From 0a6bc0d1013dfd80ab600e8f74c1544b433ece29 Mon Sep 17 00:00:00 2001 From: Alex Potsides Date: Wed, 27 Jan 2021 13:55:26 +0000 Subject: [PATCH] feat: add UPnP NAT manager (#810) * feat: add uPnP nat manager Adds a really basic nat manager that attempts to use UPnP to punch a hole through your router for any IPV4 tcp addresses you have configured. Adds any configured addresses to the node's observed addresses list and adds observed addresses to `libp2p.multiaddrs` so we exchange them with peers when performing `identify` and people can dial you. Adds configuration options under `config.nat` Hole punching is async to not affect start up time. Co-authored-by: Vasco Santos --- .aegir.js | 5 +- doc/API.md | 9 + doc/CONFIGURATION.md | 37 ++++ package.json | 8 +- src/address-manager/index.js | 64 ++++++- src/config.js | 10 + src/identify/index.js | 4 +- src/index.js | 48 ++++- src/nat-manager.js | 168 +++++++++++++++++ test/addresses/address-manager.spec.js | 84 ++++++++- test/addresses/addresses.node.js | 22 +++ test/core/consume-peer-record.spec.js | 46 +++++ test/dialing/direct.node.js | 2 +- test/identify/index.spec.js | 10 +- test/nat-manager/nat-manager.node.js | 244 +++++++++++++++++++++++++ test/utils/base-options.js | 3 + 16 files changed, 742 insertions(+), 22 deletions(-) create mode 100644 src/nat-manager.js create mode 100644 test/core/consume-peer-record.spec.js create mode 100644 test/nat-manager/nat-manager.node.js diff --git a/.aegir.js b/.aegir.js index a727c36e..0e01a441 100644 --- a/.aegir.js +++ b/.aegir.js @@ -31,6 +31,9 @@ const before = async () => { enabled: true, active: false } + }, + nat: { + enabled: false } } }) @@ -45,7 +48,7 @@ const after = async () => { } module.exports = { - bundlesize: { maxSize: '260kB' }, + bundlesize: { maxSize: '215kB' }, hooks: { pre: before, post: after diff --git a/doc/API.md b/doc/API.md index 222ef660..21e144b0 100644 --- a/doc/API.md +++ b/doc/API.md @@ -2055,6 +2055,15 @@ This event will be triggered anytime we are disconnected from another peer, rega - `peerId`: instance of [`PeerId`][peer-id] - `protocols`: array of known, supported protocols for the peer (string identifiers) +### libp2p.addressManager + +#### Our addresses have changed + +This could be in response to a peer telling us about addresses they have observed, or +the NatManager performing NAT hole punching. + +`libp2p.addressManager.on('change:addresses', () => {})` + ## Types ### Stats diff --git a/doc/CONFIGURATION.md b/doc/CONFIGURATION.md index f9e80194..04993dc9 100644 --- a/doc/CONFIGURATION.md +++ b/doc/CONFIGURATION.md @@ -28,6 +28,9 @@ - [Configuring Metrics](#configuring-metrics) - [Configuring PeerStore](#configuring-peerstore) - [Customizing Transports](#customizing-transports) + - [Configuring the NAT Manager](#configuring-the-nat-manager) + - [Browser support](#browser-support) + - [UPnP and NAT-PMP](#upnp-and-nat-pmp) - [Configuration examples](#configuration-examples) ## Overview @@ -733,6 +736,40 @@ const node = await Libp2p.create({ }) ``` +#### Configuring the NAT Manager + +Network Address Translation (NAT) is a function performed by your router to enable multiple devices on your local network to share a single IPv4 address. It's done transparently for outgoing connections, ensuring the correct response traffic is routed to your computer, but if you wish to accept incoming connections some configuration is necessary. + +The NAT manager can be configured as follows: + +```js +const node = await Libp2p.create({ + config: { + nat: { + description: 'my-node', // set as the port mapping description on the router, defaults the current libp2p version and your peer id + enabled: true, // defaults to true + gateway: '192.168.1.1', // leave unset to auto-discover + externalIp: '80.1.1.1', // leave unset to auto-discover + ttl: 7200, // TTL for port mappings (min 20 minutes) + keepAlive: true, // Refresh port mapping after TTL expires + pmp: { + enabled: false, // defaults