netbase: possibly change the result of LookupSubNet() to CJDNS

vasild · vasild · commit 9482cb780fe0 · 2023-10-16T12:57:49.000+02:00
All callers of `LookupSubNet()` need the result to be of CJDNS type if
`-cjdnsreachable` is set and the address begins with `fc`:

* `NetWhitelistPermissions::TryParse()`: otherwise `-whitelist=` fails
  to white list CJDNS addresses: when a CJDNS peer connects to us, it
  will be matched against IPv6 `fc...` subnet and the match will never
  succeed.

* `BanMapFromJson()`: CJDNS bans are stored as just IPv6 addresses in
  `banlist.json`. Upon reading from disk they have to be converted back
  to CJDNS, otherwise, after restart, a ban entry like (`fc00::1`, IPv6)
  would not match a peer (`fc00::1`, CJDNS).

* `setban()` (in `rpc/net.cpp`): otherwise `setban fc.../mask add` would
  add an IPv6 entry to BanMan. Subnetting does not make sense for CJDNS
  addresses, thus treat `fc.../mask` as invalid `CSubNet`. The result of
  `LookupHost()` has to be converted for the case of banning a single
  host.

* `InitHTTPAllowList()`: not necessary since before this change
  `-rpcallowip=fc...` would match IPv6 subnets against IPv6 peers even
  if they started with `fc`. But because it is necessary for the above,
  `HTTPRequest::GetPeer()` also has to be adjusted to return CJDNS peer,
  so that now CJDNS peers are matched against CJDNS subnets.
diff --git a/src/httpserver.cpp b/src/httpserver.cpp
@@ -682,7 +682,7 @@ CService HTTPRequest::GetPeer() const
         evhttp_connection_get_peer(con, (char**)&address, &port);
 #endif // HAVE_EVHTTP_CONNECTION_GET_PEER_CONST_CHAR
 
-        peer = LookupNumeric(address, port);
+        peer = MaybeFlipIPv6toCJDNS(LookupNumeric(address, port));
     }
     return peer;
 }
diff --git a/src/netbase.cpp b/src/netbase.cpp
@@ -653,9 +653,10 @@ bool LookupSubNet(const std::string& subnet_str, CSubNet& subnet_out)
 
     const size_t slash_pos{subnet_str.find_last_of('/')};
     const std::string str_addr{subnet_str.substr(0, slash_pos)};
-    const std::optional<CNetAddr> addr{LookupHost(str_addr, /*fAllowLookup=*/false)};
+    std::optional<CNetAddr> addr{LookupHost(str_addr, /*fAllowLookup=*/false)};
 
     if (addr.has_value()) {
+        addr = static_cast<CNetAddr>(MaybeFlipIPv6toCJDNS(CService{addr.value(), /*port=*/0}));
         if (slash_pos != subnet_str.npos) {
             const std::string netmask_str{subnet_str.substr(slash_pos + 1)};
             uint8_t netmask;
diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp
@@ -730,7 +730,7 @@ static RPCHelpMan setban()
     if (!isSubnet) {
         const std::optional<CNetAddr> addr{LookupHost(request.params[0].get_str(), false)};
         if (addr.has_value()) {
-            netAddr = addr.value();
+            netAddr = static_cast<CNetAddr>(MaybeFlipIPv6toCJDNS(CService{addr.value(), /*port=*/0}));
         }
     }
     else

Original file line number	Diff line number	Diff line change
`@@ -682,7 +682,7 @@ CService HTTPRequest::GetPeer() const`
`682`	`682`	`evhttp_connection_get_peer(con, (char**)&address, &port);`
`683`	`683`	`#endif // HAVE_EVHTTP_CONNECTION_GET_PEER_CONST_CHAR`
`684`	`684`
`685`		`- peer = LookupNumeric(address, port);`
	`685`	`+ peer = MaybeFlipIPv6toCJDNS(LookupNumeric(address, port));`
`686`	`686`	`}`
`687`	`687`	`return peer;`
`688`	`688`	`}`
Original file line number	Diff line number	Diff line change
`@@ -730,7 +730,7 @@ static RPCHelpMan setban()`
`730`	`730`	`if (!isSubnet) {`
`731`	`731`	`const std::optional<CNetAddr> addr{LookupHost(request.params[0].get_str(), false)};`
`732`	`732`	`if (addr.has_value()) {`
`733`		`- netAddr = addr.value();`
	`733`	`+ netAddr = static_cast<CNetAddr>(MaybeFlipIPv6toCJDNS(CService{addr.value(), /port=/0}));`
`734`	`734`	`}`
`735`	`735`	`}`
`736`	`736`	`else`