Merge bitcoin/bitcoin#23077: Full CJDNS support

420695c193 contrib: recognize CJDNS seeds as such (Vasil Dimov) f9c28330a0 net: take the first 4 random bits from CJDNS addresses in GetGroup() (Vasil Dimov) 29ff79c0a2 net: relay CJDNS addresses even if we are not connected to CJDNS (Vasil Dimov) d96f8d304c net: don't skip CJDNS from GetNetworkNames() (Vasil Dimov) c2d751abba net: take CJDNS into account in CNetAddr::GetReachabilityFrom() (Vasil Dimov) 9b43b3b257 test: extend feature_proxy.py to test CJDNS (Vasil Dimov) 508eb258fd test: remove default argument of feature_proxy.py:node_test() (Vasil Dimov) 6387f397b3 net: recognize CJDNS addresses as such (Vasil Dimov) e6890fcb44 net: don't skip CJDNS from GetNetworksInfo() (Vasil Dimov) e9d90d3c11 net: introduce a new config option to enable CJDNS (Vasil Dimov) 78f456c576 net: recognize CJDNS from ParseNetwork() (Vasil Dimov) de01e312b3 net: use -proxy for connecting to the CJDNS network (Vasil Dimov) aedd02ef27 net: make it possible to connect to CJDNS addresses (Vasil Dimov) Pull request description: CJDNS overview ===== CJDNS is like a distributed, shared VPN with multiple entry points where every participant can reach any other participant. All participants use addresses from the `fc00::/8` network (reserved IPv6 range). Installation and configuration is done outside of applications, similarly to VPN (either in the host/OS or on the network router). Motivation ===== Even without this PR it is possible to connect two Bitcoin Core nodes through CJDNS manually by using e.g. `-addnode` in environments where CJDNS is set up. However, this PR is necessary for address relay to work properly and automatic connections to be made to CJDNS peers. I.e. to make CJDNS a first class citizen network like IPv4, IPv6, Tor and I2P. Considerations ===== An address from the `fc00::/8` network, could mean two things: 1. Part of a local network, as defined in RFC 4193. Like `10.0.0.0/8`. Bitcoin Core could be running on a machine with such address and have peers with those (e.g. in a local network), but those addresses are not relayed to other peers because they are not globally routable on the internet. 2. Part of the CJDNS network. This is like Tor or I2P - if we have connectivity to that network then we could reach such peers and we do relay them to other peers. So, Bitcoin Core needs to be able to tell which one is it when it encounters a bare `fc00::/8` address, e.g. from `-externalip=` or by looking up the machine's own addresses. Thus a new config option is introduced `-cjdnsreacable`: * `-cjdnsreacable=0`: it is assumed a `fc00::/8` address is a private IPv6 (1.) * `-cjdnsreacable=1`: it is assumed a `fc00::/8` address is a CJDNS one (2.) After setting up CJDNS outside of Bitcoin Core, a node operator only needs to enable this option. Addresses from P2P relay/gossip don't need that because they are properly tagged as IPv6 or as CJDNS. For testing ===== ``` [fc32:17ea:e415:c3bf:9808:149d:b5a2:c9aa]:8333 [fc68:7026:cb27:b014:5910:e609:dcdb:22a2]:8333 [fcb3:dc50:e1ae:7998:7dc0:7fa6:4582:8e46]:8333 [fcc7:be49:ccd1:dc91:3125:f0da:457d:8ce]:8333 [fcf2:d9e:3a25:4eef:8f84:251b:1b4d:c596]:8333 ``` ACKs for top commit: dunxen: ACK 420695c jonatack: re-ACK 420695c193 per `git range-diff 23ae793 4fbff39 420695c` laanwj: Code review ACK 420695c193 Tree-SHA512: 21559886271aa84671d52b120fa3fa5a50fdcf0fcb26e5b32049c56fab0d606438d19dd366a9c8ce612d3894237ae6d552ead3338b326487e3534399b88a317a
2026-06-02 17:24:58 +02:00 · 2021-11-08 14:29:56 +01:00
parent aecc08f62e 420695c193
commit 8346004ac8
11 changed files with 136 additions and 27 deletions
--- a/test/functional/feature_proxy.py
+++ b/test/functional/feature_proxy.py
@@ -12,6 +12,7 @@ Test plan:
    - `-proxy` (proxy everything)
    - `-onion` (proxy just onions)
    - `-proxyrandomize` Circuit randomization
+    - `-cjdnsreachable`
 - Proxy configurations to test on proxy side,
    - support no authentication (other proxy)
    - support no authentication + user/pass authentication (Tor)
@@ -26,6 +27,7 @@ addnode connect to IPv4
 addnode connect to IPv6
 addnode connect to onion
 addnode connect to generic DNS name
+addnode connect to a CJDNS address

 - Test getnetworkinfo for each node
 """
@@ -50,14 +52,15 @@ NET_IPV4 = "ipv4"
 NET_IPV6 = "ipv6"
 NET_ONION = "onion"
 NET_I2P = "i2p"
+NET_CJDNS = "cjdns"

