p2p/dnsdisc: add implementation of EIP-1459 (#20094)

This adds an implementation of node discovery via DNS TXT records to the go-ethereum library. The implementation doesn't match EIP-1459 exactly, the main difference being that this implementation uses separate merkle trees for tree links and ENRs. The EIP will be updated to match p2p/dnsdisc. To maintain DNS trees, cmd/devp2p provides a frontend for the p2p/dnsdisc library. The new 'dns' subcommands can be used to create, sign and deploy DNS discovery trees.
ethereum · Sep 25, 2019 · 0568e81 · 0568e81
1 parent 32b07e8
commit 0568e81
Show file tree

Hide file tree

Showing 62 changed files with 10,698 additions and 49 deletions.
diff --git a/cmd/devp2p/discv4cmd.go b/cmd/devp2p/discv4cmd.go
@@ -19,10 +19,10 @@ package main
 import (
 	"fmt"
 	"net"
-	"sort"
 	"strings"
 	"time"
 
+	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/p2p/discover"
 	"github.com/ethereum/go-ethereum/p2p/enode"
@@ -38,23 +38,34 @@ var (
 			discv4PingCommand,
 			discv4RequestRecordCommand,
 			discv4ResolveCommand,
+			discv4ResolveJSONCommand,
 		},
 	}
 	discv4PingCommand = cli.Command{
-		Name:   "ping",
-		Usage:  "Sends ping to a node",
-		Action: discv4Ping,
+		Name:      "ping",
+		Usage:     "Sends ping to a node",
+		Action:    discv4Ping,
+		ArgsUsage: "<node>",
 	}
 	discv4RequestRecordCommand = cli.Command{
-		Name:   "requestenr",
-		Usage:  "Requests a node record using EIP-868 enrRequest",
-		Action: discv4RequestRecord,
+		Name:      "requestenr",
+		Usage:     "Requests a node record using EIP-868 enrRequest",
+		Action:    discv4RequestRecord,
+		ArgsUsage: "<node>",
 	}
 	discv4ResolveCommand = cli.Command{
-		Name:   "resolve",
-		Usage:  "Finds a node in the DHT",
-		Action: discv4Resolve,
-		Flags:  []cli.Flag{bootnodesFlag},
+		Name:      "resolve",
+		Usage:     "Finds a node in the DHT",
+		Action:    discv4Resolve,
+		ArgsUsage: "<node>",
+		Flags:     []cli.Flag{bootnodesFlag},
+	}
+	discv4ResolveJSONCommand = cli.Command{
+		Name:      "resolve-json",
+		Usage:     "Re-resolves nodes in a nodes.json file",
+		Action:    discv4ResolveJSON,
+		Flags:     []cli.Flag{bootnodesFlag},
+		ArgsUsage: "<nodes.json file>",
 	}
 )
 
@@ -64,10 +75,8 @@ var bootnodesFlag = cli.StringFlag{
 }
 
 func discv4Ping(ctx *cli.Context) error {
-	n, disc, err := getNodeArgAndStartV4(ctx)
-	if err != nil {
-		return err
-	}
+	n := getNodeArg(ctx)
+	disc := startV4(ctx)
 	defer disc.Close()
 
 	start := time.Now()
@@ -79,10 +88,8 @@ func discv4Ping(ctx *cli.Context) error {
 }
 
 func discv4RequestRecord(ctx *cli.Context) error {
-	n, disc, err := getNodeArgAndStartV4(ctx)
-	if err != nil {
-		return err
-	}
+	n := getNodeArg(ctx)
+	disc := startV4(ctx)
 	defer disc.Close()
 
 	respN, err := disc.RequestENR(n)
@@ -94,33 +101,43 @@ func discv4RequestRecord(ctx *cli.Context) error {
 }
 
 func discv4Resolve(ctx *cli.Context) error {
-	n, disc, err := getNodeArgAndStartV4(ctx)
-	if err != nil {
-		return err
-	}
+	n := getNodeArg(ctx)
+	disc := startV4(ctx)
 	defer disc.Close()
 
