@@ -2482,19 +2482,20 @@ void CConnman::ThreadOpenConnections(const std::vector<std::string> connect, CDe
24822482 if (pnode->IsBlockOnlyConn ()) nOutboundBlockRelay++;
24832483 if (pnode->IsFullOutboundConn () && pnode->ConnectedThroughNetwork () == Network::NET_ONION) nOutboundOnionRelay++;
24842484
2485- // Netgroups for inbound and manual peers are not excluded because our goal here
2486- // is to not use multiple of our limited outbound slots on a single netgroup
2487- // but inbound and manual peers do not use our outbound slots. Inbound peers
2488- // also have the added issue that they could be attacker controlled and used
2489- // to prevent us from connecting to particular hosts if we used them here.
2485+ // Make sure our persistent outbound slots belong to different netgroups.
24902486 switch (pnode->m_conn_type ) {
2487+ // We currently don't take inbound connections into account. Since they are
2488+ // free to make, an attacker could make them to prevent us from connecting to
2489+ // certain peers.
24912490 case ConnectionType::INBOUND:
2492- case ConnectionType::MANUAL:
2491+ // Short-lived outbound connections should not affect how we select outbound
2492+ // peers from addrman.
2493+ case ConnectionType::ADDR_FETCH:
2494+ case ConnectionType::FEELER:
24932495 break ;
2496+ case ConnectionType::MANUAL:
24942497 case ConnectionType::OUTBOUND_FULL_RELAY:
24952498 case ConnectionType::BLOCK_RELAY:
2496- case ConnectionType::ADDR_FETCH:
2497- case ConnectionType::FEELER:
24982499 setConnected.insert (m_netgroupman.GetGroup (pnode->addr ));
24992500 } // no default case, so the compiler can warn about missing cases
25002501 }
0 commit comments