diff --git a/.changelog/v0.38.14/bug-fixes/0021-abc-panic-precommit-validator-index.md b/.changelog/v0.38.14/bug-fixes/0021-abc-panic-precommit-validator-index.md new file mode 100644 index 00000000000..bc0147562c2 --- /dev/null +++ b/.changelog/v0.38.14/bug-fixes/0021-abc-panic-precommit-validator-index.md @@ -0,0 +1,3 @@ +- `[consensus]` Do not panic if the validator index of a `Vote` message is out + of bounds, when vote extensions are enabled + ([\#ABC-0021](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj)) diff --git a/.changelog/v0.38.14/dependencies/4297-update-cometbft-db.md b/.changelog/v0.38.14/dependencies/4297-update-cometbft-db.md new file mode 100644 index 00000000000..c7d8fb3c090 --- /dev/null +++ b/.changelog/v0.38.14/dependencies/4297-update-cometbft-db.md @@ -0,0 +1,2 @@ +- Bump cometbft-db version to v0.15.0 + ([\#4297](https://github.com/cometbft/cometbft/pull/4297)) diff --git a/.changelog/v0.38.14/dependencies/4297-update-go.md b/.changelog/v0.38.14/dependencies/4297-update-go.md new file mode 100644 index 00000000000..ee7a8789976 --- /dev/null +++ b/.changelog/v0.38.14/dependencies/4297-update-go.md @@ -0,0 +1,2 @@ +- `[go/runtime]` Bump Go version to 1.23 + ([\#4297](https://github.com/cometbft/cometbft/pull/4297)) diff --git a/.changelog/v0.38.14/improvements/3519-p2p-reconnect-interval-1day.md b/.changelog/v0.38.14/improvements/3519-p2p-reconnect-interval-1day.md new file mode 100644 index 00000000000..b6efc0182fa --- /dev/null +++ b/.changelog/v0.38.14/improvements/3519-p2p-reconnect-interval-1day.md @@ -0,0 +1,2 @@ +- `[p2p]` fix exponential backoff logic to increase reconnect retries close to 24 hours + ([\#3519](https://github.com/cometbft/cometbft/issues/3519)) diff --git a/.changelog/v0.38.14/summary.md b/.changelog/v0.38.14/summary.md new file mode 100644 index 00000000000..ca43d75c509 --- /dev/null +++ b/.changelog/v0.38.14/summary.md @@ -0,0 +1,7 @@ +*November 6, 2024* + +This release fixes a security vulnerability in the vote extensions (VE) +validation logic. For more details, please refer to +[ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj). + +We recommend upgrading ASAP if you’re using vote extensions (VE). diff --git a/.changelog/v0.38.15/summary.md b/.changelog/v0.38.15/summary.md new file mode 100644 index 00000000000..84636b13dd6 --- /dev/null +++ b/.changelog/v0.38.15/summary.md @@ -0,0 +1,9 @@ +*November 6, 2024* + +This release supersedes [`v0.38.14`](#v03814), which mistakenly updated the Go version to +`1.23`, introducing an unintended breaking change. It sets the Go version back +to `1.22.7` by reverting [\#4297](https://github.com/cometbft/cometbft/pull/4297). + +The release includes the bug fixes, performance improvements, and importantly, +the fix for the security vulnerability in the vote extensions (VE) validation +logic that were part of `v0.38.14`. For more details, please refer to [ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj). diff --git a/.github/workflows/proto-lint.yml b/.github/workflows/proto-lint.yml index 376bd6f9dce..180f25c9785 100644 --- a/.github/workflows/proto-lint.yml +++ b/.github/workflows/proto-lint.yml @@ -15,7 +15,7 @@ jobs: timeout-minutes: 5 steps: - uses: actions/checkout@v4 - - uses: bufbuild/buf-setup-action@v1.45.0 + - uses: bufbuild/buf-setup-action@v1.46.0 - uses: bufbuild/buf-lint-action@v1 with: input: 'proto' diff --git a/CHANGELOG.md b/CHANGELOG.md index 40196034c61..4d24e905491 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,45 @@ # CHANGELOG +## v0.38.15 + +*November 6, 2024* + +This release supersedes [`v0.38.14`](#v03814), which mistakenly updated the Go version to +`1.23`, introducing an unintended breaking change. It sets the Go version back +to `1.22.7` by reverting [\#4297](https://github.com/cometbft/cometbft/pull/4297). + +The release includes the bug fixes, performance improvements, and importantly, +the fix for the security vulnerability in the vote