Merge pull request #9880 from yyforyongyu/accessman

Improve access control in peer connections

Author: Roasbeef

accessman.go

@@ -743,7 +743,7 @@ type ChanCount struct {
 func (c *ChannelStateDB) FetchPermAndTempPeers(
 	chainHash []byte) (map[string]ChanCount, error) {
 
-	peerCounts := make(map[string]ChanCount)
+	peerChanInfo := make(map[string]ChanCount)
 
 	err := kvdb.View(c.backend, func(tx kvdb.RTx) error {
 		openChanBucket := tx.ReadBucket(openChannelBucket)
@@ -829,7 +829,7 @@ func (c *ChannelStateDB) FetchPermAndTempPeers(
 				HasOpenOrClosedChan: isPermPeer,
 				PendingOpenCount:    pendingOpenCount,
 			}
-			peerCounts[string(nodePub)] = peerCount
+			peerChanInfo[string(nodePub)] = peerCount
 
 			return nil
 		})
@@ -893,15 +893,15 @@ func (c *ChannelStateDB) FetchPermAndTempPeers(
 				remoteSer := remotePub.SerializeCompressed()
 				remoteKey := string(remoteSer)
 
-				count, exists := peerCounts[remoteKey]
+				count, exists := peerChanInfo[remoteKey]
 				if exists {
 					count.HasOpenOrClosedChan = true
-					peerCounts[remoteKey] = count
+					peerChanInfo[remoteKey] = count
 				} else {
 					peerCount := ChanCount{
 						HasOpenOrClosedChan: true,
 					}
-					peerCounts[remoteKey] = peerCount
+					peerChanInfo[remoteKey] = peerCount
 				}
 			}
 
@@ -913,10 +913,10 @@ func (c *ChannelStateDB) FetchPermAndTempPeers(
 
 		return nil
 	}, func() {
-		clear(peerCounts)
+		clear(peerChanInfo)
 	})
 
-	return peerCounts, err
+	return peerChanInfo, err
 }
 
 // channelSelector describes a function that takes a chain-hash bucket from

accessman_test.go

@@ -770,16 +770,16 @@ func TestFetchPermTempPeer(t *testing.T) {
 	)
 
 	// Fetch the ChanCount for our peers.
-	peerCounts, err := cdb.FetchPermAndTempPeers(key[:])
+	peerChanInfo, err := cdb.FetchPermAndTempPeers(key[:])
 	require.NoError(t, err, "unable to fetch perm and temp peers")
 
 	// There should only be three entries.
-	require.Len(t, peerCounts, 3)
+	require.Len(t, peerChanInfo, 3)
 
 	// The first entry should have OpenClosed set to true and Pending set
 	// to 0.
-	count1, found := peerCounts[string(pubKey1.SerializeCompressed())]
-	require.True(t, found, "unable to find peer 1 in peerCounts")
+	count1, found := peerChanInfo[string(pubKey1.SerializeCompressed())]
+	require.True(t, found, "unable to find peer 1 in peerChanInfo")
 	require.True(
 		t, count1.HasOpenOrClosedChan,
 		"couldn't find peer 1's channels",
@@ -789,15 +789,15 @@ func TestFetchPermTempPeer(t *testing.T) {
 		"peer 1 doesn't have 0 pending-open",
 	)
 
-	count2, found := peerCounts[string(pubKey2.SerializeCompressed())]
-	require.True(t, found, "unable to find peer 2 in peerCounts")
+	count2, found := peerChanInfo[string(pubKey2.SerializeCompressed())]
+	require.True(t, found, "unable to find peer 2 in peerChanInfo")
 	require.False(
 		t, count2.HasOpenOrClosedChan, "found erroneous channels",
 	)
 	require.Equal(t, uint64(1), count2.PendingOpenCount)
 
-	count3, found := peerCounts[string(pubKey3.SerializeCompressed())]
-	require.True(t, found, "unable to find peer 3 in peerCounts")
+	count3, found := peerChanInfo[string(pubKey3.SerializeCompressed())]
+	require.True(t, found, "unable to find peer 3 in peerChanInfo")
 	require.True(
 		t, count3.HasOpenOrClosedChan,
 		"couldn't find peer 3's channels",

channeldb/db.go

@@ -238,8 +238,9 @@ const (
 	// defaultHTTPHeaderTimeout is the default timeout for HTTP requests.
 	DefaultHTTPHeaderTimeout = 5 * time.Second
 
