Commit Graph

102 Commits

Author SHA1 Message Date
Kim De Mey 522db295f2
Fix RLP deserialzation for Enum with holes (#554)
RLP Enum deserialization would currently not check if "hole values"
were attempted to be converted to the enum type. Now use
checkedEnumAssign and fail with RlpTypeMismatch on invalid values.

There is at least one occurance of an enum with holes in rlpx p2p:
DisconnectionReason. For this enum the issue could occur.

Also:
- Added enum RLP tests and rlpx p2p disconnect message tests to
test the DisconnectionReason with enum hole value.
- Fixed worse custom DisconnectionReason decoding occurance
in rlpx in waitSingleMsg proc where this issue could occur.
2022-11-14 15:49:37 +01:00
Kim De Mey 9b0f054b04
Tackle some Nim warnings new since Nim 1.4 & 1.6 (#553) 2022-11-10 16:32:57 +01:00
andri lim 10870d8b15
Revert #544 "Fix related to nim devel branch" (#551)
This reverts commit:
5d13052dd9
e1bdf1741a
d238693571
2022-11-09 18:57:04 +01:00
jangko e1bdf1741a
refactor p2pProtocol internals
Nim devel brach(1.7.1) introduce gc=orc as default mode.
Because the p2p protocol using unsafe pointer operations
for it's ProtocolInfo and using global variables scattered
around, the orc mistakenly(or maybe correctly) crash the protocol.
2022-11-08 09:41:45 +07:00
Kim De Mey fef47331c3
Networkid common (#547)
* Move NetworkId type to common eth_types

NetworkId is after all a common type and this way it avoid an
application that requires it to also import all devp2p related
network types.

RLP related calls are moved to eth_types_rlp, this means that p2p
protocols that send NetworkId over the wire need to import this
too. Or just common in general.

* Remove # in front of multiline comment end bracket

These seem to be interpreted wrongly by the GitHub code browser.
2022-10-20 08:49:20 +02:00
Kim De Mey ba69c1ff29
Quickfix for a potential double future completion in rlpx (#538) 2022-10-06 13:34:35 +02:00
Jacek Sieka 5e4123fda8
tighter nimcrypto imports (#532) 2022-09-05 11:09:38 +02:00
Jordan Hrycaj 8761ea3222
Fix stability issues (#512)
* Fix stability issues

why:
  Handling malformed messages typically raises `RangeError` exceptions
  when de-serialising RLP, or decoding message data. This is an
  (incomplete) attempt to weed out some out it driven by real live
  tests.

remark:
  Employing the new `snap` protocol there might be different views on what
  the messages really contain (currently specs are more a hint.)

* Update RLP exception handling

* Undo effect-less patch

why:
  problem occurred somewhere above the try/catch handler

* Using `checkedEnumAssign()` for RLP enum
2022-06-16 16:23:07 +01:00
Jordan Hrycaj 00ed6ad312
Dedicated RLP reader for `DisconnectionReason` (#507)
* Provide dedicated `DisconnectionReason` enum type RLP reader

why:
  Without this reader, the program communicating via RLPX will crash when
  receiving out of bound reason codes disconnect message.

  Out of bound value assignments to an enum causes a `RangeError`defect
  and consequently the program to terminate. This `RangeError` is avoided
  here and a `MalformedRlpError` catchable error raised.

* Using default exception type in bespoke `read(DisconnectionReason)`

why:
  This should not differ from the default enum parser. The particular
  message is different and more targeted, here.

  Note: The default RLP parser was not used because `
  `array[1,DisconnectionReason]` is currently not properly handled and
  should give a siliar error message as a `DisconnectionReason` error.

* De-clutter, custom read() was not needed

Co-authored-by: jordan <jordan@curd.mjh-it.com>
2022-05-26 10:23:40 +01:00
Kim De Mey 6d4b1f4fe1
Handle the decodeAuthMessage error case separatly and log to trace (#498)
* Handle the decodeAuthMessage error case separatly and log to trace

Garbage data on the TCP port (e.g. from port scanners) would
cause lots of error log messages, so log this to trace and get rid
of a (little) bit of exception usage in the process.

