From 2252fb91cd19832c8baa63a10aaf7ce32bb400f8 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Tue, 19 May 2015 10:07:23 +0200 Subject: [PATCH 01/10] [net] extend core functionallity for ban/unban/listban --- src/net.cpp | 27 +++++++++++++++++++++------ src/net.h | 5 ++++- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/net.cpp b/src/net.cpp index 42ac0e50e..51d1c5333 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -458,16 +458,31 @@ bool CNode::IsBanned(CNetAddr ip) return fResult; } -bool CNode::Ban(const CNetAddr &addr) { +bool CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) { int64_t banTime = GetTime()+GetArg("-bantime", 60*60*24); // Default 24-hour ban - { - LOCK(cs_setBanned); - if (setBanned[addr] < banTime) - setBanned[addr] = banTime; - } + if (bantimeoffset > 0) + banTime = GetTime()+bantimeoffset; + + LOCK(cs_setBanned); + if (setBanned[addr] < banTime) + setBanned[addr] = banTime; + return true; } +bool CNode::Unban(const CNetAddr &addr) { + LOCK(cs_setBanned); + if (setBanned.erase(addr)) + return true; + return false; +} + +void CNode::GetBanned(std::map &banMap) +{ + LOCK(cs_setBanned); + banMap = setBanned; //create a thread safe copy +} + std::vector CNode::vWhitelistedRange; CCriticalSection CNode::cs_vWhitelistedRange; diff --git a/src/net.h b/src/net.h index 938f2376f..dd6fca396 100644 --- a/src/net.h +++ b/src/net.h @@ -606,7 +606,10 @@ public: // new code. static void ClearBanned(); // needed for unit testing static bool IsBanned(CNetAddr ip); - static bool Ban(const CNetAddr &ip); + static bool Ban(const CNetAddr &ip, int64_t bantimeoffset = 0); + static bool Unban(const CNetAddr &ip); + static void GetBanned(std::map &banmap); + void copyStats(CNodeStats &stats); static bool IsWhitelistedRange(const CNetAddr &ip); From d930b26a264ed7eae6ce239f3bfb4ff023df8195 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Tue, 19 May 2015 10:07:46 +0200 Subject: [PATCH 02/10] [RPC] add setban/listbanned/clearbanned RPC commands --- src/rpcclient.cpp | 1 + src/rpcnet.cpp | 89 +++++++++++++++++++++++++++++++++++++++++++++++ src/rpcserver.cpp | 3 ++ src/rpcserver.h | 3 ++ 4 files changed, 96 insertions(+) diff --git a/src/rpcclient.cpp b/src/rpcclient.cpp index f254da5de..1cc516e7b 100644 --- a/src/rpcclient.cpp +++ b/src/rpcclient.cpp @@ -93,6 +93,7 @@ static const CRPCConvertParam vRPCConvertParams[] = { "estimatepriority", 0 }, { "prioritisetransaction", 1 }, { "prioritisetransaction", 2 }, + { "setban", 2 }, }; class CRPCConvertTable diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index aeaf54814..6157a2d0a 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -465,3 +465,92 @@ UniValue getnetworkinfo(const UniValue& params, bool fHelp) obj.push_back(Pair("warnings", GetWarnings("statusbar"))); return obj; } + +Value setban(const Array& params, bool fHelp) +{ + string strCommand; + if (params.size() >= 2) + strCommand = params[1].get_str(); + if (fHelp || params.size() < 2 || + (strCommand != "add" && strCommand != "remove")) + throw runtime_error( + "setban \"node\" \"add|remove\" (bantime)\n" + "\nAttempts add or remove a IP from the banned list.\n" + "\nArguments:\n" + "1. \"ip\" (string, required) The IP (see getpeerinfo for nodes ip)\n" + "2. \"command\" (string, required) 'add' to add a IP to the list, 'remove' to remove a IP from the list\n" + "1. \"bantime\" (numeric, optional) time in seconds how long the ip is banned (0 or empty means using the default time of 24h which can also be overwritten by the -bantime startup argument)\n" + "\nExamples:\n" + + HelpExampleCli("setban", "\"192.168.0.6\" \"add\" 86400") + + HelpExampleRpc("setban", "\"192.168.0.6\", \"add\" 86400") + ); + + CNetAddr netAddr(params[0].get_str()); + if (!netAddr.IsValid()) + throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Invalid IP Address"); + + if (strCommand == "add") + { + if (CNode::IsBanned(netAddr)) + throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: IP already banned"); + + int64_t banTime = 0; //use standard bantime if not specified + if (params.size() == 3 && !params[2].is_null()) + banTime = params[2].get_int64(); + + CNode::Ban(netAddr, banTime); + + //disconnect possible nodes + while(CNode *bannedNode = FindNode(netAddr)) + bannedNode->CloseSocketDisconnect(); + } + else if(strCommand == "remove") + { + if (!CNode::Unban(netAddr)) + throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Unban failed"); + } + + return Value::null; +} + +Value listbanned(const Array& params, bool fHelp) +{ + if (fHelp || params.size() != 0) + throw runtime_error( + "listbanned\n" + "\nList all banned IPs.\n" + "\nExamples:\n" + + HelpExampleCli("listbanned", "") + + HelpExampleRpc("listbanned", "") + ); + + std::map banMap; + CNode::GetBanned(banMap); + + Array bannedAddresses; + for (std::map::iterator it = banMap.begin(); it != banMap.end(); it++) + { + Object rec; + rec.push_back(Pair("address", (*it).first.ToString())); + rec.push_back(Pair("bannedtill", (*it).second)); + bannedAddresses.push_back(rec); + } + + return bannedAddresses; +} + +Value clearbanned(const Array& params, bool fHelp) +{ + if (fHelp || params.size() != 0) + throw runtime_error( + "clearbanned\n" + "\nClear all banned IPs.