From 7367f5668bfb83ac11a163a9f26f1920c66e5aa3 Mon Sep 17 00:00:00 2001 From: achingbrain Date: Fri, 22 Nov 2024 16:09:34 +0000 Subject: [PATCH 1/6] fix: remove browser dial filter The filter functionality here is covered by the connection gater in libp2p itself so there's no need to duplicate it at the transport level. --- packages/transport-websockets/README.md | 36 +---------------- packages/transport-websockets/src/index.ts | 45 ++-------------------- 2 files changed, 5 insertions(+), 76 deletions(-) diff --git a/packages/transport-websockets/README.md b/packages/transport-websockets/README.md index 4035e3b7dc..4926057966 100644 --- a/packages/transport-websockets/README.md +++ b/packages/transport-websockets/README.md @@ -41,44 +41,10 @@ const node = await createLibp2p({ }) await node.start() -const ma = multiaddr('/ip4/127.0.0.1/tcp/9090/ws') +const ma = multiaddr('/dns4/example.com/tcp/9090/tls/ws') await node.dial(ma) ``` -## Filters - -When run in a browser by default this module will only connect to secure web socket addresses. - -To change this you should pass a filter to the factory function. - -You can create your own address filters for this transports, or rely in the filters [provided](./src/filters.js). - -The available filters are: - -- `filters.all` - - Returns all TCP and DNS based addresses, both with `ws` or `wss`. -- `filters.dnsWss` - - Returns all DNS based addresses with `wss`. -- `filters.dnsWsOrWss` - - Returns all DNS based addresses, both with `ws` or `wss`. - -## Example - Allow dialing insecure WebSockets - -```TypeScript -import { createLibp2p } from 'libp2p' -import { webSockets } from '@libp2p/websockets' -import * as filters from '@libp2p/websockets/filters' - -const node = await createLibp2p({ - transports: [ - webSockets({ - // connect to all sockets, even insecure ones - filter: filters.all - }) - ] -}) -``` - # Install ```console diff --git a/packages/transport-websockets/src/index.ts b/packages/transport-websockets/src/index.ts index f18ffb5961..7eea0727e8 100644 --- a/packages/transport-websockets/src/index.ts +++ b/packages/transport-websockets/src/index.ts @@ -18,43 +18,9 @@ * }) * await node.start() * - * const ma = multiaddr('/ip4/127.0.0.1/tcp/9090/ws') + * const ma = multiaddr('/dns4/example.com/tcp/9090/tls/ws') * await node.dial(ma) * ``` - * - * ## Filters - * - * When run in a browser by default this module will only connect to secure web socket addresses. - * - * To change this you should pass a filter to the factory function. - * - * You can create your own address filters for this transports, or rely in the filters [provided](./src/filters.js). - * - * The available filters are: - * - * - `filters.all` - * - Returns all TCP and DNS based addresses, both with `ws` or `wss`. - * - `filters.dnsWss` - * - Returns all DNS based addresses with `wss`. - * - `filters.dnsWsOrWss` - * - Returns all DNS based addresses, both with `ws` or `wss`. - * - * @example Allow dialing insecure WebSockets - * - * ```TypeScript - * import { createLibp2p } from 'libp2p' - * import { webSockets } from '@libp2p/websockets' - * import * as filters from '@libp2p/websockets/filters' - * - * const node = await createLibp2p({ - * transports: [ - * webSockets({ - * // connect to all sockets, even insecure ones - * filter: filters.all - * }) - * ] - * }) - * ``` */ import { transportSymbol, serviceCapabilities, ConnectionFailedError } from '@libp2p/interface' @@ -63,7 +29,6 @@ import { connect, type WebSocketOptions } from 'it-ws/client' import pDefer from 'p-defer' import { CustomProgressEvent } from 'progress-events' import { raceSignal } from 'race-signal' -import { isBrowser, isWebWorker } from 'wherearewe' import * as filters from './filters.js' import { createListener } from './listener.js' import { socketToMaConn } from './socket-to-conn.js' @@ -75,6 +40,9 @@ import type { ProgressEvent } from 'progress-events' import type { ClientOptions } from 'ws' export interface WebSocketsInit extends AbortOptions, WebSocketOptions { + /** + * @deprecated Use a ConnectionGater instead + */ filter?: MultiaddrFilter websocket?: ClientOptions server?: Server @@ -206,11 +174,6 @@ class WebSockets implements Transport { return this.init?.filter(multiaddrs) } - // Browser - if (isBrowser || isWebWorker) { - return filters.wss(multiaddrs) - } - return filters.all(multiaddrs) } From 4ef6b7d6198a2ead991793a15ddb141d1be67a9f Mon Sep 17 00:00:00 2001 From: achingbrain Date: Fri, 22 Nov 2024 16:31:12 +0000 Subject: [PATCH 2/6] chore: remove unused dep --- packages/transport-websockets/package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/transport-websockets/package.json b/packages/transport-websockets/package.json index bc08520026..f2270fba8b 100644 --- a/packages/transport-websockets/package.json +++ b/packages/transport-websockets/package.json @@ -84,7 +84,6 @@ "p-defer": "^4.0.1", "progress-events": "^1.0.0", "race-signal": "^1.0.2", - "wherearewe": "^2.0.1", "ws": "^8.17.0" }, "devDependencies": { From 