* Remove usage of result var in rlpxAccept and rlpxConnect

* Discv4: Add ENRRequest & ENRResponse msgs to avoid fails on these

Fix #499
These messages are not implemented yet however, but just ignored.
2022-04-04 22:31:09 +02:00
Jordan Hrycaj 4c7cdcaaf2
Merge pull request #484 from status-im/jordan/nethermind-sync
Jordan/nethermind sync
2022-03-28 09:34:51 +01:00
Jordan Hrycaj f214dd8db3
Update eth/p2p/rlpx.nim
Co-authored-by: Kim De Mey <kim.demey@gmail.com>
2022-03-25 09:11:47 +00:00
Jordan Hrycaj 2e41d2892e
Update eth/p2p/rlpx.nim
Co-authored-by: Kim De Mey <kim.demey@gmail.com>
2022-03-25 09:11:39 +00:00
Jordan Hrycaj 96d07cdea6
Update eth/p2p/rlpx.nim
Co-authored-by: Kim De Mey <kim.demey@gmail.com>
2022-03-25 09:11:23 +00:00
Jordan Hrycaj 499e542263
Update eth/p2p/rlpx.nim
Co-authored-by: Kim De Mey <kim.demey@gmail.com>
2022-03-25 09:11:15 +00:00
Jordan Hrycaj 1d8a9cf01c
Update eth/p2p/rlpx.nim
Co-authored-by: Kim De Mey <kim.demey@gmail.com>
2022-03-25 09:11:05 +00:00
Jordan Hrycaj 944d7a4069 Mitigating RLP annoyances
why:
  Rlp errors throw exceptions which cause the dispatcher loop to
  terminate the current session immediately.

details:
  The DisconnectionReasonList message requires a single entry list.
  Observed and now accepted deviations are:

  Geth: single byte number

  bor(a Geth fork): blobbed single entry list containing a number
2022-03-24 14:49:15 +00:00
Jordan Hrycaj 4bc020384f Rebase & make chunked RLPx messages optional by a compiler flag
why:
  This is a legacy feature and its usage should peter out over time.

details:
  Use -d:chunked_rlpx_enabled for enabling chunked RLPx message handling.
2022-03-22 17:44:29 +00:00
Jordan Hrycaj 2ff455f26d Support obsolete chunked RLPx wire protocol
why:
  For some reason, Nethermind insists on sending chunked messages to
  the syncing peer. Unfortunately, for the test networks the Nethermind
  modes are the importent ones as they speak eth/65 as well while others
  like Geth only support eth/66 which is not implemented here, yet.
2022-03-22 16:25:05 +00:00
Jordan Hrycaj 0feefab9ce Prevent from NULL-message SEGFAULTs
why:
  There were cases with NULL entries in the message sequence (as indexed
  by msgId.)
2022-03-22 16:25:05 +00:00
Kim De Mey 2c236f6495
Style fixes according to --styleCheck:usages (#452)
Currently only setting `--styleCheck:hint` as there are some
dependency fixes required and the compiler seems to trip over the
findnode MessageKind, findnode Message field and the findNode
proc. Also over protocol.Protocol usage.
2021-12-20 13:14:50 +01:00
Jamie Lokier 6a8d49e4c0 Security/RLPx: Fix crash when peer sends out of bounds message id
Closes [nimbus-eth1#767](https://github.com/status-im/nimbus-eth1/issues/767).

Crashes occur when certain invalid RLPx messages are received from a peer.
Specifically, `msgId` out of range.  Because any peer can easily trigger this
crash, we'd consider it a DOS vulnerability if Nimbus-eth1 was in general use.

We noticed when syncing to Goerli, there were some rare crashes with this
exception.  It turned out one peer with custom code, perhaps malfunctioning,
was sending these messages if we were unlucky enough to connect to it.

