p2p: rejected inbound connections aren't closed, cause fd leak

[ebuchman]

Issue was discovered by a security auditor.

We don't close inbound connection objects when we reject them for max peers:

tendermint/p2p/switch.go

Lines 487 to 500 in 05a76fb

	func (sw *Switch) listenerRoutine(l Listener) {
	for {
	inConn, ok := <-l.Connections()
	if !ok {
	break
	}
	// ignore connection if we already have enough
	// leave room for MinNumOutboundPeers
	maxPeers := sw.config.MaxNumPeers - DefaultMinNumOutboundPeers
	if maxPeers <= sw.peers.Size() {
	sw.Logger.Info("Ignoring inbound connection: already have enough peers", "address", inConn.RemoteAddr().String(), "numPeers", sw.peers.Size(), "max", maxPeers)
	continue
	}

This can be easily exploited to cause nodes to panic from use of too many file descriptors (and may partially explain some of the high fd usage we've been seeing on testnets).

[xla]

Related to #2006

[ebuchman]

Issue is fixed in 359898d from #2056 and released in v0.22.6 but reopening as we should have better testing for this.

Perhaps will be addressed in #2006 and related

[xla]

#2006 is now #2067

[ebuchman]

Closing for #2067