From de0549fabb8be4dbaf382ee68ec1b702cb0c5c97 Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Wed, 29 Apr 2015 18:04:08 +0300 Subject: cmd/geth, cmd/mist, cmd/utils, eth, p2p: support trusted peers --- p2p/server.go | 90 ++++++++++++++++++++++++++++++++++++++++++++++-------- p2p/server_test.go | 2 +- 2 files changed, 78 insertions(+), 14 deletions(-) (limited to 'p2p') diff --git a/p2p/server.go b/p2p/server.go index 5c5883ae8..794c36125 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -18,8 +18,9 @@ import ( ) const ( - defaultDialTimeout = 10 * time.Second - refreshPeersInterval = 30 * time.Second + defaultDialTimeout = 10 * time.Second + refreshPeersInterval = 30 * time.Second + trustedPeerCheckInterval = 15 * time.Second // This is the maximum number of inbound connection // that are allowed to linger between 'accepted' and @@ -59,6 +60,10 @@ type Server struct { // with the rest of the network. BootstrapNodes []*discover.Node + // Trusted nodes are used as privileged connections which are always accepted + // and also always maintained. + TrustedNodes []*discover.Node + // NodeDatabase is the path to the database containing the previously seen // live nodes in the network. NodeDatabase string @@ -99,13 +104,15 @@ type Server struct { running bool peers map[discover.NodeID]*Peer + trusts map[discover.NodeID]*discover.Node // Map of currently trusted remote nodes + trustDial chan *discover.Node // Dial request channel reserved for the trusted nodes + ntab *discover.Table listener net.Listener - quit chan struct{} - loopWG sync.WaitGroup // {dial,listen,nat}Loop - peerWG sync.WaitGroup // active peer goroutines - peerConnect chan *discover.Node + quit chan struct{} + loopWG sync.WaitGroup // {dial,listen,nat}Loop + peerWG sync.WaitGroup // active peer goroutines } type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool) (*conn, error) @@ -131,10 +138,9 @@ func (srv *Server) PeerCount() int { return n } -// SuggestPeer creates a connection to the given Node if it -// is not already connected. -func (srv *Server) SuggestPeer(n *discover.Node) { - srv.peerConnect <- n +// TrustPeer inserts a node into the list of privileged nodes. +func (srv *Server) TrustPeer(node *discover.Node) { + srv.trustDial <- node } // Broadcast sends an RLP-encoded message to all connected peers. @@ -195,7 +201,14 @@ func (srv *Server) Start() (err error) { } srv.quit = make(chan struct{}) srv.peers = make(map[discover.NodeID]*Peer) - srv.peerConnect = make(chan *discover.Node) + + // Create the current trust map, and the associated dialing channel + srv.trusts = make(map[discover.NodeID]*discover.Node) + for _, node := range srv.TrustedNodes { + srv.trusts[node.ID] = node + } + srv.trustDial = make(chan *discover.Node) + if srv.setupFunc == nil { srv.setupFunc = setupConn } @@ -229,6 +242,8 @@ func (srv *Server) Start() (err error) { if srv.NoDial && srv.ListenAddr == "" { glog.V(logger.Warn).Infoln("I will be kind-of useless, neither dialing nor listening.") } + // maintain the trusted peers + go srv.trustLoop() srv.running = true return nil @@ -323,6 +338,45 @@ func (srv *Server) listenLoop() { } } +// trustLoop is responsible for periodically checking that trusted connections +// are actually live, and requests dialing if not. +func (srv *Server) trustLoop() { + // Create a ticker for verifying trusted connections + tick := time.Tick(trustedPeerCheckInterval) + + for { + select { + case <-srv.quit: + // Termination requested, simple return + return + + case <-tick: + // Collect all the non-connected trusted nodes + needed := []*discover.Node{} + srv.lock.RLock() + for id, node := range srv.trusts { + if _, ok := srv.peers[id]; !ok { + needed = append(needed, node) + } + } + srv.lock.RUnlock() + + // Try to dial each of them (don't hang if server terminates) + for _, node := range needed { + glog.V(logger.Error).Infof("Dialing trusted peer %v", node) + select { + case srv.trustDial <- node: + // Ok, dialing + + case <-srv.quit: + // Terminating, return + return + } + } + } + } +} + func (srv *Server) dialLoop() { var ( dialed = make(chan *discover.Node) @@ -373,7 +427,7 @@ func (srv *Server) dialLoop() { // below MaxPeers. refresh.Reset(refreshPeersInterval) } - case dest := <-srv.peerConnect: + case dest := <-srv.trustDial: dial(dest) case dests := <-findresults: for _, dest := range dests { @@ -472,16 +526,26 @@ func (srv *Server) addPeer(id discover.NodeID, p *Peer) (bool, DiscReason) { return true, 0 } +// checkPeer verifies whether a peer looks promising and should be allowed/kept +// in the pool, or if it's of no use. func (srv *Server) checkPeer(id discover.NodeID) (bool, DiscReason) { + // First up, figure out if the peer is trusted + _, trusted := srv.trusts[id] + + // Make sure the peer passes all required checks switch { case !srv.running: return false, DiscQuitting - case len(srv.peers) >= srv.MaxPeers: + + case !trusted && len(srv.peers) >= srv.MaxPeers: return false, DiscTooManyPeers + case srv.peers[id] != nil: return false, DiscAlreadyConnected + case id == srv.ntab.Self().ID: return false, DiscSelf + default: return true, 0 } diff --git a/p2p/server_test.go b/p2p/server_test.go index 53cc3c258..e99d37ed0 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.SuggestPeer(&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port}) + srv.trustDial <-&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: -- cgit From 14f32a0c3a30c172c62272aa93f97e8a3d72ddcb Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Wed, 29 Apr 2015 18:59:08 +0300 Subject: p2p: reduce the severity of a debug log --- p2p/server.