rpc server: send '403 Forbidden' to rejected clients #343

pull muggenhor wants to merge 2 commits into bitcoin:master from muggenhor:proper-http-server-rejection changing 1 files +7 −1
  1. muggenhor commented at 5:44 PM on June 24, 2011: contributor

    In order to be a proper HTTP implementation clients that aren't allowed to connect to the RPC server (using -rpcallowip), should receive a proper HTTP response. So instead of closing the connection on them send a '403 Forbidden' status.

    Signed-off-by: Giel van Schijndel me@mortis.eu

  2. gavinandresen commented at 7:00 PM on June 24, 2011: contributor

    I believe this would open up a denial-of-service attack.

    The problem is that sending ANY response over an SSL connection starts the SSL handshake. So the attack scenario is:

    Attacker connects to your node (and they're not from -rpcallowip address). You're running -ssl=1, so start ssl handshake to return 403 response. Attacker doesn't respond... your rpc process must wait -rpctimeout seconds before proceeding.

    Just dropping the connection immediately prevents the attack. Being "a proper HTTP implementation" is not high on the bitcoin wish list.

  3. muggenhor commented at 7:51 PM on June 24, 2011: contributor

    Right, so what about only sending back a 403 when not using SSL? I'm pretty sure the TCP send window on most OSes these days is enough to fit those few bytes.

  4. muggenhor commented at 8:04 PM on June 24, 2011: contributor

    As for waiting for the timeout, the network portion of the RPC code could easily enough be rewritten to use asynchronous I/O (by means of Boost.Asio's async_* functions and io_service.(?:poll|run)(?:_one)?).

    I was thinking of doing that anyway, as it would allow for easier IPv6 integration (i.e. only at setup time).

  5. rpc server: send '403 Forbidden' to rejected clients
    In order to be a proper HTTP implementation clients that aren't allowed
to connect to the RPC server (using -rpcallowip), should receive a
proper HTTP response.  So instead of closing the connection on them send
a '403 Forbidden' status.

Signed-off-by: Giel van Schijndel <me@mortis.eu>
    c9e70d4c0a
  6. rpc: don't send 403 when using SSL to prevent DoS
    Signed-off-by: Giel van Schijndel <me@mortis.eu>
    e913574e02
  7. jgarzik referenced this in commit c4286dc6ee on Jul 1, 2011
  8. jgarzik merged this on Jul 1, 2011
  9. jgarzik closed this on Jul 1, 2011
  10. sipa referenced this in commit 003bb87153 on Nov 5, 2015
  11. sipa referenced this in commit bfd83199c3 on Nov 11, 2015
  12. sipa referenced this in commit b437ea7ec9 on Nov 12, 2015
  13. sipa referenced this in commit 1d84107924 on Nov 12, 2015
  14. zathras-crypto referenced this in commit 93495ff562 on Feb 25, 2016
  15. jtimon referenced this in commit 91ee21c024 on Mar 11, 2016
  16. rebroad referenced this in commit 40ead34fbe on Dec 7, 2016
  17. deadalnix referenced this in commit 3b7bc695ef on Jan 19, 2017
  18. ptschip referenced this in commit 51c4a8bff8 on Mar 7, 2017
  19. classesjack referenced this in commit 35159149d4 on Jan 2, 2018
  20. lateminer referenced this in commit 4324a0b5eb on Oct 16, 2019
  21. rajarshimaitra referenced this in commit 915ebc195a on Aug 5, 2021
  22. DrahtBot locked this on Sep 8, 2021
  23. DrahtBot added the label CI failed on Apr 5, 2023
  24. MarcoFalke removed the label CI failed on Apr 5, 2023
Contributors
muggenhorgavinandresen
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-29 03:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me