| 374 | } |
| 375 | |
| 376 | void TorController::auth_cb(TorControlConnection& _conn, const TorControlReply& reply) |
| 377 | { |
| 378 | if (reply.code == 250) { |
| 379 | LogPrint(BCLog::TOR, "tor: Authentication successful\n"); |
| 380 | |
| 381 | // Now that we know Tor is running setup the proxy for onion addresses |
| 382 | // if -onion isn't set to something else. |
| 383 | if (gArgs.GetArg("-onion", "") == "") { |
| 384 | CService resolved(LookupNumeric("127.0.0.1", 9050)); |
| 385 | Proxy addrOnion = Proxy(resolved, true); |
| 386 | SetProxy(NET_ONION, addrOnion); |
| 387 | |
| 388 | const auto onlynets = gArgs.GetArgs("-onlynet"); |
| 389 | |
| 390 | const bool onion_allowed_by_onlynet{ |
| 391 | !gArgs.IsArgSet("-onlynet") || |
| 392 | std::any_of(onlynets.begin(), onlynets.end(), [](const auto& n) { |
| 393 | return ParseNetwork(n) == NET_ONION; |
| 394 | })}; |
| 395 | |
| 396 | if (onion_allowed_by_onlynet) { |
| 397 | // If NET_ONION is reachable, then the below is a noop. |
| 398 | // |
| 399 | // If NET_ONION is not reachable, then none of -proxy or -onion was given. |
| 400 | // Since we are here, then -torcontrol and -torpassword were given. |
| 401 | SetReachable(NET_ONION, true); |
| 402 | } |
| 403 | } |
| 404 | |
| 405 | // Finally - now create the service |
| 406 | if (private_key.empty()) { // No private key, generate one |
| 407 | private_key = "NEW:ED25519-V3"; // Explicitly request key type - see issue #9214 |
| 408 | } |
| 409 | // Request onion service, redirect port. |
| 410 | // Note that the 'virtual' port is always the default port to avoid decloaking nodes using other ports. |
| 411 | _conn.Command(strprintf("ADD_ONION %s Port=%i,%s", private_key, Params().GetDefaultPort(), m_target.ToStringIPPort()), |
| 412 | std::bind(&TorController::add_onion_cb, this, std::placeholders::_1, std::placeholders::_2)); |
| 413 | } else { |
| 414 | LogPrintf("tor: Authentication failed\n"); |
| 415 | } |
| 416 | } |
| 417 | |
| 418 | /** Compute Tor SAFECOOKIE response. |
| 419 | * |