diff --git a/api/api_net.go b/api/api_net.go index 7dddb09ac..74581e3ac 100644 --- a/api/api_net.go +++ b/api/api_net.go @@ -51,6 +51,10 @@ type Net interface { NetBlockRemove(ctx context.Context, acl NetBlockList) error //perm:admin NetBlockList(ctx context.Context) (NetBlockList, error) //perm:read + NetProtectAdd(ctx context.Context, acl []peer.ID) error //perm:admin + NetProtectRemove(ctx context.Context, acl []peer.ID) error //perm:admin + NetProtectList(ctx context.Context) ([]peer.ID, error) //perm:read + // ResourceManager API NetStat(ctx context.Context, scope string) (NetStat, error) //perm:read NetLimit(ctx context.Context, scope string) (NetLimit, error) //perm:read diff --git a/api/mocks/mock_full.go b/api/mocks/mock_full.go index e985a794d..49c49e22e 100644 --- a/api/mocks/mock_full.go +++ b/api/mocks/mock_full.go @@ -1856,6 +1856,49 @@ func (mr *MockFullNodeMockRecorder) NetPeers(arg0 interface{}) *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetPeers", reflect.TypeOf((*MockFullNode)(nil).NetPeers), arg0) } +// NetProtectAdd mocks base method. +func (m *MockFullNode) NetProtectAdd(arg0 context.Context, arg1 []peer.ID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectAdd", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// NetProtectAdd indicates an expected call of NetProtectAdd. +func (mr *MockFullNodeMockRecorder) NetProtectAdd(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectAdd", reflect.TypeOf((*MockFullNode)(nil).NetProtectAdd), arg0, arg1) +} + +// NetProtectList mocks base method. +func (m *MockFullNode) NetProtectList(arg0 context.Context) ([]peer.ID, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectList", arg0) + ret0, _ := ret[0].([]peer.ID) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// NetProtectList indicates an expected call of NetProtectList. +func (mr *MockFullNodeMockRecorder) NetProtectList(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectList", reflect.TypeOf((*MockFullNode)(nil).NetProtectList), arg0) +} + +// NetProtectRemove mocks base method. +func (m *MockFullNode) NetProtectRemove(arg0 context.Context, arg1 []peer.ID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectRemove", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// NetProtectRemove indicates an expected call of NetProtectRemove. +func (mr *MockFullNodeMockRecorder) NetProtectRemove(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectRemove", reflect.TypeOf((*MockFullNode)(nil).NetProtectRemove), arg0, arg1) +} + // NetPubsubScores mocks base method. func (m *MockFullNode) NetPubsubScores(arg0 context.Context) ([]api.PubsubScore, error) { m.ctrl.T.Helper() diff --git a/api/proxy_gen.go b/api/proxy_gen.go index e9bf130a7..a4024ab72 100644 --- a/api/proxy_gen.go +++ b/api/proxy_gen.go @@ -593,6 +593,12 @@ type NetStruct struct { NetPeers func(p0 context.Context) ([]peer.AddrInfo, error) `perm:"read"` + NetProtectAdd func(p0 context.Context, p1 []peer.ID) error `perm:"admin"` + + NetProtectList func(p0 context.Context) ([]peer.ID, error) `perm:"read"` + + NetProtectRemove func(p0 context.Context, p1 []peer.ID) error `perm:"admin"` + NetPubsubScores func(p0 context.Context) ([]PubsubScore, error) `perm:"read"` NetSetLimit func(p0 context.Context, p1 string, p2 NetLimit) error `perm:"admin"` @@ -3672,6 +3678,39 @@ func (s *NetStub) NetPeers(p0 context.Context) ([]peer.AddrInfo, error) { return *new([]peer.AddrInfo), ErrNotSupported } +func (s *NetStruct) NetProtectAdd(p0 context.Context, p1 []peer.ID) error { + if s.Internal.NetProtectAdd == nil { + return ErrNotSupported + } + return s.Internal.NetProtectAdd(p0, p1) +} + +func (s *NetStub) NetProtectAdd(p0 context.Context, p1 []peer.ID) error { + return ErrNotSupported +} + +func (s *NetStruct) NetProtectList(p0 context.Context) ([]peer.ID, error) { + if s.Internal.NetProtectList == nil { + return *new([]peer.ID), ErrNotSupported + } + return s.Internal.NetProtectList(p0) +} + +func (s *NetStub) NetProtectList(p0 context.Context) ([]peer.ID, error) { + return *new([]peer.ID), ErrNotSupported +} + +func (s *NetStruct) NetProtectRemove(p0 context.Context, p1 []peer.ID) error { + if s.Internal.NetProtectRemove == nil { + return ErrNotSupported + } + return s.Internal.NetProtectRemove(p0, p1) +} + +func (s *NetStub) NetProtectRemove(p0 context.Context, p1 []peer.ID) error { + return ErrNotSupported +} + func (s *NetStruct) NetPubsubScores(p0 context.Context) ([]PubsubScore, error) { if s.Internal.NetPubsubScores == nil { return *new([]PubsubScore), ErrNotSupported diff --git