balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Node: rename option '--closed' to '--private-mode'

Browse Source
This commit is contained in:
OCamlPro-Iguernlala 2018-05-17 11:33:33 +02:00 committed by Grégoire Henry
parent 7b8f764524
commit 01648e7611
14 changed files with 70 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/introduction/howto.rst
View File

@ -338,10 +338,14 @@ writing your own configuration file if needed.
"bootstrap-peers": ["::1:10732", "::ffff:192.168.1.3:9733", "mynode.tezos.com"],
/* Specify if the network is closed or not. A closed network
allows only peers listed in "bootstrap-peers". */
/* Specify if the node is in private mode or not. A node in
private mode only opens outgoing connections to peers whose
addresses are in [trusted_peers] and only accepts incoming
connections from trusted peers. In addition, it informs these
peers that the identity of the node should not be revealed to
the rest of the network. */
"closed": false,
"private-mode": false,
/* Network limits */

28
src/bin_node/node_config_file.ml
View File

@ -29,7 +29,7 @@ and p2p = {
expected_pow : float ;
bootstrap_peers : string list ;
listen_addr : string option ;
closed : bool ;
private_mode : bool ;
limits : P2p.limits ;
disable_mempool : bool ;
}
@ -89,7 +89,7 @@ let default_p2p = {
expected_pow = 24. ;
bootstrap_peers = ["bootstrap.tezos.com"] ;
listen_addr = Some ("[::]:" ^ string_of_int default_p2p_port) ;
closed = false ;
private_mode = false ;
limits = default_p2p_limits ;
disable_mempool = false ;
}
@ -276,13 +276,13 @@ let p2p =
let open Data_encoding in
conv
(fun { expected_pow ; bootstrap_peers ;
listen_addr ; closed ; limits ; disable_mempool } ->
listen_addr ; private_mode ; limits ; disable_mempool } ->
( expected_pow, bootstrap_peers,
listen_addr, closed, limits, disable_mempool ))
listen_addr, private_mode, limits, disable_mempool ))
(fun ( expected_pow, bootstrap_peers,
listen_addr, closed, limits, disable_mempool ) ->
listen_addr, private_mode, limits, disable_mempool ) ->
{ expected_pow ; bootstrap_peers ;
listen_addr ; closed ; limits ; disable_mempool })
listen_addr ; private_mode ; limits ; disable_mempool })
(obj6
(dft "expected-proof-of-work"
~description: "Floating point number between 0 and 256 that represents a \
@ -298,9 +298,15 @@ let p2p =
specified, the default port 8732 will be \
assumed."
string)
(dft "closed"
~description: "Specify if the network is closed or not. A closed network allows \
only peers listed in 'bootstrap-peers'."
(dft "private-mode"
~description: "Specify if the node is in private mode or \
not. A node in private mode rejects incoming \
connections from untrusted peers and only \
opens outgoing connections to peers listed in \
'bootstrap-peers' or provided with '--peer' \
option. Moreover, these peers will keep the \
identity and the address of the private node \
secret."
bool false)
(dft "limits"
~description: "Network limits"
@ -574,7 +580,7 @@ let update
?bootstrap_peers
?listen_addr
?rpc_listen_addr
?(closed = false)
?(private_mode = false)
?(disable_mempool = false)
?(cors_origins = [])
?(cors_headers = [])
@ -624,7 +630,7 @@ let update
Option.unopt ~default:cfg.p2p.bootstrap_peers bootstrap_peers ;
listen_addr =
Option.first_some listen_addr cfg.p2p.listen_addr ;
closed = cfg.p2p.closed || closed ;
private_mode = cfg.p2p.private_mode || private_mode ;
limits ;
disable_mempool = cfg.p2p.disable_mempool || disable_mempool ;
}

4
src/bin_node/node_config_file.mli
View File

@ -19,7 +19,7 @@ and p2p = {
expected_pow : float ;
bootstrap_peers : string list ;
listen_addr : string option ;
closed : bool ;
private_mode : bool ;
limits : P2p.limits ;
disable_mempool : bool ;
}
@ -69,7 +69,7 @@ val update:
?bootstrap_peers:string list ->
?listen_addr:string ->
?rpc_listen_addr:string ->
?closed:bool ->
?private_mode:bool ->
?disable_mempool:bool ->
?cors_origins:string list ->
?cors_headers:string list ->

2
src/bin_node/node_run_command.ml
View File

@ -165,7 +165,7 @@ let init_node ?sandbox (config : Node_config_file.t) =
trusted_points ;
peers_file =
(config.data_dir // "peers.json") ;
closed_network = config.p2p.closed ;
private_mode = config.p2p.private_mode ;
identity ;
proof_of_work_target =
Crypto_box.make_target config.p2p.expected_pow ;

22
src/bin_node/node_shared_arg.ml
View File

@ -27,7 +27,7 @@ type t = {
no_bootstrap_peers: bool ;
listen_addr: string option ;
rpc_listen_addr: string option ;
closed: bool ;
private_mode: bool ;
disable_mempool: bool ;
cors_origins: string list ;
cors_headers: string list ;
@ -40,7 +40,7 @@ let wrap
data_dir config_file
connections max_download_speed max_upload_speed binary_chunks_size
peer_table_size
listen_addr peers no_bootstrap_peers bootstrap_threshold closed disable_mempool
listen_addr peers no_bootstrap_peers bootstrap_threshold private_mode disable_mempool
expected_pow rpc_listen_addr rpc_tls
cors_origins cors_headers log_output =
@ -80,7 +80,7 @@ let wrap
no_bootstrap_peers ;
listen_addr ;
rpc_listen_addr ;
closed ;
private_mode ;
disable_mempool ;
cors_origins ;
cors_headers ;
@ -209,10 +209,11 @@ module Term = struct
Arg.(value & opt (some float) None &
info ~docs ~doc ~docv:"FLOAT" ["expected-pow"])
let closed =
let private_mode =
let doc =
"Only accept connections from the configured bootstrap peers." in
Arg.(value & flag & info ~docs ~doc ["closed"])
"Only open outgoing/accept incoming connections to/from peers \
listed in 'bootstrap-peers' or provided with '--peer' option." in
Arg.(value & flag & info ~docs ~doc ["private-mode"])
let disable_mempool =
let doc =
@ -260,7 +261,8 @@ module Term = struct
$ connections
$ max_download_speed $ max_upload_speed $ binary_chunks_size
$ peer_table_size
$ listen_addr $ peers $ no_bootstrap_peers $ bootstrap_threshold $ closed $ disable_mempool
$ listen_addr $ peers $ no_bootstrap_peers $ bootstrap_threshold
$ private_mode $ disable_mempool
$ expected_pow $ rpc_listen_addr $ rpc_tls
$ cors_origins $ cors_headers
$ log_output
@ -280,7 +282,7 @@ let read_and_patch_config_file ?(ignore_bootstrap_peers=false) args =
peer_table_size ;
expected_pow ;
peers ; no_bootstrap_peers ;
listen_addr ; closed ;
listen_addr ; private_mode ;
disable_mempool ;
rpc_listen_addr ; rpc_tls ;
cors_origins ; cors_headers ;
@ -298,6 +300,6 @@ let read_and_patch_config_file ?(ignore_bootstrap_peers=false) args =
?data_dir ?min_connections ?expected_connections ?max_connections
?max_download_speed ?max_upload_speed ?binary_chunks_size
?peer_table_size ?expected_pow
~bootstrap_peers ?listen_addr ?rpc_listen_addr
~closed ~disable_mempool ~cors_origins ~cors_headers ?rpc_tls ?log_output
~bootstrap_peers ?listen_addr ?rpc_listen_addr ~private_mode
~disable_mempool ~cors_origins ~cors_headers ?rpc_tls ?log_output
?bootstrap_threshold cfg

2
src/bin_node/node_shared_arg.mli
View File

@ -22,7 +22,7 @@ type t = {
no_bootstrap_peers: bool ;
listen_addr: string option ;
rpc_listen_addr: string option ;
closed: bool ;
private_mode: bool ;
disable_mempool: bool ;
cors_origins: string list ;
cors_headers: string list ;

2
src/bin_node/tezos-sandboxed-node.sh
View File

@ -21,7 +21,7 @@ start_sandboxed_node() {
peers+=("--peer")
peers+=("127.0.0.1:$peer_port")
done
peers+=("--closed")
peers+=("--private-mode")
node="${local_node}"
sandbox_param="--sandbox=$sandbox_file"

4
src/lib_p2p/p2p.ml
View File

@ -39,7 +39,7 @@ type config = {
listening_addr : P2p_addr.t option;
trusted_points : P2p_point.Id.t list ;
peers_file : string ;
closed_network : bool ;
private_mode : bool ;
identity : P2p_identity.t ;
proof_of_work_target : Crypto_box.target ;
disable_mempool : bool ;
@ -98,7 +98,7 @@ let create_connection_pool config limits meta_cfg conn_meta_cfg msg_cfg io_sched
listening_port = config.listening_port ;
trusted_points = config.trusted_points ;
peers_file = config.peers_file ;
closed_network = config.closed_network ;
private_mode = config.private_mode ;
min_connections = limits.min_connections ;
max_connections = limits.max_connections ;
max_incoming_connections = limits.max_incoming_connections ;

8
src/lib_p2p/p2p.mli
View File

@ -57,9 +57,11 @@ type config = {
(** The path to the JSON file where the metadata associated to
peer_ids are loaded / stored. *)
closed_network : bool ;
(** If [true], the only accepted connections are from peers whose
addresses are in [trusted_points]. *)
private_mode : bool ;
(** If [true], only open outgoing/accept incoming connections
to/from peers whose addresses are in [trusted_peers], and inform
these peers that the identity of this node should be revealed to
the rest of the network. *)
identity : P2p_identity.t ;
(** Cryptographic identity of the peer. *)

