From 0bc53fe23cb228d102c77d4587cca438a4a5bc79 Mon Sep 17 00:00:00 2001 From: Savinda Senevirathne Date: Wed, 9 Dec 2020 13:34:40 +0530 Subject: [PATCH] Review UNL message rules. (#188) --- src/conf.hpp | 5 +++-- src/consensus.cpp | 4 ++-- src/ledger.cpp | 2 +- src/msg/fbuf/p2pmsg_helpers.cpp | 10 +++++----- src/p2p/p2p.cpp | 4 ++-- src/p2p/peer_session_handler.cpp | 8 ++++---- src/sc.cpp | 12 +++++++----- src/unl.cpp | 17 +++++++++++++---- 8 files changed, 37 insertions(+), 25 deletions(-) diff --git a/src/conf.hpp b/src/conf.hpp index 00f77399..23d12f65 100644 --- a/src/conf.hpp +++ b/src/conf.hpp @@ -81,6 +81,7 @@ namespace conf std::string seckey; // Contract secret key bytes std::vector runtime_binexec_args; // Contract binary execution args used during runtime. std::vector runtime_appbill_args; // Appbill execution args used during runtime. + bool is_unl = false; // Indicate whether we are a unl node or not. // Config elements which are loaded from the config file. std::string contractid; // Contract guid. @@ -114,8 +115,8 @@ namespace conf uint16_t peermaxcons = 0; // Max peer connections uint16_t peermaxknowncons = 0; // Max known peer connections - bool is_consensus_public = false; // If true, consensus are broadcasted to untrusted nodes as well. - bool is_npl_public = false; // If true, npl messages are broadcasted to untrusted nodes as well. + bool is_consensus_public = false; // If true, consensus are broadcasted to non-unl nodes as well. + bool is_npl_public = false; // If true, npl messages are broadcasted to non-unl nodes as well. bool msgforwarding = false; // Whether peer message forwarding is on/off. bool dynamicpeerdiscovery = false; // Whether dynamic peer discovery is on/off. diff --git a/src/consensus.cpp b/src/consensus.cpp index 11a0b909..6127c752 100644 --- a/src/consensus.cpp +++ b/src/consensus.cpp @@ -211,7 +211,7 @@ namespace consensus // Start unl sync if we are out-of-sync with majority unl. if (is_unl_desync) { - conf::change_operating_mode(conf::OPERATING_MODE::OBSERVER); + conf::change_operating_mode(conf::OPERATING_MODE::OBSERVER); unl::set_sync_target(majority_unl); } @@ -671,7 +671,7 @@ namespace consensus void broadcast_proposal(const p2p::proposal &p) { // In observer mode, we do not send out proposals. - if (conf::cfg.operating_mode == conf::OPERATING_MODE::OBSERVER) + if (conf::cfg.operating_mode == conf::OPERATING_MODE::OBSERVER || !conf::cfg.is_unl) // If we are a non-unl node, do not broadcast proposals. return; flatbuffers::FlatBufferBuilder fbuf(1024); diff --git a/src/ledger.cpp b/src/ledger.cpp index 5b6d6fd0..78c0057a 100644 --- a/src/ledger.cpp +++ b/src/ledger.cpp @@ -304,7 +304,7 @@ namespace ledger p2pmsg::create_msg_from_history_response(fbuf, resp); std::string_view msg = msg::fbuf::flatbuff_bytes_to_sv(fbuf.GetBufferPointer(), fbuf.GetSize()); - // Find the peer that we should send the state response to. + // Find the peer that we should send the history response to. std::scoped_lock lock(p2p::ctx.peer_connections_mutex); const auto peer_itr = p2p::ctx.peer_connections.find(session_id); diff --git a/src/msg/fbuf/p2pmsg_helpers.cpp b/src/msg/fbuf/p2pmsg_helpers.cpp index 9ea84245..a97f2eef 100644 --- a/src/msg/fbuf/p2pmsg_helpers.cpp +++ b/src/msg/fbuf/p2pmsg_helpers.cpp @@ -89,9 +89,9 @@ namespace msg::fbuf::p2pmsg } /** - * Validates the container message signing keys to see if the message is from a trusted source (UNL). - * @return 0 on successful verification. -1 for failure. - */ + * Validates the container message signing keys to see if the message is from a trusted source (UNL). + * @return 0 on successful verification. -1 for failure. + */ int validate_container_trust(const Container *container) { std::string_view msg_pubkey = flatbuff_bytes_to_sv(container->pubkey()); @@ -103,10 +103,10 @@ namespace msg::fbuf::p2pmsg return -1; } - //validate if the message is not from a node listed in this node's unl list. + //validate if the message is not from a unl node. if (!unl::exists(std::string(msg_pubkey))) { - LOG_DEBUG << "Peer message pubkey verification failed. Not in UNL."; + LOG_DEBUG << "Peer message pubkey verification failed. Not a UNL node."; return -1; } diff --git a/src/p2p/p2p.cpp b/src/p2p/p2p.cpp index b605c49d..d694724a 100644 --- a/src/p2p/p2p.cpp +++ b/src/p2p/p2p.cpp @@ -157,7 +157,7 @@ namespace p2p * @param fbuf Peer outbound message to be broadcasted. * @param send_to_self Whether to also send the message to self (this node). * @param is_msg_forwarding Whether this broadcast is for message forwarding. - * @param unl_only Whether this broadcast is only for the trusted nodes. + * @param unl_only Whether this broadcast is only for the unl nodes. */ void broadcast_message(const flatbuffers::FlatBufferBuilder &fbuf, const bool send_to_self, const bool is_msg_forwarding, const bool