X-Git-Url: https://git.novaco.in/?p=novacoin.git;a=blobdiff_plain;f=src%2Fmain.cpp;h=c41f43ad3b963d6f422ff109cfb62737bbabdf55;hp=aaa8c52dca62c15c1c612d20b6d82ff17597bea4;hb=8e064484abe4d65e15e3ec1bcdbb2b91f97dd726;hpb=36d2ec199438bb189921d8adf12ad77fee1d969e diff --git a/src/main.cpp b/src/main.cpp index aaa8c52..c41f43a 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -7,7 +7,6 @@ #include "checkpoints.h" #include "db.h" #include "txdb.h" -#include "net.h" #include "init.h" #include "ui_interface.h" #include "checkqueue.h" @@ -42,10 +41,10 @@ uint256 nPoWBase = uint256("0x00000000ffff00000000000000000000000000000000000000 CBigNum bnProofOfWorkLimitTestNet(~uint256(0) >> 16); -unsigned int nStakeMinAge = 60 * 60 * 24 * 30; // 30 days as zero time weight -unsigned int nStakeMaxAge = 60 * 60 * 24 * 90; // 90 days as full weight +unsigned int nStakeMinAge = 30 * nOneDay; // 30 days as zero time weight +unsigned int nStakeMaxAge = 90 * nOneDay; // 90 days as full weight unsigned int nStakeTargetSpacing = 10 * 60; // 10-minute stakes spacing -unsigned int nModifierInterval = 6 * 60 * 60; // time to elapse before new modifier is computed +unsigned int nModifierInterval = 6 * nOneHour; // time to elapse before new modifier is computed int nCoinbaseMaturity = 500; @@ -81,7 +80,6 @@ int64_t nMinimumInputValue = MIN_TXOUT_AMOUNT; // Ping and address broadcast intervals int64_t nPingInterval = 30 * 60; -int64_t nBroadcastInterval = 24 * 60 * 60; extern enum Checkpoints::CPMode CheckpointsMode; @@ -182,10 +180,10 @@ void static Inventory(const uint256& hash) } // ask wallets to resend their transactions -void ResendWalletTransactions() +void ResendWalletTransactions(bool fForceResend) { BOOST_FOREACH(CWallet* pwallet, setpwalletRegistered) - pwallet->ResendWalletTransactions(); + pwallet->ResendWalletTransactions(fForceResend); } @@ -430,7 +428,7 @@ unsigned int CTransaction::GetLegacySigOpCount() const { unsigned int nSigOps = 0; - if (!IsCoinBase() || nTime < COINBASE_SIGOPS_SWITCH_TIME) + if (!IsCoinBase()) { // Coinbase scriptsigs are never executed, so there is // no sense in calculation of sigops. @@ -619,6 +617,10 @@ bool CTxMemPool::accept(CTxDB& txdb, CTransaction &tx, bool fCheckInputs, if (pfMissingInputs) *pfMissingInputs = false; + // Time (prevent mempool memory exhaustion attack) + if (tx.nTime > FutureDrift(GetAdjustedTime())) + return tx.DoS(10, error("CTxMemPool::accept() : transaction timestamp is too far in the future")); + if (!tx.CheckTransaction()) return error("CTxMemPool::accept() : CheckTransaction failed"); @@ -1124,7 +1126,7 @@ int64_t GetProofOfStakeReward(int64_t nCoinAge, unsigned int nBits, int64_t nTim return nSubsidy; } -static const int64_t nTargetTimespan = 7 * 24 * 60 * 60; // one week +static const int64_t nTargetTimespan = 7 * nOneDay; // one week // get proof of work blocks max spacing according to hard-coded conditions int64_t inline GetTargetSpacingWorkMax(int nHeight, unsigned int nTime) @@ -1150,7 +1152,7 @@ unsigned int ComputeMaxBits(CBigNum bnTargetLimit, unsigned int nBase, int64_t n { // Maximum 200% adjustment per day... bnResult *= 2; - nTime -= 24 * 60 * 60; + nTime -= nOneDay; } if (bnResult > bnTargetLimit) bnResult = bnTargetLimit; @@ -1186,10 +1188,10 @@ const CBlockIndex* GetLastBlockIndex(const CBlockIndex* pindex, bool fProofOfSta unsigned int GetNextTargetRequired(const CBlockIndex* pindexLast, bool fProofOfStake) { - CBigNum bnTargetLimit = !fProofOfStake ? bnProofOfWorkLimit : GetProofOfStakeLimit(pindexLast->nHeight, pindexLast->nTime); - if (pindexLast == NULL) - return bnTargetLimit.GetCompact(); // genesis block + return bnProofOfWorkLimit.GetCompact(); // genesis block + + CBigNum bnTargetLimit = !fProofOfStake ? bnProofOfWorkLimit : GetProofOfStakeLimit(pindexLast->nHeight, pindexLast->nTime); const CBlockIndex* pindexPrev = GetLastBlockIndex(pindexLast, fProofOfStake); if (pindexPrev->pprev == NULL) @@ -1250,7 +1252,7 @@ bool IsInitialBlockDownload() nLastUpdate = nCurrentTime; } return (nCurrentTime - nLastUpdate < 10 && - pindexBest->GetBlockTime() < nCurrentTime - 24 * 60 * 60); + pindexBest->GetBlockTime() < nCurrentTime - nOneDay); } void static InvalidChainFound(CBlockIndex* pindexNew) @@ -1755,8 +1757,16 @@ bool CBlock::ConnectBlock(CTxDB& txdb, CBlockIndex* pindex, bool fJustCheck) if (!tx.IsCoinStake()) nFees += nTxValueIn - nTxValueOut; + unsigned int nFlags = SCRIPT_VERIFY_NOCACHE | SCRIPT_VERIFY_P2SH; + + if (tx.nTime >= CHECKLOCKTIMEVERIFY_SWITCH_TIME) { + nFlags |= SCRIPT_VERIFY_CHECKLOCKTIMEVERIFY; + // OP_CHECKSEQUENCEVERIFY is senseless without BIP68, so we're going disable it for now. + // nFlags |= SCRIPT_VERIFY_CHECKSEQUENCEVERIFY; + } + std::vector vChecks; - if (!tx.ConnectInputs(txdb, mapInputs, mapQueuedChanges, posThisTx, pindex, true, false, fScriptChecks, SCRIPT_VERIFY_NOCACHE | SCRIPT_VERIFY_P2SH, nScriptCheckThreads ? &vChecks : NULL)) + if (!tx.ConnectInputs(txdb, mapInputs, mapQueuedChanges, posThisTx, pindex, true, false, fScriptChecks, nFlags, nScriptCheckThreads ? &vChecks : NULL)) return false; control.Add(vChecks); } @@ -1827,11 +1837,11 @@ bool static Reorganize(CTxDB& txdb, CBlockIndex* pindexNew) while (pfork != plonger) { while (plonger->nHeight > pfork->nHeight) - if (!(plonger = plonger->pprev)) + if ((plonger = plonger->pprev) == NULL) return error("Reorganize() : plonger->pprev is null"); if (pfork == plonger) break; - if (!(pfork = pfork->pprev)) + if ((pfork = pfork->pprev) == NULL) return error("Reorganize() : pfork->pprev is null"); } @@ -2097,7 +2107,7 @@ bool CTransaction::GetCoinAge(CTxDB& txdb, uint64_t& nCoinAge) const printf("coin age nValueIn=%" PRId64 " nTimeDiff=%d bnCentSecond=%s\n", nValueIn, nTime - txPrev.nTime, bnCentSecond.ToString().c_str()); } - CBigNum bnCoinDay = bnCentSecond * CENT / COIN / (24 * 60 * 60); + CBigNum bnCoinDay = bnCentSecond * CENT / COIN / nOneDay; if (fDebug && GetBoolArg("-printcoinage")) printf("coin age bnCoinDay=%s\n", bnCoinDay.ToString().c_str()); nCoinAge = bnCoinDay.getuint64(); @@ -2134,7 +2144,7 @@ bool CBlock::AddToBlockIndex(unsigned int nFile, unsigned int nBlockPos) return error("AddToBlockIndex() : %s already exists", hash.ToString().substr(0,20).c_str()); // Construct new block index object - CBlockIndex* pindexNew = new CBlockIndex(nFile, nBlockPos, *this); + CBlockIndex* pindexNew = new(nothrow) CBlockIndex(nFile, nBlockPos, *this); if (!pindexNew) return error("AddToBlockIndex() : new CBlockIndex