 : : } else {
490 : : // no proxy needed (none set for target network)
491 [ + - ]: 2 : sock = ConnectDirectly(target_addr, conn_type == ConnectionType::MANUAL);
492 : : }
493 [ + - ]: 1 : if (!proxyConnectionFailed) {
494 : : // If a connection to the node was attempted, and failure (if any) is not caused by a problem connecting to
495 : : // the proxy, mark this as an attempt.
496 [ + - ]: 1 : addrman.Attempt(target_addr, fCountFailure);
497 : : }
498 [ + + + - : 10 : } else if (pszDest && GetNameProxy(proxy)) {
- + ]
499 [ # # ]: 0 : std::string host;
500 : 0 : uint16_t port{default_port};
501 [ # # # # ]: 0 : SplitHostPort(std::string(pszDest), port, host);
502 : 0 : bool proxyConnectionFailed;
503 [ # # ]: 0 : sock = ConnectThroughProxy(proxy, host, port, proxyConnectionFailed);
504 : 0 : }
505 : : // Check any other resolved address (if any) if we fail to connect
506 [ + - ]: 11 : if (!sock) {
507 : 11 : continue;
508 : : }
509 : :
510 : 0 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
511 [ # # # # ]: 0 : std::vector<NetWhitelistPermissions> whitelist_permissions = conn_type == ConnectionType::MANUAL ? vWhitelistedRangeOutgoing : std::vector<NetWhitelistPermissions>{};
512 [ # # ]: 0 : AddWhitelistPermissionFlags(permission_flags, target_addr, whitelist_permissions);
513 : :
514 : : // Add node
515 [ # # ]: 0 : NodeId id = GetNewNodeId();
516 [ # # # # : 0 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
# # ]
517 [ # # # # ]: 0 : if (!addr_bind.IsValid()) {
518 [ # # ]: 0 : addr_bind = GetBindAddress(*sock);
519 : : }
520 [ # # ]: 0 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
521 [ # # # # ]: 0 : .Write(target_addr.GetNetClass())
522 [ # # # # ]: 0 : .Write(addr_bind.GetAddrBytes())
523 : : // For outbound connections, the port of the bound address is randomly
524 : : // assigned by the OS and would therefore not be useful for seeding.
525 [ # # ]: 0 : .Write(0)
526 [ # # ]: 0 : .Finalize();
527 : 0 : CNode* pnode = new CNode(id,
528 : 0 : std::move(sock),
529 : : target_addr,
530 : : CalculateKeyedNetGroup(target_addr),
531 : : nonce,
532 : : addr_bind,
533 [ # # ]: 0 : pszDest ? pszDest : "",
534 : : conn_type,
535 : : /*inbound_onion=*/false,
536 : : network_id,
537 [ # # ]: 0 : CNodeOptions{
538 : : .permission_flags = permission_flags,
539 : : .i2p_sam_session = std::move(i2p_transient_session),
540 [ # # ]: 0 : .recv_flood_size = nReceiveFloodSize,
541 : : .use_v2transport = use_v2transport,
542 [ # # # # : 0 : });
# # # # #
# ]
543 : 0 : pnode->AddRef();
544 : :
545 : : // We're making a new connection, harvest entropy from the time (and our peer count)
546 : 0 : RandAddEvent((uint32_t)id);
547 : :
548 : 0 : return pnode;
549 : 0 : }
550 : :
551 : : return nullptr;
552 : 22 : }
553 : :
554 : 23851 : void CNode::CloseSocketDisconnect()
555 : : {
556 : 23851 : fDisconnect = true;
557 : 23851 : LOCK(m_sock_mutex);
558 [ + + ]: 23851 : if (m_sock) {
559 [ + - - + : 8885 : LogDebug(BCLog::NET, "Resetting socket for peer=%d%s", GetId(), LogIP(fLogIPs));
- - - - ]
560 : 8885 : m_sock.reset();
561 : :
562 : : TRACEPOINT(net, closed_connection,
563 : : GetId(),
564 : : m_addr_name.c_str(),
565 : : ConnectionTypeAsString().c_str(),
566 : : ConnectedThroughNetwork(),
567 : 8885 : Ticks<std::chrono::seconds>(m_connected));
568 : : }
569 [ - + + - ]: 23851 : m_i2p_sam_session.reset();
570 : 23851 : }
571 : :
572 : 1185 : void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr, const std::vector<NetWhitelistPermissions>& ranges) const {
573 [ - + ]: 1185 : for (const auto& subnet : ranges) {
574 [ # # # # ]: 0 : if (addr.has_value() && subnet.m_subnet.Match(addr.value())) {
575 : 0 : NetPermissions::AddFlag(flags, subnet.m_flags);
576 : : }
577 : : }
578 [ + + ]: 1185 : if (NetPermissions::HasFlag(flags, NetPermissionFlags::Implicit)) {
579 [ - + ]: 5 : NetPermissions::ClearFlag(flags, NetPermissionFlags::Implicit);
580 [ - + ]: 5 : if (whitelist_forcerelay) NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);
581 [ + - ]: 5 : if (whitelist_relay) NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);
582 : 5 : NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);
583 : 5 : NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);
584 : : }
585 : 1185 : }
586 : :
587 : 109519 : CService CNode::GetAddrLocal() const
588 : : {
589 : 109519 : AssertLockNotHeld(m_addr_local_mutex);
590 : 109519 : LOCK(m_addr_local_mutex);
591 [ + - ]: 109519 : return m_addr_local;
592 : 109519 : }
593 : :
594 : 7125 : void CNode::SetAddrLocal(const CService& addrLocalIn) {
595 : 7125 : AssertLockNotHeld(m_addr_local_mutex);
596 : 7125 : LOCK(m_addr_local_mutex);
597 [ + - + - : 7125 : if (Assume(!m_addr_local.IsValid())) { // Addr local can only be set once during version msg processing
+ - ]
598 : 7125 : m_addr_local = addrLocalIn;
599 : : }
600 : 7125 : }
601 : :
602 : 6588939 : Network CNode::ConnectedThroughNetwork() const
603 : : {
604 [ + + ]: 6588939 : return m_inbound_onion ? NET_ONION : addr.GetNetClass();
605 : : }
606 : :
607 : 4732458 : bool CNode::IsConnectedThroughPrivacyNet() const
608 : : {
609 [ + + + + ]: 4732458 : return m_inbound_onion || addr.IsPrivacyNet();
610 : : }
611 : :
612 : : #undef X
613 : : #define X(name) stats.name = name
614 : 108511 : void CNode::CopyStats(CNodeStats& stats)
615 : : {
616 : 108511 : stats.nodeid = this->GetId();
617 : 108511 : X(addr);
618 : 108511 : X(addrBind);
619 : 108511 : stats.m_network = ConnectedThroughNetwork();
620 : 108511 : X(m_last_send);
621 : 108511 : X(m_last_recv);
622 : 108511 : X(m_last_tx_time);
623 : 108511 : X(m_last_block_time);
624 : 108511 : X(m_connected);
625 : 108511 : X(m_addr_name);
626 : 108511 : X(nVersion);
627 : 108511 : {
628 : 108511 : LOCK(m_subver_mutex);
629 [ + - + - ]: 217022 : X(cleanSubVer);
630 : 0 : }
631 : 108511 : stats.fInbound = IsInboundConn();
632 : 108511 : X(m_bip152_highbandwidth_to);
633 : 108511 : X(m_bip152_highbandwidth_from);
634 : 108511 : {
635 : 108511 : LOCK(cs_vSend);
636 [ + - ]: 108511 : X(mapSendBytesPerMsgType);
637 [ + - ]: 108511 : X(nSendBytes);
638 : 0 : }
639 : 108511 : {
640 : 108511 : LOCK(cs_vRecv);
641 [ + - ]: 108511 : X(mapRecvBytesPerMsgType);
642 : 108511 : X(nRecvBytes);
643 : 108511 : Transport::Info info = m_transport->GetInfo();
644 : 108511 : stats.m_transport_type = info.transport_type;
645 [ - + - - ]: 108511 : if (info.session_id) stats.m_session_id = HexStr(*info.session_id);
646 : 0 : }
647 : 108511 : X(m_permission_flags);
648 : :
649 : 108511 : X(m_last_ping_time);
650 : 108511 : X(m_min_ping_time);
651 : :
652 : : // Leave string empty if addrLocal invalid (not filled in yet)
653 : 108511 : CService addrLocalUnlocked = GetAddrLocal();
654 [ + - + + : 108511 : stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToStringAddrPort() : "";
+ - + - ]
655 : :
656 : 108511 : X(m_conn_type);
657 : 108511 : }
658 : : #undef X
659 : :
660 : 202670 : bool CNode::ReceiveMsgBytes(std::span<const uint8_t> msg_bytes, bool& complete)
661 : : {
662 : 202670 : complete = false;
663 : 202670 : const auto time = GetTime<std::chrono::microseconds>();
664 : 202670 : LOCK(cs_vRecv);
665 : 202670 : m_last_recv = std::chrono::duration_cast<std::chrono::seconds>(time);
666 : 202670 : nRecvBytes += msg_bytes.size();
667 [ + + ]: 617939 : while (msg_bytes.size() > 0) {
668 : : // absorb network data
669 [ + - + + ]: 244062 : if (!m_transport->ReceivedBytes(msg_bytes)) {
670 : : // Serious transport problem, disconnect from the peer.
671 : : return false;
672 : : }
673 : :
674 [ + - + + ]: 212599 : if (m_transport->ReceivedMessageComplete()) {
675 : : // decompose a transport agnostic CNetMessage from the deserializer
676 : 119964 : bool reject_message{false};
677 [ + - ]: 119964 : CNetMessage msg = m_transport->GetReceivedMessage(time, reject_message);
678 [ + + ]: 119964 : if (reject_message) {
679 : : // Message deserialization failed. Drop the message but don't disconnect the peer.
680 : : // store the size of the corrupt message
681 [ + - ]: 29868 : mapRecvBytesPerMsgType.at(NET_MESSAGE_TYPE_OTHER) += msg.m_raw_message_size;
682 : 29868 : continue;
683 : : }
684 : :
685 : : // Store received bytes per message type.
686 : : // To prevent a memory DOS, only allow known message types.
687 : 90096 : auto i = mapRecvBytesPerMsgType.find(msg.m_type);
688 [ + + ]: 90096 : if (i == mapRecvBytesPerMsgType.end()) {
689 : 17680 : i = mapRecvBytesPerMsgType.find(NET_MESSAGE_TYPE_OTHER);
690 : : }
691 [ - + ]: 90096 : assert(i != mapRecvBytesPerMsgType.end());
692 [ + - ]: 90096 : i->second += msg.m_raw_message_size;
693 : :
694 : : // push the message to the process queue,
695 [ + - ]: 90096 : vRecvMsg.push_back(std::move(msg));
696 : :
697 : 90096 : complete = true;
698 : 119964 : }
699 : : }
700 : :
701 : : return true;
702 : 202670 : }
703 : :
704 : 2191 : std::string CNode::LogIP(bool log_ip) const
705 : : {
706 [ - + - - : 2191 : return log_ip ? strprintf(" peeraddr=%s", addr.ToStringAddrPort()) : "";
- - + - -
- ]
707 : : }
708 : :
709 : 0 : std::string CNode::DisconnectMsg(bool log_ip) const
710 : : {
711 : 0 : return strprintf("disconnecting peer=%d%s",
712 [ # # ]: 0 : GetId(),
713 [ # # ]: 0 : LogIP(log_ip));
714 : : }
715 : :
716 : 30607 : V1Transport::V1Transport(const NodeId node_id) noexcept
717 : 30607 : : m_magic_bytes{Params().MessageStart()}, m_node_id{node_id}
718 : : {
719 : 30607 : LOCK(m_recv_mutex);
720 [ + - ]: 30607 : Reset();
721 : 30607 : }
722 : :
723 : 112481 : Transport::Info V1Transport::GetInfo() const noexcept
724 : : {
725 : 112481 : return {.transport_type = TransportProtocolType::V1, .session_id = {}};
726 : : }
727 : :
728 : 254395 : int V1Transport::readHeader(std::span<const uint8_t> msg_bytes)
729 : : {
730 : 254395 : AssertLockHeld(m_recv_mutex);
731 : : // copy data to temporary parsing buffer
732 : 254395 : unsigned int nRemaining = CMessageHeader::HEADER_SIZE - nHdrPos;
733 [ + + ]: 254395 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
734 : :
735 [ + + ]: 254395 : memcpy(&hdrbuf[nHdrPos], msg_bytes.data(), nCopy);
736 : 254395 : nHdrPos += nCopy;
737 : :
738 : : // if header incomplete, exit
739 [ + + ]: 254395 : if (nHdrPos < CMessageHeader::HEADER_SIZE)
740 : 21899 : return nCopy;
741 : :
742 : : // deserialize to CMessageHeader
743 : 232496 : try {
744 [ + - ]: 232496 : hdrbuf >> hdr;
745 : : }
746 [ - - ]: 0 : catch (const std::exception&) {
747 [ - - - - : 0 : LogDebug(BCLog::NET, "Header error: Unable to deserialize, peer=%d\n", m_node_id);
- - ]
748 : 0 : return -1;
749 : 0 : }
750 : :
751 : : // Check start string, network magic
752 [ + + ]: 232496 : if (hdr.pchMessageStart != m_magic_bytes) {
753 [ - + - - ]: 25065 : LogDebug(BCLog::NET, "Header error: Wrong MessageStart %s received, peer=%d\n", HexStr(hdr.pchMessageStart), m_node_id);
754 : 25065 : return -1;
755 : : }
756 : :
757 : : // reject messages larger than MAX_SIZE or MAX_PROTOCOL_MESSAGE_LENGTH
758 : : // NOTE: failing to perform this check previously allowed a malicious peer to make us allocate 32MiB of memory per
759 : : // connection. See https://bitcoincore.org/en/2024/07/03/disclose_receive_buffer_oom.
760 [ + + ]: 207431 : if (hdr.nMessageSize > MAX_SIZE || hdr.nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
761 [ - + - - : 6479 : LogDebug(BCLog::NET, "Header error: Size too large (%s, %u bytes), peer=%d\n", SanitizeString(hdr.GetMessageType()), hdr.nMessageSize, m_node_id);
- - - - ]
762 : 6479 : return -1;
763 : : }
764 : :
765 : : // switch state to reading message data
766 : 200952 : in_data = true;
767 : :
768 : 200952 : return nCopy;
769 : : }
770 : :
771 : 124360 : int V1Transport::readData(std::span<const uint8_t> msg_bytes)
772 : : {
773 : 124360 : AssertLockHeld(m_recv_mutex);
774 : 124360 : unsigned int nRemaining = hdr.nMessageSize - nDataPos;
775 [ + + ]: 124360 : unsigned int nCopy = std::min<unsigned int>(nRemaining, msg_bytes.size());
776 : :
777 [ - + + + ]: 124360 : if (vRecv.size() < nDataPos + nCopy) {
778 : : // Allocate up to 256 KiB ahead, but never more than the total message size.
779 [ + + ]: 203099 : vRecv.resize(std::min(hdr.nMessageSize, nDataPos + nCopy + 256 * 1024));
780 : : }
781 : :
782 : 124360 : hasher.Write(msg_bytes.first(nCopy));
783 : 124360 : memcpy(&vRecv[nDataPos], msg_bytes.data(), nCopy);
784 : 124360 : nDataPos += nCopy;
785 : :
786 : 124360 : return nCopy;
787 : : }
788 : :
789 : 200881 : const uint256& V1Transport::GetMessageHash() const
790 : : {
791 : 200881 : AssertLockHeld(m_recv_mutex);
792 [ + - - + ]: 200881 : assert(CompleteInternal());
793 [ + - ]: 401762 : if (data_hash.IsNull())
794 : 200881 : hasher.Finalize(data_hash);
795 : 200881 : return data_hash;
796 : : }
797 : :
798 : 200881 : CNetMessage V1Transport::GetReceivedMessage(const std::chrono::microseconds time, bool& reject_message)
799 : : {
800 : 200881 : AssertLockNotHeld(m_recv_mutex);
801 : : // Initialize out parameter
802 : 200881 : reject_message = false;
803 : : // decompose a single CNetMessage from the TransportDeserializer
804 : 200881 : LOCK(m_recv_mutex);
805 [ + - ]: 200881 : CNetMessage msg(std::move(vRecv));
806 : :
807 : : // store message type string, time, and sizes
808 [ + - ]: 200881 : msg.m_type = hdr.GetMessageType();
809 : 200881 : msg.m_time = time;
810 : 200881 : msg.m_message_size = hdr.nMessageSize;
811 : 200881 : msg.m_raw_message_size = hdr.nMessageSize + CMessageHeader::HEADER_SIZE;
812 : :
813 [ + - ]: 200881 : uint256 hash = GetMessageHash();
814 : :
815 : : // We just received a message off the wire, harvest entropy from the time (and the message checksum)
816 : 200881 : RandAddEvent(ReadLE32(hash.begin()));
817 : :
818 : : // Check checksum and header message type string
819 [ + + ]: 200881 : if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) {
820 [ + - - + : 17511 : LogDebug(BCLog::NET, "Header error: Wrong checksum (%s, %u bytes), expected %s was %s, peer=%d\n",
- - - - -
- - - -
- ]
821 : : SanitizeString(msg.m_type), msg.m_message_size,
822 : : HexStr(std::span{hash}.first(CMessageHeader::CHECKSUM_SIZE)),
823 : : HexStr(hdr.pchChecksum),
824 : : m_node_id);
825 : 17511 : reject_message = true;
826 [ + - + + ]: 183370 : } else if (!hdr.IsMessageTypeValid()) {
827 [ + - - + : 52249 : LogDebug(BCLog::NET, "Header error: Invalid message type (%s, %u bytes), peer=%d\n",
- - - - -
- ]
828 : : SanitizeString(hdr.GetMessageType()), msg.m_message_size, m_node_id);
829 : 52249 : reject_message = true;
830 : : }
831 : :
832 : : // Always reset the network deserializer (prepare for the next message)
833 [ + - ]: 200881 : Reset();
834 [ + - ]: 200881 : return msg;
835 : 200881 : }
836 : :
837 : 283891 : bool V1Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
838 : : {
839 : 283891 : AssertLockNotHeld(m_send_mutex);
840 : : // Determine whether a new message can be set.
841 : 283891 : LOCK(m_send_mutex);
842 [ + + - + : 283891 : if (m_sending_header || m_bytes_sent < m_message_to_send.data.size()) return false;
+ + ]
843 : :
844 : : // create dbl-sha256 checksum
845 : 194795 : uint256 hash = Hash(msg.data);
846 : :
847 : : // create header
848 [ - + ]: 194795 : CMessageHeader hdr(m_magic_bytes, msg.m_type.c_str(), msg.data.size());
849 [ + + ]: 194795 : memcpy(hdr.pchChecksum, hash.begin(), CMessageHeader::CHECKSUM_SIZE);
850 : :
851 : : // serialize header
852 [ + + ]: 194795 : m_header_to_send.clear();
853 : 194795 : VectorWriter{m_header_to_send, 0, hdr};
854 : :
855 : : // update state
856 : 194795 : m_message_to_send = std::move(msg);
857 : 194795 : m_sending_header = true;
858 : 194795 : m_bytes_sent = 0;
859 : 194795 : return true;
860 : 283891 : }
861 : :
862 : 1487282 : Transport::BytesToSend V1Transport::GetBytesToSend(bool have_next_message) const noexcept
863 : : {
864 : 1487282 : AssertLockNotHeld(m_send_mutex);
865 : 1487282 : LOCK(m_send_mutex);
866 [ + + ]: 1487282 : if (m_sending_header) {
867 [ - + + + ]: 536130 : return {std::span{m_header_to_send}.subspan(m_bytes_sent),
868 : : // We have more to send after the header if the message has payload, or if there
869 : : // is a next message after that.
870 [ + + + + ]: 536130 : have_next_message || !m_message_to_send.data.empty(),
871 : 536130 : m_message_to_send.m_type
872 : 536130 : };
873 : : } else {
874 [ - + ]: 951152 : return {std::span{m_message_to_send.data}.subspan(m_bytes_sent),
875 : : // We only have more to send after this message's payload if there is another
876 : : // message.
877 : : have_next_message,
878 : 951152 : m_message_to_send.m_type
879 : 951152 : };
880 : : }
881 : 1487282 : }
882 : :
883 : 387723 : void V1Transport::MarkBytesSent(size_t bytes_sent) noexcept
884 : : {
885 : 387723 : AssertLockNotHeld(m_send_mutex);
886 : 387723 : LOCK(m_send_mutex);
887 : 387723 : m_bytes_sent += bytes_sent;
888 [ + + - + : 387723 : if (m_sending_header && m_bytes_sent == m_header_to_send.size()) {
+ + ]
889 : : // We're done sending a message's header. Switch to sending its data bytes.
890 : 194087 : m_sending_header = false;
891 : 194087 : m_bytes_sent = 0;
892 [ + + - + : 193636 : } else if (!m_sending_header && m_bytes_sent == m_message_to_send.data.size()) {
+ + ]
893 : : // We're done sending a message's data. Wipe the data vector to reduce memory consumption.
894 : 123319 : ClearShrink(m_message_to_send.data);
895 : 123319 : m_bytes_sent = 0;
896 : : }
897 : 387723 : }
898 : :
899 : 98289 : size_t V1Transport::GetSendMemoryUsage() const noexcept
900 : : {
901 : 98289 : AssertLockNotHeld(m_send_mutex);
902 : 98289 : LOCK(m_send_mutex);
903 : : // Don't count sending-side fields besides m_message_to_send, as they're all small and bounded.
904 [ + - ]: 98289 : return m_message_to_send.GetMemoryUsage();
905 : 98289 : }
906 : :
907 : : namespace {
908 : :
909 : : /** List of short messages as defined in BIP324, in order.
910 : : *
911 : : * Only message types that are actually implemented in this codebase need to be listed, as other
912 : : * messages get ignored anyway - whether we know how to decode them or not.
913 : : */
914 : : const std::array<std::string, 33> V2_MESSAGE_IDS = {
915 : : "", // 12 bytes follow encoding the message type like in V1
916 : : NetMsgType::ADDR,
917 : : NetMsgType::BLOCK,
918 : : NetMsgType::BLOCKTXN,
919 : : NetMsgType::CMPCTBLOCK,
920 : : NetMsgType::FEEFILTER,
921 : : NetMsgType::FILTERADD,
922 : : NetMsgType::FILTERCLEAR,
923 : : NetMsgType::FILTERLOAD,
924 : : NetMsgType::GETBLOCKS,
925 : : NetMsgType::GETBLOCKTXN,
926 : : NetMsgType::GETDATA,
927 : : NetMsgType::GETHEADERS,
928 : : NetMsgType::HEADERS,
929 : : NetMsgType::INV,
930 : : NetMsgType::MEMPOOL,
931 : : NetMsgType::MERKLEBLOCK,
932 : : NetMsgType::NOTFOUND,
933 : : NetMsgType::PING,
934 : : NetMsgType::PONG,
935 : : NetMsgType::SENDCMPCT,
936 : : NetMsgType::TX,
937 : : NetMsgType::GETCFILTERS,
938 : : NetMsgType::CFILTER,
939 : : NetMsgType::GETCFHEADERS,
940 : : NetMsgType::CFHEADERS,
941 : : NetMsgType::GETCFCHECKPT,
942 : : NetMsgType::CFCHECKPT,
943 : : NetMsgType::ADDRV2,
944 : : // Unimplemented message types that are assigned in BIP324:
945 : : "",
946 : : "",
947 : : "",
948 : : ""
949 : : };
950 : :
951 : : class V2MessageMap
952 : : {
953 : : std::unordered_map<std::string, uint8_t> m_map;
954 : :
955 : : public:
956 : 228 : V2MessageMap() noexcept
957 : 228 : {
958 [ + + ]: 7524 : for (size_t i = 1; i < std::size(V2_MESSAGE_IDS); ++i) {
959 : 7296 : m_map.emplace(V2_MESSAGE_IDS[i], i);
960 : : }
961 : 228 : }
962 : :
963 : 31373 : std::optional<uint8_t> operator()(const std::string& message_name) const noexcept
964 : : {
965 : 31373 : auto it = m_map.find(message_name);
966 [ + + ]: 31373 : if (it == m_map.end()) return std::nullopt;
967 : 24752 : return it->second;
968 : : }
969 : : };
970 : :
971 : : const V2MessageMap V2_MESSAGE_MAP;
972 : :
973 : 0 : std::vector<uint8_t> GenerateRandomGarbage() noexcept
974 : : {
975 : 0 : std::vector<uint8_t> ret;
976 : 0 : FastRandomContext rng;
977 : 0 : ret.resize(rng.randrange(V2Transport::MAX_GARBAGE_LEN + 1));
978 : 0 : rng.fillrand(MakeWritableByteSpan(ret));
979 : 0 : return ret;
980 : 0 : }
981 : :
982 : : } // namespace
983 : :
984 : 2495 : void V2Transport::StartSendingHandshake() noexcept
985 : : {
986 : 2495 : AssertLockHeld(m_send_mutex);
987 : 2495 : Assume(m_send_state == SendState::AWAITING_KEY);
988 : 2495 : Assume(m_send_buffer.empty());
989 : : // Initialize the send buffer with ellswift pubkey + provided garbage.
