Fixes#8492
This introduces "nopfs" as a preloaded plugin into Kubo
with support for denylists from https://github.com/ipfs/specs/pull/383
It automatically makes Kubo watch *.deny files found in:
- /etc/ipfs/denylists
- $XDG_CONFIG_HOME/ipfs/denylists
- $IPFS_PATH/denylists
* test: Gateway.NoFetch and GatewayOverLibp2p
adds missing tests for "no fetch" gateways one can expose,
in both cases the offline mode is done by passing custom
blockservice/exchange into path resolver, which means
global path resolver that has nopfs intercept is not used,
and the content blocking does not happen on these gateways.
* fix: use offline path resolvers where appropriate
this fixes the problem described in
https://github.com/ipfs/kubo/pull/10161#issuecomment-1782175955
by adding explicit offline path resolvers that are backed
by offline exchange, and using them in NoFetch gateways
instead of the default online ones
---------
Co-authored-by: Henrique Dias <hacdias@gmail.com>
Co-authored-by: Marcin Rataj <lidel@lidel.org>
I only updated otel to 1.17.0 since we need to handle breaking changes with newer releases (it doesn't build).
I also didn't update go-multistream since it's touched by libp2p and break stuff.
- Bumps golangci-lint to work for the new Go version
- Removes rand.Seed, which has been deprecated. It is seeded by default
with a random value since Go 1.20.
- Replaces deprecated Fuse errors with syscall.Errno
This is a Q&D fix to get kubo building again, this is completely equivalent to what we used to have.
I'll submit a patch that DI the verifcid.Allowlist interface with fx later but this is needed to unblock something else.
Mplex does not implement backpressure, our implementation will randomly reset streams if buffers overflow instead of risking deadlocks.
In the past we had a bug where kubo nodes would prefer mplex over yamux. Turning off mplex make our connections to thoses nodes negociate yamux.
Closes#9958
* fix: mark ipns pubsub router DoNotWaitForSearchValue
That means if the DHT has finished searching and no one responded over pubsub *yet*, we will not spend 1 minute searching for no reason.
This also include other error handling bug fixes inside `go-libp2p-routing-helpers`.
Fixes: #9927
* routing: bring back the old IPNS behaviour
Stop making this configurable let everything race like it used to do.
Streams used to be blocked on ping IO because we didn't handled the DHT ping check asynchronously.
Include fixes from libp2p/go-libp2p-kad-dht#851
Fixes#9957