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'p2p') diff --git a/p2p/server.go b/p2p/server.go index 794c36125..d85696e20 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -363,7 +363,7 @@ func (srv *Server) trustLoop() { // Try to dial each of them (don't hang if server terminates) for _, node := range needed { - glog.V(logger.Error).Infof("Dialing trusted peer %v", node) + glog.V(logger.Debug).Infof("Dialing trusted peer %v", node) select { case srv.trustDial <- node: // Ok, dialing -- cgit From 1528dbc17101597348eefe3f3fb8d4f0d5c54b3c Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Thu, 30 Apr 2015 12:41:27 +0300 Subject: p2p: add trust check to handshake, test privileged connectivity Conflicts: p2p/server_test.go --- p2p/handshake.go | 14 +++++------ p2p/handshake_test.go | 4 +-- p2p/server.go | 17 ++++++++++--- p2p/server_test.go | 68 ++++++++++++++++++++++++++++++++++++++++++++++++--- 4 files changed, 88 insertions(+), 15 deletions(-) (limited to 'p2p') diff --git a/p2p/handshake.go b/p2p/handshake.go index 79395f23f..280b5068e 100644 --- a/p2p/handshake.go +++ b/p2p/handshake.go @@ -70,21 +70,21 @@ type protoHandshake struct { // If dial is non-nil, the connection the local node is the initiator. // If atcap is true, the connection will be disconnected with DiscTooManyPeers // after the key exchange. -func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { if dial == nil { - return setupInboundConn(fd, prv, our, atcap) + return setupInboundConn(fd, prv, our, atcap, trust) } else { - return setupOutboundConn(fd, prv, our, dial, atcap) + return setupOutboundConn(fd, prv, our, dial, atcap, trust) } } -func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool) (*conn, error) { +func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := receiverEncHandshake(fd, prv, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } @@ -99,13 +99,13 @@ func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, a return &conn{rw, rhs}, nil } -func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := initiatorEncHandshake(fd, prv, dial.ID, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } diff --git a/p2p/handshake_test.go b/p2p/handshake_test.go index c22af7a9c..5e63e5c39 100644 --- a/p2p/handshake_test.go +++ b/p2p/handshake_test.go @@ -143,7 +143,7 @@ func TestSetupConn(t *testing.T) { done := make(chan struct{}) go func() { defer close(done) - conn0, err := setupConn(fd0, prv0, hs0, node1, false) + conn0, err := setupConn(fd0, prv0, hs0, node1, false, nil) if err != nil { t.Errorf("outbound side error: %v", err) return @@ -156,7 +156,7 @@ func TestSetupConn(t *testing.T) { } }() - conn1, err := setupConn(fd1, prv1, hs1, nil, false) + conn1, err := setupConn(fd1, prv1, hs1, nil, false, nil) if err != nil { t.Fatalf("inbound side error: %v", err) } diff --git a/p2p/server.go b/p2p/server.go index d85696e20..d8c5ecd77 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -115,7 +115,7 @@ type Server struct { peerWG sync.WaitGroup // active peer goroutines } -type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool) (*conn, error) +type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool, map[discover.NodeID]bool) (*conn, error) type newPeerHook func(*Peer) // Peers returns all connected peers. @@ -140,7 +140,10 @@ func (srv *Server) PeerCount() int { // TrustPeer inserts a node into the list of privileged nodes. func (srv *Server) TrustPeer(node *discover.Node) { - srv.trustDial <- node + srv.lock.Lock() + defer srv.lock.Unlock() + + srv.trusts[node.ID] = node } // Broadcast sends an RLP-encoded message to all connected peers. @@ -470,10 +473,18 @@ func (srv *Server) startPeer(fd net.Conn, dest *discover.Node) { // returns during that exchange need to call peerWG.Done because // the callers of startPeer added the peer to the wait group already. fd.SetDeadline(time.Now().Add(handshakeTimeout)) + + // Check capacity and trust list srv.lock.RLock() atcap := len(srv.peers) == srv.MaxPeers + + trust := make(map[discover.NodeID]bool) + for id, _ := range srv.trusts { + trust[id] = true + } srv.lock.RUnlock() - conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap) + + conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap, trust) if err != nil { fd.Close() glog.V(logger.Debug).Infof("Handshake with %v failed: %v", fd.RemoteAddr(), err) diff --git a/p2p/server_test.go b/p2p/server_test.go index e99d37ed0..a79679ac1 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.trustDial <-&discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} + srv.trustDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false) + _, err = setupConn(conn, key, hs, srv.Self(), false, nil) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -219,6 +219,68 