Skip to content

Commit aba0601

Browse files
committed
firewall: obfuscate ConnectPeer
Also adds a privacy flag that controls obfuscation of network addresses.
1 parent dc90f6d commit aba0601

File tree

4 files changed

+101
-7
lines changed

4 files changed

+101
-7
lines changed

firewall/privacy_mapper.go

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,11 @@ func (p *PrivacyMapper) checkers(db firewalldb.PrivacyMapDB,
303303
handleBatchOpenChannelResponse(db, flags),
304304
mid.PassThroughErrorHandler,
305305
),
306+
"/lnrpc.Lightning/ConnectPeer": mid.NewRequestRewriter(
307+
&lnrpc.ConnectPeerRequest{},
308+
&lnrpc.ConnectPeerResponse{},
309+
handleConnectPeerRequest(db, flags),
310+
),
306311
}
307312
}
308313

@@ -1234,6 +1239,46 @@ func handleBatchOpenChannelResponse(db firewalldb.PrivacyMapDB,
12341239
}
12351240
}
12361241

1242+
func handleConnectPeerRequest(db firewalldb.PrivacyMapDB,
1243+
flags session.PrivacyFlags) func(ctx context.Context,
1244+
r *lnrpc.ConnectPeerRequest) (proto.Message, error) {
1245+
1246+
return func(_ context.Context, r *lnrpc.ConnectPeerRequest) (
1247+
proto.Message, error) {
1248+
1249+
err := db.View(func(tx firewalldb.PrivacyMapTx) error {
1250+
var err error
1251+
// Note, this only works if the pubkey alias was
1252+
// already created via other calls, e.g. via
1253+
// ListChannels or GetNodeInfo.
1254+
if !flags.Contains(session.ClearPubkeys) {
1255+
r.Addr.Pubkey, err = firewalldb.RevealString(
1256+
tx, r.Addr.Pubkey,
1257+
)
1258+
if err != nil {
1259+
return err
1260+
}
1261+
}
1262+
1263+
if !flags.Contains(session.ClearNetworkAddresses) {
1264+
r.Addr.Host, err = firewalldb.RevealString(
1265+
tx, r.Addr.Host,
1266+
)
1267+
if err != nil {
1268+
return err
1269+
}
1270+
}
1271+
1272+
return nil
1273+
})
1274+
if err != nil {
1275+
return nil, err
1276+
}
1277+
1278+
return r, nil
1279+
}
1280+
}
1281+
12371282
// maybeHideAmount hides an amount if the privacy flag is not set.
12381283
func maybeHideAmount(flags session.PrivacyFlags, randIntn func(int) (int, error),
12391284
a int64) (int64, error) {

firewall/privacy_mapper_test.go

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ func TestPrivacyMapper(t *testing.T) {
5252
outPoint(clearTxID, 0): outPoint(obfusTxID0, obfusOut0),
5353
outPoint(clearTxID, 1): outPoint(obfusTxID1, obfusOut1),
5454
"01020304": "c8134495",
55+
"secret-host.com": "sksiuekalkdoowurekdf",
5556
}
5657

5758
var (
@@ -532,6 +533,44 @@ func TestPrivacyMapper(t *testing.T) {
532533
},
533534
},
534535
},
536+
{
537+
name: "ConnectPeer Request",
538+
uri: "/lnrpc.Lightning/ConnectPeer",
539+
msgType: rpcperms.TypeRequest,
540+
msg: &lnrpc.ConnectPeerRequest{
541+
Addr: &lnrpc.LightningAddress{
542+
Pubkey: "c8134495",
543+
Host: "sksiuekalkdoowurekdf",
544+
},
545+
},
546+
expectedReplacement: &lnrpc.ConnectPeerRequest{
547+
Addr: &lnrpc.LightningAddress{
548+
Pubkey: "01020304",
549+
Host: "secret-host.com",
550+
},
551+
},
552+
},
553+
{
554+
name: "ConnectPeer Request clear",
555+
uri: "/lnrpc.Lightning/ConnectPeer",
556+
msgType: rpcperms.TypeRequest,
557+
msg: &lnrpc.ConnectPeerRequest{
558+
Addr: &lnrpc.LightningAddress{
559+
Pubkey: "c8134495",
560+
Host: "secret-host.com",
561+
},
562+
},
563+
privacyFlags: []session.PrivacyFlag{
564+
session.ClearPubkeys,
565+
session.ClearNetworkAddresses,
566+
},
567+
expectedReplacement: &lnrpc.ConnectPeerRequest{
568+
Addr: &lnrpc.LightningAddress{
569+
Pubkey: "c8134495",
570+
Host: "secret-host.com",
571+
},
572+
},
573+
},
535574
}
536575

537576
decodedID := &lnrpc.MacaroonId{

session/privacy_flags.go

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -45,16 +45,21 @@ const (
4545
// ClearClosingTxIds is a privacy flag that indicates that the channel
4646
// closing transaction ids in the API should not be obfuscated.
4747
ClearClosingTxIds PrivacyFlag = 6
48+
49+
// ClearNetworkAddresses is a privacy flag that indicates that the
50+
// network addresses in the API should not be obfuscated.
51+
ClearNetworkAddresses PrivacyFlag = 7
4852
)
4953

5054
var flagMap = map[PrivacyFlag]string{
51-
ClearPubkeys: "ClearPubkeys",
52-
ClearAmounts: "ClearAmounts",
53-
ClearChanIDs: "ClearChanIDs",
54-
ClearTimeStamps: "ClearTimeStamps",
55-
ClearChanInitiator: "ClearChanInitiator",
56-
ClearHTLCs: "ClearHTLCs",
57-
ClearClosingTxIds: "ClearClosingTxIds",
55+
ClearPubkeys: "ClearPubkeys",
56+
ClearAmounts: "ClearAmounts",
57+
ClearChanIDs: "ClearChanIDs",
58+
ClearTimeStamps: "ClearTimeStamps",
59+
ClearChanInitiator: "ClearChanInitiator",
60+
ClearHTLCs: "ClearHTLCs",
61+
ClearClosingTxIds: "ClearClosingTxIds",
62+
ClearNetworkAddresses: "ClearNetworkAddresses",
5863
}
5964

6065
// String returns a string representation of the privacy flag.

session/privacy_flags_test.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,4 +56,9 @@ func TestPrivacyFlags(t *testing.T) {
5656
require.True(t, flags.Contains(ClearPubkeys))
5757
require.True(t, flags.Contains(ClearAmounts))
5858
require.False(t, flags.Contains(ClearChanIDs))
59+
60+
autoOpenFlags := PrivacyFlags{ClearPubkeys, ClearNetworkAddresses}
61+
require.NoError(t, err)
62+
require.Equal(t, "ClearPubkeys|ClearNetworkAddresses",
63+
autoOpenFlags.String())
5964
}

0 commit comments

Comments
 (0)