support a list of trusted peer IDs

MinaProtocol · Sep 23, 2020 · 10b31e9 · 10b31e9
1 parent 7573a48
commit 10b31e9
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 5 deletions.
diff --git a/src/app/libp2p_helper/src/codanet.go b/src/app/libp2p_helper/src/codanet.go
@@ -49,16 +49,21 @@ type customValidator struct {
 	Base record.Validator
 }
 
+// this type implements the ConnectionGater interface 
+// https://godoc.org/github.com/libp2p/go-libp2p-core/connmgr#ConnectionGater
+// the comments of the functions below are taken from those docs.
 type codaGaterState struct {
 	AddrFilters *ma.Filters
 	DeniedPeers *peer.Set
+	AllowedPeers *peer.Set
 }
 
 // InterceptPeerDial tests whether we're permitted to Dial the specified peer.
 //
 // This is called by the network.Network implementation when dialling a peer.
 func (gs *codaGaterState) InterceptPeerDial(p peer.ID) (allow bool) {
-	allow = !gs.DeniedPeers.Contains(p)
+	allow = !gs.DeniedPeers.Contains(p) || gs.AllowedPeers.Contains(p)
+
 	return
 }
 
@@ -68,7 +73,7 @@ func (gs *codaGaterState) InterceptPeerDial(p peer.ID) (allow bool) {
 // This is called by the network.Network implementation after it has
 // resolved the peer's addrs, and prior to dialling each.
 func (gs *codaGaterState) InterceptAddrDial(id peer.ID, addr ma.Multiaddr) (allow bool) {
-	allow = !gs.DeniedPeers.Contains(id) && !gs.AddrFilters.AddrBlocked(addr)
+	allow = (!gs.DeniedPeers.Contains(id) || gs.AllowedPeers.Contains(p)) && !gs.AddrFilters.AddrBlocked(addr)
 	return
 }
 
@@ -93,7 +98,7 @@ func (gs *codaGaterState) InterceptSecured(_ network.Direction, id peer.ID, addr
 	// connections in coda are symmetric: if i am allowed to connect to
 	// you, you are allowed to connect to me.
 	remoteAddr := addrs.RemoteMultiaddr()
-	allow = !gs.DeniedPeers.Contains(id) && !gs.AddrFilters.AddrBlocked(remoteAddr)
+	allow = (!gs.DeniedPeers.Contains(id) || gs.AllowedPeers.Contains(id)) && !gs.AddrFilters.AddrBlocked(remoteAddr)
 	return
 }
 

diff --git a/src/app/libp2p_helper/src/libp2p_helper/main.go b/src/app/libp2p_helper/src/libp2p_helper/main.go
@@ -961,6 +961,7 @@ type unbanIPMsg struct {
 type setGaterConfigMsg struct {
 	BannedIPs     []string `json:"banned_ips"`
 	BannedPeerIDs []string `json:"banned_peers"`
+	TrustedPeerIDs []string `json:"trusted_peers"`
 	TrustedIPs    []string `json:"trusted_ips"`
 	Isolate       bool     `json:"isolate"`
 }

diff --git a/src/lib/coda_net2/coda_net2.ml b/src/lib/coda_net2/coda_net2.ml
@@ -362,7 +362,7 @@ module Helper = struct
     end
 
     module Set_gater_config = struct
-      type input = {banned_ips: string list ; banned_peers: string list; trusted_ips: string list; isolate: bool} [@@deriving yojson]
+      type input = {banned_ips: string list ; banned_peers: string list; trusted_peers: string list; trusted_ips: string list; isolate: bool} [@@deriving yojson]
 
       type output = string [@@deriving yojson]
 
@@ -1260,7 +1260,13 @@ let lookup_peerid = Helper.lookup_peerid
 
 let configure_connection_gating net config =
   match%map
-    Helper.(do_rpc net (module Rpcs.Set_gater_config) config)
+    Helper.(do_rpc net (module Rpcs.Set_gater_config) {
+      banned_ips= List.map ~f:(fun p -> Unix.Inet_addr.to_string p.host) config.banned_peers ;
+      banned_peers= List.map ~f:(fun p -> p.peer_id) config.banned_peers ;
+      trusted_ips= List.map ~f:(fun p -> Unix.Inet_addr.to_string p.host) config.trusted_peers ;
+      trusted_peers= List.map ~f:(fun p -> p.peer_id) config.trusted_peers ;
+      isolate= config.isolate
+    })
   with
   | Ok "ok" ->
       Ok ()