use std::{ collections::HashSet, fmt, future::Future, net::{IpAddr, Ipv4Addr, SocketAddr}, pin::Pin, sync::Arc, task::{Context, Poll}, }; use chrono::{TimeZone, Utc}; use futures::{ channel::{mpsc, oneshot}, future, FutureExt, SinkExt, StreamExt, }; use tokio::{net::TcpStream, sync::broadcast, task::JoinError, time::timeout}; use tokio_util::codec::Framed; use tower::Service; use tracing::{span, Level, Span}; use tracing_futures::Instrument; use zebra_chain::{block, parameters::Network}; use crate::{ constants, meta_addr::MetaAddrChange, protocol::{ external::{types::*, Codec, InventoryHash, Message}, internal::{Request, Response}, }, types::MetaAddr, BoxError, Config, }; use super::{Client, ClientRequest, Connection, ErrorSlot, HandshakeError, PeerError}; /// A [`Service`] that handshakes with a remote peer and constructs a /// client/server pair. /// /// CORRECTNESS /// /// To avoid hangs, each handshake (or its connector) should be: /// - launched in a separate task, and /// - wrapped in a timeout. #[derive(Clone)] pub struct Handshake { config: Config, inbound_service: S, timestamp_collector: mpsc::Sender, inv_collector: broadcast::Sender<(InventoryHash, SocketAddr)>, nonces: Arc>>, user_agent: String, our_services: PeerServices, relay: bool, parent_span: Span, } /// The peer address that we are handshaking with. /// /// Typically, we can rely on outbound addresses, but inbound addresses don't /// give us enough information to reconnect to that peer. #[derive(Copy, Clone, PartialEq)] pub enum ConnectedAddr { /// The address we used to make a direct outbound connection. /// /// In an honest network, a Zcash peer is listening on this exact address /// and port. OutboundDirect { addr: SocketAddr }, /// The address we received from the OS, when a remote peer directly /// connected to our Zcash listener port. /// /// In an honest network, a Zcash peer might be listening on this address, /// if its outbound address is the same as its listener address. But the port /// is an ephemeral outbound TCP port, not a listener port. InboundDirect { maybe_ip: IpAddr, transient_port: u16, }, /// The proxy address we used to make an outbound connection. /// /// The proxy address can be used by many connections, but our own ephemeral /// outbound address and port can be used as an identifier for the duration /// of this connection. OutboundProxy { proxy_addr: SocketAddr, transient_local_addr: SocketAddr, }, /// The address we received from the OS, when a remote peer connected via an /// inbound proxy. /// /// The proxy's ephemeral outbound address can be used as an identifier for /// the duration of this connection. InboundProxy { transient_addr: SocketAddr }, /// An isolated connection, where we deliberately don't have any connection metadata. Isolated, // // TODO: handle Tor onion addresses } /// Get an unspecified IPv4 address for `network` pub fn get_unspecified_ipv4_addr(network: Network) -> SocketAddr { (Ipv4Addr::UNSPECIFIED, network.default_port()).into() } use ConnectedAddr::*; impl ConnectedAddr { /// Returns a new outbound directly connected addr. pub fn new_outbound_direct(addr: SocketAddr) -> ConnectedAddr { OutboundDirect { addr } } /// Returns a new inbound directly connected addr. pub fn new_inbound_direct(addr: SocketAddr) -> ConnectedAddr { InboundDirect { maybe_ip: addr.ip(), transient_port: addr.port(), } } /// Returns a new outbound connected addr via `proxy`. /// /// `local_addr` is the ephemeral local address of the connection. #[allow(unused)] pub fn new_outbound_proxy(proxy: SocketAddr, local_addr: SocketAddr) -> ConnectedAddr { OutboundProxy { proxy_addr: proxy, transient_local_addr: local_addr, } } /// Returns a new inbound connected addr from `proxy`. // // TODO: distinguish between direct listeners and proxy listeners in the // rest of zebra-network #[allow(unused)] pub fn new_inbound_proxy(proxy: SocketAddr) -> ConnectedAddr { InboundProxy { transient_addr: proxy, } } /// Returns a new isolated connected addr, with no metadata. pub fn new_isolated() -> ConnectedAddr { Isolated } /// Returns a `SocketAddr` that can be used to