Skip to content

Commit 053930f

Browse files
pstratemsipa
pstratem
authored and
sipa
committed
Avoid recalculating vchKeyedNetGroup in eviction logic.
Lazy calculate vchKeyedNetGroup in CNode::GetKeyedNetGroup.
1 parent 22e0b35 commit 053930f

File tree

2 files changed

+29
-34
lines changed

2 files changed

+29
-34
lines changed

src/net.cpp

Lines changed: 9 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
#include "clientversion.h"
1515
#include "consensus/consensus.h"
1616
#include "crypto/common.h"
17+
#include "crypto/sha256.h"
1718
#include "hash.h"
1819
#include "primitives/transaction.h"
1920
#include "scheduler.h"
@@ -838,6 +839,7 @@ struct NodeEvictionCandidate
838839
int64_t nTimeConnected;
839840
int64_t nMinPingUsecTime;
840841
CAddress addr;
842+
std::vector<unsigned char> vchKeyedNetGroup;
841843
};
842844

843845
static bool ReverseCompareNodeMinPingTime(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b)
@@ -850,36 +852,8 @@ static bool ReverseCompareNodeTimeConnected(const NodeEvictionCandidate &a, cons
850852
return a.nTimeConnected > b.nTimeConnected;
851853
}
852854

853-
class CompareNetGroupKeyed
854-
{
855-
std::vector<unsigned char> vchSecretKey;
856-
public:
857-
CompareNetGroupKeyed()
858-
{
859-
vchSecretKey.resize(32, 0);
860-
GetRandBytes(vchSecretKey.data(), vchSecretKey.size());
861-
}
862-
863-
bool operator()(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b)
864-
{
865-
std::vector<unsigned char> vchGroupA, vchGroupB;
866-
CSHA256 hashA, hashB;
867-
std::vector<unsigned char> vchA(32), vchB(32);
868-
869-
vchGroupA = a.addr.GetGroup();
870-
vchGroupB = b.addr.GetGroup();
871-
872-
hashA.Write(begin_ptr(vchGroupA), vchGroupA.size());
873-
hashB.Write(begin_ptr(vchGroupB), vchGroupB.size());
874-
875-
hashA.Write(begin_ptr(vchSecretKey), vchSecretKey.size());
876-
hashB.Write(begin_ptr(vchSecretKey), vchSecretKey.size());
877-
878-
hashA.Finalize(begin_ptr(vchA));
879-
hashB.Finalize(begin_ptr(vchB));
880-
881-
return vchA < vchB;
882-
}
855+
static bool CompareNetGroupKeyed(const NodeEvictionCandidate &a, const NodeEvictionCandidate &b) {
856+
return a.vchKeyedNetGroup < b.vchKeyedNetGroup;
883857
};
884858

885859
/** Try to find a connection to evict when the node is full.
@@ -902,7 +876,7 @@ static bool AttemptToEvictConnection(bool fPreferNewConnection) {
902876
continue;
903877
if (node->fDisconnect)
904878
continue;
905-
NodeEvictionCandidate candidate = {node->id, node->nTimeConnected, node->nMinPingUsecTime, node->addr};
879+
NodeEvictionCandidate candidate = {node->id, node->nTimeConnected, node->nMinPingUsecTime, node->addr, node->vchKeyedNetGroup};
906880
vEvictionCandidates.push_back(candidate);
907881
}
908882
}
@@ -912,9 +886,8 @@ static bool AttemptToEvictConnection(bool fPreferNewConnection) {
912886
// Protect connections with certain characteristics
913887

914888
// Deterministically select 4 peers to protect by netgroup.
915-
// An attacker cannot predict which netgroups will be protected.
916-
static CompareNetGroupKeyed comparerNetGroupKeyed;
917-
std::sort(vEvictionCandidates.begin(), vEvictionCandidates.end(), comparerNetGroupKeyed);
889+
// An attacker cannot predict which netgroups will be protected
890+
std::sort(vEvictionCandidates.begin(), vEvictionCandidates.end(), CompareNetGroupKeyed);
918891
vEvictionCandidates.erase(vEvictionCandidates.end() - std::min(4, static_cast<int>(vEvictionCandidates.size())), vEvictionCandidates.end());
919892

920893
if (vEvictionCandidates.empty()) return false;
@@ -2392,6 +2365,8 @@ CNode::CNode(SOCKET hSocketIn, const CAddress& addrIn, const std::string& addrNa
23922365
lastSentFeeFilter = 0;
23932366
nextSendTimeFeeFilter = 0;
23942367

2368+
CalculateKeyedNetGroup();
2369+
23952370
BOOST_FOREACH(const std::string &msg, getAllNetMessageTypes())
23962371
mapRecvBytesPerMsgCmd[msg] = 0;
23972372
mapRecvBytesPerMsgCmd[NET_MESSAGE_COMMAND_OTHER] = 0;

src/net.h

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,8 @@
99
#include "amount.h"
1010
#include "bloom.h"
1111
#include "compat.h"
12+
#include "crypto/common.h"
13+
#include "crypto/sha256.h"
1214
#include "limitedmap.h"
1315
#include "netbase.h"
1416
#include "protocol.h"
@@ -362,6 +364,8 @@ class CNode
362364
CBloomFilter* pfilter;
363365
int nRefCount;
364366
NodeId id;
367+
368+
std::vector<unsigned char> vchKeyedNetGroup;
365369
protected:
366370

367371
// Denial-of-service detection/prevention
@@ -450,6 +454,22 @@ class CNode
450454
CNode(const CNode&);
451455
void operator=(const CNode&);
452456

457+
void CalculateKeyedNetGroup() {
458+
static std::vector<unsigned char> vchSecretKey;
459+
if (vchSecretKey.empty()) {
460+
vchSecretKey.resize(32, 0);
461+
GetRandBytes(vchSecretKey.data(), vchSecretKey.size());
462+
}
463+
464+
std::vector<unsigned char> vchNetGroup(this->addr.GetGroup());
465+
466+
CSHA256 hash;
467+
hash.Write(begin_ptr(vchNetGroup), vchNetGroup.size());
468+
hash.Write(begin_ptr(vchSecretKey), vchSecretKey.size());
469+
470+
vchKeyedNetGroup.resize(32, 0);
471+
hash.Finalize(begin_ptr(vchKeyedNetGroup));
472+
}
453473
public:
454474

455475
NodeId GetId() const {

0 commit comments

Comments
 (0)