From 795ac561a55df180b785338566b765cc9ff37b36 Mon Sep 17 00:00:00 2001
From: Sergey Kroshnin <sergiysw@gmail.com>
Date: Sun, 24 Feb 2019 16:34:49 +0300
Subject: [PATCH] Add allow_local_peers option for not_a_peer () &
 reserved_addresses () functions (#1766)

* Remove unused blacklist_loopback & replace with allow_local_peers

* allow_local_peers for non-live networks

* Add allow_local_peers check to node_id_handshake

* Update rpc.peers tests
---
 nano/core_test/network.cpp |  5 ++++-
 nano/core_test/rpc.cpp     |  4 ++--
 nano/node/common.hpp       |  2 +-
 nano/node/node.cpp         | 24 ++++++------------------
 nano/node/nodeconfig.cpp   |  2 +-
 nano/node/peers.cpp        | 12 ++++++------
 nano/node/peers.hpp        |  4 ++--
 7 files changed, 22 insertions(+), 31 deletions(-)

diff --git a/nano/core_test/network.cpp b/nano/core_test/network.cpp
index a77c9bd3..15785820 100644
--- a/nano/core_test/network.cpp
+++ b/nano/core_test/network.cpp
@@ -1175,7 +1175,10 @@ TEST (network, reserved_address)
 	ASSERT_FALSE (nano::reserved_address (nano::endpoint (boost::asio::ip::address_v6::from_string ("2001::"), 0), true));
 	nano::endpoint loopback (boost::asio::ip::address_v6::from_string ("::1"), 1);
 	ASSERT_FALSE (nano::reserved_address (loopback, false));
-	ASSERT_TRUE (nano::reserved_address (loopback, true));
+	ASSERT_FALSE (nano::reserved_address (loopback, true));
+	nano::endpoint private_network_peer (boost::asio::ip::address_v6::from_string ("::ffff:10.0.0.0"), 1);
+	ASSERT_TRUE (nano::reserved_address (private_network_peer, false));
+	ASSERT_FALSE (nano::reserved_address (private_network_peer, true));
 }
 
 TEST (node, port_mapping)
diff --git a/nano/core_test/rpc.cpp b/nano/core_test/rpc.cpp
index f8775963..29ec18a9 100644
--- a/nano/core_test/rpc.cpp
+++ b/nano/core_test/rpc.cpp
@@ -1690,7 +1690,7 @@ TEST (rpc, peers)
 {
 	nano::system system (24000, 2);
 	nano::endpoint endpoint (boost::asio::ip::address_v6::from_string ("fc00::1"), 4000);
-	system.nodes[0]->peers.insert (endpoint, nano::protocol_version);
+	system.nodes[0]->peers.insert (endpoint, nano::protocol_version, system.nodes[0]->config.allow_local_peers);
 	nano::rpc rpc (system.io_ctx, *system.nodes[0], nano::rpc_config (true));
 	rpc.start ();
 	boost::property_tree::ptree request;
@@ -1715,7 +1715,7 @@ TEST (rpc, peers_node_id)
 {
 	nano::system system (24000, 2);
 	nano::endpoint endpoint (boost::asio::ip::address_v6::from_string ("fc00::1"), 4000);
-	system.nodes[0]->peers.insert (endpoint, nano::protocol_version);
+	system.nodes[0]->peers.insert (endpoint, nano::protocol_version, system.nodes[0]->config.allow_local_peers);
 	nano::rpc rpc (system.io_ctx, *system.nodes[0], nano::rpc_config (true));
 	rpc.start ();
 	boost::property_tree::ptree request;
diff --git a/nano/node/common.hpp b/nano/node/common.hpp
index b219aeeb..d2837a1f 100644
--- a/nano/node/common.hpp
+++ b/nano/node/common.hpp
@@ -17,7 +17,7 @@ bool parse_address_port (std::string const &, boost::asio::ip::address &, uint16
 using tcp_endpoint = boost::asio::ip::tcp::endpoint;
 bool parse_endpoint (std::string const &, nano::endpoint &);
 bool parse_tcp_endpoint (std::string const &, nano::tcp_endpoint &);
-bool reserved_address (nano::endpoint const &, bool);
+bool reserved_address (nano::endpoint const &, bool = false);
 }
 
 namespace
diff --git a/nano/node/node.cpp b/nano/node/node.cpp
index 87ac9c15..c6a33265 100644
--- a/nano/node/node.cpp
+++ b/nano/node/node.cpp
@@ -198,10 +198,6 @@ void nano::node::keepalive (std::string const & address_a, uint16_t port_a, bool
 			{
 				auto endpoint (nano::map_endpoint_to_v6 (i->endpoint ()));
 				node_l->send_keepalive (endpoint);
-				if (preconfigured_peer_a)
-				{
-					node_l->peers.insert (endpoint, nano::protocol_version, true);
-				}
 			}
 		}
 		else
@@ -788,7 +784,7 @@ public:
 				validated_response = true;
 				if (message_a.response->first != node.node_id.pub)
 				{
-					node.peers.insert (endpoint_l, message_a.header.version_using, false, message_a.response->first);
+					node.peers.insert (endpoint_l, message_a.header.version_using, node.config.allow_local_peers, message_a.response->first);
 				}
 			}
 			else if (node.config.logging.network_node_id_handshake_logging ())
@@ -822,7 +818,7 @@ void nano::network::receive_action (nano::udp_data * data_a, nano::endpoint cons
 	{
 		allowed_sender = false;
 	}
-	else if (nano::reserved_address (data_a->endpoint, false) && !node.config.allow_local_peers)
+	else if (nano::reserved_address (data_a->endpoint, node.config.allow_local_peers))
 	{
 		allowed_sender = false;
 	}
@@ -902,7 +898,7 @@ void nano::network::merge_peers (std::array<nano::endpoint, 8> const & peers_a)
 {
 	for (auto i (peers_a.begin ()), j (peers_a.end ()); i != j; ++i)
 	{
-		if (!node.peers.reachout (*i))
+		if (!node.peers.reachout (*i, node.config.allow_local_peers))
 		{
 			send_keepalive (*i);
 		}
@@ -2552,7 +2548,7 @@ void nano::node::add_initial_peers ()
 	for (auto i (store.peers_begin (transaction)), n (store.peers_end ()); i != n; ++i)
 	{
 		nano::endpoint endpoint (boost::asio::ip::address_v6 (i->first.address_bytes ()), i->first.port ());
-		if (!peers.reachout (endpoint))
+		if (!peers.reachout (endpoint, config.allow_local_peers))
 		{
 			send_keepalive (endpoint);
 		}
@@ -2866,7 +2862,7 @@ boost::asio::ip::address_v6 mapped_from_v4_bytes (unsigned long address_a)
 }
 }
 
-bool nano::reserved_address (nano::endpoint const & endpoint_a, bool blacklist_loopback)
+bool nano::reserved_address (nano::endpoint const & endpoint_a, bool allow_local_peers)
 {
 	assert (endpoint_a.address ().is_v6 ());
 	auto bytes (endpoint_a.address ().to_v6 ());
@@ -2937,15 +2933,7 @@ bool nano::reserved_address (nano::endpoint const & endpoint_a, bool blacklist_l
 	{
 		result = true;
 	}
-	else if (blacklist_loopback && bytes.is_loopback ())
-	{
-		result = true;
-	}
-	else if (blacklist_loopback && bytes >= ipv4_loopback_min && bytes <= ipv4_loopback_max)
-	{
-		result = true;
-	}
-	else if (nano::is_live_network)
+	else if (!allow_local_peers)
 	{
 		if (bytes >= rfc1918_1_min && bytes <= rfc1918_1_max)
 		{
diff --git a/nano/node/nodeconfig.cpp b/nano/node/nodeconfig.cpp
index 74f83cbe..3122fd27 100644
--- a/nano/node/nodeconfig.cpp
+++ b/nano/node/nodeconfig.cpp
@@ -35,7 +35,7 @@ bootstrap_connections (4),
 bootstrap_connections_max (64),
 callback_port (0),
 lmdb_max_dbs (128),
-allow_local_peers (false),
+allow_local_peers (!nano::is_live_network), // disable by default for live network
 block_processor_batch_max_time (std::chrono::milliseconds (5000)),
 unchecked_cutoff_time (std::chrono::seconds (4 * 60 * 60)) // 4 hours
 {
diff --git a/nano/node/peers.cpp b/nano/node/peers.cpp
index c91f8f07..24cc3943 100644
--- a/nano/node/peers.cpp
+++ b/nano/node/peers.cpp
@@ -358,14 +358,14 @@ bool nano::peer_container::empty ()
 	return size () == 0;
 }
 
