From a514cb29688a27aaba917ae535f3c75dcd67834b Mon Sep 17 00:00:00 2001 From: Gregory Maxwell Date: Mon, 11 Apr 2016 01:09:34 +0000 Subject: [PATCH] Only send one GetAddr response per connection. This conserves resources from abusive peers that just send getaddr in a loop. Also makes correlating addr messages against INVs less effective. --- src/main.cpp | 8 ++++++++ src/net.cpp | 1 + src/net.h | 1 + 3 files changed, 10 insertions(+) diff --git a/src/main.cpp b/src/main.cpp index 2b09a50d6..0368f56a9 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -4867,6 +4867,14 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv, // the getaddr message mitigates the attack. else if ((strCommand == "getaddr") && (pfrom->fInbound)) { + // Only send one GetAddr response per connection to reduce resource waste + // and discourage addr stamping of INV announcements. + if (pfrom->fSentAddr) { + LogPrint("net", "Ignoring repeated \"getaddr\". peer=%d\n", pfrom->id); + return true; + } + pfrom->fSentAddr = true; + pfrom->vAddrToSend.clear(); vector vAddr = addrman.GetAddr(); BOOST_FOREACH(const CAddress &addr, vAddr) diff --git a/src/net.cpp b/src/net.cpp index 636e3d5e7..0a96d01f2 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -2142,6 +2142,7 @@ CNode::CNode(SOCKET hSocketIn, CAddress addrIn, std::string addrNameIn, bool fIn nStartingHeight = -1; fGetAddr = false; fRelayTxes = false; + fSentAddr = false; pfilter = new CBloomFilter(); nPingNonceSent = 0; nPingUsecStart = 0; diff --git a/src/net.h b/src/net.h index 44f14fd43..50fb90dca 100644 --- a/src/net.h +++ b/src/net.h @@ -278,6 +278,7 @@ public: // b) the peer may tell us in its version message that we should not relay tx invs // until it has initialized its bloom filter. bool fRelayTxes; + bool fSentAddr; CSemaphoreGrant grantOutbound; CCriticalSection cs_filter; CBloomFilter* pfilter;