aboutsummaryrefslogtreecommitdiff
path: root/src/p2p/net_node.cpp
diff options
context:
space:
mode:
authorLee Clagett <code@leeclagett.com>2018-12-16 17:57:44 +0000
committerLee Clagett <code@leeclagett.com>2019-01-28 23:56:33 +0000
commit973403bc9f54ab0722b67a3c76ab6e7bafbfeedc (patch)
tree01f74938dc99a56c5d20840baa9bce66142847ae /src/p2p/net_node.cpp
parentMerge pull request #5062 (diff)
downloadmonero-973403bc9f54ab0722b67a3c76ab6e7bafbfeedc.tar.xz
Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer - Add --anonymizing-proxy for outbound Tor connections - Add --anonymous-inbounds for inbound Tor connections - Support for sharing ".onion" addresses over Tor connections - Support for broadcasting transactions received over RPC exclusively over Tor (else broadcast over public IP when Tor not enabled).
Diffstat (limited to 'src/p2p/net_node.cpp')
-rw-r--r--src/p2p/net_node.cpp264
1 files changed, 264 insertions, 0 deletions
diff --git a/src/p2p/net_node.cpp b/src/p2p/net_node.cpp
index 7cad6e077..8639fdb3b 100644
--- a/src/p2p/net_node.cpp
+++ b/src/p2p/net_node.cpp
@@ -28,9 +28,79 @@
//
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+#include <boost/algorithm/string/find_iterator.hpp>
+#include <boost/algorithm/string/finder.hpp>
+#include <boost/chrono/duration.hpp>
+#include <boost/endian/conversion.hpp>
+#include <boost/optional/optional.hpp>
+#include <boost/thread/future.hpp>
+#include <boost/utility/string_ref.hpp>
+#include <chrono>
+#include <utility>
+
#include "common/command_line.h"
#include "cryptonote_core/cryptonote_core.h"
+#include "cryptonote_protocol/cryptonote_protocol_defs.h"
#include "net_node.h"
+#include "net/net_utils_base.h"
+#include "net/socks.h"
+#include "net/parse.h"
+#include "net/tor_address.h"
+#include "p2p/p2p_protocol_defs.h"
+#include "string_tools.h"
+
+namespace
+{
+ constexpr const boost::chrono::milliseconds future_poll_interval{500};
+ constexpr const std::chrono::seconds tor_connect_timeout{P2P_DEFAULT_TOR_CONNECT_TIMEOUT};
+
+ std::int64_t get_max_connections(const boost::iterator_range<boost::string_ref::const_iterator> value) noexcept
+ {
+ // -1 is default, 0 is error
+ if (value.empty())
+ return -1;
+
+ std::uint32_t out = 0;
+ if (epee::string_tools::get_xtype_from_string(out, std::string{value.begin(), value.end()}))
+ return out;
+ return 0;
+ }
+
+ template<typename T>
+ epee::net_utils::network_address get_address(const boost::string_ref value)
+ {
+ expect<T> address = T::make(value);
+ if (!address)
+ {
+ MERROR(
+ "Failed to parse " << epee::net_utils::zone_to_string(T::get_zone()) << " address \"" << value << "\": " << address.error().message()
+ );
+ return {};
+ }
+ return {std::move(*address)};
+ }
+
+ bool start_socks(std::shared_ptr<net::socks::client> client, const boost::asio::ip::tcp::endpoint& proxy, const epee::net_utils::network_address& remote)
+ {
+ CHECK_AND_ASSERT_MES(client != nullptr, false, "Unexpected null client");
+
+ bool set = false;
+ switch (remote.get_type_id())
+ {
+ case net::tor_address::get_type_id():
+ set = client->set_connect_command(remote.as<net::tor_address>());
+ break;
+ default:
+ MERROR("Unsupported network address in socks_connect");
+ return false;
+ }
+
+ const bool sent =
+ set && net::socks::client::connect_and_send(std::move(client), proxy);
+ CHECK_AND_ASSERT_MES(sent, false, "Unexpected failure to init socks client");
+ return true;
+ }
+}
namespace nodetool
{
@@ -55,6 +125,8 @@ namespace nodetool
const command_line::arg_descriptor<std::vector<std::string> > arg_p2p_add_exclusive_node = {"add-exclusive-node", "Specify list of peers to connect to only."
