aboutsummaryrefslogtreecommitdiff
path: root/src/init.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/init.cpp')
-rw-r--r--src/init.cpp31
1 files changed, 23 insertions, 8 deletions
diff --git a/src/init.cpp b/src/init.cpp
index 1c8c3bc620..a311ee7d8c 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -484,7 +484,7 @@ std::string HelpMessage(HelpMessageMode mode)
strUsage += HelpMessageGroup(_("RPC server options:"));
strUsage += HelpMessageOpt("-server", _("Accept command line and JSON-RPC commands"));
strUsage += HelpMessageOpt("-rest", strprintf(_("Accept public REST requests (default: %u)"), DEFAULT_REST_ENABLE));
- strUsage += HelpMessageOpt("-rpcbind=<addr>", _("Bind to given address to listen for JSON-RPC connections. Use [host]:port notation for IPv6. This option can be specified multiple times (default: bind to all interfaces)"));
+ strUsage += HelpMessageOpt("-rpcbind=<addr>[:port]", _("Bind to given address to listen for JSON-RPC connections. This option is ignored unless -rpcallowip is also passed. Port is optional and overrides -rpcport. Use [host]:port notation for IPv6. This option can be specified multiple times (default: 127.0.0.1 and ::1 i.e., localhost, or if -rpcallowip has been specified, 0.0.0.0 and :: i.e., all addresses)"));
strUsage += HelpMessageOpt("-rpccookiefile=<loc>", _("Location of the auth cookie (default: data dir)"));
strUsage += HelpMessageOpt("-rpcuser=<user>", _("Username for JSON-RPC connections"));
strUsage += HelpMessageOpt("-rpcpassword=<pw>", _("Password for JSON-RPC connections"));
@@ -683,9 +683,15 @@ bool InitSanityCheck(void)
InitError("Elliptic curve cryptography sanity check failure. Aborting.");
return false;
}
+
if (!glibc_sanity_test() || !glibcxx_sanity_test())
return false;
+ if (!Random_SanityCheck()) {
+ InitError("OS cryptographic RNG sanity check failure. Aborting.");
+ return false;
+ }
+
return true;
}
@@ -1260,16 +1266,23 @@ bool AppInitMain(boost::thread_group& threadGroup, CScheduler& scheduler)
}
}
+ // Check for host lookup allowed before parsing any network related parameters
+ fNameLookup = GetBoolArg("-dns", DEFAULT_NAME_LOOKUP);
+
bool proxyRandomize = GetBoolArg("-proxyrandomize", DEFAULT_PROXYRANDOMIZE);
// -proxy sets a proxy for all outgoing network traffic
// -noproxy (or -proxy=0) as well as the empty string can be used to not set a proxy, this is the default
std::string proxyArg = GetArg("-proxy", "");
SetLimited(NET_TOR);
if (proxyArg != "" && proxyArg != "0") {
- CService resolved(LookupNumeric(proxyArg.c_str(), 9050));
- proxyType addrProxy = proxyType(resolved, proxyRandomize);
+ CService proxyAddr;
+ if (!Lookup(proxyArg.c_str(), proxyAddr, 9050, fNameLookup)) {
+ return InitError(strprintf(_("Invalid -proxy address or hostname: '%s'"), proxyArg));
+ }
+
+ proxyType addrProxy = proxyType(proxyAddr, proxyRandomize);
if (!addrProxy.IsValid())
- return InitError(strprintf(_("Invalid -proxy address: '%s'"), proxyArg));
+ return InitError(strprintf(_("Invalid -proxy address or hostname: '%s'"), proxyArg));
SetProxy(NET_IPV4, addrProxy);
SetProxy(NET_IPV6, addrProxy);
@@ -1286,10 +1299,13 @@ bool AppInitMain(boost::thread_group& threadGroup, CScheduler& scheduler)
if (onionArg == "0") { // Handle -noonion/-onion=0
SetLimited(NET_TOR); // set onions as unreachable
} else {
- CService resolved(LookupNumeric(onionArg.c_str(), 9050));
- proxyType addrOnion = proxyType(resolved, proxyRandomize);
+ CService onionProxy;
+ if (!Lookup(onionArg.c_str(), onionProxy, 9050, fNameLookup)) {
+ return InitError(strprintf(_("Invalid -onion address or hostname: '%s'"), onionArg));
+ }
+ proxyType addrOnion = proxyType(onionProxy, proxyRandomize);
if (!addrOnion.IsValid())
- return InitError(strprintf(_("Invalid -onion address: '%s'"), onionArg));
+ return InitError(strprintf(_("Invalid -onion address or hostname: '%s'"), onionArg));
SetProxy(NET_TOR, addrOnion);
SetLimited(NET_TOR, false);
}
@@ -1298,7 +1314,6 @@ bool AppInitMain(boost::thread_group& threadGroup, CScheduler& scheduler)
// see Step 2: parameter interactions for more information about these
fListen = GetBoolArg("-listen", DEFAULT_LISTEN);
fDiscover = GetBoolArg("-discover", true);
- fNameLookup = GetBoolArg("-dns", DEFAULT_NAME_LOOKUP);
fRelayTxes = !GetBoolArg("-blocksonly", DEFAULT_BLOCKSONLY);
if (fListen) {