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +// Tests that trusted peers and can connect above max peer caps. +func TestServerTrustedPeers(t *testing.T) { + defer testlog(t).detach() + + // Create a test server with limited connection slots + started := make(chan *Peer) + server := &Server{ + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + NoDial: true, + newPeerHook: func(p *Peer) { started <- p }, + } + if err := server.Start(); err != nil { + t.Fatal(err) + } + defer server.Stop() + + // Fill up all the slots on the server + dialer := &net.Dialer{Deadline: time.Now().Add(3 * time.Second)} + for i := 0; i < server.MaxPeers; i++ { + // Establish a new connection + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("conn %d: dial error: %v", i, err) + } + defer conn.Close() + + // Run the handshakes just like a real peer would, and wait for completion + key := newkey() + shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} + if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + t.Fatalf("conn %d: unexpected error: %v", i, err) + } + <-started + } + // Inject a trusted node and dial that (we'll connect from this end, don't need IP setup) + key := newkey() + trusted := &discover.Node{ + ID: discover.PubkeyID(&key.PublicKey), + } + server.TrustPeer(trusted) + + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("trusted node: dial error: %v", err) + } + defer conn.Close() + + shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} + if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + t.Fatalf("trusted node: unexpected error: %v", err) + } + select { + case <-started: + // Ok, trusted peer accepted + + case <-time.After(100 * time.Millisecond): + t.Fatalf("trusted node timeout") + } +} + func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() if err != nil { -- cgit From 701591b403a8bae8c1dfb648a49d587968ff0c6a Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Thu, 30 Apr 2015 16:15:29 +0300 Subject: cmd, eth, p2p: fix review issues enumerated by Felix --- p2p/server.go | 31 +++++++++++-------------------- p2p/server_test.go | 2 +- 2 files changed, 12 insertions(+), 21 deletions(-) (limited to 'p2p') diff --git a/p2p/server.go b/p2p/server.go index d8c5ecd77..dbb2e5f9e 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -100,10 +100,9 @@ type Server struct { ourHandshake *protoHandshake - lock sync.RWMutex // protects running and peers - running bool - peers map[discover.NodeID]*Peer - + lock sync.RWMutex // protects running, peers and the trust fields + running bool + peers map[discover.NodeID]*Peer trusts map[discover.NodeID]*discover.Node // Map of currently trusted remote nodes trustDial chan *discover.Node // Dial request channel reserved for the trusted nodes @@ -138,8 +137,10 @@ func (srv *Server) PeerCount() int { return n } -// TrustPeer inserts a node into the list of privileged nodes. -func (srv *Server) TrustPeer(node *discover.Node) { +// AddPeer connects to the given node and maintains the connection until the +// server is shut down. If the connection fails for any reason, the server will +// attempt to reconnect the peer. +func (srv *Server) AddPeer(node *discover.Node) { srv.lock.Lock() defer srv.lock.Unlock() @@ -246,7 +247,7 @@ func (srv *Server) Start() (err error) { glog.V(logger.Warn).Infoln("I will be kind-of useless, neither dialing nor listening.") } // maintain the trusted peers - go srv.trustLoop() + go srv.trustedNodesLoop() srv.running = true return nil @@ -341,16 +342,13 @@ func (srv *Server) listenLoop() { } } -// trustLoop is responsible for periodically checking that trusted connections -// are actually live, and requests dialing if not. -func (srv *Server) trustLoop() { - // Create a ticker for verifying trusted connections +// trustedNodesLoop is responsible for periodically checking that trusted +// connections are actually live, and requests dialing if not. +func (srv *Server) trustedNodesLoop() { tick := time.Tick(trustedPeerCheckInterval) - for { select { case <-srv.quit: - // Termination requested, simple return return case <-tick: @@ -369,10 +367,7 @@ func (srv *Server) trustLoop() { glog.V(logger.Debug).Infof("Dialing trusted peer %v", node) select { case srv.trustDial <- node: - // Ok, dialing - case <-srv.quit: - // Terminating, return return } } @@ -547,16 +542,12 @@ func (srv *Server) checkPeer(id discover.NodeID) (bool, DiscReason) { switch { case !srv.running: return false, DiscQuitting - case !trusted && len(srv.peers) >= srv.MaxPeers: return false, DiscTooManyPeers - case srv.peers[id] != nil: return false, DiscAlreadyConnected - case id == srv.ntab.Self().ID: return false, DiscSelf - default: return true, 0 } diff --git a/p2p/server_test.go b/p2p/server_test.go index a79679ac1..3e3fd6cc0 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -260,7 +260,7 @@ func TestServerTrustedPeers(t *testing.T) { trusted := &discover.Node{ ID: discover.PubkeyID(&key.PublicKey), } - server.TrustPeer(trusted) + server.AddPeer(trusted) conn, err := dialer.Dial("tcp", server.ListenAddr) if err != nil { -- cgit From 413ace37d3ba13a551f60e4089f2e0070c607970 Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Thu, 30 Apr 2015 19:32:48 +0300 Subject: eth, p2p: rename trusted nodes to static, drop inbound extra slots --- p2p/handshake.go | 14 +++++------ p2p/handshake_test.go | 4 ++-- p2p/server.go | 64 +++++++++++++++++++++++++-------------------------- p2p/server_test.go | 12 ++++++---- 4 files changed, 48 insertions(+), 46 deletions(-) (limited to 'p2p') diff --git a/p2p/handshake.go b/p2p/handshake.go index 280b5068e..79395f23f 100644 --- a/p2p/handshake.go +++ b/p2p/handshake.go @@ -70,21 +70,21 @@ type protoHandshake struct { // If dial is non-nil, the connection the local node is the initiator. // If atcap is true, the connection will be disconnected with DiscTooManyPeers // after the key exchange. -func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { +func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { if dial == nil { - return setupInboundConn(fd, prv, our, atcap, trust) + return setupInboundConn(fd, prv, our, atcap) } else { - return setupOutboundConn(fd, prv, our, dial, atcap, trust) + return setupOutboundConn(fd, prv, our, dial, atcap) } } -func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { +func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool) (*conn, error) { secrets, err := receiverEncHandshake(fd, prv, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap && !trust[secrets.RemoteID] { + if atcap { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } @@ -99,13 +99,13 @@ func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, a return &conn{rw, rhs}, nil } -func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { +func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { secrets, err := initiatorEncHandshake(fd, prv, dial.ID, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap && !trust[secrets.RemoteID] { + if atcap { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } diff --git a/p2p/handshake_test.go b/p2p/handshake_test.go index 5e63e5c39..c22af7a9c 100644 --- a/p2p/handshake_test.go +++ b/p2p/handshake_test.go @@ -143,7 +143,7 @@ func TestSetupConn(t *testing.T) { done := make(chan struct{}) go func() { defer close(done) - conn0, err := setupConn(fd0, prv0, hs0, node1, false, nil) + conn0, err := setupConn(fd0, prv0, hs0, node1, false) if err != nil { t.Errorf("outbound side error: %v", err) return @@ -156,7 +156,7 @@ func TestSetupConn(t *testing.T) { } }() - conn1, err := setupConn(fd1, prv1, hs1, nil, false, nil) + conn1, err := setupConn(fd1, prv1, hs1, nil, false) if err != nil { t.Fatalf("inbound side error: %v", err) } diff --git a/p2p/server.go b/p2p/server.go index dbb2e5f9e..091bf0b2a 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -60,9 +60,9 @@ type Server struct { // with the rest of the network. BootstrapNodes []*discover.Node - // Trusted nodes are used as privileged connections which are always accepted - // and also always maintained. - TrustedNodes []*discover.Node + // Static nodes are used as pre-configured connections which are always + // maintained and re-connected on disconnects. + StaticNodes []*discover.Node // NodeDatabase is the path to the database containing the previously seen // live nodes in the network. @@ -100,11 +100,11 @@ type Server struct { ourHandshake *protoHandshake - lock sync.RWMutex // protects running, peers and the trust fields - running bool - peers map[discover.NodeID]*Peer - trusts map[discover.NodeID]*discover.Node // Map of currently trusted remote nodes - trustDial chan *discover.Node // Dial request channel reserved for the trusted nodes + lock sync.RWMutex // protects running, peers and the trust fields + running bool + peers map[discover.NodeID]*Peer + statics map[discover.NodeID]*discover.Node // Map of currently static remote nodes + staticDial chan *discover.Node // Dial request channel reserved for the static nodes ntab *discover.Table listener net.Listener @@ -114,7 +114,7 @@ type Server struct { peerWG sync.WaitGroup // active peer goroutines } -type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool, map[discover.NodeID]bool) (*conn, error) +type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool) (*conn, error) type newPeerHook func(*Peer) // Peers returns all connected peers. @@ -144,7 +144,7 @@ func (srv *Server) AddPeer(node *discover.Node) { srv.lock.Lock() defer srv.lock.Unlock() - srv.trusts[node.ID] = node + srv.statics[node.ID] = node } // Broadcast sends an RLP-encoded message to all connected peers. @@ -207,11 +207,11 @@ func (srv *Server) Start() (err error) { srv.peers = make(map[discover.NodeID]*Peer) // Create the current trust map, and the associated dialing channel - srv.trusts = make(map[discover.NodeID]*discover.Node) - for _, node := range srv.TrustedNodes { - srv.trusts[node.ID] = node + srv.statics = make(map[discover.NodeID]*discover.Node) + for _, node := range srv.StaticNodes { + srv.statics[node.ID] = node } - srv.trustDial = make(chan *discover.Node) + srv.staticDial = make(chan *discover.Node) if srv.setupFunc == nil { srv.setupFunc = setupConn @@ -246,8 +246,8 @@ func (srv *Server) Start() (err error) { if srv.NoDial && srv.ListenAddr == "" { glog.V(logger.Warn).Infoln("I will be kind-of useless, neither dialing nor listening.") } - // maintain the