Merge pull request #5442

dca799e Ignore getaddr messages on Outbound connections. (Ivan Pustogarov)
10 years ago · c1b723c30a
1 changed files with 6 additions and 1 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@ -4021,7 +4021,12 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
				@@ -4021,7 +4021,12 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
    }


-    else if (strCommand == "getaddr")
+    // This asymmetric behavior for inbound and outbound connections was introduced
+    // to prevent a fingerprinting attack: an attacker can send specific fake addresses
+    // to users' AddrMan and later request them by sending getaddr messages. 
+    // Making users (which are behind NAT and can only make outgoing connections) ignore 
+    // getaddr message mitigates the attack.
+    else if ((strCommand == "getaddr") && (pfrom->fInbound))
    {
        pfrom->vAddrToSend.clear();
        vector<CAddress> vAddr = addrman.GetAddr();