balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Node/Sandbox: allow 'private' address

Browse Source 
Allows any kind of 'private' listening address (as defined by IANA)
rather than only allowing `[::1]`.

Also document the error.
This commit is contained in:
Grégoire Henry 2017-08-28 20:02:40 +02:00
parent 8c9f5f21a5
commit d2ad611c3d
4 changed files with 43 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/node/main/node_run_command.ml
View File

@ -20,7 +20,24 @@ let genesis : State.Net.genesis = {
"ProtoGenesisGenesisGenesisGenesisGenesisGenesk612im" ; "ProtoGenesisGenesisGenesisGenesisGenesisGenesk612im" ;
} }
type error += Nonlocalhost_sandbox of P2p_types.addr type error += Non_private_sandbox of P2p_types.addr
let () =
register_error_kind
`Permanent
~id:"main.run.non_private_sandbox"
~title:"Fordidden public sandbox"
~description:"A sandboxed node should not listen on public address."
~pp:begin fun ppf addr ->
Format.fprintf ppf
"The node is configured to listen a public addres (%a), \
while only 'private' network are authorised with `--sandbox`.
See `%s run --help` on how to change the listening address."
Ipaddr.V6.pp_hum addr Sys.argv.(0)
end
Data_encoding.(obj1 (req "addr" P2p_types.addr_encoding))
(function Non_private_sandbox addr -> Some addr | _ -> None)
(fun addr -> Non_private_sandbox addr)
let (//) = Filename.concat let (//) = Filename.concat
@ -93,8 +110,8 @@ let init_node ?sandbox (config : Node_config_file.t) =
| Some addr, Some _ | Some addr, Some _
when Ipaddr.V6.(compare addr unspecified) = 0 -> when Ipaddr.V6.(compare addr unspecified) = 0 ->
return None return None
| Some addr, Some _ when Ipaddr.V6.(compare addr localhost) != 0 -> | Some addr, Some _ when not (Ipaddr.V6.is_private addr) ->
fail (Nonlocalhost_sandbox addr) fail (Non_private_sandbox addr)
| None, Some _ -> return None | None, Some _ -> return None
| _ -> | _ ->
(Node_config_file.resolve_bootstrap_addrs (Node_config_file.resolve_bootstrap_addrs

5
src/node/net/p2p_connection_pool_types.ml
View File

@ -320,14 +320,13 @@ module Peer_info = struct
let open Data_encoding in let open Data_encoding in
conv conv
(fun { kind ; timestamp ; point = (addr, port) } -> (fun { kind ; timestamp ; point = (addr, port) } ->
(kind, timestamp, Ipaddr.V6.to_string addr, port)) (kind, timestamp, addr, port))
(fun (kind, timestamp, addr, port) -> (fun (kind, timestamp, addr, port) ->
let addr = Ipaddr.V6.of_string_exn addr in
{ kind ; timestamp ; point = (addr, port) }) { kind ; timestamp ; point = (addr, port) })
(obj4 (obj4
(req "kind" kind_encoding) (req "kind" kind_encoding)
(req "timestamp" Time.encoding) (req "timestamp" Time.encoding)
(req "addr" string) (req "addr" P2p_types.addr_encoding)
(opt "port" int16)) (opt "port" int16))
end end

26
src/node/net/p2p_types.ml
View File

@ -108,6 +108,23 @@ module Peer_id = Crypto_box.Public_key_hash
(* public types *) (* public types *)
type addr = Ipaddr.V6.t type addr = Ipaddr.V6.t
let addr_encoding =
let open Data_encoding in
splitted
~json:begin
conv
Ipaddr.V6.to_string
Ipaddr.V6.of_string_exn
string
end
~binary:begin
conv
Ipaddr.V6.to_bytes
Ipaddr.V6.of_bytes_exn
string
end
type port = int type port = int
module Point = struct module Point = struct
@ -202,12 +219,9 @@ module Id_point = struct
let encoding = let encoding =
let open Data_encoding in let open Data_encoding in
conv (obj2
(fun (addr, port) -> Ipaddr.V6.to_string addr, port) (req "addr" addr_encoding)
(fun (addr, port) -> Ipaddr.V6.of_string_exn addr, port) (opt "port" uint16))
(obj2
(req "addr" string)
(opt "port" uint16))
end end

1
src/node/net/p2p_types.mli
View File

@ -45,6 +45,7 @@ end
type addr = Ipaddr.V6.t type addr = Ipaddr.V6.t
type port = int type port = int
val addr_encoding : addr Data_encoding.t
(** Point, i.e. socket address *) (** Point, i.e. socket address *)