track this connection in the /// `AddressBook`. /// /// `None` for inbound connections, proxy connections, and isolated /// connections. /// /// # Correctness /// /// This address can be used for reconnection attempts, or as a permanent /// identifier. /// /// # Security /// /// This address must not depend on the canonical address from the `Version` /// message. Otherwise, malicious peers could interfere with other peers /// `AddressBook` state. pub fn get_address_book_addr(&self) -> Option { match self { OutboundDirect { addr } => Some(*addr), // TODO: consider using the canonical address of the peer to track // outbound proxy connections InboundDirect { .. } | OutboundProxy { .. } | InboundProxy { .. } | Isolated => None, } } /// Returns a `SocketAddr` that can be used to temporarily identify a /// connection. /// /// Isolated connections must not change Zebra's peer set or address book /// state, so they do not have an identifier. /// /// # Correctness /// /// The returned address is only valid while the original connection is /// open. It must not be used in the `AddressBook`, for outbound connection /// attempts, or as a permanent identifier. /// /// # Security /// /// This address must not depend on the canonical address from the `Version` /// message. Otherwise, malicious peers could interfere with other peers' /// `PeerSet` state. pub fn get_transient_addr(&self) -> Option { match self { OutboundDirect { addr } => Some(*addr), InboundDirect { maybe_ip, transient_port, } => Some(SocketAddr::new(*maybe_ip, *transient_port)), OutboundProxy { transient_local_addr, .. } => Some(*transient_local_addr), InboundProxy { transient_addr } => Some(*transient_addr), Isolated => None, } } /// Returns the metrics label for this connection's address. pub fn get_transient_addr_label(&self) -> String { self.get_transient_addr() .map_or_else(|| "isolated".to_string(), |addr| addr.to_string()) } /// Returns a short label for the kind of connection. pub fn get_short_kind_label(&self) -> &'static str { match self { OutboundDirect { .. } => "Out", InboundDirect { .. } => "In", OutboundProxy { .. } => "ProxOut", InboundProxy { .. } => "ProxIn", Isolated => "Isol", } } /// Returns a list of alternate remote peer addresses, which can be used for /// reconnection attempts. /// /// Uses the connected address, and the remote canonical address. /// /// Skips duplicates. If this is an outbound connection, also skips the /// remote address that we're currently connected to. pub fn get_alternate_addrs( &self, mut canonical_remote: SocketAddr, ) -> impl Iterator { let addrs = match self { OutboundDirect { addr } => { // Fixup unspecified addresses and ports using known good data if canonical_remote.ip().is_unspecified() { canonical_remote.set_ip(addr.ip()); } if canonical_remote.port() == 0 { canonical_remote.set_port(addr.port()); } // Try the canonical remote address, if it is different from the // outbound address (which we already have in our address book) if &canonical_remote != addr { vec![canonical_remote] } else { // we didn't learn a new address from the handshake: // it's the same as the outbound address, which is already in our address book Vec::new() } } InboundDirect { maybe_ip, .. } => { // Use the IP from the TCP connection, and the port the peer told us let maybe_addr = SocketAddr::new(*maybe_ip, canonical_remote.port()); // Try both addresses, but remove one duplicate if they match if canonical_remote != maybe_addr { vec![canonical_remote, maybe_addr] } else { vec![canonical_remote] } } // Proxy addresses can't be used for reconnection attempts, but we // can try the canonical remote address OutboundProxy { .. } | InboundProxy { .. } => vec![canonical_remote], // Hide all metadata for isolated connections Isolated => Vec::new(), }; addrs.into_iter() } } impl fmt::Debug for ConnectedAddr { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { let kind = self.get_short_kind_label(); let addr = self.get_transient_addr_label(); if matches!