From de0549fabb8be4dbaf382ee68ec1b702cb0c5c97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Wed, 29 Apr 2015 18:04:08 +0300 Subject: cmd/geth, cmd/mist, cmd/utils, eth, p2p: support trusted peers --- p2p/server_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index 53cc3c258..e99d37ed0 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.SuggestPeer(&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port}) + srv.trustDial <-&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: -- cgit v1.2.3 From 1528dbc17101597348eefe3f3fb8d4f0d5c54b3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Thu, 30 Apr 2015 12:41:27 +0300 Subject: p2p: add trust check to handshake, test privileged connectivity Conflicts: p2p/server_test.go --- p2p/server_test.go | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 65 insertions(+), 3 deletions(-) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index e99d37ed0..a79679ac1 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.trustDial <-&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} + srv.trustDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false) + _, err = setupConn(conn, key, hs, srv.Self(), false, nil) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -219,6 +219,68 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +// Tests that trusted peers and can connect above max peer caps. +func TestServerTrustedPeers(t *testing.T) { + defer testlog(t).detach() + + // Create a test server with limited connection slots + started := make(chan *Peer) + server := &Server{ + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + NoDial: true, + newPeerHook: func(p *Peer) { started <- p }, + } + if err := server.Start(); err != nil { + t.Fatal(err) + } + defer server.Stop() + + // Fill up all the slots on the server + dialer := &net.Dialer{Deadline: time.Now().Add(3 * time.Second)} + for i := 0; i < server.MaxPeers; i++ { + // Establish a new connection + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("conn %d: dial error: %v", i, err) + } + defer conn.Close() + + // Run the handshakes just like a real peer would, and wait for completion + key := newkey() + shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} + if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + t.Fatalf("conn %d: unexpected error: %v", i, err) + } + <-started + } + // Inject a trusted node and dial that (we'll connect from this end, don't need IP setup) + key := newkey() + trusted := &discover.Node{ + ID: discover.PubkeyID(&key.PublicKey), + } + server.TrustPeer(trusted) + + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("trusted node: dial error: %v", err) + } + defer conn.Close() + + shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} + if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + t.Fatalf("trusted node: unexpected error: %v", err) + } + select { + case <-started: + // Ok, trusted peer accepted + + case <-time.After(100 * time.Millisecond): + t.Fatalf("trusted node timeout") + } +} + func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() if err != nil { -- cgit v1.2.3 From 701591b403a8bae8c1dfb648a49d587968ff0c6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Thu, 30 Apr 2015 16:15:29 +0300 Subject: cmd, eth, p2p: fix review issues enumerated by Felix --- p2p/server_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index a79679ac1..3e3fd6cc0 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -260,7 +260,7 @@ func TestServerTrustedPeers(t *testing.T) { trusted := &discover.Node{ ID: discover.PubkeyID(&key.PublicKey), } - server.TrustPeer(trusted) + server.AddPeer(trusted) conn, err := dialer.Dial("tcp", server.ListenAddr) if err != nil { -- cgit v1.2.3 From 413ace37d3ba13a551f60e4089f2e0070c607970 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Thu, 30 Apr 2015 19:32:48 +0300 Subject: eth, p2p: rename trusted nodes to static, drop inbound extra slots --- p2p/server_test.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index 3e3fd6cc0..b48361235 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.trustDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} + srv.staticDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false, nil) + _, err = setupConn(conn, key, hs, srv.Self(), false) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -219,6 +219,7 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +/* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { defer testlog(t).detach() @@ -250,7 +251,7 @@ func TestServerTrustedPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started @@ -269,7 +270,7 @@ func TestServerTrustedPeers(t *testing.T) { defer conn.Close() shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} - if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { t.Fatalf("trusted node: unexpected error: %v", err) } select { @@ -280,6 +281,7 @@ func TestServerTrustedPeers(t *testing.T) { t.Fatalf("trusted node timeout") } } +*/ func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() -- cgit v1.2.3 From 