zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,244 Commits 128 Branches 60 Tags 50 MiB
Commit Graph

2244 Commits

Author SHA1 Message Date
teor db2f920d96 Stop untrusted preallocation during JoinSplit deserialization 
Zebra believes the untrusted `JoinSplit` list size field when
deserializing `JoinSplit`s, and preallocates a `Vec` based on that size.

This is trivial a memory exhaustion attack.

Instead, use the current auto-growing implementation, which is limited
by the size of the message data.
 2021-03-22 11:54:31 -04:00
teor f19f0d0949 clippy: fix inconsistent struct ordering 2021-03-22 11:51:54 -04:00
teor 38585b6116
Fix whitespace for rustfmt 2021-03-22 11:18:37 +10:00
teor a6f916671a
Add a TODO comment for a missing no-coinbase check 2021-03-22 08:59:51 +10:00
Deirdre Connolly 4aedf08a95
Merge pull request #1927 from ZcashFoundation/ci 
Add final job to ci.yml that passes when all other ci.yml jobs pass
 2021-03-20 23:57:13 -04:00
Deirdre Connolly 5791ee3339 Sync _from_ canopy, not _to_, now that we have state 2021-03-20 19:34:33 -04:00
Deirdre Connolly bbdecbe9ad Update mainnet stateful sync tests to use new disk image 
Leave testnet commented out until testnet disk image is ready.
 2021-03-20 19:34:33 -04:00
Deirdre Connolly 9b2090b4a1 Update test.yml 2021-03-20 19:34:33 -04:00
Deirdre Connolly a091f63c79 Generate Canopy activation disks 2021-03-20 19:34:33 -04:00
Jane Lusby b835a04a5e document coverage workflow 2021-03-20 14:59:02 -04:00
teor c57baad7e8
Merge pull request #1923 from ZcashFoundation/coverage-no-incremental 
Disable incremental compilation in coverage builds to avoid disk space errors.
 2021-03-19 11:33:25 +10:00
teor c8b8a428c6 Revise release checklist to be more explicit 2021-03-17 22:23:41 -04:00
Alfredo Garcia b8742f03a9 add a note to save changelog locally 2021-03-17 22:23:41 -04:00
teor d19585cfca Fix some missed Sapling to Canopy checkpoint code changes 2021-03-18 10:13:47 +10:00
teor 9da220517b Update docs for Sapling to Canopy checkpoint change 2021-03-18 10:13:47 +10:00
teor 74cc30c307 Change the cached sync tests to canopy 
This change requires a cached state rebuild. The rebuilt state will be
significantly larger.
 2021-03-18 10:13:47 +10:00
teor a649bd10e3 Also update testnet checkpoints 2021-03-18 10:13:47 +10:00
teor 6711d14bc4 Summarise how to rebuild checkpoints in list.rs 2021-03-18 10:13:47 +10:00
Alfredo Garcia a292cbe611 change the mandatory checkpoint to Canopy 2021-03-18 10:13:47 +10:00
dependabot[bot] 97cae4b2da build(deps): bump displaydoc from 0.1.7 to 0.2.0 
Bumps [displaydoc](https://github.com/yaahc/displaydoc) from 0.1.7 to 0.2.0.
- [Release notes](https://github.com/yaahc/displaydoc/releases)
- [Changelog](https://github.com/yaahc/displaydoc/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yaahc/displaydoc/commits/v0.2.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-17 15:50:40 -04:00
dependabot[bot] 20a05df58f build(deps): bump regex from 1.4.3 to 1.4.5 
Bumps [regex](https://github.com/rust-lang/regex) from 1.4.3 to 1.4.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.4.3...1.4.5)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-16 21:02:15 -04:00
teor 4f923b90ea Log address book metrics when peers aren't responding 2021-03-17 10:47:04 +10:00
teor 5a30268d7a Log address metrics when the peer set has no ready peers 2021-03-17 10:47:04 +10:00
teor 6a342e93ca Refactor AddressBook metrics into their own struct 
And provide an accessor function for address book metrics.
 2021-03-17 10:47:04 +10:00
Jane Lusby fc4b8c1e70 add basic test for batch waker behaviour 2021-03-17 10:44:18 +10:00
Jane Lusby c10ea1d82b split pair constructor off of Batch::new 2021-03-17 10:44:18 +10:00
Alfredo Garcia 9e1662d2d7
panic in `NonFinalizedState::commit_block` before Canopy (#1909) 
* add a panic in commit_block() for blocks before canopy
* update tests to use a post canopy block and network

Co-authored-by: teor <teor@riseup.net>
 2021-03-17 10:41:28 +10:00
Alfredo Garcia d49eaab68e
Bump versions for zebrad 1.0.0-alpha.4 (#1913) 
* Bump versions for zebrad 1.0.0-alpha.4

