From 58b427424f792cf739d29187020471e8d0d2123e Mon Sep 17 00:00:00 2001
From: stasatdaglabs <39559713+stasatdaglabs@users.noreply.github.com>
Date: Tue, 2 Apr 2019 12:26:50 +0300
Subject: [PATCH] [NOD-82] Create docker-composes and aws.yamls for DNS
 Seeders, Miner Nodes, and Non-Miner Nodes (#238)

* [NOD-82] Added RPC files to the BTCD Docker container.

* [NOD-82] Generated new cert and key files that include *.daglabs.com.

* [NOD-82] Added a dagConfig parameter for accepting unroutable IPs.
---
 addrmgr/network.go   |  5 +++++
 dagconfig/params.go  | 24 ++++++++++++++++++++++++
 dnsseeder/manager.go |  4 ++++
 docker/Dockerfile    |  2 ++
 docker/rpc.cert      | 30 +++++++++++++++---------------
 docker/rpc.key       | 10 +++++-----
 6 files changed, 55 insertions(+), 20 deletions(-)

diff --git a/addrmgr/network.go b/addrmgr/network.go
index 9cb6b455b..220e3c3ac 100644
--- a/addrmgr/network.go
+++ b/addrmgr/network.go
@@ -6,6 +6,7 @@ package addrmgr
 
 import (
 	"fmt"
+	"github.com/daglabs/btcd/config"
 	"net"
 
 	"github.com/daglabs/btcd/wire"
@@ -223,6 +224,10 @@ func IsValid(na *wire.NetAddress) bool {
 // the public internet.  This is true as long as the address is valid and is not
 // in any reserved ranges.
 func IsRoutable(na *wire.NetAddress) bool {
+	if config.ActiveNetParams().AcceptUnroutable {
+		return true
+	}
+
 	return IsValid(na) && !(IsRFC1918(na) || IsRFC2544(na) ||
 		IsRFC3927(na) || IsRFC4862(na) || IsRFC3849(na) ||
 		IsRFC4843(na) || IsRFC5737(na) || IsRFC6598(na) ||
diff --git a/dagconfig/params.go b/dagconfig/params.go
index f856c7435..3f7af03ce 100644
--- a/dagconfig/params.go
+++ b/dagconfig/params.go
@@ -199,6 +199,10 @@ type Params struct {
 	// Mempool parameters
 	RelayNonStdTxs bool
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable bool
+
 	// Human-readable prefix for Bech32 encoded addresses
 	Prefix util.Bech32Prefix
 
@@ -263,6 +267,10 @@ var MainNetParams = Params{
 	// Mempool parameters
 	RelayNonStdTxs: false,
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable: false,
+
 	// Human-readable part for Bech32 encoded addresses
 	Prefix: util.Bech32PrefixDAGCoin,
 
@@ -322,6 +330,10 @@ var RegressionNetParams = Params{
 	// Mempool parameters
 	RelayNonStdTxs: true,
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable: false,
+
 	// Human-readable part for Bech32 encoded addresses
 	Prefix: util.Bech32PrefixDAGReg,
 
@@ -386,6 +398,10 @@ var TestNet3Params = Params{
 	// Mempool parameters
 	RelayNonStdTxs: true,
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable: false,
+
 	// Human-readable part for Bech32 encoded addresses
 	Prefix: util.Bech32PrefixDAGTest,
 
@@ -449,6 +465,10 @@ var SimNetParams = Params{
 	// Mempool parameters
 	RelayNonStdTxs: true,
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable: false,
+
 	PrivateKeyID: 0x64, // starts with 4 (uncompressed) or F (compressed)
 	// Human-readable part for Bech32 encoded addresses
 	Prefix: util.Bech32PrefixDAGSim,
@@ -506,6 +526,10 @@ var DevNetParams = Params{
 	// Mempool parameters
 	RelayNonStdTxs: true,
 