failed"); pindexNew->phashBlock = &hash; @@ -2335,10 +2345,19 @@ bool CBlock::AcceptBlock() if (nBits != GetNextTargetRequired(pindexPrev, IsProofOfStake())) return DoS(100, error("AcceptBlock() : incorrect %s", IsProofOfWork() ? "proof-of-work" : "proof-of-stake")); + int64_t nMedianTimePast = pindexPrev->GetMedianTimePast(); + int nMaxOffset = 12 * nOneHour; // 12 hours + if (fTestNet || pindexPrev->nTime < 1450569600) + nMaxOffset = 7 * nOneWeek; // One week (permanently on testNet or until 20 Dec, 2015 on mainNet) + // Check timestamp against prev - if (GetBlockTime() <= pindexPrev->GetMedianTimePast() || FutureDrift(GetBlockTime()) < pindexPrev->GetBlockTime()) + if (GetBlockTime() <= nMedianTimePast || FutureDrift(GetBlockTime()) < pindexPrev->GetBlockTime()) return error("AcceptBlock() : block's timestamp is too early"); + // Don't accept blocks with future timestamps + if (pindexPrev->nHeight > 1 && nMedianTimePast + nMaxOffset < GetBlockTime()) + return error("AcceptBlock() : block's timestamp is too far in the future"); + // Check that all transactions are finalized BOOST_FOREACH(const CTransaction& tx, vtx) if (!tx.IsFinal(nHeight, GetBlockTime())) @@ -2488,7 +2507,7 @@ bool static ReserealizeBlockSignature(CBlock* pblock) return true; } - return CKey::ReserealizeSignature(pblock->vchBlockSig); + return CPubKey::ReserealizeSignature(pblock->vchBlockSig); } bool static IsCanonicalBlockSignature(CBlock* pblock) @@ -2508,6 +2527,13 @@ bool ProcessBlock(CNode* pfrom, CBlock* pblock) if (mapOrphanBlocks.count(hash)) return error("ProcessBlock() : already have block (orphan) %s", hash.ToString().substr(0,20).c_str()); + // Check that block isn't listed as unconditionally banned. + if (!Checkpoints::CheckBanned(hash)) { + if (pfrom) + pfrom->Misbehaving(100); + return error("ProcessBlock() : block %s is rejected by hard-coded banlist", hash.GetHex().substr(0,20).c_str()); + } + // Check proof-of-stake // Limited duplicity on stake: prevents block flood attack // Duplicate stake allowed only when there is orphan child block @@ -2640,8 +2666,8 @@ bool CBlock::CheckBlockSignature() const if (whichType == TX_PUBKEY) { valtype& vchPubKey = vSolutions[0]; - CKey key; - if (!key.SetPubKey(vchPubKey)) + CPubKey key(vchPubKey); + if (!key.IsValid()) return false; return key.Verify(GetHash(), vchBlockSig); } @@ -2675,7 +2701,7 @@ static filesystem::path BlockFilePath(unsigned int nFile) FILE* OpenBlockFile(unsigned int nFile, unsigned int nBlockPos, const char* pszMode) { - if ((nFile < 1) || (nFile == (unsigned int) -1)) + if ((nFile < 1) || (nFile == std::numeric_limits::max())) return NULL; FILE* file = fopen(BlockFilePath(nFile).string().c_str(), pszMode); if (!file) @@ -2696,7 +2722,7 @@ static unsigned int nCurrentBlockFile = 1; FILE* AppendBlockFile(unsigned int& nFileRet) { nFileRet = 0; - while (true) + for ( ; ; ) { FILE* file = OpenBlockFile(nCurrentBlockFile, 0, "ab"); if (!file) @@ -2736,7 +2762,7 @@ bool LoadBlockIndex(bool fAllowNew) pchMessageStart[3] = 0xef; bnProofOfWorkLimit = bnProofOfWorkLimitTestNet; // 16 bits PoW target limit for testnet - nStakeMinAge = 2 * 60 * 60; // test net min age is 2 hours + nStakeMinAge = 2 * nOneHour; // test net min age is 2 hours nModifierInterval = 20 * 60; // test modifier interval is 20 minutes nCoinbaseMaturity = 10; // test maturity is 10 blocks nStakeTargetSpacing = 5 * 60; // test block spacing is 5 minutes @@ -2942,15 +2968,15 @@ bool LoadExternalBlockFile(FILE* fileIn) try { CAutoFile blkdat(fileIn, SER_DISK, CLIENT_VERSION); unsigned int nPos = 0; - while (nPos != (unsigned int)-1 && blkdat.good() && !fRequestShutdown) + while (nPos != std::numeric_limits::max() && blkdat.good() && !fRequestShutdown) { unsigned char pchData[65536]; do { fseek(blkdat, nPos, SEEK_SET); - int nRead = fread(pchData, 1, sizeof(pchData), blkdat); + size_t nRead = fread(pchData, 1, sizeof(pchData), blkdat); if (nRead <= 8) { - nPos = (unsigned int)-1; + nPos = std::numeric_limits::max(); break; } void* nFind = memchr(pchData, pchMessageStart[0], nRead+1-sizeof(pchMessageStart)); @@ -2966,7 +2992,7 @@ bool LoadExternalBlockFile(FILE* fileIn) else nPos += sizeof(pchData) - sizeof(pchMessageStart) + 1; } while(!fRequestShutdown); - if (nPos == (unsigned int)-1) + if (nPos == std::numeric_limits::max()) break; fseek(blkdat, nPos, SEEK_SET); unsigned int nSize; @@ -3010,7 +3036,7 @@ string GetWarnings(string strFor) strRPC = "test"; // Misc warnings like out of disk space and clock is wrong - if (strMiscWarning != "") + if (!strMiscWarning.empty()) { nPriority = 1000; strStatusBar = strMiscWarning; @@ -3018,7 +3044,7 @@ string GetWarnings(string strFor) // if detected unmet upgrade requirement enter safe mode // Note: Modifier upgrade requires blockchain redownload if past protocol switch - if (IsFixedModifierInterval(nModifierUpgradeTime + 60*60*24)) // 1 day margin + if (IsFixedModifierInterval(nModifierUpgradeTime + nOneDay)) // 1 day margin { nPriority = 5000; strStatusBar = strRPC = "WARNING: Blockchain redownload required approaching or past v.0.4.4.6u4 upgrade deadline."; @@ -3281,7 +3307,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (fShutdown) return true; if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60) - addr.nTime = nNow - 5 * 24 * 60 * 60; + addr.nTime = nNow - 5 * nOneDay; pfrom->AddAddressKnown(addr); bool fReachable = IsReachable(addr); if (addr.nTime > nSince && !pfrom->fGetAddr && vAddr.size() <= 10 && addr.IsRoutable()) @@ -3295,7 +3321,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (hashSalt == 0) hashSalt = GetRandHash(); uint64_t hashAddr = addr.GetHash(); - uint256 hashRand = hashSalt ^ (hashAddr<<32) ^ ((GetTime()+hashAddr)/(24*60*60)); + uint256 hashRand = hashSalt ^ (hashAddr<<32) ^ ((GetTime()+hashAddr)/nOneDay); hashRand = Hash(BEGIN(hashRand), END(hashRand)); multimap mapMix; BOOST_FOREACH(CNode* pnode, vNodes) @@ -3317,7 +3343,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (fReachable) vAddrOk.push_back(addr); } - addrman.Add(vAddrOk, pfrom->addr, 2 * 60 * 60); + addrman.Add(vAddrOk, pfrom->addr, 2 * nOneHour); if (vAddr.size() < 1000) pfrom->fGetAddr = false; if (pfrom->fOneShot) @@ -3335,15 +3361,15 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) } // find last block in inv vector - unsigned int nLastBlock = (unsigned int)(-1); - for (unsigned int nInv = 0; nInv < vInv.size(); nInv++) { + size_t nLastBlock = std::numeric_limits::max(); + for (size_t nInv = 0; nInv < vInv.size(); nInv++) { if (vInv[vInv.size() - 1 - nInv].type == MSG_BLOCK) { nLastBlock = vInv.size() - 1 - nInv; break; } } CTxDB txdb("r"); - for (unsigned int nInv = 0; nInv < vInv.size(); nInv++) + for (size_t nInv = 0; nInv < vInv.size(); nInv++) { const CInv &inv = vInv[nInv]; @@ -3619,10 +3645,15 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) } - else if (strCommand == "getaddr") + // This asymmetric behavior for inbound and outbound connections was introduced + // to prevent a fingerprinting attack: an attacker can send specific fake addresses + // to users' AddrMan and later request them by sending getaddr messages. + // Making users (which are behind NAT and can only make outgoing connections) ignore + // getaddr message mitigates the attack. + else if ((strCommand == "getaddr") && (pfrom->fInbound)) { // Don't return addresses older than nCutOff timestamp - int64_t nCutOff = GetTime() - (nNodeLifespan * 24 * 60 * 60); + int64_t nCutOff = GetTime() - (nNodeLifespan * nOneDay); pfrom->vAddrToSend.clear(); vector vAddr = addrman.GetAddr(); BOOST_FOREACH(const CAddress &addr, vAddr) @@ -3654,7 +3685,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) if (!GetBoolArg("-allowreceivebyip")) { - pfrom->PushMessage("reply", hashReply, (int)2, string("")); + pfrom->PushMessage("reply", hashReply, 2, string("")); return true; } @@ -3670,7 +3701,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) // Send back approval of order and pubkey to use CScript scriptPubKey; scriptPubKey << mapReuseKey[pfrom->addr] << OP_CHECKSIG; - pfrom->PushMessage("reply", hashReply, (int)0, scriptPubKey); + pfrom->PushMessage("reply", hashReply, 0, scriptPubKey); } @@ -3696,23 +3727,20 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) else if (strCommand == "ping") { - if (pfrom->nVersion > BIP0031_VERSION) - { - uint64_t nonce = 0; - vRecv >> nonce; - // Echo the message back with the nonce. This allows for two useful features: - // - // 1) A remote node can quickly check if the connection is operational - // 2) Remote nodes can measure the latency of the network thread. If this node - // is overloaded it won't respond to pings quickly and the remote node can - // avoid sending us more work, like chain download requests. - // - // The nonce stops the remote getting confused between different pings: without - // it, if the remote node sends a ping once per second and this node takes 5 - // seconds to respond to each, the 5th ping the remote sends would appear to - // return very quickly. - pfrom->PushMessage("pong", nonce); - } + uint64_t nonce = 0; + vRecv >> nonce; + // Echo the message back with the nonce. This allows for two useful features: + // + // 1) A remote node can quickly check if the connection is operational + // 2) Remote nodes can measure the latency of the network thread. If this node + // is overloaded it won't respond to pings quickly and the remote node can + // avoid sending us more work, like chain download requests. + // + // The nonce stops the remote getting confused between different pings: without + // it, if the remote node sends a ping once per second and this node takes 5 + // seconds to respond to each, the 5th ping the remote sends would appear to + // return very