Cache responses to addr requests

Prevents a spy from scraping victim's AddrMan by reconnecting and re-requesting addrs. Github-Pull: bitcoin#18991 Rebased-From: a5cd709
bitcoinknots · Jun 15, 2020 · c217d9b · c217d9b
1 parent 9980371
commit c217d9b
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 5 deletions.
diff --git a/src/net.cpp b/src/net.cpp
@@ -2489,9 +2489,18 @@ void CConnman::AddNewAddresses(const std::vector<CAddress>& vAddr, const CAddres
     addrman.Add(vAddr, addrFrom, nTimePenalty);
 }
 
-std::vector<CAddress> CConnman::GetAddresses()
+std::vector<CAddress> CConnman::GetAddresses(bool from_cache)
 {
-    return addrman.GetAddr();
+    if (from_cache) {
+        const std::chrono::microseconds current_time = GetTime<std::chrono::microseconds>();
+        if (m_update_addr_response < current_time) {
+            m_addrs_response_cache = addrman.GetAddr();
+            m_update_addr_response = current_time + std::chrono::hours(24) + GetRandMillis(std::chrono::hours(3));
+        }
+        return m_addrs_response_cache;
+    } else {
+        return addrman.GetAddr();
+    }
 }
 
 bool CConnman::AddNode(const std::string& strNode)

diff --git a/src/net.h b/src/net.h
@@ -256,7 +256,9 @@ class CConnman
     void SetServices(const CService &addr, ServiceFlags nServices);
     void MarkAddressGood(const CAddress& addr);
     void AddNewAddresses(const std::vector<CAddress>& vAddr, const CAddress& addrFrom, int64_t nTimePenalty = 0);
-    std::vector<CAddress> GetAddresses();
+    // Cache is used to minimize topology leaks, so it should
+    // be used for all non-trusted calls, for example, p2p.
+    std::vector<CAddress> GetAddresses(bool from_cache);
 
     // This allows temporarily exceeding m_max_outbound_full_relay, with the goal of finding
     // a peer that is better than all our current peers.
@@ -424,6 +426,13 @@ class CConnman
     std::atomic<NodeId> nLastNodeId{0};
     unsigned int nPrevNodeCount{0};
 
+    // Cache responses to addr requests to minimize privacy leak.
+    // Attack example: scraping addrs in real-time may allow an attacker
+    // to infer new connections of the victim by detecting new records
+    // with fresh timestamps (per self-announcement).
+    std::vector<CAddress> m_addrs_response_cache;
+    std::chrono::microseconds m_update_addr_response{0};
+
     /**
      * Services this instance offers.
      *

diff --git a/src/net_processing.cpp b/src/net_processing.cpp
@@ -3324,7 +3324,7 @@ bool ProcessMessage(CNode* pfrom, const std::string& msg_type, CDataStream& vRec
         pfrom->fSentAddr = true;
 
         pfrom->vAddrToSend.clear();
-        std::vector<CAddress> vAddr = connman->GetAddresses();
+        std::vector<CAddress> vAddr = connman->GetAddresses(true);
         FastRandomContext insecure_rand;
         for (const CAddress &addr : vAddr) {
             if (!banman->IsBanned(addr)) {

diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp
@@ -744,7 +744,7 @@ static UniValue getnodeaddresses(const JSONRPCRequest& request)
         }
     }
     // returns a shuffled list of CAddress
-    std::vector<CAddress> vAddr = g_rpc_node->connman->GetAddresses();
+    std::vector<CAddress> vAddr = g_rpc_node->connman->GetAddresses(false);
     UniValue ret(UniValue::VARR);
 
     int address_return_count = std::min<int>(count, vAddr.size());