From 2feec3ce3130961f98ceb030951d0e46d3b9096c Mon Sep 17 00:00:00 2001 From: Vasil Dimov Date: Thu, 22 Oct 2020 20:34:31 +0200 Subject: net: don't bind on 0.0.0.0 if binds are restricted to Tor The semantic of `-bind` is to restrict the binding only to some address. If not specified, then the user does not care and we bind to `0.0.0.0`. If specified then we should honor the restriction and bind only to the specified address. Before this change, if no `-bind` is given then we would bind to `0.0.0.0:8333` and to `127.0.0.1:8334` (incoming Tor) which is ok - the user does not care to restrict the binding. However, if only `-bind=addr:port=onion` is given (without ordinary `-bind=`) then we would bind to `addr:port` _and_ to `0.0.0.0:8333` in addition. Change the above to not do the additional bind: if only `-bind=addr:port=onion` is given (without ordinary `-bind=`) then bind to `addr:port` (only) and consider incoming connections to that as Tor and do not advertise it. I.e. a Tor-only node. --- src/net.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/net.h') diff --git a/src/net.h b/src/net.h index 65b262e573..5e84f7a9d9 100644 --- a/src/net.h +++ b/src/net.h @@ -824,6 +824,9 @@ public: std::vector vWhiteBinds; std::vector vBinds; std::vector onion_binds; + /// True if the user did not specify -bind= or -whitebind= and thus + /// we should bind on `0.0.0.0` (IPv4) and `::` (IPv6). + bool bind_on_any; bool m_use_addrman_outgoing = true; std::vector m_specified_outgoing; std::vector m_added_nodes; @@ -1033,10 +1036,7 @@ private: bool BindListenPort(const CService& bindAddr, bilingual_str& strError, NetPermissionFlags permissions); bool Bind(const CService& addr, unsigned int flags, NetPermissionFlags permissions); - bool InitBinds( - const std::vector& binds, - const std::vector& whiteBinds, - const std::vector& onion_binds); + bool InitBinds(const Options& options); void ThreadOpenAddedConnections(); void AddAddrFetch(const std::string& strDest); -- cgit v1.2.3