prysm-pulse/shared/p2p/options.go

package p2p

import (
	"fmt"
	"io/ioutil"
	"net"
	"os"

	"github.com/libp2p/go-libp2p"
	crypto "github.com/libp2p/go-libp2p-crypto"
	peer "github.com/libp2p/go-libp2p-peer"
	filter "github.com/libp2p/go-maddr-filter"
	ma "github.com/multiformats/go-multiaddr"
	"github.com/prysmaticlabs/prysm/shared/iputils"
)

// buildOptions for the libp2p host.
// TODO(287): Expand on these options and provide the option configuration via flags.
func buildOptions(cfg *ServerConfig) []libp2p.Option {

	ip, err := iputils.ExternalIPv4()
	if err != nil {
		log.Errorf("Could not get IPv4 address: %v", err)
	}

	listen, err := ma.NewMultiaddr(fmt.Sprintf("/ip4/%s/tcp/%d", ip, cfg.Port))
	if err != nil {
		log.Errorf("Failed to p2p listen: %v", err)
	}

	options := []libp2p.Option{
		libp2p.ListenAddrs(listen),
		libp2p.EnableRelay(), // Allows dialing to peers via relay.
		optionConnectionManager(cfg.MaxPeers),
		whitelistSubnet(cfg.WhitelistCIDR),
		privKey(cfg.PrvKey),
	}

	if cfg.EnableUPnP {
		options = append(options, libp2p.NATPortMap()) //Allow to use UPnP
	}

	return options
}

// whitelistSubnet adds a whitelist multiaddress filter for a given CIDR subnet.
// Example: 192.168.0.0/16 may be used to accept only connections on your local
// network.
func whitelistSubnet(cidr string) libp2p.Option {
	if cidr == "" {
		return func(_ *libp2p.Config) error {
			return nil
		}
	}

	return func(cfg *libp2p.Config) error {
		_, ipnet, err := net.ParseCIDR(cidr)
		if err != nil {
			return err
		}

		if cfg.Filters == nil {
			cfg.Filters = filter.NewFilters()
		}
		cfg.Filters.AddFilter(*ipnet, filter.ActionAccept)

		return nil
	}
}

// Adds a private key to the libp2p option if the option was provided.
// If the private key file is missing or cannot be read, or if the
// private key contents cannot be marshaled, an exception is thrown.
func privKey(prvKey string) libp2p.Option {
	if prvKey == "" {
		return func(_ *libp2p.Config) error {
			return nil
		}
	}

	return func(cfg *libp2p.Config) error {
		if _, err := os.Stat(prvKey); os.IsNotExist(err) {
			log.WithField("private key file", prvKey).Warn("Could not read private key, file is missing or unreadable")
			return err
		}
		bytes, err := ioutil.ReadFile(prvKey)
		if err != nil {
			log.WithError(err).Error("Error reading private key from file")
			return err
		}
		keyBytes, err := crypto.ConfigDecodeKey(string(bytes))
		if err != nil {
			log.WithError(err).Error("Error decoding private key")
			return err
		}
		key, err := crypto.UnmarshalPrivateKey(keyBytes)
		if err != nil {
			log.WithError(err).Error("Error unmarshalling private key")
			return err
		}
		pubKey, err := peer.IDFromPrivateKey(key)

		if err != nil {
			log.Errorf("Could not print public key: %v", err)
			return err
		}
		log.WithField("public key", pubKey.Pretty()).Info("Private key loaded. Announcing public key.")

		return cfg.Apply(libp2p.Identity(key))
	}
}
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00			`package p2p`

			`import (`
			`"fmt"`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00			`"io/ioutil"`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`"net"`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00			`"os"`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00
"Super sync" and naive p2p reputation (#2550) * checkpoint on super sync with reputation * ensure handling only expected peers msg * exclusive of finalized block * skip block saved already * clean up struct * remove 2 more fields * _ * everything builds, but doesnt test yet * lint * fix p2p tests * space * space * space * fmt * fmt 2019-05-09 21:02:24 +00:00			`"github.com/libp2p/go-libp2p"`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00			`crypto "github.com/libp2p/go-libp2p-crypto"`
			`peer "github.com/libp2p/go-libp2p-peer"`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`filter "github.com/libp2p/go-maddr-filter"`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00			`ma "github.com/multiformats/go-multiaddr"`
k8s: Kubernetes - Part 2 of ?? (#401) 2018-08-14 16:16:21 +00:00			`"github.com/prysmaticlabs/prysm/shared/iputils"`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00			`)`

			`// buildOptions for the libp2p host.`
format and cleanup some TODOs (#544) 2018-09-20 04:14:31 +00:00			`// TODO(287): Expand on these options and provide the option configuration via flags.`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`func buildOptions(cfg *ServerConfig) []libp2p.Option {`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00
k8s: Kubernetes - Part 2 of ?? (#401) 2018-08-14 16:16:21 +00:00			`ip, err := iputils.ExternalIPv4()`
			`if err != nil {`
			`log.Errorf("Could not get IPv4 address: %v", err)`
			`}`

Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`listen, err := ma.NewMultiaddr(fmt.Sprintf("/ip4/%s/tcp/%d", ip, cfg.Port))`
Add Security Linter: gosec (#343) 2018-07-29 00:44:24 +00:00			`if err != nil {`
			`log.Errorf("Failed to p2p listen: %v", err)`
			`}`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00
Added the 'enable-upnp' flag to the list of command line args (#2860) * Added the 'enable-upnp' flag to the list of supported command line arguments. If the user specifies this feature flag (adds --enable-upnp as an argument) - the Beacon-chain and Validator services, when started, will initialize libp2p with the UPNP options. * Added the new arg to usage.go due to test failure * Update shared/p2p/service.go Changed the logging according to Preston's recommendation. Co-Authored-By: Preston Van Loon <preston@prysmaticlabs.com> * Code review changes: 1. File formatting. 2. Command line arg more detailed description. 2019-06-26 19:59:37 +00:00			`options := []libp2p.Option{`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00			`libp2p.ListenAddrs(listen),`
Add support for connecting via relay nodes (#827) * Preliminary support for relay nodes * lint * Add comment, remove TODO * work on relay address factory * dial relay node, if available * forgot new files * fix service registry breakage * added logging * Added a peer count with prometheus * always start mDNS * fix lint 2018-11-25 16:55:02 +00:00			`libp2p.EnableRelay(), // Allows dialing to peers via relay.`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`optionConnectionManager(cfg.MaxPeers),`
			`whitelistSubnet(cfg.WhitelistCIDR),`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00			`privKey(cfg.PrvKey),`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`}`
Added the 'enable-upnp' flag to the list of command line args (#2860) * Added the 'enable-upnp' flag to the list of supported command line arguments. If the user specifies this feature flag (adds --enable-upnp as an argument) - the Beacon-chain and Validator services, when started, will initialize libp2p with the UPNP options. * Added the new arg to usage.go due to test failure * Update shared/p2p/service.go Changed the logging according to Preston's recommendation. Co-Authored-By: Preston Van Loon <preston@prysmaticlabs.com> * Code review changes: 1. File formatting. 2. Command line arg more detailed description. 2019-06-26 19:59:37 +00:00
			`if cfg.EnableUPnP {`
			`options = append(options, libp2p.NATPortMap()) //Allow to use UPnP`
			`}`

			`return options`
Add flag to whitelist certain connections (#2716) 2019-05-28 12:54:49 +00:00			`}`

			`// whitelistSubnet adds a whitelist multiaddress filter for a given CIDR subnet.`
			`// Example: 192.168.0.0/16 may be used to accept only connections on your local`
			`// network.`
			`func whitelistSubnet(cidr string) libp2p.Option {`
			`if cidr == "" {`
			`return func(_ *libp2p.Config) error {`
			`return nil`
			`}`
			`}`

			`return func(cfg *libp2p.Config) error {`
			`_, ipnet, err := net.ParseCIDR(cidr)`
			`if err != nil {`
			`return err`
			`}`

			`if cfg.Filters == nil {`
			`cfg.Filters = filter.NewFilters()`
			`}`
			`cfg.Filters.AddFilter(*ipnet, filter.ActionAccept)`

			`return nil`
sharding: Local networked P2P! (#222) Former-commit-id: d22d05529bb0050b8a03053a28d876e3e458bbff [formerly 284a04699110aa285a42f5b0ad244ca9bd77d2df] Former-commit-id: 83cd9c8a48fb5ce9c57ff8ef6c2b1741a4d05130 2018-07-17 18:39:04 +00:00			`}`
			`}`
expose p2p private key for static peering (#2719) * expose p2p private key for static peering * Review revisions * Use testutil.TempDir() * Use testing.T to report fatal errors 2019-05-29 19:43:23 +00:00
			`// Adds a private key to the libp2p option if the option was provided.`
			`// If the private key file is missing or cannot be read, or if the`
			`// private key contents cannot be marshaled, an exception is thrown.`
			`func privKey(prvKey string) libp2p.Option {`
			`if prvKey == "" {`
			`return func(_ *libp2p.Config) error {`
			`return nil`
			`}`
			`}`

			`return func(cfg *libp2p.Config) error {`
			`if _, err := os.Stat(prvKey); os.IsNotExist(err) {`
			`log.WithField("private key file", prvKey).Warn("Could not read private key, file is missing or unreadable")`
			`return err`
			`}`
			`bytes, err := ioutil.ReadFile(prvKey)`
			`if err != nil {`
			`log.WithError(err).Error("Error reading private key from file")`
			`return err`
			`}`
			`keyBytes, err := crypto.ConfigDecodeKey(string(bytes))`
			`if err != nil {`
			`log.WithError(err).Error("Error decoding private key")`
			`return err`
			`}`
			`key, err := crypto.UnmarshalPrivateKey(keyBytes)`
			`if err != nil {`
			`log.WithError(err).Error("Error unmarshalling private key")`
			`return err`
			`}`
			`pubKey, err := peer.IDFromPrivateKey(key)`

			`if err != nil {`
			`log.Errorf("Could not print public key: %v", err)`
			`return err`
			`}`
			`log.WithField("public key", pubKey.Pretty()).Info("Private key loaded. Announcing public key.")`

			`return cfg.Apply(libp2p.Identity(key))`
			`}`
			`}`