Merge #19991: net: Use alternative port for incoming Tor connections

96571b3d4cb4cda0fd3d5a457ae4a12f615de82b doc: Update onion service target port numbers in tor.md (Hennadii Stepanov) bb145c9050203b3f3d8bff10fb3bba31da51adb1 net: Extend -bind config option with optional network type (Hennadii Stepanov) 92bd3c1da48d17c8ba20349e18ad19051614bc1a net, refactor: Move AddLocal call one level up (Hennadii Stepanov) 57f17e57c8c410e10c16a46f7372c0ea8b7dd467 net: Pass onion service target to Tor controller (Hennadii Stepanov) e3f07851f02857b4844fccb2e91070c5cd3aad4d refactor: Rename TorController::target to m_tor_control_center (Hennadii Stepanov) fdd3ae4d264f26f87009879838dec035db5a7aed net, refactor: Refactor CBaseChainParams::RPCPort function (Hennadii Stepanov) a5266d4546c444cfd6d36cb63d2df52ce9e689e2 net: Add alternative port for onion service (Hennadii Stepanov) b3273cf4039d26e66ae58a8acb9d865461618d54 net: Use network byte order for in_addr.s_addr (Hennadii Stepanov) Pull request description: This PR adds ability to label incoming Tor connections as different from normal localhost connections. Closes #8973. Closes #16693. Default onion service target ports are: - 8334 on mainnnet - 18334 on testnet - 38334 on signet - 18445 on regtest To set the onion service target socket manually the extended `-bind` config option could be used: ``` $ src/bitcoind -help | grep -A 6 -e '-bind' -bind=<addr>[:<port>][=onion] Bind to given address and always listen on it (default: 0.0.0.0). Use [host]:port notation for IPv6. Append =onion to tag any incoming connections to that address and port as incoming Tor connections (default: 127.0.0.1:8334=onion, testnet: 127.0.0.1:18334=onion, signet: 127.0.0.1:38334=onion, regtest: 127.0.0.1:18445=onion) ``` Since [pr19991.02 update](https://github.com/bitcoin/bitcoin/pull/19991#issuecomment-698882284) this PR is an alternative to #19043. ACKs for top commit: Sjors: re-utACK 96571b3d4cb4cda0fd3d5a457ae4a12f615de82b vasild: ACK 96571b3d4 laanwj: Re-ACK 96571b3d4cb4cda0fd3d5a457ae4a12f615de82b Tree-SHA512: cb0eade80f4b3395f405f775e1b89c086a1f09d5a4464df6cb4faf808d9c2245474e1720b2b538f203f6c1996507f69b09f5a6e35ea42633c10e22bd733d4438
author: Wladimir J. van der Laan <laanwj@protonmail.com> 2020-10-02 13:06:54 +0200
committer: Wladimir J. van der Laan <laanwj@protonmail.com> 2020-10-02 13:37:23 +0200
commit: df2129a2349b1877049f250551f49a4592e73765 (patch)
tree: 415ae1f1572f20c55ff7113a1799c323a82c6b5e /src/net.cpp
parent: 60ec57b3d73e5cef71ebf3c4cdf54a4474bf492b (diff)
parent: 96571b3d4cb4cda0fd3d5a457ae4a12f615de82b (diff)
download: bitcoin-df2129a2349b1877049f250551f49a4592e73765.tar.xz
1 files changed, 21 insertions, 7 deletions
diff --git a/src/net.cpp b/src/net.cpp
index 7dec4abfb9..95ba6da819 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -83,6 +83,11 @@ enum BindFlags {
     BF_NONE         = 0,
     BF_EXPLICIT     = (1U << 0),
     BF_REPORT_ERROR = (1U << 1),
+    /**
+     * Do not call AddLocal() for our special addresses, e.g., for incoming
+     * Tor connections, to prevent gossiping them over the network.
+     */
+    BF_DONT_ADVERTISE = (1U << 2),
 };
 
 // The set of sockets cannot be modified while waiting
@@ -2241,10 +2246,6 @@ bool CConnman::BindListenPort(const CService& addrBind, bilingual_str& strError,
     }
 
     vhListenSocket.push_back(ListenSocket(hListenSocket, permissions));
-
-    if (addrBind.IsRoutable() && fDiscover && (permissions & PF_NOBAN) == 0)
-        AddLocal(addrBind, LOCAL_BIND);
-
     return true;
 }
 
@@ -2338,10 +2339,18 @@ bool CConnman::Bind(const CService &addr, unsigned int flags, NetPermissionFlags
         }
         return false;
     }
+
+    if (addr.IsRoutable() && fDiscover && !(flags & BF_DONT_ADVERTISE) && !(permissions & PF_NOBAN)) {
+        AddLocal(addr, LOCAL_BIND);
+    }
+
     return true;
 }
 
-bool CConnman::InitBinds(const std::vector<CService>& binds, const std::vector<NetWhitebindPermissions>& whiteBinds)
+bool CConnman::InitBinds(
+    const std::vector<CService>& binds,
+    const std::vector<NetWhitebindPermissions>& whiteBinds,
+    const std::vector<CService>& onion_binds)
 {
     bool fBound = false;
     for (const auto& addrBind : binds) {
@@ -2352,11 +2361,16 @@ bool CConnman::InitBinds(const std::vector<CService>& binds, const std::vector<N
     }
     if (binds.empty() && whiteBinds.empty()) {
         struct in_addr inaddr_any;
-        inaddr_any.s_addr = INADDR_ANY;
+        inaddr_any.s_addr = htonl(INADDR_ANY);
         struct in6_addr inaddr6_any = IN6ADDR_ANY_INIT;
         fBound |= Bind(CService(inaddr6_any, GetListenPort()), BF_NONE, NetPermissionFlags::PF_NONE);
         fBound |= Bind(CService(inaddr_any, GetListenPort()), !fBound ? BF_REPORT_ERROR : BF_NONE, NetPermissionFlags::PF_NONE);
     }
+
+    for (const auto& addr_bind : onion_binds) {
+        fBound |= Bind(addr_bind, BF_EXPLICIT | BF_DONT_ADVERTISE, NetPermissionFlags::PF_NONE);
+    }
+
     return fBound;
 }
 
@@ -2375,7 +2389,7 @@ bool CConnman::Start(CScheduler& scheduler, const Options& connOptions)
         nMaxOutboundCycleStartTime = 0;
     }
 
-    if (fListen && !InitBinds(connOptions.vBinds, connOptions.vWhiteBinds)) {
+    if (fListen && !InitBinds(connOptions.vBinds, connOptions.vWhiteBinds, connOptions.onion_binds)) {
         if (clientInterface) {
             clientInterface->ThreadSafeMessageBox(
                 _("Failed to listen on any port. Use -listen=0 if you want this."),
author	Wladimir J. van der Laan <laanwj@protonmail.com>	2020-10-02 13:06:54 +0200
committer	Wladimir J. van der Laan <laanwj@protonmail.com>	2020-10-02 13:37:23 +0200
commit	df2129a2349b1877049f250551f49a4592e73765 (patch)
tree	415ae1f1572f20c55ff7113a1799c323a82c6b5e /src/net.cpp
parent	60ec57b3d73e5cef71ebf3c4cdf54a4474bf492b (diff)
parent	96571b3d4cb4cda0fd3d5a457ae4a12f615de82b (diff)
download	bitcoin-df2129a2349b1877049f250551f49a4592e73765.tar.xz