From 83b4e3cf9c6409b283e609aa74c8b77b3bdde486 Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Sun, 20 Nov 2022 18:36:01 +1300 Subject: [PATCH] expose the security protocol on the ConnectionState --- core/network/conn.go | 8 ++++---- p2p/net/upgrader/conn.go | 8 ++++++-- p2p/net/upgrader/upgrader.go | 11 ++++++----- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/core/network/conn.go b/core/network/conn.go index 550b20c27..279621146 100644 --- a/core/network/conn.go +++ b/core/network/conn.go @@ -34,12 +34,12 @@ type Conn interface { GetStreams() []Stream } -// ConnectionState holds extra information releated to the ConnSecurity entity. +// ConnectionState holds information about the connection. type ConnectionState struct { - // The next protocol used for stream muxer selection. This is derived from - // security protocol handshake, for example, Noise handshake payload or - // TLS/ALPN negotiation. + // The stream multiplexer used on this connection (if any). StreamMultiplexer string + // The security protocol used on this connection (if any). + Security string } // ConnSecurity is the interface that one can mix into a connection interface to diff --git a/p2p/net/upgrader/conn.go b/p2p/net/upgrader/conn.go index e3c87547c..4fdbd05fa 100644 --- a/p2p/net/upgrader/conn.go +++ b/p2p/net/upgrader/conn.go @@ -16,7 +16,8 @@ type transportConn struct { scope network.ConnManagementScope stat network.ConnStats - muxer protocol.ID + muxer protocol.ID + security protocol.ID } var _ transport.CapableConn = &transportConn{} @@ -54,5 +55,8 @@ func (t *transportConn) Close() error { } func (t *transportConn) ConnState() network.ConnectionState { - return network.ConnectionState{StreamMultiplexer: string(t.muxer)} + return network.ConnectionState{ + StreamMultiplexer: string(t.muxer), + Security: string(t.security), + } } diff --git a/p2p/net/upgrader/upgrader.go b/p2p/net/upgrader/upgrader.go index 5c15417d4..5a69efb0b 100644 --- a/p2p/net/upgrader/upgrader.go +++ b/p2p/net/upgrader/upgrader.go @@ -152,7 +152,7 @@ func (u *upgrader) upgrade(ctx context.Context, t transport.Transport, maconn ma return nil, ipnet.ErrNotInPrivateNetwork } - sconn, server, err := u.setupSecurity(ctx, conn, p, dir) + sconn, security, server, err := u.setupSecurity(ctx, conn, p, dir) if err != nil { conn.Close() return nil, fmt.Errorf("failed to negotiate security protocol: %s", err) @@ -193,24 +193,25 @@ func (u *upgrader) upgrade(ctx context.Context, t transport.Transport, maconn ma stat: stat, scope: connScope, muxer: muxer, + security: security, } return tc, nil } -func (u *upgrader) setupSecurity(ctx context.Context, conn net.Conn, p peer.ID, dir network.Direction) (sec.SecureConn, bool, error) { +func (u *upgrader) setupSecurity(ctx context.Context, conn net.Conn, p peer.ID, dir network.Direction) (sec.SecureConn, protocol.ID, bool, error) { isServer := dir == network.DirInbound var st sec.SecureTransport var err error st, isServer, err = u.negotiateSecurity(ctx, conn, isServer) if err != nil { - return nil, false, err + return nil, "", false, err } if isServer { sconn, err := st.SecureInbound(ctx, conn, p) - return sconn, true, err + return sconn, st.ID(), true, err } sconn, err := st.SecureOutbound(ctx, conn, p) - return sconn, false, err + return sconn, st.ID(), false, err } func (u *upgrader) negotiateMuxer(nc net.Conn, isServer bool) (*StreamMuxer, error) {