From aa88e23f6b9c5d59adbe9b7232e192aee6a812a8 Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Mon, 9 Jul 2018 20:06:39 -0400 Subject: [PATCH 01/20] Remove useless mapRequest tracking that just effects Qt display. I thought we had removed this a long time ago, TBH, its really confusing feedback to users that we display whether a tx was broadcast to immediate neighbor nodes, given that has little indication of whether the tx propagated very far. --- src/main.cpp | 6 ------ src/validationinterface.cpp | 3 --- src/validationinterface.h | 3 --- src/wallet/wallet.cpp | 42 ------------------------------------- src/wallet/wallet.h | 12 ----------- 5 files changed, 66 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index a4b8ffe81..7f3c58006 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6395,9 +6395,6 @@ void static ProcessGetData(CNode* pfrom, const Consensus::Params& consensusParam } } - // Track requests for our stuff. - GetMainSignals().Inventory(inv.hash); - if (inv.type == MSG_BLOCK || inv.type == MSG_FILTERED_BLOCK) break; } @@ -6764,9 +6761,6 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string pfrom->AskFor(inv); } - // Track requests for our stuff - GetMainSignals().Inventory(inv.hash); - if (pfrom->nSendSize > (SendBufferSize() * 2)) { Misbehaving(pfrom->GetId(), 50); return error("send buffer size() = %u", pfrom->nSendSize); diff --git a/src/validationinterface.cpp b/src/validationinterface.cpp index 0dc5292e7..f490c5e12 100644 --- a/src/validationinterface.cpp +++ b/src/validationinterface.cpp @@ -37,7 +37,6 @@ void RegisterValidationInterface(CValidationInterface* pwalletIn) { g_signals.EraseTransaction.connect(boost::bind(&CValidationInterface::EraseFromWallet, pwalletIn, _1)); g_signals.UpdatedTransaction.connect(boost::bind(&CValidationInterface::UpdatedTransaction, pwalletIn, _1)); g_signals.ChainTip.connect(boost::bind(&CValidationInterface::ChainTip, pwalletIn, _1, _2, _3)); - g_signals.Inventory.connect(boost::bind(&CValidationInterface::Inventory, pwalletIn, _1)); g_signals.Broadcast.connect(boost::bind(&CValidationInterface::ResendWalletTransactions, pwalletIn, _1)); g_signals.BlockChecked.connect(boost::bind(&CValidationInterface::BlockChecked, pwalletIn, _1, _2)); g_signals.AddressForMining.connect(boost::bind(&CValidationInterface::GetAddressForMining, pwalletIn, _1)); @@ -49,7 +48,6 @@ void UnregisterValidationInterface(CValidationInterface* pwalletIn) { g_signals.AddressForMining.disconnect(boost::bind(&CValidationInterface::GetAddressForMining, pwalletIn, _1)); g_signals.BlockChecked.disconnect(boost::bind(&CValidationInterface::BlockChecked, pwalletIn, _1, _2)); g_signals.Broadcast.disconnect(boost::bind(&CValidationInterface::ResendWalletTransactions, pwalletIn, _1)); - g_signals.Inventory.disconnect(boost::bind(&CValidationInterface::Inventory, pwalletIn, _1)); g_signals.ChainTip.disconnect(boost::bind(&CValidationInterface::ChainTip, pwalletIn, _1, _2, _3)); g_signals.UpdatedTransaction.disconnect(boost::bind(&CValidationInterface::UpdatedTransaction, pwalletIn, _1)); g_signals.EraseTransaction.disconnect(boost::bind(&CValidationInterface::EraseFromWallet, pwalletIn, _1)); @@ -63,7 +61,6 @@ void UnregisterAllValidationInterfaces() { g_signals.AddressForMining.disconnect_all_slots(); g_signals.BlockChecked.disconnect_all_slots(); g_signals.Broadcast.disconnect_all_slots(); - g_signals.Inventory.disconnect_all_slots(); g_signals.ChainTip.disconnect_all_slots(); g_signals.UpdatedTransaction.disconnect_all_slots(); g_signals.EraseTransaction.disconnect_all_slots(); diff --git a/src/validationinterface.h b/src/validationinterface.h index 691e0f14b..300318296 100644 --- a/src/validationinterface.h +++ b/src/validationinterface.h @@ -92,7 +92,6 @@ protected: virtual void EraseFromWallet(const uint256 &hash) {} virtual void ChainTip(const CBlockIndex *pindex, const CBlock *pblock, std::optional added) {} virtual void UpdatedTransaction(const uint256 &hash) {} - virtual void Inventory(const uint256 &hash) {} virtual void ResendWalletTransactions(int64_t nBestBlockTime) {} virtual void BlockChecked(const CBlock&, const CValidationState&) {} virtual void GetAddressForMining(std::optional&) {}; @@ -160,8 +159,6 @@ struct CMainSignals { boost::signals2::signal UpdatedTransaction; /** Notifies listeners of a change to the tip of the active block chain. */ boost::signals2::signal)> ChainTip; - /** Notifies listeners about an inventory item being seen on the network. */ - boost::signals2::signal Inventory; /** Tells listeners to broadcast their data. */ boost::signals2::signal Broadcast; /** Notifies listeners of a block validation result */ diff --git a/src/wallet/wallet.cpp b/src/wallet/wallet.cpp index 898cf37dc..234a14621 100644 --- a/src/wallet/wallet.cpp +++ b/src/wallet/wallet.cpp @@ -4455,45 +4455,6 @@ int64_t CWalletTx::GetTxTime() const return n ? n : nTimeReceived; } -int CWalletTx::GetRequestCount() const -{ - // Returns -1 if it wasn't being tracked - int nRequests = -1; - { - LOCK(pwallet->cs_wallet); - if (IsCoinBase()) - { - // Generated block - if (!hashBlock.IsNull()) - { - map::const_iterator mi = pwallet->mapRequestCount.find(hashBlock); - if (mi != pwallet->mapRequestCount.end()) - nRequests = (*mi).second; - } - } - else - { - // Did anyone request this transaction? - map::const_iterator mi = pwallet->mapRequestCount.find(GetHash()); - if (mi != pwallet->mapRequestCount.end()) - { - nRequests = (*mi).second; - - // How about the block it's in? - if (nRequests == 0 && !hashBlock.IsNull()) - { - map::const_iterator _mi = pwallet->mapRequestCount.find(hashBlock); - if (_mi != pwallet->mapRequestCount.end()) - nRequests = (*_mi).second; - else - nRequests = 1; // If it's in someone else's block it must have got out - } - } - } - } - return nRequests; -} - // GetAmounts will determine the transparent debits and credits for a given wallet tx. void CWalletTx::GetAmounts(std::list& listReceived, std::list& listSent, CAmount& nFee, const isminefilter& filter) const @@ -5914,9 +5875,6 @@ bool CWallet::CommitTransaction(CWalletTx& wtxNew, std::optional& asOfHeight) const; int64_t GetTxTime() const; - int GetRequestCount() const; bool RelayWalletTransaction(); @@ -1416,7 +1415,6 @@ public: TxItems wtxOrdered; int64_t nOrderPosNext; - std::map mapRequestCount; std::map mapAddressBook; @@ -1971,16 +1969,6 @@ public: void UpdatedTransaction(const uint256 &hashTx); - void Inventory(const uint256 &hash) - { - { - LOCK(cs_wallet); - std::map::iterator mi = mapRequestCount.find(hash); - if (mi != mapRequestCount.end()) - (*mi).second++; - } - } - void GetAddressForMining(std::optional &minerAddress); void ResetRequestCount(const uint256 &hash) { From 7c739e2b20ff629bb4bf8150ea690b8be6c6d3d4 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Wed, 30 Jun 2021 11:52:40 -0700 Subject: [PATCH 02/20] Rate limit the processing of incoming addr messages While limitations on the influence of attackers on addrman already exist (affected buckets are restricted to a subset based on incoming IP / network group), there is no reason to permit them to let them feed us addresses at more than a multiple of the normal network rate. This commit introduces a "token bucket" rate limiter for the processing of addresses in incoming ADDR and ADDRV2 messages. Every connection gets an associated token bucket. Processing an address in an ADDR or ADDRV2 message from non-whitelisted peers consumes a token from the bucket. If the bucket is empty, the address is ignored (it is not forwarded or processed). The token counter increases at a rate of 0.1 tokens per second, and will accrue up to a maximum of 