During the handshake for an incoming connection, the peer id is checked against the local node's peer id only for the specific zone of the incoming peer, in order to avoid linking public addresses to tor addresses:
5d7ae2d279/src/p2p/net_node.inl (L2343)
However, on handshakes for outgoing connections, all zones are checked:
5d7ae2d279/src/p2p/net_node.inl (L1064)
If an attacker wanted to link a specific tor node to a public node, they could potentially connect to as many public nodes as possible, get themselves added to the peer whitelist, maybe stuff some more attacker-owned addresses into the greylist, then disconnect, and for any future incoming connections, respond with the tor node's id in an attempt to link the public/tor addresses.
This fixes rapid reconnections failing as the peer hasn't yet
worked out the other side is gone, and will reject "duplicate"
connections until a timeout.
912ff6abe simplewallet: plug a timing leak (moneromooo-monero)
cc2fc0bc3 epee: allow a random component in once_a_time timeouts (moneromooo-monero)
c0f504787 wallet: reuse cached height when set after refresh (moneromooo-monero)
f98d9673e wallet2: fix is_synced checking target height, not height (moneromooo-monero)
98cdc8492 wallet: fix another facet of "did I get some monero" information leak (moneromooo-monero)
69b8aa5a2 wallet2: do not send an unnecessary last getblocks.bin call on refresh (moneromooo-monero)
2ca057402 wallet2: do not repeatedly ask for pool txes sent to us (moneromooo-monero)
Make sure it links to our libtinfo from our ncurses build.
Hardcode some basic terminal descriptions into our libtinfo.
Re-enable $HOME/.terminfo support to allow user customization.
Use unlikely terminfo-dir, to prevent accidentally using
differently-configured system databases.
As reported by Tramèr et al, timing of refresh requests can be used
to see whether a password was requested (and thus at least one output
received) since this will induce a delay in subsequent calls.
To avoid this, we schedule calls at a given time instead of sleeping
for a set time (which would make delays additive).
To further avoid a scheduled call being during the time in which a
password is prompted, the actual scheduled time is now randomized.
