aboutsummaryrefslogtreecommitdiffstats
path: root/p2p/discover/udp_test.go
Commit message (Collapse)AuthorAgeFilesLines
* p2p/discover: split out discv4 codeFelix Lange2019-04-301-630/+0
| | | | | | | | | | | | | This change restructures the internals of p2p/discover to make room for the discv5 code which will soon be added to this package. - packet type names now have a "V4" suffix. - ListenUDP returns *UDPv4 instead of *Table. This technically breaks the API but the only caller in go-ethereum is package p2p, which uses a compatible interface and doesn't need changes. - The internal transport interface is changed to make Table reusable for v5. - The 'lookup' code moves from table to transport. This required updating the lookup unit test to use udpTest instead of a custom transport.
* p2p/discover, p2p/enode: rework endpoint proof handling, packet logging (#18963)Felix Lange2019-01-301-38/+99
| | | | | | | | | | | | | | | | This change resolves multiple issues around handling of endpoint proofs. The proof is now done separately for each IP and completing the proof requires a matching ping hash. Also remove waitping because it's equivalent to sleep. waitping was slightly more efficient, but that may cause issues with findnode if packets are reordered and the remote end sees findnode before pong. Logging of received packets was hitherto done after handling the packet, which meant that sent replies were logged before the packet that generated them. This change splits up packet handling into 'preverify' and 'handle'. The error from 'preverify' is logged, but 'handle' happens after the message is logged. This fixes the order. Packet logs now contain the node ID.
* p2p, p2p/discover: add signed ENR generation (#17753)Felix Lange2018-10-121-4/+7
| | | | | | | | | | | | | | | This PR adds enode.LocalNode and integrates it into the p2p subsystem. This new object is the keeper of the local node record. For now, a new version of the record is produced every time the client restarts. We'll make it smarter to avoid that in the future. There are a couple of other changes in this commit: discovery now waits for all of its goroutines at shutdown and the p2p server now closes the node database after discovery has shut down. This fixes a leveldb crash in tests. p2p server startup is faster because it doesn't need to wait for the external IP query anymore.
* all: new p2p node representation (#17643)Felix Lange2018-09-251-39/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Package p2p/enode provides a generalized representation of p2p nodes which can contain arbitrary information in key/value pairs. It is also the new home for the node database. The "v4" identity scheme is also moved here from p2p/enr to remove the dependency on Ethereum crypto from that package. Record signature handling is changed significantly. The identity scheme registry is removed and acceptable schemes must be passed to any method that needs identity. This means records must now be validated explicitly after decoding. The enode API is designed to make signature handling easy and safe: most APIs around the codebase work with enode.Node, which is a wrapper around a valid record. Going from enr.Record to enode.Node requires a valid signature. * p2p/discover: port to p2p/enode This ports the discovery code to the new node representation in p2p/enode. The wire protocol is unchanged, this can be considered a refactoring change. The Kademlia table can now deal with nodes using an arbitrary identity scheme. This requires a few incompatible API changes: - Table.Lookup is not available anymore. It used to take a public key as argument because v4 protocol requires one. Its replacement is LookupRandom. - Table.Resolve takes *enode.Node instead of NodeID. This is also for v4 protocol compatibility because nodes cannot be looked up by ID alone. - Types Node and NodeID are gone. Further commits in the series will be fixes all over the the codebase to deal with those removals. * p2p: port to p2p/enode and discovery changes This adapts package p2p to the changes in p2p/discover. All uses of discover.Node and discover.NodeID are replaced by their equivalents from p2p/enode. New API is added to retrieve the enode.Node instance of a peer. The behavior of Server.Self with discovery disabled is improved. It now tries much harder to report a working IP address, falling back to 127.0.0.1 if no suitable address can be determined through other means. These changes were needed for tests of other packages later in the series. * p2p/simulations, p2p/testing: port to p2p/enode No surprises here, mostly replacements of discover.Node, discover.NodeID with their new equivalents. The 'interesting' API changes are: - testing.ProtocolSession tracks complete nodes, not just their IDs. - adapters.NodeConfig has a new method to create a complete node. These changes were needed to make swarm tests work. Note that the NodeID change makes the code incompatible with old simulation snapshots. * whisper/whisperv5, whisper/whisperv6: port to p2p/enode This port was easy because whisper uses []byte for node IDs and URL strings in the API. * eth: port to p2p/enode Again, easy to port because eth uses strings for node IDs and doesn't care about node information in any way. * les: port to p2p/enode Apart from replacing discover.NodeID with enode.ID, most changes are in the server pool code. It now deals with complete nodes instead of (Pubkey, IP, Port) triples. The database format is unchanged for now, but we should probably change it to use the node database later. * node: port to p2p/enode This change simply replaces discover.Node and discover.NodeID with their new equivalents. * swarm/network: port to p2p/enode Swarm has its own node address representation, BzzAddr, containing both an overlay address (the hash of a secp256k1 public key) and an underlay address (enode:// URL). There are no changes to the BzzAddr format in this commit, but certain operations such as creating a BzzAddr from a node ID are now impossible because node IDs aren't public keys anymore. Most swarm-related changes in the series remove uses of NewAddrFromNodeID, replacing it with NewAddr which takes a complete node as argument. ToOverlayAddr is removed because we can just use the node ID directly.
* p2p/discover: move bond logic from table to transport (#17048)Felix Lange2018-07-031-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * p2p/discover: move bond logic from table to transport This commit moves node endpoint verification (bonding) from the table to the UDP transport implementation. Previously, adding a node to the table entailed pinging the node if needed. With this change, the ping-back logic is embedded in the packet handler at a lower level. It is easy to verify that the basic protocol is unchanged: we still require a valid pong reply from the node before findnode is accepted. The node database tracked the time of last ping sent to the node and time of last valid pong received from the node. Node endpoints are considered verified when a valid pong is received and the time of last pong was called 'bond time'. The time of last ping sent was unused. In this commit, the last ping database entry is repurposed to mean last ping _received_. This entry is now used to track whether the node needs to be pinged back. The other big change is how nodes are added to the table. We used to add nodes in Table.bond, which ran when a remote node pinged us or when we encountered the node in a neighbors reply. The transport now adds to the table directly after the endpoint is verified through ping. To ensure that the Table can't be filled just by pinging the node repeatedly, we retain the isInitDone check. During init, only nodes from neighbors replies are added. * p2p/discover: reduce findnode failure counter on success * p2p/discover: remove unused parameter of loadSeedNodes * p2p/discover: improve ping-back check and comments * p2p/discover: add neighbors reply nodes always, not just during init
* p2p/discover: s/lastPong/bondTime/, update TestUDP_findnodeFelix Lange2018-02-171-6/+2
| | | | | | | I forgot to change the check in udp.go when I changed Table.bond to be based on lastPong instead of node presence in db. Rename lastPong to bondTime and add hasBond so it's clearer what this DB key is used for now.
* p2p, p2p/discover: misc connectivity improvements (#16069)Felix Lange2018-02-121-10/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * p2p: add DialRatio for configuration of inbound vs. dialed connections * p2p: add connection flags to PeerInfo * p2p/netutil: add SameNet, DistinctNetSet * p2p/discover: improve revalidation and seeding This changes node revalidation to be periodic instead of on-demand. This should prevent issues where dead nodes get stuck in closer buckets because no other node will ever come along to replace them. Every 5 seconds (on average), the last node in a random bucket is checked and moved to the front of the bucket if it is still responding. If revalidation fails, the last node is replaced by an entry of the 'replacement list' containing recently-seen nodes. Most close buckets are removed because it's very unlikely we'll ever encounter a node that would fall into any of those buckets. Table seeding is also improved: we now require a few minutes of table membership before considering a node as a potential seed node. This should make it less likely to store short-lived nodes as potential seeds. * p2p/discover: fix nits in UDP transport We would skip sending neighbors replies if there were fewer than maxNeighbors results and CheckRelayIP returned an error for the last one. While here, also resolve a TODO about pong reply tokens.
