diff --git a/src/rpc/server.cpp b/src/rpc/server.cpp index 497c8bbd30..25aba08644 100644 --- a/src/rpc/server.cpp +++ b/src/rpc/server.cpp @@ -500,15 +500,19 @@ bool ClientAllowed(const boost::asio::ip::address& address) { // Make sure that IPv4-compatible and IPv4-mapped IPv6 addresses are treated as IPv4 addresses if (address.is_v6() - && (address.to_v6().is_v4_compatible() - || address.to_v6().is_v4_mapped())) - return ClientAllowed(address.to_v6().to_v4()); + && (address.to_v6() <= boost::asio::ip::make_address_v6("::ffff:ffff") + || address.to_v6().is_v4_mapped())) { + auto address6 = address.to_v6(); + auto bytes = address6.to_bytes(); + + return ClientAllowed(boost::asio::ip::address_v4({bytes[12], bytes[13], bytes[14], bytes[15]})); + } if (address == asio::ip::address_v4::loopback() || address == asio::ip::address_v6::loopback() || (address.is_v4() // Check whether IPv4 addresses match 127.0.0.0/8 (loopback subnet) - && (address.to_v4().to_ulong() & 0xff000000) == 0x7f000000)) + && (address.to_v4().to_bytes()[0] == 127))) return true; const string strAddress = address.to_string(); @@ -661,7 +665,7 @@ void StartRPCThreads() acceptor->set_option(boost::asio::ip::v6_only(loopback), v6_only_error); acceptor->bind(endpoint); - acceptor->listen(socket_base::max_connections); + acceptor->listen(socket_base::max_listen_connections); RPCListen(acceptor, *rpc_ssl_context, fUseSSL); @@ -684,7 +688,7 @@ void StartRPCThreads() acceptor->open(endpoint.protocol()); acceptor->set_option(boost::asio::ip::tcp::acceptor::reuse_address(true)); acceptor->bind(endpoint); - acceptor->listen(socket_base::max_connections); + acceptor->listen(socket_base::max_listen_connections); RPCListen(acceptor, *rpc_ssl_context, fUseSSL);