fix: preventing IP 0.0.0.0 from being published and allowing peer exchange connections with localhost IPs

Author: gabrielmer

tests/all_tests_waku.nim

@@ -5,7 +5,8 @@ import
   ./waku_core/test_namespaced_topics,
   ./waku_core/test_time,
   ./waku_core/test_message_digest,
-  ./waku_core/test_peers
+  ./waku_core/test_peers,
+  ./waku_core/test_published_address
 
 
 # Waku archive test suite

tests/waku_core/test_published_address.nim

@@ -0,0 +1,27 @@
+{.used.}
+
+import
+  stew/shims/net as stewNet,
+  std/[strutils],
+  testutils/unittests
+import
+  ../testlib/wakucore,
+  ../testlib/wakunode
+
+suite "Waku Core - Published Address":
+  
+  test "Test IP 0.0.0.0":  
+    let 
+      node = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init(
+        "0.0.0.0"),Port(0))
+ 
+    check:
+      ($node.announcedAddresses).contains("127.0.0.1")
+
+  test "Test custom IP":  
+    let 
+      node = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init(
+        "8.8.8.8"),Port(0))
+ 
+    check:
+      ($node.announcedAddresses).contains("8.8.8.8")

tests/wakunode_jsonrpc/test_jsonrpc_admin.nim

@@ -31,10 +31,10 @@ procSuite "Waku v2 JSON-RPC API - Admin":
   asyncTest "connect to ad-hoc peers":
     # Create a couple of nodes
     let
-      node1 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(60600))
-      node2 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(60602))
+      node1 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("127.0.0.1"), Port(60600))
+      node2 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("127.0.0.1"), Port(60602))
       peerInfo2 = node2.switch.peerInfo
-      node3 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(60604))
+      node3 = newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("127.0.0.1"), Port(60604))
       peerInfo3 = node3.switch.peerInfo
 
     await allFutures([node1.start(), node2.start(), node3.start()])
@@ -90,7 +90,7 @@ procSuite "Waku v2 JSON-RPC API - Admin":
 
   asyncTest "get managed peer information":
     # Create 3 nodes and start them with relay
-    let nodes = toSeq(0..<3).mapIt(newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(60220+it*2)))
+    let nodes = toSeq(0..<3).mapIt(newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("127.0.0.1"), Port(60220+it*2)))
     await allFutures(nodes.mapIt(it.start()))
     await allFutures(nodes.mapIt(it.mountRelay()))
 

waku/node/config.nim

@@ -4,7 +4,7 @@ else:
   {.push raises: [].}
 
 import
-  std/[options, sequtils],
+  std/[options, sequtils, strutils],
   stew/results,
   stew/shims/net,
   libp2p/multiaddress
@@ -53,6 +53,11 @@ template wsFlag(wssEnabled: bool): MultiAddress =
   else: MultiAddress.init("/ws").tryGet()
 
 
+proc formatListenAddress(inputMultiAdd: MultiAddress): MultiAddress =
+    let inputStr = $inputMultiAdd
+    # If MultiAddress contains "0.0.0.0", replace it for "127.0.0.1"
+    return MultiAddress.init(inputStr.replace("0.0.0.0", "127.0.0.1")).get()
+
 proc init*(T: type NetConfig,
     bindIp: ValidIpAddress,
     bindPort: Port,
@@ -111,7 +116,7 @@ proc init*(T: type NetConfig,
   if hostExtAddress.isSome():
     announcedAddresses.add(hostExtAddress.get())
   else:
-    announcedAddresses.add(hostAddress) # We always have at least a bind address for the host
+    announcedAddresses.add(formatListenAddress(hostAddress)) # We always have at least a bind address for the host
 
   # External multiaddrs that the operator may have configured
   if extMultiAddrs.len > 0:

waku/node/peer_manager/peer_manager.nim

@@ -121,6 +121,7 @@ proc addPeer*(pm: PeerManager, remotePeerInfo: RemotePeerInfo, origin = UnknownO
   discard remotePeerInfo.peerId.extractPublicKey(publicKey)
 
   if pm.peerStore[AddressBook][remotePeerInfo.peerId] == remotePeerInfo.addrs and
+     not ($remotePeerInfo.addrs).contains("127.0.0.1") and
      pm.peerStore[KeyBook][remotePeerInfo.peerId] == publicKey:
     # Peer already managed
     return