 	fmt.Println(disc.Resolve(n).String())
 	return nil
 }
 
-func getNodeArgAndStartV4(ctx *cli.Context) (*enode.Node, *discover.UDPv4, error) {
-	if ctx.NArg() != 1 {
-		return nil, nil, fmt.Errorf("missing node as command-line argument")
+func discv4ResolveJSON(ctx *cli.Context) error {
+	if ctx.NArg() < 1 {
+		return fmt.Errorf("need nodes file as argument")
 	}
-	n, err := parseNode(ctx.Args()[0])
-	if err != nil {
-		return nil, nil, err
+	disc := startV4(ctx)
+	defer disc.Close()
+	file := ctx.Args().Get(0)
+
+	// Load existing nodes in file.
+	var nodes []*enode.Node
+	if common.FileExist(file) {
+		nodes = loadNodesJSON(file).nodes()
 	}
-	var bootnodes []*enode.Node
-	if commandHasFlag(ctx, bootnodesFlag) {
-		bootnodes, err = parseBootnodes(ctx)
+	// Add nodes from command line arguments.
+	for i := 1; i < ctx.NArg(); i++ {
+		n, err := parseNode(ctx.Args().Get(i))
 		if err != nil {
-			return nil, nil, err
+			exit(err)
 		}
+		nodes = append(nodes, n)
+	}
+
+	result := make(nodeSet, len(nodes))
+	for _, n := range nodes {
+		n = disc.Resolve(n)
+		result[n.ID()] = nodeJSON{Seq: n.Seq(), N: n}
 	}
-	disc, err := startV4(bootnodes)
-	return n, disc, err
+	writeNodesJSON(file, result)
+	return nil
 }
 
 func parseBootnodes(ctx *cli.Context) ([]*enode.Node, error) {
@@ -139,28 +156,39 @@ func parseBootnodes(ctx *cli.Context) ([]*enode.Node, error) {
 	return nodes, nil
 }
 
-// commandHasFlag returns true if the current command supports the given flag.
-func commandHasFlag(ctx *cli.Context, flag cli.Flag) bool {
-	flags := ctx.FlagNames()
-	sort.Strings(flags)
-	i := sort.SearchStrings(flags, flag.GetName())
-	return i != len(flags) && flags[i] == flag.GetName()
+// startV4 starts an ephemeral discovery V4 node.
+func startV4(ctx *cli.Context) *discover.UDPv4 {
+	socket, ln, cfg, err := listen()
+	if err != nil {
+		exit(err)
+	}
+	if commandHasFlag(ctx, bootnodesFlag) {
+		bn, err := parseBootnodes(ctx)
+		if err != nil {
+			exit(err)
+		}
+		cfg.Bootnodes = bn
+	}
+	disc, err := discover.ListenV4(socket, ln, cfg)
+	if err != nil {
+		exit(err)
+	}
+	return disc
 }
 
-// startV4 starts an ephemeral discovery V4 node.
-func startV4(bootnodes []*enode.Node) (*discover.UDPv4, error) {
+func listen() (*net.UDPConn, *enode.LocalNode, discover.Config, error) {
 	var cfg discover.Config
-	cfg.Bootnodes = bootnodes
 	cfg.PrivateKey, _ = crypto.GenerateKey()
 	db, _ := enode.OpenDB("")
 	ln := enode.NewLocalNode(db, cfg.PrivateKey)
 
