p2p: Allow whitelisting manual connections#27114
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
cf19251 to
4a2aa6c
Compare
|
Concept ACK |
stratospher
left a comment
There was a problem hiding this comment.
concept ACK. whitelisting outgoing connections is a useful feature to have! went through the code and it looks good.
- integration tests in
p2p_permissions.pywould be nice! (It’d be interesting to see the behaviour when different permissions are set in different connection directions.) - something i had trouble understanding was if we give a trusted peer special permissions, would it matter who initiated the connection?
- micro nit: next time you rebase/update, maybe reword the 1st commit message to use
NetPermissionFlags::Implicitinstead of PF_ISIMPLICIT?
furszy
left a comment
There was a problem hiding this comment.
Concept ACK
Could also add a test framework option to whitelist peers. So we don't have to add -whitelist flag everywhere.
Sounds good! Gonna implement it! |
67b32c5 to
6ed6fca
Compare
|
force-pushed: Added |
6ed6fca to
19f3f3a
Compare
|
Rebased |
jonatack
left a comment
There was a problem hiding this comment.
ACK 19f3f3a316660890f03d6ddcb4a4230eb2ff5e91 with some suggestions
There was a problem hiding this comment.
19f3f3a This doesn't seem to be a pure refactoring here and in mempool_packages.py and p2p_segwit.py
|
Concept NACK to restricting it to only manual connections. This will cause random breakage when automatic peering happens to connect to a manual peer first. |
did you see #28895? We don't make automatic connections to manually specified peers anymore. |
|
Hmm, it's still weird, but I guess it's not terrible then. |
There was a problem hiding this comment.
It may be worth documenting this in the method docs to prevent potential future footshots
|
tACK c10f528 |
|
ACK c10f528350152ca9248e8c167b67993fc7321ca3 |
There was a problem hiding this comment.
ACK c10f528350152ca9248e8c167b67993fc7321ca3
I left comments on a few nits but none are breaking for me. Happy to re-ACK if you update.
Built and ran all functional and unit tests locally on macOS/arm
Reviewed specific changes since my last ACK:
git range-diff abfc8c901d..d69747ab65 5883a8911a..c10f528350
- Move relay flags to netpermissions from net
- Only apply new logic to manual connections
- Apply flag to new tests added since last review
Show Signature
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
ACK c10f528350152ca9248e8c167b67993fc7321ca3
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE5hdzzW4BBA4vG9eM5+KYS2KJyToFAmXVHeAACgkQ5+KYS2KJ
yTqDMxAApyQUw15xZWgrgO+pvNMlRKensYTKTHvPUZK8MeLpM6MfBVruWAnZwxlC
2qj6qyAP+j7mOAOYqZqNo5fgwfD01ruNCL/bCpwAa51/hD3yPf9I/h1nA6AFNoVT
y9JvyknUKWHRWceNi1vBMa9lrkt5IkJ1o/padFaa52OO01OEBTf+ZJQ7FyHlFcQ2
nttow4AIXPM37mYFLil9DGOc90qn728fICC6QrUDXjLL2AGFCPJfysl4vv5FwX6E
92txS6FDh5P8z54DxTOiFSlTVemwOtmSZAtM5Kvs7tgeAiBlOmD9vsMC9BUwRs+c
7Swn9MUiIZ+kveh6oS7SGAQv3uj4kOyhyOPV3iKJKylEaFoivUN2YMtdhNUwUC8i
bz8p5nbkO397HvHuCQ3mEUcWfYeTXS2ozZfRcbvTXqnZMb5QCuM7CPkH+w5QG/hi
yGQDp+SbqDFLiEWejmFysIKhDeXuz110jhydgr77UuiCcTVjPTUCvrEw0hZ/PkZi
ev/tnL0xsC2Nm3gnsjY5ilE+kbkjEerf19qgJ45lweMI2pvT+BNSWxFYxSNbQpYm
ayYcnsYfHbHdoPlLJoTUO44yOyWSdsqu6tLBdYYuH1nDkoijaTl27O9SI5Cxe2E0
9BdBUPu2c9STB1VZzZLNOTiRgKyXq/rYloSyksiI6Jd4HK48zGI=
=rbZH
-----END PGP SIGNATURE-----
pinheadmz's public key is on keybase
|
Force-pushed addressing #27114 (comment). Just removed an unecessary variable. |
pinheadmz
left a comment
There was a problem hiding this comment.
ACK 231e1797023c3502e1605b263b24f29eb659ce55
Show Signature
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
ACK 231e1797023c3502e1605b263b24f29eb659ce55
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE5hdzzW4BBA4vG9eM5+KYS2KJyToFAmXcuNkACgkQ5+KYS2KJ
yTq5oxAAyNHLUhXS4t6pe+5obxZMLEleSnZvMbq7ILrxCeNc0ke7KQKmy/sMFOT9
5pBN8Pc3e/LLtxlx+rNuspiooGqBKz3tRV0fEdAdBt4gQhoyaA7+KuFxfOZXjM5z
TnimlvgAxZk1bI8RWP/Pd/hvd5rMqWBKu5SLtyycVnZ+lQCObtAyMQVart9KjLpw
ORTCUPJgSZjc3OqcFvjyKkxKkZEQgmqd67h4j3+k6AoKRsJwauqPZMALYVtLFPb0
T7xf/6BPk51cyVhflNzv7J3MIOQE4ojlLvPRi+Q3bRZJCoEuPYtfzA8NWz/bKS8o
M4jMuHanvMiLUbBRWWYZ1nv1AlgB9PBcSODi0iU1C3ZBppAb3uG+AYR3xP0NVnBF
F2uheUGrKKsGgimdUFg8sjSTjwEZhAJOq0AwN/D1subNOfJl6jCMo3sF9NnECFBn
plvZoyU3rJSfdfukQOYeF7Q+xF/GxpUUZVSWKtgenpCoc4KvM6c+3aclfDmFKe1s
jgMal6sXkEGjjWIHeCs/fsdMg2PWK8iQqX0iuTDYc1RsD1XjIwiYdgO3oy5oDVjm
M7eDUd04ISsqFVDyY6j/F+jxKFZT1cZxzOj2ACZJegaWUW/xQrVBZ1CD64twtT7p
Ys8svqCF8JiKes0LSWZSG8aHEVz4yx53FukltCljdtbd3CBCM0g=
=yWJM
-----END PGP SIGNATURE-----
pinheadmz's public key is on keybase
…tPermissionFlags`
when `self.noban_tx_relay=True`, the following flag `-whitelist=noban,in,out@127.0.0.1`is added to `extra_args` to speed up tx relay/mempool sync.
|
Force-pushed addressing:
thanks, @stratospher |
pinheadmz
left a comment
There was a problem hiding this comment.
ACK 0a53361
confirmed minimal diff since last ack
Show Signature
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
ACK 0a533613fb44207053796fd01a9f4b523a3153d4
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE5hdzzW4BBA4vG9eM5+KYS2KJyToFAmXg8cMACgkQ5+KYS2KJ
yTqb9BAAlsYlKQ6Umtb5FVctkQebcoO7F4P0cHseOl97Xlkcr+slqDGDnYNs19ft
6Ct9HJkB/faLzOQ2gyGq3cOxMevkuQEWBxAKti54uoHY5X5Ye51W5ejJz3BLT+Sw
pDhwlpXo2hSz7GhgpUeb6mj0+rHyA3pMXNvFGjcrjHCX4AeJdWLZEcau0avZ+Luj
5cl0cDxNztu6xWCSAdoooEDyHcpXifYafPOkMV2L6qefh94rZuHuc7gmCnff5geB
lb5DZJQm6lJiLLQBHQ6UUw5hLx4Myfn0Vdb3h937amiwZ+2RsTEHTT1RoZ0lT1Q4
qi/ehtXq+iLcqAA2FzHaiTc1IgZzG3ylJQMGov5rQ2irIpYBKyzPBgZcSloS49oK
lbMB3a3onyABtmmyCQGLG/ituxp8n1/MawyANaQj+uJF7aJrVoylkNctm7J5gb5T
6YYeYVEV/Dav+OqeJj+LZr+4zxvYHndTgrE7MgTZsGMoam/A7jzjZdS3Y0nceCIZ
Lm2d57+nzar/36pp2zzfS6yTjdIgK1NxGEYDLDSBSXdWV3YVaCbGezMzghAc2Wb1
l5JHH+SFvXhOY5WaciuhOUWF7wq726WtaNUeUGldIGHqJB0QrkJOB1IUqpkbaCOU
d4g4ePAXMkxIeo+m9QXwARLX9iFHr4AkW+qsytQoS3OgMQIQpdQ=
=N5cR
-----END PGP SIGNATURE-----
pinheadmz's public key is on keybase
There was a problem hiding this comment.
concept ACK! it's useful to be able to whitelist and give special permissions to manual peers which are essentially peers you trust.
I've gone through all the commits but not leaving a code review/approach ACK since I don't understand why we'd need different permissions for each connection direction. (related comments - #17167 (comment), #27114 (comment), #27114 (comment))
| def set_test_params(self): | ||
| self.num_nodes = 2 | ||
| # whitelist peers to speed up tx relay / mempool sync | ||
| self.noban_tx_relay = True |
There was a problem hiding this comment.
c985eb8: isn't this a behaviour change in the functional test? now, the second node also has noban permission - previously it didn't. same situation happens in test/functional/p2p_segwit.py.
so maybe keep "-whitelist=noban@127.0.0.1" instead of self.noban_tx_relay = True in both these tests.
(haven't looked into how having noban permission for second node affects the functional test though.)
There was a problem hiding this comment.
I does not affect the behaviour of the tests since those tests does not test any misbehaviour. It is just to speed up tx relay.
|
ACK 0a53361 |
| // By default, whitelist only applies to incoming connections | ||
| if (connection_direction == ConnectionDirection::None) { | ||
| connection_direction = ConnectionDirection::In; | ||
| } else if (flags == NetPermissionFlags::None) { |
There was a problem hiding this comment.
Going over this PR again, shouldn't this have been a separate if statement instead of an if/else (or not a condition at all)?
Right now we are accepting expressions of the type @ip:port (which were already accepted before), but not expressions of the type in/out@ip:port.
The former will pass and default to ConnectionDirection::In + NetPermissionFlags::Implicit, while the latter will be rejected. That feels inconsistent
Revives #17167. It allows whitelisting manual connections. Fixes #9923
Since there are some PRs/issues around this topic, I'll list some motivations/comments for whitelisting outbound connections from them:
node0 <--- node1 <---- node2 <--- ... <-- nodeN, if a tx is submitted from any node other than node0, the mempool synchronization can take quite long.