zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6325 Commits
183 Branches
291 MiB
Tree: 40342bfa4a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '40342bfa4a'
${ noResults }
tendermint/privval/socket.go

538 lines
12 KiB
Raw Normal View History

Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
fix import paths
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
 
  1. package privval
  2. 

  3. import (
  4. 	"errors"
  5. 	"fmt"
  6. 	"io"
  7. 	"net"
  8. 	"time"
  9. 

  10. 	"github.com/tendermint/go-amino"
  11. 	"github.com/tendermint/tendermint/crypto"
  12. 	cmn "github.com/tendermint/tendermint/libs/common"
  13. 	"github.com/tendermint/tendermint/libs/log"
  14. 

  15. 	p2pconn "github.com/tendermint/tendermint/p2p/conn"
  16. 	"github.com/tendermint/tendermint/types"
  17. )
  18. 

  19. const (
  20. 	defaultAcceptDeadlineSeconds = 3
  21. 	defaultConnDeadlineSeconds   = 3
  22. 	defaultConnHeartBeatSeconds  = 30
  23. 	defaultConnWaitSeconds       = 60
  24. 	defaultDialRetries           = 10
  25. )
  26. 

  27. // Socket errors.

  28. var (
  29. 	ErrDialRetryMax    = errors.New("dialed maximum retries")
  30. 	ErrConnWaitTimeout = errors.New("waited for remote signer for too long")
  31. 	ErrConnTimeout     = errors.New("remote signer timed out")
  32. )
  33. 

  34. var (
  35. 	acceptDeadline = time.Second + defaultAcceptDeadlineSeconds
  36. 	connDeadline   = time.Second * defaultConnDeadlineSeconds
  37. 	connHeartbeat  = time.Second * defaultConnHeartBeatSeconds
  38. )
  39. 

  40. // SocketPVOption sets an optional parameter on the SocketPV.

  41. type SocketPVOption func(*SocketPV)
  42. 

  43. // SocketPVAcceptDeadline sets the deadline for the SocketPV listener.

  44. // A zero time value disables the deadline.

  45. func SocketPVAcceptDeadline(deadline time.Duration) SocketPVOption {
  46. 	return func(sc *SocketPV) { sc.acceptDeadline = deadline }
  47. }
  48. 

  49. // SocketPVConnDeadline sets the read and write deadline for connections

  50. // from external signing processes.

  51. func SocketPVConnDeadline(deadline time.Duration) SocketPVOption {
  52. 	return func(sc *SocketPV) { sc.connDeadline = deadline }
  53. }
  54. 

  55. // SocketPVHeartbeat sets the period on which to check the liveness of the

  56. // connected Signer connections.

  57. func SocketPVHeartbeat(period time.Duration) SocketPVOption {
  58. 	return func(sc *SocketPV) { sc.connHeartbeat = period }
  59. }
  60. 

  61. // SocketPVConnWait sets the timeout duration before connection of external

  62. // signing processes are considered to be unsuccessful.

  63. func SocketPVConnWait(timeout time.Duration) SocketPVOption {
  64. 	return func(sc *SocketPV) { sc.connWaitTimeout = timeout }
  65. }
  66. 

  67. // SocketPV implements PrivValidator, it uses a socket to request signatures

  68. // from an external process.

  69. type SocketPV struct {
  70. 	cmn.BaseService
  71. 

  72. 	addr            string
  73. 	acceptDeadline  time.Duration
  74. 	connDeadline    time.Duration
  75. 	connHeartbeat   time.Duration
  76. 	connWaitTimeout time.Duration
  77. 	privKey         crypto.PrivKeyEd25519
  78. 

  79. 	conn     net.Conn
  80. 	listener net.Listener
  81. }
  82. 

  83. // Check that SocketPV implements PrivValidator.

  84. var _ types.PrivValidator = (*SocketPV)(nil)
  85. 

  86. // NewSocketPV returns an instance of SocketPV.

