Merge branch 'main' into fix-ledger-api-doc

Author: minikin

Cargo.lock

@@ -0,0 +1,17 @@
+# Security
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to [email protected]. You will receive a
+response from us within 48 hours. If the issue is confirmed, we will release a patch as soon
+as possible.
+
+Please provide a clear and concise description of the vulnerability, including:
+
+* the affected version(s),
+* steps that can be followed to exercise the vulnerability,
+* any workarounds or mitigations.
+
+If you have developed any code or utilities that can help demonstrate the suspected
+vulnerability, please mention them in your email but ***DO NOT*** attempt to include them as
+attachments as this may cause your Email to be blocked by spam filters.

SECURITY.md

@@ -1,5 +1,8 @@
+use std::net::IpAddr;
+
 use crate::{crypto::hash::Hash, interfaces::BlockDate, time::SystemTime};
 use chain_impl_mockchain::key;
+
 use serde::{Deserialize, Serialize};
 
 /// identify the source of a fragment
@@ -10,9 +13,7 @@ pub enum FragmentOrigin {
     /// origins of the fragment and eventually blacklisting
     /// the senders from sending us more fragment (in case
     /// they are invalids or so)
-    ///
-    /// TODO: add the network identifier/IP Address
-    Network,
+    Network { addr: IpAddr },
     /// This marks the fragment is coming from the REST interface
     /// (a client wallet or another service).
     Rest,

src/jormungandr/jormungandr-lib/src/interfaces/fragment_log.rs

@@ -69,6 +69,7 @@ prometheus = { version = "0.13", optional = true }
 jsonrpsee-http-server = { version = "0.11.0" }
 jsonrpsee-core = { version = "0.11.0" }
 reqwest = { version = "0.11",  default-features = false, features = ["rustls-tls"] }
+local-ip-address = "0.4.9"
 
 [dev-dependencies]
 tokio = { version = "^1.15", features = ["full"] }

src/jormungandr/jormungandr/Cargo.toml

@@ -1,4 +1,4 @@
-use crate::fragment::FragmentId;
+use crate::{fragment::FragmentId, network::retrieve_local_ip};
 use jormungandr_lib::{
     crypto::hash::Hash,
     interfaces::{BlockDate, FragmentLog, FragmentOrigin, FragmentStatus},
@@ -76,7 +76,12 @@ impl Logs {
                 // Also, in this scenario we accept any provided FragmentStatus, since we do not
                 // actually know what the previous status was, and thus cannot execute the correct
                 // state transition.
-                let mut entry = FragmentLog::new(fragment_id.into_hash(), FragmentOrigin::Network);
+                let mut entry = FragmentLog::new(
+                    fragment_id.into_hash(),
+                    FragmentOrigin::Network {
+                        addr: retrieve_local_ip(),
+                    },
+                );
                 entry.modify(status);
                 self.entries.put(fragment_id, (entry, Some(ledger_date)));
             }

src/jormungandr/jormungandr/src/fragment/logs.rs

@@ -8,6 +8,7 @@ use crate::{
 use chain_core::property::ReadError;
 use chain_network::{data as net_data, error::Error as NetworkError};
 use futures::prelude::*;
+
 use std::fmt::Debug;
 use tokio_util::sync::CancellationToken;
 

src/jormungandr/jormungandr/src/network/bootstrap.rs

@@ -15,6 +15,11 @@ mod subscription;
 
 use self::convert::Encode;
 use futures::{future, prelude::*};
+use local_ip_address::local_ip;
+use std::{
+    fmt::Debug,
+    net::{IpAddr, Ipv4Addr},
+};
 use thiserror::Error;
 use tokio_util::sync::CancellationToken;
 
@@ -781,3 +786,17 @@ pub enum FetchBlockError {
     #[error("could not download block hash {block}")]
     CouldNotDownloadBlock { block: HeaderHash },
 }
+
+/// Infallible util function to obtain local IP addr
+pub fn retrieve_local_ip() -> IpAddr {
+    match local_ip() {
+        Ok(ip) => ip,
+        Err(err) => {
+            tracing::error!(
+                reason = %err,
+                "unable to lookup local addr"
+            );
+            std::net::IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1))
+        }
+    }
+}

src/jormungandr/jormungandr/src/network/mod.rs

@@ -2,6 +2,7 @@ use super::{buffer_sizes, convert::Decode, GlobalStateR};
 use crate::{
     blockcfg::Fragment,
     intercom::{self, BlockMsg, TopologyMsg, TransactionMsg},
+    network::retrieve_local_ip,
     settings::start::network::Configuration,
     topology::{Gossip, NodeId},
     utils::async_msg::{self, MessageBox},
@@ -19,6 +20,7 @@ use std::{
     pin::Pin,
     task::{Context, Poll},
 };
+
 use tracing_futures::Instrument;
 
 fn filter_gossip_node(node: &Gossip, config: &Configuration) -> bool {
@@ -372,10 +374,21 @@ impl FragmentProcessor {
             &mut self.buffered_fragments,
             Vec::with_capacity(buffer_sizes::inbound::FRAGMENTS),
         );
+
+        let addr = match self.global_state.config.address() {
+            Some(addr) => FragmentOrigin::Network { addr: addr.ip() },
+            None => {
+                tracing::info!("node addr not present in config, reverting to local lookup");
+                FragmentOrigin::Network {
+                    addr: retrieve_local_ip(),
+                }
+            }
+        };
+
         let (reply_handle, _reply_future) = intercom::unary_reply();
         self.mbox
             .start_send(TransactionMsg::SendTransactions {
-                origin: FragmentOrigin::Network,
+                origin: addr,
                 fragments,
                 fail_fast: false,
                 reply_handle,