Prevent fingerprinting, disk-DoS with compact blocks #8408

pull sdaftuar wants to merge 2 commits into bitcoin:master from sdaftuar:cb-misbehaving changing 1 files +1 −2
  1. sdaftuar commented at 9:21 pm on July 26, 2016: member

    Because getblocktxn requests for unknown blocks would trigger a disconnect, while a getblocktxn for known-old blocks would just be ignored, it should be possible to fingerprint a node by seeing which old, non-main-chain blocks trigger disconnect.

    The first commit removes the misbehaving score to eliminate this distinction.

    In the handling of CMPCTBLOCK messages, the handling for blocks that are announced that have too little work, or where the block was known but pruned, was busted – for requested blocks, we would generate a getdata for the block, but for unrequested blocks, we’d fall through and try to process. In particular, this means that announcing old CMPCTBLOCKs could cause a pruning node to redownload old blocks (potentially causing a fill-up-disk DoS).

    The second commit fixes this by aborting processing of CMPCTBLOCK messages in this situation.

    Please tag this for consideration in 0.13.0.

  2. Ignore GETBLOCKTXN requests for unknown blocks 
    Don't disconnect peers, or else we leak information that could be
used for fingerprinting.
    1de2a46632
  3. Ignore CMPCTBLOCK messages for pruned blocks 
    Also ignores CMPCTBLOCK announcements that have too little work.  This is to
prevent disk-exhaustion DoS.
    1d06e49834
  4. jonasschnelli added the label P2P on Jul 27, 2016
  5. jonasschnelli added this to the milestone 0.13.0 on Jul 27, 2016
  6. laanwj commented at 9:53 am on July 28, 2016: member
    utACK 1d06e49
  7. jonasschnelli commented at 9:59 am on July 28, 2016: contributor
    CodeReview utACK 1d06e49834814eed45e07393dcffd7b6683311b2
  9. sipa commented at 6:33 pm on July 28, 2016: member
    For the first commit, is there no check that if you send a getblocktxn for an old block, you get disconnected? If not, I feel that the would be better (treating old blocks and unknown blocks identically).
  10. sipa commented at 6:49 pm on July 28, 2016: member

    After discussion on IRC:

     020:39:31 < sipa> sdaftuar: in general, peers should not send getblocktxn for anything near the tip
 120:39:40 < sipa> *anything not near the tip
 220:39:51 < sdaftuar> right, agreed
 320:40:00 < sdaftuar> are you suggesting that we disconnect for old blocks as wel?
 420:40:09 < sdaftuar> rather than not disconnect for unknown blocks?
 520:40:37 < sipa> if they do, they're either confused (and they're better off with us disconnecting them, or they'll wait long before timing out) or trying to do something nasty (in which case we're better off disconnecting them)
 620:40:58 < sipa> the question is whether there are no cases under which this can happen accidentally
 720:41:11 < sdaftuar> i assumed naively that this could happen on testnet
 820:41:32 < sdaftuar> ie without much rigorous thought
 920:41:54 < sdaftuar> mostly i guess i was comparing the handling of getblocktxn to how we handle getdata requests
1020:42:33 < sdaftuar> where we silently ignore unknown, and non-main-chain old blocks
1120:43:03 < sipa> ok, in that case let's follow the same approach
  11. sipa commented at 6:50 pm on July 28, 2016: member
    utACK 1d06e49 for 0.13
  12. laanwj merged this on Jul 29, 2016
  13. laanwj closed this on Jul 29, 2016
  14. laanwj referenced this in commit 842bf8d2c5 on Jul 29, 2016
  15. laanwj referenced this in commit b7e201181b on Jul 29, 2016
  16. gladcow referenced this in commit c7f2c069ec on Mar 2, 2018
  17. gladcow referenced this in commit 086e6d7e14 on Mar 13, 2018
  18. gladcow referenced this in commit 1b242ad651 on Mar 14, 2018
  19. gladcow referenced this in commit 4b5f67dc67 on Mar 15, 2018
  20. gladcow referenced this in commit 503b1ed2a6 on Mar 15, 2018
  21. gladcow referenced this in commit bdafc98776 on Mar 24, 2018
  22. gladcow referenced this in commit 91d0bd91a9 on Apr 4, 2018
  23. UdjinM6 referenced this in commit bc45a2f87a on Apr 11, 2018
  24. lateminer referenced this in commit a1cc8adc8d on Oct 24, 2018
  25. andvgal referenced this in commit fd5c50bc2b on Jan 6, 2019
  26. CryptoCentric referenced this in commit dd3fd51204 on Feb 28, 2019
  27. DrahtBot locked this on Sep 8, 2021


sdaftuar laanwj jonasschnelli instagibbs sipa

Labels
P2P

Milestone
0.13.0

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-17 18:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me