-	// DefaultNumRestrictedSlots is the default number of restricted slots
-	// we'll allocate in the server.
+	// DefaultNumRestrictedSlots is the default max number of incoming
+	// connections allowed in the server. Outbound connections are not
+	// restricted.
 	DefaultNumRestrictedSlots = 100
 
 	// BitcoinChainName is a string that represents the Bitcoin blockchain.
@@ -529,9 +530,9 @@ type Config struct {
 	// before timing out reading the headers of an HTTP request.
 	HTTPHeaderTimeout time.Duration `long:"http-header-timeout" description:"The maximum duration that the server will wait before timing out reading the headers of an HTTP request."`
 
-	// NumRestrictedSlots is the number of restricted slots we'll allocate
-	// in the server.
-	NumRestrictedSlots uint64 `long:"num-restricted-slots" description:"The number of restricted slots we'll allocate in the server."`
+	// NumRestrictedSlots is the max number of incoming connections allowed
+	// in the server. Outbound connections are not restricted.
+	NumRestrictedSlots uint64 `long:"num-restricted-slots" description:"The max number of incoming connections allowed in the server. Outbound connections are not restricted."`
 
 	// NoDisconnectOnPongFailure controls if we'll disconnect if a peer
 	// doesn't respond to a pong in time.

channeldb/db_test.go

@@ -41,6 +41,10 @@
 
 ## Functional Updates
 
+- [Improved](https://github.com/lightningnetwork/lnd/pull/9880) the connection
+  restriction logic enforced by `accessman`. In addition, the restriction placed
+  on outbound connections is now lifted.
+
 ## RPC Updates
 
 ## lncli Updates
@@ -71,5 +75,4 @@ much more slowly.
 ## Tooling and Documentation
 
 # Contributors (Alphabetical Order)
-
 * Yong Yu

config.go

@@ -511,7 +511,7 @@ type Config struct {
 
 	// NotifyOpenChannelEvent informs the ChannelNotifier when channels
 	// transition from pending open to open.
-	NotifyOpenChannelEvent func(wire.OutPoint, *btcec.PublicKey) error
+	NotifyOpenChannelEvent func(wire.OutPoint, *btcec.PublicKey)
 
 	// OpenChannelPredicate is a predicate on the lnwire.OpenChannel message
 	// and on the requesting node's public key that returns a bool which
@@ -521,13 +521,13 @@ type Config struct {
 	// NotifyPendingOpenChannelEvent informs the ChannelNotifier when
 	// channels enter a pending state.
 	NotifyPendingOpenChannelEvent func(wire.OutPoint,
-		*channeldb.OpenChannel, *btcec.PublicKey) error
+		*channeldb.OpenChannel, *btcec.PublicKey)
 
 	// NotifyFundingTimeout informs the ChannelNotifier when a pending-open
 	// channel times out because the funding transaction hasn't confirmed.
 	// This is only called for the fundee and only if the channel is
 	// zero-conf.
-	NotifyFundingTimeout func(wire.OutPoint, *btcec.PublicKey) error
+	NotifyFundingTimeout func(wire.OutPoint, *btcec.PublicKey)
 
 	// EnableUpfrontShutdown specifies whether the upfront shutdown script
 	// is enabled.
@@ -1319,13 +1319,9 @@ func (f *Manager) advancePendingChannelState(channel *channeldb.OpenChannel,
 
 		// Inform the ChannelNotifier that the channel has transitioned
 		// from pending open to open.
-		if err := f.cfg.NotifyOpenChannelEvent(
+		f.cfg.NotifyOpenChannelEvent(
 			channel.FundingOutpoint, channel.IdentityPub,
-		); err != nil {
-			log.Errorf("Unable to notify open channel event for "+
-				"ChannelPoint(%v): %v",
-				channel.FundingOutpoint, err)
-		}
+		)
 
 		// Find and close the discoverySignal for this channel such
 		// that ChannelReady messages will be processed.
@@ -2666,12 +2662,9 @@ func (f *Manager) fundeeProcessFundingCreated(peer lnpeer.Peer,
 
 	// Inform the ChannelNotifier that the channel has entered
 	// pending open state.
-	if err := f.cfg.NotifyPendingOpenChannelEvent(
+	f.cfg.NotifyPendingOpenChannelEvent(
 		fundingOut, completeChan, completeChan.IdentityPub,
-	); err != nil {
-		log.Errorf("Unable to send pending-open channel event for "+
-			"ChannelPoint(%v) %v", fundingOut, err)
-	}
+	)
 
