net: add option in CConman to disable v1 clearnet connections

stratospher · stratospher · commit eb2fba9bce12 · 2024-10-28T10:23:18.000+05:30
a boolean option `disable_v1conn_clearnet` is introduced in CConman
which will (in a later commit) store if the user wishes to disable
outbound v1 connections on IPV4 and IPV6 networks since they are
unencrypted.

this option is accessible outside CConman using
`DisableV1OnClearnet()` function with the network we're trying to
connect to passed as an argument.
diff --git a/src/net.cpp b/src/net.cpp
@@ -2435,6 +2435,11 @@ bool CConnman::MultipleManualOrFullOutboundConns(Network net) const
     return m_network_conn_counts[net] > 1;
 }
 
+bool CConnman::DisableV1OnClearnet(Network net) const
+{
+    return disable_v1conn_clearnet && (net == NET_IPV4 || net == NET_IPV6);
+}
+
 bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)
 {
     std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};
diff --git a/src/net.h b/src/net.h
@@ -1059,6 +1059,7 @@ class CConnman
         bool m_i2p_accept_incoming;
         bool whitelist_forcerelay = DEFAULT_WHITELISTFORCERELAY;
         bool whitelist_relay = DEFAULT_WHITELISTRELAY;
+        bool disable_v1conn_clearnet = false;
     };
 
     void Init(const Options& connOptions) EXCLUSIVE_LOCKS_REQUIRED(!m_added_nodes_mutex, !m_total_bytes_sent_mutex)
@@ -1096,6 +1097,7 @@ class CConnman
         m_onion_binds = connOptions.onion_binds;
         whitelist_forcerelay = connOptions.whitelist_forcerelay;
         whitelist_relay = connOptions.whitelist_relay;
+        disable_v1conn_clearnet = connOptions.disable_v1conn_clearnet;
     }
 
     CConnman(uint64_t seed0, uint64_t seed1, AddrMan& addrman, const NetGroupManager& netgroupman,
@@ -1253,6 +1255,9 @@ class CConnman
 
     bool MultipleManualOrFullOutboundConns(Network net) const EXCLUSIVE_LOCKS_REQUIRED(m_nodes_mutex);
 
+    /* Disables outbound v1 connections on IPV4/IPV6 network. */
+    bool DisableV1OnClearnet(Network net) const;
+
 private:
     struct ListenSocket {
     public:
@@ -1572,6 +1577,13 @@ class CConnman
      */
     bool whitelist_relay;
 
+    /**
+     * option for disabling outbound v1 connections on IPV4 and IPV6.
+     * outbound connections on IPV4/IPV6 need to be v2 connections.
+     * outbound connections on Tor/I2P/CJDNS can be v1 or v2 connections.
+     */
+    bool disable_v1conn_clearnet;
+
     /**
      * Mutex protecting m_i2p_sam_sessions.
      */

Original file line number	Diff line number	Diff line change
`@@ -2435,6 +2435,11 @@ bool CConnman::MultipleManualOrFullOutboundConns(Network net) const`
`2435`	`2435`	`return m_network_conn_counts[net] > 1;`
`2436`	`2436`	`}`
`2437`	`2437`
	`2438`	`+bool CConnman::DisableV1OnClearnet(Network net) const`
	`2439`	`+{`
	`2440`	`+ return disable_v1conn_clearnet && (net == NET_IPV4 \|\| net == NET_IPV6);`
	`2441`	`+}`
	`2442`	`+`
`2438`	`2443`	`bool CConnman::MaybePickPreferredNetwork(std::optional<Network>& network)`
`2439`	`2444`	`{`
`2440`	`2445`	`std::array<Network, 5> nets{NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS};`