\n" + "\nExamples:\n" + + HelpExampleCli("clearbanned", "") + + HelpExampleRpc("clearbanned", "") + ); + + CNode::ClearBanned(); + + return Value::null; +} diff --git a/src/rpcserver.cpp b/src/rpcserver.cpp index c27bba519..6d089c673 100644 --- a/src/rpcserver.cpp +++ b/src/rpcserver.cpp @@ -279,6 +279,9 @@ static const CRPCCommand vRPCCommands[] = { "network", "getnettotals", &getnettotals, true }, { "network", "getpeerinfo", &getpeerinfo, true }, { "network", "ping", &ping, true }, + { "network", "setban", &setban, true }, + { "network", "listbanned", &listbanned, true }, + { "network", "clearbanned", &clearbanned, true }, /* Block chain and UTXO */ { "blockchain", "getblockchaininfo", &getblockchaininfo, true }, diff --git a/src/rpcserver.h b/src/rpcserver.h index fdd871d0b..2b3a59a7b 100644 --- a/src/rpcserver.h +++ b/src/rpcserver.h @@ -154,6 +154,9 @@ extern UniValue addnode(const UniValue& params, bool fHelp); extern UniValue disconnectnode(const UniValue& params, bool fHelp); extern UniValue getaddednodeinfo(const UniValue& params, bool fHelp); extern UniValue getnettotals(const UniValue& params, bool fHelp); +extern UniValue setban(const json_spirit::Array& params, bool fHelp); +extern UniValue listbanned(const json_spirit::Array& params, bool fHelp); +extern UniValue clearbanned(const json_spirit::Array& params, bool fHelp); extern UniValue dumpprivkey(const UniValue& params, bool fHelp); // in rpcdump.cpp extern UniValue importprivkey(const UniValue& params, bool fHelp); From 1086ffba2639098558422935eba1cae9983dd913 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Tue, 19 May 2015 10:20:31 +0200 Subject: [PATCH 03/10] [QA] add setban/listbanned/clearbanned tests --- qa/rpc-tests/httpbasics.py | 43 ++++++++++++++++++++++++-------------- src/test/rpc_tests.cpp | 9 ++++++++ 2 files changed, 36 insertions(+), 16 deletions(-) diff --git a/qa/rpc-tests/httpbasics.py b/qa/rpc-tests/httpbasics.py index 64ba49df6..f35fe27dd 100755 --- a/qa/rpc-tests/httpbasics.py +++ b/qa/rpc-tests/httpbasics.py @@ -20,83 +20,94 @@ try: except ImportError: import urlparse -class HTTPBasicsTest (BitcoinTestFramework): +class HTTPBasicsTest (BitcoinTestFramework): def setup_nodes(self): return start_nodes(4, self.options.tmpdir, extra_args=[['-rpckeepalive=1'], ['-rpckeepalive=0'], [], []]) - def run_test(self): - + def run_test(self): + ################################################# # lowlevel check for http persistent connection # ################################################# url = urlparse.urlparse(self.nodes[0].url) authpair = url.username + ':' + url.password headers = {"Authorization": "Basic " + base64.b64encode(authpair)} - + conn = httplib.HTTPConnection(url.hostname, url.port) conn.connect() conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) out1 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) assert_equal(conn.sock!=None, True) #according to http/1.1 connection must still be open! - + #send 2nd request without closing connection conn.request('POST', '/', '{"method": "getchaintips"}', headers) out2 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) #must also response with a correct json-rpc message assert_equal(conn.sock!=None, True) #according to http/1.1 connection must still be open! conn.close() - + #same should be if we add keep-alive because this should be the std. behaviour headers = {"Authorization": "Basic " + base64.b64encode(authpair), "Connection": "keep-alive"} - + conn = httplib.HTTPConnection(url.hostname, url.port) conn.connect() conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) out1 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) assert_equal(conn.sock!=None, True) #according to http/1.1 connection must still be open! - + #send 2nd request without closing connection conn.request('POST', '/', '{"method": "getchaintips"}', headers) out2 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) #must also response with a correct json-rpc message assert_equal(conn.sock!=None, True) #according to http/1.1 connection must still be open! conn.close() - + #now do the same with "Connection: close" headers = {"Authorization": "Basic " + base64.b64encode(authpair), "Connection":"close"} - + conn = httplib.HTTPConnection(url.hostname, url.port) conn.connect() conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) out1 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) - assert_equal(conn.sock!=None, False) #now the connection must be closed after the response - + assert_equal(conn.sock!=None, False) #now the connection must be closed after the response + #node1 (2nd node) is running with disabled keep-alive option urlNode1 = urlparse.urlparse(self.nodes[1].url) authpair = urlNode1.username + ':' + urlNode1.password headers = {"Authorization": "Basic " + base64.b64encode(authpair)} - + conn = httplib.HTTPConnection(urlNode1.hostname, urlNode1.port) conn.connect() conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) out1 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) assert_equal(conn.sock!=None, False) #connection must be closed because keep-alive was set to false - + #node2 (third node) is running with standard keep-alive parameters which means keep-alive is off urlNode2 = urlparse.urlparse(self.nodes[2].url) authpair = urlNode2.username + ':' + urlNode2.password headers = {"Authorization": "Basic " + base64.b64encode(authpair)} - + conn = httplib.HTTPConnection(urlNode2.hostname, urlNode2.port) conn.connect() conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) out1 = conn.getresponse().read(); assert_equal('"error":null' in out1, True) assert_equal(conn.sock!