Commit Graph

100 Commits

Author SHA1 Message Date
David Hill
d1e493f4ee config: New option --blocksonly (#553)
The --blocksonly configuration option disables accepting transactions
from remote peers.  It will still accept, relay, and rebroadcast
valid transactions sent via RPC or websockets.
2016-04-07 18:16:46 -05:00
Dave Collins
f389742b39 multi: Update with result of gofmt -s.
This commit updates the code to make use of the most recent simplified
output from gofmt.
2016-02-25 13:02:54 -06:00
Dave Collins
eb882f39f8 multi: Fix several misspellings in the comments.
This commit corrects several typos in the comments found by misspell.
2016-02-25 11:17:12 -06:00
Tibor Bősze
c75fea9c94 Implement banning based on dynamic ban scores
Dynamic ban scores consist of a persistent and a decaying component. The
persistent score can be used to create simple additive banning policies
simlar to those found in other bitcoin node implementations. The
decaying score enables the creation of evasive logic which handles
misbehaving peers (especially application layer DoS attacks) gracefully
by disconnecting and banning peers attempting various kinds of flooding.
Dynamic ban scores allow these two approaches to be used in tandem.

This pull request includes the following:

 - Dynamic ban score type & functions, with tests for core functionality
 - Ban score of connected peers can be queried via rpc (getpeerinfo)
 - Example policy with decaying score increments on mempool and getdata
 - Logging of misbehavior once half of the ban threshold is reached
 - Banning logic can be disabled via configuration (enabled by default)
 - User defined ban threshold can be set via configuration
2016-02-16 10:10:29 +01:00
Michail Kargakis
09874f1e91 Fix dropaddrindex flag usage message 2015-11-23 22:20:02 +01:00
Javed Khan
00bddf7540 peer: Refactor peer code into its own package.
This commit introduces package peer which contains peer related features
refactored from peer.go.

The following is an overview of the features the package provides:

- Provides a basic concurrent safe bitcoin peer for handling bitcoin
  communications via the peer-to-peer protocol
- Full duplex reading and writing of bitcoin protocol messages
- Automatic handling of the initial handshake process including protocol
  version negotiation
- Automatic periodic keep-alive pinging and pong responses
- Asynchronous message queueing of outbound messages with optional
  channel for notification when the message is actually sent
- Inventory message batching and send trickling with known inventory
  detection and avoidance
- Ability to wait for shutdown/disconnect
- Flexible peer configuration
  - Caller is responsible for creating outgoing connections and listening
    for incoming connections so they have flexibility to establish
    connections as they see fit (proxies, etc.)
  - User agent name and version
  - Bitcoin network
  - Service support signalling (full nodes, bloom filters, etc.)
  - Maximum supported protocol version
  - Ability to register callbacks for handling bitcoin protocol messages
- Proper handling of bloom filter related commands when the caller does
  not specify the related flag to signal support
  - Disconnects the peer when the protocol version is high enough
  - Does not invoke the related callbacks for older protocol versions
- Snapshottable peer statistics such as the total number of bytes read
  and written, the remote address, user agent, and negotiated protocol
  version
- Helper functions for pushing addresses, getblocks, getheaders, and
  reject messages
  - These could all be sent manually via the standard message output
    function, but the helpers provide additional nice functionality such
    as duplicate filtering and address randomization
- Full documentation with example usage
- Test coverage

In addition to the addition of the new package, btcd has been refactored
to make use of the new package by extending the basic peer it provides to
work with the blockmanager and server to act as a full node.  The
following is a broad overview of the changes to integrate the package:

- The server is responsible for all connection management including
  persistent peers and banning
- Callbacks for all messages that are required to implement a full node
  are registered
- Logic necessary to serve data and behave as a full node is now in the
  callback registered with the peer

Finally, the following peer-related things have been improved as a part
of this refactor:

- Don't log or send reject message due to peer disconnects
- Remove trace logs that aren't particularly helpful
- Finish an old TODO to switch the queue WaitGroup over to a channel
- Improve various comments and fix some code consistency cases
- Improve a few logging bits
- Implement a most-recently-used nonce tracking for detecting self
  connections and generate a unique nonce for each peer
2015-10-23 06:17:29 +05:30
David Hill
a56db22e9b config: New option --minrelaytxfee
--minrelaytxfee allows the user to specify the minimum transaction
fee in BTC/kB in which the fee is considered a non-zero fee.
2015-10-20 12:41:12 -04:00
Olaoluwa Osuntokun
0029905d43 Integrate a valid ECDSA signature cache into btcd
Introduce an ECDSA signature verification into btcd in order to
mitigate a certain DoS attack and as a performance optimization.

