Merge pull request #509 from 0xProject/fix/enforce-rate-limit-on-rela…

…y-addresses Enforce rate limit on relay addresses
0xProject · Nov 7, 2019 · b0092e7 · b0092e7
2 parents f1d0101 + 091c591
commit b0092e7
Show file tree

Hide file tree

Showing 5 changed files with 96 additions and 31 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,13 @@
 
 This changelog is a work in progress and may contain notes for versions which have not actually been released. Check the [Releases](https://github.com/0xProject/0x-mesh/releases) page to see full release notes and more information about the latest released versions.
 
+## v6.0.1-beta
+
+### Bug fixes 🐞 
+
+- Fixed an oversight which granted immunity from bandwidth banning for any peer using a relayed connection ([#509](https://github.com/0xProject/0x-mesh/pull/509)).
+
+
 ## v6.0.0-beta
 
 ### Breaking changes 🛠 

diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/Gopkg.toml b/Gopkg.toml
@@ -70,7 +70,7 @@
 
 [[constraint]]
   name = "github.com/multiformats/go-multiaddr"
-  version = "0.0.4"
+  version = "0.1.2"
 
 [[constraint]]
   name = "github.com/libp2p/go-libp2p-pubsub"
@@ -114,14 +114,13 @@
   name = "github.com/libp2p/go-libp2p-discovery"
   version = "0.1.0"
 
-[[override]]
+[[constraint]]
   name = "github.com/libp2p/go-ws-transport"
-  source = "github.com/0xProject/go-ws-transport"
-  revision = "163cee1e07594cd148a9086cd3cce5f901e4dae9"
+  revision = "3098bba549e89efc42055199c2dca3d95ac70744"
 
 [[constraint]]
   name = "github.com/libp2p/go-libp2p-circuit"
-  version = "0.1.1"
+  version = "0.1.2"
 
 [[constraint]]
   name = "github.com/libp2p/go-libp2p-swarm"

diff --git a/p2p/banner/banner.go b/p2p/banner/banner.go
@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"net"
-	"strings"
 	"sync"
 	"time"
 
@@ -84,15 +83,10 @@ func (banner *Banner) ProtectIP(maddr ma.Multiaddr) error {
 func (banner *Banner) BanIP(maddr ma.Multiaddr) error {
 	ipNet, err := ipNetFromMaddr(maddr)
 	if err != nil {
-		// HACK(albrow) relay addresses don't include the full transport address
-		// (IP, port, etc) for older versions of libp2p-circuit. (See
-		// https://github.com/libp2p/go-libp2p/issues/723). As a temporary
-		// workaround, we no-op for relayed connections. We can remove this after
-		// updating our bootstrap nodes to the latest version. We detect relay
-		// addresses by looking for the /ipfs prefix.
-		if strings.HasPrefix(maddr.String(), "/ipfs") {
-			return nil
-		}
+		log.WithFields(log.Fields{
+			"error": err.Error(),
+			"maddr": maddr.String(),
+		}).Error("could not get IP address from multiaddress")
 		return err
 	}
 	banner.protectedIPsMut.RLock()
@@ -203,7 +197,7 @@ func (banner *Banner) CheckBandwidthUsage() {
 						"remoteMultiaddr":   conn.RemoteMultiaddr().String(),
 						"rateIn":            stats.RateIn,
 						"maxBytesPerSecond": banner.config.MaxBytesPerSecond,
-					}).Trace("would ban IP/multiaddress due to high bandwidth usage")
+					}).Error("banning IP/multiaddress due to high bandwidth usage")
 				}
 				// Banning the IP doesn't close the connection, so we do that
 				// separately. ClosePeer closes all connections to the given peer.

diff --git a/p2p/banner/banner_test.go b/p2p/banner/banner_test.go
@@ -0,0 +1,58 @@
+package banner
+
+import (
+	"net"
+	"testing"
+
+	ma "github.com/multiformats/go-multiaddr"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestIPNetFromMaddr(t *testing.T) {
+	testCases := []struct {
+		maddr    ma.Multiaddr
+		expected net.IPNet
+	}{
+		{
+			maddr: newMaddr(t, "/ip4/159.65.4.82/tcp/60558"),
+			expected: net.IPNet{
+				IP:   net.IP{0x9f, 0x41, 0x4, 0x52},
+				Mask: ipv4AllMask,
+			},
+		},
+		{
+			maddr: newMaddr(t, "/ip4/159.65.4.82/tcp/60558/ipfs/16Uiu2HAm9brLYhoM1wCTRtGRR7ZqXhk8kfEt6a2rSFSZpeV8eB7L/p2p-circuit"),
+			expected: net.IPNet{
+				IP:   net.IP{0x9f, 0x41, 0x4, 0x52},
+				Mask: ipv4AllMask,
+			},
+		},
+		{
+			maddr: newMaddr(t, "/ip6/fe80:cd00:0000:0cde:1257:0000:211e:729c/tcp/60558"),
+			expected: net.IPNet{
+				IP:   net.IP{0xfe, 0x80, 0xcd, 0x0, 0x0, 0x0, 0xc, 0xde, 0x12, 0x57, 0x0, 0x0, 0x21, 0x1e, 0x72, 0x9c},
+				Mask: ipv6AllMask,
+			},
+		},
+		{
+			maddr: newMaddr(t, "/ip6/fe80:cd00:0000:0cde:1257:0000:211e:729c/tcp/60558/ipfs/16Uiu2HAm9brLYhoM1wCTRtGRR7ZqXhk8kfEt6a2rSFSZpeV8eB7L/p2p-circuit"),
+			expected: net.IPNet{
+				IP:   net.IP{0xfe, 0x80, 0xcd, 0x0, 0x0, 0x0, 0xc, 0xde, 0x12, 0x57, 0x0, 0x0, 0x21, 0x1e, 0x72, 0x9c},
+				Mask: ipv6AllMask,
+			},
+		},
+	}
+
+	for i, tc := range testCases {
+		actual, err := ipNetFromMaddr(tc.maddr)
+		require.NoError(t, err, "test case %d (%s)", i, tc.maddr.String())
+		assert.Equal(t, tc.expected, actual, "test case %d (%s)", i, tc.maddr.String())
+	}
+}
+
+func newMaddr(t *testing.T, s string) ma.Multiaddr {
+	maddr, err := ma.NewMultiaddr(s)
+	require.NoError(t, err)
+	return maddr
+}