" If this option is given the options add-priority-node and seed-node are ignored"};
const command_line::arg_descriptor<std::vector<std::string> > arg_p2p_seed_node = {"seed-node", "Connect to a node to retrieve peer addresses, and disconnect"};
+ const command_line::arg_descriptor<std::vector<std::string> > arg_proxy = {"proxy", "<network-type>,<socks-ip:port>[,max_connections] i.e. \"tor,127.0.0.1:9050,100\""};
+ const command_line::arg_descriptor<std::vector<std::string> > arg_anonymous_inbound = {"anonymous-inbound", "<hidden-service-address>,<[bind-ip:]port>[,max_connections] i.e. \"x.onion,127.0.0.1:18083,100\""};
const command_line::arg_descriptor<bool> arg_p2p_hide_my_port = {"hide-my-port", "Do not announce yourself as peerlist candidate", false, true};
const command_line::arg_descriptor<bool> arg_no_igd = {"no-igd", "Disable UPnP port mapping"};
@@ -67,4 +139,196 @@ namespace nodetool
const command_line::arg_descriptor<int64_t> arg_limit_rate = {"limit-rate", "set limit-rate [kB/s]", -1};
const command_line::arg_descriptor<bool> arg_save_graph = {"save-graph", "Save data for dr monero", false};
+
+ boost::optional<std::vector<proxy>> get_proxies(boost::program_options::variables_map const& vm)
+ {
+ namespace ip = boost::asio::ip;
+
+ std::vector<proxy> proxies{};
+
+ const std::vector<std::string> args = command_line::get_arg(vm, arg_proxy);
+ proxies.reserve(args.size());
+
+ for (const boost::string_ref arg : args)
+ {
+ proxies.emplace_back();
+
+ auto next = boost::algorithm::make_split_iterator(arg, boost::algorithm::first_finder(","));
+ CHECK_AND_ASSERT_MES(!next.eof() && !next->empty(), boost::none, "No network type for --" << arg_proxy.name);
+ const boost::string_ref zone{next->begin(), next->size()};
+
+ ++next;
+ CHECK_AND_ASSERT_MES(!next.eof() && !next->empty(), boost::none, "No ipv4:port given for --" << arg_proxy.name);
+ const boost::string_ref proxy{next->begin(), next->size()};
+
+ ++next;
+ if (!next.eof())
+ {
+ proxies.back().max_connections = get_max_connections(*next);
+ if (proxies.back().max_connections == 0)
+ {
+ MERROR("Invalid max connections given to --" << arg_proxy.name);
+ return boost::none;
+ }
+ }
+
+ switch (epee::net_utils::zone_from_string(zone))
+ {
+ case epee::net_utils::zone::tor:
+ proxies.back().zone = epee::net_utils::zone::tor;
+ break;
+ default:
+ MERROR("Invalid network for --" << arg_proxy.name);
+ return boost::none;
+ }
+
+ std::uint32_t ip = 0;
+ std::uint16_t port = 0;
+ if (!epee::string_tools::parse_peer_from_string(ip, port, std::string{proxy}) || port == 0)
+ {
+ MERROR("Invalid ipv4:port given for --" << arg_proxy.name);
+ return boost::none;
+ }
+ proxies.back().address = ip::tcp::endpoint{ip::address_v4{boost::endian::native_to_big(ip)}, port};
+ }
+
+ return proxies;
+ }
+
+ boost::optional<std::vector<anonymous_inbound>> get_anonymous_inbounds(boost::program_options::variables_map const& vm)
+ {
+ std::vector<anonymous_inbound> inbounds{};
+
+ const std::vector<std::string> args = command_line::get_arg(vm, arg_anonymous_inbound);
+ inbounds.reserve(args.size());
+
+ for (const boost::string_ref arg : args)
+ {
+ inbounds.emplace_back();
+
+ auto next = boost::algorithm::make_split_iterator(arg, boost::algorithm::first_finder(","));
+ CHECK_AND_ASSERT_MES(!next.eof() && !next->empty(), boost::none, "No inbound address for --" << arg_anonymous_inbound.name);
+ const boost::string_ref address{next->begin(), next->size()};
+
+ ++next;
+ CHECK_AND_ASSERT_MES(!next.eof() && !next->empty(), boost::none, "No local ipv4:port given for --" << arg_anonymous_inbound.name);
+ const boost::string_ref bind{next->begin(), next->size()};
+
+ const std::size_t colon = bind.find_first_of(':');
