2018-03-10 01:56:02 +00:00
|
|
|
package config
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
|
2019-08-24 14:42:51 +00:00
|
|
|
"github.com/libp2p/go-libp2p-core/crypto"
|
2019-05-26 21:55:46 +00:00
|
|
|
"github.com/libp2p/go-libp2p-core/host"
|
|
|
|
"github.com/libp2p/go-libp2p-core/peer"
|
|
|
|
"github.com/libp2p/go-libp2p-core/sec"
|
|
|
|
"github.com/libp2p/go-libp2p-core/sec/insecure"
|
|
|
|
|
2018-03-10 01:56:02 +00:00
|
|
|
csms "github.com/libp2p/go-conn-security-multistream"
|
|
|
|
)
|
|
|
|
|
2020-03-03 14:33:32 +00:00
|
|
|
// SecC is a security transport constructor.
|
2019-05-26 21:55:46 +00:00
|
|
|
type SecC func(h host.Host) (sec.SecureTransport, error)
|
2018-03-10 01:56:02 +00:00
|
|
|
|
|
|
|
// MsSecC is a tuple containing a security transport constructor and a protocol
|
|
|
|
// ID.
|
|
|
|
type MsSecC struct {
|
|
|
|
SecC
|
|
|
|
ID string
|
|
|
|
}
|
|
|
|
|
|
|
|
var securityArgTypes = newArgTypeSet(
|
|
|
|
hostType, networkType, peerIDType,
|
|
|
|
privKeyType, pubKeyType, pstoreType,
|
|
|
|
)
|
|
|
|
|
|
|
|
// SecurityConstructor creates a security constructor from the passed parameter
|
|
|
|
// using reflection.
|
2019-05-26 21:55:46 +00:00
|
|
|
func SecurityConstructor(security interface{}) (SecC, error) {
|
2018-03-10 01:56:02 +00:00
|
|
|
// Already constructed?
|
2019-05-26 21:55:46 +00:00
|
|
|
if t, ok := security.(sec.SecureTransport); ok {
|
|
|
|
return func(_ host.Host) (sec.SecureTransport, error) {
|
2018-03-10 01:56:02 +00:00
|
|
|
return t, nil
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2019-05-26 21:55:46 +00:00
|
|
|
ctor, err := makeConstructor(security, securityType, securityArgTypes)
|
2018-03-10 01:56:02 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2019-05-26 21:55:46 +00:00
|
|
|
return func(h host.Host) (sec.SecureTransport, error) {
|
2020-05-15 16:31:03 +00:00
|
|
|
t, err := ctor(h, nil, nil)
|
2018-03-10 01:56:02 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2019-05-26 21:55:46 +00:00
|
|
|
return t.(sec.SecureTransport), nil
|
2018-03-10 01:56:02 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2019-08-24 14:42:51 +00:00
|
|
|
func makeInsecureTransport(id peer.ID, privKey crypto.PrivKey) sec.SecureTransport {
|
2018-03-10 01:56:02 +00:00
|
|
|
secMuxer := new(csms.SSMuxer)
|
2019-08-24 14:42:51 +00:00
|
|
|
secMuxer.AddTransport(insecure.ID, insecure.NewWithIdentity(id, privKey))
|
2018-03-10 01:56:02 +00:00
|
|
|
return secMuxer
|
|
|
|
}
|
|
|
|
|
2019-05-26 21:55:46 +00:00
|
|
|
func makeSecurityTransport(h host.Host, tpts []MsSecC) (sec.SecureTransport, error) {
|
2018-03-10 01:56:02 +00:00
|
|
|
secMuxer := new(csms.SSMuxer)
|
|
|
|
transportSet := make(map[string]struct{}, len(tpts))
|
|
|
|
for _, tptC := range tpts {
|
|
|
|
if _, ok := transportSet[tptC.ID]; ok {
|
|
|
|
return nil, fmt.Errorf("duplicate security transport: %s", tptC.ID)
|
|
|
|
}
|
2018-08-21 01:17:30 +00:00
|
|
|
transportSet[tptC.ID] = struct{}{}
|
2018-03-10 01:56:02 +00:00
|
|
|
}
|
|
|
|
for _, tptC := range tpts {
|
|
|
|
tpt, err := tptC.SecC(h)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if _, ok := tpt.(*insecure.Transport); ok {
|
|
|
|
return nil, fmt.Errorf("cannot construct libp2p with an insecure transport, set the Insecure config option instead")
|
|
|
|
}
|
|
|
|
secMuxer.AddTransport(tptC.ID, tpt)
|
|
|
|
}
|
|
|
|
return secMuxer, nil
|
|
|
|
}
|