When RemovePeer is invoked, the specified peer is removed from the "Maintained" connections in NettyP2p, and the connection to said peer is disconnected.
The peer is not added to the blacklist, on the premise that this behaviour will typically be used when peer-discovery is disabled, thus no future connection to the peer in question will be attempted (except via an AddPeer JSON RPC call).
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Maintain a staticnodes.json
The staticnodes.json file resides in the pantheon data directory,
is parsed at startup to determine which peers can be connected
to (aside from bootnodes), and is updated whenever addPeer/removePeer
RPC is invoked.
This file is not updated when finding neighbour peers (ONLY on RPC
call).
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Lower the log level of discovery connections to unreachable networks,
such as a box without IPv6 enabled connecting to an IPv6 peer.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Biggest change is that UnusedVariable and UnusedMethod went to WARN by
default. Since our build is a no warning build this means we either need
to turn them off or fix them. I mostly opted for the latter. Test code
was mostly fixed, unused loggers were deleted, and other shipped code
was mostly suppressed.
Two less noisy fixes to not use `SortedSet` and to use zero based
comparable results instead of -1, 0, and 1. Also a compiler nit in
errorprone was suppressed, per the description it won't affect us.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* refactor NodeWhitelistController -> NodeLocalConfigPermissioningController
* added smart contract permissioning config
* only use SyncStatusProvider if Smart Contract Permissioning enabled
* check we are not adding self enode
* local permissioning controller isPermitted() should return true if either source OR destination is permitted
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-2348] Changes in chain head (new blocks or chain reorgs) should trigger new permissioning check
* [PAN-2348] Changes in chain head (new blocks or chain reorgs) should trigger new permissioning check
* Errorprone
* Fix changes
* Spotless
* PR comments
* Spotless
* Fix test
* Fix javadoc
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-2342] Created SyncStatusNodePermissioningProvider and NodePermissioningController
* Fix block height comparison logic
* Unit test for SyncStatusNodePermissioningProvider
* Add comment about permissioning while not in sync
* PR comments
* Fix missing final
* Fixing unit test
* Unsubscribing from Synchronizer SyncStatus updates after reaching sync
* Fix race condition
* Simplifying synchronization between callbacks
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
The P2P and discovery ports are now always dynamically assigned (set to port 0 when starting pantheon) to guarantee they always select an available port.
This however means you can't determine the ports that will be used or the enode URL for a node before it has started. The main effect of this is that nodes have to use the peer discovery process to discover each other rather than having every node in the network in the boot nodes list. A single node is started first with no bootnodes, then other nodes are started with that node as their bootnode and use peer discovery to find the other nodes as they start.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Start P2P network synchronously so the ports are guaranteed to be known before we write the ports file
Include the P2P TCP port in ports file even when peer discovery is disabled.
Load information from the advertised peer rather than the discovery listening socket.
Fix admin_nodeInfo to include the ?discport param in the enode URI when the discovery port differs from the P2P port.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Adds a PeerValidator that, when the Dao fork milestone is in use, checks that the Dao block is present on each peer when they connect and disconnects them if they are on the wrong chain.
Also:
* Make GetHeadersFromPeer task stricter in validating response matches.
* Update BlockHeadersMessage to return a list of headers
* Add more controls to DeterministicEthScheduler test util
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Reduce logging for invalid peer discovery packets. The message is enough to locate the source of the rejection.
* Reduce ECIESHandshaker logging to trace since it documents a normal flow through the handshake process.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Two changes:
* Stream chains now take up less vertical lines, only breaking on
stream operations.
* Long annotations that span multiple lines no longer have a dangling
parentesis and indent 4 spaces.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* added CLI for permissioning config file path
* added test for --permissions-config-file without param value
* merged changes from NC-1968 and set the config path on the PermissioningConfiguration object when it's created
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Makes Synchronizer responsible for deciding if it has enough peers or not rather than ProtocolManager.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* added test and DSL for node with --no-discovery
* reversed boolean for discovery
* changed to Boolean and arity = 1
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
new JSON rpc call admin_addPeer that lists a peer as a node we should always be connected to
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Lucas Saldanha
Trent Mohay
Chris Mckay
Danno Ferrin
Sally MacFarlane
Adrian Sutton
mbaxter
S. Matthew English
mark-terry