unl_only) { @@ -171,7 +171,7 @@ namespace p2p * Broadcast the given message to all connected outbound peers. * @param message Message to be forwarded. * @param is_msg_forwarding Whether this broadcast is for message forwarding. - * @param unl_only Whether this broadcast is only for the trusted nodes. + * @param unl_only Whether this broadcast is only for the unl nodes. * @param skipping_session Session to be skipped in message forwarding(optional). */ void broadcast_message(std::string_view message, const bool send_to_self, const bool is_msg_forwarding, const bool unl_only, const peer_comm_session *skipping_session) diff --git a/src/p2p/peer_session_handler.cpp b/src/p2p/peer_session_handler.cpp index 9f97ae06..cb14fff3 100644 --- a/src/p2p/peer_session_handler.cpp +++ b/src/p2p/peer_session_handler.cpp @@ -82,8 +82,8 @@ namespace p2p // Check whether the message is qualified for message forwarding. if (p2p::validate_for_peer_msg_forwarding(session, container, content_message_type)) { - // Npl messages and consensus proposals are forwarded only to trusted peers if relavent flags (npl and consensus) are set to private. - // If consensus and npl flags are public, these messages are forward to all the connected peers. + // Npl messages and consensus proposals are forwarded only to unl nodes if relavent flags (npl and consensus) are set to private. + // If consensus and npl flags are public, these messages are forward to all the connected nodes. const bool unl_only = (!conf::cfg.is_npl_public && content_message_type == p2pmsg::Message_Npl_Message) || (!conf::cfg.is_consensus_public && content_message_type == p2pmsg::Message_Proposal_Message); if (session.need_consensus_msg_forwarding) @@ -160,7 +160,7 @@ namespace p2p } else if (content_message_type == p2pmsg::Message_Proposal_Message) // message is a proposal message { - // We only trust proposals coming from trusted peers. + // We only trust proposals coming from UNL peers. if (p2pmsg::validate_container_trust(container) != 0) { session.increment_metric(comm::SESSION_THRESHOLDS::MAX_BADSIGMSGS_PER_MINUTE, 1); @@ -275,7 +275,7 @@ namespace p2p } else if (content_message_type == p2pmsg::Message_Unl_Response_Message) //message is a unl response message. { - if (unl::sync_ctx.is_syncing) // Only accept history responses if ledger is syncing. + if (unl::sync_ctx.is_syncing) // Only accept unl responses if unl list is syncing. { // Check the cap and insert response with lock. std::scoped_lock lock(unl::sync_ctx.list_mutex); diff --git a/src/sc.cpp b/src/sc.cpp index a21dc5eb..128de1e0 100644 --- a/src/sc.cpp +++ b/src/sc.cpp @@ -507,21 +507,23 @@ namespace sc else if (res > 0) { // Broadcast npl messages once contract npl output is collected. - // If the npl messages are set to private, broadcast only to the trusted peers. - // If it is public, broadcast to all the connected peers. - if (conf::cfg.is_npl_public || unl::exists(conf::cfg.pubkey)) - broadcast_npl_output(output); + broadcast_npl_output(output); } return (res > 0) ? 1 : 0; } /** - * Broadcast npl messages to peers. + * Broadcast npl messages to peers. If the npl messages are set to private, broadcast only to the unl nodes. + * If it is public, broadcast to all the connected nodes. Npl messages are not sent in observer mode. * @param output Npl message to be broadcasted. */ void broadcast_npl_output(std::string_view output) { + // In observer mode, we do not send out npl messages. + if (conf::cfg.operating_mode == conf::OPERATING_MODE::OBSERVER || !conf::cfg.is_unl) // If we are a non-unl node, do not broadcast npl messages. + return; + if (!output.empty()) { flatbuffers::FlatBufferBuilder fbuf(1024); diff --git a/src/unl.cpp b/src/unl.cpp index b575ee15..ceaa9a09 100644 --- a/src/unl.cpp +++ b/src/unl.cpp @@ -36,6 +36,8 @@ namespace unl std::unique_lock lock(unl_mutex); list = conf::cfg.unl; + // Update the own node's unl status. + conf::cfg.is_unl = (list.find(conf::cfg.pubkey) != list.end()); update_json_list(); hash = calculate_hash(list); sync_ctx.unl_sync_thread = std::thread(unl_syncer_loop); @@ -106,10 +108,15 @@ namespace unl is_updated = true; } - update_json_list(); - conf::persist_unl_update(list); - hash = calculate_hash(list); - LOG_INFO << "UNL updated. Count:" << list.size(); + if (is_updated) + { + update_json_list(); + conf::persist_unl_update(list); + hash = calculate_hash(list); + LOG_INFO << "UNL updated. Count:" << list.size(); + // Update the own node's unl status. + conf::cfg.is_unl = (list.find(conf::cfg.pubkey) != list.end()); + } } // Update the is_unl flag of peer sessions. @@ -137,6 +144,8 @@ namespace unl update_json_list(); conf::persist_unl_update(list); hash = new_unl_hash; + // Update the own node's unl status. + conf::cfg.is_unl = (list.find(conf::cfg.pubkey) != list.end()); } // Update the is_unl flag of peer sessions.