 	// At this point we have sent our last funding message to the
 	// initiating peer before the funding transaction will be broadcast.
@@ -2891,13 +2884,9 @@ func (f *Manager) funderProcessFundingSigned(peer lnpeer.Peer,
 	case resCtx.updates <- upd:
 		// Inform the ChannelNotifier that the channel has entered
 		// pending open state.
-		if err := f.cfg.NotifyPendingOpenChannelEvent(
+		f.cfg.NotifyPendingOpenChannelEvent(
 			*fundingPoint, completeChan, completeChan.IdentityPub,
-		); err != nil {
-			log.Errorf("Unable to send pending-open channel "+
-				"event for ChannelPoint(%v) %v", fundingPoint,
-				err)
-		}
+		)
 
 	case <-f.quit:
 		return
@@ -2955,11 +2944,7 @@ func (f *Manager) fundingTimeout(c *channeldb.OpenChannel,
 	}
 
 	// Notify other subsystems about the funding timeout.
-	err := f.cfg.NotifyFundingTimeout(c.FundingOutpoint, c.IdentityPub)
-	if err != nil {
-		log.Errorf("failed to notify of funding timeout for "+
-			"ChanPoint(%v): %v", c.FundingOutpoint, err)
-	}
+	f.cfg.NotifyFundingTimeout(c.FundingOutpoint, c.IdentityPub)
 
 	timeoutErr := fmt.Errorf("timeout waiting for funding tx (%v) to "+
 		"confirm", c.FundingOutpoint)
@@ -3341,13 +3326,9 @@ func (f *Manager) handleFundingConfirmation(
 
 	// Inform the ChannelNotifier that the channel has transitioned from
 	// pending open to open.
-	if err := f.cfg.NotifyOpenChannelEvent(
+	f.cfg.NotifyOpenChannelEvent(
 		completeChan.FundingOutpoint, completeChan.IdentityPub,
-	); err != nil {
-		log.Errorf("Unable to notify open channel event for "+
-			"ChannelPoint(%v): %v", completeChan.FundingOutpoint,
-			err)
-	}
+	)
 
 	// Close the discoverySignal channel, indicating to a separate
 	// goroutine that the channel now is marked as open in the database

docs/release-notes/release-notes-0.19.2.md

@@ -232,29 +232,23 @@ type mockChanEvent struct {
 }
 
 func (m *mockChanEvent) NotifyOpenChannelEvent(outpoint wire.OutPoint,
-	remotePub *btcec.PublicKey) error {
+	remotePub *btcec.PublicKey) {
 
 	m.openEvent <- outpoint
-
-	return nil
 }
 
 func (m *mockChanEvent) NotifyPendingOpenChannelEvent(outpoint wire.OutPoint,
 	pendingChannel *channeldb.OpenChannel,
-	remotePub *btcec.PublicKey) error {
+	remotePub *btcec.PublicKey) {
 
 	m.pendingOpenEvent <- channelnotifier.PendingOpenChannelEvent{
 		ChannelPoint:   &outpoint,
 		PendingChannel: pendingChannel,
 	}
-
-	return nil
 }
 
 func (m *mockChanEvent) NotifyFundingTimeout(outpoint wire.OutPoint,
-	remotePub *btcec.PublicKey) error {
-
-	return nil
+	remotePub *btcec.PublicKey) {
 }
 
 // mockZeroConfAcceptor always accepts the channel open request for zero-conf

funding/manager.go

@@ -691,10 +691,6 @@ var allTestCases = []*lntest.TestCase{
 		Name:     "funding manager funding timeout",
 		TestFunc: testFundingManagerFundingTimeout,
 	},
-	{
-		Name:     "access perm",
-		TestFunc: testAccessPerm,
-	},
 	{
 		Name:     "rbf coop close",
 		TestFunc: testCoopCloseRbf,
@@ -782,6 +778,9 @@ func init() {
 		"coop close with external delivery", allTestCases,
 		coopCloseWithExternalTestCases,
 	)
+	allTestCases = appendPrefixed(
+		"peer conn", allTestCases, peerConnTestCases,
+	)
 
 	// Prepare the test cases for windows to exclude some of the flaky
 	// ones.