phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-10 20:03:34 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge bitcoin/bitcoin#22648: doc, test: improve i2p/tor docs and i2p reachable unit tests

Browse source 
017597767b Add I2P network SetReachable/IsReachable unit test assertions (Jon Atack)
b87a9c4d13 Improve doc/i2p.md regarding I2P router options/versions (Jon Atack)
bebcf785c0 Update i2p.md and tor.md regarding -onlynet config option (Jon Atack)

Pull request description:

  This pull addresses https://github.com/bitcoin/bitcoin/issues/22634#issuecomment-894104681 and various user feedback/questions, updates the -onlynet documentation in doc/i2p.md and doc/tor.md per #22651 (src/init.cpp is already fine) and fills in some missing I2P unit test coverage.

  Note: this PR depends in part on whether #22651 is merged in order to propose the correct -onlynet documentation (it is currently aligned with the change in #22651), so that PR should be decided or merged first.

ACKs for top commit:
  Rspigler:
    Re-ACK 017597767b
  prayank23:
    reACK 017597767b
  vasild:
    ACK 017597767b

Tree-SHA512: ae606437522bfccdfb7508108cddc7dfede2385e30a0561dbd007b784ed2639962c28552eb0e9336412faa323637fe964c26b8d8fc6dcf9fc63734ac00d05736
This commit is contained in:
W. J. van der Laan 2021-08-26 12:42:50 +02:00
commit 7740ebcb02
No known key found for this signature in database
GPG key ID: 1E4AED62986CD25D
3 changed files with 68 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
doc/i2p.md
View file

@ -10,11 +10,22 @@ started with I2P terminology.
## Run Bitcoin Core with an I2P router (proxy) ## Run Bitcoin Core with an I2P router (proxy)
A running I2P router (proxy) with [SAM](https://geti2p.net/en/docs/api/samv3) A running I2P router (proxy) with [SAM](https://geti2p.net/en/docs/api/samv3)
enabled is required (there is an [official one](https://geti2p.net) and enabled is required. Options include:
[a few alternatives](https://en.wikipedia.org/wiki/I2P#Routers)). Notice the IP
address and port the SAM proxy is listening to; usually, it is - [i2prouter (I2P Router)](https://geti2p.net), the official implementation in
`127.0.0.1:7656`. Once it is up and running with SAM enabled, use the following Java
Bitcoin Core options: - [i2pd (I2P Daemon)](https://github.com/PurpleI2P/i2pd)
([documentation](https://i2pd.readthedocs.io/en/latest)), a lighter
alternative in C++ (successfully tested with version 2.23 and up; version 2.36
or later recommended)
- [i2p-zero](https://github.com/i2p-zero/i2p-zero)
- [other alternatives](https://en.wikipedia.org/wiki/I2P#Routers)
Note the IP address and port the SAM proxy is listening to; usually, it is
`127.0.0.1:7656`.
Once an I2P router with SAM enabled is up and running, use the following Bitcoin
Core configuration options:
``` ```
-i2psam=<ip:port> -i2psam=<ip:port>
@ -42,15 +53,30 @@ named `i2p_private_key` in the Bitcoin Core data directory.
## Additional configuration options related to I2P ## Additional configuration options related to I2P
You may set the `debug=i2p` config logging option to have additional ```
information in the debug log about your I2P configuration and connections. Run -debug=i2p
`bitcoin-cli help logging` for more information. ```
It is possible to restrict outgoing connections in the usual way with Set the `debug=i2p` config logging option to see additional information in the
`onlynet=i2p`. I2P support was added to Bitcoin Core in version 22.0 (mid-2021) debug log about your I2P configuration and connections. Run `bitcoin-cli help
and there may be fewer I2P peers than Tor or IP ones. Therefore, using logging` for more information.
`onlynet=i2p` alone (without other `onlynet=`) may make a node more susceptible
to [Sybil attacks](https://en.bitcoin.it/wiki/Weaknesses#Sybil_attack). Use ```
-onlynet=i2p
```
Make outgoing connections only to I2P addresses. Incoming connections are not
affected by this option. It can be specified multiple times to allow multiple
network types, e.g. onlynet=ipv4, onlynet=ipv6, onlynet=onion, onlynet=i2p.
Warning: if you use -onlynet with values other than onion, and the -onion or
-proxy option is set, then outgoing onion connections will still be made; use
-noonion or -onion=0 to disable outbound onion connections in this case.
I2P support was added to Bitcoin Core in version 22.0 and there may be fewer I2P
peers than Tor or IP ones. Therefore, using I2P alone without other networks may
make a node more susceptible to [Sybil
attacks](https://en.bitcoin.it/wiki/Weaknesses#Sybil_attack). You can use
`bitcoin-cli -addrinfo` to see the number of I2P addresses known to your node. `bitcoin-cli -addrinfo` to see the number of I2P addresses known to your node.
Another consideration with `onlynet=i2p` is that the initial blocks download Another consideration with `onlynet=i2p` is that the initial blocks download

