diff --git a/daemon/lokinet.cpp b/daemon/lokinet.cpp index c731abc853..7397ae7b5a 100644 --- a/daemon/lokinet.cpp +++ b/daemon/lokinet.cpp @@ -1,11 +1,9 @@ #include #include // for ensure_config -// #include #include #include #include #include -// #include #include #include @@ -14,14 +12,9 @@ #include #include -// #include -// #include #include -// #include #include -// #include #include -// #include #ifdef _WIN32 #include diff --git a/llarp/CMakeLists.txt b/llarp/CMakeLists.txt index f2a56e2734..6be549e3b3 100644 --- a/llarp/CMakeLists.txt +++ b/llarp/CMakeLists.txt @@ -19,8 +19,6 @@ lokinet_add_library(lokinet-cryptography # Functional objects use by lokinet-core and other libraries # needed by vpn/ router/ rpc/ handlers/ net/ link/ lokinet_add_library(lokinet-core-utils -# endpoint_base.cpp - auth/file_auth.cpp auth/rpc_auth.cpp auth/session_auth.cpp @@ -28,12 +26,6 @@ lokinet_add_library(lokinet-core-utils handlers/session.cpp handlers/tun.cpp - service/identity.cpp - service/info.cpp - service/intro.cpp # path - service/intro_set.cpp - service/name.cpp - vpn/egres_packet_router.cpp ) @@ -46,8 +38,6 @@ lokinet_add_library(lokinet-core router/router.cpp router/route_poker.cpp - - service/types.cpp session/session.cpp ) @@ -86,20 +76,25 @@ lokinet_add_library(lokinet-contact contact/contactdb.cpp + contact/keys.cpp + contact/relay_contact.cpp contact/relay_contact_local.cpp contact/relay_contact_remote.cpp contact/router_id.cpp + + contact/sns.cpp + + contact/tag.cpp ) # Addressing and event loop files used by lokinet-core and other libraries -# needed by rpc/ link/ service/ config/ path/ dht/ +# needed by rpc/ link/ config/ path/ dht/ lokinet_add_library(lokinet-addressing address/address.cpp address/ip_packet.cpp address/ip_range.cpp - address/keys.cpp address/utils.cpp ev/loop.cpp @@ -107,17 +102,15 @@ lokinet_add_library(lokinet-addressing ev/types.cpp ev/udp.cpp - net/ip.cpp - net/net_int.cpp +# net/ip.cpp +# net/net_int.cpp router_version.cpp # to be deleted shortly - - service/tag.cpp ) # lokinet-platform holds all platform specific code lokinet_add_library(lokinet-platform - net/interface_info.cpp +# net/interface_info.cpp vpn/packet_router.cpp vpn/platform.cpp ) diff --git a/llarp/address/address.hpp b/llarp/address/address.hpp index 465ad8b05c..ea11ab1fd6 100644 --- a/llarp/address/address.hpp +++ b/llarp/address/address.hpp @@ -1,10 +1,10 @@ #pragma once -#include "keys.hpp" #include "utils.hpp" +#include #include -#include +#include #include #include diff --git a/llarp/apple/context_wrapper.cpp b/llarp/apple/context_wrapper.cpp index 5c5f846640..a6ffd41c90 100644 --- a/llarp/apple/context_wrapper.cpp +++ b/llarp/apple/context_wrapper.cpp @@ -10,8 +10,6 @@ #include #include -// #include - #include #include #include diff --git a/llarp/auth/auth.hpp b/llarp/auth/auth.hpp index 86984d2965..0426fbd712 100644 --- a/llarp/auth/auth.hpp +++ b/llarp/auth/auth.hpp @@ -4,8 +4,8 @@ #include #include +#include #include -#include #include #include #include diff --git a/llarp/config/config.cpp b/llarp/config/config.cpp index e77a0d1bd2..631f36b471 100644 --- a/llarp/config/config.cpp +++ b/llarp/config/config.cpp @@ -5,8 +5,7 @@ #include #include -#include -#include +#include #include #include @@ -266,7 +265,7 @@ namespace llarp const auto addr = arg.substr(0, pos); auto auth = arg.substr(pos + 1); - if (service::is_valid_ons(addr)) + if (is_valid_ons(addr)) { ons_auth_tokens.emplace(std::move(addr), std::move(auth)); } @@ -333,7 +332,7 @@ namespace llarp if (pos != std::string::npos) arg = arg.substr(0, pos); - if (service::is_valid_ons(arg)) + if (is_valid_ons(arg)) ons_ranges.emplace(std::move(arg), std::move(*range)); else if (auto maybe_raddr = NetworkAddress::from_network_addr(arg); maybe_raddr) ranges.emplace(std::move(*maybe_raddr), std::move(*range)); @@ -662,7 +661,7 @@ namespace llarp if (pos != std::string::npos) arg = arg.substr(0, pos); - if (service::is_valid_ons(arg)) + if (is_valid_ons(arg)) _ons_ranges.emplace(std::move(arg), std::move(*range)); else if (auto maybe_raddr = NetworkAddress::from_network_addr(arg); maybe_raddr) _exit_ranges.emplace(std::move(*maybe_raddr), std::move(*range)); @@ -702,7 +701,7 @@ namespace llarp const auto addr = arg.substr(0, pos); auto auth = arg.substr(pos + 1); - if (service::is_valid_ons(addr)) + if (is_valid_ons(addr)) { ons_exit_auths.emplace(std::move(addr), std::move(auth)); } @@ -826,7 +825,7 @@ namespace llarp auto addr_arg = arg.substr(0, pos); auto ip_arg = arg.substr(pos + 1); - if (service::is_valid_ons(addr_arg)) + if (is_valid_ons(addr_arg)) throw std::invalid_argument{"`mapaddr` cannot take an ONS entry: {}"_format(arg)}; if (auto maybe_raddr = NetworkAddress::from_network_addr(std::move(addr_arg)); maybe_raddr) @@ -998,7 +997,7 @@ namespace llarp continue; } - if (service::is_valid_ons(*arg)) + if (is_valid_ons(*arg)) { log::warning(logcat, "{}: {}", addrmap_errorstr, "cannot accept ONS names!"); continue; diff --git a/llarp/config/config.hpp b/llarp/config/config.hpp index a55f491eb4..6e9903bea2 100644 --- a/llarp/config/config.hpp +++ b/llarp/config/config.hpp @@ -12,7 +12,6 @@ #include #include #include -#include #include #include #include diff --git a/llarp/contact/client_contact.cpp b/llarp/contact/client_contact.cpp index d7ca939258..991bf3893f 100644 --- a/llarp/contact/client_contact.cpp +++ b/llarp/contact/client_contact.cpp @@ -89,19 +89,6 @@ namespace llarp return btdp.view().size(); } - // void ClientContact::bt_decode(std::string_view buf) - // { - // try - // { - // bt_decode(oxenc::bt_dict_consumer{buf}); - // } - // catch (const std::exception& e) - // { - // log::critical(logcat, "ClientContact deserialization failed: {}", e.what()); - // throw; - // } - // } - void ClientContact::bt_decode(oxenc::bt_dict_consumer&& btdc) { pubkey.from_string(btdc.require("a")); diff --git a/llarp/contact/client_contact.hpp b/llarp/contact/client_contact.hpp index 913264470c..17d7143932 100644 --- a/llarp/contact/client_contact.hpp +++ b/llarp/contact/client_contact.hpp @@ -10,7 +10,6 @@ #include #include #include -#include #include #include #include diff --git a/llarp/contact/contactdb.cpp b/llarp/contact/contactdb.cpp index 4ea1e79927..e1d09a436f 100644 --- a/llarp/contact/contactdb.cpp +++ b/llarp/contact/contactdb.cpp @@ -7,7 +7,7 @@ namespace llarp ContactDB::ContactDB(Router& r) : _router{r}, _local_key{dht::Key_t::derive_from_rid(r.local_rid())} { timer_keepalive = std::make_shared(0); - _introset_nodes = std::make_unique>(_local_key, llarp::randint); + _cc_nodes = std::make_unique>(_local_key, llarp::randint); } std::optional ContactDB::get_decrypted_cc(RouterID remote) const @@ -33,40 +33,12 @@ namespace llarp return enc; } - std::optional ContactDB::get_decrypted_introset(RouterID remote) const - { - std::optional ret = std::nullopt; - - if (auto encrypted = get_encrypted_introset(dht::Key_t::derive_from_rid(remote)); - auto intro = encrypted->decrypt(remote)) - ret = *intro; - - return ret; - } - - std::optional ContactDB::get_encrypted_introset(const dht::Key_t& key) const - { - std::optional enc = std::nullopt; - - auto& introsets = _introset_nodes->nodes; - - if (auto itr = introsets.find(key); itr != introsets.end() && not itr->second.introset.is_expired()) - enc = itr->second.introset; - - return enc; - } - nlohmann::json ContactDB::ExtractStatus() const { - nlohmann::json obj{{"services", _introset_nodes->ExtractStatus()}, {"local_key", _local_key.ToHex()}}; + nlohmann::json obj{{"known_client_intros", _cc_nodes->ExtractStatus()}, {"local_key", _local_key.ToHex()}}; return obj; } - void ContactDB::put_intro(service::EncryptedIntroSet enc) - { - _introset_nodes->put_node(std::move(enc)); - } - void ContactDB::put_cc(EncryptedClientContact enc) { _cc_nodes->put_node(enc); diff --git a/llarp/contact/contactdb.hpp b/llarp/contact/contactdb.hpp index c1bdaed57d..16cbd8c78a 100644 --- a/llarp/contact/contactdb.hpp +++ b/llarp/contact/contactdb.hpp @@ -20,9 +20,6 @@ namespace llarp Router& _router; const dht::Key_t _local_key; - // holds introsets for remote services - std::unique_ptr> _introset_nodes; - std::unique_ptr> _cc_nodes; public: @@ -32,18 +29,10 @@ namespace llarp std::optional get_encrypted_cc(const dht::Key_t& key) const; - std::optional get_decrypted_introset(RouterID remote) const; - - std::optional get_encrypted_introset(const dht::Key_t& key) const; - nlohmann::json ExtractStatus() const; - void put_intro(service::EncryptedIntroSet enc); - void put_cc(EncryptedClientContact enc); - dht::Bucket* services() const { return _introset_nodes.get(); } - Router* router() const { return &_router; } }; diff --git a/llarp/address/keys.cpp b/llarp/contact/keys.cpp similarity index 100% rename from llarp/address/keys.cpp