Commit graph

70 commits

Author SHA1 Message Date
Jon Atack
4192a74413
p2p: ignore torv2-in-ipv6 addresses in SetLegacyIPv6() 2021-06-03 13:36:42 +02:00
Jon Atack
1d631e956f
p2p: remove BIP155Network::TORV2 from GetBIP155Network() 2021-06-03 13:36:40 +02:00
Jon Atack
7d1769bc45
p2p: remove torv2 from SetNetFromBIP155Network() 2021-05-28 01:46:29 +02:00
Jon Atack
c56a1c9b18
p2p: drop onions from IsAddrV1Compatible(), no longer relay torv2 2021-05-28 01:42:21 +02:00
Jon Atack
f8e94002fc
p2p: remove torv2/ADDR_TORV2_SIZE from SetTor() 2021-05-27 22:54:39 +02:00
W. J. van der Laan
6c280adcd8 net: Return IPv6 scope id in CNetAddr::ToStringIP()
If a scope id is provided, return it back in the string representation.
Also bring back the test. Closes #21982.

Co-authored-by: Jon Atack <jon@atack.com>
2021-05-18 21:01:32 +02:00
practicalswift
54548bae80 net: Avoid calling getnameinfo when formatting IPv6 addresses in CNetAddr::ToStringIP 2021-04-22 15:52:14 +00:00
practicalswift
c10f27fdb2 net: Make IPv6ToString do zero compression as described in RFC 5952 2021-04-22 15:53:53 +00:00
practicalswift
58580a827d net: Avoid calling getnameinfo when formatting IPv4 addresses in CNetAddr::ToStringIP 2021-04-01 08:06:01 +00:00
practicalswift
5858057384 net: Add IPv4ToString (we already have IPv6ToString) 2021-04-01 08:00:48 +00:00
Vasil Dimov
9559bd1404
net: add I2P to the reachability map
Update `CNetAddr::GetReachabilityFrom()` to recognize the I2P network so
that we would prefer to advertise our I2P address to I2P peers.
2021-03-01 18:19:46 +01:00
Vasil Dimov
cff65c4a27
net: extend CNetAddr::SetSpecial() to support I2P
Recognize also I2P addresses in the form `base32hashofpublickey.b32.i2p`
from `CNetAddr::SetSpecial()`.

This makes `Lookup()` support them, which in turn makes it possible to
manually connect to an I2P node by using
`-proxy=i2p_socks5_proxy:port -addnode=i2p_address.b32.i2p:port`

Co-authored-by: Lucas Ontivero <lucasontivero@gmail.com>
2021-03-01 13:22:11 +01:00
Vasil Dimov
94d335da7f
net: allow CSubNet of non-IP networks
Allow creation of valid `CSubNet` objects of non-IP networks and only
match the single address they were created from (like /32 for IPv4 or
/128 for IPv6).

This fixes a deficiency in `CConnman::DisconnectNode(const CNetAddr& addr)`
and in `BanMan` which assume that creating a subnet from any address
using the `CSubNet(CNetAddr)` constructor would later match that address
only. Before this change a non-IP subnet would be invalid and would not
match any address.
2021-01-10 15:51:15 +01:00
Lucas Ontivero
f7264fff0a Check if Cjdns address is valid 2020-12-14 14:48:52 -03:00
lontivero
d355a302d9 Break circuit earlier
There is no need to calculate the full checksum for an Tor v3 onion
address if the version byte is not the expected one.
2020-11-16 15:54:24 -03:00
Wladimir J. van der Laan
e3b474c548
Merge #20140: Restore compatibility with old CSubNet serialization
886be97af5 Ignore incorrectly-serialized banlist.dat entries (Pieter Wuille)
883cea7dea Restore compatibility with old CSubNet serialization (Pieter Wuille)

Pull request description:

  #19628 changed CSubNet for IPv4 netmasks, using the first 4 bytes of `netmask` rather than the last 4 to store the actual mask. Unfortunately, CSubNet objects are serialized on disk in banlist.dat, breaking compatibility with existing banlists (and bringing them into an inconsistent state where entries reported in `listbanned` cannot be removed).