10
doc/tor.md
View file

@ -57,11 +57,11 @@ outgoing connections, but more is possible.
-onlynet=onion Make outgoing connections only to .onion addresses. Incoming -onlynet=onion Make outgoing connections only to .onion addresses. Incoming
connections are not affected by this option. This option can be connections are not affected by this option. This option can be
specified multiple times to allow multiple network types, e.g. specified multiple times to allow multiple network types, e.g.
ipv4, ipv6 or onion. If you use this option with values other onlynet=ipv4, onlynet=ipv6, onlynet=onion, onlynet=i2p.
than onion you *cannot* disable onion connections; outgoing onion Warning: if you use -onlynet with values other than onion, and
connections will be enabled when you use -proxy or -onion. Use the -onion or -proxy option is set, then outgoing onion
-noonion or -onion=0 if you want to be sure there are no outbound connections will still be made; use -noonion or -onion=0 to
onion connections over the default proxy or your defined -proxy. disable outbound onion connections in this case.
In a typical situation, this suffices to run behind a Tor proxy: In a typical situation, this suffices to run behind a Tor proxy:

43
src/test/net_tests.cpp
View file

@ -627,37 +627,42 @@ BOOST_AUTO_TEST_CASE(ipv4_peer_with_ipv6_addrMe_test)
BOOST_AUTO_TEST_CASE(LimitedAndReachable_Network) BOOST_AUTO_TEST_CASE(LimitedAndReachable_Network)
{ {
BOOST_CHECK_EQUAL(IsReachable(NET_IPV4), true); BOOST_CHECK(IsReachable(NET_IPV4));
BOOST_CHECK_EQUAL(IsReachable(NET_IPV6), true); BOOST_CHECK(IsReachable(NET_IPV6));
BOOST_CHECK_EQUAL(IsReachable(NET_ONION), true); BOOST_CHECK(IsReachable(NET_ONION));
BOOST_CHECK(IsReachable(NET_I2P));
SetReachable(NET_IPV4, false); SetReachable(NET_IPV4, false);
SetReachable(NET_IPV6, false); SetReachable(NET_IPV6, false);
SetReachable(NET_ONION, false); SetReachable(NET_ONION, false);
SetReachable(NET_I2P, false);
BOOST_CHECK_EQUAL(IsReachable(NET_IPV4), false); BOOST_CHECK(!IsReachable(NET_IPV4));
BOOST_CHECK_EQUAL(IsReachable(NET_IPV6), false); BOOST_CHECK(!IsReachable(NET_IPV6));
BOOST_CHECK_EQUAL(IsReachable(NET_ONION), false); BOOST_CHECK(!IsReachable(NET_ONION));
BOOST_CHECK(!IsReachable(NET_I2P));
SetReachable(NET_IPV4, true); SetReachable(NET_IPV4, true);
SetReachable(NET_IPV6, true); SetReachable(NET_IPV6, true);
SetReachable(NET_ONION, true); SetReachable(NET_ONION, true);
