Skip to content
This repository has been archived by the owner on Oct 11, 2024. It is now read-only.

Enforce rate limit on relay addresses #509

Merged
merged 4 commits into from
Nov 7, 2019
Merged

Enforce rate limit on relay addresses #509

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6363e16
Update some libp2p deps
albrow Nov 7, 2019
d6cb376
Enforce bandwidth banning on relay hosts
albrow Nov 7, 2019
5d654ac
Update github.com/libp2p/go-ws-transport
albrow Nov 7, 2019
091c591
Update CHANGELOG
albrow Nov 7, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,13 @@

This changelog is a work in progress and may contain notes for versions which have not actually been released. Check the [Releases](https://github.com/0xProject/0x-mesh/releases) page to see full release notes and more information about the latest released versions.

## v6.0.1-beta

### Bug fixes 🐞

- Fixed an oversight which granted immunity from bandwidth banning for any peer using a relayed connection ([#509](https://github.com/0xProject/0x-mesh/pull/509)).


## v6.0.0-beta

### Breaking changes 🛠
Expand Down
37 changes: 22 additions & 15 deletions Gopkg.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 4 additions & 5 deletions Gopkg.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@

[[constraint]]
name = "github.com/multiformats/go-multiaddr"
version = "0.0.4"
version = "0.1.2"

[[constraint]]
name = "github.com/libp2p/go-libp2p-pubsub"
Expand Down Expand Up @@ -114,14 +114,13 @@
name = "github.com/libp2p/go-libp2p-discovery"
version = "0.1.0"

[[override]]
[[constraint]]
name = "github.com/libp2p/go-ws-transport"
source = "github.com/0xProject/go-ws-transport"
revision = "163cee1e07594cd148a9086cd3cce5f901e4dae9"
revision = "3098bba549e89efc42055199c2dca3d95ac70744"

[[constraint]]
name = "github.com/libp2p/go-libp2p-circuit"
version = "0.1.1"
version = "0.1.2"

[[constraint]]
name = "github.com/libp2p/go-libp2p-swarm"
Expand Down
16 changes: 5 additions & 11 deletions p2p/banner/banner.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ import (
"errors"
"fmt"
"net"
"strings"
"sync"
"time"

Expand Down Expand Up @@ -84,15 +83,10 @@ func (banner *Banner) ProtectIP(maddr ma.Multiaddr) error {
func (banner *Banner) BanIP(maddr ma.Multiaddr) error {
ipNet, err := ipNetFromMaddr(maddr)
if err != nil {
// HACK(albrow) relay addresses don't include the full transport address
// (IP, port, etc) for older versions of libp2p-circuit. (See
// https://github.com/libp2p/go-libp2p/issues/723). As a temporary
// workaround, we no-op for relayed connections. We can remove this after
// updating our bootstrap nodes to the latest version. We detect relay
// addresses by looking for the /ipfs prefix.
if strings.HasPrefix(maddr.String(), "/ipfs") {
return nil
}
log.WithFields(log.Fields{
"error": err.Error(),
"maddr": maddr.String(),
}).Error("could not get IP address from multiaddress")
return err
}
banner.protectedIPsMut.RLock()
Expand Down Expand Up @@ -203,7 +197,7 @@ func (banner *Banner) CheckBandwidthUsage() {
"remoteMultiaddr": conn.RemoteMultiaddr().String(),
"rateIn": stats.RateIn,
"maxBytesPerSecond": banner.config.MaxBytesPerSecond,
}).Trace("would ban IP/multiaddress due to high bandwidth usage")
}).Error("banning IP/multiaddress due to high bandwidth usage")
}
// Banning the IP doesn't close the connection, so we do that
// separately. ClosePeer closes all connections to the given peer.
Expand Down
58 changes: 58 additions & 0 deletions p2p/banner/banner_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
package banner

import (
"net"
"testing"

ma "github.com/multiformats/go-multiaddr"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

func TestIPNetFromMaddr(t *testing.T) {
testCases := []struct {
maddr ma.Multiaddr
expected net.IPNet
}{
{
maddr: newMaddr(t, "/ip4/159.65.4.82/tcp/60558"),
expected: net.IPNet{
IP: net.IP{0x9f, 0x41, 0x4, 0x52},
Mask: ipv4AllMask,
},
},
{
maddr: newMaddr(t, "/ip4/159.65.4.82/tcp/60558/ipfs/16Uiu2HAm9brLYhoM1wCTRtGRR7ZqXhk8kfEt6a2rSFSZpeV8eB7L/p2p-circuit"),
expected: net.IPNet{
IP: net.IP{0x9f, 0x41, 0x4, 0x52},
Mask: ipv4AllMask,
},
},
{
maddr: newMaddr(t, "/ip6/fe80:cd00:0000:0cde:1257:0000:211e:729c/tcp/60558"),
expected: net.IPNet{
IP: net.IP{0xfe, 0x80, 0xcd, 0x0, 0x0, 0x0, 0xc, 0xde, 0x12, 0x57, 0x0, 0x0, 0x21, 0x1e, 0x72, 0x9c},
Mask: ipv6AllMask,
},
},
{
maddr: newMaddr(t, "/ip6/fe80:cd00:0000:0cde:1257:0000:211e:729c/tcp/60558/ipfs/16Uiu2HAm9brLYhoM1wCTRtGRR7ZqXhk8kfEt6a2rSFSZpeV8eB7L/p2p-circuit"),
expected: net.IPNet{
IP: net.IP{0xfe, 0x80, 0xcd, 0x0, 0x0, 0x0, 0xc, 0xde, 0x12, 0x57, 0x0, 0x0, 0x21, 0x1e, 0x72, 0x9c},
Mask: ipv6AllMask,
},
},
}

for i, tc := range testCases {
actual, err := ipNetFromMaddr(tc.maddr)
require.NoError(t, err, "test case %d (%s)", i, tc.maddr.String())
assert.Equal(t, tc.expected, actual, "test case %d (%s)", i, tc.maddr.String())
}
}

func newMaddr(t *testing.T, s string) ma.Multiaddr {
maddr, err := ma.NewMultiaddr(s)
require.NoError(t, err)
return maddr
}