mirrors/eclair
1
0
Fork 0
mirror of https://github.com/ACINQ/eclair.git synced 2025-02-23 14:40:34 +01:00
Code Issues Projects Releases Wiki Activity

Make Tor optional for blockchain watchdogs (#1958)

Browse source 
This change lets node operators disable the use of
Tor for blockchain watchdogs if they'd rather use
cleartext HTTP instead.
This commit is contained in:
rorp 2021-09-22 00:18:58 -07:00 committed by GitHub
parent 273fae9135
commit c846781192
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 20 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
docs/Tor.md
View file

@ -174,4 +174,10 @@ eclair.blockchain-watchdog.sources = [
"blockstream.info", "blockstream.info",
"mempool.space" "mempool.space"
] ]
```
Also, you can disable Tor for all watchdog sources altogether using:
```s
eclair.socks5.use-for-watchdogs = false
``` ```

1
eclair-core/src/main/resources/reference.conf
View file

@ -327,6 +327,7 @@ eclair {
use-for-ipv4 = true use-for-ipv4 = true
use-for-ipv6 = true use-for-ipv6 = true
use-for-tor = true use-for-tor = true
use-for-watchdogs = true
randomize-credentials = false // this allows tor stream isolation randomize-credentials = false // this allows tor stream isolation
} }

3
eclair-core/src/main/scala/fr/acinq/eclair/NodeParams.scala
View file

@ -292,7 +292,8 @@ object NodeParams extends Logging {
randomizeCredentials = config.getBoolean("socks5.randomize-credentials"), randomizeCredentials = config.getBoolean("socks5.randomize-credentials"),
useForIPv4 = config.getBoolean("socks5.use-for-ipv4"), useForIPv4 = config.getBoolean("socks5.use-for-ipv4"),
useForIPv6 = config.getBoolean("socks5.use-for-ipv6"), useForIPv6 = config.getBoolean("socks5.use-for-ipv6"),
useForTor = config.getBoolean("socks5.use-for-tor") useForTor = config.getBoolean("socks5.use-for-tor"),
useForWatchdogs = config.getBoolean("socks5.use-for-watchdogs"),
)) ))
} else { } else {
None None

5
eclair-core/src/main/scala/fr/acinq/eclair/blockchain/watchdogs/BlockchainWatchdog.scala
View file

@ -68,10 +68,9 @@ object BlockchainWatchdog {
*/ */
def apply(nodeParams: NodeParams, maxRandomDelay: FiniteDuration, blockTimeout: FiniteDuration = 15 minutes): Behavior[Command] = { def apply(nodeParams: NodeParams, maxRandomDelay: FiniteDuration, blockTimeout: FiniteDuration = 15 minutes): Behavior[Command] = {
Behaviors.setup { context => Behaviors.setup { context =>
implicit val sttpBackend = ExplorerApi.createSttpBackend(nodeParams.socksProxy_opt) val socksProxy_opt = nodeParams.socksProxy_opt.flatMap(params => if (params.useForWatchdogs) Some(params) else None)
implicit val sttpBackend = ExplorerApi.createSttpBackend(socksProxy_opt)
val chainHash = nodeParams.chainHash val chainHash = nodeParams.chainHash
val socksProxy_opt = nodeParams.socksProxy_opt
val sources = nodeParams.blockchainWatchdogSources val sources = nodeParams.blockchainWatchdogSources
val explorers = Seq( val explorers = Seq(

2
eclair-core/src/main/scala/fr/acinq/eclair/tor/Socks5Connection.scala
View file

@ -217,7 +217,7 @@ object Socks5Connection {
def portToByteString(port: Int): ByteString = ByteString((port & 0x0000ff00) >> 8, port & 0x000000ff) def portToByteString(port: Int): ByteString = ByteString((port & 0x0000ff00) >> 8, port & 0x000000ff)
} }
case class Socks5ProxyParams(address: InetSocketAddress, credentials_opt: Option[Credentials], randomizeCredentials: Boolean, useForIPv4: Boolean, useForIPv6: Boolean, useForTor: Boolean) case class Socks5ProxyParams(address: InetSocketAddress, credentials_opt: Option[Credentials], randomizeCredentials: Boolean, useForIPv4: Boolean, useForIPv6: Boolean, useForTor: Boolean, useForWatchdogs: Boolean)
object Socks5ProxyParams { object Socks5ProxyParams {

3
eclair-core/src/test/scala/fr/acinq/eclair/blockchain/watchdogs/BlockchainWatchdogSpec.scala
View file

@ -106,7 +106,8 @@ class BlockchainWatchdogSpec extends ScalaTestWithActorTestKit(ConfigFactory.loa
randomizeCredentials = true, randomizeCredentials = true,
useForIPv4 = true, useForIPv4 = true,
useForIPv6 = true, useForIPv6 = true,
useForTor = true) useForTor = true,
useForWatchdogs = true)
if (proxyAcceptsConnections(proxyParams)) { if (proxyAcceptsConnections(proxyParams)) {
val eventListener = TestProbe[DangerousBlocksSkew]() val eventListener = TestProbe[DangerousBlocksSkew]()

12
eclair-core/src/test/scala/fr/acinq/eclair/tor/Socks5ConnectionSpec.scala
View file

@ -31,27 +31,27 @@ class Socks5ConnectionSpec extends AnyFunSuite {
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("1.2.3.4", 9735), socketAddress = new InetSocketAddress("1.2.3.4", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true)).contains(proxyAddress)) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true, useForWatchdogs = true)).contains(proxyAddress))
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("1.2.3.4", 9735), socketAddress = new InetSocketAddress("1.2.3.4", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = false, useForIPv6 = true, useForTor = true)).isEmpty) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = false, useForIPv6 = true, useForTor = true, useForWatchdogs = true)).isEmpty)
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("[fc92:97a3:e057:b290:abd8:9bd6:135d:7e7]", 9735), socketAddress = new InetSocketAddress("[fc92:97a3:e057:b290:abd8:9bd6:135d:7e7]", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true)).contains(proxyAddress)) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true, useForWatchdogs = true)).contains(proxyAddress))
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("[fc92:97a3:e057:b290:abd8:9bd6:135d:7e7]", 9735), socketAddress = new InetSocketAddress("[fc92:97a3:e057:b290:abd8:9bd6:135d:7e7]", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = false, useForTor = true)).isEmpty) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = false, useForTor = true, useForWatchdogs = true)).isEmpty)
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("iq7zhmhck54vcax2vlrdcavq2m32wao7ekh6jyeglmnuuvv3js57r4id.onion", 9735), socketAddress = new InetSocketAddress("iq7zhmhck54vcax2vlrdcavq2m32wao7ekh6jyeglmnuuvv3js57r4id.onion", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true)).contains(proxyAddress)) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = true, useForWatchdogs = true)).contains(proxyAddress))
assert(Socks5ProxyParams.proxyAddress( assert(Socks5ProxyParams.proxyAddress(
socketAddress = new InetSocketAddress("iq7zhmhck54vcax2vlrdcavq2m32wao7ekh6jyeglmnuuvv3js57r4id.onion", 9735), socketAddress = new InetSocketAddress("iq7zhmhck54vcax2vlrdcavq2m32wao7ekh6jyeglmnuuvv3js57r4id.onion", 9735),
proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = false)).isEmpty) proxyParams = Socks5ProxyParams(address = proxyAddress, credentials_opt = None, randomizeCredentials = false, useForIPv4 = true, useForIPv6 = true, useForTor = false, useForWatchdogs = true)).isEmpty)
} }