rename to llarp/contact/keys.cpp diff --git a/llarp/address/keys.hpp b/llarp/contact/keys.hpp similarity index 100% rename from llarp/address/keys.hpp rename to llarp/contact/keys.hpp diff --git a/llarp/contact/router_id.hpp b/llarp/contact/router_id.hpp index a0318c92ce..862511408d 100644 --- a/llarp/contact/router_id.hpp +++ b/llarp/contact/router_id.hpp @@ -1,6 +1,6 @@ #pragma once -#include +#include #include #include diff --git a/llarp/service/name.cpp b/llarp/contact/sns.cpp similarity index 69% rename from llarp/service/name.cpp rename to llarp/contact/sns.cpp index 2a23c5916e..b84f0eeaa8 100644 --- a/llarp/service/name.cpp +++ b/llarp/contact/sns.cpp @@ -1,21 +1,21 @@ -#include "name.hpp" +#include "sns.hpp" #include #include -namespace llarp::service +namespace llarp { static auto logcat = llarp::log::Cat("ONSRecord"); - std::optional EncryptedONSRecord::construct(std::string bt) + std::optional EncryptedSNSRecord::construct(std::string bt) { - if (EncryptedONSRecord ret; ret.bt_decode(std::move(bt))) + if (EncryptedSNSRecord ret; ret.bt_decode(std::move(bt))) return ret; return std::nullopt; } - EncryptedONSRecord::EncryptedONSRecord(std::string bt) + EncryptedSNSRecord::EncryptedSNSRecord(std::string bt) { try { @@ -25,11 +25,11 @@ namespace llarp::service } catch (const std::exception& e) { - log::warning(logcat, "EncryptedONSRecord exception: {}", e.what()); + log::warning(logcat, "EncryptedSNSRecord exception: {}", e.what()); } } - bool EncryptedONSRecord::bt_decode(oxenc::bt_dict_consumer& btdc) + bool EncryptedSNSRecord::bt_decode(oxenc::bt_dict_consumer& btdc) { try { @@ -40,12 +40,12 @@ namespace llarp::service } catch (...) { - log::warning(logcat, "EncryptedONSRecord exception"); + log::warning(logcat, "EncryptedSNSRecord exception"); throw; } } - bool EncryptedONSRecord::bt_decode(std::string bt) + bool EncryptedSNSRecord::bt_decode(std::string bt) { try { @@ -54,12 +54,12 @@ namespace llarp::service } catch (...) { - log::warning(logcat, "EncryptedONSRecord exception"); + log::warning(logcat, "EncryptedSNSRecord exception"); return false; } } - std::string EncryptedONSRecord::bt_encode() const + std::string EncryptedSNSRecord::bt_encode() const { oxenc::bt_dict_producer btdp; @@ -69,7 +69,7 @@ namespace llarp::service return std::move(btdp).str(); } - std::optional EncryptedONSRecord::decrypt(std::string_view ons_name) const + std::optional EncryptedSNSRecord::decrypt(std::string_view ons_name) const { std::optional ret = std::nullopt; @@ -84,4 +84,4 @@ namespace llarp::service return ret; } -} // namespace llarp::service +} // namespace llarp diff --git a/llarp/contact/sns.hpp b/llarp/contact/sns.hpp new file mode 100644 index 0000000000..9ef99cb9df --- /dev/null +++ b/llarp/contact/sns.hpp @@ -0,0 +1,93 @@ +#pragma once + +#include +#include + +#include + +namespace llarp +{ + struct NetworkAddress; + + /** Holds an entire ONS Record returned from a succfessful request to the `lookup_name` endpoint. + When transmitted over the wire back to the calling instance, it is bt-encoded and the ONS hash + ('ciphertext') is decrypted using the ons_name. + + bt-encoded keys: + 'c' : ciphertext + 'n' : nonce + */ + struct EncryptedSNSRecord + { + private: + explicit EncryptedSNSRecord(std::string bt); + bool bt_decode(oxenc::bt_dict_consumer& btdc); + + public: + SymmNonce nonce; + std::string ciphertext; + + EncryptedSNSRecord() = default; + + static std::optional construct(std::string bt); + + std::string bt_encode() const; + + bool bt_decode(std::string bt); + + std::optional decrypt(std::string_view ons_name) const; + }; + + /// check if an ons name complies with the registration rules + inline bool is_valid_ons(std::string_view ons_name) + { + // make sure it ends with .loki because no fucking shit right? + if (not ons_name.ends_with(".loki")) + return false; + + // strip off .loki suffix + ons_name.remove_suffix(5); + + // ensure chars are sane + for (const auto ch : ons_name) + { + if (ch == '-') + continue; + if (ch == '.') + continue; + if (ch >= 'a' and ch <= 'z') + continue; + if (ch >= '0' and ch <= '9') + continue; + return false; + } + + // split into domain parts + const auto parts = split(ons_name, "."); + + // get root domain + const auto primaryName = parts[parts.size() - 1]; + constexpr size_t MaxNameLen = 32; + constexpr size_t MaxPunycodeNameLen = 63; + + // check against lns name blacklist + if (primaryName == "localhost") + return false; + if (primaryName == "loki") + return false; + if (primaryName == "snode") + return false; + // check for dashes + if (primaryName.find("-") == std::string_view::npos) + return primaryName.size() <= MaxNameLen; + // check for dashes and end or beginning + if (*primaryName.begin() == '-' or *(primaryName.end() - 1) == '-') + return false; + // check for punycode name length + if (primaryName.size() > MaxPunycodeNameLen) + return false; + // check for xn-- + return (primaryName[2] == '-' and primaryName[3] == '-') ? (primaryName[0] == 'x' and primaryName[1] == 'n') + : true; + } +} // namespace llarp diff --git a/llarp/service/tag.cpp b/llarp/contact/tag.cpp similarity index 53% rename from llarp/service/tag.cpp rename to llarp/contact/tag.cpp index 93185ba514..3e45c88502 100644 --- a/llarp/service/tag.cpp +++ b/llarp/contact/tag.cpp @@ -15,18 +15,4 @@ namespace llarp::service /// ensure we are in the fc00 range llarp::AlignedBuffer<16>::operator[](0) = 0xfc; } - - sockaddr_in6 SessionTag::to_v6() const - { - sockaddr_in6 saddr{}; - saddr.sin6_family = AF_INET6; - std::copy_n(data(), size(), saddr.sin6_addr.s6_addr); - return saddr; - } - - void SessionTag::from_v6(sockaddr_in6 saddr) - { - std::copy_n(saddr.sin6_addr.s6_addr, size(), data()); - } - } // namespace llarp::service diff --git a/llarp/service/tag.hpp b/llarp/contact/tag.hpp similarity index 84% rename from llarp/service/tag.hpp rename to llarp/contact/tag.hpp index 7f2b70cba6..60d65cac03 100644 --- a/llarp/service/tag.hpp +++ b/llarp/contact/tag.hpp @@ -12,10 +12,6 @@ namespace llarp::service static SessionTag make_random(); void Randomize() override; - - // DISCUSS: TONUKE: maybe these...? - sockaddr_in6 to_v6() const; - void from_v6(sockaddr_in6 saddr); }; } // namespace llarp::service diff --git a/llarp/crypto/crypto.cpp b/llarp/crypto/crypto.cpp index 76104c8f47..10bc5a09be 100644 --- a/llarp/crypto/crypto.cpp +++ b/llarp/crypto/crypto.cpp @@ -1,6 +1,6 @@ #include "crypto.hpp" -#include +#include #include #include diff --git a/llarp/crypto/types.cpp b/llarp/crypto/types.cpp index f295e09af6..c53a2d0c20 100644 --- a/llarp/crypto/types.cpp +++ b/llarp/crypto/types.cpp @@ -1,6 +1,6 @@ #include "types.hpp" -#include +#include #include #include #include diff --git a/llarp/dht/node.hpp b/llarp/dht/node.hpp index 265dd9502e..2326d15cff 100644 --- a/llarp/dht/node.hpp +++ b/llarp/dht/node.hpp @@ -4,7 +4,6 @@ #include #include -#include #include @@ -33,20 +32,8 @@ namespace llarp::dht CCNode(EncryptedClientContact other) : client_contact{std::move(other)}, ID{client_contact.blinded_pubkey} {} - bool operator<(const CCNode& other) const { return client_contact.signed_at < other.client_contact.signed_at; } - }; - - struct ISNode - { - service::EncryptedIntroSet introset; - Key_t ID; + nlohmann::json ExtractStatus() const { return nlohmann::json{{"key", client_contact.key()}}; } - ISNode() { ID.zero(); } - - ISNode(service::EncryptedIntroSet other) : introset(std::move(other)), ID{introset.derived_signing_key} {} - - nlohmann::json ExtractStatus() const { return introset.ExtractStatus(); } - - bool operator<(const ISNode& other) const { return introset.signed_at < other.introset.signed_at; } + bool operator<(const CCNode& other) const { return client_contact.signed_at < other.client_contact.signed_at; } }; } // namespace llarp::dht diff --git a/llarp/dns/message.cpp b/llarp/dns/message.cpp index e9b21dd299..f0c4b18453 100644 --- a/llarp/dns/message.cpp +++ b/llarp/dns/message.cpp @@ -4,7 +4,6 @@ #include "srv_data.hpp" #include -#include #include #include @@ -178,31 +177,6 @@ namespace llarp::dns return setbits | flags_QR | flags_AA | flags_RA; } - void Message::add_IN_reply(llarp::huint128_t ip, bool isV6, RR_TTL_t ttl) - { - if (questions.size()) - { - hdr_fields = reply_flags(hdr_fields); - ResourceRecord rec; - rec.rr_name = questions[0].qname; - rec.rr_class = qClassIN; - rec.ttl = ttl; - if (isV6) - { - rec.rr_type = qTypeAAAA; - ip.ToV6(rec.rData); - } - else - { - const auto addr = net::TruncateV6(ip); - rec.rr_type = qTypeA; - rec.rData.resize(4); - oxenc::write_host_as_big(addr.h, rec.rData.data()); - } - answers.emplace_back(std::move(rec)); - } - } - void Message::add_reply(std::string name, RR_TTL_t ttl) { if (questions.size()) diff --git a/llarp/dns/message.hpp