* p2p, p2p/discover, p2p/discv5: implement UDP port sharing (#15200)Felföldi Zsolt2018-01-221-1/+2
| | | | | | | | | | | | | | | This commit affects p2p/discv5 "topic discovery" by running it on the same UDP port where the old discovery works. This is realized by giving an "unhandled" packet channel to the old v4 discovery packet handler where all invalid packets are sent. These packets are then processed by v5. v5 packets are always invalid when interpreted by v4 and vice versa. This is ensured by adding one to the first byte of the packet hash in v5 packets. DiscoveryV5Bootnodes is also changed to point to new bootnodes that are implementing the changed packet format with modified hash. Existing and new v5 bootnodes are both running on different ports ATM.
* all: fix spelling errorsPéter Szilágyi2017-01-071-1/+1
|
* p2p/discover, p2p/discv5: use flexible comparison for IPsPéter Szilágyi2016-12-151-1/+1
|
* p2p, p2p/discover, p2p/discv5: add IP network restriction featureFelix Lange2016-11-231-1/+1
| | | | | | The p2p packages can now be configured to restrict all communication to a certain subset of IP networks. This feature is meant to be used for private networks.
* p2p/discover, p2p/discv5: prevent relay of invalid IPs and low portsFelix Lange2016-11-231-3/+4
| | | | | | | | | | | | | | | | | | | | | The discovery DHT contains a number of hosts with LAN and loopback IPs. These get relayed because some implementations do not perform any checks on the IP. go-ethereum already prevented relay in most cases because it verifies that the host actually exists before adding it to the local table. But this verification causes other issues. We have received several reports where people's VPSs got shut down by hosting providers because sending packets to random LAN hosts is indistinguishable from a slow port scan. The new check prevents sending random packets to LAN by discarding LAN IPs sent by Internet hosts (and loopback IPs from LAN and Internet hosts). The new check also blacklists almost all currently registered special-purpose networks assigned by IANA to avoid inciting random responses from services in the LAN. As another precaution against abuse of the DHT, ports below 1024 are now considered invalid.
* p2p/discover, p2p/discv5: use netutil.IsTemporaryErrorFelix Lange2016-11-231-50/+0
|
* all: fix go vet warningsFelix Lange2016-04-151-1/+1
|
* all: Rename crypto.Sha3{,Hash}() to crypto.Keccak256{,Hash}()Ricardo Catalinas Jiménez2016-02-221-1/+1
| | | | As we aren't really using the standarized SHA-3
* p2p/discover: EIP-8 changesFelix Lange2016-02-191-0/+112
|
* p2p/discover: fix Windows-specific issue for larger-than-buffer packetsFelix Lange2016-01-231-4/+52
| | | | | | | | | | On Windows, UDPConn.ReadFrom returns an error for packets larger than the receive buffer. The error is not marked temporary, causing our loop to exit when the first oversized packet arrived. The fix is to treat this particular error as temporary. Fixes: #1579, #2087 Updates: #2082
* p2p/discover: attempt to deflake TestUDP_responseTimeoutsFelix Lange2015-12-181-1/+2
| | | | | The test expected the timeout to fire after a matcher for the response was added, but the timeout is random and fired sooner sometimes.
* p2p/discover: support incomplete node URLs, add ResolveFelix Lange2015-12-181-1/+1
|
* node: customizable protocol and service stacksPéter Szilágyi2015-11-271-1/+1
|
* p2p/discover: ignore packet version numbersFelix Lange2015-09-301-1/+0
| | | | The strict matching can get in the way of protocol upgrades.
* p2p/discover: fix UDP reply packet timeout handlingFelix Lange2015-08-111-0/+73
| | | | | | | | | | | | If the timeout fired (even just nanoseconds) before the deadline of the next pending reply, the timer was not rescheduled. The timer would've been rescheduled anyway once the next packet was sent, but there were cases where no next packet could ever be sent due to the locking issue fixed in the previous commit. As timing-related bugs go, this issue had been present for a long time and I could never reproduce it. The test added in this commit did reproduce the issue on about one out of 15 runs.
