net__permissions_8cpp_source.html

// Copyright (c) 2009-2021 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <common/messages.h>

#include <common/system.h>

#include <net_permissions.h>

#include <netbase.h>

#include <util/translation.h>


using common::ResolveErrMsg;


const std::vector<std::string> NET_PERMISSIONS_DOC{

    "bloomfilter (allow requesting BIP37 filtered blocks and transactions)",

    "noban (do not ban for misbehavior; implies download)",

    "forcerelay (relay transactions that are already in the mempool; implies relay)",

    "relay (relay even in -blocksonly mode, and unlimited transaction announcements)",

    "mempool (allow requesting BIP35 mempool contents)",

    "download (allow getheaders during IBD, no disconnect after maxuploadtarget limit)",

    "addr (responses to GETADDR avoid hitting the cache and contain random records with the most up-to-date info)"

};


namespace {


// Parse the following format: "perm1,perm2@xxxxxx"

static bool TryParsePermissionFlags(const std::string& str, NetPermissionFlags& output, ConnectionDirection* output_connection_direction, size_t& readen, bilingual_str& error)

{

    NetPermissionFlags flags = NetPermissionFlags::None;

    ConnectionDirection connection_direction = ConnectionDirection::None;

    const auto atSeparator = str.find('@');


    // if '@' is not found (ie, "xxxxx"), the caller should apply implicit permissions

    if (atSeparator == std::string::npos) {

        NetPermissions::AddFlag(flags, NetPermissionFlags::Implicit);

        readen = 0;

    }

    // else (ie, "perm1,perm2@xxxxx"), let's enumerate the permissions by splitting by ',' and calculate the flags

    else {

        readen = 0;

        // permissions == perm1,perm2

        const auto permissions = str.substr(0, atSeparator);

        while (readen < permissions.length()) {

            const auto commaSeparator = permissions.find(',', readen);

            const auto len = commaSeparator == std::string::npos ? permissions.length() - readen : commaSeparator - readen;

            // permission == perm1

            const auto permission = permissions.substr(readen, len);

            readen += len; // We read "perm1"

            if (commaSeparator != std::string::npos) readen++; // We read ","


            if (permission == "bloomfilter" || permission == "bloom") NetPermissions::AddFlag(flags, NetPermissionFlags::BloomFilter);

            else if (permission == "noban") NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan);

            else if (permission == "forcerelay") NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay);

            else if (permission == "mempool") NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool);

            else if (permission == "download") NetPermissions::AddFlag(flags, NetPermissionFlags::Download);

            else if (permission == "all") NetPermissions::AddFlag(flags, NetPermissionFlags::All);

            else if (permission == "relay") NetPermissions::AddFlag(flags, NetPermissionFlags::Relay);

            else if (permission == "addr") NetPermissions::AddFlag(flags, NetPermissionFlags::Addr);

            else if (permission == "in") connection_direction |= ConnectionDirection::In;

            else if (permission == "out") {

                if (output_connection_direction == nullptr) {

                    // Only NetWhitebindPermissions() should pass a nullptr.

                    error = _("whitebind may only be used for incoming connections (\"out\" was passed)");

                    return false;

                }

                connection_direction |= ConnectionDirection::Out;

            }

            else if (permission.length() == 0); // Allow empty entries

            else {

                error = strprintf(_("Invalid P2P permission: '%s'"), permission);

                return false;

            }

        }

        readen++;

    }


    // By default, whitelist only applies to incoming connections

    if (connection_direction == ConnectionDirection::None) {

        connection_direction = ConnectionDirection::In;

    } else if (flags == NetPermissionFlags::None) {

        error = strprintf(_("Only direction was set, no permissions: '%s'"), str);

        return false;

    }


    output = flags;

    if (output_connection_direction) *output_connection_direction = connection_direction;

    error = Untranslated("");

    return true;

}


}


std::vector<std::string> NetPermissions::ToStrings(NetPermissionFlags flags)

{

    std::vector<std::string> strings;

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::BloomFilter)) strings.emplace_back("bloomfilter");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::NoBan)) strings.emplace_back("noban");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::ForceRelay)) strings.emplace_back("forcerelay");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Relay)) strings.emplace_back("relay");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Mempool)) strings.emplace_back("mempool");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Download)) strings.emplace_back("download");

    if (NetPermissions::HasFlag(flags, NetPermissionFlags::Addr)) strings.emplace_back("addr");

    return strings;

}


bool NetWhitebindPermissions::TryParse(const std::string& str, NetWhitebindPermissions& output, bilingual_str& error)

{

    NetPermissionFlags flags;

    size_t offset;

    if (!TryParsePermissionFlags(str, flags, /*output_connection_direction=*/nullptr, offset, error)) return false;


    const std::string strBind = str.substr(offset);

    const std::optional<CService> addrBind{Lookup(strBind, 0, false)};

    if (!addrBind.has_value()) {

        error = ResolveErrMsg("whitebind", strBind);

        return false;

