Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

firewall: session-dependent privacy flags #746

Merged
merged 18 commits into from
Apr 30, 2024
Merged

firewall: session-dependent privacy flags #746

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
f030c28
tools: update linter to latest version
bitromortac Apr 25, 2024
7011706
session: fix linter issues
bitromortac Apr 25, 2024
a4c1f59
session: add privacy flag type
bitromortac Nov 10, 2023
1e83df2
session: add privacy flags to session tlvs
bitromortac Nov 10, 2023
cb542a5
firewall+firewalldb: add SessionDB interface
bitromortac Apr 23, 2024
1636bb2
firewall+rules: map with privacy flags
bitromortac Nov 20, 2023
52d0618
firewall+rules: map with privacy flags
bitromortac Nov 20, 2023
c961472
firewall: obfuscate config depending on flags
bitromortac Nov 14, 2023
07bcfe1
firewall: intercept with privacy flags
bitromortac Nov 14, 2023
b02aad3
autopilotserverrpc+litrpc: add privacy flags
bitromortac Mar 6, 2024
76333be
rpcserver: show privacy flags in ListFeatures
bitromortac Mar 6, 2024
460dec1
litrpc: add privacy flags
bitromortac Mar 6, 2024
8248f26
rpcserver: accept and send privacy flags
bitromortac Nov 20, 2023
c352fa0
litcli: add privacy flags to feature registration
bitromortac Apr 15, 2024
9d50ddb
itest: extract newAutopilotLndConn and assertPseudo
bitromortac Nov 24, 2023
ef55e43
itest: add tests for privacy flags
bitromortac Mar 6, 2024
9e20dc4
rpcserver: marshal privacy flags
bitromortac Apr 16, 2024
5129b95
rules+rpcserver: handle unknown rules
bitromortac Apr 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
run:
# timeout for analysis
deadline: 4m
timeout: 4m

build-tags:
- autopilotrpc
Expand Down
6 changes: 5 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,11 @@ ifneq ($(workers),)
LINT_WORKERS = --concurrency=$(workers)
endif

DOCKER_TOOLS = docker run -v $$(pwd):/build litd-tools
DOCKER_TOOLS = docker run \
-v $(shell bash -c "go env GOCACHE || (mkdir -p /tmp/go-cache; echo /tmp/go-cache)"):/tmp/build/.cache \
-v $(shell bash -c "go env GOMODCACHE || (mkdir -p /tmp/go-modcache; echo /tmp/go-modcache)"):/tmp/build/.modcache \
-v $(shell bash -c "mkdir -p /tmp/go-lint-cache; echo /tmp/go-lint-cache"):/root/.cache/golangci-lint \
-v $$(pwd):/build litd-tools

ITEST_TAGS := integration itest $(LND_RELEASE_TAGS)
ITEST_LDFLAGS := $(call make_ldflags, $(ITEST_TAGS))
Expand Down
12 changes: 12 additions & 0 deletions app/src/types/generated/lit-autopilot_pb.d.ts
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

87 changes: 85 additions & 2 deletions app/src/types/generated/lit-autopilot_pb.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 4 additions & 0 deletions app/src/types/generated/lit-sessions_pb.d.ts
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

29 changes: 28 additions & 1 deletion app/src/types/generated/lit-sessions_pb.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions app/src/util/tests/sampleData.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -977,6 +977,7 @@ export const litListSessions: LIT.ListSessionsResponse.AsObject = {
],
],
featureConfigsMap: [['SampleFeature', '{}']],
privacyFlags: '0',
},
{
id: '',
Expand Down Expand Up @@ -1059,6 +1060,7 @@ export const litListSessions: LIT.ListSessionsResponse.AsObject = {
],
],
featureConfigsMap: [['SampleFeature', '{}']],
privacyFlags: '0',
},
],
};
Expand Down
11 changes: 7 additions & 4 deletions autopilotserver/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -362,6 +362,7 @@ func (c *Client) ListFeatures(ctx context.Context) (map[string]*Feature,
Permissions: perms,
Rules: rules,
DefaultConfig: feature.DefaultConfig,
PrivacyFlags: feature.PrivacyFlags,
}
}

Expand All @@ -378,11 +379,12 @@ func (c *Client) ListFeatures(ctx context.Context) (map[string]*Feature,
// Note: this is part of the Autopilot interface.
func (c *Client) RegisterSession(ctx context.Context, pubKey *btcec.PublicKey,
mailboxAddr string, devServer bool, featureConf map[string][]byte,
groupKey *btcec.PublicKey, linkSig []byte) (*btcec.PublicKey, error) {
groupKey *btcec.PublicKey, linkSig []byte,
privacyFlags uint64) (*btcec.PublicKey, error) {

remotePub, err := c.registerSession(
ctx, pubKey, mailboxAddr, devServer, featureConf,
groupKey, linkSig,
groupKey, linkSig, privacyFlags,
)
if err != nil {
log.Errorf("unsuccessful registration of session %x",
Expand Down Expand Up @@ -428,8 +430,8 @@ func (c *Client) trackClient(pubKey *btcec.PublicKey) {
// public key with the autopilot server.
func (c *Client) registerSession(ctx context.Context, pubKey *btcec.PublicKey,
mailboxAddr string, devServer bool, featureConfig map[string][]byte,
groupLocalPub *btcec.PublicKey, linkSig []byte) (*btcec.PublicKey,
error) {
groupLocalPub *btcec.PublicKey, linkSig []byte,
privacyFlags uint64) (*btcec.PublicKey, error) {

client, cleanup, err := c.getClientConn()
if err != nil {
Expand All @@ -452,6 +454,7 @@ func (c *Client) registerSession(ctx context.Context, pubKey *btcec.PublicKey,
LndVersion: marshalVersion(c.cfg.LndVersion),
GroupResponderKey: groupKey,
GroupResponderSig: linkSig,
PrivacyFlags: privacyFlags,
},
)
if err != nil {
Expand Down
4 changes: 3 additions & 1 deletion autopilotserver/client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,9 @@ func TestAutopilotClient(t *testing.T) {
require.ErrorContains(t, err, "no such client")

// Register the client.
_, err = client.RegisterSession(ctx, pubKey, "", false, nil, nil, nil)
_, err = client.RegisterSession(
ctx, pubKey, "", false, nil, nil, nil, 0,
)
require.NoError(t, err)

// Assert that the server sees the new client and has it in the Active
Expand Down
5 changes: 4 additions & 1 deletion autopilotserver/interface.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ type Autopilot interface {
RegisterSession(ctx context.Context, pubKey *btcec.PublicKey,
mailboxAddr string, devServer bool,
featureConf map[string][]byte, linkedGroupKey *btcec.PublicKey,
linkSig []byte) (*btcec.PublicKey, error)
linkSig []byte, privacyFlags uint64) (*btcec.PublicKey, error)

// ActivateSession attempts to inform the autopilot server that the
// given session is still active. After this is called, the autopilot
Expand Down Expand Up @@ -73,6 +73,9 @@ type Feature struct {
// represents the default configuration we can use if the user doesn't
// specify any.
DefaultConfig []byte

// PrivacyFlags is a list of privacy flags that the feature requires.
PrivacyFlags uint64
}

// RuleValues holds the default value along with the sane max and min values
Expand Down
Loading
Loading