You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

DoS_tests.cpp 5.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201
  1. // Copyright (c) 2011-2014 The Bitcoin Core developers
  2. // Distributed under the MIT software license, see the accompanying
  3. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4. //
  5. // Unit tests for denial-of-service detection/prevention code
  6. //
  7. #include "keystore.h"
  8. #include "main.h"
  9. #include "net.h"
  10. #include "pow.h"
  11. #include "script/sign.h"
  12. #include "serialize.h"
  13. #include "util.h"
  14. #include "test/test_bitcoin.h"
  15. #include <stdint.h>
  16. #include <boost/assign/list_of.hpp> // for 'map_list_of()'
  17. #include <boost/date_time/posix_time/posix_time_types.hpp>
  18. #include <boost/foreach.hpp>
  19. #include <boost/test/unit_test.hpp>
  20. // Tests this internal-to-main.cpp method:
  21. extern bool AddOrphanTx(const CTransaction& tx, NodeId peer);
  22. extern void EraseOrphansFor(NodeId peer);
  23. extern unsigned int LimitOrphanTxSize(unsigned int nMaxOrphans);
  24. struct COrphanTx {
  25. CTransaction tx;
  26. NodeId fromPeer;
  27. };
  28. extern std::map<uint256, COrphanTx> mapOrphanTransactions;
  29. extern std::map<uint256, std::set<uint256> > mapOrphanTransactionsByPrev;
  30. CService ip(uint32_t i)
  31. {
  32. struct in_addr s;
  33. s.s_addr = i;
  34. return CService(CNetAddr(s), Params().GetDefaultPort());
  35. }
  36. BOOST_FIXTURE_TEST_SUITE(DoS_tests, TestingSetup)
  37. BOOST_AUTO_TEST_CASE(DoS_banning)
  38. {
  39. CNode::ClearBanned();
  40. CAddress addr1(ip(0xa0b0c001));
  41. CNode dummyNode1(INVALID_SOCKET, addr1, "", true);
  42. dummyNode1.nVersion = 1;
  43. Misbehaving(dummyNode1.GetId(), 100); // Should get banned
  44. SendMessages(&dummyNode1, false);
  45. BOOST_CHECK(CNode::IsBanned(addr1));
  46. BOOST_CHECK(!CNode::IsBanned(ip(0xa0b0c001|0x0000ff00))); // Different IP, not banned
  47. CAddress addr2(ip(0xa0b0c002));
  48. CNode dummyNode2(INVALID_SOCKET, addr2, "", true);
  49. dummyNode2.nVersion = 1;
  50. Misbehaving(dummyNode2.GetId(), 50);
  51. SendMessages(&dummyNode2, false);
  52. BOOST_CHECK(!CNode::IsBanned(addr2)); // 2 not banned yet...
  53. BOOST_CHECK(CNode::IsBanned(addr1)); // ... but 1 still should be
  54. Misbehaving(dummyNode2.GetId(), 50);
  55. SendMessages(&dummyNode2, false);
  56. BOOST_CHECK(CNode::IsBanned(addr2));
  57. }
  58. BOOST_AUTO_TEST_CASE(DoS_banscore)
  59. {
  60. CNode::ClearBanned();
  61. mapArgs["-banscore"] = "111"; // because 11 is my favorite number
  62. CAddress addr1(ip(0xa0b0c001));
  63. CNode dummyNode1(INVALID_SOCKET, addr1, "", true);
  64. dummyNode1.nVersion = 1;
  65. Misbehaving(dummyNode1.GetId(), 100);
  66. SendMessages(&dummyNode1, false);
  67. BOOST_CHECK(!CNode::IsBanned(addr1));
  68. Misbehaving(dummyNode1.GetId(), 10);
  69. SendMessages(&dummyNode1, false);
  70. BOOST_CHECK(!CNode::IsBanned(addr1));
  71. Misbehaving(dummyNode1.GetId(), 1);
  72. SendMessages(&dummyNode1, false);
  73. BOOST_CHECK(CNode::IsBanned(addr1));
  74. mapArgs.erase("-banscore");
  75. }
  76. BOOST_AUTO_TEST_CASE(DoS_bantime)
  77. {
  78. CNode::ClearBanned();
  79. int64_t nStartTime = GetTime();
