From 98ab26df2f50823c473fd6d63b7d603dd6681051 Mon Sep 17 00:00:00 2001 From: garyschulte Date: Mon, 29 Jan 2024 08:41:31 -0800 Subject: [PATCH] filter empty ipv4 and ipv6 ping packet source addresses (#6474) * add empty ipv4 and ipv6 to the filtered ping packet source addresses Signed-off-by: garyschulte --- .../p2p/discovery/PeerDiscoveryAgent.java | 2 +- .../p2p/discovery/PeerDiscoveryAgentTest.java | 20 +++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/ethereum/p2p/src/main/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgent.java b/ethereum/p2p/src/main/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgent.java index a4af09481cd..5d05cc6531d 100644 --- a/ethereum/p2p/src/main/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgent.java +++ b/ethereum/p2p/src/main/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgent.java @@ -75,7 +75,7 @@ public abstract class PeerDiscoveryAgent { // clients ignore that, so we add in a little extra padding. private static final int MAX_PACKET_SIZE_BYTES = 1600; private static final List PING_PACKET_SOURCE_IGNORED = - List.of("127.0.0.1", "255.255.255.255"); + List.of("127.0.0.1", "255.255.255.255", "0.0.0.0", "::", "0:0:0:0:0:0:0:0"); protected final List bootstrapPeers; private final List peerRequirements = new CopyOnWriteArrayList<>(); diff --git a/ethereum/p2p/src/test/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgentTest.java b/ethereum/p2p/src/test/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgentTest.java index aae83ffdc8c..269eb92b084 100644 --- a/ethereum/p2p/src/test/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgentTest.java +++ b/ethereum/p2p/src/test/java/org/hyperledger/besu/ethereum/p2p/discovery/PeerDiscoveryAgentTest.java @@ -839,15 +839,31 @@ public void shouldNotBeActiveWhenConfigIsFalse() { @Test public void assertHostCorrectlyRevertsOnIgnoredPacketFrom() { final String sourceHost = "UDP_SOURCE_ORIGIN_HOST"; + final String emptyIPv4Host = "0.0.0.0"; + final String emptyIPv6Host = "::"; final String localHost = "127.0.0.1"; final String broadcastDefaultHost = "255.255.255.255"; final String routableHost = "50.50.50.50"; Endpoint source = new Endpoint(sourceHost, 30303, Optional.empty()); + Endpoint emptyIPv4 = new Endpoint(emptyIPv4Host, 30303, Optional.empty()); + Endpoint emptyIPv6 = new Endpoint(emptyIPv6Host, 30303, Optional.empty()); Endpoint endpointLocal = new Endpoint(localHost, 30303, Optional.empty()); Endpoint endpointBroadcast = new Endpoint(broadcastDefaultHost, 30303, Optional.empty()); Endpoint endpointRoutable = new Endpoint(routableHost, 30303, Optional.empty()); + Packet mockEmptyIPv4 = + when(mock(Packet.class).getPacketData(any())) + .thenReturn( + Optional.of( + PingPacketData.create(Optional.of(emptyIPv4), endpointLocal, UInt64.ONE))) + .getMock(); + Packet mockEmptyIPv6 = + when(mock(Packet.class).getPacketData(any())) + .thenReturn( + Optional.of( + PingPacketData.create(Optional.of(emptyIPv6), endpointLocal, UInt64.ONE))) + .getMock(); Packet mockLocal = when(mock(Packet.class).getPacketData(any())) .thenReturn( @@ -869,6 +885,10 @@ public void assertHostCorrectlyRevertsOnIgnoredPacketFrom() { Optional.of(endpointRoutable), endpointLocal, UInt64.ONE))) .getMock(); + // assert a pingpacketdata with empty ipv4 address reverts to the udp source host + assertThat(PeerDiscoveryAgent.deriveHost(source, mockEmptyIPv4)).isEqualTo(sourceHost); + // assert a pingpacketdata with empty ipv6 address reverts to the udp source host + assertThat(PeerDiscoveryAgent.deriveHost(source, mockEmptyIPv6)).isEqualTo(sourceHost); // assert a pingpacketdata from address of 127.0.0.1 reverts to the udp source host assertThat(PeerDiscoveryAgent.deriveHost(source, mockLocal)).isEqualTo(sourceHost); // assert that 255.255.255.255 reverts to the udp source host