firewall: obfuscate ConnectPeer

Also adds a privacy flag that controls obfuscation of network addresses.

Author: bitromortac

firewall/privacy_mapper.go

@@ -303,6 +303,11 @@ func (p *PrivacyMapper) checkers(db firewalldb.PrivacyMapDB,
 			handleBatchOpenChannelResponse(db, flags, p.randIntn),
 			mid.PassThroughErrorHandler,
 		),
+		"/lnrpc.Lightning/ConnectPeer": mid.NewRequestRewriter(
+			&lnrpc.ConnectPeerRequest{},
+			&lnrpc.ConnectPeerResponse{},
+			handleConnectPeerRequest(db, flags),
+		),
 	}
 }
 
@@ -1173,7 +1178,7 @@ func handleBatchOpenChannelRequest(db firewalldb.PrivacyMapDB,
 
 func handleBatchOpenChannelResponse(db firewalldb.PrivacyMapDB,
 	flags session.PrivacyFlags,
-	randIntn func(int) (int, error)) func(ctx context.Context,
+	_ func(int) (int, error)) func(ctx context.Context,
 	r *lnrpc.BatchOpenChannelResponse) (proto.Message, error) {
 
 	return func(_ context.Context, r *lnrpc.BatchOpenChannelResponse) (
@@ -1222,6 +1227,46 @@ func handleBatchOpenChannelResponse(db firewalldb.PrivacyMapDB,
 	}
 }
 
+func handleConnectPeerRequest(db firewalldb.PrivacyMapDB,
+	flags session.PrivacyFlags) func(ctx context.Context,
+	r *lnrpc.ConnectPeerRequest) (proto.Message, error) {
+
+	return func(_ context.Context, r *lnrpc.ConnectPeerRequest) (
+		proto.Message, error) {
+
+		err := db.View(func(tx firewalldb.PrivacyMapTx) error {
+			var err error
+			// Note, this only works if the pubkey alias was
+			// already created via other calls, e.g. via
+			// ListChannels or GetNodeInfo.
+			if !flags.Contains(session.ClearPubkeys) {
+				r.Addr.Pubkey, err = firewalldb.RevealString(
+					tx, r.Addr.Pubkey,
+				)
+				if err != nil {
+					return err
+				}
+			}
+
+			if !flags.Contains(session.ClearNetworkAddresses) {
+				r.Addr.Host, err = firewalldb.RevealString(
+					tx, r.Addr.Host,
+				)
+				if err != nil {
+					return err
+				}
+			}
+
+			return nil
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		return r, nil
+	}
+}
+
 // maybeHideAmount hides an amount if the privacy flag is not set.
 func maybeHideAmount(flags session.PrivacyFlags, randIntn func(int) (int, error),
 	a int64) (int64, error) {

firewall/privacy_mapper_test.go

@@ -52,6 +52,7 @@ func TestPrivacyMapper(t *testing.T) {
 		outPoint(clearTxID, 0):  outPoint(obfusTxID0, obfusOut0),
 		outPoint(clearTxID, 1):  outPoint(obfusTxID1, obfusOut1),
 		"01020304":              "c8134495",
+		"secret-host.com":       "sksiuekalkdoowurekdf",
 	}
 
 	var (
@@ -527,6 +528,43 @@ func TestPrivacyMapper(t *testing.T) {
 				},
 			},
 		},
+		{
+			name:    "ConnectPeer Request",
+			uri:     "/lnrpc.Lightning/ConnectPeer",
+			msgType: rpcperms.TypeRequest,
+			msg: &lnrpc.ConnectPeerRequest{
+				Addr: &lnrpc.LightningAddress{
+					Pubkey: "c8134495",
+					Host:   "sksiuekalkdoowurekdf",
+				},
+			},
+			expectedReplacement: &lnrpc.ConnectPeerRequest{
+				Addr: &lnrpc.LightningAddress{
+					Pubkey: "01020304",
+					Host:   "secret-host.com",
+				},
+			},
+		},
+		{
+			name:    "ConnectPeer Request clear pubkey",
+			uri:     "/lnrpc.Lightning/ConnectPeer",
+			msgType: rpcperms.TypeRequest,
+			msg: &lnrpc.ConnectPeerRequest{
+				Addr: &lnrpc.LightningAddress{
+					Pubkey: "c8134495",
+					Host:   "sksiuekalkdoowurekdf",
+				},
+			},
+			privacyFlags: []session.PrivacyFlag{
+				session.ClearPubkeys,
+			},
+			expectedReplacement: &lnrpc.ConnectPeerRequest{
+				Addr: &lnrpc.LightningAddress{
+					Pubkey: "c8134495",
+					Host:   "secret-host.com",
+				},
+			},
+		},
 	}
 
 	decodedID := &lnrpc.MacaroonId{

session/privacy_flags.go

@@ -49,17 +49,22 @@ const (
 	// ClearClosingTxIds is a privacy flag that indicates that the channel
 	// closing transaction ids in the API should not be obfuscated.
 	ClearClosingTxIds PrivacyFlag = 7
+
+	// ClearNetworkAddresses is a privacy flag that indicates that the
+	// network addresses in the API should not be obfuscated.
+	ClearNetworkAddresses PrivacyFlag = 8
 )
 
 var flagMap = map[PrivacyFlag]string{
-	ClearPubkeys:         "ClearPubkeys",
-	ClearAmounts:         "ClearAmounts",
-	ClearChanIDs:         "ClearChanIDs",
-	ClearTimeStamps:      "ClearTimeStamps",
-	ClearChanInitiator:   "ClearChanInitiator",
-	ClearHTLCs:           "ClearHTLCs",
-	ClearAccountBalances: "ClearAccountBalances",
-	ClearClosingTxIds:    "ClearClosingTxIds",
+	ClearPubkeys:          "ClearPubkeys",
+	ClearAmounts:          "ClearAmounts",
+	ClearChanIDs:          "ClearChanIDs",
+	ClearTimeStamps:       "ClearTimeStamps",
+	ClearChanInitiator:    "ClearChanInitiator",
+	ClearHTLCs:            "ClearHTLCs",
+	ClearAccountBalances:  "ClearAccountBalances",
+	ClearClosingTxIds:     "ClearClosingTxIds",
+	ClearNetworkAddresses: "ClearNetworkAddresses",
 }
 
 // String returns a string representation of the privacy flag.

session/privacy_flags_test.go

@@ -56,4 +56,9 @@ func TestPrivacyFlags(t *testing.T) {
 	require.True(t, flags.Contains(ClearPubkeys))
 	require.True(t, flags.Contains(ClearAmounts))
 	require.False(t, flags.Contains(ClearChanIDs))
+
+	autoOpenFlags := PrivacyFlags{ClearPubkeys, ClearNetworkAddresses}
+	require.NoError(t, err)
+	require.Equal(t, "ClearPubkeys|ClearNetworkAddresses",
+		autoOpenFlags.String())
 }