/
connection.go
65 lines (53 loc) · 2.42 KB
/
connection.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package permission
import (
"strings"
"github.com/ethereum/go-ethereum/log"
"github.com/ethereum/go-ethereum/p2p/enode"
"github.com/ethereum/go-ethereum/params"
"github.com/ethereum/go-ethereum/permission/core"
)
func isNodePermissionedV1(enodeId string, nodename string, currentNode string, direction string) bool {
permissionedList := core.NodeInfoMap.GetNodeList()
log.Debug("isNodePermissionedV1", "permissionedList", permissionedList)
for _, n := range permissionedList {
if strings.Contains(n.Url, enodeId) && n.Status == core.NodeApproved {
log.Debug("isNodePermissionedV1", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:params.NODE_NAME_LENGTH])
return true
}
}
log.Debug("isNodePermissionedV1", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "DENIED-BY", currentNode[:params.NODE_NAME_LENGTH])
return false
}
func isNodePermissionedV2(node *enode.Node, nodename string, currentNode string, direction string) bool {
if permissionService == nil {
log.Debug("isNodePermissionedV2 connection not allowed - permissionService is not set")
return false
}
allowed, err := permissionService.ConnectionAllowed(node.EnodeID(), node.IP().String(), uint16(node.TCP()), uint16(node.RaftPort()))
log.Debug("isNodePermissionedV2 V2", "allowed", allowed, "url", node.String())
if err != nil {
log.Error("isNodePermissionedV2 connection not allowed", "err", err)
return false
}
if allowed {
log.Debug("isNodePermissionedV2", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:params.NODE_NAME_LENGTH])
} else {
log.Debug("isNodePermissionedV2", "connection", direction, "nodename", nodename[:params.NODE_NAME_LENGTH], "DENIED-BY", currentNode[:params.NODE_NAME_LENGTH])
}
return allowed
}
func IsNodePermissioned(node *enode.Node, nodename string, currentNode string, datadir string, direction string) bool {
//if we have not reached QIP714 block return full access
if !core.PermissionsEnabled() {
return core.IsNodePermissioned(nodename, currentNode, datadir, direction)
}
switch core.PermissionModel {
case core.Default:
return core.IsNodePermissioned(nodename, currentNode, datadir, direction)
case core.V1:
return isNodePermissionedV1(node.EnodeID(), nodename, currentNode, direction)
case core.V2:
return isNodePermissionedV2(node, nodename, currentNode, direction)
}
return false
}