  Fix this by reverting to the old format (just for serialization). Also add a sanity check to the deserializer so that nonsensical banlist.dat entries are ignored (which would otherwise be possible if someone added IPv4 entries after #19628 but without this PR).

  Reported by Greg Maxwell.

ACKs for top commit:
  laanwj:
    Code review ACK 886be97af5
  vasild:
    ACK 886be97af

Tree-SHA512: d3fb91e8ecd933406e527187974f22770374ee2e12a233e7870363f52ecda471fb0b7bae72420e8ff6b6b1594e3037a5115984c023dbadf38f86aeaffcd681e7
2020-10-15 11:44:36 +02:00
Pieter Wuille
886be97af5 Ignore incorrectly-serialized banlist.dat entries 2020-10-12 15:35:08 -07:00
Wladimir J. van der Laan
f79a4a8952
Merge #19998: net: Add CNode::ConnectedThroughNetwork member function
3984b78cd7 test: Add tests for CNode::ConnectedThroughNetwork (Hennadii Stepanov)
49fba9c1aa net: Add CNode::ConnectedThroughNetwork member function (Hennadii Stepanov)
d4dde24034 net: Add CNode::m_inbound_onion data member (Hennadii Stepanov)

Pull request description:

  This PR:
  - adds `CNode::ConnectedThroughNetwork` member function
  - is based on #19991, and only last two commits belong to it
  - is required for https://github.com/bitcoin-core/gui/pull/86 and #20002

ACKs for top commit:
  jonatack:
    re-ACK 3984b78cd7 per `git diff 3989fcf 3984b78c`
  laanwj:
    Code review ACK 3984b78cd7

Tree-SHA512: 23a9c8bca8dca75113b5505fe443b294f2d42d03c98c7e34919da12d8396beb8d0ada3a58ae16e3da04b7044395f72cf9c216625afc078256cd6c897ac42bf3d
2020-10-12 18:40:45 +02:00
fanquake
0b2abaa666
Merge #19954: Complete the BIP155 implementation and upgrade to TORv3
dcf0cb4776 tor: make a TORv3 hidden service instead of TORv2 (Vasil Dimov)
353a3fdaad net: advertise support for ADDRv2 via new message (Vasil Dimov)
201a4596d9 net: CAddress & CAddrMan: (un)serialize as ADDRv2 (Vasil Dimov)
1d3ec2a1fd Support bypassing range check in ReadCompactSize (Pieter Wuille)

Pull request description:

  This PR contains the two remaining commits from #19031 to complete the [BIP155](https://github.com/bitcoin/bips/blob/master/bip-0155.mediawiki) implementation:

  `net: CAddress & CAddrMan: (un)serialize as ADDRv2`
  `net: advertise support for ADDRv2 via new message`

  plus one more commit:

  `tor: make a TORv3 hidden service instead of TORv2`

ACKs for top commit:
  jonatack:
    re-ACK dcf0cb4776 per `git diff 9b56a68 dcf0cb4` only change since last review is an update to the release notes which partially picked up the suggested text. Running a node on this branch and addnode-ing to 6 other Tor v3 nodes, I see "addrv2" and "sendaddrv2" messages in getpeerinfo in both the "bytesrecv_per_msg" and "bytessent_per_msg" JSON objects.
  sipa:
    ACK dcf0cb4776
  hebasto:
    re-ACK dcf0cb4776, the node works flawlessly in all of the modes: Tor-only, clearnet-only, mixed.
  laanwj:
    Edit: I have to retract this ACK for now, I'm having some problems with this PR on a FreeBSD node. It drops all outgoing connections with this dcf0cb4776 merged on master (12a1c3ad1a).
  ariard:
    Code Review ACK dcf0cb4

Tree-SHA512: 28d4d0d817b8664d2f4b18c0e0f31579b2f0f2d23310ed213f1f436a4242afea14dfbf99e07e15889bc5c5c71ad50056797e9307ff8a90e96704f588a6171308
2020-10-11 08:51:57 +08:00
Vasil Dimov
353a3fdaad
net: advertise support for ADDRv2 via new message
Introduce a new message `sendaddrv2` to signal support for ADDRv2.
Send the new message immediately after sending the `VERACK` message.

