diff --git a/src/net.cpp b/src/net.cpp index 0391edadaa..337d1f6a46 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -909,8 +909,8 @@ void CConnman::AcceptConnection(const ListenSocket& hListenSocket) { bool legacyWhitelisted = false; if (NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_ISIMPLICIT)) { NetPermissions::ClearFlag(permissionFlags, PF_ISIMPLICIT); - if (gArgs.GetBoolArg("-whitelistforcerelay", false)) NetPermissions::AddFlag(permissionFlags, PF_FORCERELAY); - if (gArgs.GetBoolArg("-whitelistrelay", false)) NetPermissions::AddFlag(permissionFlags, PF_RELAY); + if (gArgs.GetBoolArg("-whitelistforcerelay", DEFAULT_WHITELISTFORCERELAY)) NetPermissions::AddFlag(permissionFlags, PF_FORCERELAY); + if (gArgs.GetBoolArg("-whitelistrelay", DEFAULT_WHITELISTRELAY)) NetPermissions::AddFlag(permissionFlags, PF_RELAY); NetPermissions::AddFlag(permissionFlags, PF_MEMPOOL); NetPermissions::AddFlag(permissionFlags, PF_NOBAN); legacyWhitelisted = true; diff --git a/src/net.h b/src/net.h index 75c05c9cb5..6c77d8135f 100644 --- a/src/net.h +++ b/src/net.h @@ -40,6 +40,11 @@ class CScheduler; class CNode; class BanMan; +/** Default for -whitelistrelay. */ +static const bool DEFAULT_WHITELISTRELAY = true; +/** Default for -whitelistforcerelay. */ +static const bool DEFAULT_WHITELISTFORCERELAY = false; + /** Time between pings automatically sent out for latency probing and keepalive (in seconds). */ static const int PING_INTERVAL = 2 * 60; /** Time after which to disconnect, after waiting for a ping response (or inactivity). */ diff --git a/src/validation.h b/src/validation.h index 7cf3311f22..99850f71d9 100644 --- a/src/validation.h +++ b/src/validation.h @@ -50,10 +50,6 @@ struct DisconnectedBlockTransactions; struct PrecomputedTransactionData; struct LockPoints; -/** Default for -whitelistrelay. */ -static const bool DEFAULT_WHITELISTRELAY = true; -/** Default for -whitelistforcerelay. */ -static const bool DEFAULT_WHITELISTFORCERELAY = false; /** Default for -minrelaytxfee, minimum relay fee for transactions */ static const unsigned int DEFAULT_MIN_RELAY_TX_FEE = 1000; /** Default for -limitancestorcount, max number of in-mempool ancestors */ diff --git a/test/functional/p2p_permissions.py b/test/functional/p2p_permissions.py old mode 100644 new mode 100755 index 1013055420..40b28d7533 --- a/test/functional/p2p_permissions.py +++ b/test/functional/p2p_permissions.py @@ -23,18 +23,24 @@ class P2PPermissionsTests(BitcoinTestFramework): def run_test(self): self.checkpermission( - # relay permission added - ["-whitelist=127.0.0.1", "-whitelistrelay"], - ["relay", "noban", "mempool"], - True) + # default permissions (no specific permissions) + ["-whitelist=127.0.0.1"], + ["relay", "noban", "mempool"], + True) self.checkpermission( - # forcerelay and relay permission added - # Legacy parameter interaction which set whitelistrelay to true - # if whitelistforcerelay is true - ["-whitelist=127.0.0.1", "-whitelistforcerelay"], - ["forcerelay", "relay", "noban", "mempool"], - True) + # relay permission removed (no specific permissions) + ["-whitelist=127.0.0.1", "-whitelistrelay=0"], + ["noban", "mempool"], + True) + + self.checkpermission( + # forcerelay and relay permission added + # Legacy parameter interaction which set whitelistrelay to true + # if whitelistforcerelay is true + ["-whitelist=127.0.0.1", "-whitelistforcerelay"], + ["forcerelay", "relay", "noban", "mempool"], + True) # Let's make sure permissions are merged correctly # For this, we need to use whitebind instead of bind @@ -42,35 +48,35 @@ class P2PPermissionsTests(BitcoinTestFramework): ip_port = "127.0.0.1:{}".format(p2p_port(1)) self.replaceinconfig(1, "bind=127.0.0.1", "whitebind=bloomfilter,forcerelay@" + ip_port) self.checkpermission( - ["-whitelist=noban@127.0.0.1" ], - # Check parameter interaction forcerelay should activate relay - ["noban", "bloomfilter", "forcerelay", "relay" ], - False) + ["-whitelist=noban@127.0.0.1" ], + # Check parameter interaction forcerelay should activate relay + ["noban", "bloomfilter", "forcerelay", "relay" ], + False) self.replaceinconfig(1, "whitebind=bloomfilter,forcerelay@" + ip_port, "bind=127.0.0.1") self.checkpermission( - # legacy whitelistrelay should be ignored - ["-whitelist=noban,mempool@127.0.0.1", "-whitelistrelay"], - ["noban", "mempool"], - False) + # legacy whitelistrelay should be ignored + ["-whitelist=noban,mempool@127.0.0.1", "-whitelistrelay"], + ["noban", "mempool"], + False) self.checkpermission( - # legacy whitelistforcerelay should be ignored - ["-whitelist=noban,mempool@127.0.0.1", "-whitelistforcerelay"], - ["noban", "mempool"], - False) + # legacy whitelistforcerelay should be ignored + ["-whitelist=noban,mempool@127.0.0.1", "-whitelistforcerelay"], + ["noban", "mempool"], + False) self.checkpermission( - # missing mempool permission to be considered legacy whitelisted - ["-whitelist=noban@127.0.0.1"], - ["noban"], - False) + # missing mempool permission to be considered legacy whitelisted + ["-whitelist=noban@127.0.0.1"], + ["noban"], + False) self.checkpermission( - # all permission added - ["-whitelist=all@127.0.0.1"], - ["forcerelay", "noban", "mempool", "bloomfilter", "relay"], - False) + # all permission added + ["-whitelist=all@127.0.0.1"], + ["forcerelay", "noban", "mempool", "bloomfilter", "relay"], + False) self.stop_node(1) self.nodes[1].assert_start_raises_init_error(["-whitelist=oopsie@127.0.0.1"], "Invalid P2P permission", match=ErrorMatch.PARTIAL_REGEX) diff --git a/test/functional/rpc_setban.py b/test/functional/rpc_setban.py old mode 100644 new mode 100755