The benefits of SigCache are two fold. Firstly, usage of SigCache
mitigates a DoS attack wherein an attacker causes a victim's client to
hang due to worst-case behavior triggered while processing attacker
crafted invalid transactions. A detailed description of the mitigated
DoS attack can be found here: https://bitslog.wordpress.com/2013/01/23/fixed-bitcoin-vulnerability-explanation-why-the-signature-cache-is-a-dos-protection/
Secondly, usage of the SigCache introduces a signature verification
optimization which speeds up the validation of transactions within a
block, if they've already been seen and verified within the mempool.

The server itself manages the sigCache instance. The blockManager and
txMempool respectively now receive pointers to the created sigCache
instance. All read (sig triplet existence) operations on the sigCache
will not block unless a separate goroutine is adding an entry (writing)
to the sigCache. GetBlockTemplate generation now also utilizes the
sigCache in order to avoid unnecessarily double checking signatures
when generating a template after previously accepting a txn to the
mempool. Consequently, the CPU miner now also employs the same
optimization.

The maximum number of entries for the sigCache has been introduced as a
config parameter in order to allow users to configure the amount of
memory consumed by this new additional caching.
2015-10-08 17:31:42 -07:00
David Hill
c9ee3d9c5e wire: Implement SFNodeBloom (BIP0111).
SFNodeBloom is a new service flag that a node is required to use to
indicate that it supports bloom filtering.  This includes a protocol
version bump to 70011 and a wire version bump to 0.3.0.

btcd:
The SFNodeBloom flag is set by default.  A new configuration option
--nopeerbloomfilters has been added to to disable bloom filtering.

Any node advertising a version greater than or equal to 70011 that
attempts to use bloom filtering will be disconnected if bloom
filtering is disabled.

This mimics Bitcoin Core commit afb0ccaf9c9e4e8fac7db3564c4e19c9218c6b03
2015-09-28 16:25:44 -04:00
David Hill
a1bd15e7c2 Fix --onion.
The configured onion proxy was not being used due to checking if the
passed string had suffix '.onion', which never matched because the
port number is part of the string.
2015-06-10 09:56:25 -04:00
David Hill
007bee5ec8 Add new option --torisolation
Tor stream isolation randomizes proxy user credentials resulting in
Tor creating a new circuit for each connection.  This makes it more
difficult to correlate connections.

Idea from Wladimir J. van der Laan via Bitcoin Core.
2015-05-13 18:30:48 -04:00
David Hill
5f8dbab47a Add new option -maxorphantx
The option -maxorphantx allows the user to specify the number of
orphan transactions to keep in memory.

Also, lower the default max orphan count from 10000 to 1000.
2015-05-12 17:22:13 -04:00
Dave Collins
6e402deb35 Relicense to the btcsuite developers.
This commit relicenses all code in this repository to the btcsuite
developers.
2015-05-01 12:00:56 -05:00
Alex Akselrod
4a1445a032 Create limited RPC user.
The limited user is specified with the --rpclimituser and
--rpclimitpass options (or the equivalent in the config file).
The config struct and loadConfig() are updated to take the
new options into account. The limited user can have neither
the same username nor the same password as the admin user.

The package-level rpcLimit map in rpcserver.go specifies
the RPC commands accessible by limited users. This map
includes both HTTP/S and websocket commands.

The checkAuth function gets a new return parameter to
signify whether the user is authorized to change server
state. The result is passed to the jsonRPCRead function and
to the WebsocketHandler function in rpcwebsocket.go.

The wsClient struct is updated with an "isAdmin" field
signifying that the client is authorized to change server
state, written by WebsocketHandler and handleMessage.
The handleMessage function also checks the field to
allow or disallow an RPC call.

The following documentation files are updated:
- doc.go
- sample-btcd.conf
- docs/README.md
- docs/json_rpc_api.md
- docs/configure_rpc_server_listen_interfaces.md
2015-04-13 14:14:52 -04:00
David Hill
833bb04775 Reject free/low-fee transactions with insufficient priority.
By default, have the mempool reject free and low-fee transactions that
have insufficient priority to be mined in the next block.