trusted peers - go srv.trustedNodesLoop() + // maintain the static peers + go srv.staticNodesLoop() srv.running = true return nil @@ -342,9 +342,9 @@ func (srv *Server) listenLoop() { } } -// trustedNodesLoop is responsible for periodically checking that trusted +// staticNodesLoop is responsible for periodically checking that static // connections are actually live, and requests dialing if not. -func (srv *Server) trustedNodesLoop() { +func (srv *Server) staticNodesLoop() { tick := time.Tick(trustedPeerCheckInterval) for { select { @@ -352,10 +352,10 @@ func (srv *Server) trustedNodesLoop() { return case <-tick: - // Collect all the non-connected trusted nodes + // Collect all the non-connected static nodes needed := []*discover.Node{} srv.lock.RLock() - for id, node := range srv.trusts { + for id, node := range srv.statics { if _, ok := srv.peers[id]; !ok { needed = append(needed, node) } @@ -364,9 +364,9 @@ func (srv *Server) trustedNodesLoop() { // Try to dial each of them (don't hang if server terminates) for _, node := range needed { - glog.V(logger.Debug).Infof("Dialing trusted peer %v", node) + glog.V(logger.Debug).Infof("Dialing static peer %v", node) select { - case srv.trustDial <- node: + case srv.staticDial <- node: case <-srv.quit: return } @@ -425,7 +425,7 @@ func (srv *Server) dialLoop() { // below MaxPeers. refresh.Reset(refreshPeersInterval) } - case dest := <-srv.trustDial: + case dest := <-srv.staticDial: dial(dest) case dests := <-findresults: for _, dest := range dests { @@ -469,17 +469,17 @@ func (srv *Server) startPeer(fd net.Conn, dest *discover.Node) { // the callers of startPeer added the peer to the wait group already. fd.SetDeadline(time.Now().Add(handshakeTimeout)) - // Check capacity and trust list + // Check capacity, but override for static nodes srv.lock.RLock() atcap := len(srv.peers) == srv.MaxPeers - - trust := make(map[discover.NodeID]bool) - for id, _ := range srv.trusts { - trust[id] = true + if dest != nil { + if _, ok := srv.statics[dest.ID]; ok { + atcap = false + } } srv.lock.RUnlock() - conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap, trust) + conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap) if err != nil { fd.Close() glog.V(logger.Debug).Infof("Handshake with %v failed: %v", fd.RemoteAddr(), err) @@ -535,14 +535,14 @@ func (srv *Server) addPeer(id discover.NodeID, p *Peer) (bool, DiscReason) { // checkPeer verifies whether a peer looks promising and should be allowed/kept // in the pool, or if it's of no use. func (srv *Server) checkPeer(id discover.NodeID) (bool, DiscReason) { - // First up, figure out if the peer is trusted - _, trusted := srv.trusts[id] + // First up, figure out if the peer is static + _, static := srv.statics[id] // Make sure the peer passes all required checks switch { case !srv.running: return false, DiscQuitting - case !trusted && len(srv.peers) >= srv.MaxPeers: + case !static && len(srv.peers) >= srv.MaxPeers: return false, DiscTooManyPeers case srv.peers[id] != nil: return false, DiscAlreadyConnected diff --git a/p2p/server_test.go b/p2p/server_test.go index 3e3fd6cc0..b48361235 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -102,7 +102,7 @@ func TestServerDial(t *testing.T) { // tell the server to connect tcpAddr := listener.Addr().(*net.TCPAddr) - srv.trustDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} + srv.staticDial <- &discover.Node{IP: tcpAddr.IP, TCPPort: tcpAddr.Port} select { case conn := <-accepted: @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false, nil) + _, err = setupConn(conn, key, hs, srv.Self(), false) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -219,6 +219,7 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +/* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { defer testlog(t).detach() @@ -250,7 +251,7 @@ func TestServerTrustedPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started @@ -269,7 +270,7 @@ func TestServerTrustedPeers(t *testing.T) { defer conn.Close() shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} - if _, err = setupConn(conn, key, shake, server.Self(), false, nil); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { t.Fatalf("trusted node: unexpected error: %v", err) } select { @@ -280,6 +281,7 @@ func TestServerTrustedPeers(t *testing.T) { t.Fatalf("trusted node timeout") } } +*/ func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() -- cgit From e82ddd9198f6c26f9aeba603d2e0fadd5a60bf96 Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Thu, 30 Apr 2015 19:34:33 +0300 Subject: p2p: correct a leftover trusted -> static --- p2p/server.