Track peer "sanity" (RIPD-836)

* Each peer has a "sane/insane/unknown" status * Status updated based on peer ledger sequence * Status reported in peer json * Only sane peers preferred for historical ledgers * Overlay endpoints only accepted from known sane peers * Untrusted proposals not relayed from insane peers * Untrusted validations not relayed from insane peers * Transactions from insane peers are not processed * Periodically drop outbound connections to bad peers * Bad peers get bootcache valence of zero Peer "sanity" is based on the ledger sequence number they are on. We quickly become able to assess this based on current trusted validations. We quarrantine rogue messages and disconnect bad outbound connections to help maintain the configured number of good outbound connections.
2025-11-27 22:45:52 +00:00 · 2015-04-03 12:32:06 -07:00
parent acf2833362
commit 0c134582ca
11 changed files with 241 additions and 6 deletions
--- a/src/ripple/overlay/impl/OverlayImpl.cpp
+++ b/src/ripple/overlay/impl/OverlayImpl.cpp
@@ -108,6 +108,9 @@ OverlayImpl::Timer::on_timer (error_code ec)
    overlay_.sendEndpoints();
    overlay_.autoConnect();

+    if ((++overlay_.timer_count_ % Tuning::checkSeconds) == 0)
+        overlay_.check();
+
    timer_.expires_from_now (std::chrono::seconds(1));
    timer_.async_wait(overlay_.strand_.wrap(std::bind(
        &Timer::on_timer, shared_from_this(),
@@ -136,6 +139,7 @@ OverlayImpl::OverlayImpl (
        get_seconds_clock(), deprecatedLogs().journal("PeerFinder"), config))
    , m_resolver (resolver)
    , next_id_(1)
+    , timer_count_(0)
 {
    beast::PropertyStream::Source::add (m_peerFinder.get());
 }
@@ -585,8 +589,7 @@ OverlayImpl::crawl()
    std::lock_guard <decltype(mutex_)> lock (mutex_);
    for (auto const& e : m_publicKeyMap)
    {
-        auto const sp = e.second.lock();
-        if (sp)
+        if (auto const sp = e.second.lock())
        {
            auto& pv = av.append(Json::Value(Json::objectValue));
            pv[jss::type] = "peer";
@@ -648,6 +651,30 @@ OverlayImpl::getActivePeers()
    return ret;
 }

+void
+OverlayImpl::checkSanity (std::uint32_t index)
+{
+    std::lock_guard <decltype(mutex_)> lock (mutex_);
+
+    for (auto const& e : m_publicKeyMap)
+    {
+        if (auto const sp = e.second.lock())
+            sp->checkSanity (index);
+    }
+}
+
+void
+OverlayImpl::check ()
+{
+    std::lock_guard <decltype(mutex_)> lock (mutex_);
+
+    for (auto const& e : m_publicKeyMap)
+    {
+        if (auto const sp = e.second.lock())
+            sp->check ();
+    }
+}
+
 Peer::ptr
 OverlayImpl::findPeerByShortID (Peer::id_t const& id)
 {