990 [ - + ]: 2495 : m_send_buffer.resize(EllSwiftPubKey::size() + m_send_garbage.size());
991 : 2495 : std::copy(std::begin(m_cipher.GetOurPubKey()), std::end(m_cipher.GetOurPubKey()), MakeWritableByteSpan(m_send_buffer).begin());
992 : 2495 : std::copy(m_send_garbage.begin(), m_send_garbage.end(), m_send_buffer.begin() + EllSwiftPubKey::size());
993 : : // We cannot wipe m_send_garbage as it will still be used as AAD later in the handshake.
994 : 2495 : }
995 : :
996 : 3237 : V2Transport::V2Transport(NodeId nodeid, bool initiating, const CKey& key, std::span<const std::byte> ent32, std::vector<uint8_t> garbage) noexcept
997 : 3237 : : m_cipher{key, ent32}, m_initiating{initiating}, m_nodeid{nodeid},
998 : 3237 : m_v1_fallback{nodeid},
999 [ + + ]: 3237 : m_recv_state{initiating ? RecvState::KEY : RecvState::KEY_MAYBE_V1},
1000 [ - + ]: 3237 : m_send_garbage{std::move(garbage)},
1001 [ + + - + ]: 8357 : m_send_state{initiating ? SendState::AWAITING_KEY : SendState::MAYBE_V1}
1002 : : {
1003 [ - + ]: 3237 : Assume(m_send_garbage.size() <= MAX_GARBAGE_LEN);
1004 : : // Start sending immediately if we're the initiator of the connection.
1005 [ + + ]: 3237 : if (initiating) {
1006 : 1354 : LOCK(m_send_mutex);
1007 [ + - ]: 1354 : StartSendingHandshake();
1008 : 1354 : }
1009 : 3237 : }
1010 : :
1011 : 0 : V2Transport::V2Transport(NodeId nodeid, bool initiating) noexcept
1012 : 0 : : V2Transport{nodeid, initiating, GenerateRandomKey(),
1013 : 0 : MakeByteSpan(GetRandHash()), GenerateRandomGarbage()} {}
1014 : :
1015 : 71241 : void V2Transport::SetReceiveState(RecvState recv_state) noexcept
1016 : : {
1017 : 71241 : AssertLockHeld(m_recv_mutex);
1018 : : // Enforce allowed state transitions.
1019 [ + + + + : 71241 : switch (m_recv_state) {
+ + - - ]
1020 : 1649 : case RecvState::KEY_MAYBE_V1:
1021 : 1649 : Assume(recv_state == RecvState::KEY || recv_state == RecvState::V1);
1022 : 1649 : break;
1023 : 2282 : case RecvState::KEY:
1024 : 2282 : Assume(recv_state == RecvState::GARB_GARBTERM);
1025 : 2282 : break;
1026 : 2282 : case RecvState::GARB_GARBTERM:
1027 : 2282 : Assume(recv_state == RecvState::VERSION);
1028 : 2282 : break;
1029 : 2282 : case RecvState::VERSION:
1030 : 2282 : Assume(recv_state == RecvState::APP);
1031 : 2282 : break;
1032 : 31373 : case RecvState::APP:
1033 : 31373 : Assume(recv_state == RecvState::APP_READY);
1034 : 31373 : break;
1035 : 31373 : case RecvState::APP_READY:
1036 : 31373 : Assume(recv_state == RecvState::APP);
1037 : 31373 : break;
1038 : 0 : case RecvState::V1:
1039 : 0 : Assume(false); // V1 state cannot be left
1040 : 0 : break;
1041 : : }
1042 : : // Change state.
1043 : 71241 : m_recv_state = recv_state;
1044 : 71241 : }
1045 : :
1046 : 3931 : void V2Transport::SetSendState(SendState send_state) noexcept
1047 : : {
1048 : 3931 : AssertLockHeld(m_send_mutex);
1049 : : // Enforce allowed state transitions.
1050 [ + + - - ]: 3931 : switch (m_send_state) {
1051 : 1649 : case SendState::MAYBE_V1:
1052 : 1649 : Assume(send_state == SendState::V1 || send_state == SendState::AWAITING_KEY);
1053 : 1649 : break;
1054 : 2282 : case SendState::AWAITING_KEY:
1055 : 2282 : Assume(send_state == SendState::READY);
1056 : 2282 : break;
1057 : 0 : case SendState::READY:
1058 : 0 : case SendState::V1:
1059 : 0 : Assume(false); // Final states
1060 : 0 : break;
1061 : : }
1062 : : // Change state.
1063 : 3931 : m_send_state = send_state;
1064 : 3931 : }
1065 : :
1066 : 90124 : bool V2Transport::ReceivedMessageComplete() const noexcept
1067 : : {
1068 : 90124 : AssertLockNotHeld(m_recv_mutex);
1069 : 90124 : LOCK(m_recv_mutex);
1070 [ + + ]: 90124 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedMessageComplete();
1071 : :
1072 : 68068 : return m_recv_state == RecvState::APP_READY;
1073 : 90124 : }
1074 : :
1075 : 1896 : void V2Transport::ProcessReceivedMaybeV1Bytes() noexcept
1076 : : {
1077 : 1896 : AssertLockHeld(m_recv_mutex);
1078 : 1896 : AssertLockNotHeld(m_send_mutex);
1079 : 1896 : Assume(m_recv_state == RecvState::KEY_MAYBE_V1);
1080 : : // We still have to determine if this is a v1 or v2 connection. The bytes being received could
1081 : : // be the beginning of either a v1 packet (network magic + "version\x00\x00\x00\x00\x00"), or
1082 : : // of a v2 public key. BIP324 specifies that a mismatch with this 16-byte string should trigger
1083 : : // sending of the key.
1084 : 1896 : std::array<uint8_t, V1_PREFIX_LEN> v1_prefix = {0, 0, 0, 0, 'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1085 : 1896 : std::copy(std::begin(Params().MessageStart()), std::end(Params().MessageStart()), v1_prefix.begin());
1086 [ - + ]: 1896 : Assume(m_recv_buffer.size() <= v1_prefix.size());
1087 [ + + ]: 1896 : if (!std::equal(m_recv_buffer.begin(), m_recv_buffer.end(), v1_prefix.begin())) {
1088 : : // Mismatch with v1 prefix, so we can assume a v2 connection.
1089 : 1141 : SetReceiveState(RecvState::KEY); // Convert to KEY state, leaving received bytes around.
1090 : : // Transition the sender to AWAITING_KEY state and start sending.
1091 : 1141 : LOCK(m_send_mutex);
1092 : 1141 : SetSendState(SendState::AWAITING_KEY);
1093 [ + - ]: 1141 : StartSendingHandshake();
1094 [ - + + + ]: 1896 : } else if (m_recv_buffer.size() == v1_prefix.size()) {
1095 : : // Full match with the v1 prefix, so fall back to v1 behavior.
1096 : 508 : LOCK(m_send_mutex);
1097 [ - + ]: 508 : std::span<const uint8_t> feedback{m_recv_buffer};
1098 : : // Feed already received bytes to v1 transport. It should always accept these, because it's
1099 : : // less than the size of a v1 header, and these are the first bytes fed to m_v1_fallback.
1100 : 508 : bool ret = m_v1_fallback.ReceivedBytes(feedback);
1101 : 508 : Assume(feedback.empty());
1102 : 508 : Assume(ret);
1103 : 508 : SetReceiveState(RecvState::V1);
1104 : 508 : SetSendState(SendState::V1);
1105 : : // Reset v2 transport buffers to save memory.
1106 : 508 : ClearShrink(m_recv_buffer);
1107 [ + - ]: 508 : ClearShrink(m_send_buffer);
1108 : 508 : } else {
1109 : : // We have not received enough to distinguish v1 from v2 yet. Wait until more bytes come.
1110 : : }
1111 : 1896 : }
1112 : :
1113 : 3083 : bool V2Transport::ProcessReceivedKeyBytes() noexcept
1114 : : {
1115 : 3083 : AssertLockHeld(m_recv_mutex);
1116 : 3083 : AssertLockNotHeld(m_send_mutex);
1117 : 3083 : Assume(m_recv_state == RecvState::KEY);
1118 [ - + ]: 3083 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1119 : :
1120 : : // As a special exception, if bytes 4-16 of the key on a responder connection match the
1121 : : // corresponding bytes of a V1 version message, but bytes 0-4 don't match the network magic
1122 : : // (if they did, we'd have switched to V1 state already), assume this is a peer from
1123 : : // another network, and disconnect them. They will almost certainly disconnect us too when
1124 : : // they receive our uniformly random key and garbage, but detecting this case specially
1125 : : // means we can log it.
1126 : 3083 : static constexpr std::array<uint8_t, 12> MATCH = {'v', 'e', 'r', 's', 'i', 'o', 'n', 0, 0, 0, 0, 0};
1127 : 3083 : static constexpr size_t OFFSET = std::tuple_size_v<MessageStartChars>;
1128 [ + + - + : 3083 : if (!m_initiating && m_recv_buffer.size() >= OFFSET + MATCH.size()) {
+ + ]
1129 [ - + ]: 1549 : if (std::equal(MATCH.begin(), MATCH.end(), m_recv_buffer.begin() + OFFSET)) {
1130 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: V1 peer with wrong MessageStart %s\n",
1131 : : HexStr(std::span(m_recv_buffer).first(OFFSET)));
1132 : 0 : return false;
1133 : : }
1134 : : }
1135 : :
1136 [ - + + + ]: 3083 : if (m_recv_buffer.size() == EllSwiftPubKey::size()) {
1137 : : // Other side's key has been fully received, and can now be Diffie-Hellman combined with
1138 : : // our key to initialize the encryption ciphers.
1139 : :
1140 : : // Initialize the ciphers.
1141 : 2282 : EllSwiftPubKey ellswift(MakeByteSpan(m_recv_buffer));
1142 : 2282 : LOCK(m_send_mutex);
1143 : 2282 : m_cipher.Initialize(ellswift, m_initiating);
1144 : :
1145 : : // Switch receiver state to GARB_GARBTERM.
1146 : 2282 : SetReceiveState(RecvState::GARB_GARBTERM);
1147 [ + - ]: 2282 : m_recv_buffer.clear();
1148 : :
1149 : : // Switch sender state to READY.
1150 : 2282 : SetSendState(SendState::READY);
1151 : :
1152 : : // Append the garbage terminator to the send buffer.
1153 [ - + ]: 2282 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1154 : 2282 : std::copy(m_cipher.GetSendGarbageTerminator().begin(),
1155 : 2282 : m_cipher.GetSendGarbageTerminator().end(),
1156 : 2282 : MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN).begin());
1157 : :
1158 : : // Construct version packet in the send buffer, with the sent garbage data as AAD.
1159 [ - + ]: 2282 : m_send_buffer.resize(m_send_buffer.size() + BIP324Cipher::EXPANSION + VERSION_CONTENTS.size());
1160 : 2282 : m_cipher.Encrypt(
1161 : : /*contents=*/VERSION_CONTENTS,
1162 : 2282 : /*aad=*/MakeByteSpan(m_send_garbage),
1163 : : /*ignore=*/false,
1164 : 2282 : /*output=*/MakeWritableByteSpan(m_send_buffer).last(BIP324Cipher::EXPANSION + VERSION_CONTENTS.size()));
1165 : : // We no longer need the garbage.
1166 [ + - ]: 2282 : ClearShrink(m_send_garbage);
1167 : 2282 : } else {
1168 : : // We still have to receive more key bytes.
1169 : : }
1170 : : return true;
1171 : : }
1172 : :
1173 : 4079839 : bool V2Transport::ProcessReceivedGarbageBytes() noexcept
1174 : : {
1175 : 4079839 : AssertLockHeld(m_recv_mutex);
1176 : 4079839 : Assume(m_recv_state == RecvState::GARB_GARBTERM);
1177 [ - + ]: 4079839 : Assume(m_recv_buffer.size() <= MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1178 [ - + + + ]: 4079839 : if (m_recv_buffer.size() >= BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1179 [ + + ]: 4045609 : if (std::ranges::equal(MakeByteSpan(m_recv_buffer).last(BIP324Cipher::GARBAGE_TERMINATOR_LEN), m_cipher.GetReceiveGarbageTerminator())) {
1180 : : // Garbage terminator received. Store garbage to authenticate it as AAD later.
1181 : 2282 : m_recv_aad = std::move(m_recv_buffer);
1182 [ - + ]: 2282 : m_recv_aad.resize(m_recv_aad.size() - BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1183 [ - + ]: 2282 : m_recv_buffer.clear();
1184 : 2282 : SetReceiveState(RecvState::VERSION);
1185 [ - + ]: 4043327 : } else if (m_recv_buffer.size() == MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN) {
1186 : : // We've reached the maximum length for garbage + garbage terminator, and the
1187 : : // terminator still does not match. Abort.
1188 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: missing garbage terminator, peer=%d\n", m_nodeid);
1189 : 0 : return false;
1190 : : } else {
1191 : : // We still need to receive more garbage and/or garbage terminator bytes.
1192 : : }
1193 : : } else {
1194 : : // We have less than GARBAGE_TERMINATOR_LEN (16) bytes, so we certainly need to receive
1195 : : // more first.
1196 : : }
1197 : : return true;
1198 : : }
1199 : :
1200 : 94062 : bool V2Transport::ProcessReceivedPacketBytes() noexcept
1201 : : {
1202 : 94062 : AssertLockHeld(m_recv_mutex);
1203 : 94062 : Assume(m_recv_state == RecvState::VERSION || m_recv_state == RecvState::APP);
1204 : :
1205 : : // The maximum permitted contents length for a packet, consisting of:
1206 : : // - 0x00 byte: indicating long message type encoding
1207 : : // - 12 bytes of message type
1208 : : // - payload
1209 : 94062 : static constexpr size_t MAX_CONTENTS_LEN =
1210 : : 1 + CMessageHeader::MESSAGE_TYPE_SIZE +
1211 : : std::min<size_t>(MAX_SIZE, MAX_PROTOCOL_MESSAGE_LENGTH);
1212 : :
1213 [ - + + + ]: 94062 : if (m_recv_buffer.size() == BIP324Cipher::LENGTH_LEN) {
1214 : : // Length descriptor received.
1215 : 33655 : m_recv_len = m_cipher.DecryptLength(MakeByteSpan(m_recv_buffer));
1216 [ - + ]: 33655 : if (m_recv_len > MAX_CONTENTS_LEN) {
1217 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet too large (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1218 : 0 : return false;
1219 : : }
1220 [ + + + + ]: 60407 : } else if (m_recv_buffer.size() > BIP324Cipher::LENGTH_LEN && m_recv_buffer.size() == m_recv_len + BIP324Cipher::EXPANSION) {
1221 : : // Ciphertext received, decrypt it into m_recv_decode_buffer.
1222 : : // Note that it is impossible to reach this branch without hitting the branch above first,
1223 : : // as GetMaxBytesToProcess only allows up to LENGTH_LEN into the buffer before that point.
1224 : 33655 : m_recv_decode_buffer.resize(m_recv_len);
1225 : 33655 : bool ignore{false};
1226 : 67310 : bool ret = m_cipher.Decrypt(
1227 : 33655 : /*input=*/MakeByteSpan(m_recv_buffer).subspan(BIP324Cipher::LENGTH_LEN),
1228 : 33655 : /*aad=*/MakeByteSpan(m_recv_aad),
1229 : : /*ignore=*/ignore,
1230 : : /*contents=*/MakeWritableByteSpan(m_recv_decode_buffer));
1231 [ - + ]: 33655 : if (!ret) {
1232 [ # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: packet decryption failure (%u bytes), peer=%d\n", m_recv_len, m_nodeid);
1233 : 0 : return false;
1234 : : }
1235 : : // We have decrypted a valid packet with the AAD we expected, so clear the expected AAD.
1236 : 33655 : ClearShrink(m_recv_aad);
1237 : : // Feed the last 4 bytes of the Poly1305 authentication tag (and its timing) into our RNG.
1238 [ - + ]: 33655 : RandAddEvent(ReadLE32(m_recv_buffer.data() + m_recv_buffer.size() - 4));
1239 : :
1240 : : // At this point we have a valid packet decrypted into m_recv_decode_buffer. If it's not a
1241 : : // decoy, which we simply ignore, use the current state to decide what to do with it.
1242 [ + - ]: 33655 : if (!ignore) {
1243 [ + + - ]: 33655 : switch (m_recv_state) {
1244 : 2282 : case RecvState::VERSION:
1245 : : // Version message received; transition to application phase. The contents is
1246 : : // ignored, but can be used for future extensions.
1247 : 2282 : SetReceiveState(RecvState::APP);
1248 : 2282 : break;
1249 : 31373 : case RecvState::APP:
1250 : : // Application message decrypted correctly. It can be extracted using GetMessage().
1251 : 31373 : SetReceiveState(RecvState::APP_READY);
1252 : 31373 : break;
1253 : 0 : default:
1254 : : // Any other state is invalid (this function should not have been called).
1255 : 0 : Assume(false);
1256 : : }
1257 : : }
1258 : : // Wipe the receive buffer where the next packet will be received into.
1259 : 33655 : ClearShrink(m_recv_buffer);
1260 : : // In all but APP_READY state, we can wipe the decoded contents.
1261 [ + + ]: 33655 : if (m_recv_state != RecvState::APP_READY) ClearShrink(m_recv_decode_buffer);
1262 : : } else {
1263 : : // We either have less than 3 bytes, so we don't know the packet's length yet, or more
1264 : : // than 3 bytes but less than the packet's full ciphertext. Wait until those arrive.
1265 : : }
1266 : : return true;
1267 : : }
1268 : :
1269 : 4208857 : size_t V2Transport::GetMaxBytesToProcess() noexcept
1270 : : {
1271 : 4208857 : AssertLockHeld(m_recv_mutex);
1272 [ + + + + : 4208857 : switch (m_recv_state) {
- - + ]
1273 : 1896 : case RecvState::KEY_MAYBE_V1:
1274 : : // During the KEY_MAYBE_V1 state we do not allow more than the length of v1 prefix into the
1275 : : // receive buffer.
1276 [ - + ]: 1896 : Assume(m_recv_buffer.size() <= V1_PREFIX_LEN);
1277 : : // As long as we're not sure if this is a v1 or v2 connection, don't receive more than what
1278 : : // is strictly necessary to distinguish the two (16 bytes). If we permitted more than
1279 : : // the v1 header size (24 bytes), we may not be able to feed the already-received bytes
1280 : : // back into the m_v1_fallback V1 transport.
1281 [ - + ]: 1896 : return V1_PREFIX_LEN - m_recv_buffer.size();
1282 : 3083 : case RecvState::KEY:
1283 : : // During the KEY state, we only allow the 64-byte key into the receive buffer.
1284 [ - + ]: 3083 : Assume(m_recv_buffer.size() <= EllSwiftPubKey::size());
1285 : : // As long as we have not received the other side's public key, don't receive more than
1286 : : // that (64 bytes), as garbage follows, and locating the garbage terminator requires the
1287 : : // key exchange first.
1288 [ - + ]: 3083 : return EllSwiftPubKey::size() - m_recv_buffer.size();
1289 : : case RecvState::GARB_GARBTERM:
1290 : : // Process garbage bytes one by one (because terminator may appear anywhere).
1291 : : return 1;
1292 : 94062 : case RecvState::VERSION:
1293 : 94062 : case RecvState::APP:
1294 : : // These three states all involve decoding a packet. Process the length descriptor first,
1295 : : // so that we know where the current packet ends (and we don't process bytes from the next
1296 : : // packet or decoy yet). Then, process the ciphertext bytes of the current packet.
1297 [ - + + + ]: 94062 : if (m_recv_buffer.size() < BIP324Cipher::LENGTH_LEN) {
1298 : 34607 : return BIP324Cipher::LENGTH_LEN - m_recv_buffer.size();
1299 : : } else {
1300 : : // Note that BIP324Cipher::EXPANSION is the total difference between contents size
1301 : : // and encoded packet size, which includes the 3 bytes due to the packet length.
1302 : : // When transitioning from receiving the packet length to receiving its ciphertext,
1303 : : // the encrypted packet length is left in the receive buffer.
1304 : 59455 : return BIP324Cipher::EXPANSION + m_recv_len - m_recv_buffer.size();
1305 : : }
1306 : 29977 : case RecvState::APP_READY:
1307 : : // No bytes can be processed until GetMessage() is called.
1308 : 29977 : return 0;
1309 : 0 : case RecvState::V1:
1310 : : // Not allowed (must be dealt with by the caller).
1311 : 0 : Assume(false);
1312 : 0 : return 0;
1313 : : }
1314 : 0 : Assume(false); // unreachable
1315 : 0 : return 0;
1316 : : }
1317 : :
1318 : 90124 : bool V2Transport::ReceivedBytes(std::span<const uint8_t>& msg_bytes) noexcept
1319 : : {
1320 : 90124 : AssertLockNotHeld(m_recv_mutex);
1321 : : /** How many bytes to allocate in the receive buffer at most above what is received so far. */
1322 : 90124 : static constexpr size_t MAX_RESERVE_AHEAD = 256 * 1024;
1323 : :
1324 : 90124 : LOCK(m_recv_mutex);
1325 [ + + ]: 90124 : if (m_recv_state == RecvState::V1) return m_v1_fallback.ReceivedBytes(msg_bytes);
1326 : :
1327 : : // Process the provided bytes in msg_bytes in a loop. In each iteration a nonzero number of
1328 : : // bytes (decided by GetMaxBytesToProcess) are taken from the beginning om msg_bytes, and
1329 : : // appended to m_recv_buffer. Then, depending on the receiver state, one of the
1330 : : // ProcessReceived*Bytes functions is called to process the bytes in that buffer.
1331 [ + + ]: 4246948 : while (!msg_bytes.empty()) {
1332 : : // Decide how many bytes to copy from msg_bytes to m_recv_buffer.
1333 : 4208857 : size_t max_read = GetMaxBytesToProcess();
1334 : :
1335 : : // Reserve space in the buffer if there is not enough.
1336 [ - + + + : 4246973 : if (m_recv_buffer.size() + std::min(msg_bytes.size(), max_read) > m_recv_buffer.capacity()) {
- + + + ]
1337 [ + + - - : 70100 : switch (m_recv_state) {
- ]
1338 : 2790 : case RecvState::KEY_MAYBE_V1:
1339 : 2790 : case RecvState::KEY:
1340 : 2790 : case RecvState::GARB_GARBTERM:
1341 : : // During the initial states (key/garbage), allocate once to fit the maximum (4111
1342 : : // bytes).
1343 : 2790 : m_recv_buffer.reserve(MAX_GARBAGE_LEN + BIP324Cipher::GARBAGE_TERMINATOR_LEN);
1344 : 2790 : break;
1345 : 67310 : case RecvState::VERSION:
1346 : 67310 : case RecvState::APP: {
1347 : : // During states where a packet is being received, as much as is expected but never
1348 : : // more than MAX_RESERVE_AHEAD bytes in addition to what is received so far.
1349 : : // This means attackers that want to cause us to waste allocated memory are limited
1350 : : // to MAX_RESERVE_AHEAD above the largest allowed message contents size, and to
1351 : : // MAX_RESERVE_AHEAD more than they've actually sent us.
1352 [ + - ]: 67310 : size_t alloc_add = std::min(max_read, msg_bytes.size() + MAX_RESERVE_AHEAD);
1353 : 67310 : m_recv_buffer.reserve(m_recv_buffer.size() + alloc_add);
1354 : 67310 : break;
1355 : : }
1356 : 0 : case RecvState::APP_READY:
1357 : : // The buffer is empty in this state.
1358 : 0 : Assume(m_recv_buffer.empty());
1359 : 0 : break;
1360 : 0 : case RecvState::V1:
1361 : : // Should have bailed out above.
1362 : 0 : Assume(false);
1363 : 0 : break;
1364 : : }
1365 : : }
1366 : :
1367 : : // Can't read more than provided input.
1368 [ + + ]: 4208857 : max_read = std::min(msg_bytes.size(), max_read);
1369 : : // Copy data to buffer.
1370 : 4208857 : m_recv_buffer.insert(m_recv_buffer.end(), UCharCast(msg_bytes.data()), UCharCast(msg_bytes.data() + max_read));
1371 [ + + + + : 4208857 : msg_bytes = msg_bytes.subspan(max_read);
- - + ]
1372 : :
1373 : : // Process data in the buffer.
1374 [ + + + + : 4208857 : switch (m_recv_state) {
- - + ]
1375 : 1896 : case RecvState::KEY_MAYBE_V1:
1376 : 1896 : ProcessReceivedMaybeV1Bytes();
1377 [ + + ]: 1896 : if (m_recv_state == RecvState::V1) return true;
1378 : : break;
1379 : :
1380 : 3083 : case RecvState::KEY:
1381 [ + - ]: 3083 : if (!ProcessReceivedKeyBytes()) return false;
1382 : : break;
1383 : :
1384 : 4079839 : case RecvState::GARB_GARBTERM:
1385 [ + - ]: 4079839 : if (!ProcessReceivedGarbageBytes()) return false;
1386 : : break;
1387 : :
1388 : 94062 : case RecvState::VERSION:
1389 : 94062 : case RecvState::APP:
1390 [ + - ]: 94062 : if (!ProcessReceivedPacketBytes()) return false;
1391 : : break;
1392 : :
1393 : : case RecvState::APP_READY:
1394 : : return true;
1395 : :
1396 : 0 : case RecvState::V1:
1397 : : // We should have bailed out before.
1398 : 0 : Assume(false);
1399 : 0 : break;
1400 : : }
1401 : : // Make sure we have made progress before continuing.
1402 : 4178372 : Assume(max_read > 0);
1403 : : }
1404 : :
1405 : : return true;
1406 : 90124 : }
1407 : :
1408 : 31373 : std::optional<std::string> V2Transport::GetMessageType(std::span<const uint8_t>& contents) noexcept
1409 : : {
1410 [ - + ]: 31373 : if (contents.size() == 0) return std::nullopt; // Empty contents
1411 [ + + ]: 31373 : uint8_t first_byte = contents[0];
1412 [ + + ]: 31373 : contents = contents.subspan(1); // Strip first byte.
1413 : :
1414 [ + + ]: 31373 : if (first_byte != 0) {
1415 : : // Short (1 byte) encoding.
1416 [ + - ]: 24752 : if (first_byte < std::size(V2_MESSAGE_IDS)) {
1417 : : // Valid short message id.
1418 [ - + ]: 49504 : return V2_MESSAGE_IDS[first_byte];
1419 : : } else {
1420 : : // Unknown short message id.
1421 : 0 : return std::nullopt;
1422 : : }
1423 : : }
1424 : :
1425 [ - + ]: 6621 : if (contents.size() < CMessageHeader::MESSAGE_TYPE_SIZE) {
1426 : 0 : return std::nullopt; // Long encoding needs 12 message type bytes.
1427 : : }
1428 : :
1429 : : size_t msg_type_len{0};
1430 [ + + + + ]: 49719 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE && contents[msg_type_len] != 0) {
1431 : : // Verify that message type bytes before the first 0x00 are in range.
1432 [ - + + - ]: 43098 : if (contents[msg_type_len] < ' ' || contents[msg_type_len] > 0x7F) {
1433 : 0 : return {};
1434 : : }
1435 : 43098 : ++msg_type_len;
1436 : : }
1437 : 6621 : std::string ret{reinterpret_cast<const char*>(contents.data()), msg_type_len};
1438 [ + + ]: 42975 : while (msg_type_len < CMessageHeader::MESSAGE_TYPE_SIZE) {
1439 : : // Verify that message type bytes after the first 0x00 are also 0x00.
1440 [ - + ]: 36354 : if (contents[msg_type_len] != 0) return {};
1441 : 36354 : ++msg_type_len;
1442 : : }
1443 : : // Strip message type bytes of contents.
1444 : 6621 : contents = contents.subspan(CMessageHeader::MESSAGE_TYPE_SIZE);
1445 : 6621 : return ret;
1446 : 6621 : }
1447 : :
1448 : 41416 : CNetMessage V2Transport::GetReceivedMessage(std::chrono::microseconds time, bool& reject_message) noexcept
1449 : : {
1450 : 41416 : AssertLockNotHeld(m_recv_mutex);
1451 : 41416 : LOCK(m_recv_mutex);
1452 [ + + ]: 41416 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetReceivedMessage(time, reject_message);
1453 : :
1454 : 31373 : Assume(m_recv_state == RecvState::APP_READY);
1455 [ - + ]: 31373 : std::span<const uint8_t> contents{m_recv_decode_buffer};
1456 : 31373 : auto msg_type = GetMessageType(contents);
1457 : 31373 : CNetMessage msg{DataStream{}};
1458 : : // Note that BIP324Cipher::EXPANSION also includes the length descriptor size.
1459 [ - + ]: 31373 : msg.m_raw_message_size = m_recv_decode_buffer.size() + BIP324Cipher::EXPANSION;
1460 [ + - ]: 31373 : if (msg_type) {
1461 : 31373 : reject_message = false;
1462 : 31373 : msg.m_type = std::move(*msg_type);
1463 : 31373 : msg.m_time = time;
1464 : 31373 : msg.m_message_size = contents.size();
1465 : 31373 : msg.m_recv.resize(contents.size());
1466 : 31373 : std::copy(contents.begin(), contents.end(), UCharCast(msg.m_recv.data()));
1467 : : } else {
1468 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 transport error: invalid message type (%u bytes contents), peer=%d\n", m_recv_decode_buffer.size(), m_nodeid);
1469 : 0 : reject_message = true;
1470 : : }
1471 : 31373 : ClearShrink(m_recv_decode_buffer);
1472 : 31373 : SetReceiveState(RecvState::APP);
1473 : :
1474 : 31373 : return msg;
1475 : 31373 : }
1476 : :
1477 : 155257 : bool V2Transport::SetMessageToSend(CSerializedNetMsg& msg) noexcept
1478 : : {
1479 : 155257 : AssertLockNotHeld(m_send_mutex);
1480 : 155257 : LOCK(m_send_mutex);
1481 [ + + ]: 155257 : if (m_send_state == SendState::V1) return m_v1_fallback.SetMessageToSend(msg);
1482 : : // We only allow adding a new message to be sent when in the READY state (so the packet cipher
1483 : : // is available) and the send buffer is empty. This limits the number of messages in the send
1484 : : // buffer to just one, and leaves the responsibility for queueing them up to the caller.
1485 [ + + + + ]: 146989 : if (!(m_send_state == SendState::READY && m_send_buffer.empty())) return false;
1486 : : // Construct contents (encoding message type + payload).
1487 : 31373 : std::vector<uint8_t> contents;
1488 : 31373 : auto short_message_id = V2_MESSAGE_MAP(msg.m_type);
1489 [ + + ]: 31373 : if (short_message_id) {
1490 [ - + ]: 24752 : contents.resize(1 + msg.data.size());
1491 : 24752 : contents[0] = *short_message_id;
1492 : 24752 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1);
1493 : : } else {
1494 : : // Initialize with zeroes, and then write the message type string starting at offset 1.
1495 : : // This means contents[0] and the unused positions in contents[1..13] remain 0x00.
1496 [ - + ]: 6621 : contents.resize(1 + CMessageHeader::MESSAGE_TYPE_SIZE + msg.data.size(), 0);
1497 [ - + ]: 6621 : std::copy(msg.m_type.begin(), msg.m_type.end(), contents.data() + 1);
1498 : 6621 : std::copy(msg.data.begin(), msg.data.end(), contents.begin() + 1 + CMessageHeader::MESSAGE_TYPE_SIZE);
1499 : : }
1500 : : // Construct ciphertext in send buffer.
1501 [ - + ]: 31373 : m_send_buffer.resize(contents.size() + BIP324Cipher::EXPANSION);
1502 : 31373 : m_cipher.Encrypt(MakeByteSpan(contents), {}, false, MakeWritableByteSpan(m_send_buffer));
1503 : 31373 : m_send_type = msg.m_type;
1504 : : // Release memory
1505 : 31373 : ClearShrink(msg.data);
1506 : 31373 : return true;
1507 : 31373 : }
1508 : :
1509 : 1203078 : Transport::BytesToSend V2Transport::GetBytesToSend(bool have_next_message) const noexcept
1510 : : {
1511 : 1203078 : AssertLockNotHeld(m_send_mutex);
1512 : 1203078 : LOCK(m_send_mutex);
1513 [ + + ]: 1203078 : if (m_send_state == SendState::V1) return m_v1_fallback.GetBytesToSend(have_next_message);
1514 : :
1515 [ + + ]: 1054110 : if (m_send_state == SendState::MAYBE_V1) Assume(m_send_buffer.empty());
1516 [ - + ]: 1054110 : Assume(m_send_pos <= m_send_buffer.size());
1517 : 1054110 : return {
1518 [ - + + + ]: 1054110 : std::span{m_send_buffer}.subspan(m_send_pos),
1519 : : // We only have more to send after the current m_send_buffer if there is a (next)
1520 : : // message to be sent, and we're capable of sending packets. */
1521 [ + + + + ]: 1054110 : have_next_message && m_send_state == SendState::READY,
1522 : 1054110 : m_send_type
1523 : 1054110 : };
1524 : 1203078 : }
1525 : :
1526 : 136879 : void V2Transport::MarkBytesSent(size_t bytes_sent) noexcept
1527 : : {
1528 : 136879 : AssertLockNotHeld(m_send_mutex);
1529 : 136879 : LOCK(m_send_mutex);
1530 [ + + + - ]: 136879 : if (m_send_state == SendState::V1) return m_v1_fallback.MarkBytesSent(bytes_sent);
1531 : :
1532 [ + + + + : 121156 : if (m_send_state == SendState::AWAITING_KEY && m_send_pos == 0 && bytes_sent > 0) {
+ - ]
1533 [ - + ]: 1246 : LogDebug(BCLog::NET, "start sending v2 handshake to peer=%d\n", m_nodeid);
1534 : : }
1535 : :
1536 : 121156 : m_send_pos += bytes_sent;
1537 [ - + ]: 121156 : Assume(m_send_pos <= m_send_buffer.size());
1538 [ + + ]: 121156 : if (m_send_pos >= CMessageHeader::HEADER_SIZE) {
1539 : 81961 : m_sent_v1_header_worth = true;
1540 : : }
1541 : : // Wipe the buffer when everything is sent.
1542 [ - + + + ]: 121156 : if (m_send_pos == m_send_buffer.size()) {
1543 : 34340 : m_send_pos = 0;
1544 : 34340 : ClearShrink(m_send_buffer);
1545 : : }
1546 : 136879 : }
1547 : :
1548 : 0 : bool V2Transport::ShouldReconnectV1() const noexcept
1549 : : {
1550 : 0 : AssertLockNotHeld(m_send_mutex);
1551 : 0 : AssertLockNotHeld(m_recv_mutex);
1552 : : // Only outgoing connections need reconnection.
1553 [ # # ]: 0 : if (!m_initiating) return false;
1554 : :
1555 : 0 : LOCK(m_recv_mutex);
1556 : : // We only reconnect in the very first state and when the receive buffer is empty. Together
1557 : : // these conditions imply nothing has been received so far.
1558 [ # # ]: 0 : if (m_recv_state != RecvState::KEY) return false;
1559 [ # # ]: 0 : if (!m_recv_buffer.empty()) return false;
1560 : : // Check if we've sent enough for the other side to disconnect us (if it was V1).
1561 : 0 : LOCK(m_send_mutex);
1562 [ # # ]: 0 : return m_sent_v1_header_worth;
1563 : 0 : }
1564 : :
1565 : 0 : size_t V2Transport::GetSendMemoryUsage() const noexcept
1566 : : {
1567 : 0 : AssertLockNotHeld(m_send_mutex);
1568 : 0 : LOCK(m_send_mutex);
1569 [ # # ]: 0 : if (m_send_state == SendState::V1) return m_v1_fallback.GetSendMemoryUsage();
1570 : :
1571 [ # # ]: 0 : return sizeof(m_send_buffer) + memusage::DynamicUsage(m_send_buffer);
1572 : 0 : }
1573 : :
1574 : 3019 : Transport::Info V2Transport::GetInfo() const noexcept
1575 : : {
1576 : 3019 : AssertLockNotHeld(m_recv_mutex);
1577 : 3019 : LOCK(m_recv_mutex);
1578 [ + + ]: 3019 : if (m_recv_state == RecvState::V1) return m_v1_fallback.GetInfo();
1579 : :
1580 [ + + ]: 2511 : Transport::Info info;
1581 : :
1582 : : // Do not report v2 and session ID until the version packet has been received
1583 : : // and verified (confirming that the other side very likely has the same keys as us).
1584 [ + + ]: 2511 : if (m_recv_state != RecvState::KEY_MAYBE_V1 && m_recv_state != RecvState::KEY &&
1585 : : m_recv_state != RecvState::GARB_GARBTERM && m_recv_state != RecvState::VERSION) {
1586 : 2282 : info.transport_type = TransportProtocolType::V2;
1587 : 2282 : info.session_id = uint256(MakeUCharSpan(m_cipher.GetSessionID()));
1588 : : } else {
1589 : 229 : info.transport_type = TransportProtocolType::DETECTING;
1590 : : }
1591 : :
1592 : 2511 : return info;
1593 : 3019 : }
1594 : :
1595 : 38543 : std::pair<size_t, bool> CConnman::SocketSendData(CNode& node) const
1596 : : {
1597 : 38543 : auto it = node.vSendMsg.begin();
1598 : 38543 : size_t nSentSize = 0;
1599 : 38543 : bool data_left{false}; //!< second return value (whether unsent data remains)
1600 : 38543 : std::optional<bool> expected_more;
1601 : :
1602 : 80022 : while (true) {
1603 [ + + ]: 80022 : if (it != node.vSendMsg.end()) {
1604 : : // If possible, move one message from the send queue to the transport. This fails when
1605 : : // there is an existing message still being sent, or (for v2 transports) when the
1606 : : // handshake has not yet completed.
1607 : 38543 : size_t memusage = it->GetMemoryUsage();
1608 [ + - ]: 38543 : if (node.m_transport->SetMessageToSend(*it)) {
1609 : : // Update memory usage of send buffer (as *it will be deleted).
1610 : 38543 : node.m_send_memusage -= memusage;
1611 : 38543 : ++it;
1612 : : }
1613 : : }
1614 [ + + ]: 80022 : const auto& [data, more, msg_type] = node.m_transport->GetBytesToSend(it != node.vSendMsg.end());
1615 : : // We rely on the 'more' value returned by GetBytesToSend to correctly predict whether more
1616 : : // bytes are still to be sent, to correctly set the MSG_MORE flag. As a sanity check,
1617 : : // verify that the previously returned 'more' was correct.
1618 [ + + ]: 80022 : if (expected_more.has_value()) Assume(!data.empty() == *expected_more);
1619 [ + + ]: 80022 : expected_more = more;
1620 [ + + ]: 80022 : data_left = !data.empty(); // will be overwritten on next loop if all of data gets sent
1621 : 80022 : int nBytes = 0;
1622 [ + + ]: 80022 : if (!data.empty()) {
1623 : 54791 : LOCK(node.m_sock_mutex);
1624 : : // There is no socket in case we've already disconnected, or in test cases without
1625 : : // real connections. In these cases, we bail out immediately and just leave things
1626 : : // in the send queue and transport.
1627 [ + + ]: 54791 : if (!node.m_sock) {
1628 : : break;
1629 : : }
1630 : 47450 : int flags = MSG_NOSIGNAL | MSG_DONTWAIT;
1631 : : #ifdef MSG_MORE
1632 [ + + ]: 47450 : if (more) {
1633 : 19887 : flags |= MSG_MORE;
1634 : : }
1635 : : #endif
1636 [ + - + - ]: 47450 : nBytes = node.m_sock->Send(data.data(), data.size(), flags);
1637 : 7341 : }
1638 [ + + ]: 47450 : if (nBytes > 0) {
1639 : 45278 : node.m_last_send = GetTime<std::chrono::seconds>();
1640 : 45278 : node.nSendBytes += nBytes;
1641 : : // Notify transport that bytes have been processed.
1642 : 45278 : node.m_transport->MarkBytesSent(nBytes);
1643 : : // Update statistics per message type.
1644 [ + + ]: 45278 : if (!msg_type.empty()) { // don't report v2 handshake bytes for now
1645 : 45253 : node.AccountForSentBytes(msg_type, nBytes);
1646 : : }
1647 : 45278 : nSentSize += nBytes;
1648 [ + + ]: 45278 : if ((size_t)nBytes != data.size()) {
1649 : : // could not send full message; stop sending more
1650 : : break;
1651 : : }
1652 : : } else {
1653 [ + + ]: 27403 : if (nBytes < 0) {
1654 : : // error
1655 : 1842 : int nErr = WSAGetLastError();
1656 [ + + + + ]: 1842 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS) {
1657 [ - + - - : 1672 : LogDebug(BCLog::NET, "socket send error, %s: %s\n", node.DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
1658 : 1672 : node.CloseSocketDisconnect();
1659 : : }
1660 : : }
1661 : : break;
1662 : : }
1663 : : }
1664 : :
1665 [ + - ]: 38543 : node.fPauseSend = node.m_send_memusage + node.m_transport->GetSendMemoryUsage() > nSendBufferMaxSize;
1666 : :
1667 [ + - ]: 38543 : if (it == node.vSendMsg.end()) {
1668 [ - + ]: 38543 : assert(node.m_send_memusage == 0);
1669 : : }
1670 : 38543 : node.vSendMsg.erase(node.vSendMsg.begin(), it);
1671 : 38543 : return {nSentSize, data_left};
1672 : : }
1673 : :
1674 : : /** Try to find a connection to evict when the node is full.
1675 : : * Extreme care must be taken to avoid opening the node to attacker
1676 : : * triggered network partitioning.
1677 : : * The strategy used here is to protect a small number of peers
1678 : : * for each of several distinct characteristics which are difficult
1679 : : * to forge. In order to partition a node the attacker must be
1680 : : * simultaneously better at all of them than honest peers.
1681 : : */
1682 : 1084 : bool CConnman::AttemptToEvictConnection()
1683 : : {
1684 : 1084 : std::vector<NodeEvictionCandidate> vEvictionCandidates;
1685 : 1084 : {
1686 : :
1687 [ + - ]: 1084 : LOCK(m_nodes_mutex);
1688 [ + + ]: 42331 : for (const CNode* node : m_nodes) {
1689 [ - + ]: 41247 : if (node->fDisconnect)
1690 : 0 : continue;
1691 : 41247 : NodeEvictionCandidate candidate{
1692 : 41247 : .id = node->GetId(),
1693 : : .m_connected = node->m_connected,
1694 : 41247 : .m_min_ping_time = node->m_min_ping_time,
1695 : 41247 : .m_last_block_time = node->m_last_block_time,
1696 : 41247 : .m_last_tx_time = node->m_last_tx_time,
1697 [ + - ]: 41247 : .fRelevantServices = node->m_has_all_wanted_services,
1698 : 41247 : .m_relay_txs = node->m_relays_txs.load(),
1699 : 41247 : .fBloomFilter = node->m_bloom_filter_loaded.load(),
1700 : 41247 : .nKeyedNetGroup = node->nKeyedNetGroup,
1701 : 41247 : .prefer_evict = node->m_prefer_evict,
1702 [ + - ]: 41247 : .m_is_local = node->addr.IsLocal(),
1703 : 41247 : .m_network = node->ConnectedThroughNetwork(),
1704 : 41247 : .m_noban = node->HasPermission(NetPermissionFlags::NoBan),
1705 : 41247 : .m_conn_type = node->m_conn_type,
1706 [ + - + - : 82494 : };
+ - ]
1707 [ + - ]: 41247 : vEvictionCandidates.push_back(candidate);
1708 : : }
1709 : 0 : }
1710 [ + - ]: 1084 : const std::optional<NodeId> node_id_to_evict = SelectNodeToEvict(std::move(vEvictionCandidates));
1711 [ - + ]: 1084 : if (!node_id_to_evict) {
1712 : : return false;
1713 : : }
1714 [ # # ]: 0 : LOCK(m_nodes_mutex);
1715 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1716 [ # # ]: 0 : if (pnode->GetId() == *node_id_to_evict) {
1717 [ # # # # : 0 : LogDebug(BCLog::NET, "selected %s connection for eviction, %s", pnode->ConnectionTypeAsString(), pnode->DisconnectMsg(fLogIPs));
# # # # ]
1718 : : TRACEPOINT(net, evicted_inbound_connection,
1719 : : pnode->GetId(),
1720 : : pnode->m_addr_name.c_str(),
1721 : : pnode->ConnectionTypeAsString().c_str(),
1722 : : pnode->ConnectedThroughNetwork(),
1723 : 0 : Ticks<std::chrono::seconds>(pnode->m_connected));
1724 : 0 : pnode->fDisconnect = true;
1725 : 0 : return true;
1726 : : }
1727 : : }
1728 : : return false;
1729 : 1084 : }
1730 : :
1731 : 0 : void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
1732 : 0 : struct sockaddr_storage sockaddr;
1733 : 0 : socklen_t len = sizeof(sockaddr);
1734 : 0 : auto sock = hListenSocket.sock->Accept((struct sockaddr*)&sockaddr, &len);
1735 : :
1736 [ # # ]: 0 : if (!sock) {
1737 : 0 : const int nErr = WSAGetLastError();
1738 [ # # ]: 0 : if (nErr != WSAEWOULDBLOCK) {
1739 [ # # # # ]: 0 : LogPrintf("socket error accept failed: %s\n", NetworkErrorString(nErr));
1740 : : }
1741 : 0 : return;
1742 : : }
1743 : :
1744 [ # # ]: 0 : CService addr;
1745 [ # # # # ]: 0 : if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr, len)) {
1746 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Warning, "Unknown socket family\n");
# # ]
1747 : : } else {
1748 [ # # ]: 0 : addr = MaybeFlipIPv6toCJDNS(addr);
1749 : : }
1750 : :
1751 [ # # # # ]: 0 : const CService addr_bind{MaybeFlipIPv6toCJDNS(GetBindAddress(*sock))};
1752 : :
1753 : 0 : NetPermissionFlags permission_flags = NetPermissionFlags::None;
1754 [ # # ]: 0 : hListenSocket.AddSocketPermissionFlags(permission_flags);
1755 : :
1756 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(sock), permission_flags, addr_bind, addr);
1757 : 0 : }
1758 : :
1759 : 1185 : void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
1760 : : NetPermissionFlags permission_flags,
1761 : : const CService& addr_bind,
1762 : : const CService& addr)
1763 : : {
1764 : 1185 : int nInbound = 0;
1765 : :
1766 [ - + ]: 1185 : const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
1767 : :
1768 : : // Tor inbound connections do not reveal the peer's actual network address.
1769 : : // Therefore do not apply address-based whitelist permissions to them.
1770 [ - + + - ]: 2370 : AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr, vWhitelistedRangeIncoming);
1771 : :
1772 : 1185 : {
1773 : 1185 : LOCK(m_nodes_mutex);
1774 [ + + ]: 43403 : for (const CNode* pnode : m_nodes) {
1775 [ + + ]: 42218 : if (pnode->IsInboundConn()) nInbound++;
1776 : : }
1777 : 1185 : }
1778 : :
1779 [ + + ]: 1185 : if (!fNetworkActive) {
1780 [ - + - - ]: 3 : LogDebug(BCLog::NET, "connection from %s dropped: not accepting new connections\n", addr.ToStringAddrPort());
1781 : 3 : return;
1782 : : }
1783 : :
1784 [ + + ]: 1182 : if (!sock->IsSelectable()) {
1785 [ + - ]: 98 : LogPrintf("connection from %s dropped: non-selectable socket\n", addr.ToStringAddrPort());
1786 : 98 : return;
1787 : : }
1788 : :
1789 : : // According to the internet TCP_NODELAY is not carried into accepted sockets
1790 : : // on all platforms. Set it again here just to be sure.
1791 : 1084 : const int on{1};
1792 [ + + ]: 1084 : if (sock->SetSockOpt(IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == SOCKET_ERROR) {
1793 [ - + - - ]: 1038 : LogDebug(BCLog::NET, "connection from %s: unable to set TCP_NODELAY, continuing anyway\n",
1794 : : addr.ToStringAddrPort());
1795 : : }
1796 : :
1797 : : // Don't accept connections from banned peers.
