bitcoin/test/functional/test_framework
Wladimir J. van der Laan 67be6d7a17
Merge #16248: Make whitebind/whitelist permissions more flexible
c5b404e8f1 Add functional tests for flexible whitebind/list (nicolas.dorier)
d541fa3918 Replace the use of fWhitelisted by permission checks (nicolas.dorier)
ecd5cf7ea4 Do not disconnect peer for asking mempool if it has NO_BAN permission (nicolas.dorier)
e5b26deaaa Make whitebind/whitelist permissions more flexible (nicolas.dorier)

Pull request description:

  # Motivation

  In 0.19, bloom filter will be disabled by default. I tried to make [a PR](https://github.com/bitcoin/bitcoin/pull/16176) to enable bloom filter for whitelisted peers regardless of `-peerbloomfilters`.

  Bloom filter have non existent privacy and server can omit filter's matches. However, both problems are completely irrelevant when you connect to your own node. If you connect to your own node, bloom filters are the most bandwidth efficient way to synchronize your light client without the need of some middleware like Electrum.

  It is also a superior alternative to BIP157 as it does not require to maintain an additional index and it would work well on pruned nodes.

  When I attempted to allow bloom filters for whitelisted peer, my proposal has been NACKed in favor of [a more flexible approach](https://github.com/bitcoin/bitcoin/pull/16176#issuecomment-500762907) which should allow node operator to set fine grained permissions instead of a global `whitelisted` attribute.

  Doing so will also make follow up idea very easy to implement in a backward compatible way.

  # Implementation details

  The PR propose a new format for `--white{list,bind}`. I added a way to specify permissions granted to inbound connection matching `white{list,bind}`.

  The following permissions exists:
  * ForceRelay
  * Relay
  * NoBan
  * BloomFilter
  * Mempool

  Example:
  * `-whitelist=bloomfilter@127.0.0.1/32`.
  * `-whitebind=bloomfilter,relay,noban@127.0.0.1:10020`.

  If no permissions are specified, `NoBan | Mempool` is assumed. (making this PR backward compatible)

  When we receive an inbound connection, we calculate the effective permissions for this peer by fetching the permissions granted from `whitelist`  and add to it the permissions granted from `whitebind`.

  To keep backward compatibility, if no permissions are specified in `white{list,bind}` (e.g. `--whitelist=127.0.0.1`) then parameters `-whitelistforcerelay` and `-whiterelay` will add the permissions `ForceRelay` and `Relay` to the inbound node.

  `-whitelistforcerelay` and `-whiterelay` are ignored if the permissions flags are explicitly set in `white{bind,list}`.

  # Follow up idea

  Based on this PR, other changes become quite easy to code in a trivially review-able, backward compatible way:

  * Changing `connect` at rpc and config file level to understand the permissions flags.
  * Changing the permissions of a peer at RPC level.

ACKs for top commit:
  laanwj:
    re-ACK c5b404e8f1

Tree-SHA512: adfefb373d09e68cae401247c8fc64034e305694cdef104bdcdacb9f1704277bd53b18f52a2427a5cffdbc77bda410d221aed252bc2ece698ffbb9cf1b830577
2019-08-14 17:07:12 +02:00
..
__init__.py Rename rpc-tests directory to functional 2017-03-20 10:40:31 -04:00
address.py scripted-diff: Update copyright in ./test 2019-03-02 10:58:35 -05:00
authproxy.py test: Properly log named args in authproxy 2019-04-08 18:38:54 -04:00
bignum.py Remove unused variables and/or function calls 2017-08-28 15:18:14 +02:00
blocktools.py test: Properly serialize BIP34 coinbase height 2019-07-09 14:12:33 -04:00
coverage.py Update copyright headers to 2018 2018-07-27 07:15:02 -04:00
descriptors.py Descriptor checksum 2019-02-15 22:36:05 -08:00
key.py Add comments to Python ECDSA implementation 2019-04-18 13:23:26 -07:00
messages.py Merge #16152: Disable bloom filtering by default. 2019-07-19 17:33:56 +08:00
mininode.py test: Fail early on disconnect in mininode.wait_for_* 2019-07-26 16:11:26 -04:00
netutil.py scripted-diff: Update copyright in ./test 2019-03-02 10:58:35 -05:00
script.py scripted-diff: Update copyright in ./test 2019-03-02 10:58:35 -05:00
segwit_addr.py Use BIP173 addresses in segwit.py test 2017-09-28 17:29:01 -07:00
siphash.py Update copyright headers to 2018 2018-07-27 07:15:02 -04:00
socks5.py scripted-diff: Update copyright in ./test 2019-03-02 10:58:35 -05:00
test_framework.py test: Adapt test framework for chains other than "regtest" 2019-07-31 17:00:25 -04:00
test_node.py Add functional tests for flexible whitebind/list 2019-08-11 11:33:29 +09:00
util.py Moved and renamed hash256 from util.py to zmq_interface.py 2019-08-13 15:39:46 -04:00
wallet_util.py [tests] move wallet util functions to wallet_util.py 2019-01-04 17:49:17 -08:00