From e51d907854be63abb4a112abf72540b436f7ffb2 Mon Sep 17 00:00:00 2001
From: Marcin Rataj <lidel@lidel.org>
Date: Tue, 29 Oct 2024 00:22:24 +0100
Subject: [PATCH] fix: p2p-forge/client with newCertmagicConfig

this should fix race condition caused by using certmagic.Default
directly before.
---
 core/node/groups.go                    | 19 +++++++++++++++++--
 core/node/libp2p/addrs.go              | 11 +++--------
 docs/examples/kubo-as-a-library/go.mod |  2 +-
 docs/examples/kubo-as-a-library/go.sum |  4 ++--
 go.mod                                 |  2 +-
 go.sum                                 |  4 ++--
 test/dependencies/go.mod               |  2 +-
 test/dependencies/go.sum               |  4 ++--
 8 files changed, 29 insertions(+), 19 deletions(-)

diff --git a/core/node/groups.go b/core/node/groups.go
index 5cd0fd62448..8339efec554 100644
--- a/core/node/groups.go
+++ b/core/node/groups.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/dustin/go-humanize"
@@ -124,8 +125,22 @@ func LibP2P(bcfg *BuildCfg, cfg *config.Config, userResourceOverrides rcmgr.Part
 			logger.Fatal("Failed to enable `Swarm.RelayClient`, it requires `Swarm.Transports.Network.Relay` to be true.")
 		}
 	}
-	if enableAutoTLS && !cfg.Swarm.Transports.Network.Websocket.WithDefault(true) {
-		logger.Fatal("Failed to enable `Swarm.AutoTLS`, it requires `Swarm.Transports.Network.Websocket` to be true.")
+	if enableAutoTLS {
+		if !cfg.Swarm.Transports.Network.Websocket.WithDefault(true) {
+			logger.Fatal("Failed to enable `Swarm.AutoTLS`, it requires `Swarm.Transports.Network.Websocket` to be true.")
+		}
+
+		wssWildcard := fmt.Sprintf("/tls/sni/*.%s/ws", cfg.Swarm.AutoTLS.DomainSuffix.WithDefault(config.DefaultDomainSuffix))
+		wssWildcardPresent := false
+		for _, listener := range cfg.Addresses.Swarm {
+			if strings.Contains(listener, wssWildcard) {
+				wssWildcardPresent = true
+				break
+			}
+		}
+		if !wssWildcardPresent {
+			logger.Fatal(fmt.Sprintf("Failed to enable `Swarm.AutoTLS`, it requires `Addresses.Swarm` listener matching %q to be present, see https://github.com/ipfs/kubo/blob/master/docs/config.md#swarmautotls", wssWildcard))
+		}
 	}
 
 	// Gather all the options
diff --git a/core/node/libp2p/addrs.go b/core/node/libp2p/addrs.go
index 1692331e180..c4c8bbe090b 100644
--- a/core/node/libp2p/addrs.go
+++ b/core/node/libp2p/addrs.go
@@ -140,13 +140,7 @@ func P2PForgeCertMgr(cfg config.AutoTLS) interface{} {
 		}
 