SetReachable(NET_I2P, true);
BOOST_CHECK_EQUAL(IsReachable(NET_IPV4), true); BOOST_CHECK(IsReachable(NET_IPV4));
BOOST_CHECK_EQUAL(IsReachable(NET_IPV6), true); BOOST_CHECK(IsReachable(NET_IPV6));
BOOST_CHECK_EQUAL(IsReachable(NET_ONION), true); BOOST_CHECK(IsReachable(NET_ONION));
BOOST_CHECK(IsReachable(NET_I2P));
} }
BOOST_AUTO_TEST_CASE(LimitedAndReachable_NetworkCaseUnroutableAndInternal) BOOST_AUTO_TEST_CASE(LimitedAndReachable_NetworkCaseUnroutableAndInternal)
{ {
BOOST_CHECK_EQUAL(IsReachable(NET_UNROUTABLE), true); BOOST_CHECK(IsReachable(NET_UNROUTABLE));
BOOST_CHECK_EQUAL(IsReachable(NET_INTERNAL), true); BOOST_CHECK(IsReachable(NET_INTERNAL));
SetReachable(NET_UNROUTABLE, false); SetReachable(NET_UNROUTABLE, false);
SetReachable(NET_INTERNAL, false); SetReachable(NET_INTERNAL, false);
BOOST_CHECK_EQUAL(IsReachable(NET_UNROUTABLE), true); // Ignored for both networks BOOST_CHECK(IsReachable(NET_UNROUTABLE)); // Ignored for both networks
BOOST_CHECK_EQUAL(IsReachable(NET_INTERNAL), true); BOOST_CHECK(IsReachable(NET_INTERNAL));
} }
CNetAddr UtilBuildAddress(unsigned char p1, unsigned char p2, unsigned char p3, unsigned char p4) CNetAddr UtilBuildAddress(unsigned char p1, unsigned char p2, unsigned char p3, unsigned char p4)
@ -676,10 +681,10 @@ BOOST_AUTO_TEST_CASE(LimitedAndReachable_CNetAddr)
CNetAddr addr = UtilBuildAddress(0x001, 0x001, 0x001, 0x001); // 1.1.1.1 CNetAddr addr = UtilBuildAddress(0x001, 0x001, 0x001, 0x001); // 1.1.1.1
SetReachable(NET_IPV4, true); SetReachable(NET_IPV4, true);
BOOST_CHECK_EQUAL(IsReachable(addr), true); BOOST_CHECK(IsReachable(addr));
SetReachable(NET_IPV4, false); SetReachable(NET_IPV4, false);
BOOST_CHECK_EQUAL(IsReachable(addr), false); BOOST_CHECK(!IsReachable(addr));
SetReachable(NET_IPV4, true); // have to reset this, because this is stateful. SetReachable(NET_IPV4, true); // have to reset this, because this is stateful.
} }
@ -691,12 +696,12 @@ BOOST_AUTO_TEST_CASE(LocalAddress_BasicLifecycle)
SetReachable(NET_IPV4, true); SetReachable(NET_IPV4, true);
BOOST_CHECK_EQUAL(IsLocal(addr), false); BOOST_CHECK(!IsLocal(addr));
BOOST_CHECK_EQUAL(AddLocal(addr, 1000), true); BOOST_CHECK(AddLocal(addr, 1000));
BOOST_CHECK_EQUAL(IsLocal(addr), true); BOOST_CHECK(IsLocal(addr));
RemoveLocal(addr); RemoveLocal(addr);
BOOST_CHECK_EQUAL(IsLocal(addr), false); BOOST_CHECK(!IsLocal(addr));
} }
BOOST_AUTO_TEST_SUITE_END() BOOST_AUTO_TEST_SUITE_END()