Mercurial > hg > bitcoin

changeset 3081:f96d6404041f draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Allow clients on the IPv6 loopback as well Signed-off-by: Giel van Schijndel <me@mortis.eu>
author Giel van Schijndel <me@mortis.eu>
date Wed, 10 Aug 2011 14:21:43 +0200
parents 0a1544df18af
children e5c75ca4f18c
files src/bitcoinrpc.cpp
diffstat 1 files changed, 12 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/bitcoinrpc.cpp
+++ b/src/bitcoinrpc.cpp
@@ -2548,10 +2548,19 @@
     stream << HTTPReply(nStatus, strReply, false) << std::flush;
 }
 
-bool ClientAllowed(const string& strAddress)
+bool ClientAllowed(const boost::asio::ip::address& address)
 {
-    if (strAddress == asio::ip::address_v4::loopback().to_string())
+    // Make sure that IPv4-compatible and IPv4-mapped IPv6 addresses are treated as IPv4 addresses
+    if (address.is_v6()
+     && (address.to_v6().is_v4_compatible()
+      || address.to_v6().is_v4_mapped()))
+        return ClientAllowed(address.to_v6().to_v4());
+
+    if (address == asio::ip::address_v4::loopback()
+     || address == asio::ip::address_v6::loopback())
         return true;
+
+    const string strAddress = address.to_string();
     const vector<string>& vAllow = mapMultiArgs["-rpcallowip"];
     BOOST_FOREACH(string strAllow, vAllow)
         if (WildcardMatch(strAddress, strAllow))
@@ -2696,7 +2705,7 @@
     // Restrict callers by IP.  It is important to
     // do this before starting client thread, to filter out
     // certain DoS and misbehaving clients.
-    else if (!ClientAllowed(conn->peer.address().to_string()))
+    else if (!ClientAllowed(conn->peer.address()))
     {
         // Only send a 403 if we're not using SSL to prevent a DoS during the SSL handshake.
         if (!fUseSSL)