b/llarp/dns/message.hpp index 6e02538bdc..e489111edb 100644 --- a/llarp/dns/message.hpp +++ b/llarp/dns/message.hpp @@ -68,8 +68,6 @@ namespace llarp void add_CNAME_reply(std::string name, RR_TTL_t ttl = 1); - void add_IN_reply(llarp::huint128_t addr, bool isV6, RR_TTL_t ttl = 1); - void add_reply(std::string name, RR_TTL_t ttl = 1); void add_srv_reply(std::vector records, RR_TTL_t ttl = 1); diff --git a/llarp/dns/question.hpp b/llarp/dns/question.hpp index dbfa6f13ed..a087d2afb9 100644 --- a/llarp/dns/question.hpp +++ b/llarp/dns/question.hpp @@ -3,8 +3,6 @@ #include "name.hpp" #include "serialize.hpp" -#include - namespace llarp::dns { using QType_t = uint16_t; diff --git a/llarp/dns/rr.hpp b/llarp/dns/rr.hpp index 662500703f..be7e5488b0 100644 --- a/llarp/dns/rr.hpp +++ b/llarp/dns/rr.hpp @@ -3,8 +3,6 @@ #include "name.hpp" #include "serialize.hpp" -#include - #include #include diff --git a/llarp/endpoint_base.hpp b/llarp/endpoint_base.hpp deleted file mode 100644 index ab1839bbbb..0000000000 --- a/llarp/endpoint_base.hpp +++ /dev/null @@ -1,185 +0,0 @@ -#pragma once - -#include -#include -#include -#include -#include -#include -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -namespace llarp -{ - namespace dns - { - class Server; - } - - /** TODO: - - add protected QUICTunnel accessor - */ - - template - class EndpointBase - { - protected: - std::unordered_set _srv_records; - - session_map _sessions; - - public: - bool should_publish_introset{true}; - - virtual ~EndpointBase() = default; - - std::shared_ptr get_session(const service::SessionTag& tag) const - { - return _sessions.get_session(tag); - } - - std::shared_ptr get_session(const net_addr_t& remote) const { return _sessions.get_session(remote); } - - /// add an srv record to this endpoint's descriptor - virtual void put_srv_record(dns::SRVData srv) - { - if (auto result = _srv_records.insert(std::move(srv)); result.second) - { - srv_records_changed(); - } - } - - /// get dns server if we have on on this endpoint - virtual std::shared_ptr DNS() const { return nullptr; }; - - /// called when srv data changes in some way - virtual void srv_records_changed() = 0; - - /// Removes one SRV record that returns true given a filter function. Returns true if one - /// SRV record was removed, false otherwise - bool delete_srv_record_conditional(std::function filter) - { - for (auto itr = _srv_records.begin(); itr != _srv_records.end(); ++itr) - { - if (filter(*itr)) - { - itr = _srv_records.erase(itr); - srv_records_changed(); - return true; - } - } - - return false; - } - - /// Removes up to `n` (or exactly `n` if the optional third parameter is passed true) SRV - /// records that return true given a filter function. Returns true if up to/exactly `n` were - /// removed (depending on the third parameter), false otherwise - bool delete_n_srv_records_conditional( - size_t n, std::function filter, bool exact = false) - - { - // `n` cannot be 0, or we have an insufficient amount of SRV records to return exactly `n` - if (n == 0 or (exact and _srv_records.size() < n)) - return false; - - bool notify{false}; - size_t num_deleted{0}; - std::unordered_set _copy{_srv_records}; - - for (auto itr = _copy.begin(); itr != _copy.end(); ++itr) - { - // `notify` - // - if (notify |= filter(*itr); notify) - { - num_deleted += 1; - itr = _copy.erase(itr); - - // We return early from the for-loop in one of two cases: - // 1) exact = true, num_deleted = n - // - Return true always - // 2) exact = false, num_deleted = n - // - Return true always - if (num_deleted == n) - { - _srv_records.swap(_copy); - srv_records_changed(); - return notify; - } - - continue; - } - } - - /** We only exit the for-loop in one of two cases: - 1) exact = true, num_deleted < n - - In this case, we return false always - 2) exact = false - - In this case, we return true if num_deleted > 0 - - (num_deleted > 0) iff (notify == true), so we can treat them as identical - - exact notify num_deleted < n num_deleted > 0 return - T T T T F - T F T F F - F T T T T - F F T F F - */ - - // Handles the first two rows of the above truth table - if (exact) - return false; - - // Handles the last two rows of the above truth table - if (notify ^= exact; notify) - { - _srv_records.swap(_copy); - srv_records_changed(); - } - - return notify; - } - - /// Removes all SRV records that return true given a filter function, indiscriminate of - /// number - bool delete_all_srv_records_conditional(std::function filter) - { - bool notify{false}; - - for (auto itr = _srv_records.begin(); itr != _srv_records.end(); ++itr) - { - if (notify |= filter(*itr); notify) - { - itr = _srv_records.erase(itr); - continue; - } - } - - if (notify) - srv_records_changed(); - - return notify; - } - - /// get copy of all srv records - std::set srv_records() const { return {_srv_records.begin(), _srv_records.end()}; } - - /// Gets the local address for the given endpoint, service or exit node - virtual oxen::quic::Address local_address() const = 0; - - virtual const std::shared_ptr& loop() = 0; - - // virtual void send_to(service::SessionTag tag, std::string payload) = 0; - }; - -} // namespace llarp diff --git a/llarp/ev/loop.hpp b/llarp/ev/loop.hpp index c9b1212acb..3d297508ac 100644 --- a/llarp/ev/loop.hpp +++ b/llarp/ev/loop.hpp @@ -3,7 +3,6 @@ #include "types.hpp" #include -#include #include #include #include diff --git a/llarp/handlers/session.cpp b/llarp/handlers/session.cpp index 0106cb55f9..d8a153e5cb 100644 --- a/llarp/handlers/session.cpp +++ b/llarp/handlers/session.cpp @@ -210,7 +210,7 @@ namespace llarp::handlers void SessionEndpoint::resolve_ons(std::string ons, std::function)> func) { - if (not service::is_valid_ons(ons)) + if (not is_valid_ons(ons)) { log::debug(logcat, "Invalid ONS name ({}) queried for lookup", ons); return func(std::nullopt); @@ -219,8 +219,7 @@ namespace llarp::handlers log::debug(logcat, "Looking up ONS name {}", ons); auto response_handler = [ons_name = ons, hook = std::move(func)](std::string response) { - if (auto record = service::EncryptedONSRecord::construct(response); - auto client_addr = record->decrypt(ons_name)) + if (auto record = EncryptedSNSRecord::construct(response); auto client_addr = record->decrypt(ons_name)) { return hook(std::move(client_addr)); } @@ -308,59 +307,6 @@ namespace llarp::handlers } } - void SessionEndpoint::lookup_intro( - RouterID remote, bool is_relayed, uint64_t order, std::function)> func) - { - auto remote_key = dht::Key_t::derive_from_rid(remote); - - if (auto maybe_intro = _router.contact_db().get_decrypted_introset(remote)) - { - log::debug(logcat, "Decrypted introset for remote (rid:{}) found locally", remote); - return func(std::move(maybe_intro)); - } - - log::debug(logcat, "Looking up introset for remote (rid:{})", remote); - - auto response_handler = [this, remote, hook = std::move(func)](std::string response) mutable { - if (auto encrypted = service::EncryptedIntroSet::construct(response); - auto intro = encrypted->decrypt(remote)) - { - log::debug(logcat, "Storing introset for remote (rid:{})", remote); - _router.contact_db().put_intro(std::move(*encrypted)); - return hook(std::move(intro)); - } - - std::optional status = std::nullopt; - - try - { - oxenc::bt_dict_consumer btdc{response}; - - if (auto s = btdc.maybe(messages::STATUS_KEY)) - status = s; - } - catch (...) - { - log::warning(logcat, "Exception caught parsing 'find_intro' response!"); - } - - log::warning(logcat, "Call to endpoint 'find_intro' failed -- status:{}", status.value_or("")); - hook(std::nullopt); - }; - - { - Lock_t l{paths_mutex}; - - for (const auto& [rid, path] : _paths) - { - log::info( - logcat, "Querying pivot (rid:{}) for introset lookup target (rid:{})", path->pivot_rid(), remote); - - path->find_intro(remote_key, is_relayed, order, response_handler); - } - } - } - void SessionEndpoint::_localcc_update_fail() { log::warning( @@ -395,65 +341,6 @@ namespace llarp::handlers } } - /** Introset publishing: - - When a local service or exit node publishes an introset, it is also sent along the path currently used - for that session - */ - void SessionEndpoint::regen_and_publish_introset() - { - const auto now = llarp::time_now_ms(); - - service::intro_que_old _path_intros = get_recent_path_intros(); - - if (_path_intros.empty()) - { - log::warning(logcat, "Failed to get enough valid path introductions to publish introset!"); - return build_more(1); - } - - auto& intro_protos = _local_introset.supported_protocols; - intro_protos.clear(); - - if (_router.using_tun_if()) - { - intro_protos.push_back(_is_v4 ? service::ProtocolType::IPV4 : service::ProtocolType::IPV6); - - if (_is_exit_node) - { - intro_protos.push_back(service::ProtocolType::EXIT); - _local_introset.exit_policy = _exit_policy; - _local_introset._routed_ranges = _routed_ranges; - } - } - - intro_protos.push_back(service::ProtocolType::TCP2QUIC); - - auto& intros = _local_introset.intros; - intros.clear(); - - auto n_needed = num_paths_desired; - - while (--n_needed) - { - intros.emplace(_path_intros.top()); - _path_intros.pop(); - } - - // We already check that path_intros is not empty, so we can assert here - assert(not intros.empty()); - - // TESTNET: TODO: change to key_manager method - if (auto maybe_encrypted = _identity.encrypt_and_sign_introset(_local_introset, now)) - { - if (publish_introset(*maybe_encrypted)) - log::debug(logcat, "Successfully republished encrypted introset"); - else - log::warning(logcat, "Failed to republish encrypted introset!"); - } - else - log::warning(logcat, "Failed to encrypt and sign introset!"); - } - bool SessionEndpoint::validate(const NetworkAddress& remote, std::optional maybe_auth) { bool ret{true}; @@ -529,24 +416,6 @@ namespace llarp::handlers return ret; } - bool SessionEndpoint::publish_introset(const service::EncryptedIntroSet& introset) - { - bool ret{true}; - - { - Lock_t l{paths_mutex}; - - for (const auto& [rid, path] : _paths) - { - log::debug(logcat, "Publishing introset to pivot {}", path->pivot_rid()); - - ret += path->publish_intro(introset, true); - } - } - - return ret; - } - std::optional SessionEndpoint::fetch_auth_token(const NetworkAddress& remote) const { std::optional ret = std::nullopt; @@ -607,7 +476,7 @@ namespace llarp::handlers } void SessionEndpoint::_make_session_path( - service::IntroductionSet_old intros, NetworkAddress remote, on_session_init_hook cb, bool is_exit) + intro_set intros, NetworkAddress remote, on_session_init_hook cb, bool is_exit) { // we can recurse through this function as we remove the first pivot of the set of introductions every // invocation @@ -619,14 +488,12 @@ namespace llarp::handlers } auto intro = intros.extract(intros.begin()).value(); - auto pivot = intro.pivot_router; + auto& pivot = intro.pivot_rid; - // DISCUSS: we don't share paths, but if every successful path-build is logged in PathContext, we are - // effectively sharing across all path-building objects...? - if (auto path_ptr = _router.path_context()->get_path(intro.pivot_hop_id)) + if (auto path = _router.path_context()->get_path(intro.pivot_hid)) { - log::info(logcat, "Found path to pivot (hopid: {}); initiating session!", intro.pivot_hop_id); - return _make_session(std::move(remote), std::move(path_ptr), std::move(cb), is_exit); + log::info(logcat, "Found path to pivot (hopid: {}); initiating session!", intro.pivot_hid); + return _make_session(std::move(remote), std::move(path), std::move(cb), is_exit); } log::info(logcat, "Initiating session path-build to remote:{} via pivot:{}", remote, pivot); @@ -694,31 +561,25 @@ namespace llarp::handlers if (is_exit and not remote.is_client()) throw std::runtime_error{"Cannot initiate exit session to remote service node!"}; - auto counter = std::make_shared(path::DEFAULT_PATHS_HELD); - - // TESTNET: TODO: + auto counter = std::make_shared(num_paths_desired); _router.loop()->call([this, remote, handler = std::move(cb), is_exit, counter]() mutable { - lookup_intro( + lookup_client_intro( remote.router_id(), false, 0, - [this, remote, hook = std::move(handler), is_exit, counter]( - std::optional intro) mutable { - // already have a successful return + [this, remote, hook = std::move(handler), is_exit, counter](std::optional cc) { if (*counter == 0) return; - if (intro) + if (cc) { *counter = 0; - log::info(logcat, "Session initiation returned successful 'lookup_intro'..."); - _make_session_path(std::move(intro->intros), remote, std::move(hook), is_exit); + log::info(logcat, "Session initiation returned successful 'lookup_client_intro'..."); + _make_session_path(std::move(cc->intros), remote, std::move(hook), is_exit); } else if (--*counter == 0) - { - log::warning(logcat, "Failed to initiate session at 'lookup_intro' (target:{})", remote); - } + log::warning(logcat, "Failed to initiate session at 'lookup_client_intro' (target:{})", remote); }); }); diff --git a/llarp/handlers/session.hpp b/llarp/handlers/session.hpp index af00d062e8..4b3dbeaadc 100644 --- a/llarp/handlers/session.hpp +++ b/llarp/handlers/session.hpp @@ -4,7 +4,6 @@ #include #include #include -#include #include namespace llarp @@ -34,9 +33,6 @@ namespace llarp ClientContact client_contact; // TODO: TESTNET: replacement for service::Introset - service::Identity _identity; // TODO: TESTNET: move responsibilities to KeyManager, delete - service::IntroSetOld _local_introset; // TODO: TESTNET: remove with CC impl - std::shared_ptr _cc_publisher; // auth tokens for making outbound sessions @@ -119,12 +115,8 @@ namespace llarp void start_tickers(); - void regen_and_publish_introset(); - bool publish_client_contact(const EncryptedClientContact& ecc); - bool publish_introset(const service::EncryptedIntroSet& introset); - // SessionEndpoint can use either a whitelist or a static auth token list to validate incomininbg requests // to initiate a session bool validate(const NetworkAddress& remote, std::optional maybe_auth = std::nullopt); @@ -144,13 +136,6 @@ namespace llarp uint64_t order, std::function)> func); - // TESTNET: // TONUKE: - void lookup_intro( - RouterID remote, - bool is_relayed, - uint64_t order, - std::function)> func); - // resolves any config mappings that parsed ONS addresses to their pubkey network address void resolve_ons_mappings(); @@ -188,8 +173,7 @@ namespace llarp bool _initiate_session(NetworkAddress remote, on_session_init_hook cb, bool is_exit = false); - void _make_session_path( - service::IntroductionSet_old intros, NetworkAddress remote, on_session_init_hook cb, bool is_exit); + void _make_session_path(intro_set intros, NetworkAddress remote, on_session_init_hook cb, bool is_exit); void _make_session( NetworkAddress remote, std::shared_ptr path, on_session_init_hook cb, bool is_exit); diff --git a/llarp/handlers/tun.cpp b/llarp/handlers/tun.cpp index 25b9e11a48..895927baa9 100644 --- a/llarp/handlers/tun.cpp +++ b/llarp/handlers/tun.cpp @@ -9,13 +9,12 @@ #include #include +#include #include #include #include #include #include -#include -#include #include namespace llarp::handlers diff --git a/llarp/handlers/tun.hpp b/llarp/handlers/tun.hpp index 43dfdd4200..cdd38269c9 100644 --- a/llarp/handlers/tun.hpp +++ b/llarp/handlers/tun.hpp @@ -3,9 +3,7 @@ #include #include #include -#include #include -#include #include #include #include @@ -167,25 +165,6 @@ namespace llarp::handlers bool obtain_src_for_remote(const NetworkAddress& remote, ip_v& src, bool use_ipv4); void send_packet_to_net_if(IPPacket&& pkt); - - template - void send_dns_reply( - Addr_t addr, - Endpoint_t ctx, - std::shared_ptr query, - std::function reply, - bool sendIPv6) - { - if (ctx) - { - huint128_t ip = get_ip_for_addr(addr); - query->answers.clear(); - query->add_IN_reply(ip, sendIPv6); - } - else - query->add_nx_reply(); - reply(*query); - } }; } // namespace llarp::handlers diff --git a/llarp/link/link_manager.cpp b/llarp/link/link_manager.cpp index f01787887e..a70eb5fc1b 100644 --- a/llarp/link/link_manager.cpp +++ b/llarp/link/link_manager.cpp @@ -1076,8 +1076,7 @@ namespace llarp _router.rpc_client()->lookup_ons_hash( name_hash, - [respond = - std::move(respond)]([[maybe_unused]] std::optional maybe_enc) mutable { + [respond = std::move(respond)]([[maybe_unused]] std::optional maybe_enc) mutable { if (maybe_enc) respond(maybe_enc->bt_encode()); else @@ -1085,49 +1084,6 @@ namespace llarp }); } - void LinkManager::handle_resolve_ons_response(oxen::quic::message m) - { - if (m.timed_out) - { - log::info(logcat, "FindNameMessage request timed out!"); - return; - } - - std::string payload; - - try - { - oxenc::bt_dict_consumer btdc{m.body()}; - payload = btdc.require(m ? "E" : messages::STATUS_KEY); - } - catch (const std::exception& e) - { - log::warning(logcat, "Exception: {}", e.what()); - return; - } - - if (m) - { - // TODO: wtf - } - else - { - if (payload == "ERROR") - { - log::info(logcat, "FindNameMessage failed with unkown error!"); - - // resend? - } - else if (payload == FindNameMessage::NOT_FOUND) - { - log::info(logcat, "FindNameMessage failed with unkown error!"); - // what to do here? - } - else - log::info(logcat, "FindNameMessage failed with unkown error!"); - } - } - void LinkManager::handle_publish_cc(std::string_view body, std::function respond) { EncryptedClientContact enc; @@ -1221,114 +1177,6 @@ namespace llarp } } - // TONUKE: this - void LinkManager::handle_publish_intro(std::string_view body, std::function respond) - { - service::EncryptedIntroSet enc; - std::string introset; - uint64_t is_relayed, relay_order; - - try - { - oxenc::bt_dict_consumer