* p2p/discover: unlock the table during ping replacementFelix Lange2015-08-111-1/+1
| | | | | | Table.mutex was being held while waiting for a reply packet, which effectively made many parts of the whole stack block on that packet, including the net_peerCount RPC call.
* all: fix license headers one more timeFelix Lange2015-07-241-1/+1
| | | | I forgot to update one instance of "go-ethereum" in commit 3f047be5a.
* all: update license headers to distiguish GPL/LGPLFelix Lange2015-07-231-4/+4
| | | | | All code outside of cmd/ is licensed as LGPL. The headers now reflect this by calling the whole work "the go-ethereum library".
* all: update license informationFelix Lange2015-07-071-0/+16
|
* p2p/discover: deflake TestUDP_successfulPingFelix Lange2015-06-101-33/+22
|
* p2p/discover: fix out-of-bounds slicing for chunked neighbors packetsFelix Lange2015-05-141-18/+13
| | | | | The code assumed that Table.closest always returns at least 13 nodes. This is not true for small tables (e.g. during bootstrap).
* fix test.subtly2015-05-141-1/+1
|
* Manual send of multiple neighbours packets. Test receiving multiple ↵subtly2015-05-141-2/+12
| | | | neighbours packets.
* removed redundant newlines in import blockBas van Kervel2015-05-121-1/+1
|
* replaced several path.* with filepath.* which is platform independentBas van Kervel2015-05-121-2/+2
|
* p2p/discover: new distance metric based on sha3(id)Felix Lange2015-05-061-10/+6
| | | | | | | The previous metric was pubkey1^pubkey2, as specified in the Kademlia paper. We missed that EC public keys are not uniformly distributed. Using the hash of the public keys addresses that. It also makes it a bit harder to generate node IDs that are close to a particular node.
* p2p/discover: track sha3(ID) in NodeFelix Lange2015-04-301-8/+12
|
* p2p/discover: new endpoint formatFelix Lange2015-04-301-28/+53
| | | | | | This commit changes the discovery protocol to use the new "v4" endpoint format, which allows for separate UDP and TCP ports and makes it possible to discover the UDP address after NAT.
* cmd/bootnode, eth, p2p, p2p/discover: use a fancier db designPéter Szilágyi2015-04-241-3/+7
|
* cmd/bootnode, eth, p2p, p2p/discover: clean up the seeder and mesh into eth.Péter Szilágyi2015-04-241-2/+2
|
* p2p/discovery: fix broken tests due to API updatePéter Szilágyi2015-04-241-1/+1
|
* p2p/discover: implement node bondingFelix Lange2015-04-011-147/+275
| | | | | | | | | | | | | | | | This a fix for an attack vector where the discovery protocol could be used to amplify traffic in a DDOS attack. A malicious actor would send a findnode request with the IP address and UDP port of the target as the source address. The recipient of the findnode packet would then send a neighbors packet (which is 16x the size of findnode) to the victim. Our solution is to require a 'bond' with the sender of findnode. If no bond exists, the findnode packet is not processed. A bond between nodes α and β is created when α replies to a ping from β. This (initial) version of the bonding implementation might still be vulnerable against replay attacks during the expiration time window. We will add stricter source address validation later.
* p2p/discover: map listening port using configured mechanismFelix Lange2015-02-131-7/+7
|
* p2p/discover: deflake UDP testsFelix Lange2015-02-091-55/+107
|
* p2p/discover: add node URL functions, distinguish TCP/UDP portsFelix Lange2015-02-071-5/+8
| | | | | The discovery RPC protocol does not yet distinguish TCP and UDP ports. But it can't hurt to do so in our internal model.
* p2p/discover: add some helper functionsFelix Lange2015-02-061-7/+7
|
* p2p/discover: new package implementing the Node Discovery ProtocolFelix Lange2015-02-061-0/+156