=None, True) #connection must be closed because bitcoind should use keep-alive by default - + + ########################### + # setban/listbanned tests # + ########################### + assert_equal(len(self.nodes[2].getpeerinfo()), 4); #we should have 4 nodes at this point + self.nodes[2].setban("127.0.0.1", "add") + time.sleep(3) #wait till the nodes are disconected + assert_equal(len(self.nodes[2].getpeerinfo()), 0); #all nodes must be disconnected at this point + assert_equal(len(self.nodes[2].listbanned()), 1); + self.nodes[2].clearbanned() + assert_equal(len(self.nodes[2].listbanned()), 0); + if __name__ == '__main__': HTTPBasicsTest ().main () diff --git a/src/test/rpc_tests.cpp b/src/test/rpc_tests.cpp index 08f988fdb..3cec4b76d 100644 --- a/src/test/rpc_tests.cpp +++ b/src/test/rpc_tests.cpp @@ -177,4 +177,13 @@ BOOST_AUTO_TEST_CASE(rpc_boostasiotocnetaddr) BOOST_CHECK_EQUAL(BoostAsioToCNetAddr(boost::asio::ip::address::from_string("::ffff:127.0.0.1")).ToString(), "127.0.0.1"); } +BOOST_AUTO_TEST_CASE(rpc_ban) +{ + BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.1 add"))); + BOOST_CHECK_THROW(CallRPC(string("setban 127.0.0.1:8334")), runtime_error); //portnumber for setban not allowed + BOOST_CHECK_NO_THROW(CallRPC(string("listbanned"))); + BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.1 remove"))); + BOOST_CHECK_NO_THROW(CallRPC(string("clearbanned"))); +} + BOOST_AUTO_TEST_SUITE_END() From e8b93473f12ec901f965cd244a7437646ee66c43 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Tue, 19 May 2015 17:15:25 +0200 Subject: [PATCH 04/10] [net] remove unused return type bool from CNode::Ban() --- src/net.cpp | 4 +--- src/net.h | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/net.cpp b/src/net.cpp index 51d1c5333..a065bb29b 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -458,7 +458,7 @@ bool CNode::IsBanned(CNetAddr ip) return fResult; } -bool CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) { +void CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) { int64_t banTime = GetTime()+GetArg("-bantime", 60*60*24); // Default 24-hour ban if (bantimeoffset > 0) banTime = GetTime()+bantimeoffset; @@ -466,8 +466,6 @@ bool CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) { LOCK(cs_setBanned); if (setBanned[addr] < banTime) setBanned[addr] = banTime; - - return true; } bool CNode::Unban(const CNetAddr &addr) { diff --git a/src/net.h b/src/net.h index dd6fca396..ee3da16aa 100644 --- a/src/net.h +++ b/src/net.h @@ -606,7 +606,7 @@ public: // new code. static void ClearBanned(); // needed for unit testing static bool IsBanned(CNetAddr ip); - static bool Ban(const CNetAddr &ip, int64_t bantimeoffset = 0); + static void Ban(const CNetAddr &ip, int64_t bantimeoffset = 0); static bool Unban(const CNetAddr &ip); static void GetBanned(std::map &banmap); From 433fb1a95d7a96a033d7454e198d274e92108865 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Mon, 25 May 2015 20:03:51 +0200 Subject: [PATCH 05/10] [RPC] extend setban to allow subnets --- qa/rpc-tests/httpbasics.py | 25 +++++++++++++++---- src/net.cpp | 50 ++++++++++++++++++++++++++++++++------ src/net.h | 8 ++++-- src/netbase.cpp | 5 ++++ src/netbase.h | 1 + src/rpcnet.cpp | 44 +++++++++++++++++++++------------ src/test/rpc_tests.cpp | 40 +++++++++++++++++++++++++++--- 7 files changed, 139 insertions(+), 34 deletions(-) diff --git a/qa/rpc-tests/httpbasics.py b/qa/rpc-tests/httpbasics.py index f35fe27dd..6d6ef9df7 100755 --- a/qa/rpc-tests/httpbasics.py +++ b/qa/rpc-tests/httpbasics.py @@ -101,13 +101,28 @@ class HTTPBasicsTest (BitcoinTestFramework): ########################### # setban/listbanned tests # ########################### - assert_equal(len(self.nodes[2].getpeerinfo()), 4); #we should have 4 nodes at this point + assert_equal(len(self.nodes[2].getpeerinfo()), 4) #we should have 4 nodes at this point self.nodes[2].setban("127.0.0.1", "add") time.sleep(3) #wait till the nodes are disconected - assert_equal(len(self.nodes[2].getpeerinfo()), 0); #all nodes must be disconnected at this point - assert_equal(len(self.nodes[2].listbanned()), 1); + assert_equal(len(self.nodes[2].getpeerinfo()), 0) #all nodes must be disconnected at this point + assert_equal(len(self.nodes[2].listbanned()), 1) self.nodes[2].clearbanned() - assert_equal(len(self.nodes[2].listbanned()), 0); - + assert_equal(len(self.nodes[2].listbanned()), 0) + self.nodes[2].setban("127.0.0.0/24", "add") + assert_equal(len(self.nodes[2].listbanned()), 1) + try: + self.nodes[2].setban("127.0.0.1", "add") #throws exception because 127.0.0.1 is within range 127.0.0.0/24 + except: + pass + assert_equal(len(self.nodes[2].listbanned()), 1) #still only one banned ip because 127.0.0.1 is within the range of 127.0.0.0/24 + try: + self.nodes[2].setban("127.0.0.1", "remove") + except: + pass + assert_equal(len(self.nodes[2].listbanned()), 1) + self.nodes[2].setban("127.0.0.0/24", "remove") + assert_equal(len(self.nodes[2].listbanned()), 0) + self.nodes[2].clearbanned() + assert_equal(len(self.nodes[2].listbanned()), 0) if __name__ == '__main__': HTTPBasicsTest ().main () diff --git a/src/net.cpp b/src/net.cpp index a065bb29b..3ba2379ea 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -332,6 +332,15 @@ CNode* FindNode(const