discovery+server: use network-specific functions for fallback SRV lookup
In this commit, we fix a bug where a fallback SRV lookup would leak information if `lnd` was set to route connections over Tor. We solve this by using the network-specific functions rather than the standard ones found in the `net` package.
This commit is contained in:
parent
d6d0c26252
commit
3bb1733fa2
@ -12,6 +12,7 @@ import (
|
||||
"github.com/davecgh/go-spew/spew"
|
||||
"github.com/lightningnetwork/lnd/autopilot"
|
||||
"github.com/lightningnetwork/lnd/lnwire"
|
||||
"github.com/lightningnetwork/lnd/tor"
|
||||
"github.com/miekg/dns"
|
||||
"github.com/roasbeef/btcd/btcec"
|
||||
"github.com/roasbeef/btcutil/bech32"
|
||||
@ -247,8 +248,7 @@ type DNSSeedBootstrapper struct {
|
||||
// receive the IP address of the current authoritative DNS server for
|
||||
// the network seed.
|
||||
dnsSeeds [][2]string
|
||||
lookupHost func(string) ([]string, error)
|
||||
lookupSRV func(string, string, string) (string, []*net.SRV, error)
|
||||
net tor.Net
|
||||
}
|
||||
|
||||
// A compile time assertion to ensure that DNSSeedBootstrapper meets the
|
||||
@ -262,14 +262,8 @@ var _ NetworkPeerBootstrapper = (*ChannelGraphBootstrapper)(nil)
|
||||
// used as a fallback for manual TCP resolution in the case of an error
|
||||
// receiving the UDP response. The second host should return a single A record
|
||||
// with the IP address of the authoritative name server.
|
||||
func NewDNSSeedBootstrapper(seeds [][2]string, lookupHost func(string) ([]string, error),
|
||||
lookupSRV func(string, string, string) (string, []*net.SRV, error)) (
|
||||
NetworkPeerBootstrapper, error) {
|
||||
return &DNSSeedBootstrapper{
|
||||
dnsSeeds: seeds,
|
||||
lookupHost: lookupHost,
|
||||
lookupSRV: lookupSRV,
|
||||
}, nil
|
||||
func NewDNSSeedBootstrapper(seeds [][2]string, net tor.Net) NetworkPeerBootstrapper {
|
||||
return &DNSSeedBootstrapper{dnsSeeds: seeds, net: net}
|
||||
}
|
||||
|
||||
// fallBackSRVLookup attempts to manually query for SRV records we need to
|
||||
@ -280,12 +274,14 @@ func NewDNSSeedBootstrapper(seeds [][2]string, lookupHost func(string) ([]string
|
||||
// the records we return are currently too large for a class of resolvers,
|
||||
// causing them to be filtered out. The targetEndPoint is the original end
|
||||
// point that was meant to be hit.
|
||||
func fallBackSRVLookup(soaShim string, targetEndPoint string) ([]*net.SRV, error) {
|
||||
func (d *DNSSeedBootstrapper) fallBackSRVLookup(soaShim string,
|
||||
targetEndPoint string) ([]*net.SRV, error) {
|
||||
|
||||
log.Tracef("Attempting to query fallback DNS seed")
|
||||
|
||||
// First, we'll lookup the IP address of the server that will act as
|
||||
// our shim.
|
||||
addrs, err := net.LookupHost(soaShim)
|
||||
addrs, err := d.net.LookupHost(soaShim)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -293,7 +289,7 @@ func fallBackSRVLookup(soaShim string, targetEndPoint string) ([]*net.SRV, error
|
||||
// Once we have the IP address, we'll establish a TCP connection using
|
||||
// port 53.
|
||||
dnsServer := net.JoinHostPort(addrs[0], "53")
|
||||
conn, err := net.Dial("tcp", dnsServer)
|
||||
conn, err := d.net.Dial("tcp", dnsServer)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -356,10 +352,12 @@ search:
|
||||
// keys of nodes. We use the lndLookupSRV function for
|
||||
// this task.
|
||||
primarySeed := dnsSeedTuple[0]
|
||||
_, addrs, err := d.lookupSRV("nodes", "tcp", primarySeed)
|
||||
_, addrs, err := d.net.LookupSRV("nodes", "tcp", primarySeed)
|
||||
if err != nil {
|
||||
log.Tracef("Unable to lookup SRV records via "+
|
||||
"primary seed, falling back to secondary")
|
||||
"primary seed: %v", err)
|
||||
|
||||
log.Trace("Falling back to secondary")
|
||||
|
||||
// If the host of the secondary seed is blank,
|
||||
// then we'll bail here as we can't proceed.
|
||||
@ -371,7 +369,7 @@ search:
|
||||
// the primary seed, we'll fallback to the
|
||||
// secondary seed before concluding failure.
|
||||
soaShim := dnsSeedTuple[1]
|
||||
addrs, err = fallBackSRVLookup(
|
||||
addrs, err = d.fallBackSRVLookup(
|
||||
soaShim, primarySeed,
|
||||
)
|
||||
if err != nil {
|
||||
@ -397,7 +395,7 @@ search:
|
||||
// key. We use the lndLookup function for this
|
||||
// task.
|
||||
bechNodeHost := nodeSrv.Target
|
||||
addrs, err := d.lookupHost(bechNodeHost)
|
||||
addrs, err := d.net.LookupHost(bechNodeHost)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
10
server.go
10
server.go
@ -720,15 +720,9 @@ func initNetworkBootstrappers(s *server) ([]discovery.NetworkPeerBootstrapper, e
|
||||
srvrLog.Infof("Creating DNS peer bootstrapper with "+
|
||||
"seeds: %v", dnsSeeds)
|
||||
|
||||
dnsBootStrapper, err := discovery.NewDNSSeedBootstrapper(
|
||||
dnsSeeds,
|
||||
cfg.net.LookupHost,
|
||||
cfg.net.LookupSRV,
|
||||
dnsBootStrapper := discovery.NewDNSSeedBootstrapper(
|
||||
dnsSeeds, cfg.net,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
bootStrappers = append(bootStrappers, dnsBootStrapper)
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user