gate QUIC connections via new ConnectionGater #152
Conversation
conn_test.go
Outdated
|
|
||
| . "github.com/onsi/ginkgo" | ||
| . "github.com/onsi/gomega" | ||
| ) | ||
|
|
||
| type localhostMockGater struct { |
There was a problem hiding this comment.
@raulk I know this will make you cringe and add some entropy to thy life. But, I have added a TODO at libp2p/go-libp2p#930 to replace this with the "Functional Gater" that we plan to implement.
For all that you hold dear on this good Earth, rest assured, this shall be fixed.
There was a problem hiding this comment.
We need to call InterceptSecured and InterceptUpgraded. Even if there are no explicit steps in the QUIC transport, those checkpoints still exist virtually. We should provide a normalised experience. The implementor of ConnectionGater should not be aware of the individual nuances in each transport.
Note: the InterceptUpgraded will be redundant with the swarm's call (we should remove it from there).
filtered_conn.go
Outdated
| return | ||
| } | ||
| } | ||
| } | ||
| } |
I am not sure why we need to call |
|
@aarshkshah1992 It's a separation of concerns argument. The component that's responsible for returning an upgraded connection is the transport, therefore it should be the one intercepting, in my view. However, OTOH the swarm receives only upgraded connections from the transports, so it's safe to just leave the interception point there... No right or wrong here, disregard my comment about |
|
@aarshkshah1992 We should update the godocs in go-libp2p-core to make it explicit what's expected to be implemented by transport writers and what isn't... |
|
@raulk Have addressed your changes. Please take a look now. |
conn_test.go
Outdated
| @@ -192,7 +218,9 @@ var _ = Describe("Connection", func() { | |||
|
|
|||
| // now allow the address and make sure the connection goes through | |||
| clientTransport.(*transport).clientConfig.HandshakeTimeout = 2 * time.Second | |||
| filters.AddFilter(ipNet, filter.ActionAccept) | |||
| cg.lk.Lock() | |||
| cg.allowAll = true | |||
There was a problem hiding this comment.
A test for InterceptSecured would be great (mostly for regression testing).
There was a problem hiding this comment.
This is done.
|
Note: It's not actually possible to call |
|
@raulk Have added a test for |
Correct. I knew there was a reason I had originally planned |
conn_test.go
Outdated
| allowAllAccepted bool | ||
| disableSecuredPeer peer.ID |
There was a problem hiding this comment.
I've simplified these names @aarshkshah1992.
raulk
changed the title
There was a problem hiding this comment.
Hi guys, just came back after a few days OOO.
The code here mostly lgtm, but I think we need to close the connection when InterceptSecured rejects it.
Furthermore, I have one question: I assume there's an InterceptAccept and an InterceptSecured to allow rejecting connection both from a certain multiaddr as well as from a certain peer ID. This much makes sense to. But what's the point of having an InterceptUpgraded on the connection gater? And why is it not called here?
Edit: Found the answer: #152 (comment).
| @@ -178,6 +183,13 @@ func (t *transport) Dial(ctx context.Context, raddr ma.Multiaddr, p peer.ID) (tp | |||
| pconn.DecreaseCount() | |||
| return nil, err | |||
| } | |||
|
|
|||
| connaddrs := &connAddrs{lmAddr: localMultiaddr, rmAddr: remoteMultiaddr} | |||
| if t.gater != nil && !t.gater.InterceptSecured(n.DirOutbound, p, connaddrs) { | |||
There was a problem hiding this comment.
We need to close the connection at this point. Otherwise the peer will never know that we closed the connection. As from quic-go's point of view the connection is fully established, there won't be any connection-level timeout here either.
For libp2p/go-libp2p#931.
InterceptAcceptmethod of the Connection Gater that is passed to the QUIC transport during initialization.@raulk
I am not sure if we can actually call
InterceptSecuredhere as the security handshake seems to be part of making a QUIC connection and is handled completely by the QUIC library we use.