From cedaa714462871213472019545b8e862dacdac91 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Fri, 29 Mar 2013 00:43:31 +0100 Subject: [PATCH] Drop release times for CNode It seems there were two mechanisms for assessing whether a CNode was still in use: a refcount and a release timestamp. The latter seems to have been there for a long time, as a safety mechanism. However, this timer also keeps CNode objects alive for far longer than necessary after disconnects, potentially opening up a DoS window. This commit removes the timestamp-based mechanism, and replaces it with an assert(nRefCount >= 0), to verify that the refcounting is indeed correctly working. --- src/net.cpp | 14 +++----------- src/net.h | 17 ++++++----------- src/rpcnet.cpp | 1 - 3 files changed, 9 insertions(+), 23 deletions(-) diff --git a/src/net.cpp b/src/net.cpp index 5f8b5ba3..804eba3c 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -453,7 +453,7 @@ CNode* FindNode(const CService& addr) return NULL; } -CNode* ConnectNode(CAddress addrConnect, const char *pszDest, int64 nTimeout) +CNode* ConnectNode(CAddress addrConnect, const char *pszDest) { if (pszDest == NULL) { if (IsLocal(addrConnect)) @@ -463,10 +463,7 @@ CNode* ConnectNode(CAddress addrConnect, const char *pszDest, int64 nTimeout) CNode* pnode = FindNode((CService)addrConnect); if (pnode) { - if (nTimeout != 0) - pnode->AddRef(nTimeout); - else - pnode->AddRef(); + pnode->AddRef(); return pnode; } } @@ -498,10 +495,7 @@ CNode* ConnectNode(CAddress addrConnect, const char *pszDest, int64 nTimeout) // Add node CNode* pnode = new CNode(hSocket, addrConnect, pszDest ? pszDest : "", false); - if (nTimeout != 0) - pnode->AddRef(nTimeout); - else - pnode->AddRef(); + pnode->AddRef(); { LOCK(cs_vNodes); @@ -615,7 +609,6 @@ void CNode::copyStats(CNodeStats &stats) X(nVersion); X(strSubVer); X(fInbound); - X(nReleaseTime); X(nStartingHeight); X(nMisbehavior); } @@ -773,7 +766,6 @@ void ThreadSocketHandler() pnode->Cleanup(); // hold in disconnected pool until all refs are released - pnode->nReleaseTime = max(pnode->nReleaseTime, GetTime() + 15 * 60); if (pnode->fNetworkNode || pnode->fInbound) pnode->Release(); vNodesDisconnected.push_back(pnode); diff --git a/src/net.h b/src/net.h index 30b9ac86..80773e3f 100644 --- a/src/net.h +++ b/src/net.h @@ -37,7 +37,7 @@ bool GetMyExternalIP(CNetAddr& ipRet); void AddressCurrentlyConnected(const CService& addr); CNode* FindNode(const CNetAddr& ip); CNode* FindNode(const CService& ip); -CNode* ConnectNode(CAddress addrConnect, const char *strDest = NULL, int64 nTimeout=0); +CNode* ConnectNode(CAddress addrConnect, const char *strDest = NULL); void MapPort(bool fUseUPnP); unsigned short GetListenPort(); bool BindListenPort(const CService &bindAddr, std::string& strError=REF(std::string())); @@ -99,7 +99,6 @@ public: int nVersion; std::string strSubVer; bool fInbound; - int64 nReleaseTime; int nStartingHeight; int nMisbehavior; }; @@ -187,8 +186,8 @@ public: CSemaphoreGrant grantOutbound; CCriticalSection cs_filter; CBloomFilter* pfilter; -protected: int nRefCount; +protected: // Denial-of-service detection/prevention // Key is IP address, value is banned-until-time @@ -197,7 +196,6 @@ protected: int nMisbehavior; public: - int64 nReleaseTime; uint256 hashContinue; CBlockIndex* pindexLastGetBlocksBegin; uint256 hashLastGetBlocksEnd; @@ -235,7 +233,6 @@ public: fSuccessfullyConnected = false; fDisconnect = false; nRefCount = 0; - nReleaseTime = 0; nSendSize = 0; nSendOffset = 0; hashContinue = 0; @@ -272,7 +269,8 @@ public: int GetRefCount() { - return std::max(nRefCount, 0) + (GetTime() < nReleaseTime ? 1 : 0); + assert(nRefCount >= 0); + return nRefCount; } // requires LOCK(cs_vRecvMsg) @@ -295,12 +293,9 @@ public: msg.SetVersion(nVersionIn); } - CNode* AddRef(int64 nTimeout=0) + CNode* AddRef() { - if (nTimeout != 0) - nReleaseTime = std::max(nReleaseTime, GetTime() + nTimeout); - else - nRefCount++; + nRefCount++; return this; } diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index 4db3be93..e37b3009 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -55,7 +55,6 @@ Value getpeerinfo(const Array& params, bool fHelp) obj.push_back(Pair("version", stats.nVersion)); obj.push_back(Pair("subver", stats.strSubVer)); obj.push_back(Pair("inbound", stats.fInbound)); - obj.push_back(Pair("releasetime", (boost::int64_t)stats.nReleaseTime)); obj.push_back(Pair("startingheight", stats.nStartingHeight)); obj.push_back(Pair("banscore", stats.nMisbehavior));