diff --git a/src/Application.h b/src/Application.h index 4bdde4c19a..b63ff58d41 100644 --- a/src/Application.h +++ b/src/Application.h @@ -83,8 +83,8 @@ public: NodeCache& getNodeCache() { return mNodeCache; } HashedObjectStore& getHashedObjectStore() { return mHashedObjectStore; } ValidationCollection& getValidations() { return mValidations; } - bool suppress(const uint256& s) { return mSuppressions.addSuppression(s); } - bool suppress(const uint160& s) { return mSuppressions.addSuppression(s); } + bool isNew(const uint256& s) { return mSuppressions.addSuppression(s); } + bool isNew(const uint160& s) { return mSuppressions.addSuppression(s); } DatabaseCon* getTxnDB() { return mTxnDB; } DatabaseCon* getLedgerDB() { return mLedgerDB; } diff --git a/src/NetworkOPs.cpp b/src/NetworkOPs.cpp index c711487caa..af6c3d2756 100644 --- a/src/NetworkOPs.cpp +++ b/src/NetworkOPs.cpp @@ -98,7 +98,7 @@ Transaction::pointer NetworkOPs::processTransaction(Transaction::pointer trans, } Log(lsDEBUG) << "Status other than success " << r ; - if ((mMode != omFULL) && (theApp->suppress(trans->getID()))) + if ((mMode != omFULL) && (theApp->isNew(trans->getID()))) { newcoin::TMTransaction tx; Serializer s; @@ -521,23 +521,27 @@ bool NetworkOPs::recvPropose(uint32 proposeSeq, const uint256& proposeHash, // XXX Validate key. // XXX Take a vuc for pubkey. - NewcoinAddress naPeerPublic = NewcoinAddress::createNodePublic(strCopy(pubKey)); + NewcoinAddress naPeerPublic = NewcoinAddress::createNodePublic(strCopy(pubKey)); + LedgerProposal::pointer proposal = + boost::make_shared(mConsensus->getLCL(), proposeSeq, proposeHash, naPeerPublic); + uint256 signingHash = proposal->getSigningHash(); - if (mMode != omFULL) + if (!theApp->isNew(signingHash)) + return false; + + if ((mMode != omFULL) && (mMode != omTRACKING)) { - Log(lsINFO) << "Received proposal when not full: " << mMode; - Serializer s(signature); - return theApp->suppress(s.getSHA512Half()); + Log(lsINFO) << "Received proposal when not full/tracking: " << mMode; + return true; } + if (!mConsensus) { Log(lsWARNING) << "Received proposal when full but not during consensus window"; return false; } - LedgerProposal::pointer proposal = - boost::make_shared(mConsensus->getLCL(), proposeSeq, proposeHash, naPeerPublic); - if (!proposal->checkSign(signature)) + if (!proposal->checkSign(signature, signingHash)) { // Note that if the LCL is different, the signature check will fail Log(lsWARNING) << "Ledger proposal fails signature check"; return false; @@ -545,15 +549,14 @@ bool NetworkOPs::recvPropose(uint32 proposeSeq, const uint256& proposeHash, // Is this node on our UNL? // XXX Is this right? - if (!theApp->getUNL().nodeInUNL(naPeerPublic)) + if (!theApp->getUNL().nodeInUNL(proposal->peekSeed())) { - Log(lsINFO) << "Relay, but no process peer proposal " << proposal->getProposeSeq() << "/" - << proposal->getCurrentHash().GetHex(); + Log(lsINFO) << "Untrusted proposal: " << naPeerPublic.humanNodePublic() << " " << + proposal->getCurrentHash().GetHex(); return true; } return mConsensus->peerPosition(proposal); - } SHAMap::pointer NetworkOPs::getTXMap(const uint256& hash) diff --git a/src/Peer.cpp b/src/Peer.cpp index 597e25168b..6159f186f0 100644 --- a/src/Peer.cpp +++ b/src/Peer.cpp @@ -730,12 +730,16 @@ void Peer::recvValidation(newcoin::TMValidation& packet) punishPeer(PP_UNKNOWN_REQUEST); return; } + try { Serializer s(packet.validation()); SerializerIterator sit(s); SerializedValidation::pointer val = boost::make_shared(boost::ref(sit)); - if (!val->isValid()) + uint256 signingHash = val->getSigningHash(); + if (!theApp->isNew(signingHash)) + return; + if (!val->isValid(signingHash)) { punishPeer(PP_UNKNOWN_REQUEST); return;