expose the security protocol on the ConnectionState

2 years ago · 83b4e3cf9c
3 changed files with 16 additions and 11 deletions
--- a/core/network/conn.go
+++ b/core/network/conn.go
@ -34,12 +34,12 @@ type Conn interface {
 	GetStreams() []Stream
 }

-// ConnectionState holds extra information releated to the ConnSecurity entity.
+// ConnectionState holds information about the connection.
 type ConnectionState struct {
-	// The next protocol used for stream muxer selection. This is derived from
-	// security protocol handshake, for example, Noise handshake payload or
-	// TLS/ALPN negotiation.
+	// The stream multiplexer used on this connection (if any).
 	StreamMultiplexer string
+	// The security protocol used on this connection (if any).
+	Security string
 }

 // ConnSecurity is the interface that one can mix into a connection interface to
--- a/p2p/net/upgrader/conn.go
+++ b/p2p/net/upgrader/conn.go
@ -16,7 +16,8 @@ type transportConn struct {
 	scope     network.ConnManagementScope
 	stat      network.ConnStats

-	muxer protocol.ID
+	muxer    protocol.ID
+	security protocol.ID
 }

 var _ transport.CapableConn = &transportConn{}
@ -54,5 +55,8 @@ func (t *transportConn) Close() error {
 }

 func (t *transportConn) ConnState() network.ConnectionState {
-	return network.ConnectionState{StreamMultiplexer: string(t.muxer)}
+	return network.ConnectionState{
+		StreamMultiplexer: string(t.muxer),
+		Security:          string(t.security),
+	}
 }
--- a/p2p/net/upgrader/upgrader.go
+++ b/p2p/net/upgrader/upgrader.go
@ -152,7 +152,7 @@ func (u *upgrader) upgrade(ctx context.Context, t transport.Transport, maconn ma
 		return nil, ipnet.ErrNotInPrivateNetwork
 	}

-	sconn, server, err := u.setupSecurity(ctx, conn, p, dir)
+	sconn, security, server, err := u.setupSecurity(ctx, conn, p, dir)
 	if err != nil {
 		conn.Close()
 		return nil, fmt.Errorf("failed to negotiate security protocol: %s", err)
@ -193,24 +193,25 @@ func (u *upgrader) upgrade(ctx context.Context, t transport.Transport, maconn ma
 		stat:           stat,
 		scope:          connScope,
 		muxer:          muxer,
+		security:       security,
 	}
 	return tc, nil
 }

-func (u *upgrader) setupSecurity(ctx context.Context, conn net.Conn, p peer.ID, dir network.Direction) (sec.SecureConn, bool, error) {
+func (u *upgrader) setupSecurity(ctx context.Context, conn net.Conn, p peer.ID, dir network.Direction) (sec.SecureConn, protocol.ID, bool, error) {
 	isServer := dir == network.DirInbound
 	var st sec.SecureTransport
 	var err error
 	st, isServer, err = u.negotiateSecurity(ctx, conn, isServer)
 	if err != nil {
-		return nil, false, err
+		return nil, "", false, err
 	}
 	if isServer {
 		sconn, err := st.SecureInbound(ctx, conn, p)
-		return sconn, true, err
+		return sconn, st.ID(), true, err
 	}
 	sconn, err := st.SecureOutbound(ctx, conn, p)
-	return sconn, false, err
+	return sconn, st.ID(), false, err
 }

 func (u *upgrader) negotiateMuxer(nc net.Conn, isServer bool) (*StreamMuxer, error) {