1000 tokens (the maximum we accept in a single ADDR or ADDRV2). When a GETADDR is sent to a peer, it immediately gets 1000 additional tokens, as we actively desire many addresses from such peers (this may temporarily cause the token count to exceed 1000). The rate limit of 0.1 addr/s was chosen based on observation of honest nodes on the network. Activity in general from most nodes is either 0, or up to a maximum around 0.025 addr/s for recent Bitcoin Core nodes. A few (self-identified, through subver) crawler nodes occasionally exceed 0.1 addr/s. (cherry-picked from commit bitcoin/bitcoin@0d64b8f709b4655d8702f810d4876cd8d96ded82) --- src/main.cpp | 21 +++++++++++++++++++++ src/net.h | 13 +++++++++++++ 2 files changed, 34 insertions(+) diff --git a/src/main.cpp b/src/main.cpp index a4b8ffe81..1561a5bc1 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6564,6 +6564,10 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string { pfrom->PushMessage("getaddr"); pfrom->fGetAddr = true; + + // When requesting a getaddr, accept an additional MAX_ADDR_TO_SEND addresses in response + // (bypassing the MAX_ADDR_PROCESSING_TOKEN_BUCKET limit). + pfrom->m_addr_token_bucket += MAX_ADDR_TO_SEND; } addrman.Good(pfrom->addr); } else { @@ -6656,10 +6660,27 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string vector vAddrOk; int64_t nNow = GetTime(); int64_t nSince = nNow - 10 * 60; + + // Update/increment addr rate limiting bucket. + const int64_t current_time = GetTimeMicros(); + if (pfrom->m_addr_token_bucket < MAX_ADDR_PROCESSING_TOKEN_BUCKET) { + // Don't increment bucket if it's already full + const auto time_diff = std::max(current_time - pfrom->m_addr_token_timestamp, (int64_t) 0); + const double increment = (time_diff / 1000000) * MAX_ADDR_RATE_PER_SECOND; + pfrom->m_addr_token_bucket = std::min(pfrom->m_addr_token_bucket + increment, MAX_ADDR_PROCESSING_TOKEN_BUCKET); + } + pfrom->m_addr_token_timestamp = current_time; + for (CAddress& addr : vAddr) { boost::this_thread::interruption_point(); + // Apply rate limiting if the address is not whitelisted + if (!pfrom->IsWhitelistedRange(addr)) { + if (pfrom->m_addr_token_bucket < 1.0) break; + pfrom->m_addr_token_bucket -= 1.0; + } + if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60) addr.nTime = nNow - 5 * 24 * 60 * 60; pfrom->AddAddressKnown(addr); diff --git a/src/net.h b/src/net.h index 874c10fa6..e7e655c39 100644 --- a/src/net.h +++ b/src/net.h @@ -50,6 +50,13 @@ static const int TIMEOUT_INTERVAL = 20 * 60; static const unsigned int MAX_INV_SZ = 50000; /** The maximum number of new addresses to accumulate before announcing. */ static const unsigned int MAX_ADDR_TO_SEND = 1000; +/** The maximum rate of address records we're willing to process on average. Can be bypassed using + * the NetPermissionFlags::Addr permission. */ +static constexpr double MAX_ADDR_RATE_PER_SECOND{0.1}; +/** The soft limit of the address processing token bucket (the regular MAX_ADDR_RATE_PER_SECOND + * based increments won't go above this, but the MAX_ADDR_TO_SEND increment following GETADDR + * is exempt from this limit. */ +static constexpr size_t MAX_ADDR_PROCESSING_TOKEN_BUCKET{MAX_ADDR_TO_SEND}; /** Maximum length of incoming protocol messages (no message over 2 MiB is currently acceptable). */ static const unsigned int MAX_PROTOCOL_MESSAGE_LENGTH = 2 * 1024 * 1024; /** Maximum length of strSubVer in `version` message */ @@ -339,6 +346,12 @@ public: int64_t nNextAddrSend; int64_t nNextLocalAddrSend; + /** Number of addr messages that can be processed from this peer. Start at 1 to + * permit self-announcement. */ + double m_addr_token_bucket{1.0}; + /** When m_addr_token_bucket was last updated */ + int64_t m_addr_token_timestamp{GetTimeMicros()}; + // inventory based relay CRollingBloomFilter filterInventoryKnown; // Set of transaction ids we still have to announce. From 2c48eddfa5f1f3248d2df845e662a82bac957742 Mon Sep 17 00:00:00 2001 From: Greg Pfeil Date: Fri, 17 Feb 2023 12:50:32 -0700 Subject: [PATCH 03/20] Remove `ResetRequestCount` There is no longer any `mapRequestCount` to reset. This also removes the `BlockFound` signal, as its only purpose was to call `ResetRequestCount`. --- src/miner.cpp | 3 --- src/validationinterface.cpp | 3 --- src/validationinterface.h | 3 --- src/wallet/wallet.h | 5 ----- 4 files changed, 14 deletions(-) diff --git a/src/miner.cpp b/src/miner.cpp index f3e6264d1..7383fd7a4 100644 --- a/src/miner.cpp +++ b/src/miner.cpp @@ -877,9 +877,6 @@ static bool ProcessBlockFound(const CBlock* pblock, const CChainParams& chainpar return error("ZcashMiner: generated block is stale"); } - // Inform about the new block - GetMainSignals().BlockFound(pblock->GetHash()); - // Process this block the same as if we had received it from another node CValidationState state; if (!ProcessNewBlock(state, chainparams, NULL, pblock, true, NULL)) diff --git a/src/validationinterface.cpp b/src/validationinterface.cpp index f490c5e12..ec11ef190 100644 --- a/src/validationinterface.cpp +++ b/src/validationinterface.cpp @@ -40,11 +40,9 @@ void RegisterValidationInterface(CValidationInterface* pwalletIn) { g_signals.Broadcast.connect(boost::bind(&CValidationInterface::ResendWalletTransactions, pwalletIn, _1)); g_signals.BlockChecked.connect(boost::bind(&CValidationInterface::BlockChecked, pwalletIn, _1, _2)); g_signals.AddressForMining.connect(boost::bind(&CValidationInterface::GetAddressForMining, pwalletIn, _1)); - g_signals.BlockFound.connect(boost::bind(&CValidationInterface::ResetRequestCount, pwalletIn, _1)); } void UnregisterValidationInterface(CValidationInterface* pwalletIn) { - g_signals.BlockFound.disconnect(boost::bind(&CValidationInterface::ResetRequestCount, pwalletIn, _1)); g_signals.AddressForMining.disconnect(boost::bind(&CValidationInterface::GetAddressForMining, pwalletIn, _1)); g_signals.BlockChecked.disconnect(boost::bind(&CValidationInterface::BlockChecked, pwalletIn, _1, _2)); g_signals.Broadcast.disconnect(boost::bind(&CValidationInterface::ResendWalletTransactions, pwalletIn, _1)); @@ -57,7 +55,6 @@ void UnregisterValidationInterface(CValidationInterface* pwalletIn) { } void UnregisterAllValidationInterfaces() { - g_signals.BlockFound.disconnect_all_slots(); g_signals.AddressForMining.disconnect_all_slots(); g_signals.BlockChecked.disconnect_all_slots(); g_signals.Broadcast.disconnect_all_slots(); diff --git a/src/validationinterface.h b/src/validationinterface.h index 300318296..c8ddb55bd 100644 --- a/src/validationinterface.h +++ b/src/validationinterface.h @@ -95,7 +95,6 @@ protected: virtual void ResendWalletTransactions(int64_t nBestBlockTime) {} virtual void BlockChecked(const CBlock&, const CValidationState&) {} virtual void GetAddressForMining(std::optional&) {}; - virtual void ResetRequestCount(const uint256 &hash) {}; friend void ::RegisterValidationInterface(CValidationInterface*); friend void ::UnregisterValidationInterface(CValidationInterface*); friend void ::UnregisterAllValidationInterfaces(); @@ -165,8 +164,6 @@ struct CMainSignals { boost::signals2::signal BlockChecked; /** Notifies listeners that an address for mining is required (coinbase) */ boost::signals2::signal&)> AddressForMining; - /** Notifies listeners that a block has been successfully mined */ - boost::signals2::signal BlockFound; }; CMainSignals& GetMainSignals(); diff --git a/src/wallet/wallet.h b/src/wallet/wallet.h index 0af1bab8a..ccad82ab9 100644 --- a/src/wallet/wallet.h +++ b/src/wallet/wallet.h @@ -1970,11 +1970,6 @@ public: void UpdatedTransaction(const uint256 &hashTx); void GetAddressForMining(std::optional &minerAddress); - void ResetRequestCount(const uint256 &hash) - { - LOCK(cs_wallet); - mapRequestCount[hash] = 0; - }; unsigned int GetKeyPoolSize() { From c8cdfcffd084fd1ec2240b133c25cf247f9fb861 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Thu, 15 Jul 2021 12:59:23 -0700 Subject: [PATCH 04/20] Randomize the order of addr processing (cherry picked from commit bitcoin/bitcoin@5648138f5949013331c017c740646e2f4013bc24) --- src/main.