Do not invoke anti-DoS system for invalid BIP16 transactions

Doing so would allow an attack on old nodes, which would relay a
standard transaction spending a BIP16 output in an invalid way,
until reaching a new node, which will disconnect their peer.

Reported by makomk on IRC.

diff --git a/src/main.cpp b/src/main.cpp
index 5c1b138..4316d24 100644 (file)
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1028,7 +1028,15 @@ bool CTransaction::ConnectInputs(MapPrevTx inputs,
 
             // Verify signature
             if (!VerifySignature(txPrev, *this, i, fStrictPayToScriptHash, 0))
+            {
+                // only during transition phase for P2SH: do not invoke (external)
+                // anti-DoS code for potentially old clients relaying bad P2SH
+                // transactions
+                if (fStrictPayToScriptHash && VerifySignature(txPrev, *this, i, false, 0))
+                    return error("ConnectInputs() : %s P2SH VerifySignature failed", GetHash().ToString().substr(0,10).c_str());
+
                 return error("ConnectInputs() : %s VerifySignature failed", GetHash().ToString().substr(0,10).c_str());
+            }
 
             // Mark outpoints as spent
             txindex.vSpent[prevout.n] = posThisTx;