+	// AcceptUnroutable specifies whether this network accepts unroutable
+	// IP addresses, such as 10.0.0.0/8
+	AcceptUnroutable: true,
+
 	// Human-readable part for Bech32 encoded addresses
 	Prefix: util.Bech32PrefixDAGTest,
 
diff --git a/dnsseeder/manager.go b/dnsseeder/manager.go
index c77651eba..a58ed5e70 100644
--- a/dnsseeder/manager.go
+++ b/dnsseeder/manager.go
@@ -99,6 +99,10 @@ func ipNet(ip string, ones, bits int) net.IPNet {
 }
 
 func isRoutable(addr net.IP) bool {
+	if activeNetParams.AcceptUnroutable {
+		return true
+	}
+
 	for _, n := range rfc1918Nets {
 		if n.Contains(addr) {
 			return false
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 919cb973d..b50ec7786 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -38,6 +38,8 @@ WORKDIR /app
 RUN apk add --no-cache ca-certificates tini
 
 COPY --from=build /go/src/github.com/daglabs/btcd/btcd /app/
+COPY --from=build /go/src/github.com/daglabs/btcd/docker/rpc.cert /app/
+COPY --from=build /go/src/github.com/daglabs/btcd/docker/rpc.key /app/
 
 USER nobody
 ENTRYPOINT [ "/sbin/tini", "--" ]
diff --git a/docker/rpc.cert b/docker/rpc.cert
index 810786628..28bcea418 100644
--- a/docker/rpc.cert
+++ b/docker/rpc.cert
@@ -1,17 +1,17 @@
 -----BEGIN CERTIFICATE-----
-MIICxjCCAiegAwIBAgIRAPJqXxfYxt2SS4zBDePySIcwCgYIKoZIzj0EAwQwNDEg
-MB4GA1UEChMXYnRjZCBhdXRvZ2VuZXJhdGVkIGNlcnQxEDAOBgNVBAMTB1N0YXMt
-UEMwHhcNMTgxMDAzMDkyNjI4WhcNMjgxMDAxMDkyNjI4WjA0MSAwHgYDVQQKExdi
-dGNkIGF1dG9nZW5lcmF0ZWQgY2VydDEQMA4GA1UEAxMHU3Rhcy1QQzCBmzAQBgcq
-hkjOPQIBBgUrgQQAIwOBhgAEAdQ6qvceZamb3kxvznD5WS22j+qZjZbFnakE7hmc
-8C9l+7mx110qnGpflvk8kX2YIMeV68S8ZMPQr81zNNiQAc45AfZhKQvGGxeYiUAu
-gSEsXyUbKYOZZTRVu3FA5i6fmC8yB0M/2HpVC3AgGViPR/1i/PzxL9olnvYpL2bw
-mS61JUD9o4HWMIHTMA4GA1UdDwEB/wQEAwICpDAPBgNVHRMBAf8EBTADAQH/MIGv
-BgNVHREEgacwgaSCB1N0YXMtUEOCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAA
-AAAAAAAAAYcQ/oAAAAAAAADopxgiQ7Ww/YcEwKgQA4cQ/oAAAAAAAABE0sNmcRO4
-G4cEwKg4AYcQ/oAAAAAAAACxJJdG4/zVLIcEqf7VLIcQ/oAAAAAAAACE0Z2jFy6T