quickly. + pfrom->PushMessage("pong", nonce); } @@ -3779,7 +3807,7 @@ bool ProcessMessages(CNode* pfrom) // (x) data // - while (true) + for ( ; ; ) { // Don't bother if send buffer is too full to respond anyway if (pfrom->vSend.size() >= SendBufferSize()) @@ -3888,6 +3916,9 @@ bool SendMessages(CNode* pto, bool fSendTrickle) { TRY_LOCK(cs_main, lockMain); if (lockMain) { + // Current time in microseconds + int64_t nNow = GetTimeMicros(); + // Don't send anything until we get their version message if (pto->nVersion == 0) return true; @@ -3896,10 +3927,7 @@ bool SendMessages(CNode* pto, bool fSendTrickle) // right now. if (pto->nLastSend && GetTime() - pto->nLastSend > nPingInterval && pto->vSend.empty()) { uint64_t nonce = 0; - if (pto->nVersion > BIP0031_VERSION) - pto->PushMessage("ping", nonce); - else - pto->PushMessage("ping"); + pto->PushMessage("ping", nonce); } // Start block sync @@ -3912,39 +3940,20 @@ bool SendMessages(CNode* pto, bool fSendTrickle) ResendWalletTransactions(); // Address refresh broadcast - static int64_t nLastRebroadcast; - if (!IsInitialBlockDownload() && (GetTime() - nLastRebroadcast > nBroadcastInterval)) - { - { - LOCK(cs_vNodes); - BOOST_FOREACH(CNode* pnode, vNodes) - { - // Periodically clear setAddrKnown to allow refresh broadcasts - if (nLastRebroadcast) - pnode->setAddrKnown.clear(); - - // Rebroadcast our address - if (!fNoListen) - { - CAddress addr = GetLocalAddress(&pnode->addr); - if (addr.IsRoutable()) - pnode->PushAddress(addr); - } - } - } - nLastRebroadcast = GetTime(); + if (!IsInitialBlockDownload() && pto->nNextLocalAddrSend < nNow) { + AdvertiseLocal(pto); + pto->nNextLocalAddrSend = PoissonNextSend(nNow, nOneDay); } // // Message: addr // - if (fSendTrickle) - { + if (pto->nNextAddrSend < nNow) { + pto->nNextAddrSend = PoissonNextSend(nNow, 30); vector vAddr; vAddr.reserve(pto->vAddrToSend.size()); BOOST_FOREACH(const CAddress& addr, pto->vAddrToSend) { - // returns true if wasn't already contained in the set if (pto->setAddrKnown.insert(addr).second) { vAddr.push_back(addr); @@ -3961,13 +3970,17 @@ bool SendMessages(CNode* pto, bool fSendTrickle) pto->PushMessage("addr", vAddr); } - // // Message: inventory // vector vInv; vector vInvWait; { + bool fSendTrickle = false; + if (pto->nNextInvSend < nNow) { + fSendTrickle = true; + pto->nNextInvSend = PoissonNextSend(nNow, 5); + } LOCK(pto->cs_inventory); vInv.reserve(pto->vInventoryToSend.size()); vInvWait.reserve(pto->vInventoryToSend.size()); @@ -3987,15 +4000,6 @@ bool SendMessages(CNode* pto, bool fSendTrickle) hashRand = Hash(BEGIN(hashRand), END(hashRand)); bool fTrickleWait = ((hashRand & 3) != 0); - // always trickle our own transactions - if (!fTrickleWait) - { - CWalletTx wtx; - if (GetTransaction(inv.hash, wtx)) - if (wtx.fFromMe) - fTrickleWait = true; - } - if (fTrickleWait) { vInvWait.push_back(inv); @@ -4024,7 +4028,6 @@ bool SendMessages(CNode* pto, bool fSendTrickle) // Message: getdata // vector vGetData; - int64_t nNow = GetTime() * 1000000; CTxDB txdb("r"); while (!pto->mapAskFor.empty() && (*pto->mapAskFor.begin()).first <= nNow) { @@ -4070,4 +4073,4 @@ public: // orphan transactions } -} instance_of_cmaincleanup; \ No newline at end of file +} instance_of_cmaincleanup;