Browse Source

security safeguards,

limited addr messages
-- version 0.3.2
miguelfreitas
Gavin Andresen 15 years ago
parent
commit
4110f33cde
  1. 19
      main.cpp
  2. 2
      serialize.h
  3. 6
      setup.nsi

19
main.cpp

@ -1341,6 +1341,14 @@ bool CBlock::AcceptBlock()
if (nBits != GetNextWorkRequired(pindexPrev)) if (nBits != GetNextWorkRequired(pindexPrev))
return error("AcceptBlock() : incorrect proof of work"); return error("AcceptBlock() : incorrect proof of work");
// Check that the block chain matches the known block chain up to a checkpoint
if (pindexPrev->nHeight+1 == 11111 && hash != uint256("0x0000000069e244f73d78e8fd29ba2fd2ed618bd6fa2ee92559f542fdb26e7c1d"))
return error("AcceptBlock() : rejected by checkpoint lockin at 11111");
if (pindexPrev->nHeight+1 == 33333 && hash != uint256("0x000000002dd5588a74784eaa7ab0507a18ad16a236e7b1ce69f00d7ddfb5d0a6"))
return error("AcceptBlock() : rejected by checkpoint lockin at 33333");
if (pindexPrev->nHeight+1 == 68555 && hash != uint256("0x00000000001e1b4903550a0b96e9a9405c8a95f387162e4944e8d9fbe501cd6a"))
return error("AcceptBlock() : rejected by checkpoint lockin at 68555");
// Write block to history file // Write block to history file
if (!CheckDiskSpace(::GetSerializeSize(*this, SER_DISK))) if (!CheckDiskSpace(::GetSerializeSize(*this, SER_DISK)))
return error("AcceptBlock() : out of disk space"); return error("AcceptBlock() : out of disk space");
@ -1933,6 +1941,8 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
vRecv >> vAddr; vRecv >> vAddr;
if (pfrom->nVersion < 200) // don't want addresses from 0.1.5 if (pfrom->nVersion < 200) // don't want addresses from 0.1.5
return true; return true;
if (pfrom->nVersion < 209 && mapAddresses.size() > 1000) // don't want addr from 0.2.0 unless seeding
return true;
if (vAddr.size() > 1000) if (vAddr.size() > 1000)
return error("message addr size() = %d", vAddr.size()); return error("message addr size() = %d", vAddr.size());
@ -1941,6 +1951,9 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
{ {
if (fShutdown) if (fShutdown)
return true; return true;
// ignore IPv6 for now, since it isn't implemented anyway
if (!addr.IsIPv4())
continue;
addr.nTime = GetAdjustedTime() - 2 * 60 * 60; addr.nTime = GetAdjustedTime() - 2 * 60 * 60;
if (pfrom->fGetAddr || vAddr.size() > 10) if (pfrom->fGetAddr || vAddr.size() > 10)
addr.nTime -= 5 * 24 * 60 * 60; addr.nTime -= 5 * 24 * 60 * 60;
@ -1952,15 +1965,15 @@ bool ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
CRITICAL_BLOCK(cs_vNodes) CRITICAL_BLOCK(cs_vNodes)
{ {
// Use deterministic randomness to send to // Use deterministic randomness to send to
// the same places for an hour at a time // the same places for 12 hours at a time
static uint256 hashSalt; static uint256 hashSalt;
if (hashSalt == 0) if (hashSalt == 0)
RAND_bytes((unsigned char*)&hashSalt, sizeof(hashSalt)); RAND_bytes((unsigned char*)&hashSalt, sizeof(hashSalt));
uint256 hashRand = addr.ip ^ (GetTime()/3600) ^ hashSalt; uint256 hashRand = addr.ip ^ ((GetTime()+addr.ip)/(12*60*60)) ^ hashSalt;
multimap<uint256, CNode*> mapMix; multimap<uint256, CNode*> mapMix;
foreach(CNode* pnode, vNodes) foreach(CNode* pnode, vNodes)
mapMix.insert(make_pair(hashRand = Hash(BEGIN(hashRand), END(hashRand)), pnode)); mapMix.insert(make_pair(hashRand = Hash(BEGIN(hashRand), END(hashRand)), pnode));
int nRelayNodes = 10; // reduce this to 5 when the network is large int nRelayNodes = 4;
for (multimap<uint256, CNode*>::iterator mi = mapMix.begin(); mi != mapMix.end() && nRelayNodes-- > 0; ++mi) for (multimap<uint256, CNode*>::iterator mi = mapMix.begin(); mi != mapMix.end() && nRelayNodes-- > 0; ++mi)
((*mi).second)->PushAddress(addr); ((*mi).second)->PushAddress(addr);
} }

2
serialize.h

@ -19,7 +19,7 @@ class CScript;
class CDataStream; class CDataStream;
class CAutoFile; class CAutoFile;
static const int VERSION = 301; static const int VERSION = 302;
static const char* pszSubVer = ""; static const char* pszSubVer = "";

6
setup.nsi

@ -7,7 +7,7 @@ RequestExecutionLevel highest
# General Symbol Definitions # General Symbol Definitions
!define REGKEY "SOFTWARE\$(^Name)" !define REGKEY "SOFTWARE\$(^Name)"
!define VERSION 0.3.1 !define VERSION 0.3.2
!define COMPANY "Bitcoin project" !define COMPANY "Bitcoin project"
!define URL http://www.bitcoin.org/ !define URL http://www.bitcoin.org/
@ -42,12 +42,12 @@ Var StartMenuGroup
!insertmacro MUI_LANGUAGE English !insertmacro MUI_LANGUAGE English
# Installer attributes # Installer attributes
OutFile bitcoin-0.3.1-win32-setup.exe OutFile bitcoin-0.3.2-win32-setup.exe
InstallDir $PROGRAMFILES\Bitcoin InstallDir $PROGRAMFILES\Bitcoin
CRCCheck on CRCCheck on
XPStyle on XPStyle on
ShowInstDetails show ShowInstDetails show
VIProductVersion 0.3.1.0 VIProductVersion 0.3.2.0
VIAddVersionKey ProductName Bitcoin VIAddVersionKey ProductName Bitcoin
VIAddVersionKey ProductVersion "${VERSION}" VIAddVersionKey ProductVersion "${VERSION}"
VIAddVersionKey CompanyName "${COMPANY}" VIAddVersionKey CompanyName "${COMPANY}"

Loading…
Cancel
Save