btdc_a{body}; - - introset = btdc_a.require("I"); - relay_order = btdc_a.require("O"); - is_relayed = btdc_a.require("R"); - - enc = *service::EncryptedIntroSet::construct(std::move(introset)); - } - catch (const std::exception& e) - { - log::warning(logcat, "Exception: {}", e.what()); - respond(messages::ERROR_RESPONSE); - return; - } - - const auto addr = dht::Key_t{reinterpret_cast(enc.derived_signing_key.data())}; - const auto local_key = _router.rc().router_id(); - - if (not enc.verify()) - { - log::error(logcat, "Received PublishIntroMessage with invalid introset: {}", introset); - respond(serialize_response({{messages::STATUS_KEY, PublishIntroMessage::INVALID_INTROSET}})); - return; - } - - auto closest_rcs = _router.node_db()->find_many_closest_to(addr, path::DEFAULT_PATHS_HELD); - - if (closest_rcs.size() != path::DEFAULT_PATHS_HELD) - { - log::error(logcat, "Received PublishIntroMessage but only know {} nodes", closest_rcs.size()); - respond(serialize_response({{messages::STATUS_KEY, PublishIntroMessage::INSUFFICIENT}})); - return; - } - - if (is_relayed) - { - if (relay_order >= path::DEFAULT_PATHS_HELD) - { - log::error(logcat, "Received PublishIntroMessage with invalid relay order: {}", relay_order); - respond(serialize_response({{messages::STATUS_KEY, PublishIntroMessage::INVALID_ORDER}})); - return; - } - - log::info(logcat, "Relaying PublishIntroMessage for {}", addr); - - const auto& peer_rc = closest_rcs[relay_order]; - const auto& peer_key = peer_rc.router_id(); - - if (peer_key == local_key) - { - log::info( - logcat, - "Received PublishIntroMessage in which we are peer index {}.. storing introset", - relay_order); - - _router.contact_db().put_intro(std::move(enc)); - respond(messages::OK_RESPONSE); - } - else - { - log::info(logcat, "Received PublishIntroMessage; propagating to peer index {}", relay_order); - - send_control_message( - peer_key, - "publish_intro", - PublishIntroMessage::serialize(enc, relay_order, is_relayed), - [respond = std::move(respond)](oxen::quic::message m) mutable { - if (m.timed_out) - return; // drop if timed out; requester will have timed out as well - respond(m.body_str()); - }); - } - - return; - } - - int rc_index = -1, index = 0; - - for (const auto& rc : closest_rcs) - { - if (rc.router_id() == local_key) - { - rc_index = index; - break; - } - ++index; - } - - if (rc_index >= 0) - { - log::info(logcat, "Received PublishIntroMessage for {}; we are candidate {}", addr, relay_order); - - _router.contact_db().put_intro(std::move(enc)); - respond(messages::OK_RESPONSE); - } - else - log::warning(logcat, "Received non-relayed PublishIntroMessage from {}; we are not the candidate", addr); - } - void LinkManager::handle_find_cc(std::string_view body, std::function respond) { dht::Key_t dht_key; @@ -1395,119 +1243,6 @@ namespace llarp } } - void LinkManager::handle_find_intro(std::string_view body, std::function respond) - { - ustring location; - uint64_t relay_order, is_relayed; - - try - { - oxenc::bt_dict_consumer btdc{body}; - - relay_order = btdc.require("O"); - is_relayed = btdc.require("R"); - location = btdc.require("S"); - } - catch (const std::exception& e) - { - log::warning(logcat, "Exception: {}", e.what()); - respond(messages::ERROR_RESPONSE); - return; - } - - const auto addr = dht::Key_t{location.data()}; - - auto closest_rcs = _router.node_db()->find_many_closest_to(addr, path::DEFAULT_PATHS_HELD); - - if (closest_rcs.size() != path::DEFAULT_PATHS_HELD) - { - log::error(logcat, "Received FindIntroMessage but only know {} nodes", closest_rcs.size()); - respond(serialize_response({{messages::STATUS_KEY, FindIntroMessage::INSUFFICIENT_NODES}})); - return; - } - - if (is_relayed) - { - if (relay_order >= path::DEFAULT_PATHS_HELD) - { - log::warning(logcat, "Received FindIntroMessage with invalid relay order: {}", relay_order); - respond(serialize_response({{messages::STATUS_KEY, FindIntroMessage::INVALID_ORDER}})); - return; - } - - log::info(logcat, "Relaying FindIntroMessage for {}", addr); - - const auto& peer_rc = closest_rcs[relay_order]; - const auto& peer_key = peer_rc.router_id(); - - send_control_message( - peer_key, - "find_intro", - FindIntroMessage::serialize(addr, is_relayed, relay_order), - [respond = std::move(respond)](oxen::quic::message relay_response) mutable { - if (relay_response) - log::info( - logcat, - "Relayed FindIntroMessage returned successful response; transmitting " - "to initial " - "requester"); - else if (relay_response.timed_out) - log::critical(logcat, "Relayed FindIntroMessage timed out! Notifying initial requester"); - else - log::critical(logcat, "Relayed FindIntroMessage failed! Notifying initial requester"); - - respond(relay_response.body_str()); - }); - } - else - { - if (auto maybe_intro = _router.contact_db().get_encrypted_introset(addr)) - respond(serialize_response({{"INTROSET", maybe_intro->bt_encode()}})); - else - { - log::warning(logcat, "Received FindIntroMessage with relayed == false and no local introset entry"); - respond(serialize_response({{messages::STATUS_KEY, FindIntroMessage::NOT_FOUND}})); - } - } - } - - // TONUKE: - void LinkManager::handle_find_intro_response(oxen::quic::message m) - { - if (m.timed_out) - { - log::info(logcat, "FindIntroMessage timed out!"); - return; - } - - // std::string payload; - - // try - // { - // oxenc::bt_dict_consumer btdc{m.body()}; - // payload = btdc.require((m) ? "INTROSET" : messages::STATUS_KEY); - // } - // catch (const std::exception& e) - // { - // log::warning(logcat, "Exception: {}", e.what()); - // return; - // } - - // // success case, neither timed out nor errored - // if (m) - // { - // if (auto enc = service::EncryptedIntroSet::construct(payload)) - // { - // _router.contact_db().put_intro(std::move(*enc)); - // } - // } - // else - // { - // log::info(logcat, "FindIntroMessage failed with error: {}", payload); - // // Do something smart here probably - // } - } - void LinkManager::handle_path_build(oxen::quic::message m, const RouterID& from) { if (!_router.path_context()->is_transit_allowed()) diff --git a/llarp/link/link_manager.hpp b/llarp/link/link_manager.hpp index 1e5d6680cd..cb6c8be5d6 100644 --- a/llarp/link/link_manager.hpp +++ b/llarp/link/link_manager.hpp @@ -253,9 +253,7 @@ namespace llarp private: // DHT messages - void handle_resolve_ons(std::string_view body, std::function respond); // relay - void handle_find_intro(std::string_view body, std::function respond); // relay - void handle_publish_intro(std::string_view body, std::function respond); // relay + void handle_resolve_ons(std::string_view body, std::function respond); // relay // TESTNET: // NEW CLIENT_CONTACT HANDLERS void handle_find_cc(std::string_view body, std::function respond); @@ -287,19 +285,14 @@ namespace llarp void (LinkManager::*)(std::string_view body, std::function respond)> path_requests = { {"resolve_ons"sv, &LinkManager::handle_resolve_ons}, - {"publish_intro"sv, &LinkManager::handle_publish_intro}, - {"find_intro"sv, &LinkManager::handle_find_intro}}; + {"publish_intro"sv, &LinkManager::handle_publish_cc}, + {"find_intro"sv, &LinkManager::handle_find_cc}}; // Path relaying void handle_path_control(oxen::quic::message, const RouterID& from); void handle_inner_request(oxen::quic::message m, std::string payload, std::shared_ptr hop); - // DHT responses - void handle_resolve_ons_response(oxen::quic::message); - void handle_find_intro_response(oxen::quic::message); - // void handle_publish_intro_response(oxen::quic::message); - // Path responses void handle_path_latency_response(oxen::quic::message); void handle_path_transfer_response(oxen::quic::message); diff --git a/llarp/messages/common.hpp b/llarp/messages/common.hpp index bfbe5b5aad..48f37d01a2 100644 --- a/llarp/messages/common.hpp +++ b/llarp/messages/common.hpp @@ -1,10 +1,10 @@ #pragma once #include +#include #include #include #include -#include #include #include diff --git a/llarp/messages/dht.hpp b/llarp/messages/dht.hpp index 5ad370fb22..6c6e943d15 100644 --- a/llarp/messages/dht.hpp +++ b/llarp/messages/dht.hpp @@ -3,7 +3,6 @@ #include "common.hpp" #include -#include namespace llarp { @@ -170,31 +169,4 @@ namespace llarp return {std::move(ecc), relay_order, is_relayed}; } } // namespace PublishClientContact - - namespace PublishIntroMessage - { - inline constexpr auto INVALID_INTROSET = "INVALID INTROSET"sv; - inline constexpr auto EXPIRED = "EXPIRED INTROSET"sv; - inline constexpr auto INSUFFICIENT = "INSUFFICIENT NODES"sv; - inline constexpr auto INVALID_ORDER = "INVALID ORDER"sv; - - inline static std::string serialize( - const service::EncryptedIntroSet& introset, uint64_t relay_order, uint64_t is_relayed) - { - oxenc::bt_dict_producer btdp; - - try - { - btdp.append("I", introset.bt_encode()); - btdp.append("O", relay_order); - btdp.append("R", is_relayed); - } - catch (...) - { - log::error(messages::logcat, "Error: FindNameMessage failed to bt encode contents!"); - } - - return std::move(btdp).str(); - } - } // namespace PublishIntroMessage } // namespace llarp diff --git a/llarp/net/interface_info.cpp b/llarp/net/interface_info.cpp deleted file mode 100644 index 542851deb1..0000000000 --- a/llarp/net/interface_info.cpp +++ /dev/null @@ -1,9 +0,0 @@ -#include "interface_info.hpp" - -namespace llarp::net -{ - std::string InterfaceInfo::to_string() const - { - return fmt::format("{}[i={}; addrs={}]", name, index, fmt::join(addrs, ",")); - } -} // namespace llarp::net diff --git a/llarp/net/interface_info.hpp b/llarp/net/interface_info.hpp deleted file mode 100644 index b9d5488560..0000000000 --- a/llarp/net/interface_info.hpp +++ /dev/null @@ -1,30 +0,0 @@ -#pragma once - -#include -#include - -#include -#include -#include - -namespace llarp::net -{ - /// info about a network interface lokinet does not own - struct InterfaceInfo - { - private: - public: - // TODO: is this needed? - /// a gateway we can use if it exists - std::optional _gateway; - - /// human readable name of interface - std::string name; - /// interface's index - int index; - /// the addresses owned by this interface - std::vector addrs; - - std::string to_string() const; - }; -} // namespace llarp::net diff --git a/llarp/net/ip.cpp b/llarp/net/ip.cpp deleted file mode 100644 index bd3609cd54..0000000000 --- a/llarp/net/ip.cpp +++ /dev/null @@ -1,27 +0,0 @@ -#include "ip.hpp" - -#include - -namespace llarp::net -{ - huint128_t In6ToHUInt(in6_addr addr) - { - uint8_t* ptr = reinterpret_cast(addr.s6_addr); - uint128_t x{0}; - for (int i = 0; i < 16; i++) - { - x <<= 8; - x |= ptr[i]; - } - return huint128_t{x}; - } - - in6_addr HUIntToIn6(huint128_t x) - { - in6_addr addr; - auto i = ntoh128(x.h); - std::memcpy(&addr, &i, 16); - return addr; - } - -} // namespace llarp::net diff --git a/llarp/net/ip.hpp b/llarp/net/ip.hpp deleted file mode 100644 index 0638fd51fc..0000000000 --- a/llarp/net/ip.hpp +++ /dev/null @@ -1,30 +0,0 @@ -#pragma once - -#include "net_int.hpp" - -#include - -namespace llarp::net -{ - huint128_t In6ToHUInt(in6_addr addr); - - in6_addr HUIntToIn6(huint128_t x); - - constexpr huint128_t ExpandV4(huint32_t x) - { - return huint128_t{0x0000'ffff'0000'0000UL} | huint128_t{x.h}; - } - - constexpr huint128_t ExpandV4Lan(huint32_t x) - { - return huint128_t{uint128_t{0xfd00'0000'0000'0000UL, 0UL}} | huint128_t{x.h}; - } - - constexpr huint32_t TruncateV6(huint128_t x) - { - huint32_t ret = {0}; - ret.h = (uint32_t)(x.h & 0x0000'0000'ffff'ffffUL); - return ret; - } - -} // namespace llarp::net diff --git a/llarp/net/net.hpp b/llarp/net/net.hpp index 763d0c4ade..dea007acb7 100644 --- a/llarp/net/net.hpp +++ b/llarp/net/net.hpp @@ -1,8 +1,6 @@ #pragma once -#include "interface_info.hpp" #include "net.h" -#include "net_int.hpp" #include "uint128.hpp" #include @@ -44,6 +42,29 @@ namespace llarp namespace net { + + /// info about a network interface lokinet does not own + struct InterfaceInfo + { + private: + public: + // TODO: is this needed? + /// a gateway we can use if it exists + std::optional _gateway; + + /// human readable name of interface + std::string name; + /// interface's index + int index; + /// the addresses owned by this interface + std::vector addrs; + + std::string to_string() const + { + return "{} [ idx={}, addrs={}]"_format(name, index, fmt::join(addrs, ",")); + } + }; + struct if_info { explicit if_info(int _af = AF_INET) : af{_af} {} diff --git a/llarp/net/net_int.cpp b/llarp/net/net_int.cpp deleted file mode 100644 index 07b37ef6ea..0000000000 --- a/llarp/net/net_int.cpp +++ /dev/null @@ -1,150 +0,0 @@ -#include "net_int.hpp" - -#include "ip.hpp" - -#include - -#include -#include - -namespace llarp -{ - namespace net - { - huint16_t ToHost(port_t x) - { - return huint16_t{oxenc::big_to_host(x.n)}; - } - - huint32_t ToHost(ipv4addr_t x) - { - return huint32_t{oxenc::big_to_host(x.n)}; - } - - huint128_t ToHost(ipv6addr_t x) - { - return {ntoh128(x.n)}; - } - - port_t ToNet(huint16_t x) - { - return port_t{oxenc::host_to_big(x.h)}; - } - - ipv4addr_t ToNet(huint32_t x) - { - return ipv4addr_t{oxenc::host_to_big(x.h)}; - } - - ipv6addr_t ToNet(huint128_t x) - { - return ipv6addr_t{hton128(x.h)}; - } - } // namespace net - - template <> - void huint32_t::ToV6(V6Container& c) - { - c.resize(16); - std::fill(c.begin(), c.end(), 0); - oxenc::write_host_as_big(h, c.data() + 12); - c[11] = 0xff; - c[10] = 0xff; - } - - template <> - void huint128_t::ToV6(V6Container& c) - { - c.resize(16); - const in6_addr addr = net::HUIntToIn6(*this); - std::copy_n(addr.s6_addr, 16, c.begin()); - } - - template <> - std::string huint32_t::to_string() const - { - uint32_t n = htonl(h); - char tmp[INET_ADDRSTRLEN] = {0}; - if (!inet_ntop(AF_INET, (void*)&n, tmp, sizeof(tmp))) - return ""; - return tmp; - } - - template <> - std::string huint128_t::to_string() const - { - auto addr = ntoh128(h); - char tmp[INET6_ADDRSTRLEN] = {0}; - if (!inet_ntop(AF_INET6, (void*)&addr, tmp, sizeof(tmp))) - return ""; - return tmp; - } - - template <> - bool huint16_t::FromString(const std::string& str) - { - if (auto val = std::atoi(str.c_str()); val >= 0) - { - h = val; - return true; - } - else - return false; - } - - template <> - bool huint32_t::FromString(const std::string& str) - { - uint32_t n; - if (!inet_pton(AF_INET, str.c_str(), &n)) - return false; - h = ntohl(n); - return true; - } - - template <> - bool huint128_t::FromString(const std::string& str) - { - llarp::uint128_t i; - if (!inet_pton(AF_INET6, str.c_str(), &i)) - return false; - h = ntoh128(i); - return true; - } - - template <> - std::string nuint32_t::to_string() const - { - char tmp[INET_ADDRSTRLEN] = {0}; - if (!inet_ntop(AF_INET, (void*)&n, tmp, sizeof(tmp))) - return ""; - return tmp; - } - - template <> - std::string nuint128_t::to_string() const - { - char tmp[INET6_ADDRSTRLEN] = {0}; - if (!inet_ntop(AF_INET6, (void*)&n, tmp, sizeof(tmp))) - return ""; - return tmp; - } - - template <> - std::string huint16_t::to_string() const - { - return std::to_string(h); - } - - template <> - std::string nuint16_t::to_string() const - { - return std::to_string(ntohs(n)); - } - - std::string net::to_string(const ipaddr_t& ipaddr) - { - return std::visit([](const auto& ip) { return ip.to_string(); }, ipaddr); - } - -} // namespace llarp diff --git a/llarp/net/net_int.hpp b/llarp/net/net_int.hpp deleted file mode 100644 index 8170b890a0..0000000000 --- a/llarp/net/net_int.hpp +++ /dev/null @@ -1,207 +0,0 @@ -#pragma once - -// for addrinfo -#ifndef _WIN32 -#include -#include -#include -#else -#include - -#include - -#define inet_aton(x, y) inet_pton(AF_INET, x, y) -#endif - -#include "net.h" -#include "uint128.hpp" - -#include - -#include - -#include // for itoa -#include -#include - -namespace llarp -{ - template - struct huint_t - { - UInt_t h; - - constexpr huint_t operator&(huint_t x) const { return huint_t{UInt_t{h & x.h}}; } - - constexpr huint_t operator|(huint_t x) const { return huint_t{UInt_t{h | x.h}}; } - - constexpr huint_t operator-(huint_t x) const { return huint_t{UInt_t{h - x.h}}; } - - constexpr huint_t operator+(huint_t x) const { return huint_t{UInt_t{h + x.h}}; } - - constexpr huint_t operator^(huint_t x) const { return huint_t{UInt_t{h ^ x.h}}; } - - constexpr huint_t operator~() const { return huint_t{UInt_t{~h}}; } - - constexpr huint_t operator<<(int n) const - { - UInt_t v{h}; - v <<= n; - return huint_t{v}; - } - - inline huint_t operator++() - { - ++h; - return *this; - } - - inline huint_t operator--() - { - --h; - return *this; - } - - constexpr bool operator<(huint_t x) const { return h < x.h; } - - constexpr bool operator!=(huint_t x) const { return h != x.h; } - - constexpr bool operator==(huint_t x) const { return h == x.h; } - - using V6Container = std::vector; - [[deprecated]] void ToV6(V6Container& c); - - std::string to_string() const; - - bool FromString(const std::string&); - }; - - using huint32_t = huint_t; - using huint16_t = huint_t; - using huint128_t = huint_t; - - template - struct nuint_t - { - UInt_t n = 0; - - constexpr nuint_t operator&(nuint_t x) const { return nuint_t{UInt_t(n & x.n)}; } - - constexpr nuint_t operator|(nuint_t x) const { return nuint_t{UInt_t(n | x.n)}; } - - constexpr nuint_t operator^(nuint_t x) const { return nuint_t{UInt_t(n ^ x.n)}; } - - constexpr nuint_t operator~() const { return nuint_t{UInt_t(~n)}; } - - inline nuint_t operator++() - { - ++n; - return *this; - } - inline nuint_t operator--() - { - --n; - return *this; - } - - constexpr bool operator<(nuint_t x) const { return n < x.n; } - - constexpr bool operator!