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'p2p') diff --git a/p2p/server.go b/p2p/server.go index 091bf0b2a..546b22744 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -18,9 +18,9 @@ import ( ) const ( - defaultDialTimeout = 10 * time.Second - refreshPeersInterval = 30 * time.Second - trustedPeerCheckInterval = 15 * time.Second + defaultDialTimeout = 10 * time.Second + refreshPeersInterval = 30 * time.Second + staticPeerCheckInterval = 15 * time.Second // This is the maximum number of inbound connection // that are allowed to linger between 'accepted' and @@ -345,7 +345,7 @@ func (srv *Server) listenLoop() { // staticNodesLoop is responsible for periodically checking that static // connections are actually live, and requests dialing if not. func (srv *Server) staticNodesLoop() { - tick := time.Tick(trustedPeerCheckInterval) + tick := time.Tick(staticPeerCheckInterval) for { select { case <-srv.quit: -- cgit From 54db54931e10c37a6ef2cd3fca36a875b02140c4 Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Mon, 4 May 2015 13:08:42 +0300 Subject: p2p: add static node dialing test --- p2p/server.go | 33 ++++++++++++-------- p2p/server_test.go | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+), 13 deletions(-) (limited to 'p2p') diff --git a/p2p/server.go b/p2p/server.go index 546b22744..3099190b6 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -100,11 +100,12 @@ type Server struct { ourHandshake *protoHandshake - lock sync.RWMutex // protects running, peers and the trust fields - running bool - peers map[discover.NodeID]*Peer - statics map[discover.NodeID]*discover.Node // Map of currently static remote nodes - staticDial chan *discover.Node // Dial request channel reserved for the static nodes + lock sync.RWMutex // protects running, peers and the trust fields + running bool + peers map[discover.NodeID]*Peer + staticNodes map[discover.NodeID]*discover.Node // Map of currently maintained static remote nodes + staticDial chan *discover.Node // Dial request channel reserved for the static nodes + staticCycle time.Duration // Overrides staticPeerCheckInterval, used for testing ntab *discover.Table listener net.Listener @@ -144,7 +145,7 @@ func (srv *Server) AddPeer(node *discover.Node) { srv.lock.Lock() defer srv.lock.Unlock() - srv.statics[node.ID] = node + srv.staticNodes[node.ID] = node } // Broadcast sends an RLP-encoded message to all connected peers. @@ -207,9 +208,9 @@ func (srv *Server) Start() (err error) { srv.peers = make(map[discover.NodeID]*Peer) // Create the current trust map, and the associated dialing channel - srv.statics = make(map[discover.NodeID]*discover.Node) + srv.staticNodes = make(map[discover.NodeID]*discover.Node) for _, node := range srv.StaticNodes { - srv.statics[node.ID] = node + srv.staticNodes[node.ID] = node } srv.staticDial = make(chan *discover.Node) @@ -345,17 +346,23 @@ func (srv *Server) listenLoop() { // staticNodesLoop is responsible for periodically checking that static // connections are actually live, and requests dialing if not. func (srv *Server) staticNodesLoop() { - tick := time.Tick(staticPeerCheckInterval) + // Create a default maintenance ticker, but override it requested + cycle := staticPeerCheckInterval + if srv.staticCycle != 0 { + cycle = srv.staticCycle + } + tick := time.NewTicker(cycle) + for { select { case <-srv.quit: return - case <-tick: + case <-tick.C: // Collect all the non-connected static nodes needed := []*discover.Node{} srv.lock.RLock() - for id, node := range srv.statics { + for id, node := range srv.staticNodes { if _, ok := srv.peers[id]; !ok { needed = append(needed, node) } @@ -473,7 +480,7 @@ func (srv *Server) startPeer(fd net.Conn, dest *discover.Node) { srv.lock.RLock() atcap := len(srv.peers) == srv.MaxPeers if dest != nil { - if _, ok := srv.statics[dest.ID]; ok { + if _, ok := srv.staticNodes[dest.ID]; ok { atcap = false } } @@ -536,7 +543,7 @@ func (srv *Server) addPeer(id discover.NodeID, p *Peer) (bool, DiscReason) { // in the pool, or if it's of no use. func (srv *Server) checkPeer(id discover.NodeID) (bool, DiscReason) { // First up, figure out if the peer is static - _, static := srv.statics[id] + _, static := srv.staticNodes[id] // Make sure the peer passes all required checks switch { diff --git a/p2p/server_test.go b/p2p/server_test.go index b48361235..606fa9386 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -219,6 +219,94 @@ func TestServerDisconnectAtCap(t *testing.T) { } } +// Tests that static peers are (re)connected, and done so even above max peers. +func TestServerStaticPeers(t *testing.T) { + defer testlog(t).detach() + + // Create a test server with limited connection slots + started := make(chan *Peer) + server := &Server{ + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + newPeerHook: func(p *Peer) { started <- p }, + staticCycle: time.Second, + } + if err := server.Start(); err != nil { + t.Fatal(err) + } + defer server.Stop() + + // Fill up all the slots on the server + dialer := &net.Dialer{Deadline: time.Now().Add(3 * time.Second)} + for i := 0; i < server.MaxPeers; i++ { + // Establish a new connection + conn, err := dialer.Dial("tcp", server.ListenAddr) + if err != nil { + t.Fatalf("conn %d: dial error: %v", i, err) + } + defer conn.Close() + + // Run the handshakes just like a real peer would, and wait for completion + key := newkey() + shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} + if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + t.Fatalf("conn %d: unexpected error: %v", i, err) + } + <-started + } + // Open a TCP listener to accept static connections + listener, err := net.Listen("tcp", "127.0.0.1:0") + if err != nil { + t.Fatalf("failed to setup listener: %v", err) + } + defer listener.Close() + + connected := make(chan net.Conn) + go func() { + for i := 0; i < 3; i++ { + conn, err := listener.Accept() + if err == nil { + connected <- conn + } + } + }() + // Inject a static node and wait for a remote dial, then redial, then nothing + addr := listener.Addr().