Skip to content

Commit d177c1f

Browse files
committed
firewall: obfuscate ConnectPeer
Also adds a privacy flag that controls obfuscation of network addresses.
1 parent 32e62ca commit d177c1f

File tree

4 files changed

+117
-7
lines changed

4 files changed

+117
-7
lines changed

firewall/privacy_mapper.go

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,11 @@ func (p *PrivacyMapper) checkers(db firewalldb.PrivacyMapDB,
303303
handleBatchOpenChannelResponse(db, flags),
304304
mid.PassThroughErrorHandler,
305305
),
306+
"/lnrpc.Lightning/ConnectPeer": mid.NewRequestRewriter(
307+
&lnrpc.ConnectPeerRequest{},
308+
&lnrpc.ConnectPeerResponse{},
309+
handleConnectPeerRequest(db, flags),
310+
),
306311
}
307312
}
308313

@@ -1242,6 +1247,62 @@ func handleBatchOpenChannelResponse(db firewalldb.PrivacyMapDB,
12421247
}
12431248
}
12441249

1250+
func handleConnectPeerRequest(db firewalldb.PrivacyMapDB,
1251+
flags session.PrivacyFlags) func(ctx context.Context,
1252+
r *lnrpc.ConnectPeerRequest) (proto.Message, error) {
1253+
1254+
return func(_ context.Context, r *lnrpc.ConnectPeerRequest) (
1255+
proto.Message, error) {
1256+
1257+
var addr *lnrpc.LightningAddress
1258+
1259+
err := db.View(func(tx firewalldb.PrivacyMapTx) error {
1260+
var err error
1261+
// Note, this only works if the pubkey alias was
1262+
// already created via other calls, e.g. via
1263+
// ListChannels or GetNodeInfo.
1264+
pubkey := r.Addr.Pubkey
1265+
if !flags.Contains(session.ClearPubkeys) {
1266+
pubkey, err = firewalldb.RevealString(
1267+
tx, r.Addr.Pubkey,
1268+
)
1269+
if err != nil {
1270+
return err
1271+
}
1272+
}
1273+
1274+
host := r.Addr.Host
1275+
if !flags.Contains(session.ClearNetworkAddresses) {
1276+
host, err = firewalldb.RevealString(
1277+
tx, r.Addr.Host,
1278+
)
1279+
if err != nil {
1280+
return err
1281+
}
1282+
}
1283+
1284+
addr = &lnrpc.LightningAddress{
1285+
Pubkey: pubkey,
1286+
Host: host,
1287+
}
1288+
1289+
return nil
1290+
})
1291+
if err != nil {
1292+
return nil, err
1293+
}
1294+
1295+
return &lnrpc.ConnectPeerRequest{
1296+
// Obfuscated fields.
1297+
Addr: addr,
1298+
1299+
// Non-obfuscated fields.
1300+
Perm: r.Perm,
1301+
Timeout: r.Timeout,
1302+
}, nil
1303+
}
1304+
}
1305+
12451306
// maybeHideAmount hides an amount if the privacy flag is not set.
12461307
func maybeHideAmount(flags session.PrivacyFlags, randIntn func(int) (int, error),
12471308
a int64) (int64, error) {

firewall/privacy_mapper_test.go

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ func TestPrivacyMapper(t *testing.T) {
5252
outPoint(clearTxID, 0): outPoint(obfusTxID0, obfusOut0),
5353
outPoint(clearTxID, 1): outPoint(obfusTxID1, obfusOut1),
5454
"01020304": "c8134495",
55+
"secret-host.com": "sksiuekalkdoowurekdf",
5556
}
5657

5758
var (
@@ -664,6 +665,44 @@ func TestPrivacyMapper(t *testing.T) {
664665
},
665666
},
666667
},
668+
{
669+
name: "ConnectPeer Request",
670+
uri: "/lnrpc.Lightning/ConnectPeer",
671+
msgType: rpcperms.TypeRequest,
672+
msg: &lnrpc.ConnectPeerRequest{
673+
Addr: &lnrpc.LightningAddress{
674+
Pubkey: "c8134495",
675+
Host: "sksiuekalkdoowurekdf",
676+
},
677+
},
678+
expectedReplacement: &lnrpc.ConnectPeerRequest{
679+
Addr: &lnrpc.LightningAddress{
680+
Pubkey: "01020304",
681+
Host: "secret-host.com",
682+
},
683+
},
684+
},
685+
{
686+
name: "ConnectPeer Request clear",
687+
uri: "/lnrpc.Lightning/ConnectPeer",
688+
msgType: rpcperms.TypeRequest,
689+
msg: &lnrpc.ConnectPeerRequest{
690+
Addr: &lnrpc.LightningAddress{
691+
Pubkey: "c8134495",
692+
Host: "secret-host.com",
693+
},
694+
},
695+
privacyFlags: []session.PrivacyFlag{
696+
session.ClearPubkeys,
697+
session.ClearNetworkAddresses,
698+
},
699+
expectedReplacement: &lnrpc.ConnectPeerRequest{
700+
Addr: &lnrpc.LightningAddress{
701+
Pubkey: "c8134495",
702+
Host: "secret-host.com",
703+
},
704+
},
705+
},
667706
}
668707

669708
decodedID := &lnrpc.MacaroonId{

session/privacy_flags.go

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -45,16 +45,21 @@ const (
4545
// ClearClosingTxIds is a privacy flag that indicates that the channel
4646
// closing transaction ids in the API should not be obfuscated.
4747
ClearClosingTxIds PrivacyFlag = 6
48+
49+
// ClearNetworkAddresses is a privacy flag that indicates that the
50+
// network addresses in the API should not be obfuscated.
51+
ClearNetworkAddresses PrivacyFlag = 7
4852
)
4953

5054
var flagMap = map[PrivacyFlag]string{
51-
ClearPubkeys: "ClearPubkeys",
52-
ClearAmounts: "ClearAmounts",
53-
ClearChanIDs: "ClearChanIDs",
54-
ClearTimeStamps: "ClearTimeStamps",
55-
ClearChanInitiator: "ClearChanInitiator",
56-
ClearHTLCs: "ClearHTLCs",
57-
ClearClosingTxIds: "ClearClosingTxIds",
55+
ClearPubkeys: "ClearPubkeys",
56+
ClearAmounts: "ClearAmounts",
57+
ClearChanIDs: "ClearChanIDs",
58+
ClearTimeStamps: "ClearTimeStamps",
59+
ClearChanInitiator: "ClearChanInitiator",
60+
ClearHTLCs: "ClearHTLCs",
61+
ClearClosingTxIds: "ClearClosingTxIds",
62+
ClearNetworkAddresses: "ClearNetworkAddresses",
5863
}
5964

6065
// String returns a string representation of the privacy flag.

session/privacy_flags_test.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,4 +56,9 @@ func TestPrivacyFlags(t *testing.T) {
5656
require.True(t, flags.Contains(ClearPubkeys))
5757
require.True(t, flags.Contains(ClearAmounts))
5858
require.False(t, flags.Contains(ClearChanIDs))
59+
60+
autoOpenFlags := PrivacyFlags{ClearPubkeys, ClearNetworkAddresses}
61+
require.NoError(t, err)
62+
require.Equal(t, "ClearPubkeys|ClearNetworkAddresses",
63+
autoOpenFlags.String())
5964
}

0 commit comments

Comments
 (0)