From dae5869abd8c25841d191c10965c2ed3cb1178d8 Mon Sep 17 00:00:00 2001
From: Cole Brown <bigswim@gmail.com>
Date: Thu, 13 Jun 2019 16:17:24 -0400
Subject: [PATCH 1/2] Update private addr advertise logic

No longer send private addrs in Identify requests when connection is via
public address
---
 p2p/protocol/identify/id.go      | 11 +++--
 p2p/protocol/identify/id_test.go | 78 ++++++++++++++++++++++++++++++++
 2 files changed, 86 insertions(+), 3 deletions(-)

diff --git a/p2p/protocol/identify/id.go b/p2p/protocol/identify/id.go
index a3ddddaa45..3bde2d2788 100644
--- a/p2p/protocol/identify/id.go
+++ b/p2p/protocol/identify/id.go
@@ -20,6 +20,7 @@ import (
 	lgbl "github.com/libp2p/go-libp2p-loggables"
 
 	ma "github.com/multiformats/go-multiaddr"
+	manet "github.com/multiformats/go-multiaddr-net"
 	msmux "github.com/multiformats/go-multistream"
 )
 
@@ -216,9 +217,13 @@ func (ids *IDService) populateMessage(mes *pb.Identify, c network.Conn) {
 
 	// set listen addrs, get our latest addrs from Host.
 	laddrs := ids.Host.Addrs()
-	mes.ListenAddrs = make([][]byte, len(laddrs))
-	for i, addr := range laddrs {
-		mes.ListenAddrs[i] = addr.Bytes()
+	viaPublicAddr := manet.IsPublicAddr(c.LocalMultiaddr())
+	mes.ListenAddrs = make([][]byte, 0, len(laddrs))
+	for _, addr := range laddrs {
+		if viaPublicAddr && manet.IsPrivateAddr(addr) {
+			continue
+		}
+		mes.ListenAddrs = append(mes.ListenAddrs, addr.Bytes())
 	}
 	log.Debugf("%s sent listen addrs to %s: %s", c.LocalPeer(), c.RemotePeer(), laddrs)
 
diff --git a/p2p/protocol/identify/id_test.go b/p2p/protocol/identify/id_test.go
index d3ff401d41..4ad8962099 100644
--- a/p2p/protocol/identify/id_test.go
+++ b/p2p/protocol/identify/id_test.go
@@ -9,11 +9,14 @@ import (
 	"github.com/libp2p/go-libp2p-core/host"
 	"github.com/libp2p/go-libp2p-core/peer"
 	"github.com/libp2p/go-libp2p-core/peerstore"
+	coretest "github.com/libp2p/go-libp2p-core/test"
 
 	blhost "github.com/libp2p/go-libp2p-blankhost"
 	swarmt "github.com/libp2p/go-libp2p-swarm/testing"
 	identify "github.com/libp2p/go-libp2p/p2p/protocol/identify"
 
+	"github.com/libp2p/go-libp2p-peerstore/pstoremem"
+	mocknet "github.com/libp2p/go-libp2p/p2p/net/mock"
 	ma "github.com/multiformats/go-multiaddr"
 )
 
@@ -182,3 +185,78 @@ func TestProtoMatching(t *testing.T) {
 		t.Fatal("expected mismatch")
 	}
 }
+
+func TestPrivateAddrFiltering(t *testing.T) {
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+	mn := mocknet.New(ctx)
+	id1 := coretest.RandPeerIDFatal(t)
+	ps1 := pstoremem.NewPeerstore()
+	p1addr1, _ := ma.NewMultiaddr("/ip4/1.2.3.4/tcp/1234")
+	p1addr2, _ := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/2345")
+	ps1.AddAddrs(id1, []ma.Multiaddr{p1addr1, p1addr2}, peerstore.PermanentAddrTTL)
+	p1, err := mn.AddPeerWithPeerstore(id1, ps1)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id2 := coretest.RandPeerIDFatal(t)
+	ps2 := pstoremem.NewPeerstore()
+	p2addr1, _ := ma.NewMultiaddr("/ip4/1.2.3.5/tcp/1234")
+	p2addr2, _ := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/3456")
+	ps2.AddAddrs(id2, []ma.Multiaddr{p2addr1, p2addr2}, peerstore.PermanentAddrTTL)
+	p2, err := mn.AddPeerWithPeerstore(id2, ps2)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	id3 := coretest.RandPeerIDFatal(t)
+	ps3 := pstoremem.NewPeerstore()
+	p3addr1, _ := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/4567")
+	ps3.AddAddrs(id3, []ma.Multiaddr{p3addr1}, peerstore.PermanentAddrTTL)
+	p3, err := mn.AddPeerWithPeerstore(id3, ps3)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	err = mn.LinkAll()
+	if err != nil {
+		t.Fatal(err)
+	}
+	mn.ConnectPeers(id1, id2)
+
+	_ = identify.NewIDService(ctx, p1)
+	ids2 := identify.NewIDService(ctx, p2)
+	ids3 := identify.NewIDService(ctx, p3)
+
+	conns := p2.Network().ConnsToPeer(id1)
+	if len(conns) == 0 {
+		t.Fatal("no conns")
+	}
+	conn := conns[0]
+	addrs := p2.Peerstore().Addrs(id1)
+	if len(addrs) > 0 {
+		t.Fatalf("had addrs for %s", id1)
+	}
+	ids2.IdentifyConn(conn)
+	addrs = p2.Peerstore().Addrs(id1)
+	if len(addrs) != 1 {
+		t.Fatalf("expected one addr, found %s", addrs)
+	}
+
+	mn.ConnectPeers(id2, id3)
+	addrs = p3.Peerstore().Addrs(id2)
+	if len(addrs) > 0 {
+		t.Fatalf("had addrs for %s", id2)
+	}
+	conns = p3.Network().ConnsToPeer(id2)
+	if len(conns) == 0 {
+		t.Fatal("no conns")
+	}
+	conn = conns[0]
+	ids3.IdentifyConn(conn)
+	addrs = p3.Peerstore().Addrs(id2)
+	if len(addrs) != 2 {
+		t.Fatalf("expected 2 addrs for %s, found %d", id2, len(addrs))
+	}
+}