(self, Isolated) { f.write_str(kind) } else { f.debug_tuple(kind).field(&addr).finish() } } } /// A builder for `Handshake`. pub struct Builder { config: Option, inbound_service: Option, timestamp_collector: Option>, our_services: Option, user_agent: Option, relay: Option, inv_collector: Option>, } impl Builder where S: Service + Clone + Send + 'static, S::Future: Send, { /// Provide a config. Mandatory. pub fn with_config(mut self, config: Config) -> Self { self.config = Some(config); self } /// Provide a service to handle inbound requests. Mandatory. pub fn with_inbound_service(mut self, inbound_service: S) -> Self { self.inbound_service = Some(inbound_service); self } /// Provide a channel for registering inventory advertisements. Optional. /// /// This channel takes transient remote addresses, which the `PeerSet` uses /// to look up peers that have specific inventory. pub fn with_inventory_collector( mut self, inv_collector: broadcast::Sender<(InventoryHash, SocketAddr)>, ) -> Self { self.inv_collector = Some(inv_collector); self } /// Provide a hook for timestamp collection. Optional. /// /// This channel takes `MetaAddr`s, permanent addresses which can be used to /// make outbound connections to peers. pub fn with_timestamp_collector( mut self, timestamp_collector: mpsc::Sender, ) -> Self { self.timestamp_collector = Some(timestamp_collector); self } /// Provide the services this node advertises to other peers. Optional. /// /// If this is unset, the node will advertise itself as a client. pub fn with_advertised_services(mut self, services: PeerServices) -> Self { self.our_services = Some(services); self } /// Provide this node's user agent. Optional. /// /// This must be a valid BIP14 string. If it is unset, the user-agent will be empty. pub fn with_user_agent(mut self, user_agent: String) -> Self { self.user_agent = Some(user_agent); self } /// Whether to request that peers relay transactions to our node. Optional. /// /// If this is unset, the node will not request transactions. pub fn want_transactions(mut self, relay: bool) -> Self { self.relay = Some(relay); self } /// Consume this builder and produce a [`Handshake`]. /// /// Returns an error only if any mandatory field was unset. pub fn finish(self) -> Result, &'static str> { let config = self.config.ok_or("did not specify config")?; let inbound_service = self .inbound_service .ok_or("did not specify inbound service")?; let inv_collector = self.inv_collector.unwrap_or_else(|| { let (tx, _) = broadcast::channel(100); tx }); let timestamp_collector = self.timestamp_collector.unwrap_or_else(|| { // No timestamp collector was passed, so create a stub channel. // Dropping the receiver means sends will fail, but we don't care. let (tx, _rx) = mpsc::channel(1); tx }); let nonces = Arc::new(futures::lock::Mutex::new(HashSet::new())); let user_agent = self.user_agent.unwrap_or_else(|| "".to_string()); let our_services = self.our_services.unwrap_or_else(PeerServices::empty); let relay = self.relay.unwrap_or(false); Ok(Handshake { config, inbound_service, inv_collector, timestamp_collector, nonces, user_agent, our_services, relay, parent_span: Span::current(), }) } } impl Handshake where S: Service + Clone + Send + 'static, S::Future: Send, { /// Create a builder that configures a [`Handshake`] service. pub fn builder() -> Builder { // We don't derive `Default` because the derive inserts a `where S: // Default` bound even though `Option` implements `Default` even if // `S` does not. Builder { config: None, inbound_service: None, timestamp_collector: None, user_agent: None, our_services: None, relay: None, inv_collector: None, } } } /// Negotiate the Zcash network protocol version with the remote peer /// at `connected_addr`, using the connection `peer_conn`. /// /// We split `Handshake` into its components before calling this function, /// to avoid infectious `Sync` bounds on the returned future. pub async fn negotiate_version( peer_conn: &mut Framed, connected_addr: &ConnectedAddr, config: Config, nonces: Arc>>, user_agent: String, our_services: PeerServices, relay: bool, ) -> Result<(Version, PeerServices, SocketAddr), HandshakeError> { // Create a random nonce for this connection let local_nonce = Nonce::default(); // # Correctness // // It is ok to wait for the lock here, because handshakes have a short // timeout, and the async mutex will be released when the task times // out. nonces.lock().await.insert(local_nonce); // Don't leak our exact clock skew to our peers. On the other hand, // we can't deviate too much, or zcashd will get confused. // Inspection of the zcashd source code reveals that the timestamp // is only ever used at the end of parsing the version message, in // // pfrom->nTimeOffset = timeWarning.AddTimeData(pfrom->addr, nTime, GetTime()); // // AddTimeData is defined in src/timedata.cpp and is a no-op as long // as the difference between the specified timestamp and the // zcashd's local time is less than TIMEDATA_WARNING_THRESHOLD, set // to 10 * 60 seconds (10 minutes). // // nTimeOffset is peer metadata that is never used, except for // statistics. // // To try to stay within the range where zcashd will ignore our clock skew, // truncate the timestamp to the nearest 5 minutes. let now = Utc::now().timestamp(); let timestamp = Utc.timestamp(now - now.rem_euclid(5 * 60), 0); let (their_addr, our_services, our_listen_addr) = match connected_addr { // Version messages require an address, so we use // an unspecified address for Isolated connections Isolated => { let unspec_ipv4 = get_unspecified_ipv4_addr(config.network); (unspec_ipv4, PeerServices::empty(), unspec_ipv4) } _ => { let their_addr = connected_addr .get_transient_addr() .expect("non-Isolated connections have a remote addr"); (their_addr, our_services, config.listen_addr) } }; let our_version = Message::Version { version: constants::CURRENT_VERSION, services: our_services, timestamp, address_recv: (PeerServices::NODE_NETWORK, their_addr), // TODO: detect external address (#1893) address_from: (our_services, our_listen_addr), nonce: local_nonce, user_agent: user_agent.clone(), // The protocol works fine if we don't reveal our current block height, // and not sending it means we don't need to be connected to the chain state. start_height: block::Height(0), relay, }; debug!(?our_version, "sending initial version message"); peer_conn.send(our_version).await?; let remote_msg = peer_conn .next() .await .ok_or(HandshakeError::ConnectionClosed)??; // Check that we got a Version and destructure its fields into the local scope. debug!(?remote_msg, "got message from remote peer"); let (remote_nonce, remote_services, remote_version, remote_canonical_addr) = if let Message::Version { version, services, address_from, nonce, .. } = remote_msg { let (address_services, canonical_addr) = address_from; if address_services != services { info!( ?services, ?address_services, "peer with inconsistent version services and version address services" ); } (nonce, services, version, canonical_addr) } else { Err(HandshakeError::UnexpectedMessage(Box::new(remote_msg)))? }; // Check for nonce reuse, indicating self-connection // // # Correctness // // We must wait for the lock before we continue with the connection, to avoid // self-connection. If the connection times out, the async lock will be // released. let nonce_reuse = { let mut locked_nonces = nonces.lock().await; let nonce_reuse = locked_nonces.contains(&remote_nonce); // Regardless of whether we observed nonce reuse, clean up the nonce set. locked_nonces.remove(&local_nonce); nonce_reuse }; if nonce_reuse { Err(HandshakeError::NonceReuse)?; } // XXX in zcashd remote peer can only send one version message and // we would disconnect here if it received a second one. Is it even possible // for that to happen to us here? // TODO: Reject incoming connections from nodes that don't know about the current epoch. // zcashd does this: // const Consensus::Params& consensusParams = chainparams.GetConsensus(); // auto currentEpoch = CurrentEpoch(GetHeight(), consensusParams); // if (pfrom->nVersion < consensusParams.vUpgrades[currentEpoch].nProtocolVersion) // // For approximately 1.5 days before a network upgrade, zcashd also: // - avoids old peers, and // - prefers updated peers. // We haven't decided if we need this behaviour in Zebra yet (see #706). // // At the network upgrade, we also need to disconnect from old peers (see #1334). // // TODO: replace min_for_upgrade(network, MIN_NETWORK_UPGRADE) with // current_min(network, height) where network is the // configured network, and height is the best tip's block // height. if remote_version < Version::min_for_upgrade(config.network, constants::MIN_NETWORK_UPGRADE) { // Disconnect if peer is using an obsolete version. Err(HandshakeError::ObsoleteVersion(remote_version))?; } peer_conn.send(Message::Verack).await?; let remote_msg = peer_conn .next() .await .ok_or(HandshakeError::ConnectionClosed)??; if let Message::Verack = remote_msg { debug!("got verack from remote peer"); } else { Err(HandshakeError::UnexpectedMessage(Box::new(remote_msg)))?; } Ok((remote_version, remote_services, remote_canonical_addr)) } pub type HandshakeRequest = (TcpStream, ConnectedAddr); impl Service for Handshake where S: Service + Clone + Send + 'static, S::Future: Send, { type Response = Client; type Error = BoxError; type Future = Pin> + Send + 'static>>; fn poll_ready(&mut self, _cx: &mut Context<'_>) -> Poll> { Poll::Ready(Ok(())) } fn call(&mut self, req: HandshakeRequest) -> Self::Future { let (tcp_stream, connected_addr) = req; let negotiator_span = debug_span!("negotiator", peer = ?connected_addr); // set the peer connection span's parent to the global span, as it // should exist independently of its creation source (inbound // connection, crawler, initial peer, ...) let connection_span = span!(parent: &self.parent_span, Level::INFO, "", peer = ?connected_addr); // Clone these upfront, so they can be moved into the future. let nonces = self.nonces.clone(); let inbound_service = self.inbound_service.clone(); let mut timestamp_collector = self.timestamp_collector.clone(); let inv_collector = self.inv_collector.clone(); let config = self.config.clone(); let user_agent = self.user_agent.clone(); let our_services = self.our_services; let relay = self.relay; let fut = async move { debug!( addr = ?connected_addr, "negotiating protocol version with remote peer" ); // CORRECTNESS // // As a defence-in-depth against hangs, every send or next on stream // should be wrapped in a timeout. let mut peer_conn = Framed::new( tcp_stream, Codec::builder() .for_network(config.network) .with_metrics_addr_label(connected_addr.get_transient_addr_label()) .finish(), ); // Wrap the entire initial connection setup in a timeout. let (remote_version, remote_services, remote_canonical_addr) = timeout( constants::HANDSHAKE_TIMEOUT, negotiate_version( &mut peer_conn, &connected_addr, config, nonces, user_agent, our_services, relay, ), ) .await??; // If we've learned potential peer addresses from an inbound // connection or handshake, add those addresses to our address book. // // # Security // // We must handle alternate addresses separately from connected // addresses. Otherwise, malicious peers could interfere with the // address book state of other peers by providing their addresses in // `Version` messages. let alternate_addrs = connected_addr.get_alternate_addrs(remote_canonical_addr); for alt_addr in alternate_addrs { let alt_addr = MetaAddr::new_alternate(&alt_addr, &remote_services); // awaiting a local task won't hang let _ = timestamp_collector.send(alt_addr).await; } // Set the connection's version to the minimum of the received version or our own. let negotiated_version = std::cmp::min(remote_version, constants::CURRENT_VERSION); // Reconfigure the codec to use the negotiated version. // // XXX The tokio documentation says not to do this while any frames are still being processed. // Since we don't know that here, another way might be to release the tcp // stream from the unversioned Framed wrapper and construct a new one with a versioned codec. let bare_codec = peer_conn.codec_mut(); bare_codec.reconfigure_version(negotiated_version); debug!("constructing client, spawning server"); // These channels should not be cloned more than they are // in this block, see constants.rs for more. let (server_tx, server_rx) = mpsc::channel(0); let (shutdown_tx, shutdown_rx) = oneshot::channel(); let slot = ErrorSlot::default(); let client = Client { shutdown_tx: Some(shutdown_tx), server_tx: server_tx.clone(), error_slot: slot.clone(), }; let (peer_tx, peer_rx) = peer_conn.split(); // Instrument the peer's rx and tx streams. let inner_conn_span = connection_span.clone(); let peer_tx = peer_tx.with(move |msg: Message| { let span = debug_span!(parent: inner_conn_span.clone(), "outbound_metric"); // Add a metric for outbound messages. metrics::counter!( "zcash.net.out.messages", 1, "command" => msg.to_string(), "addr" => connected_addr.get_transient_addr_label(), ); // We need to use future::ready rather than an async block here, // because we need the sink to be Unpin, and the With // returned by .with is Unpin only if Fut is Unpin, and the // futures generated by async blocks are not Unpin. future::ready(Ok(msg)).instrument(span) }); // CORRECTNESS // // Every message and error must update the peer address state via // the inbound_ts_collector. let inbound_ts_collector = timestamp_collector.clone(); let inv_collector = inv_collector.clone(); let ts_inner_conn_span = connection_span.clone(); let inv_inner_conn_span = connection_span.clone(); let peer_rx = peer_rx .then(move |msg| { // Add a metric for inbound messages and errors. // Fire a timestamp or failure event. let mut inbound_ts_collector = inbound_ts_collector.clone(); let span = debug_span!(parent: ts_inner_conn_span.clone(), "inbound_ts_collector"); async move { match &msg { Ok(msg) => { metrics::counter!( "zcash.net.in.messages", 1, "command" => msg.to_string(), "addr" => connected_addr.get_transient_addr_label(), ); if let Some(book_addr) = connected_addr.get_address_book_addr() { // the collector doesn't depend on network activity, // so this await should not hang let _ = inbound_ts_collector .send(MetaAddr::new_responded(&book_addr, &remote_services)) .await; } } Err(err) => { metrics::counter!( "zebra.net.in.errors", 1, "error" => err.to_string(), "addr" => connected_addr.get_transient_addr_label(), ); if let Some(book_addr) = connected_addr.get_address_book_addr() { let _ = inbound_ts_collector .send(MetaAddr::new_errored(&book_addr, remote_services)) .await; } } } msg } .instrument(span) }) .then(move |msg| { let inv_collector = inv_collector.clone(); let span = debug_span!(parent: inv_inner_conn_span.clone(), "inventory_filter"); async move { if let (Ok(Message::Inv(hashes)), Some(transient_addr)) = (&msg, connected_addr.get_transient_addr()) { // We ignore inventory messages with more than one // block, because they are most likely replies to a // query, rather than a newly gossiped block. // // (We process inventory messages with any number of // transactions.) // // https://zebra.zfnd.org/dev/rfcs/0003-inventory-tracking.html#inventory-monitoring // // TODO: zcashd has a bug where it merges queued inv messages of // the same or different types. So Zebra should split small // merged inv messages into separate inv messages. (#1799) match hashes.as_slice() { [hash @ InventoryHash::Block(_)] => { let _ = inv_collector.send((*hash, transient_addr)); } [hashes @ ..] => { for hash in hashes { if matches!(hash, InventoryHash::Tx(_)) { debug!(?hash, "registering Tx inventory hash"); // The peer set and inv collector use the peer's remote // address as an identifier let _ = inv_collector.send((*hash, transient_addr)); } else { trace!(?hash, "ignoring non Tx inventory hash") } } } } } msg } .instrument(span) }) .boxed(); use super::connection; let server = Connection { state: connection::State::AwaitingRequest, svc: inbound_service, client_rx: server_rx.into(), error_slot: slot, peer_tx, request_timer: None, }; tokio::spawn( server .run(peer_rx) .instrument(connection_span.clone()) .boxed(), ); // CORRECTNESS // // To prevent hangs: // - every await that depends on the network must have a timeout (or interval) // - every error/shutdown must update the address book state and return // // The address book state can be updated via `ClientRequest.tx`, or the // heartbeat_ts_collector. // // Returning from the spawned closure terminates the connection's heartbeat task. let heartbeat_span = tracing::debug_span!