From 5c3e84b6aee15bc0bfd4074181d793d065d5fa96 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sun, 20 Dec 2020 12:48:34 +0000 Subject: restrict public node checks a little do not include blocked hosts in peer lists or public node lists by default, warn about no https on clearnet and about untrusted peers likely being spies --- src/rpc/core_rpc_server.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'src/rpc/core_rpc_server.cpp') diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index e6ad93312..dc05b93e1 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -190,6 +190,7 @@ namespace cryptonote request.gray = true; request.white = true; + request.include_blocked = false; if (!on_get_public_nodes(request, response) || response.status != CORE_RPC_STATUS_OK) { return {}; @@ -1382,6 +1383,8 @@ namespace cryptonote for (auto & entry : white_list) { + if (!req.include_blocked && m_p2p.is_host_blocked(entry.adr, NULL)) + continue; if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id()) res.white_list.emplace_back(entry.id, entry.adr.as().ip(), entry.adr.as().port(), entry.last_seen, entry.pruning_seed, entry.rpc_port, entry.rpc_credits_per_hash); @@ -1394,6 +1397,8 @@ namespace cryptonote for (auto & entry : gray_list) { + if (!req.include_blocked && m_p2p.is_host_blocked(entry.adr, NULL)) + continue; if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id()) res.gray_list.emplace_back(entry.id, entry.adr.as().ip(), entry.adr.as().port(), entry.last_seen, entry.pruning_seed, entry.rpc_port, entry.rpc_credits_per_hash); @@ -1412,8 +1417,10 @@ namespace cryptonote { RPC_TRACKER(get_public_nodes); + COMMAND_RPC_GET_PEER_LIST::request peer_list_req; COMMAND_RPC_GET_PEER_LIST::response peer_list_res; - const bool success = on_get_peer_list(COMMAND_RPC_GET_PEER_LIST::request(), peer_list_res, ctx); + peer_list_req.include_blocked = req.include_blocked; + const bool success = on_get_peer_list(peer_list_req, peer_list_res, ctx); res.status = peer_list_res.status; if (!success) { -- cgit v1.2.3