  87. func NewSocketPV(
  88. 	logger log.Logger,
  89. 	socketAddr string,
  90. 	privKey crypto.PrivKeyEd25519,
  91. ) *SocketPV {
  92. 	sc := &SocketPV{
  93. 		addr:            socketAddr,
  94. 		acceptDeadline:  acceptDeadline,
  95. 		connDeadline:    connDeadline,
  96. 		connHeartbeat:   connHeartbeat,
  97. 		connWaitTimeout: time.Second * defaultConnWaitSeconds,
  98. 		privKey:         privKey,
  99. 	}
  100. 

  101. 	sc.BaseService = *cmn.NewBaseService(logger, "SocketPV", sc)
  102. 

  103. 	return sc
  104. }
  105. 

  106. // GetAddress implements PrivValidator.

  107. func (sc *SocketPV) GetAddress() types.Address {
  108. 	addr, err := sc.getAddress()
  109. 	if err != nil {
  110. 		panic(err)
  111. 	}
  112. 

  113. 	return addr
  114. }
  115. 

  116. // Address is an alias for PubKey().Address().

  117. func (sc *SocketPV) getAddress() (cmn.HexBytes, error) {
  118. 	p, err := sc.getPubKey()
  119. 	if err != nil {
  120. 		return nil, err
  121. 	}
  122. 

  123. 	return p.Address(), nil
  124. }
  125. 

  126. // GetPubKey implements PrivValidator.

  127. func (sc *SocketPV) GetPubKey() crypto.PubKey {
  128. 	pubKey, err := sc.getPubKey()
  129. 	if err != nil {
  130. 		panic(err)
  131. 	}
  132. 

  133. 	return pubKey
  134. }
  135. 

  136. func (sc *SocketPV) getPubKey() (crypto.PubKey, error) {
  137. 	err := writeMsg(sc.conn, &PubKeyMsg{})
  138. 	if err != nil {
  139. 		return nil, err
  140. 	}
  141. 

  142. 	res, err := readMsg(sc.conn)
  143. 	if err != nil {
  144. 		return nil, err
  145. 	}
  146. 

  147. 	return res.(*PubKeyMsg).PubKey, nil
  148. }
  149. 

  150. // SignVote implements PrivValidator.

  151. func (sc *SocketPV) SignVote(chainID string, vote *types.Vote) error {
  152. 	err := writeMsg(sc.conn, &SignVoteMsg{Vote: vote})
  153. 	if err != nil {
  154. 		return err
  155. 	}
  156. 

  157. 	res, err := readMsg(sc.conn)
  158. 	if err != nil {
  159. 		return err
  160. 	}
  161. 

  162. 	*vote = *res.(*SignVoteMsg).Vote
  163. 

  164. 	return nil
  165. }
  166. 

  167. // SignProposal implements PrivValidator.

  168. func (sc *SocketPV) SignProposal(
  169. 	chainID string,
  170. 	proposal *types.Proposal,
  171. ) error {
  172. 	err := writeMsg(sc.conn, &SignProposalMsg{Proposal: proposal})
  173. 	if err != nil {
  174. 		return err
  175. 	}
  176. 

  177. 	res, err := readMsg(sc.conn)
  178. 	if err != nil {
  179. 		return err
  180. 	}
  181. 

  182. 	*proposal = *res.(*SignProposalMsg).Proposal
  183. 

  184. 	return nil
  185. }
  186. 

  187. // SignHeartbeat implements PrivValidator.

  188. func (sc *SocketPV) SignHeartbeat(
  189. 	chainID string,
  190. 	heartbeat *types.Heartbeat,
  191. ) error {
  192. 	err := writeMsg(sc.conn, &SignHeartbeatMsg{Heartbeat: heartbeat})
  193. 	if err != nil {
  194. 		return err
  195. 	}
  196. 

  197. 	res, err := readMsg(sc.conn)
  198. 	if err != nil {
  199. 		return err
  200. 	}
  201. 

  202. 	*heartbeat = *res.(*SignHeartbeatMsg).Heartbeat
  203. 

  204. 	return nil
  205. }
  206. 

  207. // OnStart implements cmn.Service.

  208. func (sc *SocketPV) OnStart() error {
  209. 	if err := sc.listen(); err != nil {
  210. 		err = cmn.ErrorWrap(err, "failed to listen")
  211. 		sc.Logger.Error(
  212. 			"OnStart",
  213. 			"err", err,
  214. 		)
  215. 		return err
  216. 	}
  217. 

