* replace whitelist/blacklist with allowlist/denylist and support both versions in CLI options
Signed-off-by: Sally MacFarlane <sally.macfarlane@consensys.net>
DevP2P packets expiration fields should be in seconds past the epoch,
not milliseconds past the epoch.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Don't respond to neighbors and ping packets that have an expiration
prior to the system's current time.
Addresses two tests in #975
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Increase Netty threadpool size for handshake handling
It was found that all ECIES handhshaking is taking place in
an NioEventLoop of being serviced by one worker.
This in turn meant that, during periods of high demand,
many potential peers were timing out (as the latter peers
had to wait for earlier peers to complete prior to
being serviced).
This change grows the threadpool to 10 (arbitrarily selected),
which minimises the number of peers waiting for connectivity.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Co-authored-by: Jason Frame <jasonwframe@gmail.com>
IbftRound has been updated to accept Signing errors (eg no signature supplier available) and
continue operating if possible.
This also catches failures in signing and ECDH Key agreement
creation during discovery and handshaking.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Some of our loggers were not private, static, and final. In a few
cases these were non-static fields in classes that were repeatedly
instantiated in core transaction logic.
This is enforced via a new ErrorProne check, so the PR includes fixes
for all of the places this was a problem, not just the performance
impacting code.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
This change allows the newly defined "SecurityModule" to work against a generic API, while the NodeKey interface adapts these generic types to the types already used throughout Besu (i.e. those defined in Secp256k1).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Update BesuController to use the NodeKey, rather than working with KeyPair - which in turn allows the crypto operations to be injected.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
It was identified that during the creation of injectable crypto, that the NodeKey effectively offered duplicated functionality between ECDH and ECIES key agreements. The ECIES was superfluous and has been removed.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Update the Handhshaking classes to use an injected NodeKey object for ECIES encryption.
This has necessitated an update of NodeKey to support the creation of Key and ECIES agreement creation.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
The NodeKey class is now used through the Discovery protocol (as well as the IBFT2).
However RLPx continues to access the node's keyPair (and underlying private key).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
This PR introduces functionality to conform with ECIP-1061
https://ecips.ethereumclassic.org/ECIPs/ecip-1061
Signed-off-by: edwardmack <ed@edwardmack.com>
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Co-authored-by: Danno Ferrin <danno.ferrin@shemnon.com>
This was turned off a number of months ago because of long build times.
However it appears either because of code structure changes or fixed
errorprone that this finishes in a reasonable time now.
Code that violated this check is also fixed.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
There are a whole class of errors in the deframer that come from
IllegalArgumentExceptions. Those are thrown when Besu validates incoming
data. Because Besu is not the source of these errors we should not log
them any higher than DEBUG.
The most common one is `Caused by: java.lang.IllegalArgumentException:
Invalid node id. Expected id of length: 64 bytes.` and this is coming
from a non-conforming client connecting to Besu.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
(a) Setting classic block to zero requires all blocks at zero to have the mainnet 1920000 hash. That will never happen. No clients will sync as long as this is in place
(b) a full sync fails
```
2019-11-18 10:46:51.301-07:00 | EthScheduler-Services-5 (importBlock) | WARN | MainnetBlockBodyValidator | Invalid block: state root mismatch (expected=0xb8df31366db4c4dd0076bc0ddaffdeceba6c882681108cc000db9bc5f85c300c, actual=0xf4344e62f031897ff61f9e02a465b3d13f983220f52f1e452690448dc366a2ee)
```
Probably a bug in besu code, but until that bug is sussed out we can't support mordor.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
This includes code to address reading config for classic network and
kotti test network.
ClassicForkPeerValidator checks peers at classicForkBlock (same as Dao
Fork Block) and connects with peers that did not do the Dao Fork and
continued on the classic network.
Signed-off-by: edwardmack <ed@edwardmack.com>
When setting the p2p port to zero and turning on UPNP nat an attempt is
made to map port zero. This should actually map the opened port
instead.
The core logic is also now set up to throw an exception if a zero local
port is requested.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* adding in spdx-license-identifier & updated check for the same; removing license check from spotless
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
* Change CheckSpdxHeader to a task.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Update discovery logic to consider a peer with an unknown discovery endpoint to be unknown regardless of whether we've encountered a peer with the same node id before. This makes the discovery logic more forgiving in the face of node restarts.
If nodeA bonds with nodeB, then nodeB leaves the network and later comes back with a different ip address or listening port, nodeA would previously continue trying to communicate with nodeB at its original address. With these changes, nodeA will now treat the restarted nodeB as a new peer and communicate with it on its updated endpoint. Additionally, nodeB's information will be updated in the peer table so that neighbors requests return updated information on this node.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
This reverts commit 814b36e4
The needed chantes to get rid of Instant.now (which is also needed to get rid
of the wall clock dependency) are too deep and intrusive into IBFT to try and
speed patch them in that some APIs require re-work, so in the interst of test
stability this gets sheleved until it is all ready.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
To allow us to reset the timestamp in the blockchain for Retesteth support
we need to pass a Clock to affected APIs and use that instead of the static method
System.currentTimeMillis(). The most consistent way to do this that will ensure
that the API does not sneak back in is to ban the method via ErrorProne.
TestClock.fixed() was altered to return the "now" time of the first time the fixed clock was requested, needed for many header validation tasks validating headers are not from the future.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Fix bugs
Fix remote connection fraction calculation (order of operations bug),
remove early return, allow all remote connections to be prohibited,
change disconnect reason to TOO_MANY_PEERS.
* Fix comment
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-1683] Limit the fraction of wire connections initiated by peers
To protect against eclipse attacks, we should not allow all of our wire connections to be initiated from network peers. Some fraction of wire connections should be initiated by our node by connecting to peers in our discovery peer table. This PR ensures the fraction abides the limit.
* change fraction default value and add tests
* make fraction of remote wire connections configurable
- add a cli option to configure the fraction: `--fraction-remote-connections-allowed`
- introduce `Fraction` class to handle the conversion of the CLI option to a double and check if the value is between 0.0 and 1.0
- add tests
- fix broken tests
* remove unused local variable
* fix RunnerTest
* set fraction to 1.0 in PantheonFactoryConfigurationBuilder
* update test
* Introduce --limit-remote-wire-connections-enabled
* fix unused field
* fix conflict
* Update ethereum/p2p/src/main/java/tech/pegasys/pantheon/ethereum/p2p/rlpx/RlpxAgent.java
Co-Authored-By: Danno Ferrin <danno.ferrin@shemnon.com>
* Update ethereum/p2p/src/main/java/tech/pegasys/pantheon/ethereum/p2p/rlpx/RlpxAgent.java
Co-Authored-By: Danno Ferrin <danno.ferrin@shemnon.com>
* Update ethereum/p2p/src/main/java/tech/pegasys/pantheon/ethereum/p2p/rlpx/RlpxAgent.java
Co-Authored-By: Danno Ferrin <danno.ferrin@shemnon.com>
* fix PR discussion and tests
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>