feat: add forwarding proxy server

Author: hunjixin

cmd/market-proxy/main.go

@@ -0,0 +1,112 @@
+package main
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/hex"
+	"log"
+	"os"
+
+	"github.com/filecoin-project/venus-market/v2/config"
+
+	logging "github.com/ipfs/go-log/v2"
+	"github.com/urfave/cli/v2"
+
+	"github.com/filecoin-project/go-fil-markets/storagemarket"
+
+	"github.com/filecoin-project/go-fil-markets/retrievalmarket"
+	"github.com/ipfs/go-graphsync/network"
+
+	"github.com/filecoin-project/venus-market/v2/protocolproxy"
+	"github.com/libp2p/go-libp2p/core/peer"
+
+	"github.com/filecoin-project/venus-market/v2/version"
+	"github.com/libp2p/go-libp2p"
+	"github.com/libp2p/go-libp2p/core/crypto"
+	"github.com/libp2p/go-libp2p/core/protocol"
+)
+
+var protocols = []protocol.ID{
+	//storage
+	storagemarket.AskProtocolID,
+	storagemarket.OldAskProtocolID,
+
+	storagemarket.DealProtocolID110,
+	storagemarket.DealProtocolID101,
+	storagemarket.DealProtocolID111,
+
+	storagemarket.OldDealStatusProtocolID,
+	storagemarket.DealStatusProtocolID,
+
+	//retrieval
+	retrievalmarket.QueryProtocolID,
+	retrievalmarket.OldQueryProtocolID,
+
+	network.ProtocolGraphsync_1_0_0,
+	network.ProtocolGraphsync_2_0_0,
+}
+
+var mainLog = logging.Logger("market-proxy")
+
+func main() {
+	app := &cli.App{
+		Name:                 "venus-market",
+		Usage:                "venus-market",
+		Version:              version.UserVersion(),
+		EnableBashCompletion: true,
+	}
+
+	if err := app.Run(os.Args); err != nil {
+		log.Fatal(err)
+	}
+}
+
+type ProxyConfig struct {
+	ProxyServer string
+}
+
+func run(cfg *config.ProxyServer) error {
+	var pkey crypto.PrivKey
+	var err error
+	if len(cfg.PrivateKey) == 0 {
+		privateKeyBytes, err := hex.DecodeString(cfg.PrivateKey)
+		if err != nil {
+			return err
+		}
+		crypto.UnmarshalPrivateKey(privateKeyBytes)
+	} else {
+		pkey, _, err = crypto.GenerateEd25519Key(rand.Reader)
+		if err != nil {
+			return err
+		}
+	}
+
+	opts := []libp2p.Option{
+		libp2p.ListenAddrStrings(cfg.ListenAddresses...),
+		libp2p.Identity(pkey),
+		libp2p.DefaultPeerstore,
+		libp2p.NoListenAddrs,
+		libp2p.Ping(true),
+		libp2p.UserAgent("venus-market-proxy" + version.UserVersion()),
+	}
+
+	h, err := libp2p.New(opts...)
+	if err != nil {
+		return err
+	}
+
+	addrInfo, err := peer.AddrInfoFromString(cfg.Backends[0])
+	if err != nil {
+		return err
+	}
+	proxyHost, err := protocolproxy.NewProtocolProxy(h, map[peer.ID][]protocol.ID{
+		addrInfo.ID: protocols,
+	})
+	if err != nil {
+		return err
+	}
+	defer proxyHost.Close()
+
+	proxyHost.Start(context.Background())
+	return nil
+}

config/common.go

@@ -32,6 +32,7 @@ type Libp2p struct {
 	ProtectedPeers      []string
 
 	PrivateKey string
+	Proxy      string
 }
 
 type Common struct {

config/proxy_server.go

@@ -0,0 +1,6 @@
+package config
+
+type ProxyServer struct {
+	Libp2p
+	Backends []string
+}

network/host.go

@@ -4,6 +4,10 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/filecoin-project/venus-market/v2/config"
+
+	"github.com/filecoin-project/venus-market/v2/protocolproxy"
+
 	"github.com/filecoin-project/venus-market/v2/version"
 	"github.com/ipfs-force-community/metrics"
 	"github.com/libp2p/go-libp2p"
@@ -19,6 +23,8 @@ type P2PHostIn struct {
 	ID        peer.ID
 	Peerstore peerstore.Peerstore
 
+	Cfg *config.Libp2p
+
 	Opts [][]libp2p.Option `group:"libp2p"`
 }
 
@@ -45,6 +51,14 @@ func Host(mctx metrics.MetricsCtx, lc fx.Lifecycle, params P2PHostIn) (host.Host
 		return nil, err
 	}
 
+	if len(params.Cfg.Proxy) == 0 {
+		addrInfo, err := peer.AddrInfoFromString(params.Cfg.Proxy)
+		if err != nil {
+			return nil, err
+		}
+		h = protocolproxy.NewForwardingHost(h, *addrInfo)
+	}
+
 	lc.Append(fx.Hook{
 		OnStop: func(ctx context.Context) error {
 			return h.Close()

protocolproxy/errors.go

@@ -0,0 +1,29 @@
+package protocolproxy
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/libp2p/go-libp2p/core/protocol"
+)
+
+// ErrNotRegistered indicates a peer has not registered a given protocol but is
+// trying to extend or terminate the registration
+type ErrNotRegistered struct {
+	p          peer.ID
+	protocolID protocol.ID
+}
+
+func (e ErrNotRegistered) Error() string {
+	return fmt.Sprintf("protocol %s is not registered to peer %s", e.protocolID, e.p)
+}
+
+// ErrNoInboundRequests is thrown by the load balancer when it receives and inbound request
+var ErrNoInboundRequests = errors.New("inbound requests not accepted")
+
+// ErrNoOutboundRequests is thrown by the service node when it receives and outbound request
+var ErrNoOutboundRequests = errors.New("outbound requests not accepted")
+
+// ErrInboundRequestsAreSingleProtocol is thrown by the service node when it receives and outbound request
+var ErrInboundRequestsAreSingleProtocol = errors.New("inbound requests are single protocol")

protocolproxy/forwardinghost.go

@@ -0,0 +1,195 @@
+package protocolproxy
+
+import (
+	"context"
+	"fmt"
+	"sync"
+
+	"github.com/filecoin-project/venus-market/v2/protocolproxy/messages"
+	"github.com/libp2p/go-libp2p/core/host"
+	"github.com/libp2p/go-libp2p/core/network"
+	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/libp2p/go-libp2p/core/protocol"
+)
+
+// ForwardingHost is a host that behaves as a service node connected to a proxy
+// -- all traffic is routed through the proxy for each registered protocol
+type ForwardingHost struct {
+	host.Host
+	proxy      peer.ID
+	handlersLk sync.RWMutex
+	handlers   map[protocol.ID]network.StreamHandler
+}
+
+// NewForwardingHost node constructs a service node connected to the given proxy on the passed
+// in host. A forwarding host behaves exactly like a host.Host but setting up new protocol handlers
+// registers routes on the proxy node.
+func NewForwardingHost(h host.Host, proxy peer.AddrInfo) host.Host {
+	fh := &ForwardingHost{
+		Host:     h,
+		proxy:    proxy.ID,
+		handlers: make(map[protocol.ID]network.StreamHandler),
+	}
+	fh.Host.SetStreamHandler(ForwardingProtocolID, fh.handleForwarding)
+	return fh
+}
+
+// Close shuts down a service node host's forwarding
+func (fh *ForwardingHost) Close() error {
+	fh.Host.RemoveStreamHandler(ForwardingProtocolID)
+	return fh.Host.Close()
+}
+
+// SetStreamHandler interrupts the normal process of setting up stream handlers by also
+// registering a route on the connected protocol proxy. All traffic on the forwarding
+// protocol will go through the forwarding handshake with the proxy, then the native
+// handler will be called
+func (fh *ForwardingHost) SetStreamHandler(pid protocol.ID, handler network.StreamHandler) {
+	fh.Host.SetStreamHandler(pid, handler)
+
+	// Save the handler so it can be invoked from the forwarding protocol's handler
+	// only set the handler if we are successful in registering the route
+	fh.handlersLk.Lock()
+	fh.handlers[pid] = handler
+	fh.handlersLk.Unlock()
+}
+
+// these wrappings on the stream or conn make it SEEM like the request is coming
+// from the original peer, so that it's processed as if it were
+type wrappedStream struct {
+	network.Stream
+	protocol protocol.ID
+	remote   peer.ID
+}
+
+type wrappedConn struct {
+	network.Conn
+	remote peer.ID
+}
+
+func (ws *wrappedStream) Protocol() protocol.ID {
+	return ws.protocol
+}
+
+func (ws *wrappedStream) Conn() network.Conn {
+	conn := ws.Stream.Conn()
+	return &wrappedConn{conn, ws.remote}
+}
+
+func (wc *wrappedConn) RemotePeer() peer.ID {
+	return wc.remote
+}
+
+// handle inbound forwarding requests
+func (fh *ForwardingHost) handleForwarding(s network.Stream) {
+	// only accept requests from the proxy
+	if s.Conn().RemotePeer() != fh.proxy {
+		_ = s.Reset()
+		return
+	}
+
+	// read the forwarding request
+	request, err := messages.ReadForwardingRequest(s)
+	if err != nil {
+		log.Warnf("reading forwarding request: %s", err)
+		_ = s.Reset()
+		return
+	}
+
+	log.Debugw("received forwarding request for protocol", "protocols", request.Protocols, "remote", request.Remote)
+
+	// validate the request
+	handler, responseErr := fh.validateForwardingRequest(request)
+
+	if responseErr != nil {
+		log.Infof("rejected forwarding request: %s", responseErr)
+		_ = s.Reset()
+		return
+	}
+
+	// forward to regular handler, which will close stream
+	handler(&wrappedStream{s, request.Protocols[0], request.Remote})
+}
+
+// validates a forwarding request is one we can accept
+func (fh *ForwardingHost) validateForwardingRequest(request *messages.ForwardingRequest) (network.StreamHandler, error) {
+	fh.handlersLk.RLock()
+	defer fh.handlersLk.RUnlock()
+
+	// only accept inbound requests
+	if request.Kind != messages.ForwardingInbound {
+		return nil, ErrNoOutboundRequests
+	}
+
+	// only accept inbound requests for one protocol
+	if len(request.Protocols) != 1 {
+		return nil, ErrInboundRequestsAreSingleProtocol
+	}
+
+	// check for a registered handler
+	registeredHandler, ok := fh.handlers[request.Protocols[0]]
+
+	// don't accept inbound requests on protocols we didn't setup routing for
+	if !ok {
+		return nil, ErrNotRegistered{fh.ID(), request.Protocols[0]}
+	}
+
+	// return the registered handler
+	return registeredHandler, nil
+}
+
+// Calls to "NewStream" open an outbound forwarding request to the proxy, that is then sent on
+// the the specified peer
+func (fh *ForwardingHost) NewStream(ctx context.Context, p peer.ID, protocols ...protocol.ID) (network.Stream, error) {
+	// If there is a direct connection to the peer (or there was a connection
+	// recently) open the stream over the direct connection
+	if p != fh.proxy {
+		connectedness := fh.Host.Network().Connectedness(p)
+		if connectedness == network.Connected || connectedness == network.CanConnect {
+			return fh.Host.NewStream(ctx, p, protocols...)
+		}
+	}
+
+	// open a forwarding stream
+	routedStream, err := fh.Host.NewStream(ctx, fh.proxy, ForwardingProtocolID)
+	if err != nil {
+		return nil, err
+	}
+
+	// write an outbound forwarding request with the remote peer and protocol
+	err = messages.WriteOutboundForwardingRequest(routedStream, p, protocols)
+	if err != nil {
+		routedStream.Close()
+		return nil, err
+	}
+
+	// read the response
+	outbound, err := messages.ReadForwardingResponse(routedStream)
+	// check for error writing the response
+	if err != nil {
+		routedStream.Close()
+		return nil, err
+	}
+	// check the response was accepted
+	if outbound.Code != messages.ResponseOk {
+		routedStream.Close()
+		return nil, fmt.Errorf("opening forwarded stream: %s", outbound.Message)
+	}
+
+	// return a wrapped stream that appears like a normal stream with the original peer
+	return &wrappedStream{routedStream, *outbound.ProtocolID, p}, nil
+}
+
+// RemoveStreamHandler removes a stream handler by shutting down registered route with the original host
+func (fh *ForwardingHost) RemoveStreamHandler(pid protocol.ID) {
+	// check if the handler exists
+	fh.handlersLk.Lock()
+	delete(fh.handlers, pid)
+	fh.handlersLk.Unlock()
+}
+
+// Connect for now does nothing
+func (fh *ForwardingHost) Connect(ctx context.Context, pi peer.AddrInfo) error {
+	// for now, this does nothing -- see discussion/improvements
+	return nil
+}