Merge pull request #6215
a2578892
--disable-ban-rpc option to prevent RPC users from banning (naughtyfox)
This commit is contained in:
commit
e22655a187
|
@ -157,6 +157,7 @@ namespace cryptonote
|
||||||
: m_core(cr)
|
: m_core(cr)
|
||||||
, m_p2p(p2p)
|
, m_p2p(p2p)
|
||||||
, m_was_bootstrap_ever_used(false)
|
, m_was_bootstrap_ever_used(false)
|
||||||
|
, disable_rpc_ban(false)
|
||||||
{}
|
{}
|
||||||
//------------------------------------------------------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------------------------------------------------------
|
||||||
bool core_rpc_server::set_bootstrap_daemon(const std::string &address, const std::string &username_password)
|
bool core_rpc_server::set_bootstrap_daemon(const std::string &address, const std::string &username_password)
|
||||||
|
@ -247,6 +248,7 @@ namespace cryptonote
|
||||||
if (!rpc_config)
|
if (!rpc_config)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
disable_rpc_ban = rpc_config->disable_rpc_ban;
|
||||||
std::string address = command_line::get_arg(vm, arg_rpc_payment_address);
|
std::string address = command_line::get_arg(vm, arg_rpc_payment_address);
|
||||||
if (!address.empty() && allow_rpc_payment)
|
if (!address.empty() && allow_rpc_payment)
|
||||||
{
|
{
|
||||||
|
@ -359,7 +361,7 @@ namespace cryptonote
|
||||||
//------------------------------------------------------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------------------------------------------------------
|
||||||
bool core_rpc_server::add_host_fail(const connection_context *ctx, unsigned int score)
|
bool core_rpc_server::add_host_fail(const connection_context *ctx, unsigned int score)
|
||||||
{
|
{
|
||||||
if(!ctx || !ctx->m_remote_address.is_blockable())
|
if(!ctx || !ctx->m_remote_address.is_blockable() || disable_rpc_ban)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
||||||
|
|
|
@ -286,6 +286,7 @@ private:
|
||||||
epee::critical_section m_host_fails_score_lock;
|
epee::critical_section m_host_fails_score_lock;
|
||||||
std::map<std::string, uint64_t> m_host_fails_score;
|
std::map<std::string, uint64_t> m_host_fails_score;
|
||||||
std::unique_ptr<rpc_payment> m_rpc_payment;
|
std::unique_ptr<rpc_payment> m_rpc_payment;
|
||||||
|
bool disable_rpc_ban;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -103,6 +103,7 @@ namespace cryptonote
|
||||||
, rpc_ssl_allowed_fingerprints({"rpc-ssl-allowed-fingerprints", rpc_args::tr("List of certificate fingerprints to allow")})
|
, rpc_ssl_allowed_fingerprints({"rpc-ssl-allowed-fingerprints", rpc_args::tr("List of certificate fingerprints to allow")})
|
||||||
, rpc_ssl_allow_chained({"rpc-ssl-allow-chained", rpc_args::tr("Allow user (via --rpc-ssl-certificates) chain certificates"), false})
|
, rpc_ssl_allow_chained({"rpc-ssl-allow-chained", rpc_args::tr("Allow user (via --rpc-ssl-certificates) chain certificates"), false})
|
||||||
, rpc_ssl_allow_any_cert({"rpc-ssl-allow-any-cert", rpc_args::tr("Allow any peer certificate"), false})
|
, rpc_ssl_allow_any_cert({"rpc-ssl-allow-any-cert", rpc_args::tr("Allow any peer certificate"), false})
|
||||||
|
, disable_rpc_ban({"disable-rpc-ban", rpc_args::tr("Do not ban hosts on RPC errors"), false, false})