  218. 	conn, err := sc.waitConnection()
  219. 	if err != nil {
  220. 		err = cmn.ErrorWrap(err, "failed to accept connection")
  221. 		sc.Logger.Error(
  222. 			"OnStart",
  223. 			"err", err,
  224. 		)
  225. 

  226. 		return err
  227. 	}
  228. 

  229. 	sc.conn = conn
  230. 

  231. 	return nil
  232. }
  233. 

  234. // OnStop implements cmn.Service.

  235. func (sc *SocketPV) OnStop() {
  236. 	if sc.conn != nil {
  237. 		if err := sc.conn.Close(); err != nil {
  238. 			err = cmn.ErrorWrap(err, "failed to close connection")
  239. 			sc.Logger.Error(
  240. 				"OnStop",
  241. 				"err", err,
  242. 			)
  243. 		}
  244. 	}
  245. 

  246. 	if sc.listener != nil {
  247. 		if err := sc.listener.Close(); err != nil {
  248. 			err = cmn.ErrorWrap(err, "failed to close listener")
  249. 			sc.Logger.Error(
  250. 				"OnStop",
  251. 				"err", err,
  252. 			)
  253. 		}
  254. 	}
  255. }
  256. 

  257. func (sc *SocketPV) acceptConnection() (net.Conn, error) {
  258. 	conn, err := sc.listener.Accept()
  259. 	if err != nil {
  260. 		if !sc.IsRunning() {
  261. 			return nil, nil // Ignore error from listener closing.

  262. 		}
  263. 		return nil, err
  264. 

  265. 	}
  266. 

  267. 	conn, err = p2pconn.MakeSecretConnection(conn, sc.privKey)
  268. 	if err != nil {
  269. 		return nil, err
  270. 	}
  271. 

  272. 	return conn, nil
  273. }
  274. 

  275. func (sc *SocketPV) listen() error {
  276. 	ln, err := net.Listen(cmn.ProtocolAndAddress(sc.addr))
  277. 	if err != nil {
  278. 		return err
  279. 	}
  280. 

  281. 	sc.listener = newTCPTimeoutListener(
  282. 		ln,
  283. 		sc.acceptDeadline,
  284. 		sc.connDeadline,
  285. 		sc.connHeartbeat,
  286. 	)
  287. 

  288. 	return nil
  289. }
  290. 

  291. // waitConnection uses the configured wait timeout to error if no external

  292. // process connects in the time period.

  293. func (sc *SocketPV) waitConnection() (net.Conn, error) {
  294. 	var (
  295. 		connc = make(chan net.Conn, 1)
  296. 		errc  = make(chan error, 1)
  297. 	)
  298. 

  299. 	go func(connc chan<- net.Conn, errc chan<- error) {
  300. 		conn, err := sc.acceptConnection()
  301. 		if err != nil {
  302. 			errc <- err
  303. 			return
  304. 		}
  305. 

  306. 		connc <- conn
  307. 	}(connc, errc)
  308. 

  309. 	select {
  310. 	case conn := <-connc:
  311. 		return conn, nil
  312. 	case err := <-errc:
  313. 		if _, ok := err.(timeoutError); ok {
  314. 			return nil, cmn.ErrorWrap(ErrConnWaitTimeout, err.Error())
  315. 		}
  316. 		return nil, err
  317. 	case <-time.After(sc.connWaitTimeout):
  318. 		return nil, ErrConnWaitTimeout
  319. 	}
  320. }
  321. 

  322. //---------------------------------------------------------

  323. 

  324. // RemoteSignerOption sets an optional parameter on the RemoteSigner.

  325. type RemoteSignerOption func(*RemoteSigner)
  326. 

  327. // RemoteSignerConnDeadline sets the read and write deadline for connections

  328. // from external signing processes.

  329. func RemoteSignerConnDeadline(deadline time.Duration) RemoteSignerOption {
  330. 	return func(ss *RemoteSigner) { ss.connDeadline = deadline }
  331. }
  332. 

  333. // RemoteSignerConnRetries sets the amount of attempted retries to connect.

  334. func RemoteSignerConnRetries(retries int) RemoteSignerOption {
  335. 	return func(ss *RemoteSigner) { ss.connRetries = retries }
  336. }
  337. 

  338. // RemoteSigner implements PrivValidator by dialing to a socket.

  339. type RemoteSigner struct {
  340. 	cmn.BaseService
  341. 

  342. 	addr         string
  343. 	chainID      string
  344. 	connDeadline time.Duration
  345. 	connRetries  int
  346. 	privKey      crypto.PrivKeyEd25519
  347. 	privVal      types.PrivValidator
  348. 

  349. 	conn net.Conn
  350. }
  351. 

  352. // NewRemoteSigner returns an instance of RemoteSigner.

  353. func NewRemoteSigner(
  354. 	logger log.Logger,
  355. 	chainID, socketAddr string,
  356. 	privVal types.PrivValidator,
  357. 	privKey crypto.PrivKeyEd25519,
  358. ) *RemoteSigner {
  359. 	rs := &RemoteSigner{
  360. 		addr:         socketAddr,
  361. 		chainID:      chainID,
  362. 		connDeadline: time.Second * defaultConnDeadlineSeconds,
  363. 		connRetries:  defaultDialRetries,
  364. 		privKey:      privKey,
  365. 		privVal:      privVal,
  366. 	}
  367. 

  368. 	rs.BaseService = *cmn.NewBaseService(logger, "RemoteSigner", rs)
  369. 

  370. 	return rs
  371. }
  372. 

  373. // OnStart implements cmn.Service.

  374. func (rs *RemoteSigner) OnStart() error {
  375. 	conn, err := rs.connect()
  376. 	if err != nil {
  377. 		err = cmn.ErrorWrap(err, "connect")
  378. 		rs.Logger.Error("OnStart", "err", err)
  379. 		return err
  380. 	}
  381. 

  382. 	go rs.handleConnection(conn)
  383. 

  384. 	return nil
  385. }
  386. 

  387. // OnStop implements cmn.Service.

  388. func (rs *RemoteSigner) OnStop() {
  389. 	if rs.conn == nil {
  390. 		return
  391. 	}
  392. 

  393. 	if err := rs.conn.Close(); err != nil {
  394. 		rs.Logger.Error("OnStop", "err", cmn.ErrorWrap(err, "closing listener failed"))
  395. 	}
  396. }
  397. 

  398. func (rs *RemoteSigner) connect() (net.Conn, error) {
  399. 	for retries := rs.connRetries; retries > 0; retries-- {
  400. 		// Don't sleep if it is the first retry.

  401. 		if retries != rs.connRetries {
  402. 			time.Sleep(rs.connDeadline)
  403. 		}
  404. 

  405. 		conn, err := cmn.Connect(rs.addr)
  406. 		if err != nil {
  407. 			err = cmn.ErrorWrap(err, "connection failed")
  408. 			rs.Logger.Error(
  409. 				"connect",
  410. 				"addr", rs.addr,
  411. 				"err", err,
  412. 			)
  413. 

  414. 			continue
  415. 		}
  416. 

  417. 		if err := conn.SetDeadline(time.Now().Add(connDeadline)); err != nil {
  418. 			err = cmn.ErrorWrap(err, "setting connection timeout failed")
  419. 			rs.Logger.Error(
  420. 				"connect",
  421. 				"err", err,
  422. 			)
  423. 			continue
  424. 		}
  425. 

  426. 		conn, err = p2pconn.MakeSecretConnection(conn, rs.privKey)
  427. 		if err != nil {
  428. 			err = cmn.ErrorWrap(err, "encrypting connection failed")
  429. 			rs.Logger.Error(
  430. 				"connect",
  431. 				"err", err,
  432. 			)
  433. 

  434. 			continue
  435. 		}
  436. 

  437. 		return conn, nil
  438. 	}
  439. 

  440. 	return nil, ErrDialRetryMax
  441. }
  442. 

  443. func (rs *RemoteSigner) handleConnection(conn net.Conn) {
  444. 	for {
  445. 		if !rs.IsRunning() {
  446. 			return // Ignore error from listener closing.

  447. 		}
  448. 

