teor
609d70ae53
Stop untrusted preallocation during string deserialization
...
This is an easy memory denial of service attack.
2021-03-22 11:54:31 -04:00
teor
db2f920d96
Stop untrusted preallocation during JoinSplit deserialization
...
Zebra believes the untrusted `JoinSplit` list size field when
deserializing `JoinSplit`s, and preallocates a `Vec` based on that size.
This is trivial a memory exhaustion attack.
Instead, use the current auto-growing implementation, which is limited
by the size of the message data.
2021-03-22 11:54:31 -04:00
teor
f19f0d0949
clippy: fix inconsistent struct ordering
2021-03-22 11:51:54 -04:00
teor
38585b6116
Fix whitespace for rustfmt
2021-03-22 11:18:37 +10:00
teor
a6f916671a
Add a TODO comment for a missing no-coinbase check
2021-03-22 08:59:51 +10:00
Deirdre Connolly
4aedf08a95
Merge pull request #1927 from ZcashFoundation/ci
...
Add final job to ci.yml that passes when all other ci.yml jobs pass
2021-03-20 23:57:13 -04:00
Deirdre Connolly
5791ee3339
Sync _from_ canopy, not _to_, now that we have state
2021-03-20 19:34:33 -04:00
Deirdre Connolly
bbdecbe9ad
Update mainnet stateful sync tests to use new disk image
...
Leave testnet commented out until testnet disk image is ready.
2021-03-20 19:34:33 -04:00
Deirdre Connolly
9b2090b4a1
Update test.yml
2021-03-20 19:34:33 -04:00
Deirdre Connolly
a091f63c79
Generate Canopy activation disks
2021-03-20 19:34:33 -04:00
Jane Lusby
b835a04a5e
document coverage workflow
2021-03-20 14:59:02 -04:00
teor
c57baad7e8
Merge pull request #1923 from ZcashFoundation/coverage-no-incremental
...
Disable incremental compilation in coverage builds to avoid disk space errors.
2021-03-19 11:33:25 +10:00
teor
c8b8a428c6
Revise release checklist to be more explicit
2021-03-17 22:23:41 -04:00
Alfredo Garcia
b8742f03a9
add a note to save changelog locally
2021-03-17 22:23:41 -04:00
teor
d19585cfca
Fix some missed Sapling to Canopy checkpoint code changes
2021-03-18 10:13:47 +10:00
teor
9da220517b
Update docs for Sapling to Canopy checkpoint change
2021-03-18 10:13:47 +10:00
teor
74cc30c307
Change the cached sync tests to canopy
...
This change requires a cached state rebuild. The rebuilt state will be
significantly larger.
2021-03-18 10:13:47 +10:00
teor
a649bd10e3
Also update testnet checkpoints
2021-03-18 10:13:47 +10:00
teor
6711d14bc4
Summarise how to rebuild checkpoints in list.rs
2021-03-18 10:13:47 +10:00
Alfredo Garcia
a292cbe611
change the mandatory checkpoint to Canopy
2021-03-18 10:13:47 +10:00
dependabot[bot]
97cae4b2da
build(deps): bump displaydoc from 0.1.7 to 0.2.0
...
Bumps [displaydoc](https://github.com/yaahc/displaydoc ) from 0.1.7 to 0.2.0.
- [Release notes](https://github.com/yaahc/displaydoc/releases )
- [Changelog](https://github.com/yaahc/displaydoc/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yaahc/displaydoc/commits/v0.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-17 15:50:40 -04:00
dependabot[bot]
20a05df58f
build(deps): bump regex from 1.4.3 to 1.4.5
...
Bumps [regex](https://github.com/rust-lang/regex ) from 1.4.3 to 1.4.5.
- [Release notes](https://github.com/rust-lang/regex/releases )
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rust-lang/regex/compare/1.4.3...1.4.5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-16 21:02:15 -04:00
teor
4f923b90ea
Log address book metrics when peers aren't responding
2021-03-17 10:47:04 +10:00
teor
5a30268d7a
Log address metrics when the peer set has no ready peers
2021-03-17 10:47:04 +10:00
teor
6a342e93ca
Refactor AddressBook metrics into their own struct
...
And provide an accessor function for address book metrics.
2021-03-17 10:47:04 +10:00
Jane Lusby
fc4b8c1e70
add basic test for batch waker behaviour
2021-03-17 10:44:18 +10:00
Jane Lusby
c10ea1d82b
split pair constructor off of Batch::new
2021-03-17 10:44:18 +10:00
Alfredo Garcia
9e1662d2d7
panic in `NonFinalizedState::commit_block` before Canopy ( #1909 )
...
* add a panic in commit_block() for blocks before canopy
* update tests to use a post canopy block and network
Co-authored-by: teor <teor@riseup.net>
2021-03-17 10:41:28 +10:00
Alfredo Garcia
d49eaab68e
Bump versions for zebrad 1.0.0-alpha.4 ( #1913 )
...