CNetAddr& ip) return NULL; } +CNode* FindNode(const CSubNet& subNet) +{ + LOCK(cs_vNodes); + BOOST_FOREACH(CNode* pnode, vNodes) + if (subNet.Match((CNetAddr)pnode->addr)) + return (pnode); + return NULL; +} + CNode* FindNode(const std::string& addrName) { LOCK(cs_vNodes); @@ -434,7 +443,7 @@ void CNode::PushVersion() -std::map CNode::setBanned; +std::map CNode::setBanned; CCriticalSection CNode::cs_setBanned; void CNode::ClearBanned() @@ -447,7 +456,24 @@ bool CNode::IsBanned(CNetAddr ip) bool fResult = false; { LOCK(cs_setBanned); - std::map::iterator i = setBanned.find(ip); + for (std::map::iterator it = setBanned.begin(); it != setBanned.end(); it++) + { + CSubNet subNet = (*it).first; + int64_t t = (*it).second; + + if(subNet.Match(ip) && GetTime() < t) + fResult = true; + } + } + return fResult; +} + +bool CNode::IsBanned(CSubNet subnet) +{ + bool fResult = false; + { + LOCK(cs_setBanned); + std::map::iterator i = setBanned.find(subnet); if (i != setBanned.end()) { int64_t t = (*i).second; @@ -458,24 +484,34 @@ bool CNode::IsBanned(CNetAddr ip) return fResult; } -void CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) { +void CNode::Ban(const CNetAddr& addr, int64_t bantimeoffset) { + CSubNet subNet(addr.ToString()+(addr.IsIPv4() ? "/32" : "/128")); + Ban(subNet, bantimeoffset); +} + +void CNode::Ban(const CSubNet& subNet, int64_t bantimeoffset) { int64_t banTime = GetTime()+GetArg("-bantime", 60*60*24); // Default 24-hour ban if (bantimeoffset > 0) banTime = GetTime()+bantimeoffset; LOCK(cs_setBanned); - if (setBanned[addr] < banTime) - setBanned[addr] = banTime; + if (setBanned[subNet] < banTime) + setBanned[subNet] = banTime; } bool CNode::Unban(const CNetAddr &addr) { + CSubNet subNet(addr.ToString()+(addr.IsIPv4() ? "/32" : "/128")); + return Unban(subNet); +} + +bool CNode::Unban(const CSubNet &subNet) { LOCK(cs_setBanned); - if (setBanned.erase(addr)) + if (setBanned.erase(subNet)) return true; return false; } -void CNode::GetBanned(std::map &banMap) +void CNode::GetBanned(std::map &banMap) { LOCK(cs_setBanned); banMap = setBanned; //create a thread safe copy diff --git a/src/net.h b/src/net.h index ee3da16aa..d800aa22c 100644 --- a/src/net.h +++ b/src/net.h @@ -66,6 +66,7 @@ unsigned int SendBufferSize(); void AddOneShot(const std::string& strDest); void AddressCurrentlyConnected(const CService& addr); CNode* FindNode(const CNetAddr& ip); +CNode* FindNode(const CSubNet& subNet); CNode* FindNode(const std::string& addrName); CNode* FindNode(const CService& ip); CNode* ConnectNode(CAddress addrConnect, const char *pszDest = NULL); @@ -284,7 +285,7 @@ protected: // Denial-of-service detection/prevention // Key is IP address, value is banned-until-time - static std::map setBanned; + static std::map setBanned; static CCriticalSection cs_setBanned; // Whitelisted ranges. Any node connecting from these is automatically @@ -606,9 +607,12 @@ public: // new code. static void ClearBanned(); // needed for unit testing static bool IsBanned(CNetAddr ip); + static bool IsBanned(CSubNet subnet); static void Ban(const CNetAddr &ip, int64_t bantimeoffset = 0); + static void Ban(const CSubNet &subNet, int64_t bantimeoffset = 0); static bool Unban(const CNetAddr &ip); - static void GetBanned(std::map &banmap); + static bool Unban(const CSubNet &ip); + static void GetBanned(std::map &banmap); void copyStats(CNodeStats &stats); diff --git a/src/netbase.cpp b/src/netbase.cpp index e3cb4e706..b7c77fda6 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -1330,6 +1330,11 @@ bool operator!=(const CSubNet& a, const CSubNet& b) return !(a==b); } +bool operator<(const CSubNet& a, const CSubNet& b) +{ + return (a.network < b.network || (a.network == b.network && memcmp(a.netmask, b.netmask, 16))); +} + #ifdef WIN32 std::string NetworkErrorString(int err) { diff --git a/src/netbase.h b/src/netbase.h index 1f2957116..27f0eac2a 100644 --- a/src/netbase.h +++ b/src/netbase.h @@ -125,6 +125,7 @@ class CSubNet friend bool operator==(const CSubNet& a, const CSubNet& b); friend bool operator!=(const CSubNet& a, const CSubNet& b); + friend bool operator<(const CSubNet& a, const CSubNet& b); }; /** A combination of a network address (CNetAddr) and a (TCP) port */ diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index 6157a2d0a..e6c33e1d0 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -474,39 +474,51 @@ Value setban(const Array& params, bool fHelp) if (fHelp || params.size() < 2 || (strCommand != "add" && strCommand != "remove")) throw runtime_error( - "setban \"node\" \"add|remove\" (bantime)\n" - "\nAttempts add or remove a IP from the banned list.\n" + "setban \"ip(/netmask)\" \"add|remove\" (bantime)\n" + "\nAttempts add or remove a IP/Subnet from the banned list.