|
||||||
{}
|
{}
|
||||||
|
|
||||||
const char* rpc_args::tr(const char* str) { return i18n_translate(str, "cryptonote::rpc_args"); }
|
const char* rpc_args::tr(const char* str) { return i18n_translate(str, "cryptonote::rpc_args"); }
|
||||||
|
@ -123,6 +124,7 @@ namespace cryptonote
|
||||||
command_line::add_arg(desc, arg.rpc_ssl_ca_certificates);
|
command_line::add_arg(desc, arg.rpc_ssl_ca_certificates);
|
||||||
command_line::add_arg(desc, arg.rpc_ssl_allowed_fingerprints);
|
command_line::add_arg(desc, arg.rpc_ssl_allowed_fingerprints);
|
||||||
command_line::add_arg(desc, arg.rpc_ssl_allow_chained);
|
command_line::add_arg(desc, arg.rpc_ssl_allow_chained);
|
||||||
|
command_line::add_arg(desc, arg.disable_rpc_ban);
|
||||||
if (any_cert_option)
|
if (any_cert_option)
|
||||||
command_line::add_arg(desc, arg.rpc_ssl_allow_any_cert);
|
command_line::add_arg(desc, arg.rpc_ssl_allow_any_cert);
|
||||||
}
|
}
|
||||||
|
@ -136,6 +138,7 @@ namespace cryptonote
|
||||||
config.bind_ipv6_address = command_line::get_arg(vm, arg.rpc_bind_ipv6_address);
|
config.bind_ipv6_address = command_line::get_arg(vm, arg.rpc_bind_ipv6_address);
|
||||||
config.use_ipv6 = command_line::get_arg(vm, arg.rpc_use_ipv6);
|
config.use_ipv6 = command_line::get_arg(vm, arg.rpc_use_ipv6);
|
||||||
config.require_ipv4 = !command_line::get_arg(vm, arg.rpc_ignore_ipv4);
|
config.require_ipv4 = !command_line::get_arg(vm, arg.rpc_ignore_ipv4);
|
||||||
|
config.disable_rpc_ban = command_line::get_arg(vm, arg.disable_rpc_ban);
|
||||||
if (!config.bind_ip.empty())
|
if (!config.bind_ip.empty())
|
||||||
{
|
{
|
||||||
// always parse IP here for error consistency
|
// always parse IP here for error consistency
|
||||||
|
|
|
@ -65,6 +65,7 @@ namespace cryptonote
|
||||||
const command_line::arg_descriptor<std::vector<std::string>> rpc_ssl_allowed_fingerprints;
|
const command_line::arg_descriptor<std::vector<std::string>> rpc_ssl_allowed_fingerprints;
|
||||||
const command_line::arg_descriptor<bool> rpc_ssl_allow_chained;
|
const command_line::arg_descriptor<bool> rpc_ssl_allow_chained;
|
||||||
const command_line::arg_descriptor<bool> rpc_ssl_allow_any_cert;
|
const command_line::arg_descriptor<bool> rpc_ssl_allow_any_cert;
|
||||||
|
const command_line::arg_descriptor<bool> disable_rpc_ban;
|
||||||
};
|
};
|
||||||
|
|
||||||
// `allow_any_cert` bool toggles `--rpc-ssl-allow-any-cert` configuration
|
// `allow_any_cert` bool toggles `--rpc-ssl-allow-any-cert` configuration
|
||||||
|
@ -85,5 +86,6 @@ namespace cryptonote
|
||||||
std::vector<std::string> access_control_origins;
|
std::vector<std::string> access_control_origins;
|
||||||
boost::optional<tools::login> login; // currently `boost::none` if unspecified by user
|
boost::optional<tools::login> login; // currently `boost::none` if unspecified by user
|
||||||
epee::net_utils::ssl_options_t ssl_options = epee::net_utils::ssl_support_t::e_ssl_support_enabled;
|
epee::net_utils::ssl_options_t ssl_options = epee::net_utils::ssl_support_t::e_ssl_support_enabled;
|
||||||
|
bool disable_rpc_ban = false;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue