2 // Unit tests for denial-of-service detection/prevention code
4 #include <boost/assign/list_of.hpp> // for 'map_list_of()'
5 #include <boost/test/unit_test.hpp>
6 #include <boost/foreach.hpp>
15 // Tests this internal-to-main.cpp method:
16 extern void AddOrphanTx(const CDataStream& vMsg);
17 extern unsigned int LimitOrphanTxSize(unsigned int nMaxOrphans);
18 extern std::map<uint256, CDataStream*> mapOrphanTransactions;
19 extern std::multimap<uint256, CDataStream*> mapOrphanTransactionsByPrev;
21 CService ip(uint32_t i)
25 return CService(CNetAddr(s), GetDefaultPort());
28 BOOST_AUTO_TEST_SUITE(DoS_tests)
30 BOOST_AUTO_TEST_CASE(DoS_banning)
33 CAddress addr1(ip(0xa0b0c001));
34 CNode dummyNode1(INVALID_SOCKET, addr1, true);
35 dummyNode1.Misbehaving(100); // Should get banned
36 BOOST_CHECK(CNode::IsBanned(addr1));
37 BOOST_CHECK(!CNode::IsBanned(ip(0xa0b0c001|0x0000ff00))); // Different ip, not banned
39 CAddress addr2(ip(0xa0b0c002));
40 CNode dummyNode2(INVALID_SOCKET, addr2, true);
41 dummyNode2.Misbehaving(50);
42 BOOST_CHECK(!CNode::IsBanned(addr2)); // 2 not banned yet...
43 BOOST_CHECK(CNode::IsBanned(addr1)); // ... but 1 still should be
44 dummyNode2.Misbehaving(50);
45 BOOST_CHECK(CNode::IsBanned(addr2));
48 BOOST_AUTO_TEST_CASE(DoS_banscore)
51 mapArgs["-banscore"] = "111"; // because 11 is my favorite number
52 CAddress addr1(ip(0xa0b0c001));
53 CNode dummyNode1(INVALID_SOCKET, addr1, true);
54 dummyNode1.Misbehaving(100);
55 BOOST_CHECK(!CNode::IsBanned(addr1));
56 dummyNode1.Misbehaving(10);
57 BOOST_CHECK(!CNode::IsBanned(addr1));
58 dummyNode1.Misbehaving(1);
59 BOOST_CHECK(CNode::IsBanned(addr1));
60 mapArgs["-banscore"] = "100";
63 BOOST_AUTO_TEST_CASE(DoS_bantime)
66 int64 nStartTime = GetTime();
67 SetMockTime(nStartTime); // Overrides future calls to GetTime()
69 CAddress addr(ip(0xa0b0c001));
70 CNode dummyNode(INVALID_SOCKET, addr, true);
72 dummyNode.Misbehaving(100);
73 BOOST_CHECK(CNode::IsBanned(addr));
75 SetMockTime(nStartTime+60*60);
76 BOOST_CHECK(CNode::IsBanned(addr));
78 SetMockTime(nStartTime+60*60*24+1);
79 BOOST_CHECK(!CNode::IsBanned(addr));
82 static bool CheckNBits(unsigned int nbits1, int64 time1, unsigned int nbits2, int64 time2)\
85 return CheckNBits(nbits2, time2, nbits1, time1);
86 int64 deltaTime = time2-time1;
89 required.SetCompact(ComputeMinWork(nbits1, deltaTime));
91 have.SetCompact(nbits2);
92 return (have <= required);
95 BOOST_AUTO_TEST_CASE(DoS_checknbits)
97 using namespace boost::assign; // for 'map_list_of()'
99 // Timestamps,nBits from the bitcoin blockchain.
100 // These are the block-chain checkpoint blocks
101 typedef std::map<int64, unsigned int> BlockData;
102 BlockData chainData =
103 map_list_of(1239852051,486604799)(1262749024,486594666)
104 (1279305360,469854461)(1280200847,469830746)(1281678674,469809688)
105 (1296207707,453179945)(1302624061,453036989)(1309640330,437004818)
106 (1313172719,436789733);
108 // Make sure CheckNBits considers every combination of block-chain-lock-in-points
110 BOOST_FOREACH(const BlockData::value_type& i, chainData)
112 BOOST_FOREACH(const BlockData::value_type& j, chainData)
114 BOOST_CHECK(CheckNBits(i.second, i.first, j.second, j.first));
118 // Test a couple of insane combinations:
119 BlockData::value_type firstcheck = *(chainData.begin());
120 BlockData::value_type lastcheck = *(chainData.rbegin());
122 // First checkpoint difficulty at or a while after the last checkpoint time should fail when
123 // compared to last checkpoint
124 BOOST_CHECK(!CheckNBits(firstcheck.second, lastcheck.first+60*10, lastcheck.second, lastcheck.first));
125 BOOST_CHECK(!CheckNBits(firstcheck.second, lastcheck.first+60*60*24*14, lastcheck.second, lastcheck.first));
127 // ... but OK if enough time passed for difficulty to adjust downward:
128 BOOST_CHECK(CheckNBits(firstcheck.second, lastcheck.first+60*60*24*365*4, lastcheck.second, lastcheck.first));
132 static uint256 RandomHash()
134 std::vector<unsigned char> randbytes(32);
135 RAND_bytes(&randbytes[0], 32);
136 uint256 randomhash(randbytes);
140 CTransaction RandomOrphan()
142 std::map<uint256, CDataStream*>::iterator it;
143 it = mapOrphanTransactions.lower_bound(RandomHash());
144 if (it == mapOrphanTransactions.end())
145 it = mapOrphanTransactions.begin();
146 const CDataStream* pvMsg = it->second;
148 CDataStream(*pvMsg) >> tx;
152 BOOST_AUTO_TEST_CASE(DoS_mapOrphans)
155 key.MakeNewKey(true);
156 CBasicKeyStore keystore;
157 keystore.AddKey(key);
159 // 50 orphan transactions:
160 for (int i = 0; i < 50; i++)
164 tx.vin[0].prevout.n = 0;
165 tx.vin[0].prevout.hash = RandomHash();
166 tx.vin[0].scriptSig << OP_1;
168 tx.vout[0].nValue = 1*CENT;
169 tx.vout[0].scriptPubKey.SetBitcoinAddress(key.GetPubKey());
171 CDataStream ds(SER_DISK, CLIENT_VERSION);
176 // ... and 50 that depend on other orphans:
177 for (int i = 0; i < 50; i++)
179 CTransaction txPrev = RandomOrphan();
183 tx.vin[0].prevout.n = 0;
184 tx.vin[0].prevout.hash = txPrev.GetHash();
186 tx.vout[0].nValue = 1*CENT;
187 tx.vout[0].scriptPubKey.SetBitcoinAddress(key.GetPubKey());
188 SignSignature(keystore, txPrev, tx, 0);
190 CDataStream ds(SER_DISK, CLIENT_VERSION);
195 // Test LimitOrphanTxSize() function:
196 LimitOrphanTxSize(40);
197 BOOST_CHECK(mapOrphanTransactions.size() <= 40);
198 LimitOrphanTxSize(10);
199 BOOST_CHECK(mapOrphanTransactions.size() <= 10);
200 LimitOrphanTxSize(0);
201 BOOST_CHECK(mapOrphanTransactions.empty());
202 BOOST_CHECK(mapOrphanTransactionsByPrev.empty());
205 BOOST_AUTO_TEST_SUITE_END()