Add support for receiving and parsing ADDRv2 messages.

Send ADDRv2 messages (instead of ADDR) to a peer if he has
advertised support for it.

Co-authored-by: Carl Dong <contact@carldong.me>
2020-10-09 16:42:50 +02:00
Hennadii Stepanov
49fba9c1aa
net: Add CNode::ConnectedThroughNetwork member function 2020-10-03 15:38:19 +03:00
Jon Atack
f36887fa47
net: rename CNetAddr scopeId to m_scope_id, improve code doc 2020-10-02 16:42:02 +02:00
Vasil Dimov
7be6ff6187
net: recognize TORv3/I2P/CJDNS networks
Recognizing addresses from those networks allows us to accept and gossip
them, even though we don't know how to connect to them (yet).

Co-authored-by: eriknylund <erik@daychanged.com>
2020-09-21 10:13:34 +02:00
Vasil Dimov
e0d73573a3
net: CNetAddr: add support to (un)serialize as ADDRv2
Co-authored-by: Carl Dong <contact@carldong.me>
2020-09-17 22:17:17 +02:00
Vasil Dimov
d2bb681f96
util: move HasPrefix() so it can be reused
Move the function `HasPrefix()` from `netaddress.cpp` to `util/string.h`
so it can be reused by `CNetAddr` methods (and possibly others).
2020-09-11 13:35:39 +02:00
MarcoFalke
5edef20a65
Merge #19797: net: Remove old check for 3-byte shifted IP addresses from pre-0.2.9 nodes
7b6d0f10a7 Remove old check for 3-byte shifted IP addresses from pre-0.2.9 node messages (Raúl Martínez (RME))

Pull request description:

  The change removes an old check for IPv6 addresses in range ::ff:ff00:0:0:0/72 that were created due to a bug in size field of addr messages for 0.2.8 nodes and before.

  This check is no longer needed as they are no more pre 0.2.9 nodes on the network (as per bitnodes network snapshot).

  Credits for discovering this go to sipa in https://github.com/bitcoin/bitcoin/pull/19628#discussion_r475907453

  Thanks for the attention!

ACKs for top commit:
  sipa:
    utACK 7b6d0f10a7
  vasild:
    ACK 7b6d0f1

Tree-SHA512: c5fab59dda2acafe143f607a4c5b636a54ac76fba651cad1ad1b09c94e88ab39503a31c2244c8f2664da68456c2a870c601d8894139c55cde9ece8161913ed2e
2020-08-28 17:51:37 +02:00
Raúl Martínez (RME)
7b6d0f10a7 Remove old check for 3-byte shifted IP addresses from pre-0.2.9 node messages
The change removes an old check for IPv6 addresses in range ::ff:ff00:0:0:0/72 that were created due to a bug in size field of addr messages for 0.2.8 nodes and before.

This check is no longer needed as they are no more pre 0.2.9 nodes on the network (as per bitnodes network snapshot).

Credits for discovering this go to sipa.
2020-08-28 14:17:28 +02:00
Sebastian Falbesoner
2bc207190e util: make EncodeBase32 consume Spans 2020-08-25 18:52:51 +02:00
Vasil Dimov
102867c587
net: change CNetAddr::ip to have flexible size
Before this change `CNetAddr::ip` was a fixed-size array of 16 bytes,
not being able to store larger addresses (e.g. TORv3) and encoded
smaller ones as 16-byte IPv6 addresses.

