p2p: prevent connections from same ip#1520
Conversation
p2p/peer_set.go
Outdated
| func (ps *PeerSet) Remove(peer Peer) { | ||
| ps.mtx.Lock() | ||
| defer ps.mtx.Unlock() | ||
| delete(ps.lookupIP[peer.RemoteIP()]) |
p2p/peer_set.go
Outdated
|
|
||
| // HasIP returns true iff the PeerSet contains | ||
| // the peer referred to by this IP address. | ||
| func (ps *PeerSet) HasIP(peerIP string) bool { |
There was a problem hiding this comment.
maybe we should use net.IP here?
xla
left a comment
There was a problem hiding this comment.
Does this mean we have to overhaul the majority of our switch tets, as we use netpipe excessively which reports pipe as the remote addr?
p2p/peer_set.go
Outdated
|
|
||
| // HasIP returns true iff the PeerSet contains | ||
| // the peer referred to by this IP address. | ||
| func (ps *PeerSet) HasIP(peerIP string) bool { |
| func (pc peerConn) RemoteIP() string { | ||
| host, _, err := net.SplitHostPort(pc.conn.RemoteAddr().String()) | ||
| if err != nil { | ||
| panic(err) |
p2p/peer.go
Outdated
| } | ||
|
|
||
| // Return the IP from the connection RemoteAddr | ||
| func (pc peerConn) RemoteIP() string { |
There was a problem hiding this comment.
If we truly want to return an ip address I think we should do a lookup in case RemoteAddr() is a dns name.
|
:o same test failure as anton is having in #1574 (comment) |
|
Oh well, here at least presumably it's becuase they all have the same IP, so they disconnect when they realize thaT? |
|
maybe what we need is some kind of "filter" object that we can set that determines what peers we disconnect to ... that way in tests we don't need to apply the same level of filters so we can not worry about connecting to self when we're trying to test something else ... ? |
p2p/switch.go
Outdated
| return err | ||
| } | ||
|
|
||
| // dont connect to multiple peers on the same IP |
| return pc.ips[0] | ||
| } | ||
|
|
||
| if pc.conn == nil || pc.conn.RemoteAddr().String() == "pipe" { |
There was a problem hiding this comment.
is this only nil during test? we should add comment either way that this little section is just for tests.
| return pc.ips[0] | ||
| } | ||
|
|
||
| host, _, err := net.SplitHostPort(pc.conn.RemoteAddr().String()) |
There was a problem hiding this comment.
Does RemoteAddr return host names or only IPs ?
p2p/peer.go
Outdated
| persistent bool | ||
| config *PeerConfig | ||
| conn net.Conn // source connection | ||
| ips []net.IP |
There was a problem hiding this comment.
are you thinking we'll use this for something ? looks like we only ever use the [0]
p2p/switch.go
Outdated
| } | ||
|
|
||
| // check ips for both the connection addr and the self reported addr | ||
| if sw.peers.HasIP(pc.RemoteIP()) { |
There was a problem hiding this comment.
this is the connection address. Maybe we should check the self-reported address from the NodeInfo as well ?
| assert.Equal(t, wantNilErrCount, gotNilErrCount, "invalid nil errCount") | ||
| } | ||
|
|
||
| func TestPeerSetAddDuplicateIP(t *testing.T) { |
|
Looks good. Some minor comments, but mostly just need to address the test issue before merge. Note the test failure here actually has a switch with no peers and makes sense why its not working ( I think ). The fail in #1574 might be different |
|
@ebuchman Thanks for the thorough review. |
2dee41b to
01fd102
Compare
Codecov Report
@@ Coverage Diff @@
## develop #1520 +/- ##
==========================================
+ Coverage 60.62% 63.93% +3.3%
==========================================
Files 115 103 -12
Lines 9971 9571 -400
==========================================
+ Hits 6045 6119 +74
+ Misses 3356 2891 -465
+ Partials 570 561 -9
|
|
LGTM! |
…ndermint#1520) Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.27.0 to 1.27.1. - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](bufbuild/buf-setup-action@v1.27.0...v1.27.1) --- updated-dependencies: - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#1264
TODO: fix and write tests