=(nuint_t x) const { return n != x.n; } - - constexpr bool operator==(nuint_t x) const { return n == x.n; } - - using V6Container = std::vector; - [[deprecated]] void ToV6(V6Container& c); - - std::string to_string() const; - - bool FromString(const std::string& data) - { - huint_t x; - if (not x.FromString(data)) - return false; - *this = ToNet(x); - return true; - } - - inline static nuint_t from_string(const std::string& str) - { - nuint_t x{}; - if (not x.FromString(str)) - throw std::invalid_argument{fmt::format("{} is not a valid value", str)}; - return x; - } - - template - inline static nuint_t from_host(Args_t&&... args) - { - return ToNet(huint_t{std::forward(args)...}); - } - }; - - namespace net - { - /// hides the nuint types used with net_port_t / net_ipv4addr_t / net_ipv6addr_t - namespace - { - using n_uint16_t = llarp::nuint_t; - using n_uint32_t = llarp::nuint_t; - using n_uint128_t = llarp::nuint_t; - } // namespace - - using port_t = n_uint16_t; - using ipv4addr_t = n_uint32_t; - using flowlabel_t = n_uint32_t; - using ipv6addr_t = n_uint128_t; - using ipaddr_t = std::variant; - - std::string to_string(const ipaddr_t& ip); - - huint16_t ToHost(port_t); - huint32_t ToHost(ipv4addr_t); - huint128_t ToHost(ipv6addr_t); - - port_t ToNet(huint16_t); - ipv4addr_t ToNet(huint32_t); - ipv6addr_t ToNet(huint128_t); - - } // namespace net - - using nuint16_t /* [[deprecated("use llarp::net::port_t instead")]] */ = llarp::net::port_t; - using nuint32_t /* [[deprecated("use llarp::net::ipv4addr_t instead")]] */ = llarp::net::ipv4addr_t; - using nuint128_t /* [[deprecated("use llarp::net::ipv6addr_t instead")]] */ = llarp::net::ipv6addr_t; - - template - /* [[deprecated("use llarp::net::ToNet instead")]] */ inline llarp::nuint_t ToNet( - llarp::huint_t x) - { - return llarp::net::ToNet(x); - } - - template - /* [[deprecated("use llarp::net::ToHost instead")]] */ inline llarp::huint_t ToHost( - llarp::nuint_t x) - { - return llarp::net::ToHost(x); - } - - /* [[deprecated("use llarp::net::ToHost instead")]] */ inline net::ipv4addr_t xhtonl(huint32_t x) - { - return ToNet(x); - } -} // namespace llarp - -namespace std -{ - template - struct hash> - { - size_t operator()(const llarp::nuint_t& x) const { return std::hash{}(x.n); } - }; - - template - struct hash> - { - size_t operator()(const llarp::huint_t& x) const { return std::hash{}(x.h); } - }; -} // namespace std diff --git a/llarp/path/path.cpp b/llarp/path/path.cpp index e0fd1674ef..f3e2eaa65d 100644 --- a/llarp/path/path.cpp +++ b/llarp/path/path.cpp @@ -5,7 +5,6 @@ #include #include #include -#include #include namespace llarp::path @@ -42,9 +41,9 @@ namespace llarp::path hops[idx].txID = hops[idx + 1].rxID; } - // initialize parts of the introduction - intro_old.pivot_router = hops[hsz - 1].rc.router_id(); - intro_old.pivot_hop_id = hops[hsz - 1].txID; + // initialize parts of the clientintro + intro.pivot_rid = hops[hsz - 1].rc.router_id(); + intro.pivot_hid = hops[hsz - 1].txID; } void Path::link_session(recv_session_dgram_cb cb) @@ -114,25 +113,6 @@ namespace llarp::path "close_exit", CloseExitMessage::sign_and_serialize(sk, std::move(tx_id)), std::move(func)); } - // TESTNET: TONUKE: - bool Path::find_intro( - const dht::Key_t& location, bool is_relayed, uint64_t order, std::function func) - { - return send_path_control_message( - "find_intro", FindIntroMessage::serialize(location, is_relayed, order), std::move(func)); - } - - // TESTNET: TONUKE: - bool Path::publish_intro( - const service::EncryptedIntroSet& introset, - bool is_relayed, - uint64_t order, - std::function func) - { - return send_path_control_message( - "publish_intro", PublishIntroMessage::serialize(introset, is_relayed, order), std::move(func)); - } - bool Path::find_client_contact( const dht::Key_t& location, bool is_relayed, uint64_t order, std::function func) { @@ -348,13 +328,9 @@ namespace llarp::path auto now = llarp::time_now_ms(); nlohmann::json obj{ - {"intro", intro_old.ExtractStatus()}, {"lastRecvMsg", to_json(last_recv_msg)}, {"lastLatencyTest", to_json(last_latency_test)}, - {"buildStarted", to_json(buildStarted)}, {"expired", is_expired(now)}, - {"expiresSoon", ExpiresSoon(now)}, - {"expiresAt", to_json(ExpireTime())}, {"ready", is_ready()}, // {"txRateCurrent", m_LastTXRate}, // {"rxRateCurrent", m_LastRXRate}, @@ -493,6 +469,11 @@ namespace llarp::path /// how long we wait for a path to become active again after it times out // constexpr auto PathReanimationTimeout = 45s; + void Path::set_established() + { + _established = true; + } + bool Path::is_expired(std::chrono::milliseconds now) const { (void)now; diff --git a/llarp/path/path.hpp b/llarp/path/path.hpp index 2f16d9a0a4..682d209f8c 100644 --- a/llarp/path/path.hpp +++ b/llarp/path/path.hpp @@ -44,8 +44,6 @@ namespace llarp std::weak_ptr handler; - service::Introduction intro_old; - ClientIntro intro; std::chrono::milliseconds buildStarted = 0s; @@ -69,7 +67,7 @@ namespace llarp std::chrono::milliseconds LastRemoteActivityAt() const { return last_recv_msg; } - void set_established() { _established = true; } + void set_established(); void recv_path_data_message(bstring data); @@ -81,18 +79,13 @@ namespace llarp std::chrono::milliseconds ExpireTime() const { return buildStarted + hops[0].lifetime; } - bool ExpiresSoon(std::chrono::milliseconds now, std::chrono::milliseconds dlt = 5s) const - { - return now >= (ExpireTime() - dlt); - } - void enable_exit_traffic(); void mark_exit_closed(); bool update_exit(uint64_t tx_id); - bool is_expired(std::chrono::milliseconds now) const; + bool is_expired(std::chrono::milliseconds now = llarp::time_now_ms()) const; /// build a new path on the same set of hops as us /// regenerates keys @@ -111,20 +104,6 @@ namespace llarp uint64_t order = 0, std::function func = nullptr); - // TESTNET: // TONUKE: - [[deprecated]] bool find_intro( - const dht::Key_t& location, - bool is_relayed = false, - uint64_t order = 0, - std::function func = nullptr); - - // TESTNET: // TONUKE: - [[deprecated]] bool publish_intro( - const service::EncryptedIntroSet& introset, - bool is_relayed = false, - uint64_t order = 0, - std::function func = nullptr); - bool close_exit( const Ed25519SecretKey& sk, std::string tx_id, std::function func = nullptr); diff --git a/llarp/path/path_handler.cpp b/llarp/path/path_handler.cpp index bfe31c09ea..a6a4ea1b3d 100644 --- a/llarp/path/path_handler.cpp +++ b/llarp/path/path_handler.cpp @@ -182,7 +182,7 @@ namespace llarp::path void PathHandler::reset_path_state() { build_interval_limit = PATH_BUILD_RATE; - _last_build = 0s; + last_build = 0s; } // called within the scope of locked mutex @@ -267,40 +267,6 @@ namespace llarp::path return intros; } - service::intro_que_old PathHandler::get_recent_path_intros(std::chrono::milliseconds stale_threshold) const - { - Lock_t l{paths_mutex}; - service::intro_que_old ret{}; - - for (const auto& [_, p] : _paths) - { - if (p->is_ready() and not p->intro_old.expires_soon(stale_threshold)) - ret.push(p->intro_old); - } - - return ret; - } - - std::optional PathHandler::get_path_intros_conditional( - std::function filter) const - { - service::IntroductionSet_old intros; - Lock_t l{paths_mutex}; - - for (const auto& p : _paths) - { - if (p.second->is_ready() and filter(p.second->intro_old)) - { - intros.insert(p.second->intro_old); - } - } - - if (intros.empty()) - return std::nullopt; - - return intros; - } - void PathHandler::tick(std::chrono::milliseconds now) { log::trace(logcat, "{} called", __PRETTY_FUNCTION__); @@ -319,7 +285,7 @@ namespace llarp::path if (_build_stats.attempts > 50) { - if (_build_stats.SuccessRatio() <= BuildStats::MinGoodRatio && now - last_warn_time > 5s) + if (_build_stats.SuccessRatio() <= BuildStats::THRESHOLD && now - last_warn_time > 5s) { log::warning(logcat, "Low path build success: {}", _build_stats); last_warn_time = now; @@ -406,7 +372,7 @@ namespace llarp::path bool PathHandler::build_cooldown() const { - return llarp::time_now_ms() < _last_build + build_interval_limit; + return llarp::time_now_ms() < last_build + build_interval_limit; } size_t PathHandler::should_build_more() const @@ -532,7 +498,7 @@ namespace llarp::path return false; } - _last_build = llarp::time_now_ms(); + last_build = llarp::time_now_ms(); const auto& edge = hops[0].router_id(); const auto& terminus = hops.back().router_id(); diff --git a/llarp/path/path_handler.hpp b/llarp/path/path_handler.hpp index 4e953980a7..b8e5b22dd2 100644 --- a/llarp/path/path_handler.hpp +++ b/llarp/path/path_handler.hpp @@ -4,7 +4,6 @@ #include #include -#include #include #include #include @@ -60,13 +59,13 @@ namespace llarp /// Stats about all our path builds struct BuildStats { - static constexpr