(parent: connection_span, "heartbeat"); let heartbeat_ts_collector = timestamp_collector.clone(); tokio::spawn( async move { use futures::future::Either; let mut shutdown_rx = shutdown_rx; let mut server_tx = server_tx; let mut timestamp_collector = heartbeat_ts_collector.clone(); let mut interval_stream = tokio::time::interval(constants::HEARTBEAT_INTERVAL); loop { let shutdown_rx_ref = Pin::new(&mut shutdown_rx); // CORRECTNESS // // Currently, select prefers the first future if multiple // futures are ready. // // Starvation is impossible here, because interval has a // slow rate, and shutdown is a oneshot. If both futures // are ready, we want the shutdown to take priority over // sending a useless heartbeat. if matches!( future::select(shutdown_rx_ref, interval_stream.next()).await, Either::Left(_) ) { tracing::trace!("shutting down due to Client shut down"); if let Some(book_addr) = connected_addr.get_address_book_addr() { // awaiting a local task won't hang let _ = timestamp_collector .send(MetaAddr::new_shutdown(&book_addr, remote_services)) .await; } return; } // We've reached another heartbeat interval without // shutting down, so do a heartbeat request. // // TODO: await heartbeat and shutdown. The select // function needs pinned types, but pinned generics // are hard (#1678) let heartbeat = send_one_heartbeat(&mut server_tx); if heartbeat_timeout( heartbeat, &mut timestamp_collector, &connected_addr, &remote_services, ) .await .is_err() { return; } } } .instrument(heartbeat_span) .boxed(), ); Ok(client) }; // Spawn a new task to drive this handshake. tokio::spawn(fut.instrument(negotiator_span)) .map(|x: Result, JoinError>| Ok(x??)) .boxed() } } /// Send one heartbeat using `server_tx`. async fn send_one_heartbeat(server_tx: &mut mpsc::Sender) -> Result<(), BoxError> { // We just reached a heartbeat interval, so start sending // a heartbeat. let (tx, rx) = oneshot::channel(); // Try to send the heartbeat request let request = Request::Ping(Nonce::default()); tracing::trace!(?request, "queueing heartbeat request"); match server_tx.try_send(ClientRequest { request, tx, span: tracing::Span::current(), }) { Ok(()) => {} Err(e) => { if e.is_disconnected() { Err(PeerError::ConnectionClosed)?; } else if e.is_full() { // Send the message when the Client becomes ready. // If sending takes too long, the heartbeat timeout will elapse // and close the connection, reducing our load to busy peers. server_tx.send(e.into_inner()).await?; } else { // we need to map unexpected error types to PeerErrors warn!(?e, "unexpected try_send error"); Err(e)?; }; } } // Flush the heartbeat request from the queue server_tx.flush().await?; tracing::trace!("sent heartbeat request"); // Heartbeats are checked internally to the // connection logic, but we need to wait on the // response to avoid canceling the request. rx.await??; tracing::trace!("got heartbeat response"); Ok(()) } /// Wrap `fut` in a timeout, handing any inner or outer errors using /// `handle_heartbeat_error`. async fn heartbeat_timeout( fut: F, timestamp_collector: &mut mpsc::Sender, connected_addr: &ConnectedAddr, remote_services: &PeerServices, ) -> Result where F: Future>, { let t = match timeout(constants::HEARTBEAT_INTERVAL, fut).await { Ok(inner_result) => { handle_heartbeat_error( inner_result, timestamp_collector, connected_addr, remote_services, ) .await? } Err(elapsed) => { handle_heartbeat_error( Err(elapsed), timestamp_collector, connected_addr, remote_services, ) .await? } }; Ok(t) } /// If `result.is_err()`, mark `connected_addr` as failed using `timestamp_collector`. async fn handle_heartbeat_error( result: Result, timestamp_collector: &mut mpsc::Sender, connected_addr: &ConnectedAddr, remote_services: &PeerServices, ) -> Result where E: std::fmt::Debug, { match result { Ok(t) => Ok(t), Err(err) => { tracing::debug!(?err, "heartbeat error, shutting down"); if let Some(book_addr) = connected_addr.get_address_book_addr() { let _ = timestamp_collector .send(MetaAddr::new_errored(&book_addr, *remote_services)) .await; } Err(err) } } }