\n" "\nArguments:\n" - "1. \"ip\" (string, required) The IP (see getpeerinfo for nodes ip)\n" - "2. \"command\" (string, required) 'add' to add a IP to the list, 'remove' to remove a IP from the list\n" - "1. \"bantime\" (numeric, optional) time in seconds how long the ip is banned (0 or empty means using the default time of 24h which can also be overwritten by the -bantime startup argument)\n" + "1. \"ip(/netmask)\" (string, required) The IP/Subnet (see getpeerinfo for nodes ip) with a optional netmask (default is /32 = single ip)\n" + "2. \"command\" (string, required) 'add' to add a IP/Subnet to the list, 'remove' to remove a IP/Subnet from the list\n" + "1. \"bantime\" (numeric, optional) time in seconds how long the ip is banned (0 or empty means using the default time of 24h which can also be overwritten by the -bantime startup argument)\n" "\nExamples:\n" + HelpExampleCli("setban", "\"192.168.0.6\" \"add\" 86400") + + HelpExampleCli("setban", "\"192.168.0.0/24\" \"add\"") + HelpExampleRpc("setban", "\"192.168.0.6\", \"add\" 86400") ); - CNetAddr netAddr(params[0].get_str()); - if (!netAddr.IsValid()) - throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Invalid IP Address"); + CSubNet subNet; + CNetAddr netAddr; + bool isSubnet = false; + + if (params[0].get_str().find("/") != string::npos) + isSubnet = true; + + if (!isSubnet) + netAddr = CNetAddr(params[0].get_str()); + else + subNet = CSubNet(params[0].get_str()); + + if (! (isSubnet ? subNet.IsValid() : netAddr.IsValid()) ) + throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Invalid IP/Subnet"); if (strCommand == "add") { - if (CNode::IsBanned(netAddr)) - throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: IP already banned"); + if (isSubnet ? CNode::IsBanned(subNet) : CNode::IsBanned(netAddr)) + throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: IP/Subnet already banned"); int64_t banTime = 0; //use standard bantime if not specified if (params.size() == 3 && !params[2].is_null()) banTime = params[2].get_int64(); - CNode::Ban(netAddr, banTime); + isSubnet ? CNode::Ban(subNet, banTime) : CNode::Ban(netAddr, banTime); //disconnect possible nodes - while(CNode *bannedNode = FindNode(netAddr)) + while(CNode *bannedNode = (isSubnet ? FindNode(subNet) : FindNode(netAddr))) bannedNode->CloseSocketDisconnect(); } else if(strCommand == "remove") { - if (!CNode::Unban(netAddr)) + if (!( isSubnet ? CNode::Unban(subNet) : CNode::Unban(netAddr) )) throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Unban failed"); } @@ -518,17 +530,17 @@ Value listbanned(const Array& params, bool fHelp) if (fHelp || params.size() != 0) throw runtime_error( "listbanned\n" - "\nList all banned IPs.\n" + "\nList all banned IPs/Subnets.\n" "\nExamples:\n" + HelpExampleCli("listbanned", "") + HelpExampleRpc("listbanned", "") ); - std::map banMap; + std::map banMap; CNode::GetBanned(banMap); Array bannedAddresses; - for (std::map::iterator it = banMap.begin(); it != banMap.end(); it++) + for (std::map::iterator it = banMap.begin(); it != banMap.end(); it++) { Object rec; rec.push_back(Pair("address", (*it).first.ToString())); diff --git a/src/test/rpc_tests.cpp b/src/test/rpc_tests.cpp index 3cec4b76d..26588a43e 100644 --- a/src/test/rpc_tests.cpp +++ b/src/test/rpc_tests.cpp @@ -179,11 +179,43 @@ BOOST_AUTO_TEST_CASE(rpc_boostasiotocnetaddr) BOOST_AUTO_TEST_CASE(rpc_ban) { - BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.1 add"))); - BOOST_CHECK_THROW(CallRPC(string("setban 127.0.0.1:8334")), runtime_error); //portnumber for setban not allowed - BOOST_CHECK_NO_THROW(CallRPC(string("listbanned"))); - BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.1 remove"))); BOOST_CHECK_NO_THROW(CallRPC(string("clearbanned"))); + + Value r; + BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0 add"))); + BOOST_CHECK_THROW(r = CallRPC(string("setban 127.0.0.0:8334")), runtime_error); //portnumber for setban not allowed + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + Array ar = r.get_array(); + Object o1 = ar[0].get_obj(); + Value adr = find_value(o1, "address"); + BOOST_CHECK_EQUAL(adr.get_str(), "127.0.0.0/255.255.255.255"); + BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.0 remove")));; + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + ar = r.get_array(); + BOOST_CHECK_EQUAL(ar.size(), 0); + + BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0/24 add"))); + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + ar = r.get_array(); + o1 = ar[0].get_obj(); + adr = find_value(o1, "address"); + BOOST_CHECK_EQUAL(adr.get_str(), "127.0.0.0/255.255.255.0"); + + // must throw an exception because 127.0.0.1 is in already banned suubnet range + BOOST_CHECK_THROW(r = CallRPC(string("setban 127.0.0.1 add")), runtime_error); + + BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.0/24 remove")));; + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + ar = r.get_array(); + BOOST_CHECK_EQUAL(ar.size(), 0); + + BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0/255.255.0.0 add"))); + BOOST_CHECK_THROW(r = CallRPC(string("setban 127.0.1.1 add")), runtime_error); + + BOOST_CHECK_NO_THROW(CallRPC(string("clearbanned"))); + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + ar = r.get_array(); + BOOST_CHECK_EQUAL(ar.size(), 0); } BOOST_AUTO_TEST_SUITE_END() From 3de24d7647db2b9167cee25549c3c603582e19e6 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 12 Jun 2015 17:42:32 +0200 Subject: [PATCH 06/10] rename json field "bannedtill" to "banned_until" --- src/rpcnet.