diff options
| author | Vasil Dimov <vd@FreeBSD.org> | 2023-02-07 15:16:57 +0100 |
|---|---|---|
| committer | Vasil Dimov <vd@FreeBSD.org> | 2023-10-16 12:57:49 +0200 |
| commit | 9482cb780fe04c1f1d9050edd1b8e549e52c86ce (patch) | |
| tree | 8c537b1b3876b61fac0c462087f46f04ce9dd75d /src/netbase.cpp | |
| parent | 53afa68026ffa1313ae4aba3664de7791d23b1c8 (diff) | |
netbase: possibly change the result of LookupSubNet() to CJDNS
All callers of `LookupSubNet()` need the result to be of CJDNS type if
`-cjdnsreachable` is set and the address begins with `fc`:
* `NetWhitelistPermissions::TryParse()`: otherwise `-whitelist=` fails
to white list CJDNS addresses: when a CJDNS peer connects to us, it
will be matched against IPv6 `fc...` subnet and the match will never
succeed.
* `BanMapFromJson()`: CJDNS bans are stored as just IPv6 addresses in
`banlist.json`. Upon reading from disk they have to be converted back
to CJDNS, otherwise, after restart, a ban entry like (`fc00::1`, IPv6)
would not match a peer (`fc00::1`, CJDNS).
* `setban()` (in `rpc/net.cpp`): otherwise `setban fc.../mask add` would
add an IPv6 entry to BanMan. Subnetting does not make sense for CJDNS
addresses, thus treat `fc.../mask` as invalid `CSubNet`. The result of
`LookupHost()` has to be converted for the case of banning a single
host.
* `InitHTTPAllowList()`: not necessary since before this change
`-rpcallowip=fc...` would match IPv6 subnets against IPv6 peers even
if they started with `fc`. But because it is necessary for the above,
`HTTPRequest::GetPeer()` also has to be adjusted to return CJDNS peer,
so that now CJDNS peers are matched against CJDNS subnets.
Diffstat (limited to 'src/netbase.cpp')
| -rw-r--r-- | src/netbase.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/netbase.cpp b/src/netbase.cpp index 09b8a606b6..5e1e121bfe 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -653,9 +653,10 @@ bool LookupSubNet(const std::string& subnet_str, CSubNet& subnet_out) const size_t slash_pos{subnet_str.find_last_of('/')}; const std::string str_addr{subnet_str.substr(0, slash_pos)}; - const std::optional<CNetAddr> addr{LookupHost(str_addr, /*fAllowLookup=*/false)}; + std::optional<CNetAddr> addr{LookupHost(str_addr, /*fAllowLookup=*/false)}; if (addr.has_value()) { + addr = static_cast<CNetAddr>(MaybeFlipIPv6toCJDNS(CService{addr.value(), /*port=*/0})); if (slash_pos != subnet_str.npos) { const std::string netmask_str{subnet_str.substr(slash_pos + 1)}; uint8_t netmask; |