2018-07-04 10:51:47 +00:00
|
|
|
package config
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
|
2022-11-04 13:57:20 +00:00
|
|
|
"github.com/libp2p/go-libp2p/core/crypto"
|
|
|
|
"github.com/libp2p/go-libp2p/core/host"
|
|
|
|
"github.com/libp2p/go-libp2p/core/peer"
|
|
|
|
"github.com/libp2p/go-libp2p/core/sec"
|
|
|
|
"github.com/libp2p/go-libp2p/core/sec/insecure"
|
2022-08-19 16:34:07 +00:00
|
|
|
csms "github.com/libp2p/go-libp2p/p2p/net/conn-security-multistream"
|
2018-07-04 10:51:47 +00:00
|
|
|
)
|
|
|
|
|
2021-06-16 20:19:45 +00:00
|
|
|
// SecC is a security transport constructor.
|
2019-06-09 07:24:20 +00:00
|
|
|
type SecC func(h host.Host) (sec.SecureTransport, error)
|
2018-07-04 10:51:47 +00:00
|
|
|
|
|
|
|
// MsSecC is a tuple containing a security transport constructor and a protocol
|
|
|
|
// ID.
|
|
|
|
type MsSecC struct {
|
|
|
|
SecC
|
|
|
|
ID string
|
|
|
|
}
|
|
|
|
|
|
|
|
var securityArgTypes = newArgTypeSet(
|
|
|
|
hostType, networkType, peerIDType,
|
|
|
|
privKeyType, pubKeyType, pstoreType,
|
|
|
|
)
|
|
|
|
|
|
|
|
// SecurityConstructor creates a security constructor from the passed parameter
|
|
|
|
// using reflection.
|
2019-06-09 07:24:20 +00:00
|
|
|
func SecurityConstructor(security interface{}) (SecC, error) {
|
2018-07-04 10:51:47 +00:00
|
|
|
// Already constructed?
|
2019-06-09 07:24:20 +00:00
|
|
|
if t, ok := security.(sec.SecureTransport); ok {
|
|
|
|
return func(_ host.Host) (sec.SecureTransport, error) {
|
2018-07-04 10:51:47 +00:00
|
|
|
return t, nil
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2019-06-09 07:24:20 +00:00
|
|
|
ctor, err := makeConstructor(security, securityType, securityArgTypes)
|
2018-07-04 10:51:47 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2019-06-09 07:24:20 +00:00
|
|
|
return func(h host.Host) (sec.SecureTransport, error) {
|
2022-11-04 13:57:20 +00:00
|
|
|
t, err := ctor(h, nil, nil, nil, nil, nil)
|
2018-07-04 10:51:47 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2019-06-09 07:24:20 +00:00
|
|
|
return t.(sec.SecureTransport), nil
|
2018-07-04 10:51:47 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2021-10-19 13:43:41 +00:00
|
|
|
func makeInsecureTransport(id peer.ID, privKey crypto.PrivKey) sec.SecureMuxer {
|
2018-07-04 10:51:47 +00:00
|
|
|
secMuxer := new(csms.SSMuxer)
|
2019-10-04 15:21:24 +00:00
|
|
|
secMuxer.AddTransport(insecure.ID, insecure.NewWithIdentity(id, privKey))
|
2018-07-04 10:51:47 +00:00
|
|
|
return secMuxer
|
|
|
|
}
|
|
|
|
|
2021-10-19 13:43:41 +00:00
|
|
|
func makeSecurityMuxer(h host.Host, tpts []MsSecC) (sec.SecureMuxer, error) {
|
2018-07-04 10:51:47 +00:00
|
|
|
secMuxer := new(csms.SSMuxer)
|
|
|
|
transportSet := make(map[string]struct{}, len(tpts))
|
|
|
|
for _, tptC := range tpts {
|
|
|
|
if _, ok := transportSet[tptC.ID]; ok {
|
|
|
|
return nil, fmt.Errorf("duplicate security transport: %s", tptC.ID)
|
|
|
|
}
|
2019-06-09 07:24:20 +00:00
|
|
|
transportSet[tptC.ID] = struct{}{}
|
2018-07-04 10:51:47 +00:00
|
|
|
}
|
|
|
|
for _, tptC := range tpts {
|
|
|
|
tpt, err := tptC.SecC(h)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if _, ok := tpt.(*insecure.Transport); ok {
|
|
|
|
return nil, fmt.Errorf("cannot construct libp2p with an insecure transport, set the Insecure config option instead")
|
|
|
|
}
|
|
|
|
secMuxer.AddTransport(tptC.ID, tpt)
|
|
|
|
}
|
|
|
|
return secMuxer, nil
|
|
|
|
}
|