* Bump versions for zebrad 1.0.0-alpha.4
* add Cargo.lock
2021-03-16 21:12:37 -03:00
Jack Grigg
7a8cae9321
Tag message metrics by type
2021-03-17 09:38:07 +10:00
Jack Grigg
bae9a7ecd5
Expose binary data in metrics
...
This enables slicing and aggregating metrics based on zebrad version:
https://www.robustperception.io/exposing-the-software-version-to-prometheus
2021-03-17 09:38:07 +10:00
Jack Grigg
e51f33a4b9
Use interoperable names for common metrics
...
These names match the equivalent metrics in zcashd, enabling common
metrics to be collected across both node types.
2021-03-17 09:38:07 +10:00
teor
9c0c2f0848
Add Testnet Post-Halving block test vectors
2021-03-16 12:39:07 -04:00
teor
8444b78e01
Add Mainnet Canopy block test vectors
...
Including one block that just happened to be 72 kB, in binary format.
2021-03-16 12:39:07 -04:00
teor
873127aac1
Replace smart quotes with ascii quotes
...
Some tools don't deal well with unicode text. And we're not using it
consistently in Zebra anyway.
2021-03-15 03:18:10 -04:00
dependabot[bot]
b618f5b522
build(deps): bump tracing-subscriber from 0.2.16 to 0.2.17
...
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing ) from 0.2.16 to 0.2.17.
- [Release notes](https://github.com/tokio-rs/tracing/releases )
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.2.16...tracing-subscriber-0.2.17 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-14 19:37:24 -04:00
teor
8fabbce037
Document and log trailing message bytes ( #1888 )
...
* Rename a variable for consistency
* Log extra trailing message bytes at debug level
2021-03-15 08:25:27 +10:00
teor
976ec912db
Document that the listed address is also advertised to peers ( #1891 )
...
Documents a potential privacy leak, and a missing feature.
2021-03-15 08:25:07 +10:00
dependabot[bot]
7f9d66a4af
build(deps): bump serde-big-array from 0.3.1 to 0.3.2
...
Bumps [serde-big-array](https://github.com/est31/serde-big-array ) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/est31/serde-big-array/releases )
- [Commits](https://github.com/est31/serde-big-array/commits/v0.3.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-13 05:50:01 -05:00
teor
1e1859f5a3
Merge pull request #1887 from ZcashFoundation/revert-1877-revert-1789-large-sync-testnet-disable
...
Revert "Revert "Disable unreliable `sync_large_checkpoints_testnet`""
This disables the failing large testnet sync test.
2021-03-12 12:31:19 +10:00
teor
8103e89739
Check proof-of-work in the CheckpointVerifier
...
These checks make some resource exhaustion attacks harder to carry out,
because the malicious blocks need a valid proof-of-work.
2021-03-12 08:55:29 +10:00
teor
c1a910942d
Re-use some block checks in the CheckpointVerifier
2021-03-12 08:55:29 +10:00
teor
252affdf84
Add network to CheckpointVerifier
...
This refactor allows us to re-use some block checks in the checkpoint
verifier.
2021-03-12 08:55:29 +10:00
dependabot[bot]
8e0fac5336
build(deps): bump byteorder from 1.4.2 to 1.4.3
...
Bumps [byteorder](https://github.com/BurntSushi/byteorder ) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/BurntSushi/byteorder/releases )
- [Changelog](https://github.com/BurntSushi/byteorder/blob/master/CHANGELOG.md )
- [Commits](https://github.com/BurntSushi/byteorder/compare/1.4.2...1.4.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-11 11:15:13 -05:00
teor
d494af1e90
Document how the syncer resists memory DoS
2021-03-11 06:24:46 -05:00
teor
c6358b157c
Reduce inbound concurrency to limit memory usage
...
Inbound malicious blocks can use a large amount of RAM when
deserialized. Limit inbound concurrency, so that the total amount
of RAM remains small.
2021-03-11 06:24:46 -05:00
teor
475deaf655
Adjust the crawl interval and acceptance test timeout ( #1878 )
2021-03-11 07:53:37 +10:00
teor
ac4611ffc4
Revert "Disable unreliable `sync_large_checkpoints_testnet` ( #1789 )"
...
This reverts commit bae49e54df
.
2021-03-10 02:14:09 -05:00
teor
e50692bd51
CandidateSet: Add Listener Port Connections
...
Inbound connections on the Zcash protocol listener port
perform a handshake. If the handshake is successful, it
adds the peer to the AddressBook.
2021-03-09 23:05:18 -05:00
Jane Lusby
03aa6f671f
Implement outbound connection rate limiting - includes config rename with alias ( #1855 )
...
* Implement outbound connection rate limiting
* fix breaking change on config
Co-authored-by: teor <teor@riseup.net>
2021-03-10 01:36:05 +00:00