 	socket, err := net.ListenUDP("udp4", &net.UDPAddr{IP: net.IP{0, 0, 0, 0}})
 	if err != nil {
-		return nil, err
+		db.Close()
+		return nil, nil, cfg, err
 	}
 	addr := socket.LocalAddr().(*net.UDPAddr)
 	ln.SetFallbackIP(net.IP{127, 0, 0, 1})
 	ln.SetFallbackUDP(addr.Port)
-	return discover.ListenUDP(socket, ln, cfg)
+	return socket, ln, cfg, nil
 }
diff --git a/cmd/devp2p/dns_cloudflare.go b/cmd/devp2p/dns_cloudflare.go
@@ -0,0 +1,163 @@
+// Copyright 2019 The go-ethereum Authors
+// This file is part of go-ethereum.
+//
+// go-ethereum is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// go-ethereum is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/cloudflare/cloudflare-go"
+	"github.com/ethereum/go-ethereum/log"
+	"github.com/ethereum/go-ethereum/p2p/dnsdisc"
+	"gopkg.in/urfave/cli.v1"
+)
+
+var (
+	cloudflareTokenFlag = cli.StringFlag{
+		Name:   "token",
+		Usage:  "CloudFlare API token",
+		EnvVar: "CLOUDFLARE_API_TOKEN",
+	}
+	cloudflareZoneIDFlag = cli.StringFlag{
+		Name:  "zoneid",
+		Usage: "CloudFlare Zone ID (optional)",
+	}
+)
+
+type cloudflareClient struct {
+	*cloudflare.API
+	zoneID string
+}
+
+// newCloudflareClient sets up a CloudFlare API client from command line flags.
+func newCloudflareClient(ctx *cli.Context) *cloudflareClient {
+	token := ctx.String(cloudflareTokenFlag.Name)
+	if token == "" {
+		exit(fmt.Errorf("need cloudflare API token to proceed"))
+	}
+	api, err := cloudflare.NewWithAPIToken(token)
+	if err != nil {
+		exit(fmt.Errorf("can't create Cloudflare client: %v", err))
+	}
+	return &cloudflareClient{
+		API:    api,
+		zoneID: ctx.String(cloudflareZoneIDFlag.Name),
+	}
+}
+
+// deploy uploads the given tree to CloudFlare DNS.
+func (c *cloudflareClient) deploy(name string, t *dnsdisc.Tree) error {
+	if err := c.checkZone(name); err != nil {
+		return err
+	}
+	records := t.ToTXT(name)
+	return c.uploadRecords(name, records)
+}
+
+// checkZone verifies permissions on the CloudFlare DNS Zone for name.
+func (c *cloudflareClient) checkZone(name string) error {
+	if c.zoneID == "" {
+		log.Info(fmt.Sprintf("Finding CloudFlare zone ID for %s", name))
+		id, err := c.ZoneIDByName(name)
+		if err != nil {
+			return err
+		}
+		c.zoneID = id
+	}
+	log.Info(fmt.Sprintf("Checking Permissions on zone %s", c.zoneID))
+	zone, err := c.ZoneDetails(c.zoneID)
+	if err != nil {
+		return err
+	}
+	if !strings.HasSuffix(name, "."+zone.Name) {
+		return fmt.Errorf("CloudFlare zone name %q does not match name %q to be deployed", zone.Name, name)
+	}
+	needPerms := map[string]bool{"#zone:edit": false, "#zone:read": false}
+	for _, perm := range zone.Permissions {
+		if _, ok := needPerms[perm]; ok {
+			needPerms[perm] = true
+		}
+	}
+	for _, ok := range needPerms {
+		if !ok {
+			return fmt.Errorf("wrong permissions on zone %s: %v", c.zoneID, needPerms)
+		}
+	}
+	return nil
+}
+
+// uploadRecords updates the TXT records at a particular subdomain. All non-root records
+// will have a TTL of "infinity" and all existing records not in the new map will be
+// nuked!
+func (c *cloudflareClient) uploadRecords(name string, records map[string]string) error {
+	// Convert all names to lowercase.
+	lrecords := make(map[string]string, len(records))
+	for name, r := range records {
+		lrecords[strings.ToLower(name)] = r
+	}
+	records = lrecords
+
+	log.Info(fmt.Sprintf("Retrieving existing TXT records on %s", name))
+	entries, err := c.DNSRecords(c.zoneID, cloudflare.DNSRecord{Type: "TXT"})
+	if err != nil {
+		return err
+	}
+	existing := make(map[string]cloudflare.DNSRecord)
+	for _, entry := range entries {
+		if !strings.HasSuffix(entry.Name, name) {
+			continue
+		}
+		existing[strings.ToLower(entry.Name)] = entry
+	}
+
+	// Iterate over the new records and inject anything missing.
+	for path, val := range records {
+		old, exists := existing[path]
+		if !exists {
+			// Entry is unknown, push a new one to Cloudflare.
+			log.Info(fmt.Sprintf("Creating %s = %q", path, val))
+			ttl := 1
+			if path != name {
+				ttl = 2147483647 // Max TTL permitted by Cloudflare
+			}
+			_, err = c.CreateDNSRecord(c.zoneID, cloudflare.DNSRecord{Type: "TXT", Name: path, Content: val, TTL: ttl})
+		} else if old.Content != val {
+			// Entry already exists, only change its content.
+			log.Info(fmt.Sprintf("Updating %s from %q to %q", path, old.Content, val))
+			old.Content = val
+			err = c.UpdateDNSRecord(c.zoneID, old.ID, old)
+		} else {
+			log.Info(fmt.Sprintf("Skipping %s = %q", path, val))
+		}
+		if err != nil {
+			return fmt.Errorf("failed to publish %s: %v", path, err)
+		}
+	}
+
+	// Iterate over the old records and delete anything stale.
+	for path, entry := range existing {
+		if _, ok := records[path]; ok {
+			continue
+		}
+		// Stale entry, nuke it.
+		log.Info(fmt.Sprintf("Deleting %s = %q", path, entry.Content))
+		if err := c.DeleteDNSRecord(c.zoneID, entry.ID); err != nil {
+			return fmt.Errorf("failed to delete %s: %v", path, err)
+		}
+	}
+	return nil
+}