pub struct StakeTableAuthentication<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> {
pub inner: T,
pub stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>,
pub auth_message: Arc<Option<Vec<u8>>>,
pd: PhantomData<C>,
}
Expand description
A wrapper for a Transport
that bidirectionally authenticates connections
by performing a handshake that checks if the remote peer is present in the
stake table.
Fields§
§inner: T
The underlying transport we are wrapping
stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>
The stake table we check against to authenticate connections
auth_message: Arc<Option<Vec<u8>>>
A pre-signed message that we send to the remote peer for authentication
pd: PhantomData<C>
Phantom data for the connection type
Implementations§
source§impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> StakeTableAuthentication<T, Types, C>
impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> StakeTableAuthentication<T, Types, C>
source§impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> StakeTableAuthentication<T, Types, C>
impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> StakeTableAuthentication<T, Types, C>
sourcepub fn new(
inner: T,
stake_table: Option<Arc<RwLock<Types::Membership>>>,
auth_message: Option<Vec<u8>>,
) -> Self
pub fn new( inner: T, stake_table: Option<Arc<RwLock<Types::Membership>>>, auth_message: Option<Vec<u8>>, ) -> Self
Create a new StakeTableAuthentication
transport that wraps the given transport
and authenticates connections against the stake table.
sourcepub async fn authenticate_with_remote_peer<W: AsyncWrite + Unpin>(
stream: &mut W,
auth_message: Arc<Option<Vec<u8>>>,
) -> AnyhowResult<()>
pub async fn authenticate_with_remote_peer<W: AsyncWrite + Unpin>( stream: &mut W, auth_message: Arc<Option<Vec<u8>>>, ) -> AnyhowResult<()>
Prove to the remote peer that we are in the stake table by sending them our authentication message.
§Errors
- If we fail to write the message to the stream
sourcepub async fn verify_peer_authentication<R: AsyncReadExt + Unpin>(
stream: &mut R,
stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>,
required_peer_id: &PeerId,
) -> AnyhowResult<()>
pub async fn verify_peer_authentication<R: AsyncReadExt + Unpin>( stream: &mut R, stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>, required_peer_id: &PeerId, ) -> AnyhowResult<()>
Verify that the remote peer is:
- In the stake table
- Sending us a valid authentication message
- Sending us a valid signature
- Matching the peer ID we expect
§Errors
If the peer fails verification. This can happen if:
- We fail to read the message from the stream
- The message is too large
- The message is invalid
- The peer is not in the stake table
- The signature is invalid
sourcefn gen_handshake<F: Future<Output = Result<T::Output, T::Error>> + Send + 'static>(
original_future: F,
outgoing: bool,
stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>,
auth_message: Arc<Option<Vec<u8>>>,
) -> Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
fn gen_handshake<F: Future<Output = Result<T::Output, T::Error>> + Send + 'static>( original_future: F, outgoing: bool, stake_table: Arc<Option<Arc<RwLock<Types::Membership>>>>, auth_message: Arc<Option<Vec<u8>>>, ) -> Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
Wrap the supplied future in an upgrade that performs the authentication handshake.
outgoing
is a boolean that indicates if the connection is incoming or outgoing.
This is needed because the flow of the handshake is different for each.
Trait Implementations§
source§impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> Transport for StakeTableAuthentication<T, Types, C>
impl<T: Transport, Types: NodeType, C: StreamMuxer + Unpin> Transport for StakeTableAuthentication<T, Types, C>
source§fn dial(
&mut self,
addr: Multiaddr,
opts: DialOpts,
) -> Result<Self::Dial, TransportError<Self::Error>>
fn dial( &mut self, addr: Multiaddr, opts: DialOpts, ) -> Result<Self::Dial, TransportError<Self::Error>>
Dial a remote peer. This function is changed to perform an authentication handshake on top.
source§fn poll(
self: Pin<&mut Self>,
cx: &mut Context<'_>,
) -> Poll<TransportEvent<Self::ListenerUpgrade, Self::Error>>
fn poll( self: Pin<&mut Self>, cx: &mut Context<'_>, ) -> Poll<TransportEvent<Self::ListenerUpgrade, Self::Error>>
This function is where we perform the authentication handshake for incoming connections.
The flow in this case is the reverse of the dial
function: we first verify the remote peer’s
authentication, and then authenticate with them.