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main.cpp b/src/main.cpp index 1561a5bc1..1fd96aca7 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -37,6 +37,7 @@ #include "wallet/asyncrpcoperation_shieldcoinbase.h" #include "warnings.h" +#include #include #include #include @@ -6671,6 +6672,7 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string } pfrom->m_addr_token_timestamp = current_time; + std::shuffle(vAddr.begin(), vAddr.end(), ZcashRandomEngine()); for (CAddress& addr : vAddr) { boost::this_thread::interruption_point(); From 1dddc1337ca520e686e8ae48b7424dadff7a4781 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Wed, 7 Jul 2021 11:44:40 -0700 Subject: [PATCH 05/20] Add logging and addr rate limiting statistics Includes logging improvements by Vasil Dimov and John Newbery. (cherry picked from commit bitcoin/bitcoin@f424d601e1b6870e20bc60f5ccba36d2e210377b) --- src/main.cpp | 17 ++++++++++++++++- src/net.cpp | 3 +++ src/net.h | 7 +++++++ src/rpc/net.cpp | 2 ++ 4 files changed, 28 insertions(+), 1 deletion(-) diff --git a/src/main.cpp b/src/main.cpp index 1fd96aca7..00e57ac51 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6672,6 +6672,8 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string } pfrom->m_addr_token_timestamp = current_time; + uint64_t num_proc = 0; + uint64_t num_rate_limit = 0; std::shuffle(vAddr.begin(), vAddr.end(), ZcashRandomEngine()); for (CAddress& addr : vAddr) { @@ -6679,13 +6681,17 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string // Apply rate limiting if the address is not whitelisted if (!pfrom->IsWhitelistedRange(addr)) { - if (pfrom->m_addr_token_bucket < 1.0) break; + if (pfrom->m_addr_token_bucket < 1.0) { + ++num_rate_limit; + continue; + } pfrom->m_addr_token_bucket -= 1.0; } if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60) addr.nTime = nNow - 5 * 24 * 60 * 60; pfrom->AddAddressKnown(addr); + ++num_proc; bool fReachable = IsReachable(addr); if (addr.nTime > nSince && !pfrom->fGetAddr && vAddr.size() <= 10 && addr.IsRoutable()) { @@ -6716,6 +6722,15 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string if (fReachable) vAddrOk.push_back(addr); } + pfrom->m_addr_processed += num_proc; + pfrom->m_addr_rate_limited += num_rate_limit; + LogPrintf("ProcessMessage: Received addr: %u addresses (%u processed, %u rate-limited) from peer=%d%s\n", + vAddr.size(), + num_proc, + num_rate_limit, + pfrom->GetId(), + fLogIPs ? ", peeraddr=" + pfrom->addr.ToString() : ""); + addrman.Add(vAddrOk, pfrom->addr, 2 * 60 * 60); if (vAddr.size() < 1000) pfrom->fGetAddr = false; diff --git a/src/net.cpp b/src/net.cpp index aea34c857..7364afc67 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -700,6 +700,9 @@ void CNode::copyStats(CNodeStats &stats) stats.dPingTime = (((double)nPingUsecTime) / 1e6); stats.dPingWait = (((double)nPingUsecWait) / 1e6); + stats.m_addr_processed = m_addr_processed.load(); + stats.m_addr_rate_limited = m_addr_rate_limited.load(); + // Leave string empty if addrLocal invalid (not filled in yet) CService addrLocalUnlocked = GetAddrLocal(); stats.addrLocal = addrLocalUnlocked.IsValid() ? addrLocalUnlocked.ToString() : ""; diff --git a/src/net.h b/src/net.h index e7e655c39..498b55c08 100644 --- a/src/net.h +++ b/src/net.h @@ -212,6 +212,8 @@ public: double dPingTime; double dPingWait; std::string addrLocal; + uint64_t m_addr_processed{0}; + uint64_t m_addr_rate_limited{0}; }; @@ -351,6 +353,11 @@ public: double m_addr_token_bucket{1.0}; /** When m_addr_token_bucket was last updated */ int64_t m_addr_token_timestamp{GetTimeMicros()}; + /** Total number of addresses that were dropped due to rate limiting. */ + std::atomic m_addr_rate_limited{0}; + /** Total number of addresses that were processed (excludes rate limited ones). */ + std::atomic m_addr_processed{0}; + // inventory based relay CRollingBloomFilter filterInventoryKnown; diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp index e00e15493..06c2b38cb 100644 --- a/src/rpc/net.cpp +++ b/src/rpc/net.cpp @@ -158,6 +158,8 @@ UniValue getpeerinfo(const UniValue& params, bool fHelp) } obj.pushKV("inflight", heights); } + obj.pushKV("addr_processed", stats.m_addr_processed); + obj.pushKV("addr_rate_limited", stats.m_addr_rate_limited); obj.pushKV("whitelisted", stats.fWhitelisted); ret.push_back(obj); From 9555b5e8a4d9f4dcf70936e0b089f57768fa6de8 Mon Sep 17 00:00:00 2001 From: Jon Atack Date: Sat, 31 Jul 2021 21:56:59 +0200 Subject: [PATCH 06/20] p2p, rpc, test: address rate-limiting follow-ups (cherry picked from commit bitcoin/bitcoin@d930c7f5b091687eb4208a5ffe8a2abe311d8054) --- src/main.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index 00e57ac51..8a8a5a9d2 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6680,11 +6680,12 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string boost::this_thread::interruption_point(); // Apply rate limiting if the address is not whitelisted - if (!pfrom->IsWhitelistedRange(addr)) { - if (pfrom->m_addr_token_bucket < 1.0) { + if (pfrom->m_addr_token_bucket < 1.0) { + if (!pfrom->IsWhitelistedRange(addr)) { ++num_rate_limit; continue; } + } else { pfrom->m_addr_token_bucket -= 1.0; } From 0a39cc67271d64bb541573e7994dc97f18a7089e Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Fri, 17 Feb 2023 20:38:04 +0000 Subject: [PATCH 07/20] Enable a CRollingBloomFilter to be reset to a state where it takes little memory. Co-authored-by: Jack Grigg Signed-off-by: Daira Hopwood --- src/bloom.cpp | 29 +++++++++++++++++++---------- src/bloom.h | 6 ++++++ src/test/bloom_tests.cpp | 26 ++++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 10 deletions(-) diff --git a/src/bloom.cpp b/src/bloom.cpp index 8f0729e71..4f75be990 100644 --- a/src/bloom.cpp +++ b/src/bloom.cpp @@ -187,15 +187,7 @@ CRollingBloomFilter::CRollingBloomFilter(const unsigned int nElements, const dou * => nFilterBits = -nHashFuncs * nMaxElements / log(1.0 - pow(fpRate, 1.0 / nHashFuncs)) * => nFilterBits = -nHashFuncs * nMaxElements / log(1.0 - exp(logFpRate / nHashFuncs)) */ - uint32_t nFilterBits = (uint32_t)ceil(-1.0 * nHashFuncs * nMaxElements / log(1.0 - exp(logFpRate / nHashFuncs))); - data.clear(); - /* For each data element we need to store 2 bits. If both bits are 0, the - * bit is treated as unset. If the bits are (01), (10), or (11), the bit is - * treated as set in generation 1, 2, or 3 respectively. - * These bits are stored in separate integers: position P corresponds to bit - * (P & 63) of the integers data[(P >> 6) * 2] and data[(P >> 6) * 2 + 1]. */ - data.resize(((nFilterBits + 63) / 64) << 1); - reset(); + nFilterBits = (uint32_t)ceil(-1.0 * nHashFuncs * nMaxElements / log(1.0 - exp(logFpRate / nHashFuncs))); } /* Similar to CBloomFilter::Hash */ @@ -213,6 +205,9 @@ static inline uint32_t FastMod(uint32_t x, size_t n) { void CRollingBloomFilter::insert(const std::vector& vKey) { + if (data.empty()) { + initialize(); + } if (nEntriesThisGeneration == nEntriesPerGeneration) { nEntriesThisGeneration = 0; nGeneration++; @@ -250,6 +245,9 @@ void CRollingBloomFilter::insert(const uint256& hash) bool CRollingBloomFilter::contains(const std::vector& vKey) const { + if (data.empty()) { + return false; + } for (int n = 0; n < nHashFuncs; n++) { uint32_t