Merge bitcoin/bitcoin#32539: init: Configure reachable networks before we start the RPC server

12ff4be9c7 test: ensure -rpcallowip is compatible with RFC4193 (Matthew Zipkin) c02bd3c187 config: Explain RFC4193 and CJDNS interaction in help and init error (Matthew Zipkin) f728b6b111 init: Configure reachable networks before we start the RPC server (Matthew Zipkin) Pull request description: Closes https://github.com/bitcoin/bitcoin/issues/32433 `MaybeFlipIPv6toCJDNS()` relies on `g_reachable_nets` to distinguish between CJDNS addresses and other IPv6 addresses. In particular, [RFC4193](https://www.rfc-editor.org/rfc/rfc4193#section-3.1) address or "Unique Local Address" with the L-bit unset also begins with the `fc` prefix. #32433 highlights a use case for these addresses that have nothing to do with CJDNS. On master we don't parse init flags like `-cjdnsreachable` until *after* the HTTP server has started, causing conflicts with `-rpcallowip` because CJDNS doesn't support subnets. This PR ensures that `NET_CJDNS` is only present in the reachable networks list if set by `-cjdnsreachable` *before* `-rpcallowip` is checked. If it is set all `fc` addresses are assumed to be CJDNS, can not have subnets, and can't be set for `-rpcallowip`. I also noted this specific parameter interaction in the init help as well as the error message if configured incorrectly. This can be tested locally: `bitcoind -regtest -rpcallowip=fc00:dead:beef::/64 -rpcuser=u -rpcpassword=p` On master this will just throw an error that doesn't even mention IPv6 at all. On the branch, this will succeed and can be tested by adding the ULA to a local interface. On linux: `sudo ip -6 addr add fc00:dead:beef::1/64 dev lo` On macos: `sudo ifconfig lo0 inet6 fc00:dead:beef::1/128 add` then: `curl -v -g -6 --interface fc00:dead:beef::1 u:p@[::1]:18443 --data '{"method":"getblockcount"}'` If the `rpcallowip` option is removed, the RPC request will fail to authorize. Finally, adding `-cjdnsreachable` to the start up command will throw an error and specify the incompatibility: > RFC4193 is allowed only if -cjdnsreachable=0. ACKs for top commit: achow101: ACK 12ff4be9c7 tapcrafter: tACK 12ff4be9c7 ryanofsky: Code review ACK 12ff4be9c7 willcl-ark: ACK 12ff4be9c7 Tree-SHA512: a4dd70ca2bb9f6ec2c0a9463fd73985d1ed80552c674a9067ac9a86662d1c018cc275ba757cebb2993c5f3971ecf4778b95d35fe7a7178fb41b1d18b601c9960
2026-01-19 23:03:45 +01:00 · 2025-06-06 15:31:36 -07:00
parent 2053c43684 12ff4be9c7
commit e2174378aa
3 changed files with 49 additions and 26 deletions
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -229,7 +229,7 @@ static bool InitHTTPAllowList()
        const CSubNet subnet{LookupSubNet(strAllow)};
        if (!subnet.IsValid()) {
            uiInterface.ThreadSafeMessageBox(
-                Untranslated(strprintf("Invalid -rpcallowip subnet specification: %s. Valid are a single IP (e.g. 1.2.3.4), a network/netmask (e.g. 1.2.3.4/255.255.255.0) or a network/CIDR (e.g. 1.2.3.4/24).", strAllow)),
+                Untranslated(strprintf("Invalid -rpcallowip subnet specification: %s. Valid values are a single IP (e.g. 1.2.3.4), a network/netmask (e.g. 1.2.3.4/255.255.255.0), a network/CIDR (e.g. 1.2.3.4/24), all ipv4 (0.0.0.0/0), or all ipv6 (::/0). RFC4193 is allowed only if -cjdnsreachable=0.", strAllow)),
                "", CClientUIInterface::MSG_ERROR);
            return false;
        }