balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

P2p: use --private-mode for sandboxed nodes

Browse Source
This commit is contained in:
Grégoire Henry 2019-02-20 18:56:49 +01:00
parent d78505fff8
commit 987d3a9c6a
No known key found for this signature in database
GPG Key ID: 827A020B224844F1
8 changed files with 35 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/bin_node/node_run_command.ml
View File

@ -172,6 +172,7 @@ let init_node ?sandbox ?checkpoint (config : Node_config_file.t) =
proof_of_work_target = proof_of_work_target =
Crypto_box.make_target config.p2p.expected_pow ; Crypto_box.make_target config.p2p.expected_pow ;
disable_mempool = config.p2p.disable_mempool ; disable_mempool = config.p2p.disable_mempool ;
trust_discovered_peers = (sandbox_param <> None) ;
} }
in in
return_some (p2p_config, config.p2p.limits) return_some (p2p_config, config.p2p.limits)

2
src/bin_node/tezos-sandboxed-node.sh
View File

@ -17,7 +17,7 @@ start_sandboxed_node() {
expected_connections="${expected_connections:-3}" expected_connections="${expected_connections:-3}"
node_dir="$(mktemp -d -t tezos-node.XXXXXXXX)" node_dir="$(mktemp -d -t tezos-node.XXXXXXXX)"
peers=("--no-bootstrap-peers") peers=("--no-bootstrap-peers")
# peers+=("--private-mode") ## Should we accept discovered peers as trusted nodes ? peers+=("--private-mode")
node="${local_node}" node="${local_node}"
sandbox_param="--sandbox=$sandbox_file" sandbox_param="--sandbox=$sandbox_file"

4
src/lib_p2p/p2p.ml
View File

@ -64,6 +64,7 @@ type config = {
identity : P2p_identity.t ; identity : P2p_identity.t ;
proof_of_work_target : Crypto_box.target ; proof_of_work_target : Crypto_box.target ;
disable_mempool : bool ; disable_mempool : bool ;
trust_discovered_peers : bool ;
} }
type limits = { type limits = {
@ -147,7 +148,8 @@ let may_create_discovery_worker _limits config pool =
Some (P2p_discovery.create pool Some (P2p_discovery.create pool
config.identity.peer_id config.identity.peer_id
~listening_port ~listening_port
~discovery_port ~discovery_addr) ~discovery_port ~discovery_addr
~trust_discovered_peers:config.trust_discovered_peers)
| (_, _, _) -> | (_, _, _) ->
None None

4
src/lib_p2p/p2p.mli
View File

@ -98,6 +98,10 @@ type config = {
disable_mempool : bool ; disable_mempool : bool ;
(** If [true], all non-empty mempools will be ignored. *) (** If [true], all non-empty mempools will be ignored. *)
trust_discovered_peers : bool ;
(** If [true], peers discovered on the local network will be trusted. *)
} }
(** Network capacities *) (** Network capacities *)

15
src/lib_p2p/p2p_discovery.ml
View File

@ -49,6 +49,7 @@ module Answer = struct
pool: pool ; pool: pool ;
discovery_port: int ; discovery_port: int ;
canceler: Lwt_canceler.t ; canceler: Lwt_canceler.t ;
trust_discovered_peers: bool ;
mutable worker: unit Lwt.t ; mutable worker: unit Lwt.t ;
} }
@ -98,7 +99,9 @@ module Answer = struct
let Pool pool = st.pool in let Pool pool = st.pool in
lwt_log_info "Registering new point %a:%d" lwt_log_info "Registering new point %a:%d"
P2p_addr.pp addr remote_port >>= fun () -> P2p_addr.pp addr remote_port >>= fun () ->
P2p_pool.register_new_point pool st.my_peer_id P2p_pool.register_new_point
~trusted:st.trust_discovered_peers
pool st.my_peer_id
(addr, remote_port) ; (addr, remote_port) ;
aux () aux ()
end end
@ -123,10 +126,11 @@ module Answer = struct
Lwt_canceler.cancel st.canceler >>= fun () -> Lwt_canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit Lwt.return_unit
let create my_peer_id pool ~discovery_port = { let create my_peer_id pool ~trust_discovered_peers ~discovery_port = {
canceler = Lwt_canceler.create () ; canceler = Lwt_canceler.create () ;
my_peer_id ; my_peer_id ;
discovery_port ; discovery_port ;
trust_discovered_peers ;
pool = Pool pool ; pool = Pool pool ;
worker = Lwt.return_unit ; worker = Lwt.return_unit ;
} }
@ -225,8 +229,7 @@ module Sender = struct
Lwt_canceler.cancel st.canceler >>= fun () -> Lwt_canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit Lwt.return_unit
let create let create my_peer_id pool ~listening_port ~discovery_port ~discovery_addr = {
my_peer_id pool ~listening_port ~discovery_port ~discovery_addr = {
canceler = Lwt_canceler.create () ; canceler = Lwt_canceler.create () ;
my_peer_id ; my_peer_id ;
listening_port ; listening_port ;
@ -252,8 +255,8 @@ type t = {
sender: Sender.t ; sender: Sender.t ;
} }
let create ~listening_port ~discovery_port ~discovery_addr pool my_peer_id = let create ~listening_port ~discovery_port ~discovery_addr ~trust_discovered_peers pool my_peer_id =
let answer = Answer.create my_peer_id pool ~discovery_port in let answer = Answer.create my_peer_id pool ~discovery_port ~trust_discovered_peers in
let sender = let sender =
Sender.create Sender.create
my_peer_id pool ~listening_port ~discovery_port ~discovery_addr in my_peer_id pool ~listening_port ~discovery_port ~discovery_addr in

