diff options
| author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2021-01-11 11:27:42 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2021-01-11 11:27:47 +0100 |
| commit | 675af2a515f25d96a6e3bfd4f824334f21dd6376 (patch) | |
| tree | b804ae4ec0855b73f3e42a2b955c64ec86553f91 /src/netaddress.h | |
| parent | 616eace02acdc5f9ce775f6bf82fc8964980162f (diff) | |
| parent | 39b43298d9c54f9c18bef36f3d5934f57aefd088 (diff) | |
Merge #20852: net: allow CSubNet of non-IP networks
39b43298d9c54f9c18bef36f3d5934f57aefd088 test: add test for banning of non-IP addresses (Vasil Dimov)
94d335da7f8232bc653c9b08b0a33b517b4c98ad net: allow CSubNet of non-IP networks (Vasil Dimov)
Pull request description:
Allow creation of valid `CSubNet` objects of non-IP networks and only
match the single address they were created from (like /32 for IPv4 or
/128 for IPv6).
This fixes a deficiency in `CConnman::DisconnectNode(const CNetAddr& addr)`
and in `BanMan` which assume that creating a subnet from any address
using the `CSubNet(CNetAddr)` constructor would later match that address
only. Before this change a non-IP subnet would be invalid and would not
match any address.
ACKs for top commit:
jonatack:
Code review re-ACK 39b43298d9c54f9c18bef36f3d5934f57aefd088 per `git diff 5e95ce6 39b4329`; only change since last review is improvements to the functional test; verified the test fails on master @ 616eace0 where expected (`assert(self.is_banned(node, tor_addr))` fails and unban unfails)
laanwj:
code review ACK 39b43298d9c54f9c18bef36f3d5934f57aefd088
Tree-SHA512: 3239b26d0f2fa2d1388b4fdbc1d05ce4ac1980be699c6ec46049409baefcb2006b1e72b889871e2210e897f6725c48e873f68457eea7e6e4958ab4f959d20297
Diffstat (limited to 'src/netaddress.h')
| -rw-r--r-- | src/netaddress.h | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/netaddress.h b/src/netaddress.h index cf878fe374..b9eade7fd5 100644 --- a/src/netaddress.h +++ b/src/netaddress.h @@ -462,11 +462,33 @@ class CSubNet bool SanityCheck() const; public: + /** + * Construct an invalid subnet (empty, `Match()` always returns false). + */ CSubNet(); + + /** + * Construct from a given network start and number of bits (CIDR mask). + * @param[in] addr Network start. Must be IPv4 or IPv6, otherwise an invalid subnet is + * created. + * @param[in] mask CIDR mask, must be in [0, 32] for IPv4 addresses and in [0, 128] for + * IPv6 addresses. Otherwise an invalid subnet is created. + */ CSubNet(const CNetAddr& addr, uint8_t mask); + + /** + * Construct from a given network start and mask. + * @param[in] addr Network start. Must be IPv4 or IPv6, otherwise an invalid subnet is + * created. + * @param[in] mask Network mask, must be of the same type as `addr` and not contain 0-bits + * followed by 1-bits. Otherwise an invalid subnet is created. + */ CSubNet(const CNetAddr& addr, const CNetAddr& mask); - //constructor for single ip subnet (<ipv4>/32 or <ipv6>/128) + /** + * Construct a single-host subnet. + * @param[in] addr The sole address to be contained in the subnet, can also be non-IPv[46]. + */ explicit CSubNet(const CNetAddr& addr); bool Match(const CNetAddr &addr) const; |