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index e6c33e1d0..35ef92ecf 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -544,7 +544,7 @@ Value listbanned(const Array& params, bool fHelp) { Object rec; rec.push_back(Pair("address", (*it).first.ToString())); - rec.push_back(Pair("bannedtill", (*it).second)); + rec.push_back(Pair("banned_untill", (*it).second)); bannedAddresses.push_back(rec); } From 4e36e9bcc7d071bba4c45fd89c0cfd2e2361ffe3 Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 12 Jun 2015 18:31:47 +0200 Subject: [PATCH 07/10] setban: rewrite to UniValue, allow absolute bantime --- src/net.cpp | 8 ++++---- src/net.h | 4 ++-- src/rpcclient.cpp | 1 + src/rpcnet.cpp | 27 ++++++++++++++++----------- src/rpcserver.h | 6 +++--- src/test/rpc_tests.cpp | 25 ++++++++++++++++++++----- 6 files changed, 46 insertions(+), 25 deletions(-) diff --git a/src/net.cpp b/src/net.cpp index 3ba2379ea..6b8a0a2b1 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -484,15 +484,15 @@ bool CNode::IsBanned(CSubNet subnet) return fResult; } -void CNode::Ban(const CNetAddr& addr, int64_t bantimeoffset) { +void CNode::Ban(const CNetAddr& addr, int64_t bantimeoffset, bool sinceUnixEpoch) { CSubNet subNet(addr.ToString()+(addr.IsIPv4() ? "/32" : "/128")); - Ban(subNet, bantimeoffset); + Ban(subNet, bantimeoffset, sinceUnixEpoch); } -void CNode::Ban(const CSubNet& subNet, int64_t bantimeoffset) { +void CNode::Ban(const CSubNet& subNet, int64_t bantimeoffset, bool sinceUnixEpoch) { int64_t banTime = GetTime()+GetArg("-bantime", 60*60*24); // Default 24-hour ban if (bantimeoffset > 0) - banTime = GetTime()+bantimeoffset; + banTime = (sinceUnixEpoch ? 0 : GetTime() )+bantimeoffset; LOCK(cs_setBanned); if (setBanned[subNet] < banTime) diff --git a/src/net.h b/src/net.h index d800aa22c..69e4c592a 100644 --- a/src/net.h +++ b/src/net.h @@ -608,8 +608,8 @@ public: static void ClearBanned(); // needed for unit testing static bool IsBanned(CNetAddr ip); static bool IsBanned(CSubNet subnet); - static void Ban(const CNetAddr &ip, int64_t bantimeoffset = 0); - static void Ban(const CSubNet &subNet, int64_t bantimeoffset = 0); + static void Ban(const CNetAddr &ip, int64_t bantimeoffset = 0, bool sinceUnixEpoch = false); + static void Ban(const CSubNet &subNet, int64_t bantimeoffset = 0, bool sinceUnixEpoch = false); static bool Unban(const CNetAddr &ip); static bool Unban(const CSubNet &ip); static void GetBanned(std::map &banmap); diff --git a/src/rpcclient.cpp b/src/rpcclient.cpp index 1cc516e7b..1d94e4f61 100644 --- a/src/rpcclient.cpp +++ b/src/rpcclient.cpp @@ -94,6 +94,7 @@ static const CRPCConvertParam vRPCConvertParams[] = { "prioritisetransaction", 1 }, { "prioritisetransaction", 2 }, { "setban", 2 }, + { "setban", 3 }, }; class CRPCConvertTable diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index 35ef92ecf..97d5ccbff 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -466,7 +466,7 @@ UniValue getnetworkinfo(const UniValue& params, bool fHelp) return obj; } -Value setban(const Array& params, bool fHelp) +UniValue setban(const UniValue& params, bool fHelp) { string strCommand; if (params.size() >= 2) @@ -474,12 +474,13 @@ Value setban(const Array& params, bool fHelp) if (fHelp || params.size() < 2 || (strCommand != "add" && strCommand != "remove")) throw runtime_error( - "setban \"ip(/netmask)\" \"add|remove\" (bantime)\n" + "setban \"ip(/netmask)\" \"add|remove\" (bantime) (absolute)\n" "\nAttempts add or remove a IP/Subnet from the banned list.\n" "\nArguments:\n" "1. \"ip(/netmask)\" (string, required) The IP/Subnet (see getpeerinfo for nodes ip) with a optional netmask (default is /32 = single ip)\n" "2. \"command\" (string, required) 'add' to add a IP/Subnet to the list, 'remove' to remove a IP/Subnet from the list\n" - "1. \"bantime\" (numeric, optional) time in seconds how long the ip is banned (0 or empty means using the default time of 24h which can also be overwritten by the -bantime startup argument)\n" + "3. \"bantime\" (numeric, optional) time in seconds how long (or until when if [absolute] is set) the ip is banned (0 or empty means using the default time of 24h which can also be overwritten by the -bantime startup argument)\n" + "4. \"absolute\" (boolean, optional) If set, the bantime must be a absolute timestamp in seconds since epoch (Jan 1 1970 GMT)\n" "\nExamples:\n" + HelpExampleCli("setban", "\"192.168.0.6\" \"add\" 86400") + HelpExampleCli("setban", "\"192.168.0.0/24\" \"add\"") @@ -507,10 +508,14 @@ Value setban(const Array& params, bool fHelp) throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: IP/Subnet already banned"); int64_t banTime = 0; //use standard bantime if not specified - if (params.size() == 3 && !params[2].is_null()) + if (params.size() >= 3 && !params[2].isNull()) banTime = params[2].get_int64(); - isSubnet ? CNode::Ban(subNet, banTime) : CNode::Ban(netAddr, banTime); + bool absolute = false; + if (params.size() == 4 && params[3].isTrue()) + absolute = true; + + isSubnet ? CNode::Ban(subNet, banTime, absolute) : CNode::Ban(netAddr, banTime, absolute); //disconnect possible nodes while(CNode *bannedNode = (isSubnet ? FindNode(subNet) : FindNode(netAddr))) @@ -522,10 +527,10 @@ Value setban(const Array& params, bool fHelp) throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Unban failed"); } - return Value::null; + return NullUniValue; } -Value listbanned(const Array& params, bool fHelp) +UniValue listbanned(const UniValue& params, bool fHelp) { if (fHelp || params.size() != 0) throw runtime_error( @@ -539,10 +544,10 @@ Value listbanned(const Array& params, bool fHelp) std::map banMap; CNode::GetBanned(banMap); - Array bannedAddresses; + UniValue bannedAddresses(UniValue::VARR); for (std::map::iterator it = banMap.begin(); it != banMap.end(); it++) { - Object rec; + UniValue rec(UniValue::VOBJ); rec.push_back(Pair("address", (*it).first.ToString())); rec.push_back(Pair("banned_untill", (*it).second)); bannedAddresses.push_back(rec); @@ -551,7 +556,7 @@ Value listbanned(const Array& params, bool fHelp) return bannedAddresses; } -Value clearbanned(const Array& params, bool fHelp) +UniValue clearbanned(const UniValue& params, bool fHelp) { if (fHelp || params.size() != 0) throw runtime_error( @@ -564,5 +569,5 @@ Value clearbanned(const Array& params, bool fHelp) CNode::ClearBanned(); - return Value::null; + return NullUniValue; } diff --git a/src/rpcserver.h b/src/rpcserver.h index 2b3a59a7b..d08ae72f5 100644 --- a/src/rpcserver.h +++ b/src/rpcserver.h @@ -154,9 +154,9 @@ extern UniValue addnode(const UniValue& params, bool fHelp); extern UniValue disconnectnode(const UniValue& params, bool fHelp); extern UniValue getaddednodeinfo(const UniValue& params, bool fHelp); extern UniValue getnettotals(const UniValue& params, bool fHelp); -extern UniValue setban(const json_spirit::Array& params, bool fHelp); -extern UniValue listbanned(const json_spirit::Array& params, bool fHelp); -extern UniValue clearbanned(const json_spirit::Array& params, bool fHelp); +extern UniValue setban(const UniValue& params, bool fHelp); +extern UniValue listbanned(const UniValue& params, bool fHelp); +extern UniValue clearbanned(const UniValue& params, bool fHelp); extern UniValue dumpprivkey(const UniValue& params, bool fHelp); // in rpcdump.cpp extern UniValue importprivkey(const UniValue& params, bool fHelp); diff --git a/src/test/rpc_tests.cpp b/src/test/rpc_tests.cpp index 26588a43e..e60281949 100644 --- a/src/test/rpc_tests.cpp +++ b/src/test/rpc_tests.cpp @@ -181,25 +181,40 @@ BOOST_AUTO_TEST_CASE(rpc_ban) { BOOST_CHECK_NO_THROW(CallRPC(string("clearbanned"))); - Value r; + UniValue r; BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0 add"))); BOOST_CHECK_THROW(r = CallRPC(string("setban 127.0.0.0:8334")), runtime_error); //portnumber for setban not allowed BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); - Array ar = r.get_array(); - Object o1 = ar[0].get_obj(); - Value adr = find_value(o1, "address"); + UniValue ar = r.get_array(); + UniValue o1 = ar[0].get_obj(); + UniValue adr = find_value(o1, "address"); BOOST_CHECK_EQUAL(adr.get_str(), "127.0.0.0/255.255.255.255"); BOOST_CHECK_NO_THROW(CallRPC(string("setban 127.0.0.0 remove")));; BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); ar = r.get_array(); BOOST_CHECK_EQUAL(ar.size(), 0); - BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0/24 add"))); + BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0/24 add 1607731200 true"))); BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); ar = r.get_array(); o1 = ar[0].get_obj(); adr = find_value(o1, "address"); + UniValue banned_until = find_value(o1, "banned_untill"); BOOST_CHECK_EQUAL(adr.get_str(), "127.0.0.0/255.255.255.0"); + BOOST_CHECK_EQUAL(banned_until.get_int64(), 1607731200); // absolute time check + + BOOST_CHECK_NO_THROW(CallRPC(string("clearbanned"))); + + BOOST_CHECK_NO_THROW(r = CallRPC(string("setban 127.0.0.0/24 add 200"))); + BOOST_CHECK_NO_THROW(r = CallRPC(string("listbanned"))); + ar = r.get_array(); + o1 = ar[0].get_obj(); + adr = find_value(o1, "address"); + banned_until = find_value(o1, "banned_untill"); + BOOST_CHECK_EQUAL(adr.get_str(), "127.0.0.0/255.255.255.0"); + int64_t now = GetTime(); + BOOST_CHECK(banned_until.get_int64() > now); + BOOST_CHECK(banned_until.get_int64()-now <= 200); // must throw an exception because 127.0.0.1 is in already banned suubnet range BOOST_CHECK_THROW(r = CallRPC(string("setban 127.0.0.1 add")), runtime_error); From d624167387a658c9b2c25ad13492262ccd2592bf Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 12 Jun 2015 19:51:50 +0200 Subject: [PATCH 08/10] fix CSubNet comparison operator --- src/netbase.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/netbase.cpp b/src/netbase.cpp index b7c77fda6..adac5c2d0 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -1332,7 +1332,7 @@ bool operator!=(const CSubNet& a, const CSubNet& b) bool operator<(const CSubNet& a, const CSubNet& b) { - return (a.network < b.network || (a.network == b.network && memcmp(a.netmask, b.netmask, 16))); + return (a.network < b.network || (a.network == b.network && memcmp(a.netmask, b.netmask, 16) < 0)); } #ifdef WIN32 From 1f02b802538ff16313c27f1539860ee06b907c7c Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Fri, 12 Jun 2015 22:27:03 +0200 Subject: [PATCH 09/10] setban: add RPCErrorCode --- src/rpcnet.cpp | 2 +- src/rpcprotocol.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/rpcnet.cpp b/src/rpcnet.cpp index 97d5ccbff..5a26c7c3a 100644 --- a/src/rpcnet.cpp +++ b/src/rpcnet.cpp @@ -524,7 +524,7 @@ UniValue setban(const UniValue& params, bool fHelp) else if(strCommand == "remove") { if (!