6
src/lib_p2p/p2p_maintenance.ml
View File

@ -31,7 +31,7 @@ type 'meta t = {
It ignores points which are greylisted, or for which a connection
failed after [start_time] and the pointes that are banned. It
first selects points with the oldest last tentative.
Non-trusted points are also ignored if option --closed is set. *)
Non-trusted points are also ignored if option --private-mode is set. *)
let connectable st start_time expected seen_points =
let Pool pool = st.pool in
let now = Time.now () in
@ -46,7 +46,7 @@ let connectable st start_time expected seen_points =
| Some t1, Some t2 -> Time.compare t2 t1
end) in
let acc = Bounded_point_info.create expected in
let closed = (P2p_pool.config pool).P2p_pool.closed_network in
let private_mode = (P2p_pool.config pool).P2p_pool.private_mode in
let seen_points =
P2p_pool.Points.fold_known pool ~init:seen_points
~f:begin fun point pi seen_points ->
@ -57,7 +57,7 @@ let connectable st start_time expected seen_points =
*)
if P2p_point.Set.mem point seen_points ||
P2p_pool.Points.banned pool point ||
(closed && not (P2p_point_state.Info.trusted pi))
(private_mode && not (P2p_point_state.Info.trusted pi))
then
seen_points
else

10
src/lib_p2p/p2p_pool.ml
View File

@ -168,7 +168,7 @@ type config = {
trusted_points : P2p_point.Id.t list ;
peers_file : string ;
closed_network : bool ;
private_mode : bool ;
listening_port : P2p_addr.port option ;
min_connections : int ;
@ -673,8 +673,8 @@ let rec connect ?timeout pool point =
register_point pool pool.config.identity.peer_id point in
let addr, port as point = P2p_point_state.Info.point point_info in
fail_unless
(not pool.config.closed_network || P2p_point_state.Info.trusted point_info)
P2p_errors.Closed_network >>=? fun () ->
(not pool.config.private_mode || P2p_point_state.Info.trusted point_info)
P2p_errors.Private_mode >>=? fun () ->
fail_unless_disconnected_point point_info >>=? fun () ->
P2p_point_state.set_requested point_info canceler ;
let fd = Lwt_unix.socket PF_INET6 SOCK_STREAM 0 in
@ -766,12 +766,12 @@ and authenticate pool ?point_info canceler fd point =
in
let acceptable_point =
Option.unopt_map connection_point_info
~default:(not pool.config.closed_network)
~default:(not pool.config.private_mode)
~f:begin fun connection_point_info ->
match P2p_point_state.get connection_point_info with
| Requested _ -> not incoming
| Disconnected ->
not pool.config.closed_network
not pool.config.private_mode
|| P2p_point_state.Info.trusted connection_point_info
| Accepted _ | Running _ -> false
end

8
src/lib_p2p/p2p_pool.mli
View File

@ -55,9 +55,11 @@ type config = {
(** The path to the JSON file where the metadata associated to
peer_ids are loaded / stored. *)
closed_network : bool ;
(** If [true], the only accepted connections are from peers whose
addresses are in [trusted_peers]. *)
private_mode : bool ;
(** If [true], only open outgoing/accept incoming connections
to/from peers whose addresses are in [trusted_peers], and inform
these peers that the identity of this node should be revealed to
the rest of the network. *)
listening_port : P2p_addr.port option ;
(** If provided, it will be passed to [P2p_connection.authenticate]

2
src/lib_p2p/test/test_p2p_pool.ml
View File

@ -69,7 +69,7 @@ let detach_node f points n =
proof_of_work_target ;
trusted_points = points ;
peers_file = "/dev/null" ;
closed_network = true ;
private_mode = true ;
listening_port = Some port ;
min_connections = nb_points ;
max_connections = nb_points ;

16
src/lib_shell_services/p2p_errors.ml
View File

@ -144,7 +144,7 @@ type error += Connected
type error += Connection_refused
type error += Rejected of P2p_peer.Id.t
type error += Too_many_connections
type error += Closed_network
type error += Private_mode
type error += Point_banned of P2p_point.Id.t
type error += Peer_banned of P2p_peer.Id.t
@ -200,16 +200,16 @@ let () =
Data_encoding.empty
(function Too_many_connections -> Some () | _ -> None)
(fun () -> Too_many_connections) ;
(* Closed network *)
(* Private mode *)
register_error_kind
`Permanent
~id:"node.p2p_pool.closed_network"
~title:"Closed network"
~description:"Network is closed."
~pp:(fun ppf () -> Format.fprintf ppf "Network is closed.")
~id:"node.p2p_pool.private_mode"
~title:"Private mode"
~description:"Node is in private mode."
~pp:(fun ppf () -> Format.fprintf ppf "Node is in private mode.")
Data_encoding.empty
(function Closed_network -> Some () | _ -> None)
(fun () -> Closed_network) ;
(function Private_mode -> Some () | _ -> None)
(fun () -> Private_mode) ;
(* Point Banned *)
register_error_kind
`Permanent