Change its type to `prevector`, so that it can hold larger addresses and
do not disguise non-IPv6 addresses as IPv6. So the IPv4 address
`1.2.3.4` is now encoded as `01020304` instead of
`00000000000000000000FFFF01020304`.

Rename `CNetAddr::ip` to `CNetAddr::m_addr` because it is not an "IP" or
"IP address" (TOR addresses are not IP addresses).

In order to preserve backward compatibility with serialization (where
e.g. `1.2.3.4` is serialized as `00000000000000000000FFFF01020304`)
introduce `CNetAddr` dedicated legacy serialize/unserialize methods.

Adjust `CSubNet` accordingly. Still use `CSubNet::netmask[]` of fixed 16
bytes, but use the first 4 for IPv4 (not the last 4). Only allow
subnetting for IPv4 and IPv6.

Co-authored-by: Carl Dong <contact@carldong.me>
2020-08-24 21:50:59 +02:00
Vasil Dimov
1ea57ad674
net: don't accept non-left-contiguous netmasks
A netmask that contains 1-bits after 0-bits (the 1-bits are not
contiguous on the left side) is invalid [1] [2].

The code before this PR used to parse and accept such
non-left-contiguous netmasks. However, a coming change that will alter
`CNetAddr::ip` to have flexible size would make juggling with such
netmasks more difficult, thus drop support for those.

[1] https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#Subnet_masks
[2] https://tools.ietf.org/html/rfc4632#section-5.1
2020-08-24 21:50:59 +02:00
Pieter Wuille
77c507358b Make Hash[160] consume range-like objects 2020-07-30 13:57:54 -07:00
Vasil Dimov
bcfebb6d55
net: save the network type explicitly in CNetAddr
Before this change, we would analyze the contents of `CNetAddr::ip[16]`
in order to tell which type is an address. Change this by introducing a
new member `CNetAddr::m_net` that explicitly tells the type of the
address.

This is necessary because in BIP155 we will not be able to tell the
address type by just looking at its raw representation (e.g. both TORv3
and I2P are "seemingly random" 32 bytes).

As a side effect of this change we no longer need to store IPv4
addresses encoded as IPv6 addresses - we can store them in proper 4
bytes (will be done in a separate commit). Also the code gets
somewhat simplified - instead of
`memcmp(ip, pchIPv4, sizeof(pchIPv4)) == 0` we can use
`m_net == NET_IPV4`.

Co-authored-by: Carl Dong <contact@carldong.me>
2020-07-27 15:13:24 +02:00
Vasil Dimov
bc74a40a56
net: improve encapsulation of CNetAddr
Do not access `CNetAddr::ip` directly from `CService` methods.

This improvement will help later when we change the type of
`CNetAddr::ip` (in the BIP155 implementation).

Co-authored-by: Carl Dong <contact@carldong.me>
2020-07-10 14:58:42 +02:00
Aaron Hook
1cabbddbca refactor: Use uint16_t instead of unsigned short
removed trailing whitespace to make linter happy
2020-06-22 12:12:22 +02:00
Wladimir J. van der Laan
f763283b65
Merge #18512: Improve asmap checks and add sanity check
748977690e Add asmap_direct fuzzer that tests Interpreter directly (Pieter Wuille)
7cf97fda15 Make asmap Interpreter errors fatal and fuzz test it (Pieter Wuille)
c81aefc537 Add additional effiency checks to sanity checker (Pieter Wuille)
fffd8dca2d Add asmap sanity checker (Pieter Wuille)
5feefbe6e7 Improve asmap Interpret checks and document failures (Pieter Wuille)
2b3dbfa5a6 Deal with decoding failures explicitly in asmap Interpret (Pieter Wuille)
1479007a33 Introduce Instruction enum in asmap (Pieter Wuille)

Pull request description:

  This improves/documents the failure cases inside the asmap interpreter. None of the changes are bug fixes (they only change behavior for corrupted asmap files), but they may make things easier to follow.