double MinGoodRatio = 0.25; + static constexpr double THRESHOLD{0.25}; - uint64_t attempts = 0; - uint64_t success = 0; - uint64_t build_fails = 0; // path build failures - uint64_t path_fails = 0; // path failures post-build - uint64_t timeouts = 0; + uint64_t attempts{}; + uint64_t success{}; + uint64_t build_fails{}; // path build failures + uint64_t path_fails{}; // path failures post-build + uint64_t timeouts{}; nlohmann::json ExtractStatus() const; @@ -92,7 +91,7 @@ namespace llarp struct PathHandler { private: - std::chrono::milliseconds last_warn_time = 0s; + std::chrono::milliseconds last_warn_time{0s}; std::unordered_map> path_cache; @@ -130,7 +129,7 @@ namespace llarp public: Router& _router; size_t num_hops; - std::chrono::milliseconds _last_build = 0s; + std::chrono::milliseconds last_build{0s}; std::chrono::milliseconds build_interval_limit = MIN_PATH_BUILD_INTERVAL; std::set snode_blacklist; @@ -161,11 +160,11 @@ namespace llarp intro_set get_current_client_intros() const; - service::intro_que_old get_recent_path_intros( - std::chrono::milliseconds stale_threshold = path::INTRO_STALE_THRESHOLD) const; + // service::intro_que_old get_recent_path_intros( + // std::chrono::milliseconds stale_threshold = path::INTRO_STALE_THRESHOLD) const; - std::optional get_path_intros_conditional( - std::function filter) const; + // std::optional get_path_intros_conditional( + // std::function filter) const; nlohmann::json ExtractStatus() const; diff --git a/llarp/router/route_poker.hpp b/llarp/router/route_poker.hpp index c99d32da79..f5ed1515dc 100644 --- a/llarp/router/route_poker.hpp +++ b/llarp/router/route_poker.hpp @@ -1,7 +1,5 @@ #pragma once -#include - #include #include diff --git a/llarp/rpc/rpc_client.cpp b/llarp/rpc/rpc_client.cpp index 705d9ca661..f51f3c08b9 100644 --- a/llarp/rpc/rpc_client.cpp +++ b/llarp/rpc/rpc_client.cpp @@ -332,19 +332,19 @@ namespace llarp::rpc } void RPCClient::lookup_ons_hash( - std::string namehash, std::function)> resultHandler) + std::string namehash, std::function)> resultHandler) { log::debug(logcat, "Looking Up ONS NameHash {}", namehash); const nlohmann::json req{{"type", 2}, {"name_hash", oxenc::to_hex(namehash)}}; request( "rpc.lns_resolve", [this, resultHandler](bool success, std::vector data) { - std::optional maybe = std::nullopt; + std::optional maybe = std::nullopt; if (success) { try { - service::EncryptedONSRecord result; + EncryptedSNSRecord result; const auto j = nlohmann::json::parse(data[1]); j.dump(); result.ciphertext = oxenc::from_hex(j["encrypted_value"].get()); diff --git a/llarp/rpc/rpc_client.hpp b/llarp/rpc/rpc_client.hpp index 259de9c563..370e864cf2 100644 --- a/llarp/rpc/rpc_client.hpp +++ b/llarp/rpc/rpc_client.hpp @@ -1,10 +1,10 @@ #pragma once #include +#include #include #include #include -#include #include #include @@ -33,7 +33,7 @@ namespace llarp uint64_t block_height() const { return _block_height; } void lookup_ons_hash( - std::string namehash, std::function)> resultHandler); + std::string namehash, std::function)> resultHandler); /// inform that if connected to a router successfully void inform_connection(RouterID router, bool success); diff --git a/llarp/rpc/rpc_request_parser.hpp b/llarp/rpc/rpc_request_parser.hpp index e6e3c4dccd..3c10fe2739 100644 --- a/llarp/rpc/rpc_request_parser.hpp +++ b/llarp/rpc/rpc_request_parser.hpp @@ -4,7 +4,6 @@ #include -// #include #include #include diff --git a/llarp/service/identity.cpp b/llarp/service/identity.cpp deleted file mode 100644 index bfaccc9a45..0000000000 --- a/llarp/service/identity.cpp +++ /dev/null @@ -1,94 +0,0 @@ -#include "identity.hpp" - -#include - -namespace llarp::service -{ - static auto logcat = log::Cat("Identity"); - - std::string Identity::bt_encode() const - { - oxenc::bt_dict_producer btdp; - - btdp.append("s", _idkey.to_view()); - btdp.append("v", version); - - return std::move(btdp).str(); - } - - void Identity::bt_decode(std::string buf) - { - try - { - oxenc::bt_dict_consumer btdc{buf}; - - _idkey.from_string(btdc.require("s")); - version = btdc.require("v"); - } - catch (...) - { - log::warning(logcat, "Identity failed to parse bt-encoded contents!"); - throw; - } - } - - void Identity::Clear() - { - _idkey.zero(); - _enckey.zero(); - derivedSignKey.zero(); - } - - void Identity::regenerate_keys() - { - crypto::identity_keygen(_idkey); - crypto::encryption_keygen(_enckey); - - pub.update(seckey_to_pubkey(_idkey), seckey_to_pubkey(_enckey)); - - if (not crypto::derive_subkey_private(derivedSignKey, _idkey, 1)) - { - throw std::runtime_error("failed to derive subkey"); - } - } - - bool Identity::KeyExchange( - path_dh_func dh, SharedSecret& result, const ServiceInfo& other, const KeyExchangeNonce& N) const - { - return dh(result, other.encryption_pubkey(), _enckey, N); - } - - bool Identity::Sign(Signature& sig, uint8_t* buf, size_t size) const - { - return crypto::sign(sig, _idkey, buf, size); - } - - std::optional Identity::encrypt_and_sign_introset( - const IntroSetOld& other_i, std::chrono::milliseconds now) const - { - EncryptedIntroSet encrypted; - - if (other_i.intros.empty()) - return std::nullopt; - - IntroSetOld i{other_i}; - encrypted.nonce.Randomize(); - // set timestamp - // TODO: round to nearest 1000 ms - i.time_signed = now; - encrypted.signed_at = now; - // set service info - i.address_keys = pub; - - auto bte = i.bt_encode(); - - const SharedSecret k{i.address_keys.address().pubkey()}; - crypto::xchacha20(reinterpret_cast(bte.data()), bte.size(), k, encrypted.nonce); - - std::memcpy(encrypted.introset_payload.data(), bte.data(), bte.size()); - - if (not encrypted.sign(derivedSignKey)) - return std::nullopt; - return encrypted; - } -} // namespace llarp::service diff --git a/llarp/service/identity.hpp b/llarp/service/identity.hpp deleted file mode 100644 index 5ca01085f7..0000000000 --- a/llarp/service/identity.hpp +++ /dev/null @@ -1,49 +0,0 @@ -#pragma once - -#include "info.hpp" -#include "intro_set.hpp" - -#include -#include -#include - -#include -#include - -namespace llarp::service -{ - // private keys - struct Identity - { - Ed25519SecretKey _idkey; - Ed25519SecretKey _enckey; - Ed25519PrivateData derivedSignKey; - uint64_t version = llarp::constants::proto_version; - - // public service info - ServiceInfo pub; - - // regenerate secret keys - void regenerate_keys(); - - std::string bt_encode() const; - - void bt_decode(std::string); - - bool KeyExchange( - path_dh_func dh, SharedSecret& sharedkey, const ServiceInfo& other, const KeyExchangeNonce& N) const; - - std::optional encrypt_and_sign_introset( - const IntroSetOld& i, std::chrono::milliseconds now) const; - - bool Sign(Signature& sig, uint8_t* buf, size_t size) const; - - /// zero out all secret key members - void Clear(); - }; - - inline bool operator==(const Identity& lhs, const Identity& rhs) - { - return std::tie(lhs._enckey, lhs._idkey, lhs.version) == std::tie(rhs._enckey, rhs._idkey, rhs.version); - } -} // namespace llarp::service diff --git a/llarp/service/info.cpp b/llarp/service/info.cpp deleted file mode 100644 index 5053d030f9..0000000000 --- a/llarp/service/info.cpp +++ /dev/null @@ -1,94 +0,0 @@ -#include "info.hpp" - -#include - -namespace llarp::service -{ - static auto logcat = log::Cat("service_info"); - - bool ServiceInfo::verify(uint8_t* buf, size_t size, const Signature& sig) const - { - return crypto::verify(signkey, buf, size, sig); - } - - bool ServiceInfo::update(const uint8_t* sign, const uint8_t* enc) - { - signkey = sign; - enckey = enc; - - return update_address(); - } - - void ServiceInfo::bt_decode(oxenc::bt_dict_consumer& btdc) - { - try - { - enckey.from_hex(btdc.require("e")); - signkey.from_hex(btdc.require("s")); - } - catch (...) - { - log::critical(logcat, "ServiceInfo failed to populate with bt encoded contents"); - throw; - } - } - - bool ServiceInfo::bt_decode(std::string_view buf) - { - try - { - oxenc::bt_dict_consumer btdc{buf}; - - bt_decode(btdc); - } - catch (const std::exception& e) - { - // DISCUSS: rethrow or print warning/return false...? - auto err = "ServiceInfo parsing exception: {}"_format(e.what()); - log::warning(logcat, "{}", err); - throw std::runtime_error{err}; - } - - return true; - } - - void ServiceInfo::bt_encode(oxenc::bt_dict_producer& btdp) const - { - btdp.append("e", enckey.to_view()); - btdp.append("s", signkey.to_view()); - } - - std::string ServiceInfo::name() const - { - if (_cached_addr.is_empty()) - { - PubKey pk; - calculate_address(pk); - return pk.to_string(); - } - - return _cached_addr.to_string(); - } - - bool ServiceInfo::calculate_address(PubKey& data) const - { - data = PubKey{signkey.as_array()}; - return true; - } - - bool ServiceInfo::update_address() - { - if (_cached_addr.is_empty()) - { - