451: Peer id check for transfer proof and encsig messages r=da-kami a=da-kami

Fixes #416 

The second commit will be relevant for changes planned in #411 

@thomaseizinger with #411 we will need access to Bob's database in the eventloop, this might influence design decisions for #401

Co-authored-by: Daniel Karzel <daniel@comit.network>
This commit is contained in:
bors[bot] 2021-04-29 09:38:59 +00:00 committed by GitHub
commit f74c59b857
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 40 additions and 6 deletions

View File

@ -68,6 +68,7 @@ impl From<(PeerId, Message)> for bob::OutEvent {
} => Self::TransferProofReceived {
msg: Box::new(request),
channel,
peer,
},
Message::Response { .. } => Self::unexpected_response(peer),
}

View File

@ -195,11 +195,32 @@ where
}
}
SwarmEvent::Behaviour(OutEvent::EncryptedSignatureReceived{ msg, channel, peer }) => {
let sender = match self.recv_encrypted_signature.remove(&msg.swap_id) {
let swap_id = msg.swap_id;
let swap_peer = self.db.get_peer_id(swap_id);
// Ensure that an incoming encrypted signature is sent by the peer-id associated with the swap
let swap_peer = match swap_peer {
Ok(swap_peer) => swap_peer,
Err(_) => {
tracing::warn!("Ignoring encrypted signature for unknown swap {} from {}", swap_id, peer);
continue;
}
};
if swap_peer != peer {
tracing::warn!(
%swap_id,
"Ignoring malicious encrypted signature from {}, expected to receive it from {}",
peer,
swap_peer);
continue;
}
let sender = match self.recv_encrypted_signature.remove(&swap_id) {
Some(sender) => sender,
None => {
// TODO: Don't just drop encsig if we currently don't have a running swap for it, save in db
tracing::warn!(%peer, "No sender for encrypted signature, maybe already handled?");
tracing::warn!(%swap_id, "No sender for encrypted signature, maybe already handled?");
continue;
}
};
@ -207,7 +228,7 @@ where
let mut responder = match sender.send(msg.tx_redeem_encsig).await {
Ok(responder) => responder,
Err(_) => {
tracing::warn!(%peer, "Failed to relay encrypted signature to swap");
tracing::warn!(%swap_id, "Failed to relay encrypted signature to swap");
continue;
}
};

View File

@ -21,6 +21,7 @@ pub enum OutEvent {
TransferProofReceived {
msg: Box<transfer_proof::Request>,
channel: ResponseChannel<()>,
peer: PeerId,
},
EncryptedSignatureAcknowledged {
id: RequestId,

View File

@ -117,11 +117,22 @@ impl EventLoop {
let _ = responder.respond(*response);
}
}
SwarmEvent::Behaviour(OutEvent::TransferProofReceived { msg, channel }) => {
if msg.swap_id != self.swap_id {
SwarmEvent::Behaviour(OutEvent::TransferProofReceived { msg, channel, peer }) => {
let swap_id = msg.swap_id;
if peer != self.alice_peer_id {
tracing::warn!(
%swap_id,
"Ignoring malicious transfer proof from {}, expected to receive it from {}",
peer,
self.alice_peer_id);
continue;
}
if swap_id != self.swap_id {
// TODO: Save unexpected transfer proofs in the database and check for messages in the database when handling swaps
tracing::warn!("Received unexpected transfer proof for swap {} while running swap {}. This transfer proof will be ignored.", msg.swap_id, self.swap_id);
tracing::warn!("Received unexpected transfer proof for swap {} while running swap {}. This transfer proof will be ignored.", swap_id, self.swap_id);
// When receiving a transfer proof that is unexpected we still have to acknowledge that it was received
let _ = self.swarm.behaviour_mut().transfer_proof.send_response(channel, ());