1798 [ - + - - ]: 1084 : bool banned = m_banman && m_banman->IsBanned(addr);
1799 [ + + - + ]: 1084 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && banned)
1800 : : {
1801 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToStringAddrPort());
1802 : 0 : return;
1803 : : }
1804 : :
1805 : : // Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
1806 [ - + - - ]: 1084 : bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
1807 [ + + + - : 1084 : if (!NetPermissions::HasFlag(permission_flags, NetPermissionFlags::NoBan) && nInbound + 1 >= m_max_inbound && discouraged)
+ - ]
1808 : : {
1809 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToStringAddrPort());
1810 : 0 : return;
1811 : : }
1812 : :
1813 [ + - ]: 1084 : if (nInbound >= m_max_inbound)
1814 : : {
1815 [ + - ]: 1084 : if (!AttemptToEvictConnection()) {
1816 : : // No connection to evict, disconnect the new connection
1817 [ - + ]: 1084 : LogDebug(BCLog::NET, "failed to find an eviction candidate - connection dropped (full)\n");
1818 : 1084 : return;
1819 : : }
1820 : : }
1821 : :
1822 : 0 : NodeId id = GetNewNodeId();
1823 : 0 : uint64_t nonce = GetDeterministicRandomizer(RANDOMIZER_ID_LOCALHOSTNONCE).Write(id).Finalize();
1824 : :
1825 : : // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
1826 : : // detected, so use it whenever we signal NODE_P2P_V2.
1827 : 0 : ServiceFlags local_services = GetLocalServices();
1828 : 0 : const bool use_v2transport(local_services & NODE_P2P_V2);
1829 : :
1830 : 0 : uint64_t network_id = GetDeterministicRandomizer(RANDOMIZER_ID_NETWORKKEY)
1831 [ # # ]: 0 : .Write(inbound_onion ? NET_ONION : addr.GetNetClass())
1832 [ # # # # ]: 0 : .Write(addr_bind.GetAddrBytes())
1833 [ # # # # ]: 0 : .Write(addr_bind.GetPort()) // inbound connections use bind port
1834 [ # # ]: 0 : .Finalize();
1835 : 0 : CNode* pnode = new CNode(id,
1836 : 0 : std::move(sock),
1837 [ # # ]: 0 : CAddress{addr, NODE_NONE},
1838 : : CalculateKeyedNetGroup(addr),
1839 : : nonce,
1840 : : addr_bind,
1841 : 0 : /*addrNameIn=*/"",
1842 : : ConnectionType::INBOUND,
1843 : : inbound_onion,
1844 : : network_id,
1845 : 0 : CNodeOptions{
1846 : : .permission_flags = permission_flags,
1847 : : .prefer_evict = discouraged,
1848 : 0 : .recv_flood_size = nReceiveFloodSize,
1849 : : .use_v2transport = use_v2transport,
1850 [ # # # # : 0 : });
# # # # ]
1851 : 0 : pnode->AddRef();
1852 : 0 : m_msgproc->InitializeNode(*pnode, local_services);
1853 : 0 : {
1854 : 0 : LOCK(m_nodes_mutex);
1855 [ # # ]: 0 : m_nodes.push_back(pnode);
1856 : 0 : }
1857 [ # # # # ]: 0 : LogDebug(BCLog::NET, "connection from %s accepted\n", addr.ToStringAddrPort());
1858 : : TRACEPOINT(net, inbound_connection,
1859 : : pnode->GetId(),
1860 : : pnode->m_addr_name.c_str(),
1861 : : pnode->ConnectionTypeAsString().c_str(),
1862 : : pnode->ConnectedThroughNetwork(),
1863 : 0 : GetNodeCount(ConnectionDirection::In));
1864 : :
1865 : : // We received a new connection, harvest entropy from the time (and our peer count)
1866 : 0 : RandAddEvent((uint32_t)id);
1867 : : }
1868 : :
1869 : 0 : bool CConnman::AddConnection(const std::string& address, ConnectionType conn_type, bool use_v2transport = false)
1870 : : {
1871 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
1872 : 0 : std::optional<int> max_connections;
1873 [ # # # # ]: 0 : switch (conn_type) {
1874 : : case ConnectionType::INBOUND:
1875 : : case ConnectionType::MANUAL:
1876 : : return false;
1877 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
1878 : 0 : max_connections = m_max_outbound_full_relay;
1879 : 0 : break;
1880 : 0 : case ConnectionType::BLOCK_RELAY:
1881 : 0 : max_connections = m_max_outbound_block_relay;
1882 : 0 : break;
1883 : : // no limit for ADDR_FETCH because -seednode has no limit either
1884 : : case ConnectionType::ADDR_FETCH:
1885 : : break;
1886 : : // no limit for FEELER connections since they're short-lived
1887 : : case ConnectionType::FEELER:
1888 : : break;
1889 : : } // no default case, so the compiler can warn about missing cases
1890 : :
1891 : : // Count existing connections
1892 [ # # # # ]: 0 : int existing_connections = WITH_LOCK(m_nodes_mutex,
1893 : : return std::count_if(m_nodes.begin(), m_nodes.end(), [conn_type](CNode* node) { return node->m_conn_type == conn_type; }););
1894 : :
1895 : : // Max connections of specified type already exist
1896 [ # # ]: 0 : if (max_connections != std::nullopt && existing_connections >= max_connections) return false;
1897 : :
1898 : : // Max total outbound connections already exist
1899 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, true);
1900 [ # # ]: 0 : if (!grant) return false;
1901 : :
1902 [ # # # # : 0 : OpenNetworkConnection(CAddress(), false, std::move(grant), address.c_str(), conn_type, /*use_v2transport=*/use_v2transport);
# # ]
1903 : 0 : return true;
1904 : : }
1905 : :
1906 : 0 : void CConnman::DisconnectNodes()
1907 : : {
1908 : 0 : AssertLockNotHeld(m_nodes_mutex);
1909 : 0 : AssertLockNotHeld(m_reconnections_mutex);
1910 : :
1911 : : // Use a temporary variable to accumulate desired reconnections, so we don't need
1912 : : // m_reconnections_mutex while holding m_nodes_mutex.
1913 [ # # ]: 0 : decltype(m_reconnections) reconnections_to_add;
1914 : :
1915 : 0 : {
1916 [ # # ]: 0 : LOCK(m_nodes_mutex);
1917 : :
1918 [ # # ]: 0 : const bool network_active{fNetworkActive};
1919 [ # # ]: 0 : if (!network_active) {
1920 : : // Disconnect any connected nodes
1921 [ # # ]: 0 : for (CNode* pnode : m_nodes) {
1922 [ # # ]: 0 : if (!pnode->fDisconnect) {
1923 [ # # # # : 0 : LogDebug(BCLog::NET, "Network not active, %s\n", pnode->DisconnectMsg(fLogIPs));
# # # # ]
1924 : 0 : pnode->fDisconnect = true;
1925 : : }
1926 : : }
1927 : : }
1928 : :
1929 : : // Disconnect unused nodes
1930 [ # # ]: 0 : std::vector<CNode*> nodes_copy = m_nodes;
1931 [ # # ]: 0 : for (CNode* pnode : nodes_copy)
1932 : : {
1933 [ # # ]: 0 : if (pnode->fDisconnect)
1934 : : {
1935 : : // remove from m_nodes
1936 : 0 : m_nodes.erase(remove(m_nodes.begin(), m_nodes.end(), pnode), m_nodes.end());
1937 : :
1938 : : // Add to reconnection list if appropriate. We don't reconnect right here, because
1939 : : // the creation of a connection is a blocking operation (up to several seconds),
1940 : : // and we don't want to hold up the socket handler thread for that long.
1941 [ # # # # ]: 0 : if (network_active && pnode->m_transport->ShouldReconnectV1()) {
1942 : 0 : reconnections_to_add.push_back({
1943 : 0 : .addr_connect = pnode->addr,
1944 [ # # ]: 0 : .grant = std::move(pnode->grantOutbound),
1945 : 0 : .destination = pnode->m_dest,
1946 : 0 : .conn_type = pnode->m_conn_type,
1947 : : .use_v2transport = false});
1948 [ # # # # : 0 : LogDebug(BCLog::NET, "retrying with v1 transport protocol for peer=%d\n", pnode->GetId());
# # ]
1949 : : }
1950 : :
1951 : : // release outbound grant (if any)
1952 : 0 : pnode->grantOutbound.Release();
1953 : :
1954 : : // close socket and cleanup
1955 [ # # ]: 0 : pnode->CloseSocketDisconnect();
1956 : :
1957 : : // update connection count by network
1958 [ # # # # ]: 0 : if (pnode->IsManualOrFullOutboundConn()) --m_network_conn_counts[pnode->addr.GetNetwork()];
1959 : :
1960 : : // hold in disconnected pool until all refs are released
1961 [ # # ]: 0 : pnode->Release();
1962 [ # # ]: 0 : m_nodes_disconnected.push_back(pnode);
1963 : : }
1964 : : }
1965 [ # # ]: 0 : }
1966 : 0 : {
1967 : : // Delete disconnected nodes
1968 [ # # ]: 0 : std::list<CNode*> nodes_disconnected_copy = m_nodes_disconnected;
1969 [ # # ]: 0 : for (CNode* pnode : nodes_disconnected_copy)
1970 : : {
1971 : : // Destroy the object only after other threads have stopped using it.
1972 [ # # ]: 0 : if (pnode->GetRefCount() <= 0) {
1973 : 0 : m_nodes_disconnected.remove(pnode);
1974 [ # # ]: 0 : DeleteNode(pnode);
1975 : : }
1976 : : }
1977 : 0 : }
1978 : 0 : {
1979 : : // Move entries from reconnections_to_add to m_reconnections.
1980 [ # # ]: 0 : LOCK(m_reconnections_mutex);
1981 [ # # ]: 0 : m_reconnections.splice(m_reconnections.end(), std::move(reconnections_to_add));
1982 : 0 : }
1983 [ # # # # : 0 : }
# # ]
1984 : :
1985 : 0 : void CConnman::NotifyNumConnectionsChanged()
1986 : : {
1987 : 0 : size_t nodes_size;
1988 : 0 : {
1989 : 0 : LOCK(m_nodes_mutex);
1990 [ # # # # ]: 0 : nodes_size = m_nodes.size();
1991 : 0 : }
1992 [ # # ]: 0 : if(nodes_size != nPrevNodeCount) {
1993 : 0 : nPrevNodeCount = nodes_size;
1994 [ # # ]: 0 : if (m_client_interface) {
1995 : 0 : m_client_interface->NotifyNumConnectionsChanged(nodes_size);
1996 : : }
1997 : : }
1998 : 0 : }
1999 : :
2000 : 22979 : bool CConnman::ShouldRunInactivityChecks(const CNode& node, std::chrono::seconds now) const
2001 : : {
2002 : 22979 : return node.m_connected + m_peer_connect_timeout < now;
2003 : : }
2004 : :
2005 : 10 : bool CConnman::InactivityCheck(const CNode& node) const
2006 : : {
2007 : : // Tests that see disconnects after using mocktime can start nodes with a
2008 : : // large timeout. For example, -peertimeout=999999999.
2009 : 10 : const auto now{GetTime<std::chrono::seconds>()};
2010 : 10 : const auto last_send{node.m_last_send.load()};
2011 : 10 : const auto last_recv{node.m_last_recv.load()};
2012 : :
2013 [ - + ]: 10 : if (!ShouldRunInactivityChecks(node, now)) return false;
2014 : :
2015 [ # # ]: 0 : bool has_received{last_recv.count() != 0};
2016 : 0 : bool has_sent{last_send.count() != 0};
2017 : :
2018 [ # # ]: 0 : if (!has_received || !has_sent) {
2019 [ # # ]: 0 : std::string has_never;
2020 [ # # # # ]: 0 : if (!has_received) has_never += ", never received from peer";
2021 [ # # # # ]: 0 : if (!has_sent) has_never += ", never sent to peer";
2022 [ # # # # : 0 : LogDebug(BCLog::NET,
# # # # ]
2023 : : "socket no message in first %i seconds%s, %s\n",
2024 : : count_seconds(m_peer_connect_timeout),
2025 : : has_never,
2026 : : node.DisconnectMsg(fLogIPs)
2027 : : );
2028 : 0 : return true;
2029 : 0 : }
2030 : :
2031 [ # # ]: 0 : if (now > last_send + TIMEOUT_INTERVAL) {
2032 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2033 : : "socket sending timeout: %is, %s\n", count_seconds(now - last_send),
2034 : : node.DisconnectMsg(fLogIPs)
2035 : : );
2036 : 0 : return true;
2037 : : }
2038 : :
2039 [ # # ]: 0 : if (now > last_recv + TIMEOUT_INTERVAL) {
2040 [ # # # # ]: 0 : LogDebug(BCLog::NET,
2041 : : "socket receive timeout: %is, %s\n", count_seconds(now - last_recv),
2042 : : node.DisconnectMsg(fLogIPs)
2043 : : );
2044 : 0 : return true;
2045 : : }
2046 : :
2047 [ # # ]: 0 : if (!node.fSuccessfullyConnected) {
2048 [ # # ]: 0 : if (node.m_transport->GetInfo().transport_type == TransportProtocolType::DETECTING) {
2049 [ # # # # ]: 0 : LogDebug(BCLog::NET, "V2 handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2050 : : } else {
2051 [ # # # # ]: 0 : LogDebug(BCLog::NET, "version handshake timeout, %s\n", node.DisconnectMsg(fLogIPs));
2052 : : }
2053 : 0 : return true;
2054 : : }
2055 : :
2056 : : return false;
2057 : : }
2058 : :
2059 : 193 : Sock::EventsPerSock CConnman::GenerateWaitSockets(std::span<CNode* const> nodes)
2060 : : {
2061 : 193 : Sock::EventsPerSock events_per_sock;
2062 : :
2063 [ - + ]: 193 : for (const ListenSocket& hListenSocket : vhListenSocket) {
2064 [ # # ]: 0 : events_per_sock.emplace(hListenSocket.sock, Sock::Events{Sock::RECV});
2065 : : }
2066 : :
2067 [ + + ]: 14871 : for (CNode* pnode : nodes) {
2068 [ + - ]: 14678 : bool select_recv = !pnode->fPauseRecv;
2069 : 14678 : bool select_send;
2070 : 14678 : {
2071 [ + - ]: 14678 : LOCK(pnode->cs_vSend);
2072 : : // Sending is possible if either there are bytes to send right now, or if there will be
2073 : : // once a potential message from vSendMsg is handed to the transport. GetBytesToSend
2074 : : // determines both of these in a single call.
2075 [ + - ]: 14678 : const auto& [to_send, more, _msg_type] = pnode->m_transport->GetBytesToSend(!pnode->vSendMsg.empty());
2076 [ + - + - : 29356 : select_send = !to_send.empty() || more;
+ - ]
2077 : 14678 : }
2078 [ - + ]: 14678 : if (!select_recv && !select_send) continue;
2079 : :
2080 [ + - ]: 14678 : LOCK(pnode->m_sock_mutex);
2081 [ + - ]: 14678 : if (pnode->m_sock) {
2082 [ + - - + ]: 29356 : Sock::Event event = (select_send ? Sock::SEND : 0) | (select_recv ? Sock::RECV : 0);
2083 [ + - ]: 14678 : events_per_sock.emplace(pnode->m_sock, Sock::Events{event});
2084 : : }
2085 : 14678 : }
2086 : :
2087 : 193 : return events_per_sock;
2088 : 0 : }
2089 : :
2090 : 193 : void CConnman::SocketHandler()
2091 : : {
2092 : 193 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2093 : :
2094 [ + - ]: 193 : Sock::EventsPerSock events_per_sock;
2095 : :
2096 : 193 : {
2097 [ + - ]: 193 : const NodesSnapshot snap{*this, /*shuffle=*/false};
2098 : :
2099 : 193 : const auto timeout = std::chrono::milliseconds(SELECT_TIMEOUT_MILLISECONDS);
2100 : :
2101 : : // Check for the readiness of the already connected sockets and the
2102 : : // listening sockets in one call ("readiness" as in poll(2) or
2103 : : // select(2)). If none are ready, wait for a short while and return
2104 : : // empty sets.
2105 [ - + + - ]: 386 : events_per_sock = GenerateWaitSockets(snap.Nodes());
2106 [ + + + - : 193 : if (events_per_sock.empty() || !events_per_sock.begin()->first->WaitMany(timeout, events_per_sock)) {
- + ]
2107 [ + - ]: 2 : m_interrupt_net->sleep_for(timeout);
2108 : : }
2109 : :
2110 : : // Service (send/receive) each of the already connected nodes.
2111 [ + - ]: 193 : SocketHandlerConnected(snap.Nodes(), events_per_sock);
2112 : 193 : }
2113 : :
2114 : : // Accept new connections from listening sockets.
2115 [ + - ]: 193 : SocketHandlerListening(events_per_sock);
2116 : 193 : }
2117 : :
2118 : 193 : void CConnman::SocketHandlerConnected(const std::vector<CNode*>& nodes,
2119 : : const Sock::EventsPerSock& events_per_sock)
2120 : : {
2121 : 193 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2122 : :
2123 [ + + ]: 203 : for (CNode* pnode : nodes) {
2124 [ + + ]: 200 : if (m_interrupt_net->interrupted()) {
2125 : : return;
2126 : : }
2127 : :
2128 : : //
2129 : : // Receive
2130 : : //
2131 : 10 : bool recvSet = false;
2132 : 10 : bool sendSet = false;
2133 : 10 : bool errorSet = false;
2134 : 10 : {
2135 : 10 : LOCK(pnode->m_sock_mutex);
2136 [ - + ]: 10 : if (!pnode->m_sock) {
2137 [ # # ]: 0 : continue;
2138 : : }
2139 [ + - + - ]: 20 : const auto it = events_per_sock.find(pnode->m_sock);
2140 [ + - + - ]: 20 : if (it != events_per_sock.end()) {
2141 : 10 : recvSet = it->second.occurred & Sock::RECV;
2142 : 10 : sendSet = it->second.occurred & Sock::SEND;
2143 : 10 : errorSet = it->second.occurred & Sock::ERR;
2144 : : }
2145 : 0 : }
2146 : :
2147 [ - + ]: 10 : if (sendSet) {
2148 : : // Send data
2149 [ # # # # ]: 0 : auto [bytes_sent, data_left] = WITH_LOCK(pnode->cs_vSend, return SocketSendData(*pnode));
2150 [ # # ]: 0 : if (bytes_sent) {
2151 : 0 : RecordBytesSent(bytes_sent);
2152 : :
2153 : : // If both receiving and (non-optimistic) sending were possible, we first attempt
2154 : : // sending. If that succeeds, but does not fully drain the send queue, do not
2155 : : // attempt to receive. This avoids needlessly queueing data if the remote peer
2156 : : // is slow at receiving data, by means of TCP flow control. We only do this when
2157 : : // sending actually succeeded to make sure progress is always made; otherwise a
2158 : : // deadlock would be possible when both sides have data to send, but neither is
2159 : : // receiving.
2160 [ # # ]: 0 : if (data_left) recvSet = false;
2161 : : }
2162 : : }
2163 : :
2164 [ + + ]: 10 : if (recvSet || errorSet)
2165 : : {
2166 : : // typical socket buffer is 8K-64K
2167 : 9 : uint8_t pchBuf[0x10000];
2168 : 9 : int nBytes = 0;
2169 : 9 : {
2170 : 9 : LOCK(pnode->m_sock_mutex);
2171 [ - + ]: 9 : if (!pnode->m_sock) {
2172 [ # # ]: 0 : continue;
2173 : : }
2174 [ + - + - ]: 9 : nBytes = pnode->m_sock->Recv(pchBuf, sizeof(pchBuf), MSG_DONTWAIT);
2175 : 0 : }
2176 [ + + ]: 9 : if (nBytes > 0)
2177 : : {
2178 : 4 : bool notify = false;
2179 [ + - ]: 4 : if (!pnode->ReceiveMsgBytes({pchBuf, (size_t)nBytes}, notify)) {
2180 [ - + - - ]: 4 : LogDebug(BCLog::NET,
2181 : : "receiving message bytes failed, %s\n",
2182 : : pnode->DisconnectMsg(fLogIPs)
2183 : : );
2184 : 4 : pnode->CloseSocketDisconnect();
2185 : : }
2186 : 4 : RecordBytesRecv(nBytes);
2187 [ - + ]: 4 : if (notify) {
2188 : 0 : pnode->MarkReceivedMsgsForProcessing();
2189 : 0 : WakeMessageHandler();
2190 : : }
2191 : : }
2192 [ + + ]: 5 : else if (nBytes == 0)
2193 : : {
2194 : : // socket closed gracefully
2195 [ + - ]: 4 : if (!pnode->fDisconnect) {
2196 [ - + - - ]: 4 : LogDebug(BCLog::NET, "socket closed, %s\n", pnode->DisconnectMsg(fLogIPs));
2197 : : }
2198 : 4 : pnode->CloseSocketDisconnect();
2199 : : }
2200 [ + - ]: 1 : else if (nBytes < 0)
2201 : : {
2202 : : // error
2203 : 1 : int nErr = WSAGetLastError();
2204 [ + - + - ]: 1 : if (nErr != WSAEWOULDBLOCK && nErr != WSAEMSGSIZE && nErr != WSAEINTR && nErr != WSAEINPROGRESS)
2205 : : {
2206 [ + - ]: 1 : if (!pnode->fDisconnect) {
2207 [ - + - - : 1 : LogDebug(BCLog::NET, "socket recv error, %s: %s\n", pnode->DisconnectMsg(fLogIPs), NetworkErrorString(nErr));
- - ]
2208 : : }
2209 : 1 : pnode->CloseSocketDisconnect();
2210 : : }
2211 : : }
2212 : : }
2213 : :
2214 [ - + ]: 10 : if (InactivityCheck(*pnode)) pnode->fDisconnect = true;
2215 : : }
2216 : : }
2217 : :
2218 : 193 : void CConnman::SocketHandlerListening(const Sock::EventsPerSock& events_per_sock)
2219 : : {
2220 [ - + ]: 193 : for (const ListenSocket& listen_socket : vhListenSocket) {
2221 [ # # ]: 0 : if (m_interrupt_net->interrupted()) {
2222 : : return;
2223 : : }
2224 [ # # # # ]: 0 : const auto it = events_per_sock.find(listen_socket.sock);
2225 [ # # # # ]: 0 : if (it != events_per_sock.end() && it->second.occurred & Sock::RECV) {
2226 : 0 : AcceptConnection(listen_socket);
2227 : : }
2228 : : }
2229 : : }
2230 : :
2231 : 0 : void CConnman::ThreadSocketHandler()
2232 : : {
2233 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
2234 : :
2235 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2236 : 0 : DisconnectNodes();
2237 : 0 : NotifyNumConnectionsChanged();
2238 : 0 : SocketHandler();
2239 : : }
2240 : 0 : }
2241 : :
2242 : 0 : void CConnman::WakeMessageHandler()
2243 : : {
2244 : 0 : {
2245 : 0 : LOCK(mutexMsgProc);
2246 [ # # ]: 0 : fMsgProcWake = true;
2247 : 0 : }
2248 : 0 : condMsgProc.notify_one();
2249 : 0 : }
2250 : :
2251 : 0 : void CConnman::ThreadDNSAddressSeed()
2252 : : {
2253 : 0 : int outbound_connection_count = 0;
2254 : :
2255 [ # # # # ]: 0 : if (!gArgs.GetArgs("-seednode").empty()) {
2256 : 0 : auto start = NodeClock::now();
2257 : 0 : constexpr std::chrono::seconds SEEDNODE_TIMEOUT = 30s;
2258 : 0 : LogPrintf("-seednode enabled. Trying the provided seeds for %d seconds before defaulting to the dnsseeds.\n", SEEDNODE_TIMEOUT.count());
2259 [ # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2260 [ # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2261 : : return;
2262 : : }
2263 : :
2264 : : // Abort if we have spent enough time without reaching our target.
2265 : : // Giving seed nodes 30 seconds so this does not become a race against fixedseeds (which triggers after 1 min)
2266 [ # # ]: 0 : if (NodeClock::now() > start + SEEDNODE_TIMEOUT) {
2267 : 0 : LogPrintf("Couldn't connect to enough peers via seed nodes. Handing fetch logic to the DNS seeds.\n");
2268 : 0 : break;
2269 : : }
2270 : :
2271 : 0 : outbound_connection_count = GetFullOutboundConnCount();
2272 [ # # ]: 0 : if (outbound_connection_count >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2273 : 0 : LogPrintf("P2P peers available. Finished fetching data from seed nodes.\n");
2274 : 0 : break;
2275 : : }
2276 : : }
2277 : : }
2278 : :
2279 : 0 : FastRandomContext rng;
2280 [ # # ]: 0 : std::vector<std::string> seeds = m_params.DNSSeeds();
2281 : 0 : std::shuffle(seeds.begin(), seeds.end(), rng);
2282 : 0 : int seeds_right_now = 0; // Number of seeds left before testing if we have enough connections
2283 : :
2284 [ # # # # : 0 : if (gArgs.GetBoolArg("-forcednsseed", DEFAULT_FORCEDNSSEED)) {
# # ]
2285 : : // When -forcednsseed is provided, query all.