From 5527cd2e690b9815a1e97ac37244474a2f29449f Mon Sep 17 00:00:00 2001
From: Cole Brown <bigswim@gmail.com>
Date: Thu, 13 Jun 2019 17:35:18 -0400
Subject: [PATCH 2/2] Use IsIPLoopback for identify filtering

---
 p2p/protocol/identify/id.go      |  4 ++--
 p2p/protocol/identify/id_test.go | 25 ++++++++++++-------------
 2 files changed, 14 insertions(+), 15 deletions(-)

diff --git a/p2p/protocol/identify/id.go b/p2p/protocol/identify/id.go
index 3bde2d2788..d046ae368c 100644
--- a/p2p/protocol/identify/id.go
+++ b/p2p/protocol/identify/id.go
@@ -217,10 +217,10 @@ func (ids *IDService) populateMessage(mes *pb.Identify, c network.Conn) {
 
 	// set listen addrs, get our latest addrs from Host.
 	laddrs := ids.Host.Addrs()
-	viaPublicAddr := manet.IsPublicAddr(c.LocalMultiaddr())
+	viaLoopback := manet.IsIPLoopback(c.LocalMultiaddr())
 	mes.ListenAddrs = make([][]byte, 0, len(laddrs))
 	for _, addr := range laddrs {
-		if viaPublicAddr && manet.IsPrivateAddr(addr) {
+		if !viaLoopback && manet.IsIPLoopback(addr) {
 			continue
 		}
 		mes.ListenAddrs = append(mes.ListenAddrs, addr.Bytes())
diff --git a/p2p/protocol/identify/id_test.go b/p2p/protocol/identify/id_test.go
index 4ad8962099..c65b7a74f2 100644
--- a/p2p/protocol/identify/id_test.go
+++ b/p2p/protocol/identify/id_test.go
@@ -204,7 +204,8 @@ func TestPrivateAddrFiltering(t *testing.T) {
 	ps2 := pstoremem.NewPeerstore()
 	p2addr1, _ := ma.NewMultiaddr("/ip4/1.2.3.5/tcp/1234")
 	p2addr2, _ := ma.NewMultiaddr("/ip4/127.0.0.1/tcp/3456")
-	ps2.AddAddrs(id2, []ma.Multiaddr{p2addr1, p2addr2}, peerstore.PermanentAddrTTL)
+	p2addrs := []ma.Multiaddr{p2addr1, p2addr2}
+	ps2.AddAddrs(id2, p2addrs, peerstore.PermanentAddrTTL)
 	p2, err := mn.AddPeerWithPeerstore(id2, ps2)
 	if err != nil {
 		t.Fatal(err)
@@ -223,7 +224,14 @@ func TestPrivateAddrFiltering(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	mn.ConnectPeers(id1, id2)
+	p1.Connect(ctx, peer.AddrInfo{
+		ID:    id2,
+		Addrs: p2addrs[0:1],
+	})
+	p3.Connect(ctx, peer.AddrInfo{
+		ID:    id2,
+		Addrs: p2addrs[1:],
+	})
 
 	_ = identify.NewIDService(ctx, p1)
 	ids2 := identify.NewIDService(ctx, p2)
@@ -234,21 +242,12 @@ func TestPrivateAddrFiltering(t *testing.T) {
 		t.Fatal("no conns")
 	}
 	conn := conns[0]
-	addrs := p2.Peerstore().Addrs(id1)
-	if len(addrs) > 0 {
-		t.Fatalf("had addrs for %s", id1)
-	}
 	ids2.IdentifyConn(conn)
-	addrs = p2.Peerstore().Addrs(id1)
+	addrs := p2.Peerstore().Addrs(id1)
 	if len(addrs) != 1 {
 		t.Fatalf("expected one addr, found %s", addrs)
 	}
 
-	mn.ConnectPeers(id2, id3)
-	addrs = p3.Peerstore().Addrs(id2)
-	if len(addrs) > 0 {
-		t.Fatalf("had addrs for %s", id2)
-	}
 	conns = p3.Network().ConnsToPeer(id2)
 	if len(conns) == 0 {
 		t.Fatal("no conns")
@@ -257,6 +256,6 @@ func TestPrivateAddrFiltering(t *testing.T) {
 	ids3.IdentifyConn(conn)
 	addrs = p3.Peerstore().Addrs(id2)
 	if len(addrs) != 2 {
-		t.Fatalf("expected 2 addrs for %s, found %d", id2, len(addrs))
+		t.Fatalf("expected 2 addrs for %s, found %d: %s", id2, len(addrs), addrs)
 	}
 }