 # Networks returned by RPC getnetworkinfo, defined in src/rpc/net.cpp::GetNetworksInfo()
-NETWORKS = frozenset({NET_IPV4, NET_IPV6, NET_ONION, NET_I2P})
+NETWORKS = frozenset({NET_IPV4, NET_IPV6, NET_ONION, NET_I2P, NET_CJDNS})


 class ProxyTest(BitcoinTestFramework):
    def set_test_params(self):
-        self.num_nodes = 4
+        self.num_nodes = 5
        self.setup_clean_chain = True

    def setup_nodes(self):
@@ -101,7 +104,9 @@ class ProxyTest(BitcoinTestFramework):
            ['-listen', f'-proxy={self.conf1.addr[0]}:{self.conf1.addr[1]}',f'-onion={self.conf2.addr[0]}:{self.conf2.addr[1]}',
                f'-i2psam={self.i2p_sam[0]}:{self.i2p_sam[1]}', '-i2pacceptincoming=0', '-proxyrandomize=0'],
            ['-listen', f'-proxy={self.conf2.addr[0]}:{self.conf2.addr[1]}','-proxyrandomize=1'],
-            []
+            [],
+            ['-listen', f'-proxy={self.conf1.addr[0]}:{self.conf1.addr[1]}','-proxyrandomize=1',
+                '-cjdnsreachable']
        ]
        if self.have_ipv6:
            args[3] = ['-listen', f'-proxy=[{self.conf3.addr[0]}]:{self.conf3.addr[1]}','-proxyrandomize=0', '-noonion']
@@ -113,7 +118,7 @@ class ProxyTest(BitcoinTestFramework):
            if peer["addr"] == addr:
                assert_equal(peer["network"], network)

-    def node_test(self, node, proxies, auth, test_onion=True):
+    def node_test(self, node, *, proxies, auth, test_onion, test_cjdns):
        rv = []
        addr = "15.61.23.23:1234"
        self.log.debug(f"Test: outgoing IPv4 connection through node for address {addr}")
@@ -161,6 +166,21 @@ class ProxyTest(BitcoinTestFramework):
            rv.append(cmd)
            self.network_test(node, addr, network=NET_ONION)

+        if test_cjdns:
+            addr = "[fc00:1:2:3:4:5:6:7]:8888"
+            self.log.debug(f"Test: outgoing CJDNS connection through node for address {addr}")
+            node.addnode(addr, "onetry")
+            cmd = proxies[1].queue.get()
+            assert isinstance(cmd, Socks5Command)
+            assert_equal(cmd.atyp, AddressType.DOMAINNAME)
+            assert_equal(cmd.addr, b"fc00:1:2:3:4:5:6:7")
+            assert_equal(cmd.port, 8888)
+            if not auth:
+                assert_equal(cmd.username, None)
+                assert_equal(cmd.password, None)
+            rv.append(cmd)
+            self.network_test(node, addr, network=NET_CJDNS)
+
        addr = "node.noumenon:8333"
        self.log.debug(f"Test: outgoing DNS name connection through node for address {addr}")
        node.addnode(addr, "onetry")
@@ -179,20 +199,33 @@ class ProxyTest(BitcoinTestFramework):

    def run_test(self):
        # basic -proxy
-        self.node_test(self.nodes[0], [self.serv1, self.serv1, self.serv1, self.serv1], False)
+        self.node_test(self.nodes[0],
+            proxies=[self.serv1, self.serv1, self.serv1, self.serv1],
+            auth=False, test_onion=True, test_cjdns=False)

        # -proxy plus -onion
-        self.node_test(self.nodes[1], [self.serv1, self.serv1, self.serv2, self.serv1], False)
+        self.node_test(self.nodes[1],
+            proxies=[self.serv1, self.serv1, self.serv2, self.serv1],
+            auth=False, test_onion=True, test_cjdns=False)

        # -proxy plus -onion, -proxyrandomize
-        rv = self.node_test(self.nodes[2], [self.serv2, self.serv2, self.serv2, self.serv2], True)
+        rv = self.node_test(self.nodes[2],
+            proxies=[self.serv2, self.serv2, self.serv2, self.serv2],
+            auth=True, test_onion=True, test_cjdns=False)
        # Check that credentials as used for -proxyrandomize connections are unique
        credentials = set((x.username,x.password) for x in rv)
        assert_equal(len(credentials), len(rv))

        if self.have_ipv6:
            # proxy on IPv6 localhost
-            self.node_test(self.nodes[3], [self.serv3, self.serv3, self.serv3, self.serv3], False, False)
+            self.node_test(self.nodes[3],
+                proxies=[self.serv3, self.serv3, self.serv3, self.serv3],
+                auth=False, test_onion=False, test_cjdns=False)
+
+        # -proxy=unauth -proxyrandomize=1 -cjdnsreachable
+        self.node_test(self.nodes[4],
+            proxies=[self.serv1, self.serv1, self.serv1, self.serv1],
+            auth=False, test_onion=True, test_cjdns=True)