2286 [ # # ]: 0 : seeds_right_now = seeds.size();
2287 [ # # # # ]: 0 : } else if (addrman.Size() == 0) {
2288 : : // If we have no known peers, query all.
2289 : : // This will occur on the first run, or if peers.dat has been
2290 : : // deleted.
2291 [ # # ]: 0 : seeds_right_now = seeds.size();
2292 : : }
2293 : :
2294 : : // Proceed with dnsseeds if seednodes hasn't reached the target or if forcednsseed is set
2295 [ # # ]: 0 : if (outbound_connection_count < SEED_OUTBOUND_CONNECTION_THRESHOLD || seeds_right_now) {
2296 : : // goal: only query DNS seed if address need is acute
2297 : : // * If we have a reasonable number of peers in addrman, spend
2298 : : // some time trying them first. This improves user privacy by
2299 : : // creating fewer identifying DNS requests, reduces trust by
2300 : : // giving seeds less influence on the network topology, and
2301 : : // reduces traffic to the seeds.
2302 : : // * When querying DNS seeds query a few at once, this ensures
2303 : : // that we don't give DNS seeds the ability to eclipse nodes
2304 : : // that query them.
2305 : : // * If we continue having problems, eventually query all the
2306 : : // DNS seeds, and if that fails too, also try the fixed seeds.
2307 : : // (done in ThreadOpenConnections)
2308 : 0 : int found = 0;
2309 [ # # # # ]: 0 : const std::chrono::seconds seeds_wait_time = (addrman.Size() >= DNSSEEDS_DELAY_PEER_THRESHOLD ? DNSSEEDS_DELAY_MANY_PEERS : DNSSEEDS_DELAY_FEW_PEERS);
2310 : :
2311 [ # # ]: 0 : for (const std::string& seed : seeds) {
2312 [ # # ]: 0 : if (seeds_right_now == 0) {
2313 : 0 : seeds_right_now += DNSSEEDS_TO_QUERY_AT_ONCE;
2314 : :
2315 [ # # # # ]: 0 : if (addrman.Size() > 0) {
2316 [ # # ]: 0 : LogPrintf("Waiting %d seconds before querying DNS seeds.\n", seeds_wait_time.count());
2317 : 0 : std::chrono::seconds to_wait = seeds_wait_time;
2318 [ # # ]: 0 : while (to_wait.count() > 0) {
2319 : : // if sleeping for the MANY_PEERS interval, wake up
2320 : : // early to see if we have enough peers and can stop
2321 : : // this thread entirely freeing up its resources
2322 : 0 : std::chrono::seconds w = std::min(DNSSEEDS_DELAY_FEW_PEERS, to_wait);
2323 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(w)) return;
2324 [ # # ]: 0 : to_wait -= w;
2325 : :
2326 [ # # # # ]: 0 : if (GetFullOutboundConnCount() >= SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2327 [ # # ]: 0 : if (found > 0) {
2328 [ # # ]: 0 : LogPrintf("%d addresses found from DNS seeds\n", found);
2329 [ # # ]: 0 : LogPrintf("P2P peers available. Finished DNS seeding.\n");
2330 : : } else {
2331 [ # # ]: 0 : LogPrintf("P2P peers available. Skipped DNS seeding.\n");
2332 : : }
2333 : 0 : return;
2334 : : }
2335 : : }
2336 : : }
2337 : : }
2338 : :
2339 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) return;
2340 : :
2341 : : // hold off on querying seeds if P2P network deactivated
2342 [ # # ]: 0 : if (!fNetworkActive) {
2343 [ # # ]: 0 : LogPrintf("Waiting for network to be reactivated before querying DNS seeds.\n");
2344 : 0 : do {
2345 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(1s)) return;
2346 [ # # ]: 0 : } while (!fNetworkActive);
2347 : : }
2348 : :
2349 [ # # ]: 0 : LogPrintf("Loading addresses from DNS seed %s\n", seed);
2350 : : // If -proxy is in use, we make an ADDR_FETCH connection to the DNS resolved peer address
2351 : : // for the base dns seed domain in chainparams
2352 [ # # # # ]: 0 : if (HaveNameProxy()) {
2353 [ # # ]: 0 : AddAddrFetch(seed);
2354 : : } else {
2355 : 0 : std::vector<CAddress> vAdd;
2356 : 0 : constexpr ServiceFlags requiredServiceBits{SeedsServiceFlags()};
2357 [ # # ]: 0 : std::string host = strprintf("x%x.%s", requiredServiceBits, seed);
2358 [ # # ]: 0 : CNetAddr resolveSource;
2359 [ # # # # ]: 0 : if (!resolveSource.SetInternal(host)) {
2360 : 0 : continue;
2361 : : }
2362 : : // Limit number of IPs learned from a single DNS seed. This limit exists to prevent the results from
2363 : : // one DNS seed from dominating AddrMan. Note that the number of results from a UDP DNS query is
2364 : : // bounded to 33 already, but it is possible for it to use TCP where a larger number of results can be
2365 : : // returned.
2366 : 0 : unsigned int nMaxIPs = 32;
2367 [ # # # # ]: 0 : const auto addresses{LookupHost(host, nMaxIPs, true)};
2368 [ # # ]: 0 : if (!addresses.empty()) {
2369 [ # # ]: 0 : for (const CNetAddr& ip : addresses) {
2370 [ # # ]: 0 : CAddress addr = CAddress(CService(ip, m_params.GetDefaultPort()), requiredServiceBits);
2371 : 0 : addr.nTime = rng.rand_uniform_delay(Now<NodeSeconds>() - 3 * 24h, -4 * 24h); // use a random age between 3 and 7 days old
2372 [ # # ]: 0 : vAdd.push_back(addr);
2373 : 0 : found++;
2374 : 0 : }
2375 [ # # ]: 0 : addrman.Add(vAdd, resolveSource);
2376 : : } else {
2377 : : // If the seed does not support a subdomain with our desired service bits,
2378 : : // we make an ADDR_FETCH connection to the DNS resolved peer address for the
2379 : : // base dns seed domain in chainparams
2380 [ # # ]: 0 : AddAddrFetch(seed);
2381 : : }
2382 : 0 : }
2383 : 0 : --seeds_right_now;
2384 : : }
2385 [ # # ]: 0 : LogPrintf("%d addresses found from DNS seeds\n", found);
2386 : : } else {
2387 [ # # ]: 0 : LogPrintf("Skipping DNS seeds. Enough peers have been found\n");
2388 : : }
2389 : 0 : }
2390 : :
2391 : 0 : void CConnman::DumpAddresses()
2392 : : {
2393 : 0 : const auto start{SteadyClock::now()};
2394 : :
2395 : 0 : DumpPeerAddresses(::gArgs, addrman);
2396 : :
2397 [ # # ]: 0 : LogDebug(BCLog::NET, "Flushed %d addresses to peers.dat %dms\n",
2398 : : addrman.Size(), Ticks<std::chrono::milliseconds>(SteadyClock::now() - start));
2399 : 0 : }
2400 : :
2401 : 0 : void CConnman::ProcessAddrFetch()
2402 : : {
2403 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2404 [ # # ]: 0 : std::string strDest;
2405 : 0 : {
2406 [ # # ]: 0 : LOCK(m_addr_fetches_mutex);
2407 [ # # ]: 0 : if (m_addr_fetches.empty())
2408 [ # # ]: 0 : return;
2409 [ # # ]: 0 : strDest = m_addr_fetches.front();
2410 [ # # ]: 0 : m_addr_fetches.pop_front();
2411 : 0 : }
2412 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2413 : : // peer doesn't support it or immediately disconnects us for another reason.
2414 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2415 [ # # ]: 0 : CAddress addr;
2416 : 0 : CountingSemaphoreGrant<> grant(*semOutbound, /*fTry=*/true);
2417 [ # # ]: 0 : if (grant) {
2418 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), strDest.c_str(), ConnectionType::ADDR_FETCH, use_v2transport);
2419 : : }
2420 : 0 : }
2421 : :
2422 : 1713 : bool CConnman::GetTryNewOutboundPeer() const
2423 : : {
2424 : 1713 : return m_try_another_outbound_peer;
2425 : : }
2426 : :
2427 : 1760 : void CConnman::SetTryNewOutboundPeer(bool flag)
2428 : : {
2429 : 1760 : m_try_another_outbound_peer = flag;
2430 [ - + - - ]: 1760 : LogDebug(BCLog::NET, "setting try another outbound peer=%s\n", flag ? "true" : "false");
2431 : 1760 : }
2432 : :
2433 : 0 : void CConnman::StartExtraBlockRelayPeers()
2434 : : {
2435 [ # # ]: 0 : LogDebug(BCLog::NET, "enabling extra block-relay-only peers\n");
2436 : 0 : m_start_extra_block_relay_peers = true;
2437 : 0 : }
2438 : :
2439 : : // Return the number of outbound connections that are full relay (not blocks only)
2440 : 0 : int CConnman::GetFullOutboundConnCount() const
2441 : : {
2442 : 0 : int nRelevant = 0;
2443 : 0 : {
2444 : 0 : LOCK(m_nodes_mutex);
2445 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2446 [ # # # # ]: 0 : if (pnode->fSuccessfullyConnected && pnode->IsFullOutboundConn()) ++nRelevant;
2447 : : }
2448 : 0 : }
2449 : 0 : return nRelevant;
2450 : : }
2451 : :
2452 : : // Return the number of peers we have over our outbound connection limit
2453 : : // Exclude peers that are marked for disconnect, or are going to be
2454 : : // disconnected soon (eg ADDR_FETCH and FEELER)
2455 : : // Also exclude peers that haven't finished initial connection handshake yet
2456 : : // (so that we don't decide we're over our desired connection limit, and then
2457 : : // evict some peer that has finished the handshake)
2458 : 1713 : int CConnman::GetExtraFullOutboundCount() const
2459 : : {
2460 : 1713 : int full_outbound_peers = 0;
2461 : 1713 : {
2462 : 1713 : LOCK(m_nodes_mutex);
2463 [ + + ]: 13750 : for (const CNode* pnode : m_nodes) {
2464 [ - + - - : 12037 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsFullOutboundConn()) {
- - ]
2465 : 0 : ++full_outbound_peers;
2466 : : }
2467 : : }
2468 : 1713 : }
2469 [ + - ]: 1713 : return std::max(full_outbound_peers - m_max_outbound_full_relay, 0);
2470 : : }
2471 : :
2472 : 0 : int CConnman::GetExtraBlockRelayCount() const
2473 : : {
2474 : 0 : int block_relay_peers = 0;
2475 : 0 : {
2476 : 0 : LOCK(m_nodes_mutex);
2477 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2478 [ # # # # : 0 : if (pnode->fSuccessfullyConnected && !pnode->fDisconnect && pnode->IsBlockOnlyConn()) {
# # ]
2479 : 0 : ++block_relay_peers;
2480 : : }
2481 : : }
2482 : 0 : }
2483 [ # # ]: 0 : return std::max(block_relay_peers - m_max_outbound_block_relay, 0);
2484 : : }
2485 : :
2486 : 0 : std::unordered_set<Network> CConnman::GetReachableEmptyNetworks() const
2487 : : {
2488 : 0 : std::unordered_set<Network> networks{};
2489 [ # # ]: 0 : for (int n = 0; n < NET_MAX; n++) {
2490 : 0 : enum Network net = (enum Network)n;
2491 [ # # ]: 0 : if (net == NET_UNROUTABLE || net == NET_INTERNAL) continue;
2492 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && addrman.Size(net, std::nullopt) == 0) {
# # # # ]
2493 [ # # ]: 0 : networks.insert(net);
2494 : : }
2495 : : }
2496 : 0 : return networks;
2497 : 0 : }
2498 : :
2499 : 0 : bool CConnman::MultipleManualOrFullOutboundConns(Network net) const
2500 : : {
2501 : 0 : AssertLockHeld(m_nodes_mutex);
2502 : 0 : return m_network_conn_counts[net] > 1;
2503 : : }
2504 : :
2505 : 0 : bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)
2506 : : {
2507 : 0 : std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};
2508 : 0 : std::shuffle(nets.begin(), nets.end(), FastRandomContext());
2509 : :
2510 : 0 : LOCK(m_nodes_mutex);
2511 [ # # ]: 0 : for (const auto net : nets) {
2512 [ # # # # : 0 : if (g_reachable_nets.Contains(net) && m_network_conn_counts[net] == 0 && addrman.Size(net) != 0) {
# # # # #
# ]
2513 : 0 : network = net;
2514 : 0 : return true;
2515 : : }
2516 : : }
2517 : :
2518 : : return false;
2519 : 0 : }
2520 : :
2521 : 0 : void CConnman::ThreadOpenConnections(const std::vector<std::string> connect, std::span<const std::string> seed_nodes)
2522 : : {
2523 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2524 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2525 : 0 : FastRandomContext rng;
2526 : : // Connect to specific addresses
2527 [ # # ]: 0 : if (!connect.empty())
2528 : : {
2529 : : // Attempt v2 connection if we support v2 - we'll reconnect with v1 if our
2530 : : // peer doesn't support it or immediately disconnects us for another reason.
2531 [ # # ]: 0 : const bool use_v2transport(GetLocalServices() & NODE_P2P_V2);
2532 : 0 : for (int64_t nLoop = 0;; nLoop++)
2533 : : {
2534 [ # # ]: 0 : for (const std::string& strAddr : connect)
2535 : : {
2536 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2537 [ # # # # ]: 0 : OpenNetworkConnection(addr, false, {}, strAddr.c_str(), ConnectionType::MANUAL, /*use_v2transport=*/use_v2transport);
2538 [ # # # # ]: 0 : for (int i = 0; i < 10 && i < nLoop; i++)
2539 : : {
2540 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2541 : 0 : return;
2542 : : }
2543 : : }
2544 : 0 : }
2545 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2546 : : return;
2547 : : }
2548 [ # # ]: 0 : PerformReconnections();
2549 : 0 : }
2550 : : }
2551 : :
2552 : : // Initiate network connections
2553 : 0 : auto start = GetTime<std::chrono::microseconds>();
2554 : :
2555 : : // Minimum time before next feeler connection (in microseconds).
2556 : 0 : auto next_feeler = start + rng.rand_exp_duration(FEELER_INTERVAL);
2557 : 0 : auto next_extra_block_relay = start + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2558 [ # # ]: 0 : auto next_extra_network_peer{start + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL)};
2559 [ # # # # ]: 0 : const bool dnsseed = gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED);
2560 [ # # # # ]: 0 : bool add_fixed_seeds = gArgs.GetBoolArg("-fixedseeds", DEFAULT_FIXEDSEEDS);
2561 [ # # # # ]: 0 : const bool use_seednodes{!gArgs.GetArgs("-seednode").empty()};
2562 : :
2563 : 0 : auto seed_node_timer = NodeClock::now();
2564 [ # # # # : 0 : bool add_addr_fetch{addrman.Size() == 0 && !seed_nodes.empty()};
# # ]
2565 : 0 : constexpr std::chrono::seconds ADD_NEXT_SEEDNODE = 10s;
2566 : :
2567 [ # # ]: 0 : if (!add_fixed_seeds) {
2568 [ # # ]: 0 : LogPrintf("Fixed seeds are disabled\n");
2569 : : }
2570 : :
2571 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2572 [ # # ]: 0 : if (add_addr_fetch) {
2573 : 0 : add_addr_fetch = false;
2574 : 0 : const auto& seed{SpanPopBack(seed_nodes)};
2575 [ # # ]: 0 : AddAddrFetch(seed);
2576 : :
2577 [ # # # # ]: 0 : if (addrman.Size() == 0) {
2578 [ # # ]: 0 : LogInfo("Empty addrman, adding seednode (%s) to addrfetch\n", seed);
2579 : : } else {
2580 [ # # ]: 0 : LogInfo("Couldn't connect to peers from addrman after %d seconds. Adding seednode (%s) to addrfetch\n", ADD_NEXT_SEEDNODE.count(), seed);
2581 : : }
2582 : : }
2583 : :
2584 [ # # ]: 0 : ProcessAddrFetch();
2585 : :
2586 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) {
2587 : : return;
2588 : : }
2589 : :
2590 [ # # ]: 0 : PerformReconnections();
2591 : :
2592 : 0 : CountingSemaphoreGrant<> grant(*semOutbound);
2593 [ # # # # ]: 0 : if (m_interrupt_net->interrupted()) {
2594 : : return;
2595 : : }
2596 : :
2597 [ # # ]: 0 : const std::unordered_set<Network> fixed_seed_networks{GetReachableEmptyNetworks()};
2598 [ # # # # ]: 0 : if (add_fixed_seeds && !fixed_seed_networks.empty()) {
2599 : : // When the node starts with an empty peers.dat, there are a few other sources of peers before
2600 : : // we fallback on to fixed seeds: -dnsseed, -seednode, -addnode
2601 : : // If none of those are available, we fallback on to fixed seeds immediately, else we allow
2602 : : // 60 seconds for any of those sources to populate addrman.
2603 : 0 : bool add_fixed_seeds_now = false;
2604 : : // It is cheapest to check if enough time has passed first.
2605 [ # # ]: 0 : if (GetTime<std::chrono::seconds>() > start + std::chrono::minutes{1}) {
2606 : 0 : add_fixed_seeds_now = true;
2607 [ # # ]: 0 : LogPrintf("Adding fixed seeds as 60 seconds have passed and addrman is empty for at least one reachable network\n");
2608 : : }
2609 : :
2610 : : // Perform cheap checks before locking a mutex.
2611 [ # # ]: 0 : else if (!dnsseed && !use_seednodes) {
2612 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
2613 [ # # ]: 0 : if (m_added_node_params.empty()) {
2614 : 0 : add_fixed_seeds_now = true;
2615 [ # # ]: 0 : LogPrintf("Adding fixed seeds as -dnsseed=0 (or IPv4/IPv6 connections are disabled via -onlynet) and neither -addnode nor -seednode are provided\n");
2616 : : }
2617 : 0 : }
2618 : :
2619 [ # # ]: 0 : if (add_fixed_seeds_now) {
2620 [ # # ]: 0 : std::vector<CAddress> seed_addrs{ConvertSeeds(m_params.FixedSeeds())};
2621 : : // We will not make outgoing connections to peers that are unreachable
2622 : : // (e.g. because of -onlynet configuration).
2623 : : // Therefore, we do not add them to addrman in the first place.
2624 : : // In case previously unreachable networks become reachable
2625 : : // (e.g. in case of -onlynet changes by the user), fixed seeds will
2626 : : // be loaded only for networks for which we have no addresses.
2627 [ # # ]: 0 : seed_addrs.erase(std::remove_if(seed_addrs.begin(), seed_addrs.end(),
2628 : 0 : [&fixed_seed_networks](const CAddress& addr) { return fixed_seed_networks.count(addr.GetNetwork()) == 0; }),
2629 [ # # ]: 0 : seed_addrs.end());
2630 [ # # ]: 0 : CNetAddr local;
2631 [ # # # # ]: 0 : local.SetInternal("fixedseeds");
2632 [ # # ]: 0 : addrman.Add(seed_addrs, local);
2633 : 0 : add_fixed_seeds = false;
2634 [ # # # # ]: 0 : LogPrintf("Added %d fixed seeds from reachable networks.\n", seed_addrs.size());
2635 : 0 : }
2636 : : }
2637 : :
2638 : : //
2639 : : // Choose an address to connect to based on most recently seen
2640 : : //
2641 [ # # ]: 0 : CAddress addrConnect;
2642 : :
2643 : : // Only connect out to one peer per ipv4/ipv6 network group (/16 for IPv4).
2644 : 0 : int nOutboundFullRelay = 0;
2645 : 0 : int nOutboundBlockRelay = 0;
2646 : 0 : int outbound_privacy_network_peers = 0;
2647 [ # # ]: 0 : std::set<std::vector<unsigned char>> outbound_ipv46_peer_netgroups;
2648 : :
2649 : 0 : {
2650 [ # # ]: 0 : LOCK(m_nodes_mutex);
2651 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2652 [ # # ]: 0 : if (pnode->IsFullOutboundConn()) nOutboundFullRelay++;
2653 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) nOutboundBlockRelay++;
2654 : :
2655 : : // Make sure our persistent outbound slots to ipv4/ipv6 peers belong to different netgroups.
2656 [ # # ]: 0 : switch (pnode->m_conn_type) {
2657 : : // We currently don't take inbound connections into account. Since they are
2658 : : // free to make, an attacker could make them to prevent us from connecting to
2659 : : // certain peers.
2660 : : case ConnectionType::INBOUND:
2661 : : // Short-lived outbound connections should not affect how we select outbound
2662 : : // peers from addrman.
2663 : : case ConnectionType::ADDR_FETCH:
2664 : : case ConnectionType::FEELER:
2665 : : break;
2666 : 0 : case ConnectionType::MANUAL:
2667 : 0 : case ConnectionType::OUTBOUND_FULL_RELAY:
2668 : 0 : case ConnectionType::BLOCK_RELAY:
2669 : 0 : const CAddress address{pnode->addr};
2670 [ # # # # : 0 : if (address.IsTor() || address.IsI2P() || address.IsCJDNS()) {
# # ]
2671 : : // Since our addrman-groups for these networks are
2672 : : // random, without relation to the route we
2673 : : // take to connect to these peers or to the
2674 : : // difficulty in obtaining addresses with diverse
2675 : : // groups, we don't worry about diversity with
2676 : : // respect to our addrman groups when connecting to
2677 : : // these networks.
2678 : 0 : ++outbound_privacy_network_peers;
2679 : : } else {
2680 [ # # # # ]: 0 : outbound_ipv46_peer_netgroups.insert(m_netgroupman.GetGroup(address));
2681 : : }
2682 : : } // no default case, so the compiler can warn about missing cases
2683 : : }
2684 : 0 : }
2685 : :
2686 [ # # # # ]: 0 : if (!seed_nodes.empty() && nOutboundFullRelay < SEED_OUTBOUND_CONNECTION_THRESHOLD) {
2687 [ # # ]: 0 : if (NodeClock::now() > seed_node_timer + ADD_NEXT_SEEDNODE) {
2688 : 0 : seed_node_timer = NodeClock::now();
2689 : 0 : add_addr_fetch = true;
2690 : : }
2691 : : }
2692 : :
2693 : 0 : ConnectionType conn_type = ConnectionType::OUTBOUND_FULL_RELAY;
2694 : 0 : auto now = GetTime<std::chrono::microseconds>();
2695 : 0 : bool anchor = false;
2696 : 0 : bool fFeeler = false;
2697 : 0 : std::optional<Network> preferred_net;
2698 : :
2699 : : // Determine what type of connection to open. Opening
2700 : : // BLOCK_RELAY connections to addresses from anchors.dat gets the highest
2701 : : // priority. Then we open OUTBOUND_FULL_RELAY priority until we
2702 : : // meet our full-relay capacity. Then we open BLOCK_RELAY connection
2703 : : // until we hit our block-relay-only peer limit.
2704 : : // GetTryNewOutboundPeer() gets set when a stale tip is detected, so we
2705 : : // try opening an additional OUTBOUND_FULL_RELAY connection. If none of
2706 : : // these conditions are met, check to see if it's time to try an extra
2707 : : // block-relay-only peer (to confirm our tip is current, see below) or the next_feeler
2708 : : // timer to decide if we should open a FEELER.
2709 : :
2710 [ # # # # ]: 0 : if (!m_anchors.empty() && (nOutboundBlockRelay < m_max_outbound_block_relay)) {
2711 : : conn_type = ConnectionType::BLOCK_RELAY;
2712 : : anchor = true;
2713 [ # # ]: 0 : } else if (nOutboundFullRelay < m_max_outbound_full_relay) {
2714 : : // OUTBOUND_FULL_RELAY
2715 [ # # ]: 0 : } else if (nOutboundBlockRelay < m_max_outbound_block_relay) {
2716 : : conn_type = ConnectionType::BLOCK_RELAY;
2717 [ # # # # ]: 0 : } else if (GetTryNewOutboundPeer()) {
2718 : : // OUTBOUND_FULL_RELAY
2719 [ # # # # ]: 0 : } else if (now > next_extra_block_relay && m_start_extra_block_relay_peers) {
2720 : : // Periodically connect to a peer (using regular outbound selection
2721 : : // methodology from addrman) and stay connected long enough to sync
2722 : : // headers, but not much else.
2723 : : //
2724 : : // Then disconnect the peer, if we haven't learned anything new.
2725 : : //
2726 : : // The idea is to make eclipse attacks very difficult to pull off,
2727 : : // because every few minutes we're finding a new peer to learn headers
2728 : : // from.
2729 : : //
2730 : : // This is similar to the logic for trying extra outbound (full-relay)
2731 : : // peers, except:
2732 : : // - we do this all the time on an exponential timer, rather than just when
2733 : : // our tip is stale
2734 : : // - we potentially disconnect our next-youngest block-relay-only peer, if our
2735 : : // newest block-relay-only peer delivers a block more recently.
