doc/dev/net__permissions_8cpp_source.html

// Copyright (c) 2009-2018 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <net_permissions.h>


#include <common/system.h>

#include <netbase.h>

#include <util/error.h>

#include <util/translation.h>


const std::vector<std::string> NET_PERMISSIONS_DOC{

    "bloomfilter (allow requesting BIP37 filtered blocks and transactions)",

    "noban (do not ban for misbehavior; implies download)",

    "forcerelay (relay transactions that are already in the mempool; implies "

    "relay)",

    "relay (relay even in -blocksonly mode, and unlimited transaction "

    "announcements)",

    "mempool (allow requesting BIP35 mempool contents)",

    "download (allow getheaders during IBD, no disconnect after "

    "maxuploadtarget limit)",

    "bypass_proof_request_limits (experimental, bypass the limits on avalanche "

    "proof downloads)",

    "addr (responses to GETADDR avoid hitting the cache and contain random "

    "records with the most up-to-date info)"};


namespace {


// Parse the following format: "perm1,perm2@xxxxxx"

static bool

TryParsePermissionFlags(const std::string &str, NetPermissionFlags &output,

                        ConnectionDirection *output_connection_direction,

                        size_t &readen, bilingual_str &error) {

    NetPermissionFlags flags = NetPermissionFlags::None;

    ConnectionDirection connection_direction = ConnectionDirection::None;

    const auto atSeparator = str.find('@');


    // if '@' is not found (ie, "xxxxx"), the caller should apply implicit

    // permissions

    if (atSeparator == std::string::npos) {

        NetPermissions::AddFlag(flags, NetPermissionFlags::Implicit);

        readen = 0;

    }

    // else (ie, "perm1,perm2@xxxxx"), let's enumerate the permissions by

    // splitting by ',' and calculate the flags

    else {

        readen = 0;

        // permissions == perm1,perm2

        const auto permissions = str.substr(0, atSeparator);

        while (readen < permissions.length()) {

            const auto commaSeparator = permissions.find(',', readen);

            const auto len = commaSeparator == std::string::npos

                                 ? permissions.length() - readen

                                 : commaSeparator - readen;

            // permission == perm1

            const auto permission = permissions.substr(readen, len);

            // We read "perm1"

            readen += len;

            if (commaSeparator != std::string::npos) {

                // We read ","

                readen++;

            }


            if (permission == "bloomfilter" || permission == "bloom") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::BloomFilter);

            } else if (permission == "noban") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);

            } else if (permission == "forcerelay") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);

            } else if (permission == "mempool") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);

            } else if (permission == "download") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::Download);

            } else if (permission == "all") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::All);

            } else if (permission == "relay") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);

            } else if (permission == "addr") {

                NetPermissions::AddFlag(flags, NetPermissionFlags::Addr);

            } else if (permission == "in") {

                connection_direction |= ConnectionDirection::In;

            } else if (permission == "out") {

                if (output_connection_direction == nullptr) {

                    // Only NetWhitebindPermissions() should pass a nullptr.

                    error = _("whitebind may only be used for incoming "

                              "connections (\"out\" was passed)");

                    return false;

                }

                connection_direction |= ConnectionDirection::Out;

            } else if (permission == "bypass_proof_request_limits") {

                NetPermissions::AddFlag(

                    flags, NetPermissionFlags::BypassProofRequestLimits);

            } else if (permission.length() == 0) {

                // Allow empty entries

            } else {

                error =

                    strprintf(_("Invalid P2P permission: '%s'"), permission);

                return false;

            }

        }

        readen++;

    }


    // By default, whitelist only applies to incoming connections

    if (connection_direction == ConnectionDirection::None) {

        connection_direction = ConnectionDirection::In;

    } else if (flags == NetPermissionFlags::None) {

        error =

            strprintf(_("Only direction was set, no permissions: '%s'"), str);

        return false;

    }


    output = flags;

    if (output_connection_direction) {

        *output_connection_direction = connection_direction;

    }

    error = Untranslated("");

    return true;

}


} // namespace


std::vector<std::string> NetPermissions::ToStrings(NetPermissionFlags flags) {

    std::vector<std::string> strings;

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::BloomFilter)) {

        strings.push_back("bloomfilter");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::NoBan)) {

        strings.push_back("noban");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::ForceRelay)) {

        strings.push_back("forcerelay");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Relay)) {

        strings.push_back("relay");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Mempool)) {

        strings.push_back("mempool");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Download)) {

        strings.push_back("download");

    }

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Addr)) {

        strings.push_back("addr");

    }

    if (NetPermissions::HasFlag(flags,

                                NetPermissionFlags::BypassProofRequestLimits)) {

        strings.push_back("bypass_proof_request_limits");

    }

    return strings;

}


bool NetWhitebindPermissions::TryParse(const std::string &str,

                                       NetWhitebindPermissions &output,

                                       bilingual_str &error) {

    NetPermissionFlags flags;

    size_t offset;

    if (!TryParsePermissionFlags(str, flags,

                                 /*output_connection_direction=*/nullptr,

                                 offset, error)) {

        return false;

    }


    const std::string strBind = str.substr(offset);

    CService addrBind;

    if (!Lookup(strBind, addrBind, 0, false)) {

        error = ResolveErrMsg("whitebind", strBind);

        return false;

    }

    if (addrBind.GetPort() == 0) {

        error = strprintf(_("Need to specify a port with -whitebind: '%s'"),

                          strBind);

        return false;

    }


    output.m_flags = flags;

    output.m_service = addrBind;

    error = Untranslated("");

    return true;

}


bool NetWhitelistPermissions::TryParse(

    const std::string &str, NetWhitelistPermissions &output,

    ConnectionDirection &output_connection_direction, bilingual_str &error) {

    NetPermissionFlags flags;

    size_t offset;

    // Only NetWhitebindPermissions should pass a nullptr for

    // output_connection_direction.

    if (!TryParsePermissionFlags(str, flags, &output_connection_direction,

                                 offset, error)) {

        return false;

    }


    const std::string net = str.substr(offset);

    CSubNet subnet;

    LookupSubNet(net, subnet);

    if (!subnet.IsValid()) {

        error =

            strprintf(_("Invalid netmask specified in -whitelist: '%s'"), net);

        return false;

    }


    output.m_flags = flags;

    output.m_subnet = subnet;

    error = Untranslated("");

    return true;

}

flags
int flags
Definition: bitcoin-tx.cpp:541

CService
A combination of a network address (CNetAddr) and a (TCP) port.
Definition: netaddress.h:545

CService::GetPort
uint16_t GetPort() const
Definition: netaddress.cpp:1008

CSubNet
Definition: netaddress.h:495

CSubNet::IsValid
bool IsValid() const
Definition: netaddress.cpp:1229

NetPermissions::m_flags
NetPermissionFlags m_flags
Definition: net_permissions.h:63

NetPermissions::AddFlag
static void AddFlag(NetPermissionFlags &flags, NetPermissionFlags f)
Definition: net_permissions.h:69

NetPermissions::ToStrings
static std::vector< std::string > ToStrings(NetPermissionFlags flags)
Definition: net_permissions.cpp:123

NetPermissions::HasFlag
static bool HasFlag(NetPermissionFlags flags, NetPermissionFlags f)
Definition: net_permissions.h:65

NetWhitebindPermissions
Definition: net_permissions.h:88

NetWhitebindPermissions::TryParse
static bool TryParse(const std::string &str, NetWhitebindPermissions &output, bilingual_str &error)
Definition: net_permissions.cpp:153

NetWhitebindPermissions::m_service
CService m_service
Definition: net_permissions.h:92

NetWhitelistPermissions
Definition: net_permissions.h:95

NetWhitelistPermissions::m_subnet
CSubNet m_subnet
Definition: net_permissions.h:101

NetWhitelistPermissions::TryParse
static bool TryParse(const std::string &str, NetWhitelistPermissions &output, ConnectionDirection &output_connection_direction, bilingual_str &error)
Definition: net_permissions.cpp:182

ResolveErrMsg
bilingual_str ResolveErrMsg(const std::string &optname, const std::string &strBind)
Definition: error.cpp:44

error.h

error
bool error(const char *fmt, const Args &...args)
Definition: logging.h:226

NET_PERMISSIONS_DOC
const std::vector< std::string > NET_PERMISSIONS_DOC
Definition: net_permissions.cpp:12

net_permissions.h

NetPermissionFlags
NetPermissionFlags
Definition: net_permissions.h:24

NetPermissionFlags::Implicit
@ Implicit

NetPermissionFlags::NoBan
@ NoBan

NetPermissionFlags::Mempool
@ Mempool

NetPermissionFlags::Relay
@ Relay

NetPermissionFlags::Addr
@ Addr

NetPermissionFlags::ForceRelay
@ ForceRelay

NetPermissionFlags::None
@ None

NetPermissionFlags::Download
@ Download

NetPermissionFlags::All
@ All

NetPermissionFlags::BypassProofRequestLimits
@ BypassProofRequestLimits

NetPermissionFlags::BloomFilter
@ BloomFilter

LookupSubNet
bool LookupSubNet(const std::string &strSubnet, CSubNet &ret, DNSLookupFn dns_lookup_function)
Parse and resolve a specified subnet string into the appropriate internal representation.
Definition: netbase.cpp:781

Lookup
bool Lookup(const std::string &name, std::vector< CService > &vAddr, uint16_t portDefault, bool fAllowLookup, unsigned int nMaxSolutions, DNSLookupFn dns_lookup_function)
Resolve a service string to its corresponding service.
Definition: netbase.cpp:223

netbase.h

ConnectionDirection
ConnectionDirection
Definition: netbase.h:32

ConnectionDirection::None
@ None

ConnectionDirection::Out
@ Out

ConnectionDirection::In
@ In

bilingual_str
Bilingual messages:
Definition: translation.h:17

system.h

strprintf
#define strprintf
Format arguments and return the string or write to given std::ostream (see tinyformat::format doc for...
Definition: tinyformat.h:1202

translation.h

_
bilingual_str _(const char *psz)
Translation function.
Definition: translation.h:68

Untranslated
bilingual_str Untranslated(std::string original)
Mark a bilingual_str as untranslated.
Definition: translation.h:36