Harden p2p layer against Eclipse Attacks
This commit is contained in:
17
src/net.cpp
17
src/net.cpp
@@ -25,7 +25,6 @@
|
||||
|
||||
#include "main.h"
|
||||
#include "net.h"
|
||||
|
||||
#include "addrman.h"
|
||||
#include "chainparams.h"
|
||||
#include "clientversion.h"
|
||||
@@ -34,16 +33,13 @@
|
||||
#include "ui_interface.h"
|
||||
#include "crypto/common.h"
|
||||
#include "hush/utiltls.h"
|
||||
|
||||
#ifdef _WIN32
|
||||
#include <string.h>
|
||||
#else
|
||||
#include <fcntl.h>
|
||||
#endif
|
||||
|
||||
#include <boost/filesystem.hpp>
|
||||
#include <boost/thread.hpp>
|
||||
|
||||
#include <wolfssl/options.h>
|
||||
#include <wolfssl/ssl.h>
|
||||
#include <hush/tlsmanager.cpp>
|
||||
@@ -79,8 +75,8 @@ using namespace hush;
|
||||
using namespace std;
|
||||
|
||||
namespace {
|
||||
const int MAX_OUTBOUND_CONNECTIONS = 16;
|
||||
const int MAX_INBOUND_FROMIP = 5;
|
||||
const int MAX_OUTBOUND_CONNECTIONS = 64;
|
||||
const int MAX_INBOUND_FROMIP = 3;
|
||||
|
||||
struct ListenSocket {
|
||||
SOCKET socket;
|
||||
@@ -2051,14 +2047,12 @@ void StartNode(boost::thread_group& threadGroup, CScheduler& scheduler)
|
||||
|
||||
#ifdef USE_TLS
|
||||
|
||||
if (!tlsmanager.prepareCredentials())
|
||||
{
|
||||
if (!tlsmanager.prepareCredentials()) {
|
||||
LogPrintf("TLS: ERROR: %s: %s: Credentials weren't generated. Node can't be started.\n", __FILE__, __func__);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!tlsmanager.initialize())
|
||||
{
|
||||
if (!tlsmanager.initialize()) {
|
||||
LogPrintf("TLS: ERROR: %s: %s: TLS initialization failed. Node can't be started.\n", __FILE__, __func__);
|
||||
return;
|
||||
}
|
||||
@@ -2066,10 +2060,7 @@ void StartNode(boost::thread_group& threadGroup, CScheduler& scheduler)
|
||||
LogPrintf("TLS is not used!\n");
|
||||
#endif
|
||||
|
||||
//
|
||||
// Start threads
|
||||
//
|
||||
|
||||
if (!GetBoolArg("-dnsseed", true))
|
||||
LogPrintf("DNS seeding disabled\n");
|
||||
else
|
||||
|
||||
Reference in New Issue
Block a user