Merge a214e0f26d into 893916ad09

Cleanup TCP throttling code (performance) + move connection checks
2024-12-04 23:51:08 +02:00 · 2024-11-26 02:25:52 +00:00 · 2024-11-25 20:56:48 -05:00
2 changed files with 29 additions and 17 deletions
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@ -174,6 +174,19 @@ namespace nodetool
  template<class t_payload_net_handler>
  bool node_server<t_payload_net_handler>::is_remote_host_allowed(const epee::net_utils::network_address &address, time_t *t)
  {
+    const network_zone& zone = m_network_zones.at(address.get_zone());
+    if (zone.m_current_number_of_in_peers >= zone.m_config.m_net_config.max_in_connection_count) // in peers limit
+    {
+      MWARNING("Exceeded max incoming connections, so dropping this one.");
+      return false;
+    }
+
+    if(has_too_many_connections(address))
+    {
+      MWARNING("CONNECTION FROM " << address.host_str() << " REFUSED, too many connections from the same address");
+      return false;
+    }
+
    CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);

    const time_t now = time(nullptr);
@ -2543,13 +2556,6 @@ namespace nodetool
      return 1;
    }

-    if (zone.m_current_number_of_in_peers >= zone.m_config.m_net_config.max_in_connection_count) // in peers limit
-    {
-      LOG_WARNING_CC(context, "COMMAND_HANDSHAKE came, but already have max incoming connections, so dropping this one.");
-      drop_connection(context);
-      return 1;
-    }
-
    if(!m_payload_handler.process_payload_sync_data(arg.payload_data, context, true))
    {
      LOG_WARNING_CC(context, "COMMAND_HANDSHAKE came, but process_payload_sync_data returned false, dropping connection.");
@ -2559,13 +2565,6 @@ namespace nodetool

    zone.m_notifier.on_handshake_complete(context.m_connection_id, context.m_is_income);

-    if(has_too_many_connections(context.m_remote_address))
-    {
-      LOG_PRINT_CCONTEXT_L1("CONNECTION FROM " << context.m_remote_address.host_str() << " REFUSED, too many connections from the same address");
-      drop_connection(context);
-      return 1;
-    }
-
    //associate peer_id with this connection
    context.peer_id = arg.node_data.peer_id;
    context.m_in_timedsync = false;
@ -2885,15 +2884,16 @@ namespace nodetool
      if (cntxt.m_is_income && cntxt.m_remote_address.is_same_host(address)) {
        count++;

-        if (count > max_connections) {
+        // the only call location happens BEFORE foreach_connection list is updated
+        if (count >= max_connections) {
          return false;
        }
      }

      return true;
    });
-
-    return count > max_connections;
+    // the only call location happens BEFORE foreach_connection list is updated
+    return count >= max_connections;
  }

  template<class t_payload_net_handler>
--- a/tests/unit_tests/node_server.cpp
+++ b/tests/unit_tests/node_server.cpp
@ -224,6 +224,18 @@ TEST(ban, subnet)
  test_core pr_core;
  cryptonote::t_cryptonote_protocol_handler<test_core> cprotocol(pr_core, NULL);
  Server server(cprotocol);
+  {
+    boost::program_options::options_description opts{};
+    Server::init_options(opts);
+    cryptonote::core::init_options(opts);
+
+    char** args = nullptr;
+    boost::program_options::variables_map vm;
+    boost::program_options::store(
+      boost::program_options::parse_command_line(0, args, opts), vm
+    );
+    server.init(vm);
+  }
  cprotocol.set_p2p_endpoint(&server);

  ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,24), 10));
Author	SHA1	Message	Date
Lee ! Clagett	205abbc8ea	Merge `a214e0f26d` into `893916ad09`	2024-11-26 02:25:52 +00:00
Lee ! Clagett	a214e0f26d	Cleanup TCP throttling code (performance) + move connection checks	2024-11-25 20:56:48 -05:00