From b335adb674ec6042c8d52c3d50fb2e3cec6f5e79 Mon Sep 17 00:00:00 2001 From: Nik Bougalis Date: Sun, 24 Feb 2019 10:49:32 -0800 Subject: [PATCH] Make validators opt out of crawl: If a server is configured to support crawl, it will report the IP addresses of all peers it is connected to, unless those peers have explicitly opted out by setting the `peer_private` option in their config file. This commit makes servers that are configured as validators opt out of crawling. --- src/ripple/overlay/impl/OverlayImpl.cpp | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/ripple/overlay/impl/OverlayImpl.cpp b/src/ripple/overlay/impl/OverlayImpl.cpp index b3b606ba9..f948cc3de 100644 --- a/src/ripple/overlay/impl/OverlayImpl.cpp +++ b/src/ripple/overlay/impl/OverlayImpl.cpp @@ -481,8 +481,17 @@ OverlayImpl::onPrepare() auto const port = serverHandler_.setup().overlay.port; config.peerPrivate = app_.config().PEER_PRIVATE; - config.wantIncoming = - (! config.peerPrivate) && (port != 0); + + // Servers with peer privacy don't want to allow incoming connections + config.wantIncoming = (! config.peerPrivate) && (port != 0); + + // This will cause servers configured as validators to request that + // peers they connect to never report their IP address. We set this + // after we set the 'wantIncoming' because we want a "soft" version + // of peer privacy unless the operator explicitly asks for it. + if (!app_.getValidationPublicKey().empty()) + config.peerPrivate = true; + // if it's a private peer or we are running as standalone // automatic connections would defeat the purpose. config.autoConnect =