2736 : : // See the eviction logic in net_processing.cpp.
2737 : : //
2738 : : // Because we can promote these connections to block-relay-only
2739 : : // connections, they do not get their own ConnectionType enum
2740 : : // (similar to how we deal with extra outbound peers).
2741 : 0 : next_extra_block_relay = now + rng.rand_exp_duration(EXTRA_BLOCK_RELAY_ONLY_PEER_INTERVAL);
2742 : 0 : conn_type = ConnectionType::BLOCK_RELAY;
2743 [ # # ]: 0 : } else if (now > next_feeler) {
2744 : 0 : next_feeler = now + rng.rand_exp_duration(FEELER_INTERVAL);
2745 : 0 : conn_type = ConnectionType::FEELER;
2746 : 0 : fFeeler = true;
2747 [ # # ]: 0 : } else if (nOutboundFullRelay == m_max_outbound_full_relay &&
2748 [ # # ]: 0 : m_max_outbound_full_relay == MAX_OUTBOUND_FULL_RELAY_CONNECTIONS &&
2749 [ # # # # : 0 : now > next_extra_network_peer &&
# # ]
2750 [ # # ]: 0 : MaybePickPreferredNetwork(preferred_net)) {
2751 : : // Full outbound connection management: Attempt to get at least one
2752 : : // outbound peer from each reachable network by making extra connections
2753 : : // and then protecting "only" peers from a network during outbound eviction.
2754 : : // This is not attempted if the user changed -maxconnections to a value
2755 : : // so low that less than MAX_OUTBOUND_FULL_RELAY_CONNECTIONS are made,
2756 : : // to prevent interactions with otherwise protected outbound peers.
2757 : 0 : next_extra_network_peer = now + rng.rand_exp_duration(EXTRA_NETWORK_PEER_INTERVAL);
2758 : : } else {
2759 : : // skip to next iteration of while loop
2760 : 0 : continue;
2761 : : }
2762 : :
2763 [ # # ]: 0 : addrman.ResolveCollisions();
2764 : :
2765 : 0 : const auto current_time{NodeClock::now()};
2766 : 0 : int nTries = 0;
2767 [ # # ]: 0 : const auto reachable_nets{g_reachable_nets.All()};
2768 : :
2769 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
2770 [ # # # # ]: 0 : if (anchor && !m_anchors.empty()) {
2771 : 0 : const CAddress addr = m_anchors.back();
2772 : 0 : m_anchors.pop_back();
2773 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr) || !g_reachable_nets.Contains(addr) ||
# # # # #
# # # #
# ]
2774 [ # # # # : 0 : !m_msgproc->HasAllDesirableServiceFlags(addr.nServices) ||
# # ]
2775 [ # # ]: 0 : outbound_ipv46_peer_netgroups.count(m_netgroupman.GetGroup(addr))) continue;
2776 : 0 : addrConnect = addr;
2777 [ # # # # : 0 : LogDebug(BCLog::NET, "Trying to make an anchor connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2778 : 0 : break;
2779 : 0 : }
2780 : :
2781 : : // If we didn't find an appropriate destination after trying 100 addresses fetched from addrman,
2782 : : // stop this loop, and let the outer loop run again (which sleeps, adds seed nodes, recalculates
2783 : : // already-connected network ranges, ...) before trying new addrman addresses.
2784 : 0 : nTries++;
2785 [ # # ]: 0 : if (nTries > 100)
2786 : : break;
2787 : :
2788 [ # # ]: 0 : CAddress addr;
2789 : 0 : NodeSeconds addr_last_try{0s};
2790 : :
2791 [ # # ]: 0 : if (fFeeler) {
2792 : : // First, try to get a tried table collision address. This returns
2793 : : // an empty (invalid) address if there are no collisions to try.
2794 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.SelectTriedCollision();
2795 : :
2796 [ # # # # ]: 0 : if (!addr.IsValid()) {
2797 : : // No tried table collisions. Select a new table address
2798 : : // for our feeler.
2799 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.Select(true, reachable_nets);
2800 [ # # # # ]: 0 : } else if (AlreadyConnectedToAddress(addr)) {
2801 : : // If test-before-evict logic would have us connect to a
2802 : : // peer that we're already connected to, just mark that
2803 : : // address as Good(). We won't be able to initiate the
2804 : : // connection anyway, so this avoids inadvertently evicting
2805 : : // a currently-connected peer.
2806 [ # # ]: 0 : addrman.Good(addr);
2807 : : // Select a new table address for our feeler instead.
2808 [ # # ]: 0 : std::tie(addr, addr_last_try) = addrman.Select(true, reachable_nets);
2809 : : }
2810 : : } else {
2811 : : // Not a feeler
2812 : : // If preferred_net has a value set, pick an extra outbound
2813 : : // peer from that network. The eviction logic in net_processing
2814 : : // ensures that a peer from another network will be evicted.
2815 [ # # ]: 0 : std::tie(addr, addr_last_try) = preferred_net.has_value()
2816 [ # # # # : 0 : ? addrman.Select(false, {*preferred_net})
# # # # #
# ]
2817 [ # # ]: 0 : : addrman.Select(false, reachable_nets);
2818 : : }
2819 : :
2820 : : // Require outbound IPv4/IPv6 connections, other than feelers, to be to distinct network groups
2821 [ # # # # : 0 : if (!fFeeler && outbound_ipv46_peer_netgroups.count(m_netgroupman.GetGroup(addr))) {
# # # # ]
2822 : 0 : continue;
2823 : : }
2824 : :
2825 : : // if we selected an invalid or local address, restart
2826 [ # # # # : 0 : if (!addr.IsValid() || IsLocal(addr)) {
# # # # ]
2827 : : break;
2828 : : }
2829 : :
2830 [ # # # # ]: 0 : if (!g_reachable_nets.Contains(addr)) {
2831 : 0 : continue;
2832 : : }
2833 : :
2834 : : // only consider very recently tried nodes after 30 failed attempts
2835 [ # # # # ]: 0 : if (current_time - addr_last_try < 10min && nTries < 30) {
2836 : 0 : continue;
2837 : : }
2838 : :
2839 : : // for non-feelers, require all the services we'll want,
2840 : : // for feelers, only require they be a full node (only because most
2841 : : // SPV clients don't have a good address DB available)
2842 [ # # # # : 0 : if (!fFeeler && !m_msgproc->HasAllDesirableServiceFlags(addr.nServices)) {
# # ]
2843 : 0 : continue;
2844 [ # # # # ]: 0 : } else if (fFeeler && !MayHaveUsefulAddressDB(addr.nServices)) {
2845 : 0 : continue;
2846 : : }
2847 : :
2848 : : // Do not connect to bad ports, unless 50 invalid addresses have been selected already.
2849 [ # # # # : 0 : if (nTries < 50 && (addr.IsIPv4() || addr.IsIPv6()) && IsBadPort(addr.GetPort())) {
# # # # #
# # # ]
2850 : 0 : continue;
2851 : : }
2852 : :
2853 : : // Do not make automatic outbound connections to addnode peers, to
2854 : : // not use our limited outbound slots for them and to ensure
2855 : : // addnode connections benefit from their intended protections.
2856 [ # # # # ]: 0 : if (AddedNodesContain(addr)) {
2857 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Debug, "Not making automatic %s%s connection to %s peer selected for manual (addnode) connection%s\n",
# # # # #
# # # # #
# # # # #
# # # # #
# # ]
2858 : : preferred_net.has_value() ? "network-specific " : "",
2859 : : ConnectionTypeAsString(conn_type), GetNetworkName(addr.GetNetwork()),
2860 : : fLogIPs ? strprintf(": %s", addr.ToStringAddrPort()) : "");
2861 : 0 : continue;
2862 : 0 : }
2863 : :
2864 : 0 : addrConnect = addr;
2865 : : break;
2866 : 0 : }
2867 : :
2868 [ # # # # ]: 0 : if (addrConnect.IsValid()) {
2869 [ # # ]: 0 : if (fFeeler) {
2870 : : // Add small amount of random noise before connection to avoid synchronization.
2871 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(rng.rand_uniform_duration<CThreadInterrupt::Clock>(FEELER_SLEEP_WINDOW))) {
2872 : 0 : return;
2873 : : }
2874 [ # # # # : 0 : LogDebug(BCLog::NET, "Making feeler connection to %s\n", addrConnect.ToStringAddrPort());
# # # # ]
2875 : : }
2876 : :
2877 [ # # # # : 0 : if (preferred_net != std::nullopt) LogDebug(BCLog::NET, "Making network specific connection to %s on %s.\n", addrConnect.ToStringAddrPort(), GetNetworkName(preferred_net.value()));
# # # # #
# # # #
# ]
2878 : :
2879 : : // Record addrman failure attempts when node has at least 2 persistent outbound connections to peers with
2880 : : // different netgroups in ipv4/ipv6 networks + all peers in Tor/I2P/CJDNS networks.
2881 : : // Don't record addrman failure attempts when node is offline. This can be identified since all local
2882 : : // network connections (if any) belong in the same netgroup, and the size of `outbound_ipv46_peer_netgroups` would only be 1.
2883 [ # # ]: 0 : const bool count_failures{((int)outbound_ipv46_peer_netgroups.size() + outbound_privacy_network_peers) >= std::min(m_max_automatic_connections - 1, 2)};
2884 : : // Use BIP324 transport when both us and them have NODE_V2_P2P set.
2885 [ # # ]: 0 : const bool use_v2transport(addrConnect.nServices & GetLocalServices() & NODE_P2P_V2);
2886 [ # # ]: 0 : OpenNetworkConnection(addrConnect, count_failures, std::move(grant), /*pszDest=*/nullptr, conn_type, use_v2transport);
2887 : : }
2888 : 0 : }
2889 : 0 : }
2890 : :
2891 : 0 : std::vector<CAddress> CConnman::GetCurrentBlockRelayOnlyConns() const
2892 : : {
2893 : 0 : std::vector<CAddress> ret;
2894 [ # # ]: 0 : LOCK(m_nodes_mutex);
2895 [ # # ]: 0 : for (const CNode* pnode : m_nodes) {
2896 [ # # ]: 0 : if (pnode->IsBlockOnlyConn()) {
2897 [ # # ]: 0 : ret.push_back(pnode->addr);
2898 : : }
2899 : : }
2900 : :
2901 [ # # ]: 0 : return ret;
2902 : 0 : }
2903 : :
2904 : 1718 : std::vector<AddedNodeInfo> CConnman::GetAddedNodeInfo(bool include_connected) const
2905 : : {
2906 : 1718 : std::vector<AddedNodeInfo> ret;
2907 : :
2908 [ + - ]: 1718 : std::list<AddedNodeParams> lAddresses(0);
2909 : 1718 : {
2910 [ + - ]: 1718 : LOCK(m_added_nodes_mutex);
2911 [ - + + - ]: 1718 : ret.reserve(m_added_node_params.size());
2912 [ + - ]: 1718 : std::copy(m_added_node_params.cbegin(), m_added_node_params.cend(), std::back_inserter(lAddresses));
2913 : 0 : }
2914 : :
2915 : :
2916 : : // Build a map of all already connected addresses (by IP:port and by name) to inbound/outbound and resolved CService
2917 [ + - ]: 1718 : std::map<CService, bool> mapConnected;
2918 : 1718 : std::map<std::string, std::pair<bool, CService>> mapConnectedByName;
2919 : 1718 : {
2920 [ + - ]: 1718 : LOCK(m_nodes_mutex);
2921 [ + + ]: 13755 : for (const CNode* pnode : m_nodes) {
2922 [ + - + + ]: 12037 : if (pnode->addr.IsValid()) {
2923 [ + - ]: 9558 : mapConnected[pnode->addr] = pnode->IsInboundConn();
2924 : : }
2925 [ - + ]: 12037 : std::string addrName{pnode->m_addr_name};
2926 [ + - ]: 12037 : if (!addrName.empty()) {
2927 [ + - ]: 12037 : mapConnectedByName[std::move(addrName)] = std::make_pair(pnode->IsInboundConn(), static_cast<const CService&>(pnode->addr));
2928 : : }
2929 : 12037 : }
2930 : 0 : }
2931 : :
2932 [ + + ]: 1744 : for (const auto& addr : lAddresses) {
2933 [ + - + - : 52 : CService service{MaybeFlipIPv6toCJDNS(LookupNumeric(addr.m_added_node, GetDefaultPort(addr.m_added_node)))};
+ - + - ]
2934 [ + - + - ]: 26 : AddedNodeInfo addedNode{addr, CService(), false, false};
2935 [ + - + + ]: 26 : if (service.IsValid()) {
2936 : : // strAddNode is an IP:port
2937 [ + - ]: 4 : auto it = mapConnected.find(service);
2938 [ - + ]: 4 : if (it != mapConnected.end()) {
2939 [ # # ]: 0 : if (!include_connected) {
2940 : 0 : continue;
2941 : : }
2942 : 0 : addedNode.resolvedAddress = service;
2943 : 0 : addedNode.fConnected = true;
2944 : 0 : addedNode.fInbound = it->second;
2945 : : }
2946 : : } else {
2947 : : // strAddNode is a name
2948 : 22 : auto it = mapConnectedByName.find(addr.m_added_node);
2949 [ - + ]: 22 : if (it != mapConnectedByName.end()) {
2950 [ # # ]: 0 : if (!include_connected) {
2951 : 0 : continue;
2952 : : }
2953 : 0 : addedNode.resolvedAddress = it->second.second;
2954 : 0 : addedNode.fConnected = true;
2955 : 0 : addedNode.fInbound = it->second.first;
2956 : : }
2957 : : }
2958 [ + - ]: 26 : ret.emplace_back(std::move(addedNode));
2959 : 26 : }
2960 : :
2961 : 1718 : return ret;
2962 : 1718 : }
2963 : :
2964 : 0 : void CConnman::ThreadOpenAddedConnections()
2965 : : {
2966 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
2967 : 0 : AssertLockNotHeld(m_reconnections_mutex);
2968 : 0 : while (true)
2969 : : {
2970 : 0 : CountingSemaphoreGrant<> grant(*semAddnode);
2971 [ # # ]: 0 : std::vector<AddedNodeInfo> vInfo = GetAddedNodeInfo(/*include_connected=*/false);
2972 : 0 : bool tried = false;
2973 [ # # ]: 0 : for (const AddedNodeInfo& info : vInfo) {
2974 [ # # ]: 0 : if (!grant) {
2975 : : // If we've used up our semaphore and need a new one, let's not wait here since while we are waiting
2976 : : // the addednodeinfo state might change.
2977 : : break;
2978 : : }
2979 : 0 : tried = true;
2980 [ # # ]: 0 : CAddress addr(CService(), NODE_NONE);
2981 [ # # ]: 0 : OpenNetworkConnection(addr, false, std::move(grant), info.m_params.m_added_node.c_str(), ConnectionType::MANUAL, info.m_params.m_use_v2transport);
2982 [ # # # # ]: 0 : if (!m_interrupt_net->sleep_for(500ms)) return;
2983 : 0 : grant = CountingSemaphoreGrant<>(*semAddnode, /*fTry=*/true);
2984 : 0 : }
2985 : : // See if any reconnections are desired.
2986 [ # # ]: 0 : PerformReconnections();
2987 : : // Retry every 60 seconds if a connection was attempted, otherwise two seconds
2988 [ # # # # : 0 : if (!m_interrupt_net->sleep_for(tried ? 60s : 2s)) {
# # ]
2989 : : return;
2990 : : }
2991 : 0 : }
2992 : : }
2993 : :
2994 : : // if successful, this moves the passed grant to the constructed node
2995 : 847 : bool CConnman::OpenNetworkConnection(const CAddress& addrConnect,
2996 : : bool fCountFailure,
2997 : : CountingSemaphoreGrant<>&& grant_outbound,
2998 : : const char* pszDest,
2999 : : ConnectionType conn_type,
3000 : : bool use_v2transport,
3001 : : const std::optional<Proxy>& proxy_override)
3002 : : {
3003 : 847 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3004 [ - + ]: 847 : assert(conn_type != ConnectionType::INBOUND);
3005 : :
3006 : : //
3007 : : // Initiate outbound network connection
3008 : : //
3009 [ + + ]: 847 : if (m_interrupt_net->interrupted()) {
3010 : : return false;
3011 : : }
3012 [ + + ]: 12 : if (!fNetworkActive) {
3013 : : return false;
3014 : : }
3015 [ + + ]: 11 : if (!pszDest) {
3016 [ - + - - : 8 : bool banned_or_discouraged = m_banman && (m_banman->IsDiscouraged(addrConnect) || m_banman->IsBanned(addrConnect));
- - ]
3017 [ + - + - : 8 : if (IsLocal(addrConnect) || banned_or_discouraged || AlreadyConnectedToAddress(addrConnect)) {
- + ]
3018 : 0 : return false;
3019 : : }
3020 [ + - + - ]: 3 : } else if (AlreadyConnectedToHost(pszDest)) {
3021 : : return false;
3022 : : }
3023 : :
3024 [ + - ]: 11 : CNode* pnode = ConnectNode(addrConnect, pszDest, fCountFailure, conn_type, use_v2transport, proxy_override);
3025 : :
3026 [ - + ]: 11 : if (!pnode)
3027 : : return false;
3028 : 0 : pnode->grantOutbound = std::move(grant_outbound);
3029 : :
3030 : 0 : m_msgproc->InitializeNode(*pnode, m_local_services);
3031 : 0 : {
3032 : 0 : LOCK(m_nodes_mutex);
3033 [ # # ]: 0 : m_nodes.push_back(pnode);
3034 : :
3035 : : // update connection count by network
3036 [ # # # # ]: 0 : if (pnode->IsManualOrFullOutboundConn()) ++m_network_conn_counts[pnode->addr.GetNetwork()];
3037 : 0 : }
3038 : :
3039 : : TRACEPOINT(net, outbound_connection,
3040 : : pnode->GetId(),
3041 : : pnode->m_addr_name.c_str(),
3042 : : pnode->ConnectionTypeAsString().c_str(),
3043 : : pnode->ConnectedThroughNetwork(),
3044 : 0 : GetNodeCount(ConnectionDirection::Out));
3045 : :
3046 : 0 : return true;
3047 : : }
3048 : :
3049 : : Mutex NetEventsInterface::g_msgproc_mutex;
3050 : :
3051 : 0 : void CConnman::ThreadMessageHandler()
3052 : : {
3053 : 0 : LOCK(NetEventsInterface::g_msgproc_mutex);
3054 : :
3055 [ # # ]: 0 : while (!flagInterruptMsgProc)
3056 : : {
3057 : 0 : bool fMoreWork = false;
3058 : :
3059 : 0 : {
3060 : : // Randomize the order in which we process messages from/to our peers.
3061 : : // This prevents attacks in which an attacker exploits having multiple
3062 : : // consecutive connections in the m_nodes list.
3063 [ # # ]: 0 : const NodesSnapshot snap{*this, /*shuffle=*/true};
3064 : :
3065 [ # # ]: 0 : for (CNode* pnode : snap.Nodes()) {
3066 [ # # ]: 0 : if (pnode->fDisconnect)
3067 : 0 : continue;
3068 : :
3069 : : // Receive messages
3070 [ # # ]: 0 : bool fMoreNodeWork = m_msgproc->ProcessMessages(pnode, flagInterruptMsgProc);
3071 [ # # # # ]: 0 : fMoreWork |= (fMoreNodeWork && !pnode->fPauseSend);
3072 [ # # ]: 0 : if (flagInterruptMsgProc)
3073 : : return;
3074 : : // Send messages
3075 [ # # ]: 0 : m_msgproc->SendMessages(pnode);
3076 : :
3077 [ # # ]: 0 : if (flagInterruptMsgProc)
3078 : : return;
3079 : : }
3080 [ # # ]: 0 : }
3081 : :
3082 [ # # ]: 0 : WAIT_LOCK(mutexMsgProc, lock);
3083 [ # # ]: 0 : if (!fMoreWork) {
3084 [ # # # # ]: 0 : condMsgProc.wait_until(lock, std::chrono::steady_clock::now() + std::chrono::milliseconds(100), [this]() EXCLUSIVE_LOCKS_REQUIRED(mutexMsgProc) { return fMsgProcWake; });
3085 : : }
3086 [ # # ]: 0 : fMsgProcWake = false;
3087 : 0 : }
3088 : 0 : }
3089 : :
3090 : 0 : void CConnman::ThreadI2PAcceptIncoming()
3091 : : {
3092 : 0 : static constexpr auto err_wait_begin = 1s;
3093 : 0 : static constexpr auto err_wait_cap = 5min;
3094 : 0 : auto err_wait = err_wait_begin;
3095 : :
3096 : 0 : bool advertising_listen_addr = false;
3097 : 0 : i2p::Connection conn;
3098 : :
3099 : 0 : auto SleepOnFailure = [&]() {
3100 : 0 : m_interrupt_net->sleep_for(err_wait);
3101 [ # # ]: 0 : if (err_wait < err_wait_cap) {
3102 : 0 : err_wait += 1s;
3103 : : }
3104 : 0 : };
3105 : :
3106 [ # # # # ]: 0 : while (!m_interrupt_net->interrupted()) {
3107 : :
3108 [ # # # # ]: 0 : if (!m_i2p_sam_session->Listen(conn)) {
3109 [ # # # # : 0 : if (advertising_listen_addr && conn.me.IsValid()) {
# # ]
3110 [ # # ]: 0 : RemoveLocal(conn.me);
3111 : : advertising_listen_addr = false;
3112 : : }
3113 [ # # ]: 0 : SleepOnFailure();
3114 : 0 : continue;
3115 : : }
3116 : :
3117 [ # # ]: 0 : if (!advertising_listen_addr) {
3118 [ # # ]: 0 : AddLocal(conn.me, LOCAL_MANUAL);
3119 : : advertising_listen_addr = true;
3120 : : }
3121 : :
3122 [ # # # # ]: 0 : if (!m_i2p_sam_session->Accept(conn)) {
3123 [ # # ]: 0 : SleepOnFailure();
3124 : 0 : continue;
3125 : : }
3126 : :
3127 [ # # ]: 0 : CreateNodeFromAcceptedSocket(std::move(conn.sock), NetPermissionFlags::None, conn.me, conn.peer);
3128 : :
3129 : 0 : err_wait = err_wait_begin;
3130 : : }
3131 : 0 : }
3132 : :
3133 : 33 : bool CConnman::BindListenPort(const CService& addrBind, bilingual_str& strError, NetPermissionFlags permissions)
3134 : : {
3135 : 33 : int nOne = 1;
3136 : :
3137 : : // Create socket for listening for incoming connections
3138 : 33 : struct sockaddr_storage sockaddr;
3139 : 33 : socklen_t len = sizeof(sockaddr);
3140 [ + + ]: 33 : if (!addrBind.GetSockAddr((struct sockaddr*)&sockaddr, &len))
3141 : : {
3142 [ + - + - ]: 12 : strError = Untranslated(strprintf("Bind address family for %s not supported", addrBind.ToStringAddrPort()));
3143 [ + - ]: 6 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
3144 : 6 : return false;
3145 : : }
3146 : :
3147 : 27 : std::unique_ptr<Sock> sock = CreateSock(addrBind.GetSAFamily(), SOCK_STREAM, IPPROTO_TCP);
3148 [ - + ]: 27 : if (!sock) {
3149 [ # # # # : 0 : strError = Untranslated(strprintf("Couldn't open socket for incoming connections (socket returned error %s)", NetworkErrorString(WSAGetLastError())));
# # ]
3150 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
# # ]
3151 : 0 : return false;
3152 : : }
3153 : :
3154 : : // Allow binding if the port is still in TIME_WAIT state after
3155 : : // the program was closed and restarted.
3156 [ + - + + ]: 27 : if (sock->SetSockOpt(SOL_SOCKET, SO_REUSEADDR, &nOne, sizeof(int)) == SOCKET_ERROR) {
3157 [ + - + - : 6 : strError = Untranslated(strprintf("Error setting SO_REUSEADDR on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3158 [ + - ]: 3 : LogPrintf("%s\n", strError.original);
3159 : : }
3160 : :
3161 : : // some systems don't have IPV6_V6ONLY but are always v6only; others do have the option
3162 : : // and enable it by default or not. Try to enable it, if possible.
3163 [ + + ]: 27 : if (addrBind.IsIPv6()) {
3164 : : #ifdef IPV6_V6ONLY
3165 [ + - + + ]: 9 : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_V6ONLY, &nOne, sizeof(int)) == SOCKET_ERROR) {
3166 [ + - + - : 4 : strError = Untranslated(strprintf("Error setting IPV6_V6ONLY on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
+ - ]
3167 [ + - ]: 2 : LogPrintf("%s\n", strError.original);
3168 : : }
3169 : : #endif
3170 : : #ifdef WIN32
3171 : : int nProtLevel = PROTECTION_LEVEL_UNRESTRICTED;
3172 : : if (sock->SetSockOpt(IPPROTO_IPV6, IPV6_PROTECTION_LEVEL, &nProtLevel, sizeof(int)) == SOCKET_ERROR) {
3173 : : strError = Untranslated(strprintf("Error setting IPV6_PROTECTION_LEVEL on socket: %s, continuing anyway", NetworkErrorString(WSAGetLastError())));
3174 : : LogPrintf("%s\n", strError.original);
3175 : : }
3176 : : #endif
3177 : : }
3178 : :
3179 [ + - + + ]: 27 : if (sock->Bind(reinterpret_cast<struct sockaddr*>(&sockaddr), len) == SOCKET_ERROR) {
3180 : 4 : int nErr = WSAGetLastError();
3181 [ - + ]: 4 : if (nErr == WSAEADDRINUSE)
3182 [ # # # # ]: 0 : strError = strprintf(_("Unable to bind to %s on this computer. %s is probably already running."), addrBind.ToStringAddrPort(), CLIENT_NAME);
3183 : : else
3184 [ + - + - : 8 : strError = strprintf(_("Unable to bind to %s on this computer (bind returned error %s)"), addrBind.ToStringAddrPort(), NetworkErrorString(nErr));
+ - ]
3185 [ + - + - : 4 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
+ - ]
3186 : 4 : return false;
3187 : : }
3188 [ + - + - ]: 23 : LogPrintf("Bound to %s\n", addrBind.ToStringAddrPort());
3189 : :
3190 : : // Listen for incoming connections
3191 [ + - - + ]: 23 : if (sock->Listen(SOMAXCONN) == SOCKET_ERROR)
3192 : : {
3193 [ # # # # ]: 0 : strError = strprintf(_("Listening for incoming connections failed (listen returned error %s)"), NetworkErrorString(WSAGetLastError()));
3194 [ # # # # : 0 : LogPrintLevel(BCLog::NET, BCLog::Level::Error, "%s\n", strError.original);
# # ]
3195 : 0 : return false;
3196 : : }
3197 : :
3198 [ + - ]: 23 : vhListenSocket.emplace_back(std::move(sock), permissions);
3199 : : return true;
3200 : 27 : }
3201 : :
3202 : 0 : void Discover()
3203 : : {
3204 [ # # ]: 0 : if (!fDiscover)
3205 : : return;
3206 : :
3207 [ # # ]: 0 : for (const CNetAddr &addr: GetLocalAddresses()) {
3208 [ # # # # ]: 0 : if (AddLocal(addr, LOCAL_IF))
3209 [ # # # # ]: 0 : LogPrintf("%s: %s\n", __func__, addr.ToStringAddr());
3210 : : }
3211 : : }
3212 : :
3213 : 3682 : void CConnman::SetNetworkActive(bool active)
3214 : : {
3215 : 3682 : LogPrintf("%s: %s\n", __func__, active);
3216 : :
3217 [ + + ]: 3682 : if (fNetworkActive == active) {
3218 : : return;
3219 : : }
3220 : :
3221 [ - + ]: 1103 : fNetworkActive = active;
3222 : :
3223 [ - + ]: 1103 : if (m_client_interface) {
3224 : 0 : m_client_interface->NotifyNetworkActiveChanged(fNetworkActive);
3225 : : }
3226 : : }
3227 : :
3228 : 1736 : CConnman::CConnman(uint64_t nSeed0In,
3229 : : uint64_t nSeed1In,
3230 : : AddrMan& addrman_in,
3231 : : const NetGroupManager& netgroupman,
3232 : : const CChainParams& params,
3233 : : bool network_active,
3234 : 1736 : std::shared_ptr<CThreadInterrupt> interrupt_net)
3235 : 1736 : : addrman(addrman_in)
3236 [ + - ]: 1736 : , m_netgroupman{netgroupman}
3237 : 1736 : , nSeed0(nSeed0In)
3238 : 1736 : , nSeed1(nSeed1In)
3239 [ + - - - ]: 1736 : , m_interrupt_net{interrupt_net}
3240 [ + - + - : 3472 : , m_params(params)
+ - + - ]
3241 : : {
3242 [ + - ]: 1736 : SetTryNewOutboundPeer(false);
3243 : :
3244 : 1736 : Options connOptions;
3245 [ + - ]: 1736 : Init(connOptions);
3246 [ + - ]: 1736 : SetNetworkActive(network_active);
3247 : 1736 : }
3248 : :
3249 : 0 : NodeId CConnman::GetNewNodeId()
3250 : : {
3251 : 0 : return nLastNodeId.fetch_add(1, std::memory_order_relaxed);
3252 : : }
3253 : :
3254 : 0 : uint16_t CConnman::GetDefaultPort(Network net) const
3255 : : {
3256 [ # # ]: 0 : return net == NET_I2P ? I2P_SAM31_PORT : m_params.GetDefaultPort();
3257 : : }
3258 : :
3259 : 96 : uint16_t CConnman::GetDefaultPort(const std::string& addr) const
3260 : : {
3261 : 96 : CNetAddr a;
3262 [ + - - + : 96 : return a.SetSpecial(addr) ? GetDefaultPort(a.GetNetwork()) : m_params.GetDefaultPort();
- - - - ]
3263 : 96 : }
3264 : :
3265 : 33 : bool CConnman::Bind(const CService& addr_, unsigned int flags, NetPermissionFlags permissions)
3266 : : {
3267 : 33 : const CService addr{MaybeFlipIPv6toCJDNS(addr_)};
3268 : :
3269 [ + - ]: 33 : bilingual_str strError;
3270 [ + - + + ]: 33 : if (!BindListenPort(addr, strError, permissions)) {
3271 [ + - - + ]: 10 : if ((flags & BF_REPORT_ERROR) && m_client_interface) {
3272 [ # # # # ]: 0 : m_client_interface->ThreadSafeMessageBox(strError, "", CClientUIInterface::MSG_ERROR);
3273 : : }
3274 : 10 : return false;
3275 : : }
3276 : :
3277 [ + - + + : 23 : if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !NetPermissions::HasFlag(permissions, NetPermissionFlags::NoBan)) {
+ - + - +
- ]
3278 [ + - ]: 15 : AddLocal(addr, LOCAL_BIND);
3279 : : }
3280 : :
3281 : : return true;
3282 : 33 : }
3283 : :
3284 : 14 : bool CConnman::InitBinds(const Options& options)
3285 : : {
3286 [ + + ]: 29 : for (const auto& addrBind : options.vBinds) {
3287 [ + + ]: 20 : if (!Bind(addrBind, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3288 : : return false;
3289 : : }
3290 : : }
3291 [ + + ]: 15 : for (const auto& addrBind : options.vWhiteBinds) {
3292 [ + + ]: 9 : if (!Bind(addrBind.m_service, BF_REPORT_ERROR, addrBind.m_flags)) {
3293 : : return false;
3294 : : }
3295 : : }
3296 [ + + ]: 6 : for (const auto& addr_bind : options.onion_binds) {
3297 [ - + ]: 2 : if (!Bind(addr_bind, BF_REPORT_ERROR | BF_DONT_ADVERTISE, NetPermissionFlags::None)) {
3298 : : return false;
3299 : : }
3300 : : }
3301 [ + + ]: 4 : if (options.bind_on_any) {
3302 : : // Don't consider errors to bind on IPv6 "::" fatal because the host OS
3303 : : // may not have IPv6 support and the user did not explicitly ask us to
3304 : : // bind on that.
3305 : 1 : const CService ipv6_any{in6_addr(IN6ADDR_ANY_INIT), GetListenPort()}; // ::
3306 [ + - ]: 1 : Bind(ipv6_any, BF_NONE, NetPermissionFlags::None);
3307 : :
3308 : 1 : struct in_addr inaddr_any;
3309 : 1 : inaddr_any.s_addr = htonl(INADDR_ANY);
3310 [ + - + - ]: 1 : const CService ipv4_any{inaddr_any, GetListenPort()}; // 0.0.0.0
3311 [ + - - + ]: 1 : if (!Bind(ipv4_any, BF_REPORT_ERROR, NetPermissionFlags::None)) {
3312 : 0 : return false;
3313 : : }
3314 : 1 : }
3315 : : return true;
3316 : : }
3317 : :
3318 : 0 : bool CConnman::Start(CScheduler& scheduler, const Options& connOptions)
3319 : : {
3320 : 0 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3321 : 0 : Init(connOptions);
3322 : :
3323 [ # # # # ]: 0 : if (fListen && !InitBinds(connOptions)) {
3324 [ # # ]: 0 : if (m_client_interface) {
3325 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3326 [ # # ]: 0 : _("Failed to listen on any port. Use -listen=0 if you want this."),
3327 : 0 : "", CClientUIInterface::MSG_ERROR);
3328 : : }
3329 : 0 : return false;
3330 : : }
3331 : :
3332 : 0 : Proxy i2p_sam;
3333 [ # # # # : 0 : if (GetProxy(NET_I2P, i2p_sam) && connOptions.m_i2p_accept_incoming) {
# # ]
3334 [ # # # # ]: 0 : m_i2p_sam_session = std::make_unique<i2p::sam::Session>(gArgs.GetDataDirNet() / "i2p_private_key",
3335 [ # # ]: 0 : i2p_sam, m_interrupt_net);
3336 : : }
3337 : :
3338 : : // Randomize the order in which we may query seednode to potentially prevent connecting to the same one every restart (and signal that we have restarted)
3339 [ # # ]: 0 : std::vector<std::string> seed_nodes = connOptions.vSeedNodes;
3340 [ # # ]: 0 : if (!seed_nodes.empty()) {
3341 : 0 : std::shuffle(seed_nodes.begin(), seed_nodes.end(), FastRandomContext{});
3342 : : }
3343 : :
3344 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3345 : : // Load addresses from anchors.dat
3346 [ # # # # : 0 : m_anchors = ReadAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME);
# # ]
3347 [ # # # # ]: 0 : if (m_anchors.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3348 [ # # ]: 0 : m_anchors.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3349 : : }
3350 [ # # # # ]: 0 : LogPrintf("%i block-relay-only anchors will be tried for connections.\n", m_anchors.size());
3351 : : }
3352 : :
3353 [ # # ]: 0 : if (m_client_interface) {
3354 [ # # # # ]: 0 : m_client_interface->InitMessage(_("Starting network threads…"));
3355 : : }
3356 : :
3357 : 0 : fAddressesInitialized = true;
3358 : :
3359 [ # # ]: 0 : if (semOutbound == nullptr) {
3360 : : // initialize semaphore
3361 [ # # # # ]: 0 : semOutbound = std::make_unique<std::counting_semaphore<>>(std::min(m_max_automatic_outbound, m_max_automatic_connections));
3362 : : }
3363 [ # # ]: 0 : if (semAddnode == nullptr) {
3364 : : // initialize semaphore
3365 [ # # ]: 0 : semAddnode = std::make_unique<std::counting_semaphore<>>(m_max_addnode);
3366 : : }
3367 : :
3368 : : //
3369 : : // Start threads
3370 : : //
3371 [ # # ]: 0 : assert(m_msgproc);
3372 [ # # ]: 0 : m_interrupt_net->reset();
3373 [ # # ]: 0 : flagInterruptMsgProc = false;
3374 : :
3375 : 0 : {
3376 [ # # ]: 0 : LOCK(mutexMsgProc);
3377 [ # # ]: 0 : fMsgProcWake = false;
3378 : 0 : }
3379 : :
3380 : : // Send and receive from sockets, accept connections
3381 [ # # ]: 0 : threadSocketHandler = std::thread(&util::TraceThread, "net", [this] { ThreadSocketHandler(); });
3382 : :
3383 [ # # # # : 0 : if (!gArgs.GetBoolArg("-dnsseed", DEFAULT_DNSSEED))
# # ]
3384 [ # # ]: 0 : LogPrintf("DNS seeding disabled\n");
3385 : : else
3386 [ # # ]: 0 : threadDNSAddressSeed = std::thread(&util::TraceThread, "dnsseed", [this] { ThreadDNSAddressSeed(); });
3387 : :
3388 : : // Initiate manual connections
3389 [ # # ]: 0 : threadOpenAddedConnections = std::thread(&util::TraceThread, "addcon", [this] { ThreadOpenAddedConnections(); });
3390 : :
3391 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing && !connOptions.m_specified_outgoing.empty()) {
3392 [ # # ]: 0 : if (m_client_interface) {
3393 [ # # ]: 0 : m_client_interface->ThreadSafeMessageBox(
3394 [ # # ]: 0 : _("Cannot provide specific connections and have addrman find outgoing connections at the same time."),
3395 [ # # ]: 0 : "", CClientUIInterface::MSG_ERROR);
3396 : : }
3397 : 0 : return false;
3398 : : }
3399 [ # # # # ]: 0 : if (connOptions.m_use_addrman_outgoing || !connOptions.m_specified_outgoing.empty()) {
3400 : 0 : threadOpenConnections = std::thread(
3401 [ # # ]: 0 : &util::TraceThread, "opencon",
3402 [ # # # # : 0 : [this, connect = connOptions.m_specified_outgoing, seed_nodes = std::move(seed_nodes)] { ThreadOpenConnections(connect, seed_nodes); });
# # # # ]
3403 : : }
3404 : :
3405 : : // Process messages
3406 [ # # ]: 0 : threadMessageHandler = std::thread(&util::TraceThread, "msghand", [this] { ThreadMessageHandler(); });
3407 : :
3408 [ # # ]: 0 : if (m_i2p_sam_session) {
3409 : 0 : threadI2PAcceptIncoming =
3410 [ # # ]: 0 : std::thread(&util::TraceThread, "i2paccept", [this] { ThreadI2PAcceptIncoming(); });
3411 : : }
3412 : :
3413 : : // Dump network addresses
3414 [ # # ]: 0 : scheduler.scheduleEvery([this] { DumpAddresses(); }, DUMP_PEERS_INTERVAL);
3415 : :
3416 : : // Run the ASMap Health check once and then schedule it to run every 24h.
3417 [ # # # # ]: 0 : if (m_netgroupman.UsingASMap()) {
3418 [ # # ]: 0 : ASMapHealthCheck();
3419 [ # # ]: 0 : scheduler.scheduleEvery([this] { ASMapHealthCheck(); }, ASMAP_HEALTH_CHECK_INTERVAL);
3420 : : }
3421 : :
3422 : : return true;
3423 : 0 : }
3424 : :
3425 : : class CNetCleanup
3426 : : {
3427 : : public:
3428 : : CNetCleanup() = default;
3429 : :
3430 : : ~CNetCleanup()
3431 : : {
3432 : : #ifdef WIN32
3433 : : // Shutdown Windows Sockets
3434 : : WSACleanup();
3435 : : #endif
3436 : : }
3437 : : };
3438 : : static CNetCleanup instance_of_cnetcleanup;
3439 : :
3440 : 1736 : void CConnman::Interrupt()
3441 : : {
3442 : 1736 : {
3443 : 1736 : LOCK(mutexMsgProc);
3444 [ + - ]: 1736 : flagInterruptMsgProc = true;
3445 : 1736 : }
3446 : 1736 : condMsgProc.notify_all();
3447 : :
3448 : 1736 : (*m_interrupt_net)();
3449 : 1736 : g_socks5_interrupt();
3450 : :
3451 [ - + ]: 1736 : if (semOutbound) {
3452 [ # # ]: 0 : for (int i=0; i<m_max_automatic_outbound; i++) {
3453 : 0 : semOutbound->release();
3454 : : }
3455 : : }
3456 : :
3457 [ - + ]: 1736 : if (semAddnode) {
3458 [ # # ]: 0 : for (int i=0; i<m_max_addnode; i++) {
3459 : 0 : semAddnode->release();
3460 : : }
3461 : : }
3462 : 1736 : }
3463 : :
3464 : 1736 : void CConnman::StopThreads()
3465 : : {
3466 [ - + ]: 1736 : if (threadI2PAcceptIncoming.joinable()) {
3467 : 0 : threadI2PAcceptIncoming.join();
3468 : : }
3469 [ - + ]: 1736 : if (threadMessageHandler.joinable())
3470 : 0 : threadMessageHandler.join();
3471 [ - + ]: 1736 : if (threadOpenConnections.joinable())
3472 : 0 : threadOpenConnections.join();
3473 [ - + ]: 1736 : if (threadOpenAddedConnections.joinable())
3474 : 0 : threadOpenAddedConnections.join();
3475 [ - + ]: 1736 : if (threadDNSAddressSeed.joinable())
3476 : 0 : threadDNSAddressSeed.join();
3477 [ - + ]: 1736 : if (threadSocketHandler.joinable())
3478 : 0 : threadSocketHandler.join();
3479 : 1736 : }
3480 : :
3481 : 7990 : void CConnman::StopNodes()
3482 : : {
3483 [ - + ]: 7990 : if (fAddressesInitialized) {
3484 : 0 : DumpAddresses();
3485 : 0 : fAddressesInitialized = false;
3486 : :
3487 [ # # ]: 0 : if (m_use_addrman_outgoing) {
3488 : : // Anchor connections are only dumped during clean shutdown.
3489 : 0 : std::vector<CAddress> anchors_to_dump = GetCurrentBlockRelayOnlyConns();
3490 [ # # # # ]: 0 : if (anchors_to_dump.size() > MAX_BLOCK_RELAY_ONLY_ANCHORS) {
3491 [ # # ]: 0 : anchors_to_dump.resize(MAX_BLOCK_RELAY_ONLY_ANCHORS);
3492 : : }
3493 [ # # # # : 0 : DumpAnchors(gArgs.GetDataDirNet() / ANCHORS_DATABASE_FILENAME, anchors_to_dump);
# # ]
3494 : 0 : }
3495 : : }
3496 : :
3497 : : // Delete peer connections.
3498 : 7990 : std::vector<CNode*> nodes;
3499 [ + - + - ]: 15980 : WITH_LOCK(m_nodes_mutex, nodes.swap(m_nodes));
3500 [ + + ]: 17925 : for (CNode* pnode : nodes) {
3501 [ + - - + : 9935 : LogDebug(BCLog::NET, "Stopping node, %s", pnode->DisconnectMsg(fLogIPs));
- - - - ]
3502 [ + - ]: 9935 : pnode->CloseSocketDisconnect();
3503 [ + - ]: 9935 : DeleteNode(pnode);
3504 : : }
3505 : :
3506 [ - + ]: 7990 : for (CNode* pnode : m_nodes_disconnected) {
3507 [ # # ]: 0 : DeleteNode(pnode);
3508 : : }
3509 : 7990 : m_nodes_disconnected.clear();
3510 : 7990 : vhListenSocket.clear();
3511 [ - + ]: 7990 : semOutbound.reset();
3512 [ - + ]: 7990 : semAddnode.reset();
3513 : 7990 : }
3514 : :
3515 : 9935 : void CConnman::DeleteNode(CNode* pnode)
3516 : : {
3517 [ - + ]: 9935 : assert(pnode);
3518 : 9935 : m_msgproc->FinalizeNode(*pnode);
3519 : 9935 : delete pnode;
3520 : 9935 : }
3521 : :
3522 [ + - ]: 1736 : CConnman::~CConnman()
3523 : : {
3524 : 1736 : Interrupt();
3525 : 1736 : Stop();
3526 : 3472 : }
3527 : :
3528 : 6197 : std::vector<CAddress> CConnman::GetAddressesUnsafe(size_t max_addresses, size_t max_pct, std::optional<Network> network, const bool filtered) const
3529 : : {
3530 : 6197 : std::vector<CAddress> addresses = addrman.GetAddr(max_addresses, max_pct, network, filtered);
3531 [ - + ]: 6197 : if (m_banman) {
3532 [ # # ]: 0 : addresses.erase(std::remove_if(addresses.begin(), addresses.end(),
3533 [ # # # # ]: 0 : [this](const CAddress& addr){return m_banman->IsDiscouraged(addr) || m_banman->IsBanned(addr);}),
3534 [ # # ]: 0 : addresses.end());
3535 : : }
3536 : 6197 : return addresses;
3537 : 0 : }
3538 : :
3539 : 163 : std::vector<CAddress> CConnman::GetAddresses(CNode& requestor, size_t max_addresses, size_t max_pct)
3540 : : {
3541 : 163 : auto local_socket_bytes = requestor.addrBind.GetAddrBytes();
3542 : 163 : uint64_t network_id = requestor.m_network_key;
3543 : 163 : const auto current_time = GetTime<std::chrono::microseconds>();
3544 [ + - ]: 163 : auto r = m_addr_response_caches.emplace(network_id, CachedAddrResponse{});
3545 [ + + ]: 163 : CachedAddrResponse& cache_entry = r.first->second;
3546 [ + + ]: 163 : if (cache_entry.m_cache_entry_expiration < current_time) { // If emplace() added new one it has expiration 0.
3547 [ + - ]: 122 : cache_entry.m_addrs_response_cache = GetAddressesUnsafe(max_addresses, max_pct, /*network=*/std::nullopt);
3548 : : // Choosing a proper cache lifetime is a trade-off between the privacy leak minimization
3549 : : // and the usefulness of ADDR responses to honest users.
3550 : : //
3551 : : // Longer cache lifetime makes it more difficult for an attacker to scrape
3552 : : // enough AddrMan data to maliciously infer something useful.
3553 : : // By the time an attacker scraped enough AddrMan records, most of
3554 : : // the records should be old enough to not leak topology info by
3555 : : // e.g. analyzing real-time changes in timestamps.
3556 : : //
3557 : : // It takes only several hundred requests to scrape everything from an AddrMan containing 100,000 nodes,
3558 : : // so ~24 hours of cache lifetime indeed makes the data less inferable by the time
3559 : : // most of it could be scraped (considering that timestamps are updated via
3560 : : // ADDR self-announcements and when nodes communicate).
3561 : : // We also should be robust to those attacks which may not require scraping *full* victim's AddrMan
3562 : : // (because even several timestamps of the same handful of nodes may leak privacy).
3563 : : //
3564 : : // On the other hand, longer cache lifetime makes ADDR responses
3565 : : // outdated and less useful for an honest requestor, e.g. if most nodes
3566 : : // in the ADDR response are no longer active.
3567 : : //
3568 : : // However, the churn in the network is known to be rather low. Since we consider
3569 : : // nodes to be "terrible" (see IsTerrible()) if the timestamps are older than 30 days,
3570 : : // max. 24 hours of "penalty" due to cache shouldn't make any meaningful difference
3571 : : // in terms of the freshness of the response.
3572 : 122 : cache_entry.m_cache_entry_expiration = current_time +
3573 : 122 : 21h + FastRandomContext().randrange<std::chrono::microseconds>(6h);
3574 : : }
3575 [ + - ]: 163 : return cache_entry.m_addrs_response_cache;
3576 : 163 : }
3577 : :
3578 : 66 : bool CConnman::AddNode(const AddedNodeParams& add)
3579 : : {
3580 [ + - + - ]: 66 : const CService resolved(LookupNumeric(add.m_added_node, GetDefaultPort(add.m_added_node)));
3581 [ + - ]: 66 : const bool resolved_is_valid{resolved.IsValid()};
3582 : :
3583 [ + - ]: 66 : LOCK(m_added_nodes_mutex);
3584 [ + + ]: 67 : for (const auto& it : m_added_node_params) {
3585 [ + + + - : 42 : if (add.m_added_node == it.m_added_node || (resolved_is_valid && resolved == LookupNumeric(it.m_added_node, GetDefaultPort(it.m_added_node)))) return false;
+ - + - +
- + - - +
+ + + + -
- - - ]
3586 : : }
3587 : :
3588 [ + - ]: 27 : m_added_node_params.push_back(add);
3589 : : return true;
3590 : 66 : }
3591 : :
3592 : 207 : bool CConnman::RemoveAddedNode(const std::string& strNode)
3593 : : {
3594 : 207 : LOCK(m_added_nodes_mutex);
3595 [ + + ]: 208 : for (auto it = m_added_node_params.begin(); it != m_added_node_params.end(); ++it) {
3596 [ + + ]: 2 : if (strNode == it->m_added_node) {
3597 : 1 : m_added_node_params.erase(it);
3598 : 1 : return true;
3599 : : }
3600 : : }
3601 : : return false;
3602 : 207 : }
3603 : :
3604 : 0 : bool CConnman::AddedNodesContain(const CAddress& addr) const
3605 : : {
3606 : 0 : AssertLockNotHeld(m_added_nodes_mutex);
3607 : 0 : const std::string addr_str{addr.ToStringAddr()};
3608 [ # # ]: 0 : const std::string addr_port_str{addr.ToStringAddrPort()};
3609 [ # # ]: 0 : LOCK(m_added_nodes_mutex);
3610 [ # # ]: 0 : return (m_added_node_params.size() < 24 // bound the query to a reasonable limit
3611 [ # # # # ]: 0 : && std::any_of(m_added_node_params.cbegin(), m_added_node_params.cend(),
3612 [ # # # # : 0 : [&](const auto& p) { return p.m_added_node == addr_str || p.m_added_node == addr_port_str; }));
# # ]
3613 : 0 : }
3614 : :
3615 : 1384 : size_t CConnman::GetNodeCount(ConnectionDirection flags) const
3616 : : {
3617 : 1384 : LOCK(m_nodes_mutex);
3618 [ + + ]: 1384 : if (flags == ConnectionDirection::Both) // Shortcut if we want total
3619 [ - + ]: 1196 : return m_nodes.size();
3620 : :
3621 : 188 : int nNum = 0;
3622 [ + + ]: 6403 : for (const auto& pnode : m_nodes) {
3623 [ + + + + ]: 12428 : if (flags & (pnode->IsInboundConn() ? ConnectionDirection::In : ConnectionDirection::Out)) {
3624 : 111 : nNum++;
3625 : : }
3626 : : }
3627 : :
3628 : 188 : return nNum;
3629 : 1384 : }
3630 : :
3631 : :
3632 : 0 : std::map<CNetAddr, LocalServiceInfo> CConnman::getNetLocalAddresses() const
3633 : : {
3634 : 0 : LOCK(g_maplocalhost_mutex);
3635 [ # # # # ]: 0 : return mapLocalHost;
3636 : 0 : }
3637 : :
3638 : 20962 : uint32_t CConnman::GetMappedAS(const CNetAddr& addr) const
3639 : : {
3640 : 20962 : return m_netgroupman.GetMappedAS(addr);
3641 : : }
3642 : :
3643 : 1714 : void CConnman::GetNodeStats(std::vector<CNodeStats>& vstats) const
3644 : : {
3645 : 1714 : vstats.clear();
3646 : 1714 : LOCK(m_nodes_mutex);
3647 [ - + + - ]: 1714 : vstats.reserve(m_nodes.size());
3648 [ + + ]: 13751 : for (CNode* pnode : m_nodes) {
3649 [ + - ]: 12037 : vstats.emplace_back();
3650 [ + - ]: 12037 : pnode->CopyStats(vstats.back());
3651 [ + - ]: 12037 : vstats.back().m_mapped_as = GetMappedAS(pnode->addr);
3652 : : }
3653 : 1714 : }
3654 : :
3655 : 13 : bool CConnman::DisconnectNode(const std::string& strNode)
3656 : : {
3657 : 13 : LOCK(m_nodes_mutex);
3658 [ + - ]: 176 : auto it = std::ranges::find_if(m_nodes, [&strNode](CNode* node) { return node->m_addr_name == strNode; });
3659 [ - + ]: 13 : if (it != m_nodes.end()) {
3660 : 0 : CNode* node{*it};
3661 [ # # # # : 0 : LogDebug(BCLog::NET, "disconnect by address%s match, %s", (fLogIPs ? strprintf("=%s", strNode) : ""), node->DisconnectMsg(fLogIPs));
# # # # #
# # # #
# ]
3662 : 0 : node->fDisconnect = true;
3663 : 0 : return true;
3664 : : }
3665 : : return false;
3666 : 13 : }
3667 : :
3668 : 188 : bool CConnman::DisconnectNode(const CSubNet& subnet)
3669 : : {
3670 : 188 : bool disconnected = false;
3671 : 188 : LOCK(m_nodes_mutex);
3672 [ + + ]: 11814 : for (CNode* pnode : m_nodes) {
3673 [ + - - + ]: 11626 : if (subnet.Match(pnode->addr)) {
3674 [ # # # # : 0 : LogDebug(BCLog::NET, "disconnect by subnet%s match, %s", (fLogIPs ? strprintf("=%s", subnet.ToString()) : ""), pnode->DisconnectMsg(fLogIPs));
# # # # #
# # # # #
# # # # #
# ]
3675 : 0 : pnode->fDisconnect = true;
3676 : 0 : disconnected = true;
3677 : : }
3678 : : }
3679 [ + - ]: 188 : return disconnected;
3680 : 188 : }
3681 : :
3682 : 160 : bool CConnman::DisconnectNode(const CNetAddr& addr)
3683 : : {
3684 [ + - ]: 160 : return DisconnectNode(CSubNet(addr));
3685 : : }
3686 : :
3687 : 1705 : bool CConnman::DisconnectNode(NodeId id)
3688 : : {
3689 : 1705 : LOCK(m_nodes_mutex);
3690 [ + + ]: 141828 : for(CNode* pnode : m_nodes) {
3691 [ - + ]: 140123 : if (id == pnode->GetId()) {
3692 [ # # # # : 0 : LogDebug(BCLog::NET, "disconnect by id, %s", pnode->DisconnectMsg(fLogIPs));
# # # # ]
3693 : 0 : pnode->fDisconnect = true;
3694 : 0 : return true;
3695 : : }
3696 : : }
3697 : : return false;
3698 : 1705 : }
3699 : :
3700 : 4 : void CConnman::RecordBytesRecv(uint64_t bytes)
3701 : : {
3702 : 4 : nTotalBytesRecv += bytes;
3703 : 4 : }
3704 : :
3705 : 29370 : void CConnman::RecordBytesSent(uint64_t bytes)
3706 : : {
3707 : 29370 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3708 : 29370 : LOCK(m_total_bytes_sent_mutex);
3709 : :
3710 : 29370 : nTotalBytesSent += bytes;
3711 : :
3712 : 29370 : const auto now = GetTime<std::chrono::seconds>();
3713 [ + + ]: 29370 : if (nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME < now)
3714 : : {
3715 : : // timeframe expired, reset cycle
3716 : 4770 : nMaxOutboundCycleStartTime = now;
3717 : 4770 : nMaxOutboundTotalBytesSentInCycle = 0;
3718 : : }
3719 : :
3720 [ + - ]: 29370 : nMaxOutboundTotalBytesSentInCycle += bytes;
3721 : 29370 : }
3722 : :
3723 : 1714 : uint64_t CConnman::GetMaxOutboundTarget() const
3724 : : {
3725 : 1714 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3726 : 1714 : LOCK(m_total_bytes_sent_mutex);
3727 [ + - ]: 1714 : return nMaxOutboundLimit;
3728 : 1714 : }
3729 : :
3730 : 1714 : std::chrono::seconds CConnman::GetMaxOutboundTimeframe() const
3731 : : {
3732 : 1714 : return MAX_UPLOAD_TIMEFRAME;
3733 : : }
3734 : :
3735 : 1714 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle() const
3736 : : {
3737 : 1714 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3738 : 1714 : LOCK(m_total_bytes_sent_mutex);
3739 [ + - ]: 1714 : return GetMaxOutboundTimeLeftInCycle_();
3740 : 1714 : }
3741 : :
3742 : 29053 : std::chrono::seconds CConnman::GetMaxOutboundTimeLeftInCycle_() const
3743 : : {
3744 : 29053 : AssertLockHeld(m_total_bytes_sent_mutex);
3745 : :
3746 [ + + ]: 29053 : if (nMaxOutboundLimit == 0)
3747 : 727 : return 0s;
3748 : :
3749 [ + + ]: 28326 : if (nMaxOutboundCycleStartTime.count() == 0)
3750 : 28279 : return MAX_UPLOAD_TIMEFRAME;
3751 : :
3752 : 47 : const std::chrono::seconds cycleEndTime = nMaxOutboundCycleStartTime + MAX_UPLOAD_TIMEFRAME;
3753 : 47 : const auto now = GetTime<std::chrono::seconds>();
3754 [ - + ]: 47 : return (cycleEndTime < now) ? 0s : cycleEndTime - now;
3755 : : }
3756 : :
3757 : 29761 : bool CConnman::OutboundTargetReached(bool historicalBlockServingLimit) const
3758 : : {
3759 : 29761 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3760 : 29761 : LOCK(m_total_bytes_sent_mutex);
3761 [ + + ]: 29761 : if (nMaxOutboundLimit == 0)
3762 : : return false;
3763 : :
3764 [ + + ]: 27361 : if (historicalBlockServingLimit)
3765 : : {
3766 : : // keep a large enough buffer to at least relay each block once
3767 [ + - ]: 27339 : const std::chrono::seconds timeLeftInCycle = GetMaxOutboundTimeLeftInCycle_();
3768 : 27339 : const uint64_t buffer = timeLeftInCycle / std::chrono::minutes{10} * MAX_BLOCK_SERIALIZED_SIZE;
3769 [ + + - + ]: 27339 : if (buffer >= nMaxOutboundLimit || nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit - buffer)
3770 : 11 : return true;
3771 : : }
3772 [ - + ]: 22 : else if (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit)
3773 : 0 : return true;
3774 : :
3775 : : return false;
3776 : 29761 : }
3777 : :
3778 : 1714 : uint64_t CConnman::GetOutboundTargetBytesLeft() const
3779 : : {
3780 : 1714 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3781 : 1714 : LOCK(m_total_bytes_sent_mutex);
3782 [ + + ]: 1714 : if (nMaxOutboundLimit == 0)
3783 : : return 0;
3784 : :
3785 [ + - ]: 987 : return (nMaxOutboundTotalBytesSentInCycle >= nMaxOutboundLimit) ? 0 : nMaxOutboundLimit - nMaxOutboundTotalBytesSentInCycle;
3786 : 1714 : }
3787 : :
3788 : 1714 : uint64_t CConnman::GetTotalBytesRecv() const
3789 : : {
3790 : 1714 : return nTotalBytesRecv;
3791 : : }
3792 : :
3793 : 1714 : uint64_t CConnman::GetTotalBytesSent() const
3794 : : {
3795 : 1714 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3796 : 1714 : LOCK(m_total_bytes_sent_mutex);
3797 [ + - ]: 1714 : return nTotalBytesSent;
3798 : 1714 : }
3799 : :
3800 : 5187 : ServiceFlags CConnman::GetLocalServices() const
3801 : : {
3802 : 5187 : return m_local_services;
3803 : : }
3804 : :
3805 : 25496 : static std::unique_ptr<Transport> MakeTransport(NodeId id, bool use_v2transport, bool inbound) noexcept
3806 : : {
3807 [ - + ]: 25496 : if (use_v2transport) {
3808 [ # # ]: 0 : return std::make_unique<V2Transport>(id, /*initiating=*/!inbound);
3809 : : } else {
3810 [ - + ]: 25496 : return std::make_unique<V1Transport>(id);
3811 : : }
3812 : : }
3813 : :
3814 : 25496 : CNode::CNode(NodeId idIn,
3815 : : std::shared_ptr<Sock> sock,
3816 : : const CAddress& addrIn,
3817 : : uint64_t nKeyedNetGroupIn,
3818 : : uint64_t nLocalHostNonceIn,
3819 : : const CService& addrBindIn,
3820 : : const std::string& addrNameIn,
3821 : : ConnectionType conn_type_in,
3822 : : bool inbound_onion,
3823 : : uint64_t network_key,
3824 : 25496 : CNodeOptions&& node_opts)
3825 : 25496 : : m_transport{MakeTransport(idIn, node_opts.use_v2transport, conn_type_in == ConnectionType::INBOUND)},
3826 : 25496 : m_permission_flags{node_opts.permission_flags},
3827 [ + + ]: 25496 : m_sock{sock},
3828 : 25496 : m_connected{GetTime<std::chrono::seconds>()},
3829 : 25496 : addr{addrIn},
3830 : 25496 : addrBind{addrBindIn},
3831 [ + + + - ]: 25496 : m_addr_name{addrNameIn.empty() ? addr.ToStringAddrPort() : addrNameIn},
3832 [ - + ]: 25496 : m_dest(addrNameIn),
3833 : 25496 : m_inbound_onion{inbound_onion},
3834 [ + - ]: 25496 : m_prefer_evict{node_opts.prefer_evict},
3835 : 25496 : nKeyedNetGroup{nKeyedNetGroupIn},
3836 : 25496 : m_network_key{network_key},
3837 : 25496 : m_conn_type{conn_type_in},
3838 : 25496 : id{idIn},
3839 : 25496 : nLocalHostNonce{nLocalHostNonceIn},
3840 [ + - ]: 25496 : m_recv_flood_size{node_opts.recv_flood_size},
3841 [ + - + - : 50992 : m_i2p_sam_session{std::move(node_opts.i2p_sam_session)}
+ + ]
3842 : : {
3843 [ + + + - ]: 25496 : if (inbound_onion) assert(conn_type_in == ConnectionType::INBOUND);
3844 : :
3845 [ + + ]: 917856 : for (const auto& msg : ALL_NET_MESSAGE_TYPES) {
3846 [ + - ]: 892360 : mapRecvBytesPerMsgType[msg] = 0;
3847 : : }
3848 [ + - ]: 25496 : mapRecvBytesPerMsgType[NET_MESSAGE_TYPE_OTHER] = 0;
3849 : :
3850 [ - + ]: 25496 : if (fLogIPs) {
3851 [ # # # # : 0 : LogDebug(BCLog::NET, "Added connection to %s peer=%d\n", m_addr_name, id);
# # ]
3852 : : } else {
3853 [ + - - + : 25496 : LogDebug(BCLog::NET, "Added connection peer=%d\n", id);
- - ]
3854 : : }
3855 [ - - ]: 25496 : }
3856 : :
3857 : 71271 : void CNode::MarkReceivedMsgsForProcessing()
3858 : : {
3859 : 71271 : AssertLockNotHeld(m_msg_process_queue_mutex);
3860 : :
3861 : 71271 : size_t nSizeAdded = 0;
3862 [ + + ]: 142542 : for (const auto& msg : vRecvMsg) {
3863 : : // vRecvMsg contains only completed CNetMessage
3864 : : // the single possible partially deserialized message are held by TransportDeserializer
3865 : 71271 : nSizeAdded += msg.GetMemoryUsage();
3866 : : }
3867 : :
3868 : 71271 : LOCK(m_msg_process_queue_mutex);
3869 : 71271 : m_msg_process_queue.splice(m_msg_process_queue.end(), vRecvMsg);
3870 : 71271 : m_msg_process_queue_size += nSizeAdded;
3871 [ + - ]: 71271 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
3872 : 71271 : }
3873 : :
3874 : 64162 : std::optional<std::pair<CNetMessage, bool>> CNode::PollMessage()
3875 : : {
3876 : 64162 : LOCK(m_msg_process_queue_mutex);
3877 [ + + ]: 64162 : if (m_msg_process_queue.empty()) return std::nullopt;
3878 : :
3879 : 61354 : std::list<CNetMessage> msgs;
3880 : : // Just take one message
3881 : 61354 : msgs.splice(msgs.begin(), m_msg_process_queue, m_msg_process_queue.begin());
3882 : 61354 : m_msg_process_queue_size -= msgs.front().GetMemoryUsage();
3883 : 61354 : fPauseRecv = m_msg_process_queue_size > m_recv_flood_size;
3884 : :
3885 : 122708 : return std::make_pair(std::move(msgs.front()), !m_msg_process_queue.empty());
3886 : 61354 : }
3887 : :
3888 : 31151 : bool CConnman::NodeFullyConnected(const CNode* pnode)
3889 : : {
3890 [ + - - + : 31151 : return pnode && pnode->fSuccessfullyConnected && !pnode->fDisconnect;
- - ]
3891 : : }
3892 : :
3893 : 59746 : void CConnman::PushMessage(CNode* pnode, CSerializedNetMsg&& msg)
3894 : : {
3895 : 59746 : AssertLockNotHeld(m_total_bytes_sent_mutex);
3896 [ - + ]: 59746 : size_t nMessageSize = msg.data.size();
3897 [ - + ]: 59746 : LogDebug(BCLog::NET, "sending %s (%d bytes) peer=%d\n", msg.m_type, nMessageSize, pnode->GetId());
3898 [ + - - + ]: 59746 : if (gArgs.GetBoolArg("-capturemessages", false)) {
3899 [ # # ]: 0 : CaptureMessage(pnode->addr, msg.m_type, msg.data, /*is_incoming=*/false);
3900 : : }
3901 : :
3902 : : TRACEPOINT(net, outbound_message,
3903 : : pnode->GetId(),
3904 : : pnode->m_addr_name.c_str(),
3905 : : pnode->ConnectionTypeAsString().c_str(),
3906 : : msg.m_type.c_str(),
3907 : : msg.data.size(),
3908 : : msg.data.data()
3909 : 59746 : );
3910 : :
3911 : 59746 : size_t nBytesSent = 0;
3912 : 59746 : {
3913 : 59746 : LOCK(pnode->cs_vSend);
3914 : : // Check if the transport still has unsent bytes, and indicate to it that we're about to
3915 : : // give it a message to send.
3916 [ + + ]: 59746 : const auto& [to_send, more, _msg_type] =
3917 [ + + ]: 59746 : pnode->m_transport->GetBytesToSend(/*have_next_message=*/true);
3918 [ + + - + ]: 59746 : const bool queue_was_empty{to_send.empty() && pnode->vSendMsg.empty()};
3919 : :
3920 : : // Update memory usage of send buffer.
3921 : 59746 : pnode->m_send_memusage += msg.GetMemoryUsage();
3922 [ + - ]: 59746 : if (pnode->m_send_memusage + pnode->m_transport->GetSendMemoryUsage() > nSendBufferMaxSize) pnode->fPauseSend = true;
3923 : : // Move message to vSendMsg queue.
3924 [ + - ]: 59746 : pnode->vSendMsg.push_back(std::move(msg));
3925 : :
3926 : : // If there was nothing to send before, and there is now (predicted by the "more" value
3927 : : // returned by the GetBytesToSend call above), attempt "optimistic write":
3928 : : // because the poll/select loop may pause for SELECT_TIMEOUT_MILLISECONDS before actually
3929 : : // doing a send, try sending from the calling thread if the queue was empty before.
3930 : : // With a V1Transport, more will always be true here, because adding a message always
3931 : : // results in sendable bytes there, but with V2Transport this is not the case (it may
3932 : : // still be in the handshake).
3933 [ + + + - ]: 59746 : if (queue_was_empty && more) {
3934 [ + - ]: 38543 : std::tie(nBytesSent, std::ignore) = SocketSendData(*pnode);
3935 : : }
3936 : 59746 : }
3937 [ + + ]: 59746 : if (nBytesSent) RecordBytesSent(nBytesSent);
3938 : 59746 : }
3939 : :
3940 : 26 : bool CConnman::ForNode(NodeId id, std::function<bool(CNode* pnode)> func)
3941 : : {
3942 : 26 : CNode* found = nullptr;
3943 : 26 : LOCK(m_nodes_mutex);
3944 [ + + ]: 490 : for (auto&& pnode : m_nodes) {
3945 [ + - ]: 464 : if(pnode->GetId() == id) {
3946 : : found = pnode;
3947 : : break;
3948 : : }
3949 : : }
3950 [ - + - - : 26 : return found != nullptr && NodeFullyConnected(found) && func(found);
- - - - -
- + - ]
3951 : 26 : }
3952 : :
3953 : 137 : CSipHasher CConnman::GetDeterministicRandomizer(uint64_t id) const
3954 : : {
3955 : 137 : return CSipHasher(nSeed0, nSeed1).Write(id);
3956 : : }
3957 : :
3958 : 0 : uint64_t CConnman::CalculateKeyedNetGroup(const CNetAddr& address) const
3959 : : {
3960 : 0 : std::vector<unsigned char> vchNetGroup(m_netgroupman.GetGroup(address));
3961 : :
3962 [ # # # # : 0 : return GetDeterministicRandomizer(RANDOMIZER_ID_NETGROUP).Write(vchNetGroup).Finalize();
# # ]
3963 : 0 : }
3964 : :
3965 : 0 : void CConnman::PerformReconnections()
3966 : : {
3967 : 0 : AssertLockNotHeld(m_reconnections_mutex);
3968 : 0 : AssertLockNotHeld(m_unused_i2p_sessions_mutex);
3969 : 0 : while (true) {
3970 : : // Move first element of m_reconnections to todo (avoiding an allocation inside the lock).
3971 [ # # ]: 0 : decltype(m_reconnections) todo;
3972 : 0 : {
3973 [ # # ]: 0 : LOCK(m_reconnections_mutex);
3974 [ # # ]: 0 : if (m_reconnections.empty()) break;
3975 [ # # ]: 0 : todo.splice(todo.end(), m_reconnections, m_reconnections.begin());
3976 : 0 : }
3977 : :
3978 [ # # ]: 0 : auto& item = *todo.begin();
3979 [ # # ]: 0 : OpenNetworkConnection(item.addr_connect,
3980 : : // We only reconnect if the first attempt to connect succeeded at
3981 : : // connection time, but then failed after the CNode object was
3982 : : // created. Since we already know connecting is possible, do not
3983 : : // count failure to reconnect.
3984 : : /*fCountFailure=*/false,
3985 [ # # ]: 0 : std::move(item.grant),
3986 : 0 : item.destination.empty() ? nullptr : item.destination.c_str(),
3987 : : item.conn_type,
3988 [ # # ]: 0 : item.use_v2transport);
3989 : 0 : }
3990 : 0 : }
3991 : :
3992 : 1713 : void CConnman::ASMapHealthCheck()
3993 : : {
3994 : 1713 : const std::vector<CAddress> v4_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV4, /*filtered=*/false)};
3995 [ + - ]: 1713 : const std::vector<CAddress> v6_addrs{GetAddressesUnsafe(/*max_addresses=*/0, /*max_pct=*/0, Network::NET_IPV6, /*filtered=*/false)};
3996 : 1713 : std::vector<CNetAddr> clearnet_addrs;
3997 [ - + - + : 1713 : clearnet_addrs.reserve(v4_addrs.size() + v6_addrs.size());
+ - ]
3998 [ + - ]: 1713 : std::transform(v4_addrs.begin(), v4_addrs.end(), std::back_inserter(clearnet_addrs),
3999 [ + - ]: 97 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4000 [ + - ]: 1713 : std::transform(v6_addrs.begin(), v6_addrs.end(), std::back_inserter(clearnet_addrs),
4001 [ + - ]: 1086 : [](const CAddress& addr) { return static_cast<CNetAddr>(addr); });
4002 [ + - ]: 1713 : m_netgroupman.ASMapHealthCheck(clearnet_addrs);
4003 : 1713 : }
4004 : :
4005 : : // Dump binary message to file, with timestamp.
4006 : 0 : static void CaptureMessageToFile(const CAddress& addr,
4007 : : const std::string& msg_type,
4008 : : std::span<const unsigned char> data,
4009 : : bool is_incoming)
4010 : : {
4011 : : // Note: This function captures the message at the time of processing,
4012 : : // not at socket receive/send time.
4013 : : // This ensures that the messages are always in order from an application
4014 : : // layer (processing) perspective.
4015 : 0 : auto now = GetTime<std::chrono::microseconds>();
4016 : :
4017 : : // Windows folder names cannot include a colon
4018 : 0 : std::string clean_addr = addr.ToStringAddrPort();
4019 [ # # ]: 0 : std::replace(clean_addr.begin(), clean_addr.end(), ':', '_');
4020 : :
4021 [ # # # # : 0 : fs::path base_path = gArgs.GetDataDirNet() / "message_capture" / fs::u8path(clean_addr);
# # ]
4022 [ # # ]: 0 : fs::create_directories(base_path);
4023 : :
4024 [ # # # # ]: 0 : fs::path path = base_path / (is_incoming ? "msgs_recv.dat" : "msgs_sent.dat");
4025 [ # # # # ]: 0 : AutoFile f{fsbridge::fopen(path, "ab")};
4026 : :
4027 [ # # ]: 0 : ser_writedata64(f, now.count());
4028 [ # # # # ]: 0 : f << std::span{msg_type};
4029 [ # # # # ]: 0 : for (auto i = msg_type.length(); i < CMessageHeader::MESSAGE_TYPE_SIZE; ++i) {
4030 [ # # ]: 0 : f << uint8_t{'\0'};
4031 : : }
4032 [ # # ]: 0 : uint32_t size = data.size();
4033 [ # # ]: 0 : ser_writedata32(f, size);
4034 [ # # ]: 0 : f << data;
4035 : :
4036 [ # # # # ]: 0 : if (f.fclose() != 0) {
4037 : 0 : throw std::ios_base::failure(
4038 [ # # # # : 0 : strprintf("Error closing %s after write, file contents are likely incomplete", fs::PathToString(path)));
# # ]
4039 : : }
4040 : 0 : }
4041 : :
4042 : : std::function<void(const CAddress& addr,
4043 : : const std::string& msg_type,
4044 : : std::span<const unsigned char> data,
4045 : : bool is_incoming)>
4046 : : CaptureMessage = CaptureMessageToFile;
|