rust-libp2p icon indicating copy to clipboard operation
rust-libp2p copied to clipboard
verified publisher icon libp2p

feat: verify expected `PeerId` as part of security handshake

Open denis2glez opened this issue 2 years ago • 4 comments

Description

During a handshake, certificates should be verified in order to allow the connection attempt to be aborted during the security handshake (by security protocols such as TLS or Noise). This requires being able to verify the peer ID after the handshake. Otherwise, we will have abnormal behaviors, such as aborting after completing the handshake and leaving the peer not knowing what went wrong.

Fixes: #2946. Related: #4307. Related: #4726. Related: #882.

Tasks

  • [x] Introduce the InboundSecurityUpgrade/OutboundSecurityUpgrade traits that should be implemented by transports such as Noise or TLS.
  • [x] Create the Builder::authenticate2 function to accept an upgrade that implements this traits.
  • [x] Implement a state machine inupgrade::secure that calls the InboundSecurityUpgrade/OutboundSecurityUpgrade traits instead of InboundConnectionUpgrade / OutboundConnectionUpgrade.
  • [x] Implement the InboundSecurityUpgrade/OutboundSecurityUpgrade traits for Noise and TLS transports, repectively.
  • [ ] Complete the missing parts.
  • [ ] Include unit tests.
  • [ ] Make appropriate changes to the docs.

Notes & open questions

denis2glez avatar Nov 14 '23 22:11 denis2glez

Thanks for the suggestions!

denis2glez avatar Nov 16 '23 07:11 denis2glez

Can you also please use authenticate2 within the SwarmBuilder in the libp2p crate?

In addition to the above comments, this is also still an open item. So far, we are not using those APIs anywhere, meaning we don't actually get to benefit from the new handshake. You'll have to find the usage sites of the current authenticate function within the SwarmBuilder and use authenticate2 instead. Your IDE should be of great assistance here or alternatively, you can mark the old as deprecated and run the compiler once.

Here is one of the usages sites: https://github.com/libp2p/rust-libp2p/blob/d851d1b3f82735555c4b3716266793817728cee8/libp2p/src/builder/phase/tcp.rs#L84-L86

thomaseizinger avatar Nov 27 '23 05:11 thomaseizinger

Can you also please use authenticate2 within the SwarmBuilder in the libp2p crate?

In addition to the above comments, this is also still an open item. So far, we are not using those APIs anywhere, meaning we don't actually get to benefit from the new handshake. You'll have to find the usage sites of the current authenticate function within the SwarmBuilder and use authenticate2 instead. Your IDE should be of great assistance here or alternatively, you can mark the old as deprecated and run the compiler once.

Here is one of the usages sites:

https://github.com/libp2p/rust-libp2p/blob/d851d1b3f82735555c4b3716266793817728cee8/libp2p/src/builder/phase/tcp.rs#L84-L86

Thanks, I was already working on this.

denis2glez avatar Nov 27 '23 10:11 denis2glez

Thanks, I was already working on this.

Awesome! Let me know when you want another review! :)

thomaseizinger avatar Nov 28 '23 00:11 thomaseizinger