        def networks_dict(d):
            r = {}
@@ -214,6 +247,7 @@ class ProxyTest(BitcoinTestFramework):
            assert_equal(n0[net]['proxy_randomize_credentials'], expected_randomize)
        assert_equal(n0['onion']['reachable'], True)
        assert_equal(n0['i2p']['reachable'], False)
+        assert_equal(n0['cjdns']['reachable'], False)

        n1 = networks_dict(self.nodes[1].getnetworkinfo())
        assert_equal(NETWORKS, n1.keys())
@@ -240,6 +274,7 @@ class ProxyTest(BitcoinTestFramework):
            assert_equal(n2[net]['proxy_randomize_credentials'], expected_randomize)
        assert_equal(n2['onion']['reachable'], True)
        assert_equal(n2['i2p']['reachable'], False)
+        assert_equal(n2['cjdns']['reachable'], False)

        if self.have_ipv6:
            n3 = networks_dict(self.nodes[3].getnetworkinfo())
@@ -253,6 +288,22 @@ class ProxyTest(BitcoinTestFramework):
                assert_equal(n3[net]['proxy_randomize_credentials'], False)
            assert_equal(n3['onion']['reachable'], False)
            assert_equal(n3['i2p']['reachable'], False)
+            assert_equal(n3['cjdns']['reachable'], False)
+
+        n4 = networks_dict(self.nodes[4].getnetworkinfo())
+        assert_equal(NETWORKS, n4.keys())
+        for net in NETWORKS:
+            if net == NET_I2P:
+                expected_proxy = ''
+                expected_randomize = False
+            else:
+                expected_proxy = '%s:%i' % (self.conf1.addr)
+                expected_randomize = True
+            assert_equal(n4[net]['proxy'], expected_proxy)
+            assert_equal(n4[net]['proxy_randomize_credentials'], expected_randomize)
+        assert_equal(n4['onion']['reachable'], True)
+        assert_equal(n4['i2p']['reachable'], False)
+        assert_equal(n4['cjdns']['reachable'], True)


 if __name__ == '__main__':
--- a/test/functional/interface_bitcoin_cli.py
+++ b/test/functional/interface_bitcoin_cli.py
@@ -136,7 +136,7 @@ class TestBitcoinCli(BitcoinTestFramework):
        network_info = self.nodes[0].getnetworkinfo()
        cli_get_info_string = self.nodes[0].cli('-getinfo').send_cli()
        cli_get_info = cli_get_info_string_to_dict(cli_get_info_string)
-        assert_equal(cli_get_info["Proxies"], "127.0.0.1:9050 (ipv4, ipv6, onion), 127.0.0.1:7656 (i2p)")
+        assert_equal(cli_get_info["Proxies"], "127.0.0.1:9050 (ipv4, ipv6, onion, cjdns), 127.0.0.1:7656 (i2p)")

        if self.is_wallet_compiled():
            self.log.info("Test -getinfo and bitcoin-cli getwalletinfo return expected wallet info")
--- a/test/functional/rpc_net.py
+++ b/test/functional/rpc_net.py
@@ -106,7 +106,7 @@ class NetTest(BitcoinTestFramework):
        assert_equal(peer_info[1][1]['connection_type'], 'inbound')

        # Check dynamically generated networks list in getpeerinfo help output.
-        assert "(ipv4, ipv6, onion, i2p, not_publicly_routable)" in self.nodes[0].help("getpeerinfo")
+        assert "(ipv4, ipv6, onion, i2p, cjdns, not_publicly_routable)" in self.nodes[0].help("getpeerinfo")

    def test_getnettotals(self):
        self.log.info("Test getnettotals")
@@ -157,7 +157,7 @@ class NetTest(BitcoinTestFramework):
            assert_net_servicesnames(int(info["localservices"], 0x10), info["localservicesnames"])

        # Check dynamically generated networks list in getnetworkinfo help output.
-        assert "(ipv4, ipv6, onion, i2p)" in self.nodes[0].help("getnetworkinfo")
+        assert "(ipv4, ipv6, onion, i2p, cjdns)" in self.nodes[0].help("getnetworkinfo")

    def test_getaddednodeinfo(self):
        self.log.info("Test getaddednodeinfo")
@@ -228,8 +228,8 @@ class NetTest(BitcoinTestFramework):
        assert_equal(res[0]["port"], 8333)
        assert_equal(res[0]["services"], P2P_SERVICES)

-        # Test for the absence of onion and I2P addresses.
-        for network in ["onion", "i2p"]:
+        # Test for the absence of onion, I2P and CJDNS addresses.
+        for network in ["onion", "i2p", "cjdns"]:
            assert_equal(self.nodes[0].getnodeaddresses(0, network), [])

        # Test invalid arguments.