mirror of
https://github.com/bitcoin/bitcoin.git
synced 2026-01-19 06:43:45 +01:00
01fc5891fb
3c1bc40205Add extra logging of asmap use and bucketing (Gleb Naumenko)e4658aa8eaReturn mapped AS in RPC call getpeerinfo (Gleb Naumenko)ec45646de9Integrate ASN bucketing in Addrman and add tests (Gleb Naumenko)8feb4e4b66Add asmap utility which queries a mapping (Gleb Naumenko) Pull request description: This PR attempts to solve the problem explained in #16599. A particular attack which encouraged us to work on this issue is explained here [[Erebus Attack against Bitcoin Peer-to-Peer Network](https://erebus-attack.comp.nus.edu.sg/)] (by @muoitranduc) Instead of relying on /16 prefix to diversify the connections every node creates, we would instead rely on the (ip -> ASN) mapping, if this mapping is provided. A .map file can be created by every user independently based on a router dump, or provided along with the Bitcoin release. Currently we use the python scripts written by @sipa to create a .map file, which is no larger than 2MB (awesome!). Here I suggest adding a field to peers.dat which would represent a hash of asmap file used while serializing addrman (or 0 for /16 prefix legacy approach). In this case, every time the file is updated (or grouping method changed), all buckets will be re-computed. I believe that alternative selective re-bucketing for only updated ranges would require substantial changes. TODO: - ~~more unit tests~~ - ~~find a way to test the code without including >1 MB mapping file in the repo.~~ - find a way to check that mapping file is not corrupted (checksum?) - comments and separate tests for asmap.cpp - make python code for .map generation public - figure out asmap distribution (?) ~Interesting corner case: I’m using std::hash to compute a fingerprint of asmap, and std::hash returns size_t. I guess if a user updates the OS to 64-bit, then the hash of asap will change? Does it even matter?~ ACKs for top commit: laanwj: re-ACK3c1bc40205jamesob: ACK3c1bc40205([`jamesob/ackr/16702.3.naumenkogs.p2p_supplying_and_using`](https://github.com/jamesob/bitcoin/tree/ackr/16702.3.naumenkogs.p2p_supplying_and_using)) jonatack: ACK3c1bc40205Tree-SHA512: e2dc6171188d5cdc2ab2c022fa49ed73a14a0acb8ae4c5ffa970172a0365942a249ad3d57e5fb134bc156a3492662c983f74bd21e78d316629dcadf71576800c
180 lines
6.4 KiB
C++
180 lines
6.4 KiB
C++
// Copyright (c) 2009-2019 The Bitcoin Core developers
|
|
// Distributed under the MIT software license, see the accompanying
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
#ifndef BITCOIN_NETADDRESS_H
|
|
#define BITCOIN_NETADDRESS_H
|
|
|
|
#if defined(HAVE_CONFIG_H)
|
|
#include <config/bitcoin-config.h>
|
|
#endif
|
|
|
|
#include <compat.h>
|
|
#include <serialize.h>
|
|
|
|
#include <stdint.h>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
enum Network
|
|
{
|
|
NET_UNROUTABLE = 0,
|
|
NET_IPV4,
|
|
NET_IPV6,
|
|
NET_ONION,
|
|
NET_INTERNAL,
|
|
|
|
NET_MAX,
|
|
};
|
|
|
|
/** IP address (IPv6, or IPv4 using mapped IPv6 range (::FFFF:0:0/96)) */
|
|
class CNetAddr
|
|
{
|
|
protected:
|
|
unsigned char ip[16]; // in network byte order
|
|
uint32_t scopeId{0}; // for scoped/link-local ipv6 addresses
|
|
|
|
public:
|
|
CNetAddr();
|
|
explicit CNetAddr(const struct in_addr& ipv4Addr);
|
|
void SetIP(const CNetAddr& ip);
|
|
|
|
private:
|
|
/**
|
|
* Set raw IPv4 or IPv6 address (in network byte order)
|
|
* @note Only NET_IPV4 and NET_IPV6 are allowed for network.
|
|
*/
|
|
void SetRaw(Network network, const uint8_t *data);
|
|
|
|
public:
|
|
bool SetInternal(const std::string& name);
|
|
|
|
bool SetSpecial(const std::string &strName); // for Tor addresses
|
|
bool IsBindAny() const; // INADDR_ANY equivalent
|
|
bool IsIPv4() const; // IPv4 mapped address (::FFFF:0:0/96, 0.0.0.0/0)
|
|
bool IsIPv6() const; // IPv6 address (not mapped IPv4, not Tor)
|
|
bool IsRFC1918() const; // IPv4 private networks (10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12)
|
|
bool IsRFC2544() const; // IPv4 inter-network communications (198.18.0.0/15)
|
|
bool IsRFC6598() const; // IPv4 ISP-level NAT (100.64.0.0/10)
|
|
bool IsRFC5737() const; // IPv4 documentation addresses (192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24)
|
|
bool IsRFC3849() const; // IPv6 documentation address (2001:0DB8::/32)
|
|
bool IsRFC3927() const; // IPv4 autoconfig (169.254.0.0/16)
|
|
bool IsRFC3964() const; // IPv6 6to4 tunnelling (2002::/16)
|
|
bool IsRFC4193() const; // IPv6 unique local (FC00::/7)
|
|
bool IsRFC4380() const; // IPv6 Teredo tunnelling (2001::/32)
|
|
bool IsRFC4843() const; // IPv6 ORCHID (deprecated) (2001:10::/28)
|
|
bool IsRFC7343() const; // IPv6 ORCHIDv2 (2001:20::/28)
|
|
bool IsRFC4862() const; // IPv6 autoconfig (FE80::/64)
|
|
bool IsRFC6052() const; // IPv6 well-known prefix for IPv4-embedded address (64:FF9B::/96)
|
|
bool IsRFC6145() const; // IPv6 IPv4-translated address (::FFFF:0:0:0/96) (actually defined in RFC2765)
|
|
bool IsTor() const;
|
|
bool IsLocal() const;
|
|
bool IsRoutable() const;
|
|
bool IsInternal() const;
|
|
bool IsValid() const;
|
|
enum Network GetNetwork() const;
|
|
std::string ToString() const;
|
|
std::string ToStringIP() const;
|
|
unsigned int GetByte(int n) const;
|
|
uint64_t GetHash() const;
|
|
bool GetInAddr(struct in_addr* pipv4Addr) const;
|
|
uint32_t GetNetClass() const;
|
|
|
|
// The AS on the BGP path to the node we use to diversify
|
|
// peers in AddrMan bucketing based on the AS infrastructure.
|
|
// The ip->AS mapping depends on how asmap is constructed.
|
|
uint32_t GetMappedAS(const std::vector<bool> &asmap) const;
|
|
|
|
std::vector<unsigned char> GetGroup(const std::vector<bool> &asmap) const;
|
|
int GetReachabilityFrom(const CNetAddr *paddrPartner = nullptr) const;
|
|
|
|
explicit CNetAddr(const struct in6_addr& pipv6Addr, const uint32_t scope = 0);
|
|
bool GetIn6Addr(struct in6_addr* pipv6Addr) const;
|
|
|
|
friend bool operator==(const CNetAddr& a, const CNetAddr& b);
|
|
friend bool operator!=(const CNetAddr& a, const CNetAddr& b) { return !(a == b); }
|
|
friend bool operator<(const CNetAddr& a, const CNetAddr& b);
|
|
|
|
ADD_SERIALIZE_METHODS;
|
|
|
|
template <typename Stream, typename Operation>
|
|
inline void SerializationOp(Stream& s, Operation ser_action) {
|
|
READWRITE(ip);
|
|
}
|
|
|
|
friend class CSubNet;
|
|
};
|
|
|
|
class CSubNet
|
|
{
|
|
protected:
|
|
/// Network (base) address
|
|
CNetAddr network;
|
|
/// Netmask, in network byte order
|
|
uint8_t netmask[16];
|
|
/// Is this value valid? (only used to signal parse errors)
|
|
bool valid;
|
|
|
|
public:
|
|
CSubNet();
|
|
CSubNet(const CNetAddr &addr, int32_t mask);
|
|
CSubNet(const CNetAddr &addr, const CNetAddr &mask);
|
|
|
|
//constructor for single ip subnet (<ipv4>/32 or <ipv6>/128)
|
|
explicit CSubNet(const CNetAddr &addr);
|
|
|
|
bool Match(const CNetAddr &addr) const;
|
|
|
|
std::string ToString() const;
|
|
bool IsValid() const;
|
|
|
|
friend bool operator==(const CSubNet& a, const CSubNet& b);
|
|
friend bool operator!=(const CSubNet& a, const CSubNet& b) { return !(a == b); }
|
|
friend bool operator<(const CSubNet& a, const CSubNet& b);
|
|
|
|
ADD_SERIALIZE_METHODS;
|
|
|
|
template <typename Stream, typename Operation>
|
|
inline void SerializationOp(Stream& s, Operation ser_action) {
|
|
READWRITE(network);
|
|
READWRITE(netmask);
|
|
READWRITE(valid);
|
|
}
|
|
};
|
|
|
|
/** A combination of a network address (CNetAddr) and a (TCP) port */
|
|
class CService : public CNetAddr
|
|
{
|
|
protected:
|
|
uint16_t port; // host order
|
|
|
|
public:
|
|
CService();
|
|
CService(const CNetAddr& ip, unsigned short port);
|
|
CService(const struct in_addr& ipv4Addr, unsigned short port);
|
|
explicit CService(const struct sockaddr_in& addr);
|
|
unsigned short GetPort() const;
|
|
bool GetSockAddr(struct sockaddr* paddr, socklen_t *addrlen) const;
|
|
bool SetSockAddr(const struct sockaddr* paddr);
|
|
friend bool operator==(const CService& a, const CService& b);
|
|
friend bool operator!=(const CService& a, const CService& b) { return !(a == b); }
|
|
friend bool operator<(const CService& a, const CService& b);
|
|
std::vector<unsigned char> GetKey() const;
|
|
std::string ToString() const;
|
|
std::string ToStringPort() const;
|
|
std::string ToStringIPPort() const;
|
|
|
|
CService(const struct in6_addr& ipv6Addr, unsigned short port);
|
|
explicit CService(const struct sockaddr_in6& addr);
|
|
|
|
ADD_SERIALIZE_METHODS;
|
|
|
|
template <typename Stream, typename Operation>
|
|
inline void SerializationOp(Stream& s, Operation ser_action) {
|
|
READWRITE(ip);
|
|
READWRITE(WrapBigEndian(port));
|
|
}
|
|
};
|
|
|
|
#endif // BITCOIN_NETADDRESS_H
|