fix: multiple fixes to conditions we check while opening new connections #6538
Conversation
We backported 15486 incorrectly...
…ions Dropped conditions: - do not check masternode ports in `ThreadOpenConnections`, it's done on consensus level on DMN registration/updates - do not check connections on IP-only basis, masternodes handle duplicate mn connections via mnauth, regular nodes don't need that at all
…hile `loop Allows non-specific conditions to trigger first for better compatibility
|
removed for simplified merge message |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (3)
src/netfulfilledman.cpp (2)
Line range hint
51-55: Fix post-increment iterator usage with erase.While the address handling change is good, there's a potential issue with the iterator usage. The current code uses post-increment (
it++) witherase, which is unnecessary sinceerasereturns the next iterator.Consider simplifying:
- if (it != mapFulfilledRequests.end()) { - mapFulfilledRequests.erase(it++); + if (it != mapFulfilledRequests.end()) { + mapFulfilledRequests.erase(it); }
Line range hint
35-55: Consider documenting the network behavior changes.The removal of address squashing logic across these functions represents a significant architectural change in how network requests are tracked. While the code changes are correct, it would be valuable to document the expected changes in network behavior, particularly around:
- How this affects request tracking for nodes with multiple ports
- Any impact on network request rate limiting
- Potential changes in memory usage patterns
src/net.cpp (1)
3520-3521: Consider consolidating duplicate self-connection checks.This self-connection check is duplicated from lines 496-497. Consider extracting this check into a helper function to avoid duplication.
+bool IsConnectingToSelf(const CAddress& addr) { + return addr.GetPort() == GetListenPort() && IsLocal(addr); +} -if (addr.GetPort() == GetListenPort() && IsLocal(addr)) { +if (IsConnectingToSelf(addr)) { break; }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (4)
src/chainparams.cpp(0 hunks)src/chainparams.h(0 hunks)src/net.cpp(5 hunks)src/netfulfilledman.cpp(2 hunks)
💤 Files with no reviewable changes (2)
- src/chainparams.h
- src/chainparams.cpp
🔇 Additional comments (5)
src/netfulfilledman.cpp (2)
35-35: LGTM! Simplified address handling.The removal of address squashing logic aligns with the broader changes to remove the
fAllowMultiplePortsfunctionality. The simplified code now directly uses the address for request tracking.
41-41: LGTM! Consistent with storage changes.The simplified lookup matches the storage pattern in
AddFulfilledRequest, maintaining consistency in how addresses are handled.src/net.cpp (3)
496-497: LGTM!The self-connection check is correctly implemented by comparing ports and checking if the address is local.
3516-3518: LGTM!The address validation check is correctly implemented with an appropriate early return pattern.
3562-3565: LGTM!The masternode duplicate connection check is correctly implemented, preventing redundant connections to masternodes we're already connected to.
… ports list cf32c03 net: extend bad ports to include Bitcoin ports (Kittywhiskers Van Gogh) 25d1e96 net: consider all ports that require privileges (<1024) as bad ports (Kittywhiskers Van Gogh) Pull request description: ## Additional Information * Ports <1024 are considered to be "system ports" (see [RFC 6335, Section 6](https://datatracker.ietf.org/doc/html/rfc6335#section-6)) and on some platforms, require superuser privileges in order to bind to them ([source](https://linux.die.net/man/5/services)). > Port numbers below 1024 (so-called "low numbered" ports) can only be bound to by root (see bind(2), tcp(7), and udp(7)). This is so clients connecting to low numbered ports can trust that the service running on the port is the standard implementation, and not a rogue service run by a user of the machine. Well-known port numbers specified by the IANA are normally located in this root-only space. This is undesirable as: * We don't want users to run Dash Core with elevated privileges; and * We don't want deployments to resort to carving out exceptions to allow for using these ports. To deter this behavior, specifically the latter, all "system ports" have been added to the "bad" ports list. This comes with the coincidental benefit of trimming down the blocklist of ports substantially. * To avoid conflicts with Bitcoin, as an additional measure, the RPC and P2P ports for mainnet and testnet have been included in the blocklist. ## Breaking Changes * ~~Dash Core will now permits peers on mainnet to connect to each other using a non-default P2P port.~~ Superseded by [dash#6538](#6538). * ~~This port restriction still _de facto_ applies on masternodes, as masternodes will not connect to other masternodes if they're using the differing listening port from themselves ([source](https://github.com/dashpay/dash/blob/0972dfe13c958a2866a189e386dd3ae38ac1ce46/src/net.cpp#L3563)).~~ * The "bad" ports list has been extended to include all ports <1024 and the RPC and P2P ports for Bitcoin mainnet and testnet. ## Checklist - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas **(note: N/A)** - [x] I have added or updated relevant unit/integration/functional/e2e tests - [x] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ ACKs for top commit: UdjinM6: utACK cf32c03 PastaPastaPasta: utACK cf32c03 Tree-SHA512: b0dae7f5c0a0d2c1a102857294e75d53617dc4158849de9c26197b6b9f89f1e21b2448acc933fd9be0c724374cf4498701b570af25b6f31e123fc0bb792689f3
src/net.cpp
Outdated
| const uint16_t default_port{Params().GetDefaultPort(addr.GetNetwork())}; | ||
| assert(!IsBadPort(default_port)); // Make sure we never set the default port to a bad port |
There was a problem hiding this comment.
maybe we just drop this now? or figure out a way to static assert it
Do this in CConnman's ctor instead of doing it for every addr we try to connect to
Issue being fixed or feature implemented
Changes:
fAllowMultiplePortswas introduced in Switch CNetFulfilledRequestManager and CMasternodeMan maps/funcs to CService #1967 to preserve the behaviour of the old non-deterministic masternode list while fixingnetfulfilledman. Most of that code is gone because we use DMN now andfAllowMultiplePortsis kind of useless (and even confusing). Should be safe to drop it completely imo. Inspired by 6451dd7 in feat(net): add "system ports" and Bitcoin ports to "bad" ports list #6535.addrbelongs to the set of already connected masternodes, should simply continue just like we do when we findaddrfrom the same net groupWhat was done?
See above/individual commits
How Has This Been Tested?
Breaking Changes
It's now possible to have regular nodes with the same address but different ports on mainnet too but that's not a breaking change hopefully.
Checklist: