poanetwork
/
quorum
mirror of https://github.com/poanetwork/quorum.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
4,790 Commits 22 Branches 24 Tags 156 MiB
Commit Graph

111 Commits

Author SHA1 Message Date
obscuren 688d118c7e Updated logging 2015-04-07 14:57:04 +02:00
Felix Lange a77c431e37 p2p/discover: fix off by one error causing buckets to contain duplicates 2015-04-01 17:00:12 +02:00
Felix Lange de7af720d6 p2p/discover: implement node bonding 
This a fix for an attack vector where the discovery protocol could be
used to amplify traffic in a DDOS attack. A malicious actor would send a
findnode request with the IP address and UDP port of the target as the
source address. The recipient of the findnode packet would then send a
neighbors packet (which is 16x the size of findnode) to the victim.

Our solution is to require a 'bond' with the sender of findnode. If no
bond exists, the findnode packet is not processed. A bond between nodes
α and β is created when α replies to a ping from β.

This (initial) version of the bonding implementation might still be
vulnerable against replay attacks during the expiration time window.
We will add stricter source address validation later.
 2015-04-01 17:00:12 +02:00
Felix Lange 92928309b2 p2p/discover: add version number to ping packet 
The primary motivation for doing this right now is that old PoC 8
nodes and newer PoC 9 nodes keep discovering each other, causing
handshake failures.
 2015-04-01 15:53:04 +02:00
zelig 9880f99ccb fix p2p/testlog_test 2015-03-23 16:41:41 +00:00
obscuren a7ad9c309b Merge branch 'develop' into conversion 2015-03-21 14:52:42 +01:00
obscuren 4f5b362bda %#x => %x 2015-03-20 12:52:03 +01:00
Felix Lange b9e0b11e7d p2p: interrupt MsgPipe payload read/write 
This is better because protocols might not actually read the payload for
some errors (msg too big, etc.) which can be a pain to test with the old
behaviour.
 2015-03-19 15:16:06 +01:00
Felix Lange a7bced779a p2p: log disconnect requests 
This helps a lot with debugging.
 2015-03-19 15:15:07 +01:00
Felix Lange 5ba51594c7 p2p: use package rlp to encode messages 
Message encoding functions have been renamed to catch any uses.
The switch to the new encoder can cause subtle incompatibilities.
If there are any users outside of our tree, they will at least be
alerted that there was a change.

NewMsg no longer exists. The replacements for EncodeMsg are called
Send and SendItems.
 2015-03-19 15:11:02 +01:00
Felix Lange 4811f460e7 p2p: export ExpectMsg (for eth protocol testing) 2015-03-19 15:08:04 +01:00
zelig b3e133dd15 Merge branch 'frontier/js' into frontier/nodeadmin.js 2015-03-16 22:50:29 +07:00
obscuren b523441361 Moved ethutil => common 2015-03-16 11:27:38 +01:00
zelig e150832734 p2p: server>discover table Self=Node exported 2015-03-15 13:38:41 +07:00
Taylor Gerring 485e37e889 Move MakeName to ethutil 2015-03-11 14:29:07 -05:00
Felix Lange 215c763d53 eth, p2p: delete p2p.Blacklist 
It is unused and untested right now. We can
bring it back later if required.
 2015-03-04 16:54:36 +01:00
Felix Lange 429828cd92 p2p: reject messages that cannot be written as simple RLPx frames 
Until chunked frames are implemented we cannot send messages
with a size overflowing uint24.
 2015-03-04 16:42:01 +01:00
Felix Lange 22659a7fea p2p: restore read/write timeouts 
They got lost in the transition to rlpxFrameRW.
 2015-03-04 16:42:00 +01:00
Felix Lange 7964f30dcb p2p: msg.Payload contains list data 
With RLPx frames, the message code is contained in the
frame and is no longer part of the encoded data.

EncodeMsg, Msg.Decode have been updated to match.
Code that decodes RLP directly from Msg.Payload will need
to change.
 2015-03-04 12:27:24 +01:00
Felix Lange 21649100b1 p2p: verify protocol handshake node ID 2015-03-04 12:27:24 +01:00
Felix Lange 7d39fd6678 p2p: make encryption handshake code easier to follow 
This mostly changes how information is passed around.
Instead of using many function parameters and return values,
put the entire state in a struct and pass that.

This also adds back derivation of ecdhe-shared-secret. I deleted
it by accident in a previous refactoring.
 2015-03-04 12:27:24 +01:00
Felix Lange 2c505efd1e p2p/discover: add NodeID.Pubkey 2015-03-04 12:27:24 +01:00
Felix Lange d344054e5a p2p: make RLPx frame MAC 16 bytes as defined in the spec 2015-03-04 12:27:24 +01:00
Felix Lange d084aed5e9 p2p: delete frameRW 2015-03-04 12:27:24 +01:00
Felix Lange 736e632215 p2p: use RLPx frames for messaging 2015-03-04 12:27:23 +01:00
Felix Lange 51e01cceca p2p: encrypted and authenticated RLPx frame I/O 2015-03-04 12:27:23 +01:00
Felix Lange 936dd0f3bc p2p: add basic RLPx frame I/O 2015-03-04 12:27:23 +01:00
Felix Lange 3719db352a p2p: emit JSON connect/disconnect events 2015-02-19 17:09:33 +01:00
Felix Lange dd871e791c p2p: initialize Server.ourHandshake before accepting connections 2015-02-19 17:08:18 +01:00
Felix Lange 3dbd32093c p2p: enable devp2p ping 
This should prevent connection drops.
 2015-02-19 16:54:54 +01:00
Felix Lange 73f94f3755 p2p: disable encryption handshake 
The diff is a bit bigger than expected because the protocol handshake
logic has moved out of Peer. This is necessary because the protocol
handshake will have custom framing in the final protocol.
 2015-02-19 16:54:53 +01:00
Jeffrey Wilcke c1d0693cb1 Merge pull request #325 from fjl/deps-cleanup 
Cleanup imports
 2015-02-17 23:19:45 +01:00
Felix Lange 7ea131d4ff p2p/discover: fix pending replies iteration 
Range expressions capture the length of the slice once before the first
iteration. A range expression cannot be used here since the loop
modifies the slice variable (including length changes).
 2015-02-17 15:21:39 +01:00
Felix Lange f965f41b6e p2p/nat: switch to github.com/huin/goupnp 
My temporary fix was merged upstream.
 2015-02-17 13:10:11 +01:00
Felix Lange 34d0e1b2c3 p2p: fix ecies dependency in tests 
We forgot to update this reference when moving ecies into the
go-ethereum repo.
 2015-02-17 12:04:20 +01:00
obscuren 09e53367a2 Use a mutex write-lock for a write operation 2015-02-15 02:13:24 +01:00
obscuren 65159d65c8 Merge branch 'develop' of github.com-obscure:ethereum/go-ethereum into develop 2015-02-14 00:27:46 +01:00
obscuren 84f7c966f7 Moved ECIES to repo & added secondary title for webview 
* ECIES moved from obscuren to ethereum
* Added html META[name=badge] to reflect menuItem.secondaryTitle
 2015-02-14 00:25:47 +01:00
Felix Lange 4bef3ce284 p2p: print Cap as name/version 2015-02-13 23:54:34 +01:00
Felix Lange 32a9c0ca80 p2p: bump devp2p protcol version to 3 
For compatibility with cpp-ethereum
 2015-02-13 15:08:40 +01:00
Felix Lange fd3e1061e0 p2p: handle disconnect before protocol handshake 2015-02-13 15:06:47 +01:00
Felix Lange cf754b9483 p2p/discover: fix race in ListenUDP 
udp.Table was assigned after the readLoop started, so
packets could arrive and be processed before the Table was there.
 2015-02-13 15:06:47 +01:00
Felix Lange 5cc1256fd6 p2p: ensure we don't dial ourself 
addPeer doesn't allow self connects, but we can avoid opening
connections in the first place.
 2015-02-13 15:06:47 +01:00
Felix Lange 7101f44998 p2p: add I/O timeout for encrytion handshake 2015-02-13 15:06:47 +01:00
Felix Lange 22ee366ed6 p2p: fix goroutine leak for invalid peers 
The deflect logic called Disconnect on the peer, but the peer never ran
and wouldn't process the disconnect request.
 2015-02-13 15:06:46 +01:00
Felix Lange 5110f80bba p2p: improve read deadlines 
There are now two deadlines, frameReadTimeout and payloadReadTimeout.

The frame timeout is longer and allows for connections that are idle.
The message timeout is still short and ensures that we don't get stuck
in the middle of a message.
 2015-02-13 14:44:00 +01:00
Felix Lange 170eb3ac68 p2p/discover: map listening port using configured mechanism 2015-02-13 11:39:32 +01:00
Felix Lange 82f0bd9009 p2p/discover: code review fixes 2015-02-13 11:39:31 +01:00
Felix Lange d0a2e655c9 cmd/ethereum, cmd/mist, eth, p2p: use package p2p/nat 
This deletes the old NAT implementation.
 2015-02-13 11:39:31 +01:00
Felix Lange 1543833ca0 p2p/nat: new package for port mapping stuff 
I have verified that UPnP and NAT-PMP work against an older version of
the MiniUPnP daemon running on pfSense. This code is kind of hard to
test automatically.
 2015-02-13 11:39:31 +01:00