Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add cconnman definition #9

Open
wants to merge 91 commits into
base: master_for_merge
Choose a base branch
from
Open

Conversation

zancas
Copy link
Member

@zancas zancas commented Oct 8, 2021

I believe that we need to recapitulate this work:

bitcoin/bitcoin#8085

My next task is to test this hypothesis.

I attempted to cherry-pick flexible CNetAddr size without this CConnman class:

bitcoin/bitcoin@102867c

To proceed we need a definition of CNetAddr::GetGroup that doesn't use asmap or HasLinkedIPv4.

luke-jr and others added 30 commits September 22, 2021 10:18
…n be shared and reused

(cherry picked from commit 5e10922)
To make it clear where DNS resolves are happening

(cherry picked from commit e9fc71e)
Note: Some seeds aren't actually returning an IP for their name entries, so
they're being added to addrman with a source of [::].

This commit shouldn't change that behavior, for better or worse.

(cherry picked from commit a98cd1f)
Rather than allowing CNetAddr/CService/CSubNet to launch DNS queries, require
that addresses are already resolved.

This greatly simplifies async resolve logic, and makes it harder to
accidentally leak DNS queries.

(cherry picked from commit 3675699)
CNetAddr/CService/CSubnet can no longer resolve DNS.

(cherry picked from commit d39f5b4)
(cherry picked from commit b6c3ff3)
Net functionality is no longer needed for CAddress/CAddrman/etc. now that
CNetAddr/CService/CSubNet are dumb storage classes.

(cherry picked from commit 21ba407)
Also fix up a few small issues:
- Lookup with "badip:port" now sets the port to 0
- Don't allow assert to have side-effects

(cherry picked from commit 8945384)
(cherry picked from commit 9e9d644)
-BEGIN VERIFY SCRIPT-

sed --in-place'' --expression='s/NET_TOR/NET_ONION/g' $(git grep -I --files-with-matches 'NET_TOR')

-END VERIFY SCRIPT-

The --in-place'' hack is required for sed on macOS to edit files in-place without passing a backup extension.

(cherry picked from commit 07c493f)
Do not access `CNetAddr::ip` directly from `CService` methods.

This improvement will help later when we change the type of
`CNetAddr::ip` (in the BIP155 implementation).

Co-authored-by: Carl Dong <[email protected]>
(cherry picked from commit bc74a40)
(cherry picked from commit 100c64a)
We currently do two resolves for dns seeds: one for the results, and one to
serve in addrman as the source for those addresses.

There's no requirement that the source hostname resolves to the stored
identifier, only that the mapping is unique. So rather than incurring the
second lookup, combine a private subnet with a hash of the hostname.

The resulting v6 ip is guaranteed not to be publicy routable, and has only a
negligible chance of colliding with a user's internal network (which would be
of no consequence anyway).

(cherry picked from commit 7f31762)
(cherry picked from commit 100c64a)
ryanofsky and others added 29 commits October 4, 2021 18:59
Extracted by Pieter Wuille from a comment by Russ Yanofsky, see
bitcoin/bitcoin#18317 (comment).

(cherry picked from commit 6f9a1e5)
Extracted and extended by Pieter Wuille from a comment by Russ
Yanofsky (see
bitcoin/bitcoin#18317 (comment)).

(cherry picked from commit d06fedd)
(only picked changes to tests and netaddress.h, other changes are
outside the scope of this cherry-pick)

(cherry picked from commit 4eb5643)
Before this change, we would analyze the contents of `CNetAddr::ip[16]`
in order to tell which type is an address. Change this by introducing a
new member `CNetAddr::m_net` that explicitly tells the type of the
address.

This is necessary because in BIP155 we will not be able to tell the
address type by just looking at its raw representation (e.g. both TORv3
and I2P are "seemingly random" 32 bytes).

As a side effect of this change we no longer need to store IPv4
addresses encoded as IPv6 addresses - we can store them in proper 4
bytes (will be done in a separate commit). Also the code gets
somewhat simplified - instead of
`memcmp(ip, pchIPv4, sizeof(pchIPv4)) == 0` we can use
`m_net == NET_IPV4`.

Co-authored-by: Carl Dong <[email protected]>
(cherry picked from commit bcfebb6)
A netmask that contains 1-bits after 0-bits (the 1-bits are not
contiguous on the left side) is invalid [1] [2].

The code before this PR used to parse and accept such
non-left-contiguous netmasks. However, a coming change that will alter
`CNetAddr::ip` to have flexible size would make juggling with such
netmasks more difficult, thus drop support for those.

[1] https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#Subnet_masks
[2] https://tools.ietf.org/html/rfc4632#section-5.1

(cherry picked from commit 1ea57ad)
Do not access `CNetAddr::ip` directly from `CService` methods.

This improvement will help later when we change the type of
`CNetAddr::ip` (in the BIP155 implementation).

Co-authored-by: Carl Dong <[email protected]>
(cherry picked from commit bc74a40)
(cherry picked from commit 2c084a6)
Reachable from either place where SetIP is used when our best-guess
addrLocal for a peer is IPv4, but the peer tells us it's reaching us at
an IPv6 address.

In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.

(cherry picked from commit b7b36de)
This slows the increase of the nAttempts in addrman while partitioned,
 even if the node hasn't yet noticed the partitioning.

(cherry picked from commit 6182d10)
This introduces a rudimentary begin(), end(), operator[], and subspan to Span.

(cherry picked from commit 29943a9)
This allows for very cheap transformations on the range of elements that
are to be passed to ExecuteWitnessScript.

(cherry picked from commit 2b0fcff)
This matches a change in the C++20 std::span proposal.

(cherry picked from commit 1f790a1)
This prevents constructing a Span<A> given two pointers into an array
of B (where B is a subclass of A), at least without explicit cast to
pointers to A.

(cherry picked from commit bb3d38f)
Based on a suggestion by Russell Yanofsky.

(cherry picked from commit e63dcc3)
(cherry picked from commit 3502a60)
Tests if addresses are online or offline by briefly connecting to them. These short lived connections are referred to as feeler connections. Feeler connections are designed to increase the number of fresh online addresses in tried by selecting and connecting to addresses in new. One feeler connection is attempted on average once every two minutes.

This change was suggested as Countermeasure 4 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.

(cherry picked from commit dbb1f64)
Changes addrman to use the test-before-evict discipline in which an
address is to be evicted from the tried table is first tested and if
it is still online it is not evicted.

Adds tests to provide test coverage for this change.

This change was suggested as Countermeasure 3 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.

(cherry picked from commit e68172e)
The scripts for creating a compact IP->ASN mapping are here:
https://github.com/sipa/asmap

Co-authored-by: Pieter Wuille <[email protected]>
(cherry picked from commit 8feb4e4)
@zancas zancas force-pushed the add_cconnman_definition branch from 850fb9c to 09f2477 Compare October 8, 2021 16:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.