54db54931e10c37a6ef2cd3fca36a875b02140c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Mon, 4 May 2015 13:08:42 +0300 Subject: p2p: add static node dialing test --- p2p/server_test.go | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index b48361235..606fa9386 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -219,6 +219,94 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +// Tests that static peers are (re)connected, and done so even above max peers. +func TestServerStaticPeers(t *testing.T) { + defer testlog(t).detach() + + // Create a test server with limited connection slots + started := make(chan *Peer) + server := &Server{ + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + newPeerHook: func(p *Peer) { started <- p }, + staticCycle: time.Second, + } + if err := server.Start(); err != nil { + t.Fatal(err) + } + defer server.Stop() + + // Fill up all the slots on the server + dialer := &net.Dialer{Deadline: time.Now().Add(3 * time.Second)} + for i := 0; i < server.MaxPeers; i++ { + // Establish a new connection + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("conn %d: dial error: %v", i, err) + } + defer conn.Close() + + // Run the handshakes just like a real peer would, and wait for completion + key := newkey() + shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + t.Fatalf("conn %d: unexpected error: %v", i, err) + } + <-started + } + // Open a TCP listener to accept static connections + listener, err := net.Listen("tcp", "127.0.0.1:0") + if err != nil { + t.Fatalf("failed to setup listener: %v", err) + } + defer listener.Close() + + connected := make(chan net.Conn) + go func() { + for i := 0; i < 3; i++ { + conn, err := listener.Accept() + if err == nil { + connected <- conn + } + } + }() + // Inject a static node and wait for a remote dial, then redial, then nothing + addr := listener.Addr().(*net.TCPAddr) + static := &discover.Node{ + ID: discover.PubkeyID(&newkey().PublicKey), + IP: addr.IP, + TCPPort: addr.Port, + } + server.AddPeer(static) + + select { + case conn := <-connected: + // Close the first connection, expect redial + conn.Close() + + case <-time.After(2 * server.staticCycle): + t.Fatalf("remote dial timeout") + } + + select { + case conn := <-connected: + // Keep the second connection, don't expect redial + defer conn.Close() + + case <-time.After(2 * server.staticCycle): + t.Fatalf("remote re-dial timeout") + } + + select { + case <-time.After(2 * server.staticCycle): + // Timeout as no dial occurred + + case <-connected: + t.Fatalf("connected node dialed") + } +} + /* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { -- cgit v1.2.3 From 4accc187d5cf6a100d6c10c0e0f35780f52871a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A9ter=20Szil=C3=A1gyi?= Date: Mon, 4 May 2015 13:59:51 +0300 Subject: eth, p2p: add trusted node list beside static list --- p2p/server_test.go | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) (limited to 'p2p/server_test.go') diff --git a/p2p/server_test.go b/p2p/server_test.go index 606fa9386..5ee9c5ceb 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trusted map[discover.NodeID]bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false) + _, err = setupConn(conn, key, hs, srv.Self(), false, srv.trustedNodes) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -250,7 +250,7 @@ func TestServerStaticPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started @@ -307,19 +307,24 @@ func TestServerStaticPeers(t *testing.T) { } } -/* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { defer testlog(t).detach() + // Create a trusted peer to accept connections from + key := newkey() + trusted := &discover.Node{ + ID: discover.PubkeyID(&key.PublicKey), + } // Create a test server with limited connection slots started := make(chan *Peer) server := &Server{ - ListenAddr: "127.0.0.1:0", - PrivateKey: newkey(), - MaxPeers: 3, - NoDial: true, - newPeerHook: func(p *Peer) { started <- p }, + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + NoDial: true, + TrustedNodes: []*discover.Node{trusted}, + newPeerHook: func(p *Peer) { started <- p }, } if err := server.Start(); err != nil { t.Fatal(err) @@ -339,18 +344,12 @@ func TestServerTrustedPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started } - // Inject a trusted node and dial that (we'll connect from this end, don't need IP setup) - key := newkey() - trusted := &discover.Node{ - ID: discover.PubkeyID(&key.PublicKey), - } - server.AddPeer(trusted) - + // Dial from the trusted peer, ensure connection is accepted conn, err := dialer.Dial("tcp", server.ListenAddr) if err != nil { t.Fatalf("trusted node: dial error: %v", err) @@ -358,7 +357,7 @@ func TestServerTrustedPeers(t *testing.T) { defer conn.Close() shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("trusted node: unexpected error: %v", err) } select { @@ -369,7 +368,6 @@ func TestServerTrustedPeers(t *testing.T) { t.Fatalf("trusted node timeout") } } -*/ func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() -- cgit v1.2.3