7
src/lib_p2p/p2p_discovery.mli
View File

@ -43,8 +43,11 @@ type t
returns a discovery worker registering local peers to the [pool] returns a discovery worker registering local peers to the [pool]
and broadcasting discovery messages with the [peer_id] and and broadcasting discovery messages with the [peer_id] and
the [listening_port] through the address [discovery_addr:discovery_port]. *) the [listening_port] through the address [discovery_addr:discovery_port]. *)
val create : listening_port:int -> discovery_port:int -> val create :
discovery_addr:Ipaddr.V4.t -> ('a, 'b, 'c) P2p_pool.t -> P2p_peer.Table.key -> listening_port:int ->
discovery_port:int -> discovery_addr:Ipaddr.V4.t ->
trust_discovered_peers:bool ->
('a, 'b, 'c) P2p_pool.t -> P2p_peer.Table.key ->
t t
val activate : t -> unit val activate : t -> unit

16
src/lib_p2p/p2p_pool.ml
View File

@ -337,7 +337,13 @@ let register_point pool ?trusted _source_peer_id (addr, port as point) =
Lwt_condition.broadcast pool.events.new_point () ; Lwt_condition.broadcast pool.events.new_point () ;
log pool (New_point point) ; log pool (New_point point) ;
point_info point_info
| Some point_info -> point_info | Some point_info ->
begin
match trusted with
| Some true -> P2p_point_state.Info.set_trusted point_info ;
| _ -> ()
end ;
point_info
let may_register_my_id_point pool = function let may_register_my_id_point pool = function
| [P2p_errors.Myself (addr, Some port)] -> | [P2p_errors.Myself (addr, Some port)] ->
@ -1027,15 +1033,15 @@ and disconnect ?(wait = false) conn =
conn.wait_close <- wait ; conn.wait_close <- wait ;
Answerer.shutdown (Lazy.force conn.answerer) Answerer.shutdown (Lazy.force conn.answerer)
and register_new_points pool conn = and register_new_points ?trusted pool conn =
let source_peer_id = P2p_peer_state.Info.peer_id conn.peer_info in let source_peer_id = P2p_peer_state.Info.peer_id conn.peer_info in
fun points -> fun points ->
List.iter (register_new_point pool source_peer_id) points ; List.iter (register_new_point ?trusted pool source_peer_id) points ;
Lwt.return_unit Lwt.return_unit
and register_new_point pool source_peer_id point = and register_new_point ?trusted pool source_peer_id point =
if not (P2p_point.Table.mem pool.my_id_points point) then if not (P2p_point.Table.mem pool.my_id_points point) then
ignore (register_point pool source_peer_id point) ignore (register_point ?trusted pool source_peer_id point)
and list_known_points ?(ignore_private = false) pool conn = and list_known_points ?(ignore_private = false) pool conn =
if Connection.private_node conn then if Connection.private_node conn then

1
src/lib_p2p/p2p_pool.mli
View File

@ -239,6 +239,7 @@ val accept:
accepting a connection from [fd]. Used by [P2p_welcome]. *) accepting a connection from [fd]. Used by [P2p_welcome]. *)
val register_new_point: val register_new_point:
?trusted:bool ->
('a, 'b, 'c) pool -> P2p_peer.Table.key -> P2p_point.Id.t -> unit ('a, 'b, 'c) pool -> P2p_peer.Table.key -> P2p_point.Id.t -> unit
(** [register_new_point pool source_peer_id point] tries to register [point] (** [register_new_point pool source_peer_id point] tries to register [point]
in pool's internal peer table. *) in pool's internal peer table. *)