-TYcEqf6TTYcQ/oAAAAAAAAAc1wgMEFA684cEwKgSFDAKBggqhkjOPQQDBAOBjAAw
-gYgCQgDsBor/CJyCyljrvXTDhWoctL28dsTjb512+KXGjH1Gpr6g+1P1OGKJrVWu
-d7M3GzOWT58y4qS63wwVwtL5lSAHhQJCAQZ0HVaGpmrY+S9yMxU1qrFlDyLt1GGA
-Z+KWzqPj4NBftX6p5lrcw3reS+aOnAsQNKvIVHCrQl/mhzpPvkLLNqjq
+MIICnzCCAgCgAwIBAgIRAMtb0YzwW1FdMNf8T0UNqR8wCgYIKoZIzj0EAwQwLTER
+MA8GA1UEChMIZ2VuY2VydHMxGDAWBgNVBAMTD3VzZXItVmlydHVhbEJveDAeFw0x
+OTAzMzAwODQ1MjhaFw0yOTAzMjgwODQ1MjhaMC0xETAPBgNVBAoTCGdlbmNlcnRz
+MRgwFgYDVQQDEw91c2VyLVZpcnR1YWxCb3gwgZswEAYHKoZIzj0CAQYFK4EEACMD
+gYYABAFQTRhFGAfgyfYoxCfTCoaWKYhABQ3h+JScx+oTvGfC8kVc2s7JLckOJN9u
+tQTHMwrhx2ElTGpuC3vHFsuUlAtBDgF//YJUAF5fv3IQTVkSUECUp4uLYMbmvcLQ
+gBE1a/jduTT8Dfhjd5SV+sV0TOxqjf+Qkb66oti1ruFvRTiWy+hu26OBvTCBujAO
+BgNVHQ8BAf8EBAMCAqQwDwYDVR0TAQH/BAUwAwEB/zCBlgYDVR0RBIGOMIGLgg91
+c2VyLVZpcnR1YWxCb3iCCWxvY2FsaG9zdIINKi5kYWdsYWJzLmNvbYcEfwAAAYcQ
+AAAAAAAAAAAAAAAAAAAAAYcECgACD4cErBEAAYcErBvoNYcQ/oAAAAAAAABT1E8K
+u3k8v4cQ/oAAAAAAAAAAQtb//ntyVocQ/oAAAAAAAABC3PMbkAyPcjAKBggqhkjO
+PQQDBAOBjAAwgYgCQgD4aX3+8HCaPkUMLBRFrZ2BLP8CUeoBwSaD77Yw9vOtSEfL
+Q/RMJKCG7SqDD6KnoJh6suwQwNJ6TelFWz8y2woBBwJCAJXET2Xeh5Ez7mV+geCv
+7yyO7IjaNXMidyIDb+MxonvePSw4twH7uQSMcAJM97LB52tLWMhxidQ1g9ShhNM8
+up7L
 -----END CERTIFICATE-----
diff --git a/docker/rpc.key b/docker/rpc.key
index 287089c9a..659d119e3 100644
--- a/docker/rpc.key
+++ b/docker/rpc.key
@@ -1,7 +1,7 @@
 -----BEGIN EC PRIVATE KEY-----
-MIHcAgEBBEIA8VXso04KwmMXkgRkJrVMP2uOuB8zhcxzzFsPYUpYDKHDItEL1XBK
-Ffa0UXtBxOdOPK7lFtXjoao6iwNvPOxSJSCgBwYFK4EEACOhgYkDgYYABAHUOqr3
-HmWpm95Mb85w+Vktto/qmY2WxZ2pBO4ZnPAvZfu5sdddKpxqX5b5PJF9mCDHlevE
-vGTD0K/NczTYkAHOOQH2YSkLxhsXmIlALoEhLF8lGymDmWU0VbtxQOYun5gvMgdD
-P9h6VQtwIBlYj0f9Yvz88S/aJZ72KS9m8JkutSVA/Q==
+MIHcAgEBBEIBaKKSYIpYlc1ERcfWQ7ljkHBLEyQM51JIdhQ1cYJjiMrW9W0FB3zY
+1lF6RMIOmE/vXV8B941q7Vyg8TylAMcKPCygBwYFK4EEACOhgYkDgYYABAFQTRhF
+GAfgyfYoxCfTCoaWKYhABQ3h+JScx+oTvGfC8kVc2s7JLckOJN9utQTHMwrhx2El
+TGpuC3vHFsuUlAtBDgF//YJUAF5fv3IQTVkSUECUp4uLYMbmvcLQgBE1a/jduTT8
+Dfhjd5SV+sV0TOxqjf+Qkb66oti1ruFvRTiWy+hu2w==
 -----END EC PRIVATE KEY-----