 		forgeLogger := logging.Logger("autotls").Desugar()
-		// TODO: revisit is below is still needed.
-		// seems that certmagic is written in a way that logs things using default logger
-		// before a custom one is set, this is the only way to ensure we don't lose
-		// early logs such as 'maintenance' and 'obtain' events :-/
-		certmagic.Default.Logger = forgeLogger
-		certmagic.DefaultACME.Logger = forgeLogger
-
+		certStorage := &certmagic.FileStorage{Path: storagePath}
 		certMgr, err := p2pforge.NewP2PForgeCertMgr(
 			p2pforge.WithLogger(forgeLogger.Sugar()),
 			p2pforge.WithForgeDomain(cfg.DomainSuffix.WithDefault(config.DefaultDomainSuffix)),
@@ -154,7 +148,8 @@ func P2PForgeCertMgr(cfg config.AutoTLS) interface{} {
 			p2pforge.WithCAEndpoint(cfg.CAEndpoint.WithDefault(config.DefaultCAEndpoint)),
 			p2pforge.WithForgeAuth(cfg.RegistrationToken.WithDefault(os.Getenv(p2pforge.ForgeAuthEnv))),
 			p2pforge.WithUserAgent(version.GetUserAgentVersion()),
-			p2pforge.WithCertificateStorage(&certmagic.FileStorage{Path: storagePath}))
+			p2pforge.WithCertificateStorage(certStorage),
+		)
 		if err != nil {
 			return nil, err
 		}
diff --git a/docs/examples/kubo-as-a-library/go.mod b/docs/examples/kubo-as-a-library/go.mod
index b58575749fc..6fed80107a3 100644
--- a/docs/examples/kubo-as-a-library/go.mod
+++ b/docs/examples/kubo-as-a-library/go.mod
@@ -108,7 +108,7 @@ require (
 	github.com/ipld/go-car/v2 v2.14.2 // indirect
 	github.com/ipld/go-codec-dagpb v1.6.0 // indirect
 	github.com/ipld/go-ipld-prime v0.21.0 // indirect
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 // indirect
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 // indirect
 	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
 	github.com/jbenet/go-temp-err-catcher v0.1.0 // indirect
 	github.com/jbenet/goprocess v0.1.4 // indirect
diff --git a/docs/examples/kubo-as-a-library/go.sum b/docs/examples/kubo-as-a-library/go.sum
index 29c5ea9e0a8..774aa59feb6 100644
--- a/docs/examples/kubo-as-a-library/go.sum
+++ b/docs/examples/kubo-as-a-library/go.sum
@@ -402,8 +402,8 @@ github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd h1:gMlw/MhNr2Wtp5RwGdsW23cs+yCuj9k2ON7i9MiJlRo=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd/go.mod h1:wZ8hH8UxeryOs4kJEJaiui/s00hDSbE37OKsL47g+Sw=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0 h1:Vc/s0QbQtoxX8MwwSLWWh+xNNZvM3Lw7NsTcHrvvhMc=
diff --git a/go.mod b/go.mod
index 8800f68f984..ca181eea14d 100644
--- a/go.mod
+++ b/go.mod
@@ -49,7 +49,7 @@ require (
 	github.com/ipld/go-car/v2 v2.14.2
 	github.com/ipld/go-codec-dagpb v1.6.0
 	github.com/ipld/go-ipld-prime v0.21.0
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109
 	github.com/jbenet/go-temp-err-catcher v0.1.0
 	github.com/jbenet/goprocess v0.1.4
 	github.com/julienschmidt/httprouter v1.3.0
diff --git a/go.sum b/go.sum
index 51472bfe53f..2c513c5a5cc 100644
--- a/go.sum
+++ b/go.sum
@@ -469,8 +469,8 @@ github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd h1:gMlw/MhNr2Wtp5RwGdsW23cs+yCuj9k2ON7i9MiJlRo=
 github.com/ipld/go-ipld-prime/storage/bsadapter v0.0.0-20230102063945-1a409dc236dd/go.mod h1:wZ8hH8UxeryOs4kJEJaiui/s00hDSbE37OKsL47g+Sw=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0 h1:Vc/s0QbQtoxX8MwwSLWWh+xNNZvM3Lw7NsTcHrvvhMc=
diff --git a/test/dependencies/go.mod b/test/dependencies/go.mod
index 2e33b158571..80f598e62fd 100644
--- a/test/dependencies/go.mod
+++ b/test/dependencies/go.mod
@@ -130,7 +130,7 @@ require (
 	github.com/ipfs/kubo v0.31.0 // indirect
 	github.com/ipld/go-codec-dagpb v1.6.0 // indirect
 	github.com/ipld/go-ipld-prime v0.21.0 // indirect
-	github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 // indirect
+	github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 // indirect
 	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
 	github.com/jbenet/go-temp-err-catcher v0.1.0 // indirect
 	github.com/jbenet/goprocess v0.1.4 // indirect
diff --git a/test/dependencies/go.sum b/test/dependencies/go.sum
index 5d69262649f..3f49a4a46b0 100644
--- a/test/dependencies/go.sum
+++ b/test/dependencies/go.sum
@@ -358,8 +358,8 @@ github.com/ipld/go-codec-dagpb v1.6.0 h1:9nYazfyu9B1p3NAgfVdpRco3Fs2nFC72DqVsMj6
 github.com/ipld/go-codec-dagpb v1.6.0/go.mod h1:ANzFhfP2uMJxRBr8CE+WQWs5UsNa0pYtmKZ+agnUw9s=
 github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH9C2E=
 github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89 h1:+sOmTdwTVf7v8yHJxMy8VRvVqfq80vZqb1NNfUJTMl0=
-github.com/ipshipyard/p2p-forge v0.0.0-20241018221331-d6c1f74f5c89/go.mod h1:1pvFcXQQoLZCAAxV18/NElYL+32bRrhswSItX4ldd3Q=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109 h1:Od9XhliY3EzRDCd/H6fMQ225+DSaS+CT0daHjEwbZTM=
+github.com/ipshipyard/p2p-forge v0.0.0-20241028231853-f599f4803109/go.mod h1:taPeh3PDSO8Ual0/N2tIOAUXPV8gZoPF3uPXoUyiq14=
 github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
 github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
 github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA=