aboutsummaryrefslogtreecommitdiff
path: root/src/torcontrol.cpp
diff options
context:
space:
mode:
authorlaanwj <126646+laanwj@users.noreply.github.com>2022-03-01 18:31:05 +0100
committerlaanwj <126646+laanwj@users.noreply.github.com>2022-03-01 18:32:01 +0100
commit848b11615b67a3c49f76ebbcaa241a322d8014d8 (patch)
treea02845e08e9a2ec831514e53a70a8cecccc41d6c /src/torcontrol.cpp
parent024b8e12a54c677d87fdb2cc4be7b8ec9900584d (diff)
parent0eea83a85ec6b215d44facc2b16ee1b035275a6b (diff)
Merge bitcoin/bitcoin#22834: net: respect -onlynet= when making outbound connections
0eea83a85ec6b215d44facc2b16ee1b035275a6b scripted-diff: rename `proxyType` to `Proxy` (Vasil Dimov) e53a8505dbb6f9deaae8ac82793a4fb760a1e0a6 net: respect -onlynet= when making outbound connections (Vasil Dimov) Pull request description: Do not make outbound connections to hosts which belong to a network which is restricted by `-onlynet`. This applies to hosts that are automatically chosen to connect to and to anchors. This does not apply to hosts given to `-connect`, `-addnode`, `addnode` RPC, dns seeds, `-seednode`. Fixes https://github.com/bitcoin/bitcoin/issues/13378 Fixes https://github.com/bitcoin/bitcoin/issues/22647 Supersedes https://github.com/bitcoin/bitcoin/pull/22651 ACKs for top commit: naumenkogs: utACK 0eea83a85ec6b215d44facc2b16ee1b035275a6b prayank23: reACK https://github.com/bitcoin/bitcoin/pull/22834/commits/0eea83a85ec6b215d44facc2b16ee1b035275a6b jonatack: ACK 0eea83a85ec6b215d44facc2b16ee1b035275a6b code review, rebased to master, debug built, and did some manual testing with various config options on signet Tree-SHA512: 37d68b449dd6d2715843fc84d85f48fa2508be40ea105a7f4a28443b318d0b6bd39e3b2ca2a6186f2913836adf08d91038a8b142928e1282130f39ac81aa741b
Diffstat (limited to 'src/torcontrol.cpp')
-rw-r--r--src/torcontrol.cpp19
1 files changed, 17 insertions, 2 deletions
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp
index 1bbced8cb6..7ae384ceb3 100644
--- a/src/torcontrol.cpp
+++ b/src/torcontrol.cpp
@@ -382,9 +382,24 @@ void TorController::auth_cb(TorControlConnection& _conn, const TorControlReply&
// if -onion isn't set to something else.
if (gArgs.GetArg("-onion", "") == "") {
CService resolved(LookupNumeric("127.0.0.1", 9050));
- proxyType addrOnion = proxyType(resolved, true);
+ Proxy addrOnion = Proxy(resolved, true);
SetProxy(NET_ONION, addrOnion);
- SetReachable(NET_ONION, true);
+
+ const auto onlynets = gArgs.GetArgs("-onlynet");
+
+ const bool onion_allowed_by_onlynet{
+ !gArgs.IsArgSet("-onlynet") ||
+ std::any_of(onlynets.begin(), onlynets.end(), [](const auto& n) {
+ return ParseNetwork(n) == NET_ONION;
+ })};
+
+ if (onion_allowed_by_onlynet) {
+ // If NET_ONION is reachable, then the below is a noop.
+ //
+ // If NET_ONION is not reachable, then none of -proxy or -onion was given.
+ // Since we are here, then -torcontrol and -torpassword were given.
+ SetReachable(NET_ONION, true);
+ }
}
// Finally - now create the service