  In a second step, a sanity checker is added that effectively executes every potential code path through the asmap file, checking the same failure cases as the interpreter, and more. It takes around 30 ms to run for me for a 1.2 MB asmap file.

  I've verified that this accepts asmap files constructed by https://github.com/sipa/asmap/blob/master/buildmap.py with a large dataset, and no longer accepts it with 1 bit changed in it.

ACKs for top commit:
  practicalswift:
    ACK 748977690e modulo feedback below.
  jonatack:
    ACK 748977690e code review, regular build/tests/ran bitcoin with -asmap, fuzz build/ran both fuzzers overnight.
  fjahr:
    ACK 748977690e

Tree-SHA512: d876df3859735795c857c83e7155ba6851ce839bdfa10c18ce2698022cc493ce024b5578c1828e2a94bcdf2552c2f46c392a251ed086691b41959e62a6970821
2020-05-06 14:59:28 +02:00
MarcoFalke
fa488f131f
scripted-diff: Bump copyright headers
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
2020-04-16 13:33:09 -04:00
Pieter Wuille
fffd8dca2d Add asmap sanity checker 2020-04-08 16:26:06 -07:00
Jon Atack
c90b9a2399
net: extract conditional to bool CNetAddr::IsHeNet
and remove redundant public declaration
2020-03-04 14:31:31 +01:00
Pieter Wuille
38c2395d7a Use ASNs for mapped IPv4 addresses correctly 2020-01-31 14:51:37 -08:00
Wladimir J. van der Laan
01fc5891fb
Merge #16702: p2p: supplying and using asmap to improve IP bucketing in addrman
3c1bc40205 Add extra logging of asmap use and bucketing (Gleb Naumenko)
e4658aa8ea Return mapped AS in RPC call getpeerinfo (Gleb Naumenko)
ec45646de9 Integrate ASN bucketing in Addrman and add tests (Gleb Naumenko)
8feb4e4b66  Add asmap utility which queries a mapping (Gleb Naumenko)

Pull request description:

  This PR attempts to solve the problem explained in #16599.
  A particular attack which encouraged us to work on this issue is explained here  [[Erebus Attack against Bitcoin Peer-to-Peer Network](https://erebus-attack.comp.nus.edu.sg/)] (by @muoitranduc)

  Instead of relying on /16 prefix to diversify the connections every node creates, we would instead rely on the (ip -> ASN) mapping, if this mapping is provided.

  A .map file can be created by every user independently based on a router dump, or provided along with the Bitcoin release. Currently we use the python scripts written by @sipa to create a .map file, which is no larger than 2MB (awesome!).

  Here I suggest adding a field to peers.dat which would represent a hash of asmap file used while serializing addrman (or 0 for /16 prefix legacy approach).
  In this case, every time the file is updated (or grouping method changed), all buckets will be re-computed.
  I believe that alternative selective re-bucketing for only updated ranges would require substantial changes.

  TODO:
  - ~~more unit tests~~
  - ~~find a way to test the code without including >1 MB mapping file in the repo.~~
  - find a way to check that mapping file is not corrupted (checksum?)
  - comments and separate tests for asmap.cpp
  - make python code for .map generation public
  - figure out asmap distribution (?)

  ~Interesting corner case: I’m using std::hash to compute a fingerprint of asmap, and std::hash returns size_t. I guess  if a user updates the OS to 64-bit, then the hash of asap will change? Does it even matter?~

ACKs for top commit:
  laanwj:
    re-ACK 3c1bc40205
  jamesob:
    ACK 3c1bc40205 ([`jamesob/ackr/16702.3.naumenkogs.p2p_supplying_and_using`](https://github.com/jamesob/bitcoin/tree/ackr/16702.3.naumenkogs.p2p_supplying_and_using))
  jonatack:
    ACK 3c1bc40205

