[Fix] Allow connection of a noban banned peer #16618

NicolasDorier · 2019-08-15T07:37:34Z

Reported by @MarcoFalke on #16248 (comment)

The bug would mean that if the peer connecting to you is banned, but whitelisted without specific permissions, it would not be able to connect to the node.

The solution is just to move the same line below.

GChuf · 2019-08-15T10:34:54Z

Is this safe to do? What are the implications of connecting to a peer that would otherwise be banned?

Sjors · 2019-08-15T10:52:47Z

@Gapeman afaik that was the behavior before #16248 (which was not supposed to change existing behavior).

@NicolasDorier would be nice to have a test for this.

NicolasDorier · 2019-08-15T13:12:07Z

@Gapeman if your config specifically say that you don't want to ban a peer, then it should not be banned.

As @Sjors says, I just want to keep current behavior working as before.

I can take a look to see if I can make a test for that.

NicolasDorier · 2019-08-15T13:28:24Z

I refactored it to properly scope some variables. Writing a test so such regression can't happen.

NicolasDorier · 2019-08-15T14:02:55Z

Fixed the bug, and added an anti regression test for setban

naumenkogs · 2019-08-15T14:08:17Z

utACK a0d2e2b

test/functional/rpc_setban.py

Sjors

Travis failed due to lint issue. Maybe rename rpc_setban.py to p2p_whitelist.py?

Sjors · 2019-08-15T14:23:19Z

test/functional/rpc_setban.py

Maybe pass node in directly and split into assert_has_permission(self, node, permission) and assert_has_no_permission(self, node, permission)

what about assert_equal(True, self.hasPermision(...)) ?

That said, I don't think it should pass the nodes to this method. It is confusing (there is two nodes: the node that is permissioned, and the node on which we want to check permissions).

assert(self.hasPermision(...)) is even simpler.

You could pass both nodes. Or you could document at the top of the test file which hardcoded nodes do what.

Sorry but I think you could just inline this - it's longer as it is with the contains arg.

promag

ACK

promag · 2019-08-16T00:02:39Z

test/functional/rpc_setban.py

Sorry but I think you could just inline this - it's longer as it is with the contains arg.

NicolasDorier · 2019-08-16T04:19:08Z

As @promag suggested, I instead just inlined the permission checked, it is actually more readable.

I also check in the logs that we really prevent connection because of the ban. I also added a test to setban x remove.

NicolasDorier · 2019-08-16T04:23:19Z

@Sjors rpc_setban is the right name, I really want to test setban, so I added it in the whitelist of authorized term.

Sjors · 2019-08-16T08:22:20Z

Agree inline is more clear. utACK d117f45

maflcko · 2019-08-16T14:09:09Z

ACK d117f45

Show signature and timestamp

Signature:

Timestamp of file with hash 74a14b73630691da8ffa64e5b597d7fd7246787327bba54579da5c03c881ec01 -

@MarcoFalke

d117f45 Add test for setban (nicolas.dorier) dc7529a [Fix] Allow connection of a noban banned peer (nicolas.dorier) Pull request description: Reported by @MarcoFalke on bitcoin#16248 (comment) The bug would mean that if the peer connecting to you is banned, but whitelisted without specific permissions, it would not be able to connect to the node. The solution is just to move the same line below. ACKs for top commit: Sjors: Agree inline is more clear. utACK d117f45 MarcoFalke: ACK d117f45 Tree-SHA512: 0fed39acb1e8db67bb0bf4c4de3ad034ae776f38d55bd661f1ae0e1a4c6becaf1824ab46ed8279f2f31df3f4b29ff56461d8b167d3e9cece62cfe58b5a912811

Github-Pull: bitcoin#16618 Rebased-From: dc7529a

Github-Pull: bitcoin#16618 Rebased-From: d117f45

Summary: * Add test for setban This is a backport of Core [[bitcoin/bitcoin#16618 | PR16618]] Test Plan: ninja all check-all Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D5935

@MarcoFalke

d117f45 Add test for setban (nicolas.dorier) dc7529a [Fix] Allow connection of a noban banned peer (nicolas.dorier) Pull request description: Reported by @MarcoFalke on bitcoin#16248 (comment) The bug would mean that if the peer connecting to you is banned, but whitelisted without specific permissions, it would not be able to connect to the node. The solution is just to move the same line below. ACKs for top commit: Sjors: Agree inline is more clear. utACK d117f45 MarcoFalke: ACK d117f45 Tree-SHA512: 0fed39acb1e8db67bb0bf4c4de3ad034ae776f38d55bd661f1ae0e1a4c6becaf1824ab46ed8279f2f31df3f4b29ff56461d8b167d3e9cece62cfe58b5a912811

NicolasDorier mentioned this pull request Aug 15, 2019

Make whitebind/whitelist permissions more flexible #16248

Merged

fanquake added the P2P label Aug 15, 2019

NicolasDorier force-pushed the fix/noban-banned branch 2 times, most recently from c5ea3bd to 72bf177 Compare August 15, 2019 13:27

[Fix] Allow connection of a noban banned peer

dc7529a

NicolasDorier force-pushed the fix/noban-banned branch 2 times, most recently from f235f8c to 4062967 Compare August 15, 2019 14:02

NicolasDorier force-pushed the fix/noban-banned branch from 4062967 to a0d2e2b Compare August 15, 2019 14:04

maflcko added this to the 0.19.0 milestone Aug 15, 2019

maflcko reviewed Aug 15, 2019

View reviewed changes

test/functional/rpc_setban.py Outdated Show resolved Hide resolved

Sjors reviewed Aug 15, 2019

View reviewed changes

NicolasDorier force-pushed the fix/noban-banned branch from a0d2e2b to b3e2a6e Compare August 15, 2019 15:16

promag reviewed Aug 16, 2019

View reviewed changes

test/functional/rpc_setban.py Outdated

Copy link

Contributor

promag Aug 16, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry but I think you could just inline this - it's longer as it is with the contains arg.

NicolasDorier force-pushed the fix/noban-banned branch from b3e2a6e to 50590a3 Compare August 16, 2019 04:18

NicolasDorier force-pushed the fix/noban-banned branch 3 times, most recently from 769edfa to a825d91 Compare August 16, 2019 04:21

Add test for setban

d117f45

NicolasDorier force-pushed the fix/noban-banned branch from a825d91 to d117f45 Compare August 16, 2019 04:40

maflcko merged commit d117f45 into bitcoin:master Aug 16, 2019

luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this pull request Sep 3, 2019

[Fix] Allow connection of a noban banned peer

358051e

Github-Pull: bitcoin#16618 Rebased-From: dc7529a

luke-jr pushed a commit to bitcoinknots/bitcoin that referenced this pull request Sep 3, 2019

Add test for setban

7a0fe38

Github-Pull: bitcoin#16618 Rebased-From: d117f45

bitcoin locked as resolved and limited conversation to collaborators Dec 16, 2021

[Fix] Allow connection of a noban banned peer #16618

[Fix] Allow connection of a noban banned peer #16618

Uh oh!

Conversation

NicolasDorier commented Aug 15, 2019

Uh oh!

GChuf commented Aug 15, 2019

Uh oh!

Sjors commented Aug 15, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

NicolasDorier commented Aug 15, 2019

Uh oh!

NicolasDorier commented Aug 15, 2019

Uh oh!

NicolasDorier commented Aug 15, 2019

Uh oh!

naumenkogs commented Aug 15, 2019

Uh oh!

Uh oh!

Sjors left a comment

Choose a reason for hiding this comment

Uh oh!

Sjors Aug 15, 2019

Choose a reason for hiding this comment

Uh oh!

NicolasDorier Aug 15, 2019

Choose a reason for hiding this comment

Uh oh!

Sjors Aug 15, 2019

Choose a reason for hiding this comment

Uh oh!

promag Aug 16, 2019

Choose a reason for hiding this comment

Uh oh!

promag left a comment

Choose a reason for hiding this comment

Uh oh!

promag Aug 16, 2019

Choose a reason for hiding this comment

Uh oh!

NicolasDorier commented Aug 16, 2019

Uh oh!

NicolasDorier commented Aug 16, 2019

Uh oh!

Sjors commented Aug 16, 2019

Uh oh!

maflcko commented Aug 16, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

Sjors commented Aug 15, 2019 •

edited

Loading