Only send one GetAddr response per connection.

This conserves resources from abusive peers that just send getaddr in a loop. Also makes correlating addr messages against INVs less effective.
2016-04-11 01:09:34 +00:00 · 2016-04-11 01:09:34 +00:00 · a514cb2968
parent 1218603f73
commit a514cb2968
3 changed files with 10 additions and 0 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@ -4867,6 +4867,14 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
    // the getaddr message mitigates the attack.
    else if ((strCommand == "getaddr") && (pfrom->fInbound))
    {
+        // Only send one GetAddr response per connection to reduce resource waste
+        //  and discourage addr stamping of INV announcements.
+        if (pfrom->fSentAddr) {
+            LogPrint("net", "Ignoring repeated \"getaddr\". peer=%d\n", pfrom->id);
+            return true;
+        }
+        pfrom->fSentAddr = true;
+
        pfrom->vAddrToSend.clear();
        vector<CAddress> vAddr = addrman.GetAddr();
        BOOST_FOREACH(const CAddress &addr, vAddr)
--- a/src/net.cpp
+++ b/src/net.cpp
@ -2142,6 +2142,7 @@ CNode::CNode(SOCKET hSocketIn, CAddress addrIn, std::string addrNameIn, bool fIn
    nStartingHeight = -1;
    fGetAddr = false;
    fRelayTxes = false;
+    fSentAddr = false;
    pfilter = new CBloomFilter();
    nPingNonceSent = 0;
    nPingUsecStart = 0;
--- a/src/net.h
+++ b/src/net.h
@ -278,6 +278,7 @@ public:
    // b) the peer may tell us in its version message that we should not relay tx invs
    //    until it has initialized its bloom filter.
    bool fRelayTxes;
+    bool fSentAddr;
    CSemaphoreGrant grantOutbound;
    CCriticalSection cs_filter;
    CBloomFilter* pfilter;