From 7f020841e6f762aa44d7e273978d9bd434c654be Mon Sep 17 00:00:00 2001
From: Thomas Winget <tewinget@gmail.com>
Date: Tue, 23 Apr 2019 04:59:03 -0400
Subject: [PATCH] set service nodes to bind RPC externally

This commit changes such that if the daemon is set to run as a service node
and the address(es) to bind RPC to are local, they are set to the
appropriate 'any' address, and a warning is printed/logged.
---
 src/cryptonote_core/cryptonote_core.cpp |  5 +++++
 src/cryptonote_core/cryptonote_core.h   |  7 +++++++
 src/daemon/daemon.cpp                   | 28 ++++++++++++++++++++-----
 src/rpc/core_rpc_server.cpp             | 14 +++++++++++++
 4 files changed, 49 insertions(+), 5 deletions(-)

diff --git a/src/cryptonote_core/cryptonote_core.cpp b/src/cryptonote_core/cryptonote_core.cpp
index 59571e943c8..11987f46e0c 100644
--- a/src/cryptonote_core/cryptonote_core.cpp
+++ b/src/cryptonote_core/cryptonote_core.cpp
@@ -2076,6 +2076,11 @@ namespace cryptonote
     return m_service_node_list.is_service_node(pubkey);
   }
   //-----------------------------------------------------------------------------------------------
+  bool core::is_service_node() const
+  {
+    return m_service_node;
+  }
+  //-----------------------------------------------------------------------------------------------
   const std::vector<service_nodes::key_image_blacklist_entry> &core::get_service_node_blacklisted_key_images() const
   {
     const auto &result = m_service_node_list.get_blacklisted_key_images();
diff --git a/src/cryptonote_core/cryptonote_core.h b/src/cryptonote_core/cryptonote_core.h
index 46cfe533777..0f40d3909aa 100644
--- a/src/cryptonote_core/cryptonote_core.h
+++ b/src/cryptonote_core/cryptonote_core.h
@@ -826,6 +826,13 @@ namespace cryptonote
        */
      bool is_service_node(const crypto::public_key& pubkey) const;
 
+     /**
+       * @brief get whether this node is a service node
+       *
+       * @return whether this node is a service node
+       */
+     bool is_service_node() const;
+
      /**
       * @brief Add a vote to deregister a service node from network
       *
diff --git a/src/daemon/daemon.cpp b/src/daemon/daemon.cpp
index 72f21121ea5..1dc0641e541 100644
--- a/src/daemon/daemon.cpp
+++ b/src/daemon/daemon.cpp
@@ -65,6 +65,12 @@ struct t_internals {
   t_p2p p2p;
   std::vector<std::unique_ptr<t_rpc>> rpcs;
 
+  bool m_arg_rpc_restricted;
+  std::string m_arg_main_rpc_port;
+  std::string m_arg_restricted_rpc_port;
+  bool m_use_separate_restricted_rpc;
+  boost::program_options::variables_map m_vm;
+
   t_internals(
       boost::program_options::variables_map const & vm
     )
@@ -72,21 +78,31 @@ struct t_internals {
     , protocol{vm, core, command_line::get_arg(vm, cryptonote::arg_offline)}
     , p2p{vm, protocol}
   {
+    m_vm = vm; // copy for later construction of rpc instances
+
     // Handle circular dependencies
     protocol.set_p2p_endpoint(p2p.get());
     core.set_protocol(protocol.get());
 
-    const auto restricted = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_restricted_rpc);
-    const auto main_rpc_port = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_rpc_bind_port);
-    rpcs.emplace_back(new t_rpc{vm, core, p2p, restricted, main_rpc_port, "core"});
+    m_arg_rpc_restricted = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_restricted_rpc);
+    m_arg_main_rpc_port = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_rpc_bind_port);
+
 
     auto restricted_rpc_port_arg = cryptonote::core_rpc_server::arg_rpc_restricted_bind_port;
     if(!command_line::is_arg_defaulted(vm, restricted_rpc_port_arg))
     {
-      auto restricted_rpc_port = command_line::get_arg(vm, restricted_rpc_port_arg);
-      rpcs.emplace_back(new t_rpc{vm, core, p2p, true, restricted_rpc_port, "restricted"});
+      m_arg_restricted_rpc_port = command_line::get_arg(vm, restricted_rpc_port_arg);
+      m_use_separate_restricted_rpc = true;
     }
   }
+
+  void setup_rpcs()
+  {
+    rpcs.emplace_back(new t_rpc{m_vm, core, p2p, m_arg_rpc_restricted, m_arg_main_rpc_port, "core"});
+
+    if (m_use_separate_restricted_rpc)
+      rpcs.emplace_back(new t_rpc{m_vm, core, p2p, true, m_arg_restricted_rpc_port, "restricted"});
+  }
 };
 
 void t_daemon::init_options(boost::program_options::options_description & option_spec)
@@ -153,6 +169,8 @@ bool t_daemon::run(bool interactive)
     if (!mp_internals->core.run())
       return false;
 
+    mp_internals->setup_rpcs();
+
     for(auto& rpc: mp_internals->rpcs)
       rpc->run();
 
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index a1ef73dd1f4..9aba7b6f1e8 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -93,6 +93,20 @@ namespace cryptonote
     if (!rpc_config)
       return false;
 
+    if (m_core.is_service_node())
+    {
+      if (tools::is_local_address(rpc_config->bind_ip))
+      {
+        MWARNING("Running a service node sets RPC to bind externally.  RPC binding to 0.0.0.0 (IPv4)");
+        rpc_config->bind_ip = "0.0.0.0";
+      }
+      if (rpc_config->use_ipv6 && tools::is_local_address(rpc_config->bind_ipv6_address))
+      {
+        MWARNING("Running a service node sets RPC to bind externally.  RPC binding to [::] (IPv6)");
+        rpc_config->bind_ipv6_address = "::";
+      }
+    }
+
     m_bootstrap_daemon_address = command_line::get_arg(vm, arg_bootstrap_daemon_address);
     if (!m_bootstrap_daemon_address.empty())
     {