Addtionally, add a new configuration option, -norelaypriority, to
disable the check.
2015-02-25 11:27:41 -05:00
Olaoluwa Osuntokun
ecdffda748 Add support for an optional address-based transaction index.
* Address index is built up concurrently with the `--addrindex` flag.
* Entire index can be deleted with `--dropaddrindex`.
* New RPC call: `searchrawtransaction`
  * Returns all transacitons related to a particular address
  * Includes mempool transactions
  * Requires `--addrindex` to be activated and fully caught up.
* New `blockLogger` struct has been added to factor our common logging
  code
* Wiki and docs updated with new features.
2015-02-05 14:48:19 -08:00
Dave Collins
03433dad6a Update btcwire path import paths to new location. 2015-02-05 15:16:39 -06:00
Dave Collins
309a9ea31d Update database import paths to new location. 2015-01-27 15:38:23 -06:00
Dave Collins
0b7a9074ef Update btcdb import paths to new location. 2015-01-16 18:30:32 -06:00
Dave Collins
54ccb83025 Update btcwire import paths to new location. 2015-01-16 15:13:21 -06:00
Dave Collins
f4e426c69f Update go-socks import paths to new location. 2015-01-16 01:21:57 -06:00
Dave Collins
8975c0c459 Update go-flags import paths to new location. 2015-01-16 00:56:49 -06:00
Dave Collins
58db4a8b7e Update btcutil import paths to new location. 2015-01-15 10:30:38 -06:00
Dave Collins
04d47de262 Allow disabling RPC server TLS for localhost only.
This commit introduces a new flag, --notls, which can be used to disable
TLS for the RPC server.  However, the flag can only be used when the RPC
server is bound to localhost interfaces.  This is intended to prevent the
situation where someone decides they want to expose the RPC server to the
web for remote management/access, but forgot they have TLS disabled.
2015-01-02 11:17:23 -06:00
Dave Collins
f1cbd40713 Improve handling of the home directory creation.
This commit improves a couple of issues surrounding the creation of the
btcd home directory.

First, the code was previously attempting to log any errors that occurred
while creating the directory using the logging system which is not
initialized at that point.  Thus, nothing was displayed to the user.

Second, if any component of btcd home directory path already exists, but
is not a directory, such as in the case of symlinks, the error returned
from the os.MkDirAll call indicates the directory can't be created.  While
this is true, it's not always the most helpful error to display to the
user.  So, this commit adds logic to detect when the failure case is due
to an existing symlink and displays a nicer error message suggesting the
user check if the destination of the link is mounted.

Fixes #193.
2014-12-21 17:01:56 -06:00
Olaoluwa Osuntokun
b97083f882 Fix some typos throughout repo. 2014-09-08 14:54:52 -05:00
Dave Collins
ca13333d25 Always show help on help flag.
This commit resolves a minor issue where an error in the config file would
prevent the help from being shown until the config file error was
resolved.

This results in the following behavior:

- With a malformed header:
  $ ./btcd
  Error parsing config file: ~/btcd/btcd.conf:14: malformed section header
  Use btcd -h to show usage
- With an invalid option:
  $ ./btcd
  Error parsing config file: unknown option: bogus
  Use btcd -h to show usage
- Invoking help with an error in the config file:
  $ ./btcd -h
  Usage:
  ...
- Invoking with an invalid command line option:
  $ ./btcd --bogus=bogus
  unknown flag `bogus'
  Use btcd -h to show usage

ok @jrick
2014-08-19 20:29:59 -05:00
Javed Khan
458a996ae6 updated utils to handle regtest, simnet
handle active network assignment in the same if-else
instead of having another switch-case
2014-07-22 08:28:33 -05:00
Dave Collins
08c01f08b1 Only show parse errors and command to invoke usage.
Rather than showing the usage when an error is encounted during options
parsing, show a message that describes how to invoke help instead.  This
is useful because the help is long enough now that the error is often
overlooked since it scrolls out of view.

ok @jrick
2014-07-14 20:43:54 -05:00
Tomás Senart
cc2c486791 Replace map[a]bool with map[a]struct{}
The later uses no memory storage for values and provides the same
functionality.
2014-07-02 19:06:29 -05:00
Tomás Senart
76d258e2a1 Avoid reallocs in removeDuplicateAddresses 2014-07-02 11:01:57 -05:00
Tomás Senart
a0f20007c5 golint -min_confidence=0.3 .
This commits removes a number of golint warnings. There is a class of
warnings which I can't fix due to unsufficient knowledge of the domain
at this point. These are listed here:

addrmanager.go:907:1: comment on exported method AddrManager.Attempt
should be of the form "Attempt ..."
addrmanager.go:1048:1: exported function RFC1918 should have comment or
be unexported
addrmanager.go:1058:1: exported function RFC3849 should have comment or
be unexported
addrmanager.go:1065:1: exported function RFC3927 should have comment or
be unexported
addrmanager.go:1073:1: exported function RFC3964 should have comment or
be unexported
addrmanager.go:1081:1: exported function RFC4193 should have comment or
be unexported
addrmanager.go:1089:1: exported function RFC4380 should have comment or
be unexported
addrmanager.go:1097:1: exported function RFC4843 should have comment or
be unexported
addrmanager.go:1105:1: exported function RFC4862 should have comment or
be unexported
addrmanager.go:1113:1: exported function RFC6052 should have comment or
be unexported
addrmanager.go:1121:1: exported function RFC6145 should have comment or
be unexported
addrmanager.go:1128:1: exported function Tor should have comment or be
unexported
addrmanager.go:1143:1: exported function Local should have comment or be
unexported
addrmanager.go:1228:2: exported const InterfacePrio should have comment
(or a comment on this block) or be unexported
discovery.go:26:2: exported var ErrTorInvalidAddressResponse should have
comment or be unexported
limits/limits_unix.go:19:1: exported function SetLimits should have
comment or be unexported
limits/limits_windows.go:7:1: exported function SetLimits should have
comment or be unexported
util/dropafter/dropafter.go:22:6: exported type ShaHash should have
comment or be unexported
util/dropafter/dropafter.go:38:2: exported const ArgSha should have
comment (or a comment on this block) or be unexported
util/dropafter/dropafter.go:128:5: exported var ErrBadShaPrefix should
have comment or be unexported
util/dropafter/dropafter.go:129:5: exported var ErrBadShaLen should have
comment or be unexported
util/dropafter/dropafter.go:130:5: exported var ErrBadShaChar should
have comment or be unexported
util/showblock/showblock.go:24:6: exported type ShaHash should have
comment or be unexported
util/showblock/showblock.go:46:2: exported const ArgSha should have
comment (or a comment on this block) or be unexported
util/showblock/showblock.go:163:1: exported function DumpBlock should
have comment or be unexported
util/showblock/showblock.go:211:5: exported var ErrBadShaPrefix should
have comment or be unexported
util/showblock/showblock.go:212:5: exported var ErrBadShaLen should have
comment or be unexported
util/showblock/showblock.go:213:5: exported var ErrBadShaChar should
have comment or be unexported
2014-07-02 11:01:56 -05:00
Tomás Senart
84fa553b65 Split imports into logical groups 2014-07-02 15:56:41 +02:00
Dave Collins
e25b644d3b Implement a built-in concurrent CPU miner.
This commit implements a built-in concurrent CPU miner that can be enabled
with the combination of the --generate and --miningaddr options.  The
--blockminsize, --blockmaxsize, and --blockprioritysize configuration
options wich already existed prior to this commit control the block
template generation and hence affect blocks mined via the new CPU miner.

The following is a quick overview of the changes and design:

- Starting btcd with --generate and no addresses specified via
  --miningaddr will give an error and exit immediately
- Makes use of multiple worker goroutines which independently create block
  templates, solve them, and submit the solved blocks
- The default number of worker threads are based on the number of
  processor cores in the system and can be dynamically changed at
  run-time
- There is a separate speed monitor goroutine used to collate periodic
  updates from the workers to calculate overall hashing speed
- The current mining state, number of workers, and hashes per second can
  be queried
- Updated sample-btcd.conf file has been updated to include the coin
  generation (mining) settings
- Updated doc.go for the new command line options

In addition the old --getworkkey option is now deprecated in favor of the
new --miningaddr option.  This was changed for a few reasons:

- There is no reason to have a separate list of keys for getwork and CPU
  mining
- getwork is deprecated and will be going away in the future so that means
  the --getworkkey flag will also be going away
- Having the work 'key' in the option can be confused with wanting a
  private key while --miningaddr make it a little more clear it is an
  address that is required

Closes #137.

Reviewed by @jrick.
2014-06-12 12:05:32 -05:00
Dave Collins
cc3e49fabb Make loadConfig function name a variable.
The errors in the loadConfig function had the function name hardcoded in
each error.  This commit assigns the function name to a variable instead.
2014-06-07 14:42:54 -05:00
Dave Collins
605eb7f4b4 Add a simulation test network via --simnet param.
This commit, along with recent commits to btcnet and btcwire, expose a new
network that is intended to provide a private network useful for
simulation testing.  To that end, it has the special property that it has
no DNS seeds and will actively ignore all addr and getaddr messages.  It
will also not try to connect to any nodes other than those specified via
--connect.  This allows the network to remain private to the specific
nodes involved in the testing and not simply become another public
testnet.

The network difficulty is also set extremely low like the regression test
network so blocks can be created extremely quickly without requiring a lot
of hashing power.
2014-05-29 15:10:12 -05:00
Dave Collins
252c022644 Convert to default net ports provided by btcnet.
ok @jrick
2014-05-29 12:47:08 -05:00
Josh Rickmar
74303966c0 Updates for btcutil and btcscript's btcnet conversion.
ok @davecgh
2014-05-27 17:44:55 -05:00
Josh Rickmar
bcc78565fd Initial pass at updating to btcnet.
This change modifies the params struct to embed a *btcnet.Params,
removing the old parameter fields that are handled by the btcnet
package.

Hardcoded network checks have also been removed in favor of modifying
behavior based on the current active net's parameters.

Not all library packages, notable btcutil and btcchain, have been
updated to use btcnet yet, but with this change, each package can be
updated one at a time since the active net's btcnet.Params are
available at each callsite.

ok @davecgh
2014-05-23 01:02:14 -05:00
Dave Collins
92ca0e92c0 Implement getwork RPC.
This commit adds full support for the getwork RPC which can be used to
support external mining through applications such as cgminer.

Closes #125.
2014-05-01 10:52:28 -05:00
Dave Collins
ed45b717e0 Add options to control block creation settings.
This commit adds three new options which are intended to to be used by the
upcoming mining-related block template creation code.
2014-03-22 11:47:03 -05:00
Owain G. Ainsworth
cb1f3cf48c Rate limit free-to-relay transactions.
Closes #40

ok @davecgh
2014-02-19 22:39:02 +00:00
Dave Collins
7d35bc9460 Add --rpcmaxwebsockets option with default of 25.
This commit adds a new configuration option, --rpcmaxwebsockets, to limit the
number of max RPC websocket clients that are served concurrently.
2014-02-19 00:53:14 -06:00
Dave Collins
a293212581 Add --rpcmaxclients option with default of 10.
This commit adds a new configuration option, --rpcmaxclients, to limit the
number of max standard RPC clients that are served concurrently.  Note
that this value does not apply to websocket connections.  A future commit
will add support for limiting those separately.

Closes #68.
2014-02-18 20:46:41 -06:00
Dave Collins
f9922c7305 Add --logdir option to specify logging directory.
This commit adds a new option, --logdir, which works in the same fashion
as the --datadir option.  Consequently, the logging directory is name
"namespaced" by the network as well.  This resolves the issue where two
btcd instances running (one for mainnet and one for testnet) would
overwrite each other's log files by default.

It also provides the user with a method to change the logging location to
non-default locations if they prefer.  For example, it enables multiple
btcd instances on the same network to specify unique logging directories
(even though running multiple btcd instances on the same network is not
the most sane configuration).

Closes #95.
2014-02-12 15:56:05 -06:00
Dave Collins
f12ca20372 Enable memdb support.
This commit adds the btcdb memdb backend as a supported database type.
Note that users will NOT want to run in this mode because, being memory
only, it obviously does not persist the database when shutdown.

It is being added for testing purposes to help prevent constant abuse to
developer's hard drive when churning the block database multiple times a
day.
2014-01-19 20:44:06 -06:00
Dave Collins
dacf9d77c5 Comment the onion/proxy dial/lookup configuration. 2014-01-10 01:52:15 -06:00
Dave Collins
4f8c2a3aaf Move missing config file warn just before return.
The warning about a missing config file should only be shown after all
other configuration has succeeded so it's not shown when there are invalid
options specified.  Also add a comment about it where its intended
placement is for the future.
2014-01-10 01:34:50 -06:00
Dave Collins
d33e9b4165 Unexport and comment btcDial and btcLookup func.
These functions are at the package level and only apply within btcd, so
unexport them to be consistent.
2014-01-10 01:31:20 -06:00
Owain G. Ainsworth
dd7c910e86 Enable use of a different proxy for .onion addresses.
This implements --onion (and --onionuser/--onionpass) that enable a
different proxy to be used to connect to .onion addresses. If no main
proxy is supplied then no proxy will be used for non-onion addresses.

Additionally we add --noonion that blocks connection attempts to .onion
addresses entirely (and avoids using tor for proxy dns lookups).

the --tor option has been supersceded and thus removed.

Closes #47
2014-01-07 19:18:09 +00:00