(*net.TCPAddr) + static := &discover.Node{ + ID: discover.PubkeyID(&newkey().PublicKey), + IP: addr.IP, + TCPPort: addr.Port, + } + server.AddPeer(static) + + select { + case conn := <-connected: + // Close the first connection, expect redial + conn.Close() + + case <-time.After(2 * server.staticCycle): + t.Fatalf("remote dial timeout") + } + + select { + case conn := <-connected: + // Keep the second connection, don't expect redial + defer conn.Close() + + case <-time.After(2 * server.staticCycle): + t.Fatalf("remote re-dial timeout") + } + + select { + case <-time.After(2 * server.staticCycle): + // Timeout as no dial occurred + + case <-connected: + t.Fatalf("connected node dialed") + } +} + /* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { -- cgit From 4accc187d5cf6a100d6c10c0e0f35780f52871a0 Mon Sep 17 00:00:00 2001 From: Péter Szilágyi Date: Mon, 4 May 2015 13:59:51 +0300 Subject: eth, p2p: add trusted node list beside static list --- p2p/handshake.go | 14 +++++++------- p2p/handshake_test.go | 4 ++-- p2p/server.go | 32 +++++++++++++++++++++----------- p2p/server_test.go | 36 +++++++++++++++++------------------- 4 files changed, 47 insertions(+), 39 deletions(-) (limited to 'p2p') diff --git a/p2p/handshake.go b/p2p/handshake.go index 79395f23f..8e611cfd5 100644 --- a/p2p/handshake.go +++ b/p2p/handshake.go @@ -70,21 +70,21 @@ type protoHandshake struct { // If dial is non-nil, the connection the local node is the initiator. // If atcap is true, the connection will be disconnected with DiscTooManyPeers // after the key exchange. -func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trusted map[discover.NodeID]bool) (*conn, error) { if dial == nil { - return setupInboundConn(fd, prv, our, atcap) + return setupInboundConn(fd, prv, our, atcap, trusted) } else { - return setupOutboundConn(fd, prv, our, dial, atcap) + return setupOutboundConn(fd, prv, our, dial, atcap, trusted) } } -func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool) (*conn, error) { +func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool, trusted map[discover.NodeID]bool) (*conn, error) { secrets, err := receiverEncHandshake(fd, prv, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trusted[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } @@ -99,13 +99,13 @@ func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, a return &conn{rw, rhs}, nil } -func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trusted map[discover.NodeID]bool) (*conn, error) { secrets, err := initiatorEncHandshake(fd, prv, dial.ID, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trusted[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } diff --git a/p2p/handshake_test.go b/p2p/handshake_test.go index c22af7a9c..5e63e5c39 100644 --- a/p2p/handshake_test.go +++ b/p2p/handshake_test.go @@ -143,7 +143,7 @@ func TestSetupConn(t *testing.T) { done := make(chan struct{}) go func() { defer close(done) - conn0, err := setupConn(fd0, prv0, hs0, node1, false) + conn0, err := setupConn(fd0, prv0, hs0, node1, false, nil) if err != nil { t.Errorf("outbound side error: %v", err) return @@ -156,7 +156,7 @@ func TestSetupConn(t *testing.T) { } }() - conn1, err := setupConn(fd1, prv1, hs1, nil, false) + conn1, err := setupConn(fd1, prv1, hs1, nil, false, nil) if err != nil { t.Fatalf("inbound side error: %v", err) } diff --git a/p2p/server.go b/p2p/server.go index 3099190b6..959d61284 100644 --- a/p2p/server.go +++ b/p2p/server.go @@ -64,6 +64,10 @@ type Server struct { // maintained and re-connected on disconnects. StaticNodes []*discover.Node + // Trusted nodes are used as pre-configured connections which are always + // allowed to connect, even above the peer limit. + TrustedNodes []*discover.Node + // NodeDatabase is the path to the database containing the previously seen // live nodes in the network. NodeDatabase string @@ -100,12 +104,13 @@ type Server struct { ourHandshake *protoHandshake - lock sync.RWMutex // protects running, peers and the trust fields - running bool - peers map[discover.NodeID]*Peer - staticNodes map[discover.NodeID]*discover.Node // Map of currently maintained static remote nodes - staticDial chan *discover.Node // Dial request channel reserved for the static nodes - staticCycle time.Duration // Overrides staticPeerCheckInterval, used for testing + lock sync.RWMutex // protects running, peers and the trust fields + running bool + peers map[discover.NodeID]*Peer + staticNodes map[discover.NodeID]*discover.Node // Map of currently maintained static remote nodes + staticDial chan *discover.Node // Dial request channel reserved for the static nodes + staticCycle time.Duration // Overrides staticPeerCheckInterval, used for testing + trustedNodes map[discover.NodeID]bool // Set of currently trusted remote nodes ntab *discover.Table listener net.Listener @@ -115,7 +120,7 @@ type Server struct { peerWG sync.WaitGroup // active peer goroutines } -type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool) (*conn, error) +type setupFunc func(net.Conn, *ecdsa.PrivateKey, *protoHandshake, *discover.Node, bool, map[discover.NodeID]bool) (*conn, error) type newPeerHook func(*Peer) // Peers returns all connected peers. @@ -207,7 +212,11 @@ func (srv *Server) Start() (err error) { srv.quit = make(chan struct{}) srv.peers = make(map[discover.NodeID]*Peer) - // Create the current trust map, and the associated dialing channel + // Create the current trust maps, and the associated dialing channel + srv.trustedNodes = make(map[discover.NodeID]bool) + for _, node := range srv.TrustedNodes { + srv.trustedNodes[node.ID] = true + } srv.staticNodes = make(map[discover.NodeID]*discover.Node) for _, node := range srv.StaticNodes { srv.staticNodes[node.ID] = node @@ -486,7 +495,7 @@ func (srv *Server) startPeer(fd net.Conn, dest *discover.Node) { } srv.lock.RUnlock() - conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap) + conn, err := srv.setupFunc(fd, srv.PrivateKey, srv.ourHandshake, dest, atcap, srv.trustedNodes) if err != nil { fd.Close() glog.V(logger.Debug).Infof("Handshake with %v failed: %v", fd.RemoteAddr(), err) @@ -542,14 +551,15 @@ func (srv *Server) addPeer(id discover.NodeID, p *Peer) (bool, DiscReason) { // checkPeer verifies whether a peer looks promising and should be allowed/kept // in the pool, or if it's of no use. func (srv *Server) checkPeer(id discover.NodeID) (bool, DiscReason) { - // First up, figure out if the peer is static + // First up, figure out if the peer is static or trusted _, static := srv.staticNodes[id] + trusted := srv.trustedNodes[id] // Make sure the peer passes all required checks switch { case !srv.running: return false, DiscQuitting - case !static && len(srv.peers) >= srv.MaxPeers: + case !static && !trusted && len(srv.peers) >= srv.MaxPeers: return false, DiscTooManyPeers case srv.peers[id] != nil: return false, DiscAlreadyConnected diff --git a/p2p/server_test.go b/p2p/server_test.go index 606fa9386..5ee9c5ceb 100644 --- a/p2p/server_test.go +++ b/p2p/server_test.go @@ -22,7 +22,7 @@ func startTestServer(t *testing.T, pf newPeerHook) *Server { ListenAddr: "127.0.0.1:0", PrivateKey: newkey(), newPeerHook: pf, - setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { + setupFunc: func(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trusted map[discover.NodeID]bool) (*conn, error) { id := randomID() rw := newRlpxFrameRW(fd, secrets{ MAC: zero16, @@ -200,7 +200,7 @@ func TestServerDisconnectAtCap(t *testing.T) { // Run the handshakes just like a real peer would. key := newkey() hs := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - _, err = setupConn(conn, key, hs, srv.Self(), false) + _, err = setupConn(conn, key, hs, srv.Self(), false, srv.trustedNodes) if i == nconns-1 { // When handling the last connection, the server should // disconnect immediately instead of running the protocol @@ -250,7 +250,7 @@ func TestServerStaticPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started @@ -307,19 +307,24 @@ func TestServerStaticPeers(t *testing.T) { } } -/* // Tests that trusted peers and can connect above max peer caps. func TestServerTrustedPeers(t *testing.T) { defer testlog(t).detach() + // Create a trusted peer to accept connections from + key := newkey() + trusted := &discover.Node{ + ID: discover.PubkeyID(&key.PublicKey), + } // Create a test server with limited connection slots started := make(chan *Peer) server := &Server{ - ListenAddr: "127.0.0.1:0", - PrivateKey: newkey(), - MaxPeers: 3, - NoDial: true, - newPeerHook: func(p *Peer) { started <- p }, + ListenAddr: "127.0.0.1:0", + PrivateKey: newkey(), + MaxPeers: 3, + NoDial: true, + TrustedNodes: []*discover.Node{trusted}, + newPeerHook: func(p *Peer) { started <- p }, } if err := server.Start(); err != nil { t.Fatal(err) @@ -339,18 +344,12 @@ func TestServerTrustedPeers(t *testing.T) { // Run the handshakes just like a real peer would, and wait for completion key := newkey() shake := &protoHandshake{Version: baseProtocolVersion, ID: discover.PubkeyID(&key.PublicKey)} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("conn %d: unexpected error: %v", i, err) } <-started } - // Inject a trusted node and dial that (we'll connect from this end, don't need IP setup) - key := newkey() - trusted := &discover.Node{ - ID: discover.PubkeyID(&key.PublicKey), - } - server.AddPeer(trusted) - + // Dial from the trusted peer, ensure connection is accepted conn, err := dialer.Dial("tcp", server.ListenAddr) if err != nil { t.Fatalf("trusted node: dial error: %v", err) @@ -358,7 +357,7 @@ func TestServerTrustedPeers(t *testing.T) { defer conn.Close() shake := &protoHandshake{Version: baseProtocolVersion, ID: trusted.ID} - if _, err = setupConn(conn, key, shake, server.Self(), false); err != nil { + if _, err = setupConn(conn, key, shake, server.Self(), false, server.trustedNodes); err != nil { t.Fatalf("trusted node: unexpected error: %v", err) } select { @@ -369,7 +368,6 @@ func TestServerTrustedPeers(t *testing.T) { t.Fatalf("trusted node timeout") } } -*/ func newkey() *ecdsa.PrivateKey { key, err := crypto.GenerateKey() -- cgit