-
Gavin Andresen authored
Fixes issue #2178 : attacker could penny-flood with invalid-signature transactions to deduce which addresses belonged to your node. I'm committing this early for code review; I still need to write up a test plan. Executive summary of fix: check all transactions received from the network for penny-flood rate-limiting before adding to the memory pool. But do NOT ratelimit transactions added to the memory pool: - because of blockchain reorgs - stored in the wallet and added at startup - sent from the GUI or one of the send* RPC commands (CWallet::CommitTransaction) The limit-free-transactions code really should be a method on CNode, with counters per-peer. But that is a bigger change for another day.
08bee8fb
