Harden p2p layer against Eclipse Attacks
This commit is contained in:
Duke Leto
@@ -76,7 +76,6 @@ extern uint8_t NOTARY_PUBKEY33[33];
|
|||||||
extern int32_t HUSH_LOADINGBLOCKS,HUSH_LONGESTCHAIN,HUSH_INSYNC,HUSH_CONNECTING,HUSH_EXTRASATOSHI;
|
extern int32_t HUSH_LOADINGBLOCKS,HUSH_LONGESTCHAIN,HUSH_INSYNC,HUSH_CONNECTING,HUSH_EXTRASATOSHI;
|
||||||
int32_t HUSH_NEWBLOCKS;
|
int32_t HUSH_NEWBLOCKS;
|
||||||
int32_t hush_block2pubkey33(uint8_t *pubkey33,CBlock *block);
|
int32_t hush_block2pubkey33(uint8_t *pubkey33,CBlock *block);
|
||||||
//void komodo_broadcast(CBlock *pblock,int32_t limit);
|
|
||||||
bool Getscriptaddress(char *destaddr,const CScript &scriptPubKey);
|
bool Getscriptaddress(char *destaddr,const CScript &scriptPubKey);
|
||||||
void hush_setactivation(int32_t height);
|
void hush_setactivation(int32_t height);
|
||||||
void hush_changeblocktime();
|
void hush_changeblocktime();
|
||||||
@@ -4002,10 +4001,7 @@ bool static ConnectTip(CValidationState &state, CBlockIndex *pindexNew, CBlock *
|
|||||||
HUSH_INSYNC = (int32_t)pindexNew->GetHeight();
|
HUSH_INSYNC = (int32_t)pindexNew->GetHeight();
|
||||||
else HUSH_INSYNC = 0;
|
else HUSH_INSYNC = 0;
|
||||||
//fprintf(stderr,"connect.%d insync.%d ASSETCHAINS_SAPLING.%d\n",(int32_t)pindexNew->GetHeight(),HUSH_INSYNC,ASSETCHAINS_SAPLING);
|
//fprintf(stderr,"connect.%d insync.%d ASSETCHAINS_SAPLING.%d\n",(int32_t)pindexNew->GetHeight(),HUSH_INSYNC,ASSETCHAINS_SAPLING);
|
||||||
/*if ( HUSH_INSYNC != 0 ) //SMART_CHAIN_SYMBOL[0] == 0 &&
|
|
||||||
komodo_broadcast(pblock,8);
|
|
||||||
else if ( SMART_CHAIN_SYMBOL[0] != 0 )
|
|
||||||
komodo_broadcast(pblock,4);*/
|
|
||||||
if ( HUSH_NSPV_FULLNODE )
|
if ( HUSH_NSPV_FULLNODE )
|
||||||
{
|
{
|
||||||
//fprintf(stderr,"%s: HUSH_NSPV_FULLNODE\n", __FUNCTION__);
|
//fprintf(stderr,"%s: HUSH_NSPV_FULLNODE\n", __FUNCTION__);
|
||||||
|
|||||||
@@ -837,11 +837,8 @@ void IncrementExtraNonce(CBlock* pblock, CBlockIndex* pindexPrev, unsigned int&
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef ENABLE_WALLET
|
#ifdef ENABLE_WALLET
|
||||||
//////////////////////////////////////////////////////////////////////////////
|
|
||||||
//
|
|
||||||
// Internal miner
|
|
||||||
//
|
|
||||||
|
|
||||||
|
// Internal miner
|
||||||
CBlockTemplate* CreateNewBlockWithKey(CReserveKey& reservekey, int32_t nHeight, int32_t gpucount, bool isStake)
|
CBlockTemplate* CreateNewBlockWithKey(CReserveKey& reservekey, int32_t nHeight, int32_t gpucount, bool isStake)
|
||||||
{
|
{
|
||||||
CPubKey pubkey; CScript scriptPubKey; uint8_t *script,*ptr; int32_t i,len;
|
CPubKey pubkey; CScript scriptPubKey; uint8_t *script,*ptr; int32_t i,len;
|
||||||
@@ -851,25 +848,18 @@ CBlockTemplate* CreateNewBlockWithKey(CReserveKey& reservekey, int32_t nHeight,
|
|||||||
{
|
{
|
||||||
pubkey = ParseHex(ASSETCHAINS_OVERRIDE_PUBKEY);
|
pubkey = ParseHex(ASSETCHAINS_OVERRIDE_PUBKEY);
|
||||||
scriptPubKey = CScript() << ParseHex(HexStr(pubkey)) << OP_CHECKSIG;
|
scriptPubKey = CScript() << ParseHex(HexStr(pubkey)) << OP_CHECKSIG;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
len = strlen(ASSETCHAINS_SCRIPTPUB.c_str());
|
len = strlen(ASSETCHAINS_SCRIPTPUB.c_str());
|
||||||
len >>= 1;
|
len >>= 1;
|
||||||
scriptPubKey.resize(len);
|
scriptPubKey.resize(len);
|
||||||
ptr = (uint8_t *)&scriptPubKey[0];
|
ptr = (uint8_t *)&scriptPubKey[0];
|
||||||
decode_hex(ptr,len,(char *)ASSETCHAINS_SCRIPTPUB.c_str());
|
decode_hex(ptr,len,(char *)ASSETCHAINS_SCRIPTPUB.c_str());
|
||||||
}
|
}
|
||||||
}
|
} else if ( USE_EXTERNAL_PUBKEY != 0 ) {