-bool nano::peer_container::not_a_peer (nano::endpoint const & endpoint_a, bool blacklist_loopback)
+bool nano::peer_container::not_a_peer (nano::endpoint const & endpoint_a, bool allow_local_peers)
 {
 	bool result (false);
 	if (endpoint_a.address ().to_v6 ().is_unspecified ())
 	{
 		result = true;
 	}
-	else if (nano::reserved_address (endpoint_a, blacklist_loopback))
+	else if (nano::reserved_address (endpoint_a, allow_local_peers))
 	{
 		result = true;
 	}
@@ -409,10 +409,10 @@ void nano::peer_container::rep_request (nano::endpoint const & endpoint_a)
 	}
 }
 
-bool nano::peer_container::reachout (nano::endpoint const & endpoint_a)
+bool nano::peer_container::reachout (nano::endpoint const & endpoint_a, bool allow_local_peers)
 {
 	// Don't contact invalid IPs
-	bool error = not_a_peer (endpoint_a, false);
+	bool error = not_a_peer (endpoint_a, allow_local_peers);
 	if (!error)
 	{
 		auto endpoint_l (nano::map_endpoint_to_v6 (endpoint_a));
@@ -426,11 +426,11 @@ bool nano::peer_container::reachout (nano::endpoint const & endpoint_a)
 	return error;
 }
 
-bool nano::peer_container::insert (nano::endpoint const & endpoint_a, unsigned version_a, bool preconfigured_a, boost::optional<nano::account> node_id_a)
+bool nano::peer_container::insert (nano::endpoint const & endpoint_a, unsigned version_a, bool allow_local_peers, boost::optional<nano::account> node_id_a)
 {
 	assert (endpoint_a.address ().is_v6 ());
 	auto unknown (false);
-	auto result (!preconfigured_a && not_a_peer (endpoint_a, false));
+	auto result (not_a_peer (endpoint_a, allow_local_peers));
 	if (!result)
 	{
 		if (version_a >= nano::protocol_version_min)
diff --git a/nano/node/peers.hpp b/nano/node/peers.hpp
index 39d08137..108f4774 100644
--- a/nano/node/peers.hpp
+++ b/nano/node/peers.hpp
@@ -69,7 +69,7 @@ public:
 	// Returns true if a Node ID handshake should begin
 	bool contacted (nano::endpoint const &, unsigned);
 	// Unassigned, reserved, self
-	bool not_a_peer (nano::endpoint const &, bool);
+	bool not_a_peer (nano::endpoint const &, bool = false);
 	// Returns true if peer was already known
 	bool known_peer (nano::endpoint const &);
 	// Notify of peer we received from
@@ -94,7 +94,7 @@ public:
 	bool rep_response (nano::endpoint const &, nano::account const &, nano::amount const &);
 	void rep_request (nano::endpoint const &);
 	// Should we reach out to this endpoint with a keepalive message
-	bool reachout (nano::endpoint const &);
+	bool reachout (nano::endpoint const &, bool = false);
 	// Returns boost::none if the IP is rate capped on syn cookie requests,
 	// or if the endpoint already has a syn cookie query
 	boost::optional<nano::uint256_union> assign_syn_cookie (nano::endpoint const &);