Ban peers that can't complete a handshake (#2320)

* Break out of main peer loop on error * Force client conn shutdown on error * Fix borrow error * Ban peers that fail handshake * Fix add_peer for ban, remove useless disconnect
2025-01-21 03:21:08 +03:00 · 2019-01-11 10:00:32 -08:00 · 2019-01-11 10:00:32 -08:00 · 1a6b46b09d
commit 1a6b46b09d
parent 60d3ee3c44 f86c90ade5
3 changed files with 23 additions and 5 deletions
--- a/p2p/src/peers.rs
+++ b/p2p/src/peers.rs
@ -80,6 +80,22 @@ impl Peers {
 		Ok(())
 	}

+	/// Add a peer as banned to block future connections, usually due to failed
+	/// handshake
+	pub fn add_banned(&self, addr: SocketAddr, ban_reason: ReasonForBan) -> Result<(), Error> {
+		let peer_data = PeerData {
+			addr,
+			capabilities: Capabilities::UNKNOWN,
+			user_agent: "".to_string(),
+			flags: State::Banned,
+			last_banned: Utc::now().timestamp(),
+			ban_reason,
+			last_connected: Utc::now().timestamp(),
+		};
+		debug!("Banning peer {}.", addr);
+		self.save_peer(&peer_data)
+	}
+
 	// Update the dandelion relay
 	pub fn update_dandelion_relay(&self) {
 		let peers = self.outgoing_connected_peers();
--- a/p2p/src/serv.rs
+++ b/p2p/src/serv.rs
@ -29,7 +29,9 @@ use crate::handshake::Handshake;
 use crate::peer::Peer;
 use crate::peers::Peers;
 use crate::store::PeerStore;
-use crate::types::{Capabilities, ChainAdapter, Error, NetAdapter, P2PConfig, TxHashSetRead};
+use crate::types::{
+	Capabilities, ChainAdapter, Error, NetAdapter, P2PConfig, ReasonForBan, TxHashSetRead,
+};
 use crate::util::{Mutex, StopState};
 use chrono::prelude::{DateTime, Utc};

@ -87,12 +89,11 @@ impl Server {
 						let sc = stream.try_clone();
 						if let Err(e) = self.handle_new_peer(stream) {
 							warn!("Error accepting peer {}: {:?}", peer_addr.to_string(), e);
-						} else {
-							if let Ok(s) = sc {
+							let _ = self.peers.add_banned(peer_addr, ReasonForBan::BadHandshake);
+						} else if let Ok(s) = sc {
 							connected_sockets.insert(peer_addr, s);
 						}
 					}
-					}
 					// if any active socket not in our peers list, close it
 					self.clean_lost_sockets(&mut connected_sockets);
 				}
--- a/p2p/src/types.rs
+++ b/p2p/src/types.rs
@ -244,6 +244,7 @@ enum_from_primitive! {
 		BadTxHashSet = 4,
 		ManualBan = 5,
 		FraudHeight = 6,
+		BadHandshake = 7,
 	}
 }