net: improves addnode / m_added_nodes logic

[sr-gi]

Rationale

Currently, addnode has a couple of corner cases that allow it to either connect to the same peer more than once, hence wasting outbound connection slots, or add redundant information to m_added_nodes, hence making Bitcoin iterate through useless data on a regular basis.

Connecting to the same node more than once

In general, connecting to the same node more than once is something we should try to prevent. Currently, this is possible via addnode in two different ways:

1. Calling addnode more than once in a short time period, using two equivalent but distinct addresses
2. Calling addnode add using an IP, and addnode onetry after with an address that resolved to the same IP

For the former, the issue boils down to CConnman::ThreadOpenAddedConnections calling CConnman::GetAddedNodeInfo once, and iterating over the result to open connections (CConman::OpenNetworkConnection) on the same loop for all addresses.CConnman::ConnectNode only checks a single address, at random, when resolving from a hostname, and uses it to check whether we are already connected to it.

An example to test this would be calling:

bitcoin-cli addnode "127.0.0.1:port" add
bitcoin-cli addnode "localhost:port" add

And check how it allows us to perform both connections some times, and some times it fails.

The latter boils down to the same issue, but takes advantage of onetry bypassing the CConnman::ThreadOpenAddedConnections logic and calling CConnman::OpenNetworkConnection straightaway. A way to test this would be:

bitcoin-cli addnode "127.0.0.1:port" add
bitcoin-cli addnode "localhost:port" onetry

Adding the same peer with two different, yet equivalent, addresses

The current implementation of addnode is pretty naive when checking what data is added to m_added_nodes. Given the collection stores strings, the checks at CConnman::AddNode() basically check wether the exact provided string is already in the collection. If so, the data is rejected, otherwise, it is accepted. However, ips can be formatted in several ways that would bypass those checks.

Two examples would be 127.0.0.1 being equal to 127.1 and [::1] being equal to [0:0:0:0:0:0:0:1]. Adding any pair of these will be allowed by the rpc command, and both will be reported as connected by getaddednodeinfo, given they map to the same CService.

This is less severe than the previous issue, since even tough both nodes are reported as connected by getaddednodeinfo, there is only a single connection to them (as properly reported by getpeerinfo). However, this adds redundant data to m_added_nodes, which is undesirable.

Parametrize CConnman::GetAddedNodeInfo

Finally, this PR also parametrizes CConnman::GetAddedNodeInfo so it returns either all added nodes info, or only info about the nodes we are not connected to. This method is used both for rpc, in getaddednodeinfo, in which we are reporting all data to the user, so the former applies, and to check what nodes we are not connected to, in CConnman::ThreadOpenAddedConnections, in which we are currently returning more data than needed and then actively filtering using CService.fConnected()

[DrahtBot]

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage

For detailed information about the code coverage, see the test coverage report.

Reviews

See the guideline for information on the review process.

Type	Reviewers
ACK	jonatack, kashifs, mzumsande
Stale ACK	vasild

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

• #28248 (p2p: peer connection bug fixes by jonatack)
• #26812 (test: add end-to-end tests for CConnman and PeerManager by vasild)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

[sr-gi]

I've purposely split this into three commits according to each of the fixes so they can be discussed, and considered independently. That way it'll be easier to remove any if the change does not reach enough consensus.

[kevkevinpal]

would it make sense to add a functional test like the below under

ip_port = "localhost:[]".format(p2p_port='add')
self.nodes[0].addnode(node=ip_port, command='add')

in test/functional/rpc_net.py on line 212
because we shortly after assert that there is only 1 added node added

[sr-gi]

would it make sense to add a functional test like the below under

ip_port = "localhost:[]".format(p2p_port='add')
self.nodes[0].addnode(node=ip_port, command='add')

in test/functional/rpc_net.py on line 212 because we shortly after assert that there is only 1 added node added

I don't think that'd work. You'll still be able to add two nodes that resolve to the same IP using addnode as long as they belong to different namespaces. Lookups are not performed. The difference though is that both connections won't be established. However, the connection is not being checked by the test.

What could be added, however, is a check for 127.0.0.1 and 127.1.

PS: This actually made me realize that the check for whether to add something to m_added_nodes was not good enough.

[sr-gi]

Added a test to test/functional/rpc_net.py and fixed the check on CConnman::AddNode

[jonatack]

Concept ACK. I've been looking at this code lately as well, e.g. bug fixes (5ae9fe1 / c9dbf0b), logic (4820f7f) and logging (d6b0da5) improvements and agree with the issues you report. Will review soon.

[vasild]

Approach ACK a6fcf17

[sr-gi]

Addressed @vasild comments

[vasild]

ACK d0e7e18

Would be nice to print the hostname here: #28155 (comment)

[vasild]

ACK fd8b1db

[sr-gi]

Addresses review comments and add @jonatack's test commits

[jonatack]

ACK fc1e9e4

94e8882, and maybe also 2574b7e, may be worth backporting.

(If any review feedback related to the unit tests, happy to address them in test coverage follow-ups.)

[jonatack]

re-ACK 0420f99

[kashifs]

tACK 0420f9

[mzumsande]

Tested ACK 0420f99

[sr-gi]

tACK 0420f9

Thanks for reviewing! Would you mind sharing what did you test and how?

@vasild would you mind re-acking this when you have some time?

[kashifs]

tACK 0420f9

Thanks for reviewing! Would you mind sharing what did you test and how?

@vasild would you mind re-acking this when you have some time?

I pulled the branch, compiled from source on my Mac, and ran:

./src/test/test_bitcoin -t net_peer_connection_tests -l message -- -printtoconsole=1

and

./src/test/test_bitcoin -t net_peer_connection_tests -l all -- -printtoconsole=1

I also pored over every line of modified code in order to better understand the design.

Is there anything else that I should do that might be helpful?

[sr-gi]

tACK 0420f9

Thanks for reviewing! Would you mind sharing what did you test and how?

@vasild would you mind re-acking this when you have some time?

I pulled the branch, compiled from source on my Mac, and ran:

./src/test/test_bitcoin -t net_peer_connection_tests -l message -- -printtoconsole=1

and

./src/test/test_bitcoin -t net_peer_connection_tests -l all -- -printtoconsole=1

I also pored over every line of modified code in order to better understand the design.

Is there anything else that I should do that might be helpful?

Nope, that's good. Thanks again for reviewing and testing.

[vasild]

ACK 0420f99

[vasild]

nit, naming: maybe a different name would have been better than ConnectNodePublic(), given that it contains extra logic on top of the private ConnectNode().

[jonatack]

True. I'm touching that code for #28248, if you have a naming suggestion.

[vasild]

Dunno, maybe ConnectNodeAndInitialize()?