|
||||||
else if ( USE_EXTERNAL_PUBKEY != 0 )
|
|
||||||
{
|
|
||||||
//fprintf(stderr,"use notary pubkey\n");
|
//fprintf(stderr,"use notary pubkey\n");
|
||||||
pubkey = ParseHex(NOTARY_PUBKEY);
|
pubkey = ParseHex(NOTARY_PUBKEY);
|
||||||
scriptPubKey = CScript() << ParseHex(HexStr(pubkey)) << OP_CHECKSIG;
|
scriptPubKey = CScript() << ParseHex(HexStr(pubkey)) << OP_CHECKSIG;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
{
|
|
||||||
//if ( !isStake || ASSETCHAINS_STAKED != 0 )
|
|
||||||
{
|
{
|
||||||
if (!reservekey.GetReservedKey(pubkey))
|
if (!reservekey.GetReservedKey(pubkey))
|
||||||
{
|
{
|
||||||
|
|||||||
17
src/net.cpp
17
src/net.cpp
@@ -25,7 +25,6 @@
|
|||||||
|
|
||||||
#include "main.h"
|
#include "main.h"
|
||||||
#include "net.h"
|
#include "net.h"
|
||||||
|
|
||||||
#include "addrman.h"
|
#include "addrman.h"
|
||||||
#include "chainparams.h"
|
#include "chainparams.h"
|
||||||
#include "clientversion.h"
|
#include "clientversion.h"
|
||||||
@@ -34,16 +33,13 @@
|
|||||||
#include "ui_interface.h"
|
#include "ui_interface.h"
|
||||||
#include "crypto/common.h"
|
#include "crypto/common.h"
|
||||||
#include "hush/utiltls.h"
|
#include "hush/utiltls.h"
|
||||||
|
|
||||||
#ifdef _WIN32
|
#ifdef _WIN32
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#else
|
#else
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <boost/filesystem.hpp>
|
#include <boost/filesystem.hpp>
|
||||||
#include <boost/thread.hpp>
|
#include <boost/thread.hpp>
|
||||||
|
|
||||||
#include <wolfssl/options.h>
|
#include <wolfssl/options.h>
|
||||||
#include <wolfssl/ssl.h>
|
#include <wolfssl/ssl.h>
|
||||||
#include <hush/tlsmanager.cpp>
|
#include <hush/tlsmanager.cpp>
|
||||||
@@ -79,8 +75,8 @@ using namespace hush;
|
|||||||
using namespace std;
|
using namespace std;
|
||||||
|
|
||||||
namespace {
|
namespace {
|
||||||
const int MAX_OUTBOUND_CONNECTIONS = 16;
|
const int MAX_OUTBOUND_CONNECTIONS = 64;
|
||||||
const int MAX_INBOUND_FROMIP = 5;
|
const int MAX_INBOUND_FROMIP = 3;
|
||||||
|
|
||||||
struct ListenSocket {
|
struct ListenSocket {
|
||||||
SOCKET socket;
|
SOCKET socket;
|
||||||
@@ -2051,14 +2047,12 @@ void StartNode(boost::thread_group& threadGroup, CScheduler& scheduler)
|
|||||||
|
|
||||||
#ifdef USE_TLS
|
#ifdef USE_TLS
|
||||||
|
|
||||||
if (!tlsmanager.prepareCredentials())
|
if (!tlsmanager.prepareCredentials()) {
|
||||||
{
|
|
||||||
LogPrintf("TLS: ERROR: %s: %s: Credentials weren't generated. Node can't be started.\n", __FILE__, __func__);
|
LogPrintf("TLS: ERROR: %s: %s: Credentials weren't generated. Node can't be started.\n", __FILE__, __func__);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!tlsmanager.initialize())
|
if (!tlsmanager.initialize()) {
|
||||||
{
|
|
||||||
LogPrintf("TLS: ERROR: %s: %s: TLS initialization failed. Node can't be started.\n", __FILE__, __func__);
|
LogPrintf("TLS: ERROR: %s: %s: TLS initialization failed. Node can't be started.\n", __FILE__, __func__);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -2066,10 +2060,7 @@ void StartNode(boost::thread_group& threadGroup, CScheduler& scheduler)
|
|||||||
LogPrintf("TLS is not used!\n");
|
LogPrintf("TLS is not used!\n");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
//
|
|
||||||
// Start threads
|
// Start threads
|
||||||
//
|
|
||||||
|
|
||||||
if (!GetBoolArg("-dnsseed", true))
|
if (!GetBoolArg("-dnsseed", true))
|
||||||
LogPrintf("DNS seeding disabled\n");
|
LogPrintf("DNS seeding disabled\n");
|
||||||
else
|
else
|
||||||
|
|||||||
Reference in New Issue
Block a user