Tree-SHA512: e2dc6171188d5cdc2ab2c022fa49ed73a14a0acb8ae4c5ffa970172a0365942a249ad3d57e5fb134bc156a3492662c983f74bd21e78d316629dcadf71576800c
2020-01-29 13:55:43 +01:00
Gleb Naumenko
e4658aa8ea Return mapped AS in RPC call getpeerinfo
If ASN bucketing is used, return a corresponding AS
used in bucketing for a given peer.
2020-01-23 14:22:56 -05:00
MarcoFalke
aaaaad6ac9
scripted-diff: Bump copyright of files changed in 2019
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
2019-12-30 10:42:20 +13:00
Gleb Naumenko
ec45646de9 Integrate ASN bucketing in Addrman and add tests
Instead of using /16 netgroups to bucket nodes in Addrman for connection
diversification, ASN, which better represents an actor in terms
of network-layer infrastructure, is used.
For testing, asmap.raw is used. It represents a minimal
asmap needed for testing purposes.
2019-12-25 08:59:08 -05:00
Ben Woosley
b748bf6f50
Fix spelling errors identified by codespell 1.15.0
After this commit, the only remaining output is:

  $ test/lint/lint-spelling.sh
  src/test/base32_tests.cpp:14: fo  ==> of, for
  src/test/base64_tests.cpp:14: fo  ==> of, for
  ^ Warning: codespell identified likely spelling errors. Any false positives? Add them to the list of ignored words in test/lint/lint-spelling.ignore-words.txt

Note:
* I ignore several valid alternative spellings
* homogenous is present in tinyformat, hence should be addressed upstream
* process' is correct only if there are plural processes
2019-06-11 17:18:16 +02:00
Carl Dong
8be3f30633 netaddress: Update CNetAddr for ORCHIDv2
The original ORCHID prefix was deprecated as of 2014-03, the new
ORCHIDv2 prefix was allocated by RFC7343 as of 2014-07. We did not
consider the original ORCHID prefix routable, and I don't see any reason
to consider the new one to be either.
2019-05-15 14:21:48 -04:00
Carl Dong
303372c41a docs: Improve netaddress comments
- Improve IsRFC methods docs
- Improve {Is,Set}Internal docs
- Add tor methods docs
- Add IsIPv{4,6} docs
- Add IsValid docs
- Add IsRoutable docs
- Improve GetGroup docs
- Add CService::GetSockAddr docs
- Add CService::GetKey docs
- Add CSubNet::Match docs
- Add NetmaskBits docs
- Add CNetAddr default constructor docs
2019-04-10 11:48:47 -04:00
Carl Dong
87aa0b48af netaddress: Make IPv4 loopback comment more descriptive 2019-02-04 13:47:55 -05:00
Carl Dong
6180b5f32b netaddress: Fix indentation in IsLocal 2019-02-04 13:47:46 -05:00
Wladimir J. van der Laan
2479b779aa
Merge #14728: fix uninitialized read when stringifying an addrLocal
b7b36decaf fix uninitialized read when stringifying an addrLocal (Kaz Wesley)
8ebbef0169 add test demonstrating addrLocal UB (Kaz Wesley)

Pull request description:

  Reachable from either place where SetIP is used when all of:
  - our best-guess addrLocal for a peer is IPv4
  - the peer tells us it's reaching us at an IPv6 address
  - NET logging is enabled

  In that case, SetIP turns an IPv4 address into an IPv6 address without
  setting the scopeId, which is subsequently read in GetSockAddr during
  CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
  constructor initializes the scopeId field with something.

Tree-SHA512: 8f0159750995e08b985335ccf60a273ebd09003990bcf2c3838b550ed8dc2659552ac7611650e6dd8e29d786fe52ed57674f5880f2e18dc594a7a863134739e3
2018-11-23 09:53:20 +01:00
Luke Dashjr
d6a1287481 CNetAddr: Add IsBindAny method to check for INADDR_ANY 2018-11-22 01:44:59 +00:00