h = RollingBloomHash(n, nTweak, vKey); int bit = h & 0x3F; @@ -268,8 +266,19 @@ bool CRollingBloomFilter::contains(const uint256& hash) const return contains(vData); } -void CRollingBloomFilter::reset() +void CRollingBloomFilter::reset() { + std::vector().swap(data); +} + +void CRollingBloomFilter::initialize() { + /* For each data element we need to store 2 bits. If both bits are 0, the + * bit is treated as unset. If the bits are (01), (10), or (11), the bit is + * treated as set in generation 1, 2, or 3 respectively. + * These bits are stored in separate integers: position P corresponds to bit + * (P & 63) of the integers data[(P >> 6) * 2] and data[(P >> 6) * 2 + 1]. */ + data.resize(((nFilterBits + 63) / 64) << 1); + nTweak = GetRand(std::numeric_limits::max()); nEntriesThisGeneration = 0; nGeneration = 1; diff --git a/src/bloom.h b/src/bloom.h index 9a75658f9..071bbe608 100644 --- a/src/bloom.h +++ b/src/bloom.h @@ -131,7 +131,13 @@ public: void reset(); +protected: + bool is_data_empty() const { return data.empty(); } + private: + void initialize(); + + uint32_t nFilterBits; int nEntriesPerGeneration; int nEntriesThisGeneration; int nGeneration; diff --git a/src/test/bloom_tests.cpp b/src/test/bloom_tests.cpp index ab80d3dc3..56bdf9199 100644 --- a/src/test/bloom_tests.cpp +++ b/src/test/bloom_tests.cpp @@ -538,4 +538,30 @@ BOOST_AUTO_TEST_CASE(rolling_bloom) } } +BOOST_AUTO_TEST_CASE(rolling_bloom_reset) +{ + struct TestRollingBloomFilter : CRollingBloomFilter + { + TestRollingBloomFilter() : CRollingBloomFilter(100, 0.01) {} + bool is_data_empty() const { return CRollingBloomFilter::is_data_empty(); } + }; + + TestRollingBloomFilter rb; + BOOST_CHECK(rb.is_data_empty()); + + std::vector d = RandomData(); + rb.insert(d); + BOOST_CHECK(!rb.is_data_empty()); + BOOST_CHECK(rb.contains(d)); + + // reset() should ensure minimal memory usage. + rb.reset(); + BOOST_CHECK(rb.is_data_empty()); + BOOST_CHECK(!rb.contains(d)); + + rb.insert(d); + BOOST_CHECK(!rb.is_data_empty()); + BOOST_CHECK(rb.contains(d)); +} + BOOST_AUTO_TEST_SUITE_END() From c5b8807ce721beb3c5cbb87bc41a116065094b52 Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Mon, 20 Feb 2023 20:14:55 +0000 Subject: [PATCH 08/20] Ensure that CNode::{addrKnown, filterInventoryKnown} immediately take little memory when we disconnect the node. Co-authored-by: Kris Nuttycombe Co-authored-by: Jack Grigg Signed-off-by: Daira Hopwood --- src/main.cpp | 11 ++++++++--- src/net.cpp | 9 ++++++++- src/net.h | 38 ++++++++++++++++++++++++++++---------- 3 files changed, 44 insertions(+), 14 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index a4b8ffe81..07182ce00 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6662,7 +6662,7 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60) addr.nTime = nNow - 5 * 24 * 60 * 60; - pfrom->AddAddressKnown(addr); + pfrom->AddAddressIfNotAlreadyKnown(addr); bool fReachable = IsReachable(addr); if (addr.nTime > nSince && !pfrom->fGetAddr && vAddr.size() <= 10 && addr.IsRoutable()) { @@ -7603,9 +7603,8 @@ bool SendMessages(const Consensus::Params& params, CNode* pto) vAddr.reserve(pto->vAddrToSend.size()); for (const CAddress& addr : pto->vAddrToSend) { - if (!pto->addrKnown.contains(addr.GetKey())) + if (pto->AddAddressIfNotAlreadyKnown(addr)) { - pto->addrKnown.insert(addr.GetKey()); vAddr.push_back(addr); // receiver rejects addr messages larger than 1000 if (vAddr.size() >= 1000) @@ -7678,6 +7677,12 @@ bool SendMessages(const Consensus::Params& params, CNode* pto) vector vInv; { LOCK(pto->cs_inventory); + // Avoid possibly adding to pto->filterInventoryKnown after it has been reset in CloseSocketDisconnect. + if (pto->fDisconnect) { + // We can safely return here because SendMessages would, in any case, do nothing after + // this block if pto->fDisconnect is set. + return true; + } vInv.reserve(std::max(pto->vInventoryBlockToSend.size(), INVENTORY_BROADCAST_MAX)); // Add blocks diff --git a/src/net.cpp b/src/net.cpp index aea34c857..bbac942f4 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -440,6 +440,14 @@ void CNode::CloseSocketDisconnect() CloseSocket(hSocket); } } + { + LOCK(cs_addrKnown); + addrKnown.reset(); + } + { + LOCK(cs_inventory); + filterInventoryKnown.reset(); + } // in case this fails, we'll empty the recv buffer when the CNode is deleted TRY_LOCK(cs_vRecvMsg, lockRecv); @@ -2221,7 +2229,6 @@ CNode::CNode(SOCKET hSocketIn, const CAddress& addrIn, const std::string& addrNa nSendOffset = 0; hashContinue = uint256(); nStartingHeight = -1; - filterInventoryKnown.reset(); fSendMempool = false; fGetAddr = false; nNextLocalAddrSend = 0; diff --git a/src/net.h b/src/net.h index 874c10fa6..56f88308b 100644 --- a/src/net.h +++ b/src/net.h @@ -304,6 +304,8 @@ public: CBloomFilter* pfilter; NodeId id; std::atomic nRefCount; + CRollingBloomFilter addrKnown; + mutable CCriticalSection cs_addrKnown; const uint64_t nKeyedNetGroup; @@ -333,7 +335,6 @@ public: // flood relay std::vector vAddrToSend; - CRollingBloomFilter addrKnown; bool fGetAddr; std::set setKnown; int64_t nNextAddrSend; @@ -344,7 +345,7 @@ public: // Set of transaction ids we still have to announce. // They are sorted by the mempool before relay, so the order is not important. std::set setInventoryTxToSend; - // List of block ids we still have announce. + // List of block ids we still have to announce. // There is no final sorting before sending, as they are always sent immediately // and in the order requested. std::vector vInventoryBlockToSend; @@ -448,10 +449,25 @@ public: } - - void AddAddressKnown(const CAddress& addr) + bool AddAddressIfNotAlreadyKnown(const CAddress& addr) { - addrKnown.insert(addr.GetKey()); + LOCK(cs_addrKnown); + // Avoid adding to addrKnown after it has been reset in CloseSocketDisconnect. + if (fDisconnect) { + return false; + } + if (!addrKnown.contains(addr.GetKey())) { + addrKnown.insert(addr.GetKey()); + return true; + } else { + return false; + } + } + + bool IsAddressKnown(const CAddress& addr) const + { + LOCK(cs_addrKnown); + return addrKnown.contains(addr.GetKey()); } void PushAddress(const CAddress& addr, FastRandomContext &insecure_rand) @@ -459,7 +475,7 @@ public: // Known checking here is only to save space from duplicates. // SendMessages will filter it again for knowns that were added // after addresses were pushed. - if (addr.IsValid() && !addrKnown.contains(addr.GetKey())) { + if (addr.IsValid() && !IsAddressKnown(addr)) { if (vAddrToSend.size() >= MAX_ADDR_TO_SEND) { vAddrToSend[insecure_rand.randrange(vAddrToSend.size())] = addr; } else { @@ -471,8 +487,8 @@ public: void AddKnownTx(const WTxId& wtxid) { - { - LOCK(cs_inventory); + LOCK(cs_inventory); + if (!fDisconnect) { filterInventoryKnown.insert(wtxid.ToBytes()); } } @@ -480,7 +496,7 @@ public: void PushTxInventory(const WTxId& wtxid) { LOCK(cs_inventory); - if (!filterInventoryKnown.contains(wtxid.ToBytes())) { + if (!fDisconnect && !filterInventoryKnown.contains(wtxid.ToBytes())) { setInventoryTxToSend.insert(wtxid.hash); } } @@ -488,7 +504,9 @@ public: void PushBlockInventory(const uint256& hash) { LOCK(cs_inventory); - vInventoryBlockToSend.push_back(hash); + if (!fDisconnect) { + vInventoryBlockToSend.push_back(hash); + } } void AskFor(const CInv& inv); From 074e6337985e36dd0030366e75a49745a011f328 Mon Sep 17 00:00:00 2001 From: Daira Hopwood Date: Mon, 20 Feb 2023 23:33:04 +0000 Subject: [PATCH 09/20] Improve the encapsulation of `CNode::filterInventoryKnown`. Co-authored-by: Jack Grigg Signed-off-by: Daira Hopwood --- src/main.cpp | 10 +++++----- src/net.h | 24 ++++++++++++++++++++---- 2 files changed, 25 insertions(+), 9 deletions(-) diff --git a/src/main.cpp b/src/main.cpp index 07182ce00..2efe8ba76 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -6757,7 +6757,7 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string } else { - pfrom->AddKnownTx(WTxId(inv.hash, inv.hashAux)); + pfrom->AddKnownWTxId(WTxId(inv.hash, inv.hashAux)); if (fBlocksOnly) LogPrint("net", "transaction (%s) inv sent in violation of protocol peer=%d\n", inv.hash.ToString(), pfrom->id); else if (!fAlreadyHave && !IsInitialBlockDownload(chainparams.GetConsensus())) @@ -6906,7 +6906,7 @@ bool static ProcessMessage(const CChainParams& chainparams, CNode* pfrom, string LOCK(cs_main); - pfrom->AddKnownTx(wtxid); + pfrom->AddKnownWTxId(wtxid); bool fMissingInputs = false; CValidationState state; @@ -7730,7 +7730,7 @@ bool SendMessages(const Consensus::Params& params, CNode* pto) if (pto->pfilter) { if (!pto->pfilter->IsRelevantAndUpdate(*txinfo.tx)) continue; } - pto->filterInventoryKnown.insert(hash); + pto->AddKnownTxId(hash); vInv.push_back(inv); if (vInv.size() == MAX_INV_SZ) { pto->PushMessage("inv", vInv); @@ -7765,7 +7765,7 @@ bool SendMessages(const Consensus::Params& params, CNode* pto) // Remove it from the to-be-sent set pto->setInventoryTxToSend.erase(it); // Check if not in the filter already - if (pto->filterInventoryKnown.contains(hash)) { + if (pto->HasKnownTxId(hash)) { continue; } // Not in the mempool anymore? don't bother sending it. @@ -7800,7 +7800,7 @@ bool SendMessages(const Consensus::Params& params, CNode* pto) pto->PushMessage("inv", vInv); vInv.clear(); } - pto->filterInventoryKnown.insert(hash); + pto->AddKnownTxId(hash); } } } diff --git a/src/net.h b/src/net.h index 56f88308b..b391da020 100644 --- a/src/net.h +++ b/src/net.h @@ -307,6 +307,10 @@ public: CRollingBloomFilter addrKnown; mutable CCriticalSection cs_addrKnown; + // Inventory based relay + // This filter is protected by cs_inventory and contains both txids and wtxids. + CRollingBloomFilter filterInventoryKnown; + const uint64_t nKeyedNetGroup; // Stored so we can pass a pointer to it across the Rust FFI for span. @@ -340,8 +344,6 @@ public: int64_t nNextAddrSend; int64_t nNextLocalAddrSend; - // inventory based relay - CRollingBloomFilter filterInventoryKnown; // Set of transaction ids we still have to announce. // They are sorted by the mempool before relay, so the order is not important. std::set setInventoryTxToSend; @@ -349,7 +351,7 @@ public: // There is no final sorting before sending, as they are always sent immediately // and in the order requested. std::vector vInventoryBlockToSend; - CCriticalSection cs_inventory; + mutable CCriticalSection cs_inventory; std::set setAskFor; std::multimap mapAskFor; int64_t nNextInvSend; @@ -485,7 +487,7 @@ public: } - void AddKnownTx(const WTxId& wtxid) + void AddKnownWTxId(const WTxId& wtxid) { LOCK(cs_inventory); if (!fDisconnect) { @@ -493,6 +495,20 @@ public: } } + void AddKnownTxId(const uint256& txid) + { + LOCK(cs_inventory); + if (!fDisconnect) { + filterInventoryKnown.insert(txid); + } + } + + bool HasKnownTxId(const uint256& txid) const + { + LOCK(cs_inventory); + return filterInventoryKnown.contains(txid); + } + void PushTxInventory(const WTxId& wtxid) { LOCK(cs_inventory); From 1478dc1e7f1ccd89bac76fc738650877fbfd1422 Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:37:38 -0700 Subject: [PATCH 10/20] Update release notes for v5.3.3 hotfix --- doc/release-notes.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/release-notes.md b/doc/release-notes.md index a29094b51..e3b26957f 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -4,3 +4,7 @@ release-notes at release time) Notable changes =============== +This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited +as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer +messages to fill the memory of a node, resulting in a crash. + From 700d785046e454e620bc98e5affe643d7dcadeef Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Fri, 17 Feb 2023 18:54:27 -0700 Subject: [PATCH 11/20] Postpone dependency updates. --- qa/zcash/postponed-updates.txt | 121 ++++++++++++++++++++------------- 1 file changed, 74 insertions(+), 47 deletions(-) diff --git a/qa/zcash/postponed-updates.txt b/qa/zcash/postponed-updates.txt index f26d4b7ee..2da82d6d1 100644 --- a/qa/zcash/postponed-updates.txt +++ b/qa/zcash/postponed-updates.txt @@ -4,59 +4,86 @@ # bdb 18.1.40 2020-09-01 # -native_cxxbridge 1.0.80 2022-12-10 -native_cxxbridge 1.0.81 2022-12-10 -native_cxxbridge 1.0.82 2022-12-10 -native_cxxbridge 1.0.83 2022-12-10 -native_rust 1.65.0 2022-12-10 -rustcxx 1.0.80 2022-12-10 -rustcxx 1.0.81 2022-12-10 -rustcxx 1.0.82 2022-12-10 -rustcxx 1.0.83 2022-12-10 -utfcpp 3.2.2 2022-12-10 +native_cxxbridge 1.0.80 2023-03-01 +native_cxxbridge 1.0.81 2023-03-01 +native_cxxbridge 1.0.82 2023-03-01 +native_cxxbridge 1.0.83 2023-03-01 +native_cxxbridge 1.0.84 2023-03-01 +native_cxxbridge 1.0.85 2023-03-01 +native_cxxbridge 1.0.86 2023-03-01 +native_cxxbridge 1.0.87 2023-03-01 +native_cxxbridge 1.0.88 2023-03-01 +native_cxxbridge 1.0.89 2023-03-01 +native_cxxbridge 1.0.90 2023-03-01 +native_cxxbridge 1.0.91 2023-03-01 +native_rust 1.65.0 2023-03-01 +native_rust 1.66.0 2023-03-01 +native_rust 1.66.1 2023-03-01 +native_rust 1.67.0 2023-03-01 +native_rust 1.67.1 2023-03-01 +rustcxx 1.0.80 2023-03-01 +rustcxx 1.0.81 2023-03-01 +rustcxx 1.0.82 2023-03-01 +rustcxx 1.0.83 2023-03-01 +rustcxx 1.0.84 2023-03-01 +rustcxx 1.0.85 2023-03-01 +rustcxx 1.0.86 2023-03-01 +rustcxx 1.0.87 2023-03-01 +rustcxx 1.0.88 2023-03-01 +rustcxx 1.0.89 2023-03-01 +rustcxx 1.0.90 2023-03-01 +rustcxx 1.0.91 2023-03-01 +utfcpp 3.2.2 2023-03-01 +utfcpp 3.2.3 2023-03-01 # Ccache 4.0 requires adding CMake to the depends system. -native_ccache 4.0 2022-12-10 -native_ccache 4.1 2022-12-10 -native_ccache 4.2 2022-12-10 -native_ccache 4.2.1 2022-12-10 -native_ccache 4.3 2022-12-10 -native_ccache 4.4 2022-12-10 -native_ccache 4.4.1 2022-12-10 -native_ccache 4.4.2 2022-12-10 -native_ccache 4.5 2022-12-10 -native_ccache 4.5.1 2022-12-10 -native_ccache 4.6 2022-12-10 -native_ccache 4.6.1 2022-12-10 -native_ccache 4.6.2 2022-12-10 -native_ccache 4.6.3 2022-12-10 -native_ccache 4.7 2022-12-10 -native_ccache 4.7.1 2022-12-10 -native_ccache 4.7.2 2022-12-10 -native_ccache 4.7.3 2022-12-10 -native_ccache 4.7.4 2022-12-10 +native_ccache 4.0 2023-03-01 +native_ccache 4.1 2023-03-01 +native_ccache 4.2 2023-03-01 +native_ccache 4.2.1 2023-03-01 +native_ccache 4.3 2023-03-01 +native_ccache 4.4 2023-03-01 +native_ccache 4.4.1 2023-03-01 +native_ccache 4.4.2 2023-03-01 +native_ccache 4.5 2023-03-01 +native_ccache 4.5.1 2023-03-01 +native_ccache 4.6 2023-03-01 +native_ccache 4.6.1 2023-03-01 +native_ccache 4.6.2 2023-03-01 +native_ccache 4.6.3 2023-03-01 +native_ccache 4.7 2023-03-01 +native_ccache 4.7.1 2023-03-01 +native_ccache 4.7.2 2023-03-01 +native_ccache 4.7.3 2023-03-01 +native_ccache 4.7.4 2023-03-01 # Clang and Rust are currently pinned to LLVM 14 -libcxx 15.0.0 2022-12-10 -libcxx 15.0.1 2022-12-10 -libcxx 15.0.2 2022-12-10 -libcxx 15.0.3 2022-12-10 -libcxx 15.0.4 2022-12-10 -libcxx 15.0.5 2022-12-10 -libcxx 15.0.6 2022-12-10 -native_clang 15.0.0 2022-12-10 -native_clang 15.0.1 2022-12-10 -native_clang 15.0.2 2022-12-10 -native_clang 15.0.3 2022-12-10 -native_clang 15.0.4 2022-12-10 -native_clang 15.0.5 2022-12-10 -native_clang 15.0.6 2022-12-10 +libcxx 15.0.0 2023-03-01 +libcxx 15.0.1 2023-03-01 +libcxx 15.0.2 2023-03-01 +libcxx 15.0.3 2023-03-01 +libcxx 15.0.4 2023-03-01 +libcxx 15.0.5 2023-03-01 +libcxx 15.0.6 2023-03-01 +libcxx 15.0.7 2023-03-01 +native_clang 15.0.0 2023-03-01 +native_clang 15.0.1 2023-03-01 +native_clang 15.0.2 