Ban peers that can't complete a handshake (mimblewimble#2320)

* Break out of main peer loop on error * Force client conn shutdown on error * Fix borrow error * Ban peers that fail handshake * Fix add_peer for ban, remove useless disconnect
MicrohexHQ · Jan 11, 2019 · 1a6b46b · 1a6b46b
2 parents 60d3ee3 + f86c90a
commit 1a6b46b
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 5 deletions.
diff --git a/p2p/src/peers.rs b/p2p/src/peers.rs
@@ -80,6 +80,22 @@ impl Peers {
 		Ok(())
 	}
 
+	/// Add a peer as banned to block future connections, usually due to failed
+	/// handshake
+	pub fn add_banned(&self, addr: SocketAddr, ban_reason: ReasonForBan) -> Result<(), Error> {
+		let peer_data = PeerData {
+			addr,
+			capabilities: Capabilities::UNKNOWN,
+			user_agent: "".to_string(),
+			flags: State::Banned,
+			last_banned: Utc::now().timestamp(),
+			ban_reason,
+			last_connected: Utc::now().timestamp(),
+		};
+		debug!("Banning peer {}.", addr);
+		self.save_peer(&peer_data)
+	}
+
 	// Update the dandelion relay
 	pub fn update_dandelion_relay(&self) {
 		let peers = self.outgoing_connected_peers();

diff --git a/p2p/src/serv.rs b/p2p/src/serv.rs
@@ -29,7 +29,9 @@ use crate::handshake::Handshake;
 use crate::peer::Peer;
 use crate::peers::Peers;
 use crate::store::PeerStore;
-use crate::types::{Capabilities, ChainAdapter, Error, NetAdapter, P2PConfig, TxHashSetRead};
+use crate::types::{
+	Capabilities, ChainAdapter, Error, NetAdapter, P2PConfig, ReasonForBan, TxHashSetRead,
+};
 use crate::util::{Mutex, StopState};
 use chrono::prelude::{DateTime, Utc};
 
@@ -87,10 +89,9 @@ impl Server {
 						let sc = stream.try_clone();
 						if let Err(e) = self.handle_new_peer(stream) {
 							warn!("Error accepting peer {}: {:?}", peer_addr.to_string(), e);
-						} else {
-							if let Ok(s) = sc {
-								connected_sockets.insert(peer_addr, s);
-							}
+							let _ = self.peers.add_banned(peer_addr, ReasonForBan::BadHandshake);
+						} else if let Ok(s) = sc {
+							connected_sockets.insert(peer_addr, s);
 						}
 					}
 					// if any active socket not in our peers list, close it

diff --git a/p2p/src/types.rs b/p2p/src/types.rs
@@ -244,6 +244,7 @@ enum_from_primitive! {
 		BadTxHashSet = 4,
 		ManualBan = 5,
 		FraudHeight = 6,
+		BadHandshake = 7,
 	}
 }