github.com/ConsenSys/Quorum@v20.10.0+incompatible/p2p/permissions.go (about) 1 package p2p 2 3 import ( 4 "encoding/json" 5 "io/ioutil" 6 "os" 7 "path/filepath" 8 "strings" 9 10 "github.com/ethereum/go-ethereum/log" 11 "github.com/ethereum/go-ethereum/p2p/enode" 12 "github.com/ethereum/go-ethereum/params" 13 ) 14 15 const ( 16 NODE_NAME_LENGTH = 32 17 ) 18 19 //TODO update this based on permission changes 20 // check if a given node is permissioned to connect to the change 21 func isNodePermissioned(nodename string, currentNode string, datadir string, direction string) bool { 22 var permissionedList []string 23 nodes := ParsePermissionedNodes(datadir) 24 for _, v := range nodes { 25 permissionedList = append(permissionedList, v.ID().String()) 26 } 27 28 log.Debug("isNodePermissioned", "permissionedList", permissionedList) 29 for _, v := range permissionedList { 30 if v == nodename { 31 log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "ALLOWED-BY", currentNode[:NODE_NAME_LENGTH]) 32 // check if the node is blacklisted 33 return !isNodeBlackListed(nodename, datadir) 34 } 35 } 36 log.Debug("isNodePermissioned", "connection", direction, "nodename", nodename[:NODE_NAME_LENGTH], "DENIED-BY", currentNode[:NODE_NAME_LENGTH]) 37 return false 38 } 39 40 //this is a shameless copy from the config.go. It is a duplication of the code 41 //for the timebeing to allow reload of the permissioned nodes while the server is running 42 43 func ParsePermissionedNodes(DataDir string) []*enode.Node { 44 45 log.Debug("parsePermissionedNodes", "DataDir", DataDir, "file", params.PERMISSIONED_CONFIG) 46 47 path := filepath.Join(DataDir, params.PERMISSIONED_CONFIG) 48 if _, err := os.Stat(path); err != nil { 49 log.Error("Read Error for permissioned-nodes.json file. This is because 'permissioned' flag is specified but no permissioned-nodes.json file is present.", "err", err) 50 return nil 51 } 52 // Load the nodes from the config file 53 blob, err := ioutil.ReadFile(path) 54 if err != nil { 55 log.Error("parsePermissionedNodes: Failed to access nodes", "err", err) 56 return nil 57 } 58 59 nodelist := []string{} 60 if err := json.Unmarshal(blob, &nodelist); err != nil { 61 log.Error("parsePermissionedNodes: Failed to load nodes", "err", err) 62 return nil 63 } 64 // Interpret the list as a discovery node array 65 var nodes []*enode.Node 66 for _, url := range nodelist { 67 if url == "" { 68 log.Error("parsePermissionedNodes: Node URL blank") 69 continue 70 } 71 node, err := enode.ParseV4(url) 72 if err != nil { 73 log.Error("parsePermissionedNodes: Node URL", "url", url, "err", err) 74 continue 75 } 76 nodes = append(nodes, node) 77 } 78 return nodes 79 } 80 81 // This function checks if the node is black-listed 82 func isNodeBlackListed(nodeName, dataDir string) bool { 83 log.Debug("isNodeBlackListed", "DataDir", dataDir, "file", params.BLACKLIST_CONFIG) 84 85 path := filepath.Join(dataDir, params.BLACKLIST_CONFIG) 86 if _, err := os.Stat(path); err != nil { 87 log.Debug("Read Error for disallowed-nodes.json file. disallowed-nodes.json file is not present.", "err", err) 88 return false 89 } 90 // Load the nodes from the config file 91 blob, err := ioutil.ReadFile(path) 92 if err != nil { 93 log.Debug("isNodeBlackListed: Failed to access nodes", "err", err) 94 return true 95 } 96 97 nodelist := []string{} 98 if err := json.Unmarshal(blob, &nodelist); err != nil { 99 log.Debug("parsePermissionedNodes: Failed to load nodes", "err", err) 100 return true 101 } 102 103 for _, v := range nodelist { 104 if strings.Contains(v, nodeName) { 105 return true 106 } 107 } 108 return false 109 }