extensions (VE) validation +logic that were part of `v0.38.14`. For more details, please refer to [ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj). + +## v0.38.14 + +*November 6, 2024* + +This release fixes a security vulnerability in the vote extensions (VE) +validation logic. For more details, please refer to +[ASA-2024-011](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj). + +We recommend upgrading ASAP if you’re using vote extensions (VE). + +### BUG FIXES + +- `[consensus]` Do not panic if the validator index of a `Vote` message is out + of bounds, when vote extensions are enabled + ([\#ABC-0021](https://github.com/cometbft/cometbft/security/advisories/GHSA-p7mv-53f2-4cwj)) + +### DEPENDENCIES + +- Bump cometbft-db version to v0.15.0 + ([\#4297](https://github.com/cometbft/cometbft/pull/4297)) +- `[go/runtime]` Bump Go version to 1.23 + ([\#4297](https://github.com/cometbft/cometbft/pull/4297)) + +### IMPROVEMENTS + +- `[p2p]` fix exponential backoff logic to increase reconnect retries close to 24 hours + ([\#3519](https://github.com/cometbft/cometbft/issues/3519)) + ## v0.38.13 *October 24, 2024* @@ -392,7 +432,7 @@ gossip. ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) - `[config]` Add mempool parameters `experimental_max_gossip_connections_to_persistent_peers` and `experimental_max_gossip_connections_to_non_persistent_peers` for limiting the number of peers to - which the node gossip transactions. + which the node gossip transactions. ([\#1558](https://github.com/cometbft/cometbft/pull/1558)) ([\#1584](https://github.com/cometbft/cometbft/pull/1584)) diff --git a/consensus/errors.go b/consensus/errors.go new file mode 100644 index 00000000000..2c151ac0037 --- /dev/null +++ b/consensus/errors.go @@ -0,0 +1,9 @@ +package consensus + +type ErrInvalidVote struct { + Reason string +} + +func (e ErrInvalidVote) Error() string { + return "invalid vote: " + e.Reason +} diff --git a/consensus/reactor_test.go b/consensus/reactor_test.go index aed400188ac..0328db4dfaa 100644 --- a/consensus/reactor_test.go +++ b/consensus/reactor_test.go @@ -26,6 +26,7 @@ import ( "github.com/cometbft/cometbft/libs/bytes" "github.com/cometbft/cometbft/libs/json" "github.com/cometbft/cometbft/libs/log" + cmtrand "github.com/cometbft/cometbft/libs/rand" cmtsync "github.com/cometbft/cometbft/libs/sync" mempl "github.com/cometbft/cometbft/mempool" "github.com/cometbft/cometbft/p2p" @@ -1126,3 +1127,39 @@ func TestMarshalJSONPeerState(t *testing.T) { "block_parts":"0"} }`, string(data)) } + +func TestVoteMessageValidateBasic(t *testing.T) { + _, vss := randState(2) + + randBytes := cmtrand.Bytes(tmhash.Size) + blockID := types.BlockID{ + Hash: randBytes, + PartSetHeader: types.PartSetHeader{ + Total: 1, + Hash: randBytes, + }, + } + vote := signVote(vss[1], cmtproto.PrecommitType, randBytes, blockID.PartSetHeader, true) + + testCases := []struct { + malleateFn func(*VoteMessage) + expErr string + }{ + {func(_ *VoteMessage) {}, ""}, + {func(msg *VoteMessage) { msg.Vote.ValidatorIndex = -1 }, "negative ValidatorIndex"}, + // INVALID, but passes ValidateBasic, since the method does not know the number of active validators + {func(msg *VoteMessage) { msg.Vote.ValidatorIndex = 1000 }, ""}, + } + + for i, tc := range testCases { + t.Run(fmt.Sprintf("#%d", i), func(t *testing.T) { + msg := &VoteMessage{vote} + + tc.malleateFn(msg) + err := msg.ValidateBasic() + if tc.expErr != "" && assert.Error(t, err) { //nolint:testifylint // require.Error doesn't work with the conditional here + assert.Contains(t, err.Error(), tc.expErr) + } + }) + } +} diff --git a/consensus/state.go b/consensus/state.go index 0661845d998..b70f7ce3e28 100644 --- a/consensus/state.go +++ b/consensus/state.go @@ -2211,6 +2211,14 @@ func (cs *State) addVote(vote *types.Vote, peerID p2p.ID) (added bool, err error // Here, we verify the signature of the vote extension included in the vote // message. _, val := cs.state.Validators.GetByIndex(vote.ValidatorIndex) + if val == nil { // TODO: we should disconnect from this malicious peer + valsCount := cs.state.Validators.Size() + cs.Logger.Info("Peer sent us vote with invalid ValidatorIndex", + "peer", peerID, + "validator_index", vote.ValidatorIndex, + "len_validators", valsCount) + return added, ErrInvalidVote{Reason: fmt.Sprintf("ValidatorIndex %d is out of bounds [0, %d)", vote.ValidatorIndex, valsCount)} + } if err := vote.VerifyExtension(cs.state.ChainID, val.PubKey); err != nil { return false, err } diff --git a/consensus/state_test.go b/consensus/state_test.go index 66169bb3b3d..867c45d71ae 100644 --- a/consensus/state_test.go +++ b/consensus/state_test.go @@ -1938,6 +1938,38 @@ func TestVoteExtensionEnableHeight(t *testing.T) { } } +// TestStateDoesntCrashOnInvalidVote tests that the state does not crash when +// receiving an invalid vote. In particular, one with the incorrect +// ValidatorIndex. +func TestStateDoesntCrashOnInvalidVote(t *testing.T) { + cs, vss := randState(2) + height, round := cs.Height, cs.Round + // create dummy peer + peer := p2pmock.NewPeer(nil) + + startTestRound(cs, height, round) + + _, propBlock := decideProposal(context.Background(), t, cs, vss[0], height, round) + propBlockParts, err := propBlock.MakePartSet(types.BlockPartSizeBytes) + assert.NoError(t, err) + + vote := signVote(vss[1], cmtproto.PrecommitType, propBlock.Hash(), propBlockParts.Header(), true) + + // Non-existent validator index + vote.ValidatorIndex = int32(len(vss)) + + voteMessage := &VoteMessage{vote} + assert.NotPanics(t, func() { + cs.handleMsg(msgInfo{voteMessage, peer.ID()}) + }) + + added, err := cs.AddVote(vote, peer.ID()) + assert.False(t, added) + assert.NoError(t, err) + // TODO: uncomment once we punish peer and return an error + // assert.Equal(t, ErrInvalidVote{Reason: "ValidatorIndex 2 is out of bounds [0, 2)"}, err) +} + // 4 vals, 3 Nil Precommits at P0 // What we want: // P0 waits for timeoutPrecommit before starting next round diff --git a/go.mod b/go.mod index 8b772ec6a66..44f92d2e904 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/adlio/schema v1.3.6 github.com/btcsuite/btcd/btcutil v1.1.6 github.com/cenkalti/backoff v2.2.1+incompatible // indirect - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 github.com/fortytw2/leaktest v1.3.0 github.com/go-kit/kit v0.13.0 github.com/go-kit/log v0.2.1 @@ -20,9 +20,9 @@ require ( github.com/minio/highwayhash v1.0.3 github.com/ory/dockertest v3.3.5+incompatible github.com/pkg/errors v0.9.1 - github.com/prometheus/client_golang v1.20.4 + github.com/prometheus/client_golang v1.20.5 github.com/prometheus/client_model v0.6.1 - github.com/prometheus/common v0.59.1 + github.com/prometheus/common v0.60.1 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 github.com/rs/cors v1.11.1 github.com/sasha-s/go-deadlock v0.3.5 @@ -30,9 +30,9 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/viper v1.19.0 github.com/stretchr/testify v1.9.0 - golang.org/x/crypto v0.27.0 - golang.org/x/net v0.29.0 - google.golang.org/grpc v1.67.0 + golang.org/x/crypto v0.28.0 + golang.org/x/net v0.30.0 + google.golang.org/grpc v1.67.1 ) require github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 @@ -48,7 +48,7 @@ require ( github.com/oasisprotocol/curve25519-voi v0.0.0-20220708102147-0a8a51822cae golang.org/x/sync v0.8.0 gonum.org/v1/gonum v0.15.1 - google.golang.org/protobuf v1.34.2 + google.golang.org/protobuf v1.35.1 ) // modules for rollup sync @@ -137,8 +137,8 @@ require ( go.uber.org/multierr v1.10.0 // indirect golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb // indirect golang.org/x/mod v0.17.0 // indirect - golang.org/x/sys v0.25.0 // indirect - golang.org/x/text v0.18.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/text v0.19.