zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
Browse Source

p2p: Reject addrs coming from private peers (#2032) 

Refs #1706
pull/2059/head
Anton Kaliaev 6 years ago
committed by Alexander Simmerl
parent
059a03a66a
commit
c248ce5ef6
5 changed files with 28 additions and 5 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -0
      CHANGELOG.md
  2. +2
    -1
      docs/spec/reactors/pex/pex.md
  3. +5
    -0
      p2p/pex/addrbook.go
  4. +12
    -4
      p2p/pex/addrbook_test.go
  5. +8
    -0
      p2p/pex/errors.go

+ 1
- 0
CHANGELOG.md View File

@ -11,6 +11,7 @@ BREAKING CHANGES:
IMPROVEMENTS:
- [abci, libs/common] Generated gogoproto static marshaller methods
- [config] Increase default send/recv rates to 5 mB/s
- [p2p] reject addresses coming from private peers
- [p2p] allow persistent peers to be private
BUG FIXES:


+ 2
- 1
docs/spec/reactors/pex/pex.md View File

@ -12,7 +12,8 @@ them.
Some peers can be marked as `private`, which means
we will not put them in the address book or gossip them to others.
All peers except private peers are tracked using the address book.
All peers except private peers and peers coming from them are tracked using the
address book.
## Discovery


+ 5
- 0
p2p/pex/addrbook.go View File

@ -638,6 +638,7 @@ func (a *addrBook) addAddress(addr, src *p2p.NetAddress) error {
if a.routabilityStrict && !addr.Routable() {
return ErrAddrBookNonRoutable{addr}
}
// TODO: we should track ourAddrs by ID and by IP:PORT and refuse both.
if _, ok := a.ourAddrs[addr.String()]; ok {
return ErrAddrBookSelf{addr}
@ -647,6 +648,10 @@ func (a *addrBook) addAddress(addr, src *p2p.NetAddress) error {
return ErrAddrBookPrivate{addr}
}
if _, ok := a.privateIDs[src.ID]; ok {
return ErrAddrBookPrivateSrc{src}
}
ka := a.addrLookup[addr.ID]
if ka != nil {
// If its already old and the addr is the same, ignore it.


+ 12
- 4
p2p/pex/addrbook_test.go View File

@ -8,7 +8,6 @@ import (
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
cmn "github.com/tendermint/tendermint/libs/common"
"github.com/tendermint/tendermint/libs/log"
@ -374,10 +373,19 @@ func TestPrivatePeers(t *testing.T) {
}
book.AddPrivateIDs(private)
// private addrs must not be added
for _, addr := range addrs {
err := book.AddAddress(addr, addr)
require.Error(t, err, "AddAddress should have failed with private peer %s", addr)
_, ok := err.(ErrAddrBookPrivate)
require.True(t, ok, "Wrong error type, wanted ErrAddrBookPrivate, got error: %s", err)
if assert.Error(t, err) {
_, ok := err.(ErrAddrBookPrivate)
assert.True(t, ok)
}
}
// addrs coming from private peers must not be added
err := book.AddAddress(randIPv4Address(t), addrs[0])
if assert.Error(t, err) {
_, ok := err.(ErrAddrBookPrivateSrc)
assert.True(t, ok)
}
}

+ 8
- 0
p2p/pex/errors.go View File

@ -30,6 +30,14 @@ func (err ErrAddrBookPrivate) Error() string {
return fmt.Sprintf("Cannot add private peer with address %v", err.Addr)
}
type ErrAddrBookPrivateSrc struct {
Src *p2p.NetAddress
}
func (err ErrAddrBookPrivateSrc) Error() string {
return fmt.Sprintf("Cannot add peer coming from private peer with address %v", err.Src)
}
type ErrAddrBookNilAddr struct {
Addr *p2p.NetAddress
Src *p2p.NetAddress


Write Preview
Loading…
Cancel
Save