    }

    if (addrBind.value().GetPort() == 0) {

        error = strprintf(_("Need to specify a port with -whitebind: '%s'"), strBind);

        return false;

    }


    output.m_flags = flags;

    output.m_service = addrBind.value();

    error = Untranslated("");

    return true;

}


bool NetWhitelistPermissions::TryParse(const std::string& str, NetWhitelistPermissions& output, ConnectionDirection& output_connection_direction, bilingual_str& error)

{

    NetPermissionFlags flags;

    size_t offset;

    // Only NetWhitebindPermissions should pass a nullptr for output_connection_direction.

    if (!TryParsePermissionFlags(str, flags, &output_connection_direction, offset, error)) return false;


    const std::string net = str.substr(offset);

    const CSubNet subnet{LookupSubNet(net)};

    if (!subnet.IsValid()) {

        error = strprintf(_("Invalid netmask specified in -whitelist: '%s'"), net);

        return false;

    }


    output.m_flags = flags;

    output.m_subnet = subnet;

    error = Untranslated("");

    return true;

}

flags
int flags
Definition: bitcoin-tx.cpp:529

CSubNet
Definition: netaddress.h:480

NetPermissions::m_flags
NetPermissionFlags m_flags
Definition: net_permissions.h:58

NetPermissions::AddFlag
static void AddFlag(NetPermissionFlags &flags, NetPermissionFlags f)
Definition: net_permissions.h:65

NetPermissions::ToStrings
static std::vector< std::string > ToStrings(NetPermissionFlags flags)
Definition: net_permissions.cpp:92

NetPermissions::HasFlag
static bool HasFlag(NetPermissionFlags flags, NetPermissionFlags f)
Definition: net_permissions.h:60

NetWhitebindPermissions
Definition: net_permissions.h:83

NetWhitebindPermissions::TryParse
static bool TryParse(const std::string &str, NetWhitebindPermissions &output, bilingual_str &error)
Definition: net_permissions.cpp:105

NetWhitebindPermissions::m_service
CService m_service
Definition: net_permissions.h:86

NetWhitelistPermissions
Definition: net_permissions.h:90

NetWhitelistPermissions::m_subnet
CSubNet m_subnet
Definition: net_permissions.h:93

NetWhitelistPermissions::TryParse
static bool TryParse(const std::string &str, NetWhitelistPermissions &output, ConnectionDirection &output_connection_direction, bilingual_str &error)
Definition: net_permissions.cpp:128

messages.h
is a home for simple string functions returning descriptive messages that are used in RPC and GUI int...

common::ResolveErrMsg
bilingual_str ResolveErrMsg(const std::string &optname, const std::string &strBind)
Definition: messages.cpp:152

NET_PERMISSIONS_DOC
const std::vector< std::string > NET_PERMISSIONS_DOC
Definition: net_permissions.cpp:13

net_permissions.h

NetPermissionFlags
NetPermissionFlags
Definition: net_permissions.h:24

NetPermissionFlags::Implicit
@ Implicit

NetPermissionFlags::NoBan
@ NoBan

NetPermissionFlags::Mempool
@ Mempool

NetPermissionFlags::Relay
@ Relay

NetPermissionFlags::Addr
@ Addr

NetPermissionFlags::ForceRelay
@ ForceRelay

NetPermissionFlags::None
@ None

NetPermissionFlags::Download
@ Download

NetPermissionFlags::All
@ All

NetPermissionFlags::BloomFilter
@ BloomFilter

LookupSubNet
CSubNet LookupSubNet(const std::string &subnet_str)
Parse and resolve a specified subnet string into the appropriate internal representation.
Definition: netbase.cpp:816

Lookup
std::vector< CService > Lookup(const std::string &name, uint16_t portDefault, bool fAllowLookup, unsigned int nMaxSolutions, DNSLookupFn dns_lookup_function)
Resolve a service string to its corresponding service.
Definition: netbase.cpp:195

netbase.h

ConnectionDirection
ConnectionDirection
Definition: netbase.h:33

ConnectionDirection::None
@ None

ConnectionDirection::Out
@ Out

ConnectionDirection::In
@ In

bilingual_str
Bilingual messages:
Definition: translation.h:24

system.h

strprintf
#define strprintf
Format arguments and return the string or write to given std::ostream (see tinyformat::format doc for...
Definition: tinyformat.h:1172

translation.h

_
consteval auto _(util::TranslatedLiteral str)
Definition: translation.h:79

Untranslated
bilingual_str Untranslated(std::string original)
Mark a bilingual_str as untranslated.
Definition: translation.h:82