source§fn remove_listener(&mut self, id: ListenerId) -> bool
fn remove_listener(&mut self, id: ListenerId) -> bool
The below functions just pass through to the inner transport, but we had to define them
source§type Dial = Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
type Dial = Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
source§type ListenerUpgrade = Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
type ListenerUpgrade = Pin<Box<dyn Future<Output = Result<<T as Transport>::Output, <T as Transport>::Error>> + Send>>
source§type Output = <T as Transport>::Output
type Output = <T as Transport>::Output
source§fn listen_on(
&mut self,
id: ListenerId,
addr: Multiaddr,
) -> Result<(), TransportError<Self::Error>>
fn listen_on( &mut self, id: ListenerId, addr: Multiaddr, ) -> Result<(), TransportError<Self::Error>>
Multiaddr
for inbound connections with a provided [ListenerId
].§fn map<F, O>(self, f: F) -> Map<Self, F>
fn map<F, O>(self, f: F) -> Map<Self, F>
§fn map_err<F, E>(self, f: F) -> MapErr<Self, F>
fn map_err<F, E>(self, f: F) -> MapErr<Self, F>
§fn or_transport<U>(self, other: U) -> OrTransport<Self, U>where
Self: Sized,
U: Transport,
<U as Transport>::Error: 'static,
fn or_transport<U>(self, other: U) -> OrTransport<Self, U>where
Self: Sized,
U: Transport,
<U as Transport>::Error: 'static,
impl<'pin, T: Transport, Types: NodeType, C: StreamMuxer + Unpin> Unpin for StakeTableAuthentication<T, Types, C>where
PinnedFieldsOf<__StakeTableAuthentication<'pin, T, Types, C>>: Unpin,
Auto Trait Implementations§
impl<T, Types, C> Freeze for StakeTableAuthentication<T, Types, C>where
T: Freeze,
impl<T, Types, C> !RefUnwindSafe for StakeTableAuthentication<T, Types, C>
impl<T, Types, C> Send for StakeTableAuthentication<T, Types, C>
impl<T, Types, C> Sync for StakeTableAuthentication<T, Types, C>
impl<T, Types, C> !UnwindSafe for StakeTableAuthentication<T, Types, C>
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> Conv for T
impl<T> Conv for T
§impl<T> FmtForward for T
impl<T> FmtForward for T
§fn fmt_binary(self) -> FmtBinary<Self>where
Self: Binary,
fn fmt_binary(self) -> FmtBinary<Self>where
Self: Binary,
self
to use its Binary
implementation when Debug
-formatted.§fn fmt_display(self) -> FmtDisplay<Self>where
Self: Display,
fn fmt_display(self) -> FmtDisplay<Self>where
Self: Display,
self
to use its Display
implementation when
Debug
-formatted.§fn fmt_lower_exp(self) -> FmtLowerExp<Self>where
Self: LowerExp,
fn fmt_lower_exp(self) -> FmtLowerExp<Self>where
Self: LowerExp,
self
to use its LowerExp
implementation when
Debug
-formatted.§fn fmt_lower_hex(self) -> FmtLowerHex<Self>where
Self: LowerHex,
fn fmt_lower_hex(self) -> FmtLowerHex<Self>where
Self: LowerHex,
self
to use its LowerHex
implementation when
Debug
-formatted.§fn fmt_octal(self) -> FmtOctal<Self>where
Self: Octal,
fn fmt_octal(self) -> FmtOctal<Self>where
Self: Octal,
self
to use its Octal
implementation when Debug
-formatted.§fn fmt_pointer(self) -> FmtPointer<Self>where
Self: Pointer,
fn fmt_pointer(self) -> FmtPointer<Self>where
Self: Pointer,
self
to use its Pointer
implementation when
Debug
-formatted.§fn fmt_upper_exp(self) -> FmtUpperExp<Self>where
Self: UpperExp,
fn fmt_upper_exp(self) -> FmtUpperExp<Self>where
Self: UpperExp,
self
to use its UpperExp
implementation when
Debug
-formatted.§fn fmt_upper_hex(self) -> FmtUpperHex<Self>where
Self: UpperHex,
fn fmt_upper_hex(self) -> FmtUpperHex<Self>where
Self: UpperHex,
self
to use its UpperHex
implementation when
Debug
-formatted.§fn fmt_list(self) -> FmtList<Self>where
&'a Self: for<'a> IntoIterator,
fn fmt_list(self) -> FmtList<Self>where
&'a Self: for<'a> IntoIterator,
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more§impl<T> Pipe for Twhere
T: ?Sized,
impl<T> Pipe for Twhere
T: ?Sized,
§fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> Rwhere
Self: Sized,
fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> Rwhere
Self: Sized,
§fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> Rwhere
R: 'a,
fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> Rwhere
R: 'a,
self
and passes that borrow into the pipe function. Read more§fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> Rwhere
R: 'a,
fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> Rwhere
R: 'a,
self
and passes that borrow into the pipe function. Read more§fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
§fn pipe_borrow_mut<'a, B, R>(
&'a mut self,
func: impl FnOnce(&'a mut B) -> R,
) -> R
fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
§fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
self
, then passes self.as_ref()
into the pipe function.§fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
self
, then passes self.as_mut()
into the pipe
function.§fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
self
, then passes self.deref()
into the pipe function.§impl<T> Pointable for T
impl<T> Pointable for T
§impl<T> Tap for T
impl<T> Tap for T
§fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
Borrow<B>
of a value. Read more§fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
BorrowMut<B>
of a value. Read more§fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
AsRef<R>
view of a value. Read more§fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
AsMut<R>
view of a value. Read more§fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
Deref::Target
of a value. Read more§fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
Deref::Target
of a value. Read more§fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self
fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self
.tap()
only in debug builds, and is erased in release builds.§fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self
fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self
.tap_mut()
only in debug builds, and is erased in release
builds.§fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
.tap_borrow()
only in debug builds, and is erased in release
builds.§fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
.tap_borrow_mut()
only in debug builds, and is erased in release
builds.§fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
.tap_ref()
only in debug builds, and is erased in release
builds.§fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
.tap_ref_mut()
only in debug builds, and is erased in release
builds.§fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
.tap_deref()
only in debug builds, and is erased in release
builds.§impl<TTransport> TransportExt for TTransportwhere
TTransport: Transport,
impl<TTransport> TransportExt for TTransportwhere
TTransport: Transport,
§fn with_bandwidth_logging<S>(
self,
) -> (Boxed<(PeerId, StreamMuxerBox)>, Arc<BandwidthSinks>)
fn with_bandwidth_logging<S>( self, ) -> (Boxed<(PeerId, StreamMuxerBox)>, Arc<BandwidthSinks>)
libp2p::SwarmBuilder::with_bandwidth_metrics
or libp2p_metrics::BandwidthTransport
instead.Transport
that logs all traffic that passes through the streams
created by it. Read more