* add Cargo.lock
 2021-03-16 21:12:37 -03:00
Jack Grigg 7a8cae9321 Tag message metrics by type 2021-03-17 09:38:07 +10:00
Jack Grigg bae9a7ecd5 Expose binary data in metrics 
This enables slicing and aggregating metrics based on zebrad version:
https://www.robustperception.io/exposing-the-software-version-to-prometheus
 2021-03-17 09:38:07 +10:00
Jack Grigg e51f33a4b9 Use interoperable names for common metrics 
These names match the equivalent metrics in zcashd, enabling common
metrics to be collected across both node types.
 2021-03-17 09:38:07 +10:00
teor 9c0c2f0848 Add Testnet Post-Halving block test vectors 2021-03-16 12:39:07 -04:00
teor 8444b78e01 Add Mainnet Canopy block test vectors 
Including one block that just happened to be 72 kB, in binary format.
 2021-03-16 12:39:07 -04:00
teor 873127aac1 Replace smart quotes with ascii quotes 
Some tools don't deal well with unicode text. And we're not using it
consistently in Zebra anyway.
 2021-03-15 03:18:10 -04:00
dependabot[bot] b618f5b522 build(deps): bump tracing-subscriber from 0.2.16 to 0.2.17 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.2.16 to 0.2.17.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.2.16...tracing-subscriber-0.2.17)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-14 19:37:24 -04:00
teor 8fabbce037
Document and log trailing message bytes (#1888) 
* Rename a variable for consistency
* Log extra trailing message bytes at debug level
 2021-03-15 08:25:27 +10:00
teor 976ec912db
Document that the listed address is also advertised to peers (#1891) 
Documents a potential privacy leak, and a missing feature.
 2021-03-15 08:25:07 +10:00
dependabot[bot] 7f9d66a4af build(deps): bump serde-big-array from 0.3.1 to 0.3.2 
Bumps [serde-big-array](https://github.com/est31/serde-big-array) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/est31/serde-big-array/releases)
- [Commits](https://github.com/est31/serde-big-array/commits/v0.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-13 05:50:01 -05:00
teor 1e1859f5a3
Merge pull request #1887 from ZcashFoundation/revert-1877-revert-1789-large-sync-testnet-disable 
Revert "Revert "Disable unreliable `sync_large_checkpoints_testnet`""

This disables the failing large testnet sync test.
 2021-03-12 12:31:19 +10:00
teor 8103e89739 Check proof-of-work in the CheckpointVerifier 
These checks make some resource exhaustion attacks harder to carry out,
because the malicious blocks need a valid proof-of-work.
 2021-03-12 08:55:29 +10:00
teor c1a910942d Re-use some block checks in the CheckpointVerifier 2021-03-12 08:55:29 +10:00
teor 252affdf84 Add network to CheckpointVerifier 
This refactor allows us to re-use some block checks in the checkpoint
verifier.
 2021-03-12 08:55:29 +10:00
dependabot[bot] 8e0fac5336 build(deps): bump byteorder from 1.4.2 to 1.4.3 
Bumps [byteorder](https://github.com/BurntSushi/byteorder) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/BurntSushi/byteorder/releases)
- [Changelog](https://github.com/BurntSushi/byteorder/blob/master/CHANGELOG.md)
- [Commits](https://github.com/BurntSushi/byteorder/compare/1.4.2...1.4.3)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-11 11:15:13 -05:00
teor d494af1e90 Document how the syncer resists memory DoS 2021-03-11 06:24:46 -05:00
teor c6358b157c Reduce inbound concurrency to limit memory usage 
Inbound malicious blocks can use a large amount of RAM when
deserialized. Limit inbound concurrency, so that the total amount
of RAM remains small.
 2021-03-11 06:24:46 -05:00
teor 475deaf655
Adjust the crawl interval and acceptance test timeout (#1878) 2021-03-11 07:53:37 +10:00
teor ac4611ffc4 Revert "Disable unreliable `sync_large_checkpoints_testnet` (#1789)" 
This reverts commit bae49e54df.
 2021-03-10 02:14:09 -05:00
teor e50692bd51 CandidateSet: Add Listener Port Connections 
Inbound connections on the Zcash protocol listener port
perform a handshake. If the handshake is successful, it
adds the peer to the AddressBook.
 2021-03-09 23:05:18 -05:00
Jane Lusby 03aa6f671f
Implement outbound connection rate limiting - includes config rename with alias (#1855) 
* Implement outbound connection rate limiting
* fix breaking change on config

Co-authored-by: teor <teor@riseup.net>
 2021-03-10 01:36:05 +00:00
dependabot[bot] d1ab8e9cf4 build(deps): bump pretty_assertions from 0.6.1 to 0.7.1 
Bumps [pretty_assertions](https://github.com/colin-kiegel/rust-pretty-assertions) from 0.6.1 to 0.7.1.
- [Release notes](https://github.com/colin-kiegel/rust-pretty-assertions/releases)
- [Changelog](https://github.com/colin-kiegel/rust-pretty-assertions/blob/main/CHANGELOG.md)
- [Commits](https://github.com/colin-kiegel/rust-pretty-assertions/compare/v0.6.1...v0.7.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-09 03:59:28 -05:00