to false + } + } + } +}) +``` + +##### Browser support + +Browsers cannot open TCP ports or send the UDP datagrams necessary to configure external port mapping - to accept incoming connections in the browser please use a WebRTC transport. + +##### UPnP and NAT-PMP + +By default under nodejs libp2p will attempt to use [UPnP](https://en.wikipedia.org/wiki/Universal_Plug_and_Play) to configure your router to allow incoming connections to any TCP transports that have been configured. + +[NAT-PMP](http://miniupnp.free.fr/nat-pmp.html) is a feature of some modern routers which performs a similar job to UPnP. NAT-PMP is disabled by default, if enabled libp2p will try to use NAT-PMP and will fall back to UPnP if it fails. + ## Configuration examples As libp2p is designed to be a modular networking library, its usage will vary based on individual project needs. We've included links to some existing project configurations for your reference, in case you wish to replicate their configuration: diff --git a/package.json b/package.json index 3dd149c6..183df836 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,11 @@ "node": ">=12.0.0", "npm": ">=6.0.0" }, + "browser": { + "@motrix/nat-api": false + }, "dependencies": { + "@motrix/nat-api": "^0.3.1", "abort-controller": "^3.0.0", "aggregate-error": "^3.1.0", "any-signal": "^2.1.1", @@ -89,8 +93,11 @@ "node-forge": "^0.10.0", "p-any": "^3.0.0", "p-fifo": "^1.0.0", + "p-retry": "^4.2.0", "p-settle": "^4.0.1", "peer-id": "^0.14.2", + "private-ip": "^2.0.0", + "promisify-es6": "^1.0.3", "protons": "^2.0.0", "retimer": "^2.0.0", "sanitize-filename": "^1.6.3", @@ -132,7 +139,6 @@ "p-defer": "^3.0.0", "p-times": "^3.0.0", "p-wait-for": "^3.2.0", - "promisify-es6": "^1.0.3", "rimraf": "^3.0.2", "sinon": "^9.2.4", "uint8arrays": "^2.0.5" diff --git a/src/address-manager/index.js b/src/address-manager/index.js index 5c9874af..62543225 100644 --- a/src/address-manager/index.js +++ b/src/address-manager/index.js @@ -1,6 +1,10 @@ 'use strict' +/** @typedef {import('../types').EventEmitterFactory} Events */ +/** @type Events */ +const EventEmitter = require('events') const multiaddr = require('multiaddr') +const PeerId = require('peer-id') /** * @typedef {import('multiaddr')} Multiaddr @@ -11,7 +15,11 @@ const multiaddr = require('multiaddr') * @property {string[]} [listen = []] - list of multiaddrs string representation to listen. * @property {string[]} [announce = []] - list of multiaddrs string representation to announce. */ -class AddressManager { + +/** + * @fires AddressManager#change:addresses Emitted when a addresses change. + */ +class AddressManager extends EventEmitter { /** * Responsible for managing the peer addresses. * Peers can specify their listen and announce addresses. @@ -19,11 +27,18 @@ class AddressManager { * while the announce addresses will be used for the peer addresses' to other peers in the network. * * @class - * @param {AddressManagerOptions} [options] + * @param {PeerId} peerId - The Peer ID of the node + * @param {object} [options] + * @param {Array} [options.listen = []] - list of multiaddrs string representation to listen. + * @param {Array} [options.announce = []] - list of multiaddrs string representation to announce. */ - constructor ({ listen = [], announce = [] } = {}) { - this.listen = new Set(listen) - this.announce = new Set(announce) + constructor (peerId, { listen = [], announce = [] } = {}) { + super() + + this.peerId = peerId + this.listen = new Set(listen.map(ma => ma.toString())) + this.announce = new Set(announce.map(ma => ma.toString())) + this.observed = new Set() } /** @@ -43,6 +58,45 @@ class AddressManager { getAnnounceAddrs () { return Array.from(this.announce).map((a) => multiaddr(a)) } + + /** + * Get observed multiaddrs. + * + * @returns {Array} + */ + getObservedAddrs () { + return Array.from(this.observed).map((a) => multiaddr(a)) + } + + /** + * Add peer observed addresses + * + * @param {string | Multiaddr} addr + */ + addObservedAddr (addr) { + let ma = multiaddr(addr) + const remotePeer = ma.getPeerId() + + // strip our peer id if it has been passed + if (remotePeer) { + const remotePeerId = PeerId.createFromB58String(remotePeer) + + // use same encoding for comparison + if (remotePeerId.equals(this.peerId)) { + ma = ma.decapsulate(multiaddr(`/p2p/${this.peerId}`)) + } + } + + const addrString = ma.toString() + + // do not trigger the change:addresses event if we already know about this address + if (this.observed.has(addrString)) { + return + } + + this.observed.add(addrString) + this.emit('change:addresses') + } } module.exports = AddressManager diff --git a/src/config.js b/src/config.js index a2334f52..6eefa425 100644 --- a/src/config.js +++ b/src/config.js @@ -59,6 +59,16 @@ const DefaultConfig = { timeout: 10e3 } }, + nat: { + enabled: true, + ttl: 7200, + keepAlive: true, + gateway: null, + externalIp: null, + pmp: { + enabled: false + } + }, peerDiscovery: { autoDial: true }, diff --git a/src/identify/index.js b/src/identify/index.js index d118872c..f5d8d467 100644 --- a/src/identify/index.js +++ b/src/identify/index.js @@ -43,6 +43,7 @@ class IdentifyService { constructor ({ libp2p }) { this._libp2p = libp2p this.peerStore = libp2p.peerStore + this.addressManager = libp2p.addressManager this.connectionManager = libp2p.connectionManager this.peerId = libp2p.peerId @@ -201,8 +202,9 @@ class IdentifyService { this.peerStore.protoBook.set(id, protocols) this.peerStore.metadataBook.set(id, 'AgentVersion', uint8ArrayFromString(message.agentVersion)) - // TODO: Track our observed address so that we can score it + // TODO: Score our observed addr log('received observed address of %s', observedAddr) + this.addressManager.addObservedAddr(observedAddr) } /** diff --git a/src/index.js b/src/index.js index 86dbc4ce..16cdddc1 100644 --- a/src/index.js +++ b/src/index.js @@ -10,6 +10,7 @@ const EventEmitter = require('events') const errCode = require('err-code') const PeerId = require('peer-id') +const multiaddr = require('multiaddr') const PeerRouting = require('./peer-routing') const ContentRouting = require('./content-routing') @@ -33,6 +34,8 @@ const Registrar = require('./registrar') const ping = require('./ping') const IdentifyService = require('./identify') const IDENTIFY_PROTOCOLS = IdentifyService.multicodecs +const NatManager = require('./nat-manager') +const { updateSelfPeerRecord } = require('./record/utils') /** * @typedef {import('multiaddr')} Multiaddr @@ -133,7 +136,14 @@ class Libp2p extends EventEmitter { // Addresses {listen, announce, noAnnounce} this.addresses = this._options.addresses - this.addressManager = new AddressManager(this._options.addresses) + this.addressManager = new AddressManager(this.peerId, this._options.addresses) + + // when addresses change, update our peer record + this.addressManager.on('change:addresses', () => { + updateSelfPeerRecord(this).catch(err => { + log.error('Error updating self peer record', err) + }) + }) this._modules = this._options.modules this._config = this._options.config @@ -187,6 +197,14 @@ class Libp2p extends EventEmitter { faultTolerance: this._options.transportManager.faultTolerance }) + // Create the Nat Manager + this.natManager = new NatManager({ + peerId: this.peerId, + addressManager: this.addressManager, + transportManager: this.transportManager, + ...this._options.config.nat + }) + // Create the Registrar this.registrar = new Registrar({ peerStore: this.peerStore, @@ -350,6 +368,7 @@ class Libp2p extends EventEmitter { this.metrics && this.metrics.stop() ]) + await this.natManager.stop() await this.transportManager.close() ping.unmount(this) @@ -445,22 +464,32 @@ class Libp2p extends EventEmitter { } /** - * Get peer advertising multiaddrs by concating the addresses used - * by transports to listen with the announce addresses. - * Duplicated addresses and noAnnounce addresses are filtered out. + * Get a deduplicated list of peer advertising multiaddrs by concatenating + * the listen addresses used by transports with any configured + * announce addresses as well as observed addresses reported by peers. + * + * If Announce addrs are specified, configured listen addresses will be + * ignored though observed addresses will still be included. * * @returns {Multiaddr[]} */ get multiaddrs () { - const announceAddrs = this.addressManager.getAnnounceAddrs() - if (announceAddrs.length) { - return announceAddrs + let addrs = this.addressManager.getAnnounceAddrs().map(ma => ma.toString()) + + if (!addrs.length) { + // no configured announce addrs, add configured listen addresses + addrs = this.transportManager.getAddrs().map(ma => ma.toString()) } + addrs = addrs.concat(this.addressManager.getObservedAddrs().map(ma => ma.toString())) + const announceFilter = this._options.addresses.announceFilter || ((multiaddrs) => multiaddrs) + // dedupe multiaddrs + const addrSet = new Set(addrs) + // Create advertising list - return announceFilter(this.transportManager.getAddrs()) + return announceFilter(Array.from(addrSet).map(str => multiaddr(str))) } /** @@ -539,6 +568,9 @@ class Libp2p extends EventEmitter { const addrs = this.addressManager.getListenAddrs() await this.transportManager.listen(addrs) + // Manage your NATs + this.natManager.start() + // Start PeerStore await this.peerStore.start() diff --git a/src/nat-manager.js b/src/nat-manager.js new file mode 100644 index 00000000..760a3f71 --- /dev/null +++ b/src/nat-manager.js @@ -0,0 +1,168 @@ +'use strict' + +const NatAPI = require('@motrix/nat-api') +const debug = require('debug') +const promisify = require('promisify-es6') +const Multiaddr = require('multiaddr') +const log = Object.assign(debug('libp2p:nat'), { + error: debug('libp2p:nat:err') +}) +const { isBrowser } = require('ipfs-utils/src/env') +const retry = require('p-retry') +const isPrivateIp = require('private-ip') +const pkg = require('../package.json') +const errcode = require('err-code') +const { + codes: { ERR_INVALID_PARAMETERS } +} = require('./errors') +const isLoopback = require('libp2p-utils/src/multiaddr/is-loopback') + +/** + * @typedef {import('peer-id')} PeerId + * @typedef {import('./transport-manager')} TransportManager + * @typedef {import('./address-manager')} AddressManager + */ + +function highPort (min = 1024, max = 65535) { + return Math.floor(Math.random() * (max - min + 1) + min) +} + +const DEFAULT_TTL = 7200 + +class NatManager { + /** + * @class + * @param {object} options + * @param {PeerId} options.peerId - The peer ID of the current node + * @param {TransportManager} options.transportManager - A transport manager + * @param {AddressManager} options.addressManager - An address manager + * @param {boolean} options.enabled - Whether to enable the NAT manager + * @param {string} [options.externalIp] - Pass a value to use instead of auto-detection + * @param {string} [options.description] - A string value to use for the port mapping description on the gateway + * @param {number} [options.ttl] - How long UPnP port mappings should last for in seconds (minimum 1200) + * @param {boolean} [options.keepAlive] - Whether to automatically refresh UPnP port mappings when their TTL is reached + * @param {string} [options.gateway] - Pass a value to use instead of auto-detection + * @param {object} [options.pmp] - PMP options + * @param {boolean} [options.pmp.enabled] - Whether to enable PMP as well as UPnP + */ + constructor ({ peerId, addressManager, transportManager, ...options }) { + this._peerId = peerId + this._addressManager = addressManager + this._transportManager = transportManager + + this._enabled = options.enabled + this._externalIp = options.externalIp + this._options = { + description: options.description || `${pkg.name}@${pkg.version} ${this._peerId}`, + ttl: options.ttl || DEFAULT_TTL, + autoUpdate: options.keepAlive || true, + gateway: options.gateway, + enablePMP: Boolean(options.pmp && options.pmp.enabled) + } + + if (this._options.ttl < DEFAULT_TTL) { + throw errcode(new Error(`NatManager ttl should be at least ${DEFAULT_TTL} seconds`), ERR_INVALID_PARAMETERS) + } + } + + /** + * Starts the NAT manager + */ + start () { + if (isBrowser || !this._enabled) { + return + } + + // done async to not slow down startup + this._start().catch((err) => { + // hole punching errors are non-fatal + log.error(err) + }) + } + + async _start () { + const addrs = this._transportManager.getAddrs() + + for (const addr of addrs) { + // try to open uPnP ports for each thin waist address + const { family, host, port, transport } = addr.toOptions() + + if (!addr.isThinWaistAddress() || transport !== 'tcp') { + // only bare tcp addresses + continue + } + + if (isLoopback(addr)) { + continue + } + + if (family !== 'ipv4') { + // ignore ipv6 + continue + } + + const client = this._getClient() + const publicIp = this._externalIp || await client.externalIp() + + if (isPrivateIp(publicIp)) { + throw new Error(`${publicIp} is private - please set config.nat.externalIp to an externally routable IP or ensure you are not behind a double NAT`) + } + + const publicPort = highPort() + + log(`opening uPnP connection from ${publicIp}:${publicPort} to ${host}:${port}`) + + await client.map({ + publicPort, + privatePort: port, + protocol: transport.toUpperCase() + }) + + this._addressManager.addObservedAddr(Multiaddr.fromNodeAddress({ + family: 'IPv4', + address: publicIp, + port: `${publicPort}` + }, transport)) + } + } + + _getClient () { + if (this._client) { + return this._client + } + + const client = new NatAPI(this._options) + const map = promisify(client.map, { context: client }) + const destroy = promisify(client.destroy, { context: client }) + const externalIp = promisify(client.externalIp, { context: client }) + + this._client = { + // these are all network operations so add a retry + map: (...args) => retry(() => map(...args), { onFailedAttempt: log.error }), + destroy: (...args) => retry(() => destroy(...args), { onFailedAttempt: log.error }), + externalIp: (...args) => retry(() => externalIp(...args), { onFailedAttempt: log.error }) + } + + return this._client + } + + /** + * Stops the NAT manager + * + * @async + */ + async stop () { + if (isBrowser || !this._client) { + return + } + + try { + await this._client.destroy() + this._client = null + } catch (err) { + log.error(err) + } + } +} + +module.exports = NatManager diff --git a/test/addresses/address-manager.spec.js b/test/addresses/address-manager.spec.js index 4d58387a..c27ef299 100644 --- a/test/addresses/address-manager.spec.js +++ b/test/addresses/address-manager.spec.js @@ -3,23 +3,32 @@ const { expect } = require('aegir/utils/chai') const multiaddr = require('multiaddr') +const PeerId = require('peer-id') const AddressManager = require('../../src/address-manager') const peerUtils = require('../utils/creators/peer') +const Peers = require('../fixtures/peers') + const listenAddresses = ['/ip4/127.0.0.1/tcp/15006/ws', '/ip4/127.0.0.1/tcp/15008/ws'] const announceAddreses = ['/dns4/peer.io'] describe('Address Manager', () => { + let peerId + + before(async () => { + peerId = await PeerId.createFromJSON(Peers[0]) + }) + it('should not need any addresses', () => { - const am = new AddressManager() + const am = new AddressManager(peerId) expect(am.listen.size).to.equal(0) expect(am.announce.size).to.equal(0) }) it('should return listen multiaddrs on get', () => { - const am = new AddressManager({ + const am = new AddressManager(peerId, { listen: listenAddresses }) @@ -33,7 +42,7 @@ describe('Address Manager', () => { }) it('should return announce multiaddrs on get', () => { - const am = new AddressManager({ + const am = new AddressManager(peerId, { listen: listenAddresses, announce: announceAddreses }) @@ -45,6 +54,75 @@ describe('Address Manager', () => { expect(announceMultiaddrs.length).to.equal(1) expect(announceMultiaddrs[0].equals(multiaddr(announceAddreses[0]))).to.equal(true) }) + + it('should add observed addresses', () => { + const am = new AddressManager(peerId) + + expect(am.observed).to.be.empty() + + am.addObservedAddr('/ip4/123.123.123.123/tcp/39201') + + expect(am.observed).to.have.property('size', 1) + }) + + it('should dedupe added observed addresses', () => { + const ma = '/ip4/123.123.123.123/tcp/39201' + const am = new AddressManager(peerId) + + expect(am.observed).to.be.empty() + + am.addObservedAddr(ma) + am.addObservedAddr(ma) + am.addObservedAddr(ma) + + expect(am.observed).to.have.property('size', 1) + expect(am.observed).to.include(ma) + }) + + it('should only emit one change:addresses event', () => { + const ma = '/ip4/123.123.123.123/tcp/39201' + const am = new AddressManager(peerId) + let eventCount = 0 + + am.on('change:addresses', () => { + eventCount++ + }) + + am.addObservedAddr(ma) + am.addObservedAddr(ma) + am.addObservedAddr(ma) + am.addObservedAddr(`${ma}/p2p/${peerId}`) + am.addObservedAddr(`${ma}/p2p/${peerId.toB58String()}`) + + expect(eventCount).to.equal(1) + }) + + it('should strip our peer address from added observed addresses', () => { + const ma = '/ip4/123.123.123.123/tcp/39201' + const am = new AddressManager(peerId) + + expect(am.observed).to.be.empty() + + am.addObservedAddr(ma) + am.addObservedAddr(`${ma}/p2p/${peerId}`) + + expect(am.observed).to.have.property('size', 1) + expect(am.observed).to.include(ma) + }) + + it('should strip our peer address from added observed addresses in difference formats', () => { + const ma = '/ip4/123.123.123.123/tcp/39201' + const am = new AddressManager(peerId) + + expect(am.observed).to.be.empty() + + am.addObservedAddr(ma) + am.addObservedAddr(`${ma}/p2p/${peerId}`) // base32 CID + am.addObservedAddr(`${ma}/p2p/${peerId.toB58String()}`) // base58btc + + expect(am.observed).to.have.property('size', 1) + expect(am.observed).to.include(ma) + }) }) describe('libp2p.addressManager', () => { diff --git a/test/addresses/addresses.node.js b/test/addresses/addresses.node.js index 2d6bcead..719e5272 100644 --- a/test/addresses/addresses.node.js +++ b/test/addresses/addresses.node.js @@ -147,4 +147,26 @@ describe('libp2p.multiaddrs', () => { expect(multiaddrs.includes(listenAddresses[0])).to.equal(false) expect(multiaddrs.includes(listenAddresses[1])).to.equal(false) }) + + it('should include observed addresses in returned multiaddrs', async () => { + [libp2p] = await peerUtils.createPeer({ + started: false, + config: { + ...AddressesOptions, + addresses: { + listen: listenAddresses + } + } + }) + const ma = '/ip4/83.32.123.53/tcp/43928' + + await libp2p.start() + + expect(libp2p.multiaddrs).to.have.lengthOf(listenAddresses.length) + + libp2p.addressManager.addObservedAddr(ma) + + expect(libp2p.multiaddrs).to.have.lengthOf(listenAddresses.length + 1) + expect(libp2p.multiaddrs.map(ma => ma.toString())).to.include(ma) + }) }) diff --git a/test/core/consume-peer-record.spec.js b/test/core/consume-peer-record.spec.js new file mode 100644 index 00000000..c20a5efa --- /dev/null +++ b/test/core/consume-peer-record.spec.js @@ -0,0 +1,46 @@ +'use strict' +/* eslint-env mocha */ + +const Transport = require('libp2p-websockets') +const { NOISE: Crypto } = require('libp2p-noise') + +const Libp2p = require('../../src') +const { createPeerId } = require('../utils/creators/peer') + +describe('Consume peer record', () => { + let libp2p + + beforeEach(async () => { + const [peerId] = await createPeerId() + const config = { + peerId, + modules: { + transport: [Transport], + connEncryption: [Crypto] + } + } + libp2p = await Libp2p.create(config) + }) + + afterEach(async () => { + await libp2p.stop() + }) + + it('should consume peer record when observed addrs are added', async () => { + let done + + libp2p.peerStore.addressBook.consumePeerRecord = () => { + done() + } + + const p = new Promise(resolve => { + done = resolve + }) + + libp2p.addressManager.addObservedAddr('/ip4/123.123.123.123/tcp/3983') + + await p + + libp2p.stop() + }) +}) diff --git a/test/dialing/direct.node.js b/test/dialing/direct.node.js index 0d9d1dd7..33a73d0f 100644 --- a/test/dialing/direct.node.js +++ b/test/dialing/direct.node.js @@ -51,7 +51,7 @@ describe('Dialing (direct, TCP)', () => { peerStore = new PeerStore({ peerId: remotePeerId }) remoteTM = new TransportManager({ libp2p: { - addressManager: new AddressManager({ listen: [listenAddr] }), + addressManager: new AddressManager(remotePeerId, { listen: [listenAddr] }), peerId: remotePeerId, peerStore }, diff --git a/test/identify/index.spec.js b/test/identify/index.spec.js index b431c892..d7b0d8b2 100644 --- a/test/identify/index.spec.js +++ b/test/identify/index.spec.js @@ -21,14 +21,15 @@ const PeerStore = require('../../src/peer-store') const baseOptions = require('../utils/base-options.browser') const { updateSelfPeerRecord } = require('../../src/record/utils') const pkg = require('../../package.json') +const AddressManager = require('../../src/address-manager') const { MULTIADDRS_WEBSOCKETS } = require('../fixtures/browser') const remoteAddr = MULTIADDRS_WEBSOCKETS[0] const listenMaddrs = [multiaddr('/ip4/127.0.0.1/tcp/15002/ws')] describe('Identify', () => { - let localPeer, localPeerStore - let remotePeer, remotePeerStore + let localPeer, localPeerStore, localAddressManager + let remotePeer, remotePeerStore, remoteAddressManager const protocols = [multicodecs.IDENTIFY, multicodecs.IDENTIFY_PUSH] before(async () => { @@ -42,6 +43,9 @@ describe('Identify', () => { remotePeerStore = new PeerStore({ peerId: remotePeer }) remotePeerStore.protoBook.set(remotePeer, protocols) + + localAddressManager = new AddressManager(localPeer) + remoteAddressManager = new AddressManager(remotePeer) }) afterEach(() => { @@ -110,6 +114,7 @@ describe('Identify', () => { libp2p: { peerId: localPeer, connectionManager: new EventEmitter(), + addressManager: localAddressManager, peerStore: localPeerStore, multiaddrs: listenMaddrs, isStarted: () => true, @@ -121,6 +126,7 @@ describe('Identify', () => { libp2p: { peerId: remotePeer, connectionManager: new EventEmitter(), + addressManager: remoteAddressManager, peerStore: remotePeerStore, multiaddrs: listenMaddrs, isStarted: () => true, diff --git a/test/nat-manager/nat-manager.node.js b/test/nat-manager/nat-manager.node.js new file mode 100644 index 00000000..9bf922e5 --- /dev/null +++ b/test/nat-manager/nat-manager.node.js @@ -0,0 +1,244 @@ +'use strict' +/* eslint-env mocha */ + +const { expect } = require('aegir/utils/chai') +const sinon = require('sinon') +const AddressManager = require('../../src/address-manager') +const TransportManager = require('../../src/transport-manager') +const Transport = require('libp2p-tcp') +const mockUpgrader = require('../utils/mockUpgrader') +const NatManager = require('../../src/nat-manager') +const delay = require('delay') +const peers = require('../fixtures/peers') +const PeerId = require('peer-id') +const { + codes: { ERR_INVALID_PARAMETERS } +} = require('../../src/errors') + +const DEFAULT_ADDRESSES = [ + '/ip4/127.0.0.1/tcp/0', + '/ip4/0.0.0.0/tcp/0' +] + +describe('Nat Manager (TCP)', () => { + const teardown = [] + + async function createNatManager (addrs = DEFAULT_ADDRESSES, natManagerOptions = {}) { + const peerId = await PeerId.createFromJSON(peers[0]) + const addressManager = new AddressManager(peerId, { listen: addrs }) + const transportManager = new TransportManager({ + libp2p: { + peerId, + addressManager, + peerStore: { + addressBook: { + consumePeerRecord: sinon.stub() + } + } + }, + upgrader: mockUpgrader, + onConnection: () => {}, + faultTolerance: TransportManager.FaultTolerance.NO_FATAL + }) + const natManager = new NatManager({ + peerId, + addressManager, + transportManager, + enabled: true, + ...natManagerOptions + }) + + natManager._client = { + externalIp: sinon.stub().resolves('82.3.1.5'), + map: sinon.stub(), + destroy: sinon.stub() + } + + transportManager.add(Transport.prototype[Symbol.toStringTag], Transport) + await transportManager.listen(addressManager.getListenAddrs()) + + teardown.push(async () => { + await natManager.stop() + await transportManager.removeAll() + expect(transportManager._transports.size).to.equal(0) + }) + + return { + natManager, + addressManager, + transportManager + } + } + + afterEach(() => Promise.all(teardown)) + + it('should map TCP connections to external ports', async () => { + const { + natManager, + addressManager, + transportManager + } = await createNatManager() + + let addressChangedEventFired = false + + addressManager.on('change:addresses', () => { + addressChangedEventFired = true + }) + + natManager._client = { + externalIp: sinon.stub().resolves('82.3.1.5'), + map: sinon.stub(), + destroy: sinon.stub() + } + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.not.be.empty() + + const internalPorts = transportManager.getAddrs() + .filter(ma => ma.isThinWaistAddress()) + .map(ma => ma.toOptions()) + .filter(({ host, transport }) => host !== '127.0.0.1' && transport === 'tcp') + .map(({ port }) => port) + + expect(natManager._client.map.called).to.be.true() + + internalPorts.forEach(port => { + expect(natManager._client.map.getCall(0).args[0]).to.include({ + privatePort: port, + protocol: 'TCP' + }) + }) + + expect(addressChangedEventFired).to.be.true() + }) + + it('should not map TCP connections when double-natted', async () => { + const { + natManager, + addressManager + } = await createNatManager() + + natManager._client.externalIp = sinon.stub().resolves('192.168.1.1') + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await expect(natManager._start()).to.eventually.be.rejectedWith(/double NAT/) + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + expect(natManager._client.map.called).to.be.false() + }) + + it('should do nothing when disabled', async () => { + const { + natManager + } = await createNatManager(DEFAULT_ADDRESSES, { + enabled: false + }) + + natManager.start() + + await delay(100) + + expect(natManager._client.externalIp.called).to.be.false() + expect(natManager._client.map.called).to.be.false() + }) + + it('should not map non-ipv4 connections to external ports', async () => { + const { + natManager, + addressManager + } = await createNatManager([ + '/ip6/::/tcp/5001' + ]) + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + }) + + it('should not map non-ipv6 loopback connections to external ports', async () => { + const { + natManager, + addressManager + } = await createNatManager([ + '/ip6/::1/tcp/5001' + ]) + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + }) + + it('should not map non-TCP connections to external ports', async () => { + const { + natManager, + addressManager + } = await createNatManager([ + '/ip4/0.0.0.0/utp' + ]) + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + }) + + it('should not map loopback connections to external ports', async () => { + const { + natManager, + addressManager + } = await createNatManager([ + '/ip4/127.0.0.1/tcp/5900' + ]) + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + }) + + it('should not map non-thin-waist connections to external ports', async () => { + const { + natManager, + addressManager + } = await createNatManager([ + '/ip4/0.0.0.0/tcp/5900/sctp/49832' + ]) + + let observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + + await natManager._start() + + observed = addressManager.getObservedAddrs().map(ma => ma.toString()) + expect(observed).to.be.empty() + }) + + it('should specify large enough TTL', () => { + expect(() => { + new NatManager({ ttl: 5 }) // eslint-disable-line no-new + }).to.throw().with.property('code', ERR_INVALID_PARAMETERS) + }) +}) diff --git a/test/utils/base-options.js b/test/utils/base-options.js index 25ea441b..e2db4f85 100644 --- a/test/utils/base-options.js +++ b/test/utils/base-options.js @@ -16,6 +16,9 @@ module.exports = { hop: { enabled: false } + }, + nat: { + enabled: false } } }