feat(network): verify chain id during protocol handshake (#406)

* feat(network): add chain id identification to identify protocol * feat(network): discovery protocol require identification procedure Discovery protocol will wait identification result in identify protocol before accept multiaddrs from remote session. * fix(network): remove wrong dep crate * fix(network): discovery protocol compilation * feat(network): set_chain_id fn * chore(network): disable_chain_id_check feature for trust metric tests * fix(network): clippy warnings * fix: trust metric integrate test * Revert "feat(network): discovery protocol require identification procedure" This reverts commit 7570083. * chore(network): remove identify protocol usage in discovery protocol * feat(network): expose wait_identified fn from identify protocol * feat(network): implement new UnidentifiedSession in PeerManagerEvent * feat(network): open other protocols after session identified * feat(network): if session is unidentified, close discovery protocol * fix(network): compilation failed * fix(network): unidentified session isn't removed on disconnected * fix(network): SessionInfoNotFound error * change(network): dail identify protocol first * change(network): open protocols from client side * refactor(network): identify protocol Client must wait an ack message before open other protocols * fix(network): clippy warnings * chore * fix: try fix trust metric test * fix(network): trust metric integrated test failed * fix(trust_metric_test): use random generate seckey for full node network Since identify protocol use lazy static HashMap, we need different peer id for each test. * refactor(network): identify protocol * feat(network): set up a timeout check for peer protocol open state * feat(network): more detailed warn message * test(network): add chain id verification integrated test * chore(network): remove unused debug log * feat(network): implement session pre-check for unidentified session So that we can reject an new session earlier * fix(network): IdentifyProtocol always insert new identification * fix(network): clippy warnings * feat(network): limit message size in identify protocol * feat(network): add FailedWithExceedMsgSize state * refactor(network): validate identify message before finish identify * fix: clippy warnings * test(network): add one identify unit test * test(network): more identify unit tests * test(network): more identify unit tests * test(network): identify protocol unit tests * test(network): add UnidentifiedSession event tests * fix(network): unused warnings in cfg(test) * test(network): add identify protocol disconnected test * fix(network): unused warnings * chore: format code * fix(network): clippy warnings * change!(network): bump identify protocol version * change(network): transmitter protocol should also check session state If session is not accepted, should close protocol stream instead.
nervosnetwork · Aug 12, 2020 · e678e92 · e678e92
1 parent 0322cd6
commit e678e92
Show file tree

Hide file tree

Showing 40 changed files with 2,763 additions and 521 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -94,6 +94,11 @@ name = "trust_metric"
 path = "tests/trust_metric.rs"
 required-features = [ "core-network/diagnostic" ]
 
+[[test]]
+name = "verify_chain_id"
+path = "tests/verify_chain_id.rs"
+required-features = [ "core-network/diagnostic" ]
+
 [[bench]]
 name = "bench_execute"
 path = "benchmark/mod.rs"
diff --git a/core/network/src/connection/keeper.rs b/core/network/src/connection/keeper.rs
@@ -222,9 +222,9 @@ impl ServiceHandle for ConnectionServiceKeeper {
                 let pid = pubkey.peer_id();
                 #[cfg(test)]
                 let session_context = SessionContext::from(session_context).arced();
-                let new_peer_session = PeerManagerEvent::NewSession { pid, pubkey, ctx: session_context };
+                let new_unidentified_session = PeerManagerEvent::UnidentifiedSession { pid, pubkey, ctx: session_context };
 
-                self.report_peer(new_peer_session);
+                self.report_peer(new_unidentified_session);
             }
             ServiceEvent::SessionClose { session_context } => {
                 let pid = peer_pubkey!(&session_context).peer_id();

diff --git a/core/network/src/event.rs b/core/network/src/event.rs
@@ -135,6 +135,19 @@ pub enum PeerManagerEvent {
         ctx:    Arc<SessionContext>,
     },
 
+    #[display(
+        fmt = "unidentified session {} peer {:?} addr {} ty {:?}",
+        "ctx.id",
+        pid,
+        "ctx.address",
+        "ctx.ty"
+    )]
+    UnidentifiedSession {
+        pid:    PeerId,
+        pubkey: PublicKey,
+        ctx:    Arc<SessionContext>,
+    },
+
     #[display(fmt = "repeated connection type {} session {} addr {}", ty, sid, addr)]
     RepeatedConnection {
         ty:   ConnectionType,