( isSubnet ? CNode::Unban(subNet) : CNode::Unban(netAddr) )) - throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: Unban failed"); + throw JSONRPCError(RPC_MISC_ERROR, "Error: Unban failed"); } return NullUniValue; diff --git a/src/rpcprotocol.h b/src/rpcprotocol.h index ecd7c1f7d..ccd2439c9 100644 --- a/src/rpcprotocol.h +++ b/src/rpcprotocol.h @@ -64,6 +64,7 @@ enum RPCErrorCode RPC_CLIENT_NODE_ALREADY_ADDED = -23, //! Node is already added RPC_CLIENT_NODE_NOT_ADDED = -24, //! Node has not been added before RPC_CLIENT_NODE_NOT_CONNECTED = -29, //! Node to disconnect not found in connected nodes + RPC_CLIENT_INVALID_IP_OR_SUBNET = -30, //! Invalid IP/Subnet //! Wallet errors RPC_WALLET_ERROR = -4, //! Unspecified problem with wallet (key not found etc.) From 9d79afe9a925c4aaed5d922ee432e9b3aa4d877a Mon Sep 17 00:00:00 2001 From: Jonas Schnelli Date: Tue, 16 Jun 2015 18:21:03 +0200 Subject: [PATCH 10/10] add RPC tests for setban & disconnectnode --- qa/pull-tester/rpc-tests.sh | 1 + qa/rpc-tests/httpbasics.py | 28 +-------------- qa/rpc-tests/nodehandling.py | 69 ++++++++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 27 deletions(-) create mode 100755 qa/rpc-tests/nodehandling.py diff --git a/qa/pull-tester/rpc-tests.sh b/qa/pull-tester/rpc-tests.sh index 9b318650e..426d81fa9 100755 --- a/qa/pull-tester/rpc-tests.sh +++ b/qa/pull-tester/rpc-tests.sh @@ -32,6 +32,7 @@ testScripts=( 'merkle_blocks.py' 'signrawtransactions.py' 'walletbackup.py' + 'nodehandling.py' ); testScriptsExt=( 'bipdersig-p2p.py' diff --git a/qa/rpc-tests/httpbasics.py b/qa/rpc-tests/httpbasics.py index 6d6ef9df7..8ccb82128 100755 --- a/qa/rpc-tests/httpbasics.py +++ b/qa/rpc-tests/httpbasics.py @@ -4,7 +4,7 @@ # file COPYING or http://www.opensource.org/licenses/mit-license.php. # -# Test REST interface +# Test rpc http basics # from test_framework.test_framework import BitcoinTestFramework @@ -98,31 +98,5 @@ class HTTPBasicsTest (BitcoinTestFramework): assert_equal('"error":null' in out1, True) assert_equal(conn.sock!=None, True) #connection must be closed because bitcoind should use keep-alive by default - ########################### - # setban/listbanned tests # - ########################### - assert_equal(len(self.nodes[2].getpeerinfo()), 4) #we should have 4 nodes at this point - self.nodes[2].setban("127.0.0.1", "add") - time.sleep(3) #wait till the nodes are disconected - assert_equal(len(self.nodes[2].getpeerinfo()), 0) #all nodes must be disconnected at this point - assert_equal(len(self.nodes[2].listbanned()), 1) - self.nodes[2].clearbanned() - assert_equal(len(self.nodes[2].listbanned()), 0) - self.nodes[2].setban("127.0.0.0/24", "add") - assert_equal(len(self.nodes[2].listbanned()), 1) - try: - self.nodes[2].setban("127.0.0.1", "add") #throws exception because 127.0.0.1 is within range 127.0.0.0/24 - except: - pass - assert_equal(len(self.nodes[2].listbanned()), 1) #still only one banned ip because 127.0.0.1 is within the range of 127.0.0.0/24 - try: - self.nodes[2].setban("127.0.0.1", "remove") - except: - pass - assert_equal(len(self.nodes[2].listbanned()), 1) - self.nodes[2].setban("127.0.0.0/24", "remove") - assert_equal(len(self.nodes[2].listbanned()), 0) - self.nodes[2].clearbanned() - assert_equal(len(self.nodes[2].listbanned()), 0) if __name__ == '__main__': HTTPBasicsTest ().main () diff --git a/qa/rpc-tests/nodehandling.py b/qa/rpc-tests/nodehandling.py new file mode 100755 index 000000000..9a77bd97e --- /dev/null +++ b/qa/rpc-tests/nodehandling.py @@ -0,0 +1,69 @@ +#!/usr/bin/env python2 +# Copyright (c) 2014 The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or http://www.opensource.org/licenses/mit-license.php. + +# +# Test node handling +# + +from test_framework.test_framework import BitcoinTestFramework +from test_framework.util import * +import base64 + +try: + import http.client as httplib +except ImportError: + import httplib +try: + import urllib.parse as urlparse +except ImportError: + import urlparse + +class NodeHandlingTest (BitcoinTestFramework): + def run_test(self): + ########################### + # setban/listbanned tests # + ########################### + assert_equal(len(self.nodes[2].getpeerinfo()), 4) #we should have 4 nodes at this point + self.nodes[2].setban("127.0.0.1", "add") + time.sleep(3) #wait till the nodes are disconected + assert_equal(len(self.nodes[2].getpeerinfo()), 0) #all nodes must be disconnected at this point + assert_equal(len(self.nodes[2].listbanned()), 1) + self.nodes[2].clearbanned() + assert_equal(len(self.nodes[2].listbanned()), 0) + self.nodes[2].setban("127.0.0.0/24", "add") + assert_equal(len(self.nodes[2].listbanned()), 1) + try: + self.nodes[2].setban("127.0.0.1", "add") #throws exception because 127.0.0.1 is within range 127.0.0.0/24 + except: + pass + assert_equal(len(self.nodes[2].listbanned()), 1) #still only one banned ip because 127.0.0.1 is within the range of 127.0.0.0/24 + try: + self.nodes[2].setban("127.0.0.1", "remove") + except: + pass + assert_equal(len(self.nodes[2].listbanned()), 1) + self.nodes[2].setban("127.0.0.0/24", "remove") + assert_equal(len(self.nodes[2].listbanned()), 0) + self.nodes[2].clearbanned() + assert_equal(len(self.nodes[2].listbanned()), 0) + + ########################### + # RPC disconnectnode test # + ########################### + url = urlparse.urlparse(self.nodes[1].url) + self.nodes[0].disconnectnode(url.hostname+":"+str(p2p_port(1))) + time.sleep(2) #disconnecting a node needs a little bit of time + for node in self.nodes[0].getpeerinfo(): + assert(node['addr'] != url.hostname+":"+str(p2p_port(1))) + + connect_nodes_bi(self.nodes,0,1) #reconnect the node + found = False + for node in self.nodes[0].getpeerinfo(): + if node['addr'] == url.hostname+":"+str(p2p_port(1)): + found = True + assert(found) + +if __name__ == '__main__': + NodeHandlingTest ().main ()