Skip to content

Commit

Permalink
Enforce whitelist if discovery disabled (#975)
Browse files Browse the repository at this point in the history 
* enforce whitelist filtering if peer auto-discovery is being disabled
  • Loading branch information
@namtruong @melowe
namtruong authored and melowe committed Jan 17, 2020
1 parent 2ac9d90 commit a5d9c51
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 0 deletions.
10 changes: 10 additions & 0 deletions tessera-admin/src/main/java/com/quorum/tessera/admin/ConfigServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
import com.quorum.tessera.config.util.ConfigFileStore;
import com.quorum.tessera.enclave.Enclave;
import com.quorum.tessera.encryption.PublicKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.net.URI;
import java.util.List;
Expand All @@ -14,6 +16,8 @@

public class ConfigServiceImpl implements ConfigService {

private static final Logger LOGGER = LoggerFactory.getLogger(ConfigServiceImpl.class);

private final Config config;

private final Enclave enclave;
Expand All @@ -39,6 +43,12 @@ public List<Peer> getPeers() {

@Override
public boolean isUseWhiteList() {
if (isDisablePeerDiscovery()) {
LOGGER.warn(
"As peer discovery is being disabled, the use of peer whitelist restriction will be switched on."
+ "This is to prevent unauthorized attempt to push transactions from unknown peers.");
return true;
}
return config.isUseWhiteList();
}

Expand Down
17 changes: 17 additions & 0 deletions tessera-admin/src/test/java/com/quorum/tessera/admin/ConfigServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,16 +42,33 @@ public void onTearDown() {

@Test
public void isUseWhileList() {
when(config.isDisablePeerDiscovery()).thenReturn(false);
when(config.isUseWhiteList()).thenReturn(false);

assertThat(configService.isUseWhiteList()).isFalse();

when(config.isUseWhiteList()).thenReturn(true);
assertThat(configService.isUseWhiteList()).isTrue();

verify(config, times(2)).isDisablePeerDiscovery();
verify(config, times(2)).isUseWhiteList();
}

@Test
public void useWhiteListIsEnforcedWhenAutoDiscoveryIsOff() {

when(config.isDisablePeerDiscovery()).thenReturn(true);
when(config.isUseWhiteList()).thenReturn(true);

assertThat(configService.isUseWhiteList()).isTrue();

when(config.isUseWhiteList()).thenReturn(false);

assertThat(configService.isUseWhiteList()).isTrue();

verify(config, times(2)).isDisablePeerDiscovery();
}

@Test
public void addPeer() {
configService.addPeer("JUNIT");
Expand Down

0 comments on commit a5d9c51

Please sign in to comment.