feat: support multiple allowIPs for a remote connection from one of KMS servers

[jaeseung-bae]

Description

• ASIS: support only one ip address for a connection from a remote KMS server
• TOBE: support multiple ip addresses as allowList for a connection from one of remote KMS servers

[codecov[bot]]

Codecov Report

Merging #707 (486c71a) into main (449aa31) will increase coverage by 0.04%. Report is 6 commits behind head on main. The diff coverage is 78.57%.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #707 +/- ## ========================================== + Coverage 66.54% 66.58% +0.04% ========================================== Files 285 285 Lines 37915 37919 +4 ========================================== + Hits 25229 25249 +20 + Misses 10878 10867 -11 + Partials 1808 1803 -5 ``` | [Files Changed](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia) | Coverage Δ | | |---|---|---| | [config/config.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-Y29uZmlnL2NvbmZpZy5nbw==) | `79.36% <ø> (ø)` | | | [config/toml.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-Y29uZmlnL3RvbWwuZ28=) | `74.19% <ø> (ø)` | | | [privval/utils.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-cHJpdnZhbC91dGlscy5nbw==) | `33.33% <0.00%> (ø)` | | | [privval/internal/ip\_filter.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-cHJpdnZhbC9pbnRlcm5hbC9pcF9maWx0ZXIuZ28=) | `70.37% <88.88%> (-7.90%)` | :arrow_down: | | [node/node.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-bm9kZS9ub2RlLmdv) | `61.49% <100.00%> (ø)` | | | [privval/signer\_listener\_endpoint.go](https://app.codecov.io/gh/Finschia/ostracon/pull/707?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia#diff-cHJpdnZhbC9zaWduZXJfbGlzdGVuZXJfZW5kcG9pbnQuZ28=) | `88.81% <100.00%> (ø)` | | ... and [10 files with indirect coverage changes](https://app.codecov.io/gh/Finschia/ostracon/pull/707/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Finschia)

[jaeseung-bae]

Is there a valid address checking?

There is no validation logic for valid address.

Is it possible using url not ip? if then, are there any security issues?

For now, it's not possible because when accepting a connection what I can receive is (net.Conn, error) which has only net.Addr for local and remote. There's no way to find out url.

[zemyblue]

Is there a valid address checking?

There is no validation logic for valid address.

Is it possible using url not ip? if then, are there any security issues?

For now, it's not possible because when accepting a connection what I can receive is (net.Conn, error) which has only net.Addr for local and remote. There's no way to find out url.

Then, what happen if I write 127.0.1?

[jaeseung-bae]

Then, what happen if I write 127.0.1?

None of the connections will be accepted because no address match to 127.0.1