Enable DNS Blocklist (#476)

This PR enables DNS blocklist, and forces it on. This is meant to be a temporary solution to the massive number of outdated nodes. Once the network has stabilized again, DNS blocklist should be disabled by default again. Co-authored-by: _xxfedexx_ <> Reviewed-on: #476 Co-authored-by: _XxFedexX_ <_xxfedexx_@noreply.gitgud.wownero.nl> Co-committed-by: _XxFedexX_ <_xxfedexx_@noreply.gitgud.wownero.nl>
5 months ago · ef8637a396
parent 085d0f1994
commit ef8637a396
3 changed files with 8 additions and 5 deletions
--- a/src/checkpoints/checkpoints.cpp
+++ b/src/checkpoints/checkpoints.cpp
@ -283,6 +283,7 @@ namespace cryptonote

    // All four MoneroPulse domains have DNSSEC on and valid
    static const std::vector<std::string> dns_urls = {
+      "checkpoints.muchwow.lol",
    };

    static const std::vector<std::string> testnet_dns_urls = {
--- a/src/common/dns_utils.cpp
+++ b/src/common/dns_utils.cpp
@ -526,12 +526,12 @@ bool load_txt_records_from_dns(std::vector<std::string> &good_records, const std
    const std::string &url = dns_urls[cur_index];
    if (!avail[cur_index])
    {
-      records[cur_index].clear();
+      //records[cur_index].clear(); TODO: temp skipped DNSSEC
      LOG_PRINT_L2("DNSSEC not available for hostname: " << url << ", skipping.");
    }
    if (!valid[cur_index])
    {
-      records[cur_index].clear();
+      //records[cur_index].clear(); TODO: temp skipped DNSSEC
      LOG_PRINT_L2("DNSSEC validation failed for hostname: " << url << ", skipping.");
    }

@ -552,7 +552,7 @@ bool load_txt_records_from_dns(std::vector<std::string> &good_records, const std
    }
  }

-  if (num_valid_records < 2)
+  if (num_valid_records < 1)
  {
    LOG_PRINT_L2("WARNING: no two valid DNS TXT records were received");
    return false;
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@ -2012,12 +2012,14 @@ namespace nodetool
  template<class t_payload_net_handler>
  bool node_server<t_payload_net_handler>::update_dns_blocklist()
  {
-    if (!m_enable_dns_blocklist)
-      return true;
+    /*if (!m_enable_dns_blocklist) // TODO: temp forced DNS blocklist
+      return true;*/
    if (m_nettype != cryptonote::MAINNET)
      return true;

    static const std::vector<std::string> dns_urls = {
+      "blocklist.wownero.com",
+      "blocklist2.wownero.com",
    };

    std::vector<std::string> records;