7c89b467bf6fa19ae11e6075531e7a6e155bf5a7 Mon Sep 17 00:00:00 2001 From: achingbrain Date: Fri, 22 Nov 2024 16:47:43 +0000 Subject: [PATCH 3/6] chore: update deps --- packages/transport-websockets/package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/transport-websockets/package.json b/packages/transport-websockets/package.json index f2270fba8b..d11f30d4a0 100644 --- a/packages/transport-websockets/package.json +++ b/packages/transport-websockets/package.json @@ -92,7 +92,8 @@ "is-loopback-addr": "^2.0.2", "p-wait-for": "^5.0.2", "sinon": "^19.0.2", - "sinon-ts": "^2.0.0" + "sinon-ts": "^2.0.0", + "wherearewe": "^2.0.1" }, "browser": { "./dist/src/listener.js": "./dist/src/listener.browser.js" From 8b1ce0656e7ef1ab4d5d43ae31ee4abe3c982f2c Mon Sep 17 00:00:00 2001 From: achingbrain Date: Fri, 22 Nov 2024 16:58:05 +0000 Subject: [PATCH 4/6] chore: fix tests --- packages/transport-websockets/test/browser.ts | 27 ------------------- 1 file changed, 27 deletions(-) diff --git a/packages/transport-websockets/test/browser.ts b/packages/transport-websockets/test/browser.ts index 3c01ed0edd..d188bd4fd8 100644 --- a/packages/transport-websockets/test/browser.ts +++ b/packages/transport-websockets/test/browser.ts @@ -1,37 +1,10 @@ /* eslint-env mocha */ import { defaultLogger } from '@libp2p/logger' -import { multiaddr } from '@multiformats/multiaddr' import { expect } from 'aegir/chai' -import { isBrowser, isWebWorker } from 'wherearewe' import { webSockets } from '../src/index.js' -import type { Transport } from '@libp2p/interface' describe('libp2p-websockets', () => { - let ws: Transport - - beforeEach(async () => { - ws = webSockets()({ - logger: defaultLogger() - }) - }) - - it('should filter out no wss websocket addresses', function () { - const ma1 = multiaddr('/ip4/127.0.0.1/tcp/80/ws') - const ma2 = multiaddr('/ip4/127.0.0.1/tcp/443/wss') - const ma3 = multiaddr('/ip6/::1/tcp/80/ws') - const ma4 = multiaddr('/ip6/::1/tcp/443/wss') - - const valid = ws.dialFilter([ma1, ma2, ma3, ma4]) - - if (isBrowser || isWebWorker) { - expect(valid.length).to.equal(2) - expect(valid).to.deep.equal([ma2, ma4]) - } else { - expect(valid.length).to.equal(4) - } - }) - it('.createServer throws in browser', () => { expect(webSockets()({ logger: defaultLogger() From e76328d2a8b17b10af9ae2e25f3f186daea0116a Mon Sep 17 00:00:00 2001 From: achingbrain Date: Fri, 22 Nov 2024 17:09:25 +0000 Subject: [PATCH 5/6] chore: deps again --- packages/transport-websockets/package.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/transport-websockets/package.json b/packages/transport-websockets/package.json index d11f30d4a0..f2270fba8b 100644 --- a/packages/transport-websockets/package.json +++ b/packages/transport-websockets/package.json @@ -92,8 +92,7 @@ "is-loopback-addr": "^2.0.2", "p-wait-for": "^5.0.2", "sinon": "^19.0.2", - "sinon-ts": "^2.0.0", - "wherearewe": "^2.0.1" + "sinon-ts": "^2.0.0" }, "browser": { "./dist/src/listener.js": "./dist/src/listener.browser.js" From 78f76a13d8d82e17da3ca47d070d60bfb63dabfc Mon Sep 17 00:00:00 2001 From: achingbrain Date: Mon, 25 Nov 2024 08:33:34 +0000 Subject: [PATCH 6/6] chore: skip ws addresses in browser gater --- .../src/config/connection-gater.browser.ts | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/packages/libp2p/src/config/connection-gater.browser.ts b/packages/libp2p/src/config/connection-gater.browser.ts index 1196b2b2bc..6f9893c177 100644 --- a/packages/libp2p/src/config/connection-gater.browser.ts +++ b/packages/libp2p/src/config/connection-gater.browser.ts @@ -1,19 +1,33 @@ import { isPrivateIp } from '@libp2p/utils/private-ip' +import { WebSockets } from '@multiformats/multiaddr-matcher' import type { ConnectionGater } from '@libp2p/interface' import type { Multiaddr } from '@multiformats/multiaddr' +const CODEC_IP4 = 0x04 +const CODEC_IP6 = 0x29 + /** - * Returns a connection gater that disallows dialling private addresses by - * default. Browsers are severely limited in their resource usage so don't - * waste time trying to dial undiallable addresses. + * Returns a connection gater that disallows dialling private addresses or + * insecure websockets by default. + * + * Browsers are severely limited in their resource usage so don't waste time + * trying to dial undiallable addresses, and they also print verbose error + * messages when making connections over insecure transports which causes + * confusion. */ export function connectionGater (gater: ConnectionGater = {}): ConnectionGater { return { denyDialPeer: async () => false, denyDialMultiaddr: async (multiaddr: Multiaddr) => { + // do not connect to insecure websockets by default + if (WebSockets.matches(multiaddr)) { + return false + } + const tuples = multiaddr.stringTuples() - if (tuples[0][0] === 4 || tuples[0][0] === 41) { + // do not connect to private addresses by default + if (tuples[0][0] === CODEC_IP4 || tuples[0][0] === CODEC_IP6) { return Boolean(isPrivateIp(`${tuples[0][1]}`)) }