net: Extract download permission from noban #19191

pull MarcoFalke wants to merge 1 commits into bitcoin:master from MarcoFalke:2006-netPerDow changing 11 files +43 −29
  1. MarcoFalke commented at 3:05 pm on June 6, 2020: member

    It should be possible to grant nodes in a local network (e.g. home, university, enterprise, …) permission to download blocks even after the maxuploadtarget is hit.

    Currently this is only possible by setting the noban permission, which has some adverse effects, especially if the peers can’t be fully trusted.

    Fix this by extracting a download permission from noban.

  2. MarcoFalke added the label P2P on Jun 6, 2020
  3. DrahtBot commented at 1:15 am on June 7, 2020: member

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #18991 (Cache responses to GETADDR to prevent topology leaks by naumenkogs)
    • #18077 (net: Add NAT-PMP port forwarding support by hebasto)
    • #14866 ([wip] util: Improve evaluation of includeconf lines in network sections of the config file by AkioNak)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  4. naumenkogs commented at 7:06 am on June 7, 2020: member
    Concept ACK.
  5. in src/net_processing.cpp:1515 in 1f0084e3ad outdated
    1511@@ -1512,7 +1512,7 @@ void static ProcessGetBlockData(CNode& pfrom, const CChainParams& chainparams, c
    1512     if (send &&
    1513         connman->OutboundTargetReached(true) &&
    1514         (((pindexBestHeader != nullptr) && (pindexBestHeader->GetBlockTime() - pindex->GetBlockTime() > HISTORICAL_BLOCK_AGE)) || inv.type == MSG_FILTERED_BLOCK) &&
    1515-        !pfrom.HasPermission(PF_NOBAN) // never disconnect nodes with the noban permission
    1516+        !pfrom.HasPermission(PF_DOWNLOAD) // never disconnect nodes with the download permission
    


    Sjors commented at 10:43 am on June 8, 2020:
    This comment is confusing, because it suggests download == noban. Try: nodes with the download permission may exceed target

    MarcoFalke commented at 11:36 am on June 8, 2020:
    Thanks, fixed.
  6. in src/net_processing.cpp:2742 in 1f0084e3ad outdated
    2744@@ -2745,7 +2745,7 @@ bool ProcessMessage(CNode& pfrom, const std::string& msg_type, CDataStream& vRec
    2745         }
    2746 
    2747         LOCK(cs_main);
    2748-        if (::ChainstateActive().IsInitialBlockDownload() && !pfrom.HasPermission(PF_NOBAN)) {
    2749+        if (::ChainstateActive().IsInitialBlockDownload() && !pfrom.HasPermission(PF_DOWNLOAD)) {
    


    Sjors commented at 10:46 am on June 8, 2020:
    This exception was strange to begin with. But I don’t think it has anything to do with download permission. Maybe keep it noban?

    MarcoFalke commented at 11:44 am on June 8, 2020:

    Why is is strange? The literal motivation for this is that nodes with this permission can use us “as a block source” (#6974).

    Imagine you spin up an archival node, disconnect it from the network, but make it available in you internal network. Nodes with the download permission should be able to use your archival node as a block source, no?


    Sjors commented at 5:09 pm on June 8, 2020:
    Ah, that PR explains the problem. Even nodes that are almost synced can be IsInitialBlockDownload(), presumably also nodes that have been disconnected for a few days? In that case the new permission makes sense. Would be good to explain in a comment.

    MarcoFalke commented at 5:11 pm on June 8, 2020:

    Suggestions would be useful. Keep in mind that the documentation already says:

    0download (allow getheaders during IBD, no disconnect after maxuploadtarget limit)
    

    Sjors commented at 5:26 pm on June 8, 2020:
    0// Allow getheaders while IsInitialBlockDownload is true, such as after prolonged disconnection.
    

    Documenting that here instead of just in the bitcoind help seems useful, especially IsInitialBlockDownload has a confusing name.


    MarcoFalke commented at 12:21 pm on June 15, 2020:

    IsInitialBlockDownload has a confusing name

    I think IsInitialBlockDownload is self-explanatory, so I will leave the documentation as is for now. I am happy to review follow-up documentation improvements, though.

  7. Sjors commented at 10:52 am on June 8, 2020: member
    Concept ACK. Some minor feedback on faeb4f4fd4ba07063213e5a7fda797b2c53cc29f.
  8. MarcoFalke force-pushed on Jun 8, 2020
  9. luke-jr approved
  10. luke-jr commented at 4:12 am on June 11, 2020: member
    utACK
  11. luke-jr referenced this in commit 06a8ba1723 on Jun 12, 2020
  12. luke-jr referenced this in commit fee488f784 on Jun 12, 2020
  13. luke-jr referenced this in commit 46af7c1918 on Jun 15, 2020
  14. Sjors commented at 12:02 pm on June 15, 2020: member
    utACK 111109a1e79a9b9ef12a4718b2ab2ab2317fbabc
  15. MarcoFalke added the label Needs release note on Jun 15, 2020
  16. in src/net_permissions.h:35 in 111109a1e7 outdated
    30     PF_MEMPOOL = (1U << 5),
    31 
    32     // True if the user did not specifically set fine grained permissions
    33     PF_ISIMPLICIT = (1U << 31),
    34-    PF_ALL = PF_BLOOMFILTER | PF_FORCERELAY | PF_RELAY | PF_NOBAN | PF_MEMPOOL,
    35+    PF_ALL = PF_BLOOMFILTER | PF_FORCERELAY | PF_RELAY | PF_NOBAN | PF_MEMPOOL | PF_DOWNLOAD,
    


    NicolasDorier commented at 11:53 am on June 16, 2020:
    nit: no need to add PF_DOWNLOAD here as PF_NOBAN set it.

    MarcoFalke commented at 1:15 pm on June 16, 2020:
    I tried to mimic what PF_FORCERELAY was doing. Also, my long term plan is to remove the implicit download permission from noban, but that is up for another discussion.

    luke-jr commented at 9:38 pm on June 16, 2020:
    Agree that being explicit here is best.
  17. promag commented at 10:22 pm on July 5, 2020: member

    ACK 111109a1e79a9b9ef12a4718b2ab2ab2317fbabc.

    (👍 on the needs release note tag)

  18. naumenkogs commented at 10:47 am on July 7, 2020: member
    utACK 111109a1e79a9b9ef12a4718b2ab2ab2317fbabc
  19. DrahtBot added the label Needs rebase on Jul 7, 2020
  20. sipa commented at 6:38 pm on July 7, 2020: member
    utACK 111109a1e79a9b9ef12a4718b2ab2ab2317fbabc, but needs rebase.
  21. jonatack commented at 4:17 am on July 8, 2020: member
    Concept ACK
  22. in test/functional/p2p_permissions.py:42 in 111109a1e7 outdated
    38@@ -39,21 +39,21 @@ def run_test(self):
    39         self.checkpermission(
    40             # default permissions (no specific permissions)
    41             ["-whitelist=127.0.0.1"],
    42-            ["relay", "noban", "mempool"],
    43+            ["relay", "noban", "mempool", 'download'],
    


    jonatack commented at 4:55 am on July 8, 2020:

    If the default -whitelist permissions are changed by this PR, consider pulling in the changes from https://github.com/jonatack/bitcoin/commits/whitelist-whitebind-doc-improvements.

    nit: follow style for quotes already in use in this test


    MarcoFalke commented at 10:51 am on July 9, 2020:
    Ah, good point. Added a comment in the test # Make sure the default values in the command line documentation match the ones here and updated the help
  23. MarcoFalke removed the label Needs release note on Jul 9, 2020
  24. MarcoFalke force-pushed on Jul 9, 2020
  25. net: Extract download permission from noban fa0540cd46
  26. MarcoFalke force-pushed on Jul 9, 2020
  27. MarcoFalke commented at 10:51 am on July 9, 2020: member
    Added release notes and addressed feedback by @jonatack
  28. DrahtBot removed the label Needs rebase on Jul 9, 2020
  29. jonatack commented at 1:51 pm on July 9, 2020: member
    ACK fa0540c
  30. Sjors commented at 2:02 pm on July 9, 2020: member
    re-utACK fa0540cd46eaf44d9e1a9f91c3a937986826c4fa
  31. fanquake requested review from naumenkogs on Jul 9, 2020
  32. fanquake requested review from sipa on Jul 9, 2020
  33. MarcoFalke merged this on Jul 9, 2020
  34. MarcoFalke closed this on Jul 9, 2020

  35. MarcoFalke deleted the branch on Jul 9, 2020
  36. luke-jr referenced this in commit 74c9a19501 on Aug 15, 2020
  37. deadalnix referenced this in commit 56f61132d7 on Mar 22, 2021
  38. laanwj referenced this in commit e175a20769 on May 11, 2021
  39. sidhujag referenced this in commit beef02c60d on May 11, 2021
  40. DrahtBot locked this on Feb 15, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-18 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me