`invokeThunk` is called from `dispatchMessages` and checks the range of
`msgId`.  It correctly recognise that it's out of range, raises and exception
and produces a message.  Job done.

Except the code in `dispatchMessage` treats all that as a warning instead of
error, and continues to process the message.  A bit lower down, `msgId` is used
again without a range check.

The trivial fix is to check array bounds before access.

--

ps. Here's the stack trace ("reraised" sections hidden):

```
WRN 2021-11-08 21:29:33.238+00:00 Error while handling RLPx message          topics="rlpx" tid=2003472 file=rlpx.nim:607 peer=Node[<IP>:45456] msg=45 err="RLPx message with an invalid id 45 on a connection supporting eth,snap"
/home/jamie/Status/nimbus-eth1/nimbus/p2p/chain/chain_desc.nim(437) main
/home/jamie/Status/nimbus-eth1/nimbus/p2p/chain/chain_desc.nim(430) NimMain
/home/jamie/Status/nimbus-eth1/nimbus/nimbus.nim(258) process
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncloop.nim(279) poll
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncmacro2.nim(74) colonanonymous
/home/jamie/Status/nimbus-eth1/vendor/nim-eth/eth/p2p/rlpx.nim(1218) rlpxAccept
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncmacro2.nim(101) postHelloSteps
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncmacro2.nim(74) colonanonymous
/home/jamie/Status/nimbus-eth1/vendor/nim-eth/eth/p2p/rlpx.nim(985) postHelloSteps
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncmacro2.nim(101) dispatchMessages
/home/jamie/Status/nimbus-eth1/vendor/nim-chronos/chronos/asyncmacro2.nim(77) colonanonymous
/home/jamie/Status/nimbus-eth1/vendor/nim-eth/eth/p2p/rlpx.nim(614) dispatchMessages
/home/jamie/Status/nimbus-eth1/vendor/nimbus-build-system/vendor/Nim/lib/system/chcks.nim(23) raiseIndexError2
/home/jamie/Status/nimbus-eth1/vendor/nimbus-build-system/vendor/Nim/lib/system/fatal.nim(49) sysFatal
[[reraised from: ... ]]
[[reraised from: ... ]]
[[reraised from: ... ]]
[[reraised from: ... ]]
Error: unhandled exception: index 45 not in 0 .. 40 [IndexError]
```

Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-11-30 20:03:01 +02:00
Jamie Lokier 9a28ed7ef5 RLPx: Protocol names have never been limited to 3 characters
Don't treat 3 characters as special in `cmp`.  `cmp` for `ProtocolInfo` was
wrong because it ignored all characters after the first 3.

In the wild we have seen protocol names longer than 3 characters.  `snap`,
`hive`, `istanbul`, `bzzeth`, `bzz-stream`, `bzz-retrieve`, `dbix`, `opera`,
`pchain`, `pchain_child_0`, `sero`, `smilobft`, `spock`.

There was never a 3 character limit in the [specification]
(https://github.com/ethereum/devp2p/blob/master/rlpx.md).

It always said "short ASCII name", until recently on 2021-02-25 it was changed
to an 8 characters limit.

Also `pi.nameStr` can be removed.  Nothing uses it, and it has the same actual
effect as just copying the string `pi.name`.

Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-08-10 14:08:35 +03:00
Kim De Mey a8d11dd30b
Add top level push raises Defect to p2p code (#374) 2021-07-16 21:44:30 +02:00
Kim De Mey eb0908e33f
Push raises Defect to rlpx and accompanying changes (#373) 2021-07-14 10:35:35 +02:00
kdeme 00a45a7b91
Remove inline pragmas 2021-05-11 09:59:58 +02:00
kdeme 81f0a56ebd
Add/update bunch of license headers 2021-05-11 09:37:33 +02:00
kdeme 755729c6a1
Fix several compiler warnings
Mostly replacing deprecated calls
2021-05-11 09:24:23 +02:00
kdeme 90b4724492
Adjust for chronosStrictException usage in rest of eth/p2p 2021-05-06 17:20:54 +02:00
Kim De Mey 762415319c
Add build_dcli target and add it to CI (#344)
* Add build_dcli target and add it to CI

* Fix local imports for dcli

* And use local imports for all other files too

* Use local imports in tests and rlpx protocols
2021-04-06 13:33:24 +02:00
Kim De Mey 0be863d2de
Add raises annotations to make exception tracking work (#336)
See https://github.com/status-im/nim-chronos/pull/166
2021-03-24 12:52:09 +01:00
Kim De Mey d024ea8e85
Change invalid distance warning to debug (#316)
And also:

* move connected_peers metric so it does get added where it
shouldn't.

* imports cleanup
2020-12-14 12:21:03 +01:00
Zahary Karadjov de2d43a7e7 Remove some unused code from NBC by making it RLPx-specific 2020-10-05 17:28:58 +03:00
Zahary Karadjov 73c1bb817c
Adapt to latest snappy; Avoid decompression bombs 2020-08-19 14:14:59 +03:00
Jacek Sieka 484fbcab1b
use bearssl rng throughout (#265)
* use bearssl rng throughout

* seeder can fail

* imports and exports

* modules, sigh

* one more try

* move var

* even fewer thread vars

* remove out-of-date genrated files
2020-07-07 10:56:26 +02:00
Zahary Karadjov 218192aa09
Allow LibP2P to break the ties with RLPx by allowing more natural RPC syntax
Integrate the Stew macro printer and use to store the generated code for Whisper
2020-05-24 01:10:00 +03:00
Jacek Sieka fd6caa0fdc
Rlp experimental (#227)
* rlp: remove experimental features

* avoid range library

* trie: avoid reference-unsafe bitrange type
2020-04-20 20:14:39 +02:00
Jacek Sieka 1646d78d83
cleanups (#226) 2020-04-18 10:17:59 +02:00
Jacek Sieka 0b110f3287
Secp more refactor (#211)
* simplify some modules

* mark several modules with raises
* fix clearing of keys in auth.nim
* fix keyfile case dropping off
* fix keyfile stream storage
* uuid should be output in lowercase

* enode: simplify API
2020-04-06 18:24:15 +02:00
Jacek Sieka ac5bbe4d3d
keys: get rid of deprecated calls (#213) 2020-04-04 18:44:01 +02:00
Zahary Karadjov e89e59aa59
`enterList` now returns a bool 2020-02-27 20:09:05 +02:00
Ștefan Talpalaru f4712aaf74
rename safeEnterList() to enterList()
in order to avoid unhandled exceptions due to malformed data received
over the network
2020-02-25 16:10:09 +01:00
kdeme 0229547c41
More explicit Exceptions + fix re-raising 2019-12-04 12:34:37 +01:00
kdeme 4976bd9fb9 Replace getCurrentException and getCurrentExceptionMsg 2019-12-02 23:35:34 +02:00
Zahary Karadjov a54fdc8073 Cosmetic renames to match the protocol naming conventions 2019-11-25 19:55:41 +02:00
zah 7a39a50c27 Allow devp2p sub-protocols to use version 0; Fix #119 (#121) 2019-11-19 08:16:35 +01:00
Zahary Karadjov 14e99e0711
Changes related to the new ETH interop spec
* RPC requests and responses with a single parameter are now inlined
2019-10-23 12:10:16 +03:00
kdeme 98be627bcc Make msgId fixed int32 2019-10-23 09:35:33 +09:00
kdeme 02a6906c01
Remove the p2p disconnect handling from dispatchMessages 2019-10-14 12:01:01 +02:00
kdeme 9ee208876d
Fix possible AssertionError in ByteRange due to invalid access 2019-10-10 14:40:40 +02:00