From 1d80155d5e036a0c10dd456ae2772dfa17338b95 Mon Sep 17 00:00:00 2001 From: Felix Lange Date: Mon, 21 Nov 2016 18:11:21 +0100 Subject: [PATCH] p2p/netutil: new package for network utilities The new package contains three things for now: - IP network list parsing and matching - The WSAEMSGSIZE workaround, which is duplicated in p2p/discover and p2p/discv5. --- p2p/netutil/error.go | 25 +++++ p2p/netutil/error_test.go | 73 +++++++++++++ p2p/netutil/net.go | 166 +++++++++++++++++++++++++++++ p2p/netutil/net_test.go | 173 +++++++++++++++++++++++++++++++ p2p/netutil/toobig_notwindows.go | 26 +++++ p2p/netutil/toobig_windows.go | 40 +++++++ 6 files changed, 503 insertions(+) create mode 100644 p2p/netutil/error.go create mode 100644 p2p/netutil/error_test.go create mode 100644 p2p/netutil/net.go create mode 100644 p2p/netutil/net_test.go create mode 100644 p2p/netutil/toobig_notwindows.go create mode 100644 p2p/netutil/toobig_windows.go diff --git a/p2p/netutil/error.go b/p2p/netutil/error.go new file mode 100644 index 000000000..cb21b9cd4 --- /dev/null +++ b/p2p/netutil/error.go @@ -0,0 +1,25 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +package netutil + +// IsTemporaryError checks whether the given error should be considered temporary. +func IsTemporaryError(err error) bool { + tempErr, ok := err.(interface { + Temporary() bool + }) + return ok && tempErr.Temporary() || isPacketTooBig(err) +} diff --git a/p2p/netutil/error_test.go b/p2p/netutil/error_test.go new file mode 100644 index 000000000..645e48f83 --- /dev/null +++ b/p2p/netutil/error_test.go @@ -0,0 +1,73 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +package netutil + +import ( + "net" + "testing" + "time" +) + +// This test checks that isPacketTooBig correctly identifies +// errors that result from receiving a UDP packet larger +// than the supplied receive buffer. +func TestIsPacketTooBig(t *testing.T) { + listener, err := net.ListenPacket("udp", "127.0.0.1:0") + if err != nil { + t.Fatal(err) + } + defer listener.Close() + sender, err := net.Dial("udp", listener.LocalAddr().String()) + if err != nil { + t.Fatal(err) + } + defer sender.Close() + + sendN := 1800 + recvN := 300 + for i := 0; i < 20; i++ { + go func() { + buf := make([]byte, sendN) + for i := range buf { + buf[i] = byte(i) + } + sender.Write(buf) + }() + + buf := make([]byte, recvN) + listener.SetDeadline(time.Now().Add(1 * time.Second)) + n, _, err := listener.ReadFrom(buf) + if err != nil { + if nerr, ok := err.(net.Error); ok && nerr.Timeout() { + continue + } + if !isPacketTooBig(err) { + t.Fatalf("unexpected read error: %v", err) + } + continue + } + if n != recvN { + t.Fatalf("short read: %d, want %d", n, recvN) + } + for i := range buf { + if buf[i] != byte(i) { + t.Fatalf("error in pattern") + break + } + } + } +} diff --git a/p2p/netutil/net.go b/p2p/netutil/net.go new file mode 100644 index 000000000..3c3715788 --- /dev/null +++ b/p2p/netutil/net.go @@ -0,0 +1,166 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +// Package netutil contains extensions to the net package. +package netutil + +import ( + "errors" + "net" + "strings" +) + +var lan4, lan6, special4, special6 Netlist + +func init() { + // Lists from RFC 5735, RFC 5156, + // https://www.iana.org/assignments/iana-ipv4-special-registry/ + lan4.Add("0.0.0.0/8") // "This" network + lan4.Add("10.0.0.0/8") // Private Use + lan4.Add("172.16.0.0/12") // Private Use + lan4.Add("192.168.0.0/16") // Private Use + lan6.Add("fe80::/10") // Link-Local + lan6.Add("fc00::/7") // Unique-Local + special4.Add("192.0.0.0/29") // IPv4 Service Continuity + special4.Add("192.0.0.9/32") // PCP Anycast + special4.Add("192.0.0.170/32") // NAT64/DNS64 Discovery + special4.Add("192.0.0.171/32") // NAT64/DNS64 Discovery + special4.Add("192.0.2.0/24") // TEST-NET-1 + special4.Add("192.31.196.0/24") // AS112 + special4.Add("192.52.193.0/24") // AMT + special4.Add("192.88.99.0/24") // 6to4 Relay Anycast + special4.Add("192.175.48.0/24") // AS112 + special4.Add("198.18.0.0/15") // Device Benchmark Testing + special4.Add("198.51.100.0/24") // TEST-NET-2 + special4.Add("203.0.113.0/24") // TEST-NET-3 + special4.Add("255.255.255.255/32") // Limited Broadcast + + // http://www.iana.org/assignments/iana-ipv6-special-registry/ + special6.Add("100::/64") + special6.Add("2001::/32") + special6.Add("2001:1::1/128") + special6.Add("2001:2::/48") + special6.Add("2001:3::/32") + special6.Add("2001:4:112::/48") + special6.Add("2001:5::/32") + special6.Add("2001:10::/28") + special6.Add("2001:20::/28") + special6.Add("2001:db8::/32") + special6.Add("2002::/16") +} + +// Netlist is a list of IP networks. +type Netlist []net.IPNet + +// ParseNetlist parses a comma-separated list of CIDR masks. +// Whitespace and extra commas are ignored. +func ParseNetlist(s string) (*Netlist, error) { + ws := strings.NewReplacer(" ", "", "\n", "", "\t", "") + masks := strings.Split(ws.Replace(s), ",") + l := make(Netlist, 0) + for _, mask := range masks { + if mask == "" { + continue + } + _, n, err := net.ParseCIDR(mask) + if err != nil { + return nil, err + } + l = append(l, *n) + } + return &l, nil +} + +// Add parses a CIDR mask and appends it to the list. It panics for invalid masks and is +// intended to be used for setting up static lists. +func (l *Netlist) Add(cidr string) { + _, n, err := net.ParseCIDR(cidr) + if err != nil { + panic(err) + } + *l = append(*l, *n) +} + +// Contains reports whether the given IP is contained in the list. +func (l *Netlist) Contains(ip net.IP) bool { + if l == nil { + return false + } + for _, net := range *l { + if net.Contains(ip) { + return true + } + } + return false +} + +// IsLAN reports whether an IP is a local network address. +func IsLAN(ip net.IP) bool { + if ip.IsLoopback() { + return true + } + if v4 := ip.To4(); v4 != nil { + return lan4.Contains(v4) + } + return lan6.Contains(ip) +} + +// IsSpecialNetwork reports whether an IP is located in a special-use network range +// This includes broadcast, multicast and documentation addresses. +func IsSpecialNetwork(ip net.IP) bool { + if ip.IsMulticast() { + return true + } + if v4 := ip.To4(); v4 != nil { + return special4.Contains(v4) + } + return special6.Contains(ip) +} + +var ( + errInvalid = errors.New("invalid IP") + errUnspecified = errors.New("zero address") + errSpecial = errors.New("special network") + errLoopback = errors.New("loopback address from non-loopback host") + errLAN = errors.New("LAN address from WAN host") +) + +// CheckRelayIP reports whether an IP relayed from the given sender IP +// is a valid connection target. +// +// There are four rules: +// - Special network addresses are never valid. +// - Loopback addresses are OK if relayed by a loopback host. +// - LAN addresses are OK if relayed by a LAN host. +// - All other addresses are always acceptable. +func CheckRelayIP(sender, addr net.IP) error { + if len(addr) != net.IPv4len && len(addr) != net.IPv6len { + return errInvalid + } + if addr.IsUnspecified() { + return errUnspecified + } + if IsSpecialNetwork(addr) { + return errSpecial + } + if addr.IsLoopback() && !sender.IsLoopback() { + return errLoopback + } + if IsLAN(addr) && !IsLAN(sender) { + return errLAN + } + return nil +} diff --git a/p2p/netutil/net_test.go b/p2p/netutil/net_test.go new file mode 100644 index 000000000..1ee1fcb4d --- /dev/null +++ b/p2p/netutil/net_test.go @@ -0,0 +1,173 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +package netutil + +import ( + "net" + "reflect" + "testing" + + "github.com/davecgh/go-spew/spew" +) + +func TestParseNetlist(t *testing.T) { + var tests = []struct { + input string + wantErr error + wantList *Netlist + }{ + { + input: "", + wantList: &Netlist{}, + }, + { + input: "127.0.0.0/8", + wantErr: nil, + wantList: &Netlist{{IP: net.IP{127, 0, 0, 0}, Mask: net.CIDRMask(8, 32)}}, + }, + { + input: "127.0.0.0/44", + wantErr: &net.ParseError{Type: "CIDR address", Text: "127.0.0.0/44"}, + }, + { + input: "127.0.0.0/16, 23.23.23.23/24,", + wantList: &Netlist{ + {IP: net.IP{127, 0, 0, 0}, Mask: net.CIDRMask(16, 32)}, + {IP: net.IP{23, 23, 23, 0}, Mask: net.CIDRMask(24, 32)}, + }, + }, + } + + for _, test := range tests { + l, err := ParseNetlist(test.input) + if !reflect.DeepEqual(err, test.wantErr) { + t.Errorf("%q: got error %q, want %q", test.input, err, test.wantErr) + continue + } + if !reflect.DeepEqual(l, test.wantList) { + spew.Dump(l) + spew.Dump(test.wantList) + t.Errorf("%q: got %v, want %v", test.input, l, test.wantList) + } + } +} + +func TestNilNetListContains(t *testing.T) { + var list *Netlist + checkContains(t, list.Contains, nil, []string{"1.2.3.4"}) +} + +func TestIsLAN(t *testing.T) { + checkContains(t, IsLAN, + []string{ // included + "0.0.0.0", + "0.2.0.8", + "127.0.0.1", + "10.0.1.1", + "10.22.0.3", + "172.31.252.251", + "192.168.1.4", + "fe80::f4a1:8eff:fec5:9d9d", + "febf::ab32:2233", + "fc00::4", + }, + []string{ // excluded + "192.0.2.1", + "1.0.0.0", + "172.32.0.1", + "fec0::2233", + }, + ) +} + +func TestIsSpecialNetwork(t *testing.T) { + checkContains(t, IsSpecialNetwork, + []string{ // included + "192.0.2.1", + "192.0.2.44", + "2001:db8:85a3:8d3:1319:8a2e:370:7348", + "255.255.255.255", + "224.0.0.22", // IPv4 multicast + "ff05::1:3", // IPv6 multicast + }, + []string{ // excluded + "192.0.3.1", + "1.0.0.0", + "172.32.0.1", + "fec0::2233", + }, + ) +} + +func checkContains(t *testing.T, fn func(net.IP) bool, inc, exc []string) { + for _, s := range inc { + if !fn(parseIP(s)) { + t.Error("returned false for included address", s) + } + } + for _, s := range exc { + if fn(parseIP(s)) { + t.Error("returned true for excluded address", s) + } + } +} + +func parseIP(s string) net.IP { + ip := net.ParseIP(s) + if ip == nil { + panic("invalid " + s) + } + return ip +} + +func TestCheckRelayIP(t *testing.T) { + tests := []struct { + sender, addr string + want error + }{ + {"127.0.0.1", "0.0.0.0", errUnspecified}, + {"192.168.0.1", "0.0.0.0", errUnspecified}, + {"23.55.1.242", "0.0.0.0", errUnspecified}, + {"127.0.0.1", "255.255.255.255", errSpecial}, + {"192.168.0.1", "255.255.255.255", errSpecial}, + {"23.55.1.242", "255.255.255.255", errSpecial}, + {"192.168.0.1", "127.0.2.19", errLoopback}, + {"23.55.1.242", "192.168.0.1", errLAN}, + + {"127.0.0.1", "127.0.2.19", nil}, + {"127.0.0.1", "192.168.0.1", nil}, + {"127.0.0.1", "23.55.1.242", nil}, + {"192.168.0.1", "192.168.0.1", nil}, + {"192.168.0.1", "23.55.1.242", nil}, + {"23.55.1.242", "23.55.1.242", nil}, + } + + for _, test := range tests { + err := CheckRelayIP(parseIP(test.sender), parseIP(test.addr)) + if err != test.want { + t.Errorf("%s from %s: got %q, want %q", test.addr, test.sender, err, test.want) + } + } +} + +func BenchmarkCheckRelayIP(b *testing.B) { + sender := parseIP("23.55.1.242") + addr := parseIP("23.55.1.2") + for i := 0; i < b.N; i++ { + CheckRelayIP(sender, addr) + } +} diff --git a/p2p/netutil/toobig_notwindows.go b/p2p/netutil/toobig_notwindows.go new file mode 100644 index 000000000..47b643857 --- /dev/null +++ b/p2p/netutil/toobig_notwindows.go @@ -0,0 +1,26 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +//+build !windows + +package netutil + +// isPacketTooBig reports whether err indicates that a UDP packet didn't +// fit the receive buffer. There is no such error on +// non-Windows platforms. +func isPacketTooBig(err error) bool { + return false +} diff --git a/p2p/netutil/toobig_windows.go b/p2p/netutil/toobig_windows.go new file mode 100644 index 000000000..dfbb6d44f --- /dev/null +++ b/p2p/netutil/toobig_windows.go @@ -0,0 +1,40 @@ +// Copyright 2016 The go-ethereum Authors +// This file is part of the go-ethereum library. +// +// The go-ethereum library is free software: you can redistribute it and/or modify +// it under the terms of the GNU Lesser General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// The go-ethereum library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the go-ethereum library. If not, see . + +//+build windows + +package netutil + +import ( + "net" + "os" + "syscall" +) + +const _WSAEMSGSIZE = syscall.Errno(10040) + +// isPacketTooBig reports whether err indicates that a UDP packet didn't +// fit the receive buffer. On Windows, WSARecvFrom returns +// code WSAEMSGSIZE and no data if this happens. +func isPacketTooBig(err error) bool { + if opErr, ok := err.(*net.OpError); ok { + if scErr, ok := opErr.Err.(*os.SyscallError); ok { + return scErr.Err == _WSAEMSGSIZE + } + return opErr.Err == _WSAEMSGSIZE + } + return false +}