connectd: ignore private remote_addr on non-DEVELOPER builds

When compiled without DEVELOPER this will now filter out `remote_addr` that come from localhost. The testcase checks for DEVELOPER to test for correct function of `remote_addr`. Also, I renamed "test_connect" to "test_connect_basic" so it can be started without all the other tests in that file that start with "test_connect..."
2025-02-22 14:42:40 +01:00 · 2022-02-24 16:48:16 +01:00 · 2022-02-24 16:48:16 +01:00 · f1981461ef
commit f1981461ef
parent a01e2740ef
3 changed files with 12 additions and 5 deletions
--- a/connectd/peer_exchange_initmsg.c
+++ b/connectd/peer_exchange_initmsg.c
@ -100,7 +100,12 @@ static struct io_plan *peer_init_received(struct io_conn *conn,
 		switch (tlvs->remote_addr->type) {
 		case ADDR_TYPE_IPV4:
 		case ADDR_TYPE_IPV6:
-			remote_addr = tal_steal(peer, tlvs->remote_addr);
+#if DEVELOPER		/* ignore private addresses (non-DEVELOPER builds) */
+			if (address_routable(tlvs->remote_addr, true))
+#else
+			if (address_routable(tlvs->remote_addr, false))
+#endif /* DEVELOPER */
+				remote_addr = tal_steal(peer, tlvs->remote_addr);
 			break;
 		/* We are only interested in IP addresses */
 		case ADDR_TYPE_TOR_V2_REMOVED:
--- a/tests/test_connection.py
+++ b/tests/test_connection.py
@ -10,7 +10,7 @@ from utils import (
    expected_channel_features,
    check_coin_moves, first_channel_id, account_balance, basic_fee,
    scriptpubkey_addr,
-    EXPERIMENTAL_FEATURES, mine_funding_to_announce
+    DEVELOPER, EXPERIMENTAL_FEATURES, mine_funding_to_announce
 )
 from pyln.testing.utils import SLOW_MACHINE, VALGRIND, EXPERIMENTAL_DUAL_FUND, FUNDAMOUNT

@ -23,7 +23,7 @@ import unittest
 import websocket


-def test_connect(node_factory):
+def test_connect_basic(node_factory):
    l1, l2 = node_factory.line_graph(2, fundchannel=False)

    # These should be in openingd.
@ -46,8 +46,9 @@ def test_connect(node_factory):
    assert len(l1.rpc.listpeers()) == 1
    assert len(l2.rpc.listpeers()) == 1

-    if EXPERIMENTAL_FEATURES:
-        l1.daemon.wait_for_log("Peer says it sees our address as: 127.0.0.1:[0-9]{5}")
+    if EXPERIMENTAL_FEATURES:  # BOLT1 remote_addr #917
+        if DEVELOPER:
+            print(l1.daemon.wait_for_log("Peer says it sees our address as: 127.0.0.1:[0-9]{5}"))

    # Should get reasonable error if unknown addr for peer.
    with pytest.raises(RpcError, match=r'Unable to connect, no address known'):
--- a/tests/test_plugin.py
+++ b/tests/test_plugin.py
@ -452,6 +452,7 @@ def test_plugin_connected_hook_chaining(node_factory):


@unittest.skipIf(not EXPERIMENTAL_FEATURES, "BOLT1 remote_addr #917")
+@pytest.mark.developer("localhost remote_addr will be filtered without DEVELOEPR")
 def test_peer_connected_remote_addr(node_factory):
    """This tests the optional tlv `remote_addr` being passed to a plugin.