According to Tor's extensions to the SOCKS protocol
(https://gitweb.torproject.org/torspec.git/tree/socks-extensions.txt)
it is possible to perform stream isolation by providing authentication
to the proxy. Each set of credentials will create a new circuit,
which makes it harder to correlate connections.
This patch adds an option, `-proxyrandomize` (on by default) that randomizes
credentials for every outgoing connection, thus creating a new circuit.
2015-03-16 15:29:59 SOCKS5 Sending proxy authentication 3842137544:3256031132
We've chosen to htons/ntohs explicitly on reading and writing
(I do not know why). But as READWRITE already does an endian swap
on big endian, this means the port number gets switched around,
which was what we were trying to avoid in the first place. So
to make this compatible, serialize it as FLATDATA.
This avoids connecting to them again too soon in ThreadOpenConnections.
Make an exception for connection failures to the proxy as these
shouldn't affect the status of specific nodes.
Thanks to Pieter Wuille for most of the work on this commit.
I did not fixup the overhaul commit, because a rebase conflicted
with "remove fields of ser_streamplaceholder".
I prefer not to risk making a mistake while resolving it.
The implementation of each class' serialization/deserialization is no longer
passed within a macro. The implementation now lies within a template of form:
template <typename T, typename Stream, typename Operation>
inline static size_t SerializationOp(T thisPtr, Stream& s, Operation ser_action, int nType, int nVersion) {
size_t nSerSize = 0;
/* CODE */
return nSerSize;
}
In cases when codepath should depend on whether or not we are just deserializing
(old fGetSize, fWrite, fRead flags) an additional clause can be used:
bool fRead = boost::is_same<Operation, CSerActionUnserialize>();
The IMPLEMENT_SERIALIZE macro will now be a freestanding clause added within
class' body (similiar to Qt's Q_OBJECT) to implement GetSerializeSize,
Serialize and Unserialize. These are now wrappers around
the "SerializationOp" template.
- ensures a consistent usage in header files
- also add a blank line after the copyright header where missing
- also remove orphan new-lines at the end of some files
Simpler alternative to #4348.
The current setup with closesocket() is strange. It poses
as a compatibility wrapper but adds functionality.
Rename it and make it a documented utility function in netbase.
Code movement only, zero effect on the functionality.
bitcoin-config.h moved, but the old file is likely to still exist when
reconfiguring or switching branches. This would've caused files to not rebuild
correctly, and other strange problems.
Make the path explicit so that the old one cannot be found.
Core libs use config/bitcoin-config.h.
Libs (like crypto) which don't want access to bitcoin's headers continue
to use -Iconfig and #include bitcoin-config.h.
Log the name of the error as well as the error code if a network problem
happens. This makes network troubleshooting more convenient.
Use thread-safe strerror_r and the WIN32 equivalent FormatMessage.
The year is 2014. All supported operating systems have IPv6 support,
most certainly at build time (this doesn't mean that IPv6 is configured,
of course).
If noone is exercising the functionality to disable it, that means it
doesn't get tested, and IMO it's better to get rid of it.
(it's also not used consistently in RPC/boost and Net code...)
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
I2P apparently needs 256 bits to store a fully routable address. Garlicat
requires a centralized lookup service to map the 80-bit addresses to fully
routable ones (as far as I understood), so that's not really usable in our
situation.
To support I2P routing and peer exchange for it, another solution is needed.
This will most likely imply a network protocol change, and extension of the
'addr' message.
- fix#1560 by properly locking proxy related data-structures
- update GetProxy() and introduce GetNameProxy() to be able to use a
thread-safe local copy from proxyInfo and nameproxyInfo
- update usage of GetProxy() all over the source to match the new
behaviour, as it now fills a full proxyType object
- rename GetNameProxy() into HaveNameProxy() to be more clear
- I checked every occurance of strprintf() in the code and used %u, where
unsigned vars are used
- the change to GetByte() was made, as ip is an unsigned char
This commit adds support for .onion addresses (mapped into the IPv6
by using OnionCat's range and encoding), and the ability to connect
to them via a SOCKS5 proxy.
Implement the following rules:
* Interpret [X]:Y as host=X port=Y, if Y is an integer
* Interpret X:Y as host=X port=Y, if Y is an integer and X contains no colon
* Interpret X:Y as host=X:Y port=default otherwise
This prevents an undefined operation in main.cpp, when shifting the hash value
left by 32 bits.
Shifting a signed int left into the sign bit is undefined in C++11.
Introduce a boolean variable for each "network" (ipv4, ipv6, tor, i2p),
and track whether we are likely to able to connect to it. Addresses in
"addr" messages outside of our network get limited relaying and are not
stored in addrman.
There are plans to let Bitcoin function as Tor/I2P hidden service.
To do so, we could use the established encoding provided by OnionCat
and GarliCat (without actually using those tools) to embed Tor/I2P
addresses in IPv6.
This patch makes these addresses considered routable, so they can
travel over the Bitcoin network in 'addr' messages. This will hopefully
make it easier to deploy real hidden service support later.
This will make bitcoin relay valid routable IPv6 addresses, and when
USE_IPV6 is enabled, listen on IPv6 interfaces and attempt connections
to IPv6 addresses.