p2p: Implement PeerTransport

This is the implementation for the design described in ADR 12[0]. It's the first step of a larger refactor of the p2p package as tracked in interface bundling all concerns of low-level connection handling and isolating the rest of peer lifecycle management from the specifics of the low-level internet protocols. Even if the swappable implementation will never be utilised, already the isolation of conn related code in one place will help with the reasoning about execution path and addressation of security sensitive issues surfaced through bounty programs and audits. We deliberately decided to not have Peer filtering and other management in the Transport, its sole responsibility is the translation of connections to Peers, handing those to the caller fully setup. It's the responsibility of the caller to reject those and or keep track. Peer filtering will take place in the Switch and can be inspected in a the following commit. This changeset additionally is an exercise in clean separation of logic and other infrastructural concerns like logging and instrumentation. By leveraging a clean and minimal interface. How this looks can be seen in a follow-up change. Design tendermint#2069[2] Refs tendermint#2067[3] Fixes tendermint#2047[4] Fixes tendermint#2046[5] changes: * describe Transport interface * implement new default Transport: MultiplexTransport * test MultiplexTransport with new constraints * implement ConnSet for concurrent management of net.Conn, synchronous to PeerSet * implement and expose duplicate IP filter * implemnt TransportOption for optional parametirisation [0] https://github.com/tendermint/tendermint/blob/master/docs/architecture/adr-012-peer-transport.md [1] tendermint#2067 [2] tendermint#2069 [3] tendermint#2067 [4] tendermint#2047 [5] tendermint#2046
mslipper · Sep 18, 2018 · be5d68e · be5d68e
1 parent 89462c5
commit be5d68e
Show file tree

Hide file tree

Showing 3 changed files with 1,203 additions and 0 deletions.
diff --git a/p2p/conn_set.go b/p2p/conn_set.go
@@ -0,0 +1,73 @@
+package p2p
+
+import (
+	"net"
+	"sync"
+)
+
+// ConnSet is a lookup table for connections and all their ips.
+type ConnSet interface {
+	Has(net.Conn) bool
+	HasIP(net.IP) bool
+	Set(net.Conn, []net.IP)
+	Remove(net.Conn)
+}
+
+type connSetItem struct {
+	conn net.Conn
+	ips  []net.IP
+}
+
+type connSet struct {
+	sync.RWMutex
+
+	conns map[string]connSetItem
+}
+
+// NewConnSet returns a ConnSet implementation.
+func NewConnSet() *connSet {
+	return &connSet{
+		conns: map[string]connSetItem{},
+	}
+}
+
+func (cs *connSet) Has(c net.Conn) bool {
+	cs.RLock()
+	defer cs.RUnlock()
+
+	_, ok := cs.conns[c.RemoteAddr().String()]
+
+	return ok
+}
+
+func (cs *connSet) HasIP(ip net.IP) bool {
+	cs.RLock()
+	defer cs.RUnlock()
+
+	for _, c := range cs.conns {
+		for _, known := range c.ips {
+			if known.Equal(ip) {
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
+func (cs *connSet) Remove(c net.Conn) {
+	cs.Lock()
+	defer cs.Unlock()
+
+	delete(cs.conns, c.RemoteAddr().String())
+}
+
+func (cs *connSet) Set(c net.Conn, ips []net.IP) {
+	cs.Lock()
+	defer cs.Unlock()
+
+	cs.conns[c.RemoteAddr().String()] = connSetItem{
+		conn: c,
+		ips:  ips,
+	}
+}