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect @@ -149,6 +149,8 @@ require ( ) retract ( + // bumped go version in minor release + v0.38.14 // a regression was introduced v0.38.4 // a breaking change was introduced diff --git a/go.sum b/go.sum index c1b9b5ab959..728743eb503 100644 --- a/go.sum +++ b/go.sum @@ -102,10 +102,12 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0= github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc= +github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y= +github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= github.com/decred/dcrd/lru v1.0.0/go.mod h1:mxKOwFd7lFjN2GZYsiz/ecgqR6kkYAl+0pz0tEMk218= github.com/denisenkom/go-mssqldb v0.12.0 h1:VtrkII767ttSPNRfFekePK3sctr+joXgO58stqQbtUA= github.com/denisenkom/go-mssqldb v0.12.0/go.mod h1:iiK0YP1ZeepvmBQk/QpLEhhTNJgfzrpArPY/aFvc9yU= @@ -308,13 +310,13 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.20.4 h1:Tgh3Yr67PaOv/uTqloMsCEdeuFTatm5zIq5+qNN23vI= -github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.59.1 h1:LXb1quJHWm1P6wq/U824uxYi4Sg0oGvNeUm1z5dJoX0= -github.com/prometheus/common v0.59.1/go.mod h1:GpWM7dewqmVYcd7SmRaiWVe9SSqjf0UrwnYnpEZNuT0= +github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPAaSc= +github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= @@ -397,8 +399,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= -golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb h1:c0vyKkb6yr3KR7jEfJaOSv4lG7xPkbN6r52aJz1d8a8= golang.org/x/exp v0.0.0-20231206192017-f3f8817b8deb/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= @@ -430,8 +432,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= +golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -468,15 +470,15 @@ golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= +golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -485,8 +487,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= -golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= +golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -519,8 +521,8 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.67.0 h1:IdH9y6PF5MPSdAntIcpjQ+tXO41pcQsfZV2RxtQgVcw= -google.golang.org/grpc v1.67.0/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= +google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= +google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -530,8 +532,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= diff --git a/p2p/switch.go b/p2p/switch.go index 68ad5669b3e..4afe4ba45e0 100644 --- a/p2p/switch.go +++ b/p2p/switch.go @@ -388,7 +388,8 @@ func (sw *Switch) stopAndRemovePeer(peer Peer, reason interface{}) { } // reconnectToPeer tries to reconnect to the addr, first repeatedly -// with a fixed interval, then with exponential backoff. +// with a fixed interval (approximately 2 minutes), then with +// exponential backoff (approximately close to 24 hours). // If no success after all that, it stops trying, and leaves it // to the PEX/Addrbook to find the peer with the addr again // NOTE: this will keep trying even if the handshake or auth fails. @@ -404,6 +405,7 @@ func (sw *Switch) reconnectToPeer(addr *NetAddress) { start := time.Now() sw.Logger.Info("Reconnecting to peer", "addr", addr) + for i := 0; i < reconnectAttempts; i++ { if !sw.IsRunning() { return @@ -424,7 +426,7 @@ func (sw *Switch) reconnectToPeer(addr *NetAddress) { sw.Logger.Error("Failed to reconnect to peer. Beginning exponential backoff", "addr", addr, "elapsed", time.Since(start)) - for i := 0; i < reconnectBackOffAttempts; i++ { + for i := 1; i <= reconnectBackOffAttempts; i++ { if !sw.IsRunning() { return } diff --git a/version/version.go b/version/version.go index 458932794f3..791f182c8e3 100644 --- a/version/version.go +++ b/version/version.go @@ -3,7 +3,7 @@ package version const ( // TMVersionDefault is the used as the fallback version of CometBFT // when not using git describe. It is formatted with semantic versioning. - TMCoreSemVer = "0.38.13" + TMCoreSemVer = "0.38.15" // ABCISemVer is the semantic version of the ABCI protocol ABCISemVer = "2.0.0" ABCIVersion = ABCISemVer