2023-03-01 +native_clang 15.0.3 2023-03-01 +native_clang 15.0.4 2023-03-01 +native_clang 15.0.5 2023-03-01 +native_clang 15.0.6 2023-03-01 +native_clang 15.0.7 2023-03-01 + +# Temporarily postponed for hotfix purposes +boost 1.81.0 2023-03-01 +native_b2 1.81.0 2023-03-01 # We're never updating to this version bdb 18.1.40 2024-02-01 # Google Test 1.10.0 requires adding CMake to the depends system. -googletest 1.10.0 2022-12-10 -googletest 1.11.0 2022-12-10 -googletest 1.12.0 2022-12-10 -googletest 1.12.1 2022-12-10 +googletest 1.10.0 2023-03-01 +googletest 1.11.0 2023-03-01 +googletest 1.12.0 2023-03-01 +googletest 1.12.1 2023-03-01 From 6fe1b5e59523826eb525b7fee29a81c1b19486af Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:43:45 -0700 Subject: [PATCH 12/20] make-release.py: Versioning changes for 5.3.3. --- README.md | 2 +- configure.ac | 2 +- contrib/gitian-descriptors/gitian-linux-parallel.yml | 2 +- contrib/gitian-descriptors/gitian-linux.yml | 2 +- src/clientversion.h | 2 +- src/deprecation.h | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index df635786a..9b2132f47 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -Zcash 5.3.2 +Zcash 5.3.3 =========== diff --git a/configure.ac b/configure.ac index 5510e89c1..c3a8e561e 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl require autoconf 2.60 (AS_ECHO/AS_ECHO_N) AC_PREREQ([2.60]) define(_CLIENT_VERSION_MAJOR, 5) define(_CLIENT_VERSION_MINOR, 3) -define(_CLIENT_VERSION_REVISION, 2) +define(_CLIENT_VERSION_REVISION, 3) define(_CLIENT_VERSION_BUILD, 50) define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50))) define(_CLIENT_VERSION_SUFFIX, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, _CLIENT_VERSION_REVISION-beta$1, m4_eval(_CLIENT_VERSION_BUILD < 50), 1, _CLIENT_VERSION_REVISION-rc$1, m4_eval(_CLIENT_VERSION_BUILD == 50), 1, _CLIENT_VERSION_REVISION, _CLIENT_VERSION_REVISION-$1))) diff --git a/contrib/gitian-descriptors/gitian-linux-parallel.yml b/contrib/gitian-descriptors/gitian-linux-parallel.yml index 05958bb2d..5b907a5f7 100644 --- a/contrib/gitian-descriptors/gitian-linux-parallel.yml +++ b/contrib/gitian-descriptors/gitian-linux-parallel.yml @@ -1,5 +1,5 @@ --- -name: "zcash-5.3.2" +name: "zcash-5.3.3" enable_cache: true distro: "debian" suites: diff --git a/contrib/gitian-descriptors/gitian-linux.yml b/contrib/gitian-descriptors/gitian-linux.yml index eac535402..b8ce1433f 100644 --- a/contrib/gitian-descriptors/gitian-linux.yml +++ b/contrib/gitian-descriptors/gitian-linux.yml @@ -1,5 +1,5 @@ --- -name: "zcash-5.3.2" +name: "zcash-5.3.3" enable_cache: true distro: "debian" suites: diff --git a/src/clientversion.h b/src/clientversion.h index be677a81f..51b9a8a4c 100644 --- a/src/clientversion.h +++ b/src/clientversion.h @@ -17,7 +17,7 @@ //! These need to be macros, as clientversion.cpp's and bitcoin*-res.rc's voodoo requires it #define CLIENT_VERSION_MAJOR 5 #define CLIENT_VERSION_MINOR 3 -#define CLIENT_VERSION_REVISION 2 +#define CLIENT_VERSION_REVISION 3 #define CLIENT_VERSION_BUILD 50 //! Set to true for release, false for prerelease or test build diff --git a/src/deprecation.h b/src/deprecation.h index 4a8f7a558..9e8cec010 100644 --- a/src/deprecation.h +++ b/src/deprecation.h @@ -10,7 +10,7 @@ // Per https://zips.z.cash/zip-0200 // Shut down nodes running this version of code, 16 weeks' worth of blocks after the estimated // release block height. A warning is shown during the 14 days' worth of blocks prior to shut down. -static const int APPROX_RELEASE_HEIGHT = 1900500; +static const int APPROX_RELEASE_HEIGHT = 1992000; static const int RELEASE_TO_DEPRECATION_WEEKS = 16; static const int EXPECTED_BLOCKS_PER_HOUR = 3600 / Consensus::POST_BLOSSOM_POW_TARGET_SPACING; static_assert(EXPECTED_BLOCKS_PER_HOUR == 48, "The value of Consensus::POST_BLOSSOM_POW_TARGET_SPACING was chosen such that this assertion holds."); From a5be52a675dd7762db83ffaefaa702da1f54a224 Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:47:26 -0700 Subject: [PATCH 13/20] make-release.py: Updated manpages for 5.3.3. --- doc/man/zcash-cli.1 | 8 ++++---- doc/man/zcash-tx.1 | 8 ++++---- doc/man/zcashd-wallet-tool.1 | 6 +++--- doc/man/zcashd.1 | 10 +++++----- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/doc/man/zcash-cli.1 b/doc/man/zcash-cli.1 index b0157bf5d..513f23a57 100644 --- a/doc/man/zcash-cli.1 +++ b/doc/man/zcash-cli.1 @@ -1,9 +1,9 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.2. -.TH ZCASH-CLI "1" "December 2022" "zcash-cli v5.3.2" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. +.TH ZCASH-CLI "1" "February 2023" "zcash-cli v5.3.3" "User Commands" .SH NAME -zcash-cli \- manual page for zcash-cli v5.3.2 +zcash-cli \- manual page for zcash-cli v5.3.3 .SH DESCRIPTION -Zcash RPC client version v5.3.2 +Zcash RPC client version v5.3.3 .PP In order to ensure you are adequately protecting your privacy when using Zcash, please see . diff --git a/doc/man/zcash-tx.1 b/doc/man/zcash-tx.1 index b39e05caa..f5cc4ee7d 100644 --- a/doc/man/zcash-tx.1 +++ b/doc/man/zcash-tx.1 @@ -1,9 +1,9 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.2. -.TH ZCASH-TX "1" "December 2022" "zcash-tx v5.3.2" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. +.TH ZCASH-TX "1" "February 2023" "zcash-tx v5.3.3" "User Commands" .SH NAME -zcash-tx \- manual page for zcash-tx v5.3.2 +zcash-tx \- manual page for zcash-tx v5.3.3 .SH DESCRIPTION -Zcash zcash\-tx utility version v5.3.2 +Zcash zcash\-tx utility version v5.3.3 .SS "Usage:" .TP zcash\-tx [options] [commands] diff --git a/doc/man/zcashd-wallet-tool.1 b/doc/man/zcashd-wallet-tool.1 index 3a2fc540f..33fc1a7d6 100644 --- a/doc/man/zcashd-wallet-tool.1 +++ b/doc/man/zcashd-wallet-tool.1 @@ -1,7 +1,7 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.2. -.TH ZCASHD-WALLET-TOOL "1" "December 2022" "zcashd-wallet-tool v5.3.2" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. +.TH ZCASHD-WALLET-TOOL "1" "February 2023" "zcashd-wallet-tool v5.3.3" "User Commands" .SH NAME -zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.3.2 +zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.3.3 .SH SYNOPSIS .B zcashd-wallet-tool [\fI\,OPTIONS\/\fR] diff --git a/doc/man/zcashd.1 b/doc/man/zcashd.1 index e59a2a012..a8aeeba50 100644 --- a/doc/man/zcashd.1 +++ b/doc/man/zcashd.1 @@ -1,9 +1,9 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.2. -.TH ZCASHD "1" "December 2022" "zcashd v5.3.2" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. +.TH ZCASHD "1" "February 2023" "zcashd v5.3.3" "User Commands" .SH NAME -zcashd \- manual page for zcashd v5.3.2 +zcashd \- manual page for zcashd v5.3.3 .SH DESCRIPTION -Zcash Daemon version v5.3.2 +Zcash Daemon version v5.3.3 .PP In order to ensure you are adequately protecting your privacy when using Zcash, please see . @@ -94,7 +94,7 @@ Keep at most unconnectable transactions in memory (default: 100) .HP \fB\-par=\fR .IP -Set the number of script verification threads (\fB\-6\fR to 16, 0 = auto, <0 = +Set the number of script verification threads (\fB\-16\fR to 16, 0 = auto, <0 = leave that many cores free, default: 0) .HP \fB\-pid=\fR From a16b39470f036677a5ceb9382e5a7eae96040e9e Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:47:26 -0700 Subject: [PATCH 14/20] make-release.py: Updated release notes and changelog for 5.3.3. --- contrib/debian/changelog | 6 ++++ doc/authors.md | 11 ++++---- doc/release-notes.md | 4 --- doc/release-notes/release-notes-5.3.3.md | 36 ++++++++++++++++++++++++ 4 files changed, 48 insertions(+), 9 deletions(-) create mode 100644 doc/release-notes/release-notes-5.3.3.md diff --git a/contrib/debian/changelog