+ CHECK_AND_ASSERT_MES(colon < bind.size(), boost::none, "No local port given for --" << arg_anonymous_inbound.name);
+
+ ++next;
+ if (!next.eof())
+ {
+ inbounds.back().max_connections = get_max_connections(*next);
+ if (inbounds.back().max_connections == 0)
+ {
+ MERROR("Invalid max connections given to --" << arg_proxy.name);
+ return boost::none;
+ }
+ }
+
+ expect<epee::net_utils::network_address> our_address = net::get_network_address(address, 0);
+ switch (our_address ? our_address->get_type_id() : epee::net_utils::address_type::invalid)
+ {
+ case net::tor_address::get_type_id():
+ inbounds.back().our_address = std::move(*our_address);
+ inbounds.back().default_remote = net::tor_address::unknown();
+ break;
+ default:
+ MERROR("Invalid inbound address (" << address << ") for --" << arg_anonymous_inbound.name << ": " << (our_address ? "invalid type" : our_address.error().message()));
+ return boost::none;
+ }
+
+ // get_address returns default constructed address on error
+ if (inbounds.back().our_address == epee::net_utils::network_address{})
+ return boost::none;
+
+ std::uint32_t ip = 0;
+ std::uint16_t port = 0;
+ if (!epee::string_tools::parse_peer_from_string(ip, port, std::string{bind}))
+ {
+ MERROR("Invalid ipv4:port given for --" << arg_anonymous_inbound.name);
+ return boost::none;
+ }
+ inbounds.back().local_ip = std::string{bind.substr(0, colon)};
+ inbounds.back().local_port = std::string{bind.substr(colon + 1)};
+ }
+
+ return inbounds;
+ }
+
+ bool is_filtered_command(const epee::net_utils::network_address& address, int command)
+ {
+ switch (command)
+ {
+ case nodetool::COMMAND_HANDSHAKE_T<cryptonote::CORE_SYNC_DATA>::ID:
+ case nodetool::COMMAND_TIMED_SYNC_T<cryptonote::CORE_SYNC_DATA>::ID:
+ case cryptonote::NOTIFY_NEW_TRANSACTIONS::ID:
+ return false;
+ default:
+ break;
+ }
+
+ if (address.get_zone() == epee::net_utils::zone::public_)
+ return false;
+
+ MWARNING("Filtered command (#" << command << ") to/from " << address.str());
+ return true;
+ }
+
+ boost::optional<boost::asio::ip::tcp::socket>
+ socks_connect_internal(const std::atomic<bool>& stop_signal, boost::asio::io_service& service, const boost::asio::ip::tcp::endpoint& proxy, const epee::net_utils::network_address& remote)
+ {
+ using socket_type = net::socks::client::stream_type::socket;
+ using client_result = std::pair<boost::system::error_code, socket_type>;
+
+ struct notify
+ {
+ boost::promise<client_result> socks_promise;
+
+ void operator()(boost::system::error_code error, socket_type&& sock)
+ {
+ socks_promise.set_value(std::make_pair(error, std::move(sock)));
+ }
+ };
+
+ boost::unique_future<client_result> socks_result{};
+ {
+ boost::promise<client_result> socks_promise{};
+ socks_result = socks_promise.get_future();
+
+ auto client = net::socks::make_connect_client(
+ boost::asio::ip::tcp::socket{service}, net::socks::version::v4a, notify{std::move(socks_promise)}
+ );
+ if (!start_socks(std::move(client), proxy, remote))
+ return boost::none;
+ }
+
+ const auto start = std::chrono::steady_clock::now();
+ while (socks_result.wait_for(future_poll_interval) == boost::future_status::timeout)
+ {
+ if (tor_connect_timeout < std::chrono::steady_clock::now() - start)
+ {
+ MERROR("Timeout on socks connect (" << proxy << " to " << remote.str() << ")");
+ return boost::none;
+ }
+
+ if (stop_signal)
+ return boost::none;
+ }
+
+ try
+ {
+ auto result = socks_result.get();
+ if (!result.first)
+ return {std::move(result.second)};
+
+ MERROR("Failed to make socks connection to " << remote.str() << " (via " << proxy << "): " << result.first.message());
+ }
+ catch (boost::broken_promise const&)
+ {}
+
+ return boost::none;
+ }
}