a/api/v0api/v0mocks/mock_full.go b/api/v0api/v0mocks/mock_full.go index 26d795940..e18c8bfe7 100644 --- a/api/v0api/v0mocks/mock_full.go +++ b/api/v0api/v0mocks/mock_full.go @@ -1769,6 +1769,49 @@ func (mr *MockFullNodeMockRecorder) NetPeers(arg0 interface{}) *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetPeers", reflect.TypeOf((*MockFullNode)(nil).NetPeers), arg0) } +// NetProtectAdd mocks base method. +func (m *MockFullNode) NetProtectAdd(arg0 context.Context, arg1 []peer.ID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectAdd", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// NetProtectAdd indicates an expected call of NetProtectAdd. +func (mr *MockFullNodeMockRecorder) NetProtectAdd(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectAdd", reflect.TypeOf((*MockFullNode)(nil).NetProtectAdd), arg0, arg1) +} + +// NetProtectList mocks base method. +func (m *MockFullNode) NetProtectList(arg0 context.Context) ([]peer.ID, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectList", arg0) + ret0, _ := ret[0].([]peer.ID) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// NetProtectList indicates an expected call of NetProtectList. +func (mr *MockFullNodeMockRecorder) NetProtectList(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectList", reflect.TypeOf((*MockFullNode)(nil).NetProtectList), arg0) +} + +// NetProtectRemove mocks base method. +func (m *MockFullNode) NetProtectRemove(arg0 context.Context, arg1 []peer.ID) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "NetProtectRemove", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// NetProtectRemove indicates an expected call of NetProtectRemove. +func (mr *MockFullNodeMockRecorder) NetProtectRemove(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NetProtectRemove", reflect.TypeOf((*MockFullNode)(nil).NetProtectRemove), arg0, arg1) +} + // NetPubsubScores mocks base method. func (m *MockFullNode) NetPubsubScores(arg0 context.Context) ([]api.PubsubScore, error) { m.ctrl.T.Helper() diff --git a/build/openrpc/full.json.gz b/build/openrpc/full.json.gz index 7dec77e7c..7ca70d7d9 100644 Binary files a/build/openrpc/full.json.gz and b/build/openrpc/full.json.gz differ diff --git a/build/openrpc/miner.json.gz b/build/openrpc/miner.json.gz index 111e38922..28c24c07b 100644 Binary files a/build/openrpc/miner.json.gz and b/build/openrpc/miner.json.gz differ diff --git a/build/openrpc/worker.json.gz b/build/openrpc/worker.json.gz index d29e027ba..97250a335 100644 Binary files a/build/openrpc/worker.json.gz and b/build/openrpc/worker.json.gz differ diff --git a/documentation/en/api-v0-methods-miner.md b/documentation/en/api-v0-methods-miner.md index 4699c8fe8..9da6809be 100644 --- a/documentation/en/api-v0-methods-miner.md +++ b/documentation/en/api-v0-methods-miner.md @@ -89,6 +89,9 @@ * [NetLimit](#NetLimit) * [NetPeerInfo](#NetPeerInfo) * [NetPeers](#NetPeers) + * [NetProtectAdd](#NetProtectAdd) + * [NetProtectList](#NetProtectList) + * [NetProtectRemove](#NetProtectRemove) * [NetPubsubScores](#NetPubsubScores) * [NetSetLimit](#NetSetLimit) * [NetStat](#NetStat) @@ -1854,6 +1857,52 @@ Response: ] ``` +### NetProtectAdd + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + +### NetProtectList + + +Perms: read + +Inputs: `null` + +Response: +```json +[ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" +] +``` + +### NetProtectRemove + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + ### NetPubsubScores diff --git a/documentation/en/api-v0-methods.md b/documentation/en/api-v0-methods.md index 883d4d274..16e867752 100644 --- a/documentation/en/api-v0-methods.md +++ b/documentation/en/api-v0-methods.md @@ -131,6 +131,9 @@ * [NetLimit](#NetLimit) * [NetPeerInfo](#NetPeerInfo) * [NetPeers](#NetPeers) + * [NetProtectAdd](#NetProtectAdd) + * [NetProtectList](#NetProtectList) + * [NetProtectRemove](#NetProtectRemove) * [NetPubsubScores](#NetPubsubScores) * [NetSetLimit](#NetSetLimit) * [NetStat](#NetStat) @@ -3905,6 +3908,52 @@ Response: ] ``` +### NetProtectAdd + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + +### NetProtectList + + +Perms: read + +Inputs: `null` + +Response: +```json +[ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" +] +``` + +### NetProtectRemove + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + ### NetPubsubScores diff --git a/documentation/en/api-v1-unstable-methods.md b/documentation/en/api-v1-unstable-methods.md index a5fdd9994..0ff7bc8c8 100644 --- a/documentation/en/api-v1-unstable-methods.md +++ b/documentation/en/api-v1-unstable-methods.md @@ -137,6 +137,9 @@ * [NetLimit](#NetLimit) * [NetPeerInfo](#NetPeerInfo) * [NetPeers](#NetPeers) + * [NetProtectAdd](#NetProtectAdd) + * [NetProtectList](#NetProtectList) + * [NetProtectRemove](#NetProtectRemove) * [NetPubsubScores](#NetPubsubScores) * [NetSetLimit](#NetSetLimit) * [NetStat](#NetStat) @@ -4266,6 +4269,52 @@ Response: ] ``` +### NetProtectAdd + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + +### NetProtectList + + +Perms: read + +Inputs: `null` + +Response: +```json +[ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" +] +``` + +### NetProtectRemove + + +Perms: admin + +Inputs: +```json +[ + [ + "12D3KooWGzxzKZYveHXtpG6AsrUJBcWxHBFS2HsEoGTxrMLvKXtf" + ] +] +``` + +Response: `{}` + ### NetPubsubScores diff --git a/documentation/en/default-lotus-miner-config.toml b/documentation/en/default-lotus-miner-config.toml index 6fad2700c..c0392cc4a 100644 --- a/documentation/en/default-lotus-miner-config.toml +++ b/documentation/en/default-lotus-miner-config.toml @@ -258,38 +258,24 @@ [IndexProvider] - # The maximum number of multihash chunk links that index provider cache can store before - # LRU eviction. If chunks belonging to a single advertisement are larger than the cache can - # hold, the cache is resized to be able to hold all links. The actual disk usage depends on - # LinkedChunkSize and the length of multihashes. For example, for 128-bit long multihashes - # with the default LinkedChunkSize, and LinkCacheSize the cache size can grow to 256MiB. - # - # type int # env var: LOTUS_INDEXPROVIDER_LINKCACHESIZE #LinkCacheSize = 1024 - # The number of multihashes in each chunk of the - # advertised multihash entries linked list. If multihashes are 128-bit, then - # setting LinkedChunkSize = 16384 will result in blocks of 0.25MiB when - # full. - # - # type int # env var: LOTUS_INDEXPROVIDER_LINKEDCHUNKSIZE #LinkedChunkSize = 16384 - # The gossipsub topic name used to publish change to the advertised content. - # # env var: LOTUS_INDEXPROVIDER_PUBSUBTOPIC #PubSubTopic = "/indexer/ingest/mainnet" - # Whether to purge all cached entries on start-up. - # # env var: LOTUS_INDEXPROVIDER_PURGELINKCACHE #PurgeLinkCache = false - # Binding address for the libp2p host contacted by indexer nodes to sync the list of advertised - # multihashes. Note that when port is set to 0 a random port is generated at runtime and may be - # different on every restart. The format of the strings specified must conform to multiaddress; + # env var: LOTUS_INDEXPROVIDER_PUBLISHERKIND + #PublisherKind = "dtsync" + + # Binding address for the libp2p host contacted by indexer nodes to sync the list of advertised + # multihashes. Note that when port is set to 0 a random port is generated at runtime and may be + # different on every restart. The format of the strings specified must conform to multiaddress; # see https://multiformats.io/multiaddr/ # # type: []string @@ -304,13 +290,17 @@ # env var: LOTUS_INDEXPROVIDER_ANNOUNCEADDRESSES #AnnounceAddresses = [] - # The maximum number of simultaneous requests syncing the list of advertised multihashes between + # The maximum number of simultaneous requests syncing the list of advertised multihashes between # the indexers and the index provider. # # type: uint64 # env var: LOTUS_INDEXPROVIDER_MAXSIMULTANEOUSTRANSFERS #MaxSimultaneousTransfers = 20 + [IndexProvider.HttpPublisher] + # env var: LOTUS_INDEXPROVIDER_HTTPPUBLISHER_LISTENMULTIADDR + #ListenMultiaddr = "/ip4/0.0.0.0/tcp/3104/http" + [Sealing] # Upper bound on how many sectors can be waiting for more deals to be packed in it before it begins sealing at any given time. diff --git a/node/impl/net/protect.go b/node/impl/net/protect.go new file mode 100644 index 000000000..172898504 --- /dev/null +++ b/node/impl/net/protect.go @@ -0,0 +1,35 @@ +package net + +import ( + "context" + + "github.com/libp2p/go-libp2p-core/peer" +) + +const apiProtectTag = "api" + +func (a *NetAPI) NetProtectAdd(ctx context.Context, peers []peer.ID) error { + for _, p := range peers { + a.Host.ConnManager().Protect(p, apiProtectTag) + } + + return nil +} + +func (a *NetAPI) NetProtectRemove(ctx context.Context, peers []peer.ID) error { + for _, p := range peers { + a.Host.ConnManager().Unprotect(p, apiProtectTag) + } + + return nil +} + +func (a *NetAPI) NetProtectList(ctx context.Context) (result []peer.ID, err error) { + for _, conn := range a.Host.Network().Conns() { + if a.Host.ConnManager().IsProtected(conn.RemotePeer(), apiProtectTag) { + result = append(result, conn.RemotePeer()) + } + } + + return +}