  80. SetMockTime(nStartTime); // Overrides future calls to GetTime()
  81. CAddress addr(ip(0xa0b0c001));
  82. CNode dummyNode(INVALID_SOCKET, addr, "", true);
  83. dummyNode.nVersion = 1;
  84. Misbehaving(dummyNode.GetId(), 100);
  85. SendMessages(&dummyNode, false);
  86. BOOST_CHECK(CNode::IsBanned(addr));
  87. SetMockTime(nStartTime+60*60);
  88. BOOST_CHECK(CNode::IsBanned(addr));
  89. SetMockTime(nStartTime+60*60*24+1);
  90. BOOST_CHECK(!CNode::IsBanned(addr));
  91. }
  92. CTransaction RandomOrphan()
  93. {
  94. std::map<uint256, COrphanTx>::iterator it;
  95. it = mapOrphanTransactions.lower_bound(GetRandHash());
  96. if (it == mapOrphanTransactions.end())
  97. it = mapOrphanTransactions.begin();
  98. return it->second.tx;
  99. }
  100. BOOST_AUTO_TEST_CASE(DoS_mapOrphans)
  101. {
  102. CKey key;
  103. key.MakeNewKey(true);
  104. CBasicKeyStore keystore;
  105. keystore.AddKey(key);
  106. // 50 orphan transactions:
  107. for (int i = 0; i < 50; i++)
  108. {
  109. CMutableTransaction tx;
  110. tx.vin.resize(1);
  111. tx.vin[0].prevout.n = 0;
  112. tx.vin[0].prevout.hash = GetRandHash();
  113. tx.vin[0].scriptSig << OP_1;
  114. tx.vout.resize(1);
  115. tx.vout[0].nValue = 1*CENT;
  116. tx.vout[0].scriptPubKey = GetScriptForDestination(key.GetPubKey().GetID());
  117. AddOrphanTx(tx, i);
  118. }
  119. // ... and 50 that depend on other orphans:
  120. for (int i = 0; i < 50; i++)
  121. {
  122. CTransaction txPrev = RandomOrphan();
  123. CMutableTransaction tx;
  124. tx.vin.resize(1);
  125. tx.vin[0].prevout.n = 0;
  126. tx.vin[0].prevout.hash = txPrev.GetHash();
  127. tx.vout.resize(1);
  128. tx.vout[0].nValue = 1*CENT;
  129. tx.vout[0].scriptPubKey = GetScriptForDestination(key.GetPubKey().GetID());
  130. SignSignature(keystore, txPrev, tx, 0);
  131. AddOrphanTx(tx, i);
  132. }
  133. // This really-big orphan should be ignored:
  134. for (int i = 0; i < 10; i++)
  135. {
  136. CTransaction txPrev = RandomOrphan();
  137. CMutableTransaction tx;
  138. tx.vout.resize(1);
  139. tx.vout[0].nValue = 1*CENT;
  140. tx.vout[0].scriptPubKey = GetScriptForDestination(key.GetPubKey().GetID());
  141. tx.vin.resize(500);
  142. for (unsigned int j = 0; j < tx.vin.size(); j++)
  143. {
  144. tx.vin[j].prevout.n = j;
  145. tx.vin[j].prevout.hash = txPrev.GetHash();
  146. }
  147. SignSignature(keystore, txPrev, tx, 0);
  148. // Re-use same signature for other inputs
  149. // (they don't have to be valid for this test)
  150. for (unsigned int j = 1; j < tx.vin.size(); j++)
  151. tx.vin[j].scriptSig = tx.vin[0].scriptSig;
  152. BOOST_CHECK(!AddOrphanTx(tx, i));
  153. }
  154. // Test EraseOrphansFor:
  155. for (NodeId i = 0; i < 3; i++)
  156. {
  157. size_t sizeBefore = mapOrphanTransactions.size();
  158. EraseOrphansFor(i);
  159. BOOST_CHECK(mapOrphanTransactions.size() < sizeBefore);
  160. }
  161. // Test LimitOrphanTxSize() function:
  162. LimitOrphanTxSize(40);
  163. BOOST_CHECK(mapOrphanTransactions.size() <= 40);
  164. LimitOrphanTxSize(10);
  165. BOOST_CHECK(mapOrphanTransactions.size() <= 10);
  166. LimitOrphanTxSize(0);
  167. BOOST_CHECK(mapOrphanTransactions.empty());
  168. BOOST_CHECK(mapOrphanTransactionsByPrev.empty());
  169. }
  170. BOOST_AUTO_TEST_SUITE_END()