diff options
author | laanwj <126646+laanwj@users.noreply.github.com> | 2022-03-01 18:31:05 +0100 |
---|---|---|
committer | laanwj <126646+laanwj@users.noreply.github.com> | 2022-03-01 18:32:01 +0100 |
commit | 848b11615b67a3c49f76ebbcaa241a322d8014d8 (patch) | |
tree | a02845e08e9a2ec831514e53a70a8cecccc41d6c /src/torcontrol.cpp | |
parent | 024b8e12a54c677d87fdb2cc4be7b8ec9900584d (diff) | |
parent | 0eea83a85ec6b215d44facc2b16ee1b035275a6b (diff) |
Merge bitcoin/bitcoin#22834: net: respect -onlynet= when making outbound connections
0eea83a85ec6b215d44facc2b16ee1b035275a6b scripted-diff: rename `proxyType` to `Proxy` (Vasil Dimov)
e53a8505dbb6f9deaae8ac82793a4fb760a1e0a6 net: respect -onlynet= when making outbound connections (Vasil Dimov)
Pull request description:
Do not make outbound connections to hosts which belong to a network
which is restricted by `-onlynet`.
This applies to hosts that are automatically chosen to connect to and to
anchors.
This does not apply to hosts given to `-connect`, `-addnode`,
`addnode` RPC, dns seeds, `-seednode`.
Fixes https://github.com/bitcoin/bitcoin/issues/13378
Fixes https://github.com/bitcoin/bitcoin/issues/22647
Supersedes https://github.com/bitcoin/bitcoin/pull/22651
ACKs for top commit:
naumenkogs:
utACK 0eea83a85ec6b215d44facc2b16ee1b035275a6b
prayank23:
reACK https://github.com/bitcoin/bitcoin/pull/22834/commits/0eea83a85ec6b215d44facc2b16ee1b035275a6b
jonatack:
ACK 0eea83a85ec6b215d44facc2b16ee1b035275a6b code review, rebased to master, debug built, and did some manual testing with various config options on signet
Tree-SHA512: 37d68b449dd6d2715843fc84d85f48fa2508be40ea105a7f4a28443b318d0b6bd39e3b2ca2a6186f2913836adf08d91038a8b142928e1282130f39ac81aa741b
Diffstat (limited to 'src/torcontrol.cpp')
-rw-r--r-- | src/torcontrol.cpp | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp index 1bbced8cb6..7ae384ceb3 100644 --- a/src/torcontrol.cpp +++ b/src/torcontrol.cpp @@ -382,9 +382,24 @@ void TorController::auth_cb(TorControlConnection& _conn, const TorControlReply& // if -onion isn't set to something else. if (gArgs.GetArg("-onion", "") == "") { CService resolved(LookupNumeric("127.0.0.1", 9050)); - proxyType addrOnion = proxyType(resolved, true); + Proxy addrOnion = Proxy(resolved, true); SetProxy(NET_ONION, addrOnion); - SetReachable(NET_ONION, true); + + const auto onlynets = gArgs.GetArgs("-onlynet"); + + const bool onion_allowed_by_onlynet{ + !gArgs.IsArgSet("-onlynet") || + std::any_of(onlynets.begin(), onlynets.end(), [](const auto& n) { + return ParseNetwork(n) == NET_ONION; + })}; + + if (onion_allowed_by_onlynet) { + // If NET_ONION is reachable, then the below is a noop. + // + // If NET_ONION is not reachable, then none of -proxy or -onion was given. + // Since we are here, then -torcontrol and -torpassword were given. + SetReachable(NET_ONION, true); + } } // Finally - now create the service |