  449. 		req, err := readMsg(conn)
  450. 		if err != nil {
  451. 			if err != io.EOF {
  452. 				rs.Logger.Error("handleConnection", "err", err)
  453. 			}
  454. 			return
  455. 		}
  456. 

  457. 		var res SocketPVMsg
  458. 

  459. 		switch r := req.(type) {
  460. 		case *PubKeyMsg:
  461. 			var p crypto.PubKey
  462. 			p = rs.privVal.GetPubKey()
  463. 			res = &PubKeyMsg{p}
  464. 		case *SignVoteMsg:
  465. 			err = rs.privVal.SignVote(rs.chainID, r.Vote)
  466. 			res = &SignVoteMsg{r.Vote}
  467. 		case *SignProposalMsg:
  468. 			err = rs.privVal.SignProposal(rs.chainID, r.Proposal)
  469. 			res = &SignProposalMsg{r.Proposal}
  470. 		case *SignHeartbeatMsg:
  471. 			err = rs.privVal.SignHeartbeat(rs.chainID, r.Heartbeat)
  472. 			res = &SignHeartbeatMsg{r.Heartbeat}
  473. 		default:
  474. 			err = fmt.Errorf("unknown msg: %v", r)
  475. 		}
  476. 

  477. 		if err != nil {
  478. 			rs.Logger.Error("handleConnection", "err", err)
  479. 			return
  480. 		}
  481. 

  482. 		err = writeMsg(conn, res)
  483. 		if err != nil {
  484. 			rs.Logger.Error("handleConnection", "err", err)
  485. 			return
  486. 		}
  487. 	}
  488. }
  489. 

  490. //---------------------------------------------------------

  491. 

  492. // SocketPVMsg is sent between RemoteSigner and SocketPV.

  493. type SocketPVMsg interface{}
  494. 

  495. func RegisterSocketPVMsg(cdc *amino.Codec) {
  496. 	cdc.RegisterInterface((*SocketPVMsg)(nil), nil)
  497. 	cdc.RegisterConcrete(&PubKeyMsg{}, "tendermint/socketpv/PubKeyMsg", nil)
  498. 	cdc.RegisterConcrete(&SignVoteMsg{}, "tendermint/socketpv/SignVoteMsg", nil)
  499. 	cdc.RegisterConcrete(&SignProposalMsg{}, "tendermint/socketpv/SignProposalMsg", nil)
  500. 	cdc.RegisterConcrete(&SignHeartbeatMsg{}, "tendermint/socketpv/SignHeartbeatMsg", nil)
  501. }
  502. 

  503. // PubKeyMsg is a PrivValidatorSocket message containing the public key.

  504. type PubKeyMsg struct {
  505. 	PubKey crypto.PubKey
  506. }
  507. 

  508. // SignVoteMsg is a PrivValidatorSocket message containing a vote.

  509. type SignVoteMsg struct {
  510. 	Vote *types.Vote
  511. }
  512. 

  513. // SignProposalMsg is a PrivValidatorSocket message containing a Proposal.

  514. type SignProposalMsg struct {
  515. 	Proposal *types.Proposal
  516. }
  517. 

  518. // SignHeartbeatMsg is a PrivValidatorSocket message containing a Heartbeat.

  519. type SignHeartbeatMsg struct {
  520. 	Heartbeat *types.Heartbeat
  521. }
  522. 

  523. func readMsg(r io.Reader) (msg SocketPVMsg, err error) {
  524. 	const maxSocketPVMsgSize = 1024 * 10
  525. 	_, err = cdc.UnmarshalBinaryReader(r, &msg, maxSocketPVMsgSize)
  526. 	if _, ok := err.(timeoutError); ok {
  527. 		err = cmn.ErrorWrap(ErrConnTimeout, err.Error())
  528. 	}
  529. 	return
  530. }
  531. 

  532. func writeMsg(w io.Writer, msg interface{}) (err error) {
  533. 	_, err = cdc.MarshalBinaryWriter(w, msg)
  534. 	if _, ok := err.(timeoutError); ok {
  535. 		err = cmn.ErrorWrap(ErrConnTimeout, err.Error())
  536. 	}
  537. 	return
  538. }