Push Publishing

[vyzo]

Implement the /mediachain/node/push protocol for accepting pushes from authorized peers.
Semantics are those of an inverted merge: the source pushes statements, and the receiver merges them and requests objects by reusing the merge protocol implementation.

Closes #23

Implementation:

• protobufs
• receiver implementation
• sender implementation
• peer authorization/API for authorizing peers
• namespace filtering in incoming stream

Also: changes mc/nat public ip detection service to ifconfig.co, as ifconfig.me appears to be busted.

Examples

• Pushing to a remote peer which has authorized us

$ mcclient query "SELECT COUNT(*) FROM images.dpla"
1000
$ mcclient query -r QmSbgwkKxtrBFDoGGwoKqH7soYiL64xpMK5oEYdiRnQGJp "SELECT COUNT(*) FROM images.dpla"
0
$ curl -H "Content-Type: application/text" -d 'SELECT * FROM images.dpla' http://127.0.0.1:9002/push/QmSbgwkKxtrBFDoGGwoKqH7soYiL64xpMK5oEYdiRnQGJp
1000
1001
$ mcclient query -r QmSbgwkKxtrBFDoGGwoKqH7soYiL64xpMK5oEYdiRnQGJp "SELECT COUNT(*) FROM images.dpla"
1000

• Using the /auth api:

$ mcclient id
Peer ID: QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa
Publisher ID: 4XTTMADSKQUN3jkeZngbtuE35w9y5YnDTicVTeeji7N2Npkey
Info: vyzo testing

$ curl http://127.0.0.1:9002/auth
{}

# Authorize a peer (just self here)
$ curl -H "Content-Type: application/text" -d '*' http://127.0.0.1:9002/auth/QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa
OK
$ curl http://127.0.0.1:9002/auth
{"QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa":["*"]}
$ curl -H "Content-Type: application/text" -d '*,foo.*,bar.baz' http://127.0.0.1:9002/auth/QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa
OK
$ curl http://127.0.0.1:9002/auth
{"QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa":["*","foo.*","bar.baz"]}
$ curl http://127.0.0.1:9002/auth/QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa
*,foo.*,bar.baz

# revoke authorization
$ curl -H "Content-Type: application/text" -d '' http://127.0.0.1:9002/auth/QmeBkfxcaBfA9pvzivRwhF2PM7sXpp4HHQbp7jfTkRCWEa
OK
$ curl http://127.0.0.1:9002/auth
{}

[parkan]

let's just make a little table of permitted peers:namespaces for now?

[vyzo]

yeah, more like a table to a list of namespaces (with wildcard support)

[parkan]

Looking good so far

[parkan]

would be nice to fallback through a couple/one that we run

[vyzo]

Sure, that's probably a good idea.
The code running ifconfig.co is available at github: https://github.com/martinp/ipd
So we can run it at ifconfig.medichain.io and have fallback to ifconfig.co.

I'll open an enhancement issue and add support once we have the ifconfing server up.

[parkan]

this just executes when it goes out of scope? weird. I guess it's like a finally a bit?

[vyzo]

It's more like unwind-protect at function-scope.
Each function has an unwind stack, where defer pushes thunks. And at the function epilogue, the unwind stack is poped and the thunks are executed.

[parkan]

what about foo.bar.*.*?

[vyzo]

Uhm, I don't think it's worth the trouble.
I kept it simple and used the same wildcard semantics we have in MCQL.
If it proves to be insufficient for some use case, we can generalize to support regexps.