b/contrib/debian/changelog index 18a5d09db..0d0fba805 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,3 +1,9 @@ +zcash (5.3.3) stable; urgency=medium + + * 5.3.3 release. + + -- Electric Coin Company Mon, 20 Feb 2023 19:47:26 -0700 + zcash (5.3.2) stable; urgency=medium * 5.3.2 release. diff --git a/doc/authors.md b/doc/authors.md index 949730a62..400014ef0 100644 --- a/doc/authors.md +++ b/doc/authors.md @@ -2,13 +2,13 @@ Zcash Contributors ================== Jack Grigg (1244) -Kris Nuttycombe (585) +Kris Nuttycombe (589) Simon Liu (460) Sean Bowe (389) -Daira Hopwood (369) +Daira Hopwood (372) Eirik Ogilvie-Wigley (216) Wladimir J. van der Laan (158) -Pieter Wuille (143) +Pieter Wuille (146) Alfredo Garcia (119) Taylor Hornby (118) Marshall Gaucher (116) @@ -19,8 +19,8 @@ Larry Ruane (88) Marco Falke (86) Cory Fields (78) sasha (62) -Matt Corallo (60) -Greg Pfeil (60) +Matt Corallo (61) +Greg Pfeil (61) Nathan Wilcox (57) practicalswift (42) Kevin Gallagher (38) @@ -218,6 +218,7 @@ Josh Lehan (1) Josh Ellithorpe (1) Jonas Nick (1) Jon Layton (1) +Jon Atack (1) Jeffrey Walton (1) Janito Vaqueiro Ferreira Filho (1) James White (1) diff --git a/doc/release-notes.md b/doc/release-notes.md index e3b26957f..a29094b51 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -4,7 +4,3 @@ release-notes at release time) Notable changes =============== -This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited -as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer -messages to fill the memory of a node, resulting in a crash. - diff --git a/doc/release-notes/release-notes-5.3.3.md b/doc/release-notes/release-notes-5.3.3.md new file mode 100644 index 000000000..51053c239 --- /dev/null +++ b/doc/release-notes/release-notes-5.3.3.md @@ -0,0 +1,36 @@ +Notable changes +=============== + +This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited +as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer +messages to fill the memory of a node, resulting in a crash. + + +Changelog +========= + +Daira Hopwood (3): + Enable a CRollingBloomFilter to be reset to a state where it takes little memory. + Ensure that CNode::{addrKnown, filterInventoryKnown} immediately take little memory when we disconnect the node. + Improve the encapsulation of `CNode::filterInventoryKnown`. + +Greg Pfeil (1): + Remove `ResetRequestCount` + +Jon Atack (1): + p2p, rpc, test: address rate-limiting follow-ups + +Kris Nuttycombe (4): + Update release notes for v5.3.3 hotfix + Postpone dependency updates. + make-release.py: Versioning changes for 5.3.3. + make-release.py: Updated manpages for 5.3.3. + +Matt Corallo (1): + Remove useless mapRequest tracking that just effects Qt display. + +Pieter Wuille (3): + Rate limit the processing of incoming addr messages + Randomize the order of addr processing + Add logging and addr rate limiting statistics + From 71e80c8656bc2736949bf5c8b42671bb863ed3cc Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:54:51 -0700 Subject: [PATCH 15/20] Postpone dependency updates for v5.4.2 hotfix. --- qa/zcash/postponed-updates.txt | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/qa/zcash/postponed-updates.txt b/qa/zcash/postponed-updates.txt index 0f30ac5e5..9815f725e 100644 --- a/qa/zcash/postponed-updates.txt +++ b/qa/zcash/postponed-updates.txt @@ -7,20 +7,22 @@ native_zstd 1.5.4 2023-03-01 # cxx 1.0.84-1.0.87 didn't update third-party/Cargo.lock -native_cxxbridge 1.0.84 2024-02-01 -native_cxxbridge 1.0.85 2024-02-01 -native_cxxbridge 1.0.86 2024-02-01 -native_cxxbridge 1.0.87 2024-02-01 -native_cxxbridge 1.0.88 2024-02-01 -native_cxxbridge 1.0.89 2024-02-01 -native_cxxbridge 1.0.90 2024-02-01 -rustcxx 1.0.84 2024-02-01 -rustcxx 1.0.85 2024-02-01 -rustcxx 1.0.86 2024-02-01 -rustcxx 1.0.87 2024-02-01 -rustcxx 1.0.88 2024-02-01 -rustcxx 1.0.89 2024-02-01 -rustcxx 1.0.90 2024-02-01 +native_cxxbridge 1.0.84 2024-03-01 +native_cxxbridge 1.0.85 2024-03-01 +native_cxxbridge 1.0.86 2024-03-01 +native_cxxbridge 1.0.87 2024-03-01 +native_cxxbridge 1.0.88 2024-03-01 +native_cxxbridge 1.0.89 2024-03-01 +native_cxxbridge 1.0.90 2024-03-01 +native_cxxbridge 1.0.91 2024-03-01 +rustcxx 1.0.84 2024-03-01 +rustcxx 1.0.85 2024-03-01 +rustcxx 1.0.86 2024-03-01 +rustcxx 1.0.87 2024-03-01 +rustcxx 1.0.88 2024-03-01 +rustcxx 1.0.89 2024-03-01 +rustcxx 1.0.90 2024-03-01 +rustcxx 1.0.91 2024-03-01 # CCache 4.7 appears to drop support for Ubuntu 18.04 native_ccache 4.7 2023-03-01 @@ -53,4 +55,4 @@ native_rust 1.67.0 2023-03-01 native_rust 1.67.1 2023-03-01 # We're never updating to this version -bdb 18.1.40 2024-02-01 +bdb 18.1.40 2024-03-01 From cf33607665987e6bc72c7202ea4d57b28bc08d3e Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 19:55:37 -0700 Subject: [PATCH 16/20] make-release.py: Versioning changes for 5.4.2. --- README.md | 2 +- configure.ac | 2 +- contrib/gitian-descriptors/gitian-linux-parallel.yml | 2 +- contrib/gitian-descriptors/gitian-linux.yml | 2 +- src/clientversion.h | 2 +- src/deprecation.h | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 7f7fbcc16..ff9120a25 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -Zcash 5.4.1 +Zcash 5.4.2 =========== diff --git a/configure.ac b/configure.ac index 8a043c318..4a88acac7 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl require autoconf 2.60 (AS_ECHO/AS_ECHO_N) AC_PREREQ([2.60]) define(_CLIENT_VERSION_MAJOR, 5) define(_CLIENT_VERSION_MINOR, 4) -define(_CLIENT_VERSION_REVISION, 1) +define(_CLIENT_VERSION_REVISION, 2) define(_CLIENT_VERSION_BUILD, 50) define(_ZC_BUILD_VAL, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, m4_incr(_CLIENT_VERSION_BUILD), m4_eval(_CLIENT_VERSION_BUILD < 50), 1, m4_eval(_CLIENT_VERSION_BUILD - 24), m4_eval(_CLIENT_VERSION_BUILD == 50), 1, , m4_eval(_CLIENT_VERSION_BUILD - 50))) define(_CLIENT_VERSION_SUFFIX, m4_if(m4_eval(_CLIENT_VERSION_BUILD < 25), 1, _CLIENT_VERSION_REVISION-beta$1, m4_eval(_CLIENT_VERSION_BUILD < 50), 1, _CLIENT_VERSION_REVISION-rc$1, m4_eval(_CLIENT_VERSION_BUILD == 50), 1, _CLIENT_VERSION_REVISION, _CLIENT_VERSION_REVISION-$1))) diff --git a/contrib/gitian-descriptors/gitian-linux-parallel.yml b/contrib/gitian-descriptors/gitian-linux-parallel.yml index 11eadc822..c868dab4c 100644 --- a/contrib/gitian-descriptors/gitian-linux-parallel.yml +++ b/contrib/gitian-descriptors/gitian-linux-parallel.yml @@ -1,5 +1,5 @@ --- -name: "zcash-5.4.1" +name: "zcash-5.4.2" enable_cache: true distro: "debian" suites: diff --git a/contrib/gitian-descriptors/gitian-linux.yml b/contrib/gitian-descriptors/gitian-linux.yml index cd40a4148..196a7644a 100644 --- a/contrib/gitian-descriptors/gitian-linux.yml +++ b/contrib/gitian-descriptors/gitian-linux.yml @@ -1,5 +1,5 @@ --- -name: "zcash-5.4.1" +name: "zcash-5.4.2" enable_cache: true distro: "debian" suites: diff --git a/src/clientversion.h b/src/clientversion.h index 69498dbee..b898e3dbc 100644 --- a/src/clientversion.h +++ b/src/clientversion.h @@ -17,7 +17,7 @@ //! These need to be macros, as clientversion.cpp's and bitcoin*-res.rc's voodoo requires it #define CLIENT_VERSION_MAJOR 5 #define CLIENT_VERSION_MINOR 4 -#define CLIENT_VERSION_REVISION 1 +#define CLIENT_VERSION_REVISION 2 #define CLIENT_VERSION_BUILD 50 //! Set to true for release, false for prerelease or test build diff --git a/src/deprecation.h b/src/deprecation.h index fb81f695b..c7cc1a2d4 100644 --- a/src/deprecation.h +++ b/src/deprecation.h @@ -10,7 +10,7 @@ // Per https://zips.z.cash/zip-0200 // Shut down nodes running this version of code, 16 weeks' worth of blocks after the estimated // release block height. A warning is shown during the 14 days' worth of blocks prior to shut down. -static const int APPROX_RELEASE_HEIGHT = 1983000; +static const int APPROX_RELEASE_HEIGHT = 1992000; static const int RELEASE_TO_DEPRECATION_WEEKS = 16; static const int EXPECTED_BLOCKS_PER_HOUR = 3600 / Consensus::POST_BLOSSOM_POW_TARGET_SPACING; static_assert(EXPECTED_BLOCKS_PER_HOUR == 48, "The value of Consensus::POST_BLOSSOM_POW_TARGET_SPACING was chosen such that this assertion holds."); From 0fd0233f3b769fd8e1e366a77fb8fa0ada8f3297 Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 20:04:31 -0700 Subject: [PATCH 17/20] make-release.py: Updated manpages for 5.4.2. --- doc/man/zcash-cli.1 | 6 +++--- doc/man/zcash-tx.1 | 6 +++--- doc/man/zcashd-wallet-tool.1 | 4 ++-- doc/man/zcashd.1 | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/doc/man/zcash-cli.1 b/doc/man/zcash-cli.1 index f5a940622..25f8f4f51 100644 --- a/doc/man/zcash-cli.1 +++ b/doc/man/zcash-cli.1 @@ -1,9 +1,9 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. -.TH ZCASH-CLI "1" "February 2023" "zcash-cli v5.4.1" "User Commands" +.TH ZCASH-CLI "1" "February 2023" "zcash-cli v5.4.2" "User Commands" .SH NAME -zcash-cli \- manual page for zcash-cli v5.4.1 +zcash-cli \- manual page for zcash-cli v5.4.2 .SH DESCRIPTION -Zcash RPC client version v5.4.1 +Zcash RPC client version v5.4.2 .PP In order to ensure you are adequately protecting your privacy when using Zcash, please see . diff --git a/doc/man/zcash-tx.1 b/doc/man/zcash-tx.1 index 2d1b03cba..3727e1c58 100644 --- a/doc/man/zcash-tx.1 +++ b/doc/man/zcash-tx.1 @@ -1,9 +1,9 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. -.TH ZCASH-TX "1" "February 2023" "zcash-tx v5.4.1" "User Commands" +.TH ZCASH-TX "1" "February 2023" "zcash-tx v5.4.2" "User Commands" .SH NAME -zcash-tx \- manual page for zcash-tx v5.4.1 +zcash-tx \- manual page for zcash-tx v5.4.2 .SH DESCRIPTION -Zcash zcash\-tx utility version v5.4.1 +Zcash zcash\-tx utility version v5.4.2 .SS "Usage:" .TP zcash\-tx [options] [commands] diff --git a/doc/man/zcashd-wallet-tool.1 b/doc/man/zcashd-wallet-tool.1 index 43970617c..433c97c47 100644 --- a/doc/man/zcashd-wallet-tool.1 +++ b/doc/man/zcashd-wallet-tool.1 @@ -1,7 +1,7 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. -.TH ZCASHD-WALLET-TOOL "1" "February 2023" "zcashd-wallet-tool v5.4.1" "User Commands" +.TH ZCASHD-WALLET-TOOL "1" "February 2023" "zcashd-wallet-tool v5.4.2" "User Commands" .SH NAME -zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.4.1 +zcashd-wallet-tool \- manual page for zcashd-wallet-tool v5.4.2 .SH SYNOPSIS .B zcashd-wallet-tool [\fI\,OPTIONS\/\fR] diff --git a/doc/man/zcashd.1 b/doc/man/zcashd.1 index 4a9e7c8c5..7e8354c4b 100644 --- a/doc/man/zcashd.1 +++ b/doc/man/zcashd.1 @@ -1,9 +1,9 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.1. -.TH ZCASHD "1" "February 2023" "zcashd v5.4.1" "User Commands" +.TH ZCASHD "1" "February 2023" "zcashd v5.4.2" "User Commands" .SH NAME -zcashd \- manual page for zcashd v5.4.1 +zcashd \- manual page for zcashd v5.4.2 .SH DESCRIPTION -Zcash Daemon version v5.4.1 +Zcash Daemon version v5.4.2 .PP In order to ensure you are adequately protecting your privacy when using Zcash, please see . From 824b090bd082b911bf929d182a1cea05074a498c Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Mon, 20 Feb 2023 20:04:31 -0700 Subject: [PATCH 18/20] make-release.py: Updated release notes and changelog for 5.4.2. --- contrib/debian/changelog | 6 ++++ doc/authors.md | 11 ++++---- doc/release-notes.md | 4 --- doc/release-notes/release-notes-5.4.2.md | 36 ++++++++++++++++++++++++ 4 files changed, 48 insertions(+), 9 deletions(-) create mode 100644 doc/release-notes/release-notes-5.4.2.md diff --git a/contrib/debian/changelog b/contrib/debian/changelog index 1e9390894..d10abb156 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,3 +1,9 @@ +zcash (5.4.2) stable; urgency=medium + + * 5.4.2 release. + + -- Electric Coin Company Mon, 20 Feb 2023 20:04:31 -0700 + zcash (5.4.1) stable; urgency=medium * 5.4.1 release. diff --git a/doc/authors.md b/doc/authors.md index 78ffe3c31..80b750bae 100644 --- a/doc/authors.md +++ b/doc/authors.md @@ -2,13 +2,13 @@ Zcash Contributors ================== Jack Grigg (1297) -Kris Nuttycombe (618) +Kris Nuttycombe (622) Simon Liu (460) Sean Bowe (389) -Daira Hopwood (376) +Daira Hopwood (379) Eirik Ogilvie-Wigley (216) Wladimir J. van der Laan (159) -Pieter Wuille (143) +Pieter Wuille (146) Alfredo Garcia (120) Taylor Hornby (118) Marshall Gaucher (118) @@ -17,10 +17,10 @@ Marco Falke (90) Jonas Schnelli (90) Jay Graber (89) Larry Ruane (88) -Greg Pfeil (83) +Greg Pfeil (84) Cory Fields (78) sasha (62) -Matt Corallo (60) +Matt Corallo (61) Nathan Wilcox (57) practicalswift (42) Dimitris Apostolou (40) @@ -219,6 +219,7 @@ Josh Lehan (1) Josh Ellithorpe (1) Jonas Nick (1) Jon Layton (1) +Jon Atack (1) Jeffrey Walton (1) Janito Vaqueiro Ferreira Filho (1) James White (1) diff --git a/doc/release-notes.md b/doc/release-notes.md index e3b26957f..a29094b51 100644 --- a/doc/release-notes.md +++ b/doc/release-notes.md @@ -4,7 +4,3 @@ release-notes at release time) Notable changes =============== -This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited -as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer -messages to fill the memory of a node, resulting in a crash. - diff --git a/doc/release-notes/release-notes-5.4.2.md b/doc/release-notes/release-notes-5.4.2.md new file mode 100644 index 000000000..0deb12c8a --- /dev/null +++ b/doc/release-notes/release-notes-5.4.2.md @@ -0,0 +1,36 @@ +Notable changes +=============== + +This hotfix remediates memory exhaustion vulnerabilities that zcashd inherited +as a fork of bitcoind. These bugs could allow an attacker to use peer-to-peer +messages to fill the memory of a node, resulting in a crash. + + +Changelog +========= + +Daira Hopwood (3): + Enable a CRollingBloomFilter to be reset to a state where it takes little memory. + Ensure that CNode::{addrKnown, filterInventoryKnown} immediately take little memory when we disconnect the node. + Improve the encapsulation of `CNode::filterInventoryKnown`. + +Greg Pfeil (1): + Remove `ResetRequestCount` + +Jon Atack (1): + p2p, rpc, test: address rate-limiting follow-ups + +Kris Nuttycombe (4): + Update release notes for v5.3.3 hotfix + Postpone dependency updates for v5.4.2 hotfix. + make-release.py: Versioning changes for 5.4.2. + make-release.py: Updated manpages for 5.4.2. + +Matt Corallo (1): + Remove useless mapRequest tracking that just effects Qt display. + +Pieter Wuille (3): + Rate limit the processing of incoming addr messages + Randomize the order of addr processing + Add logging and addr rate limiting statistics + From b1fd336f8f1103d14ef234025a8753f459a2b62d Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Tue, 21 Feb 2023 07:27:07 -0700 Subject: [PATCH 19/20] Set urgency to `high` in Debian changelog. --- contrib/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/debian/changelog b/contrib/debian/changelog index d10abb156..93394d268 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,4 +1,4 @@ -zcash (5.4.2) stable; urgency=medium +zcash (5.4.2) stable; urgency=high * 5.4.2 release. From dbb15bea88f5c3e39b1d0dcf7bf077ddb607f9d9 Mon Sep 17 00:00:00 2001 From: Kris Nuttycombe Date: Tue, 21 Feb 2023 07:27:58 -0700 Subject: [PATCH 20/20] Set urgency to `high` in Debian changelog. --- contrib/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contrib/debian/changelog b/contrib/debian/changelog index 0d0fba805..2fd2a6f90 100644 --- a/contrib/debian/changelog +++ b/contrib/debian/changelog @@ -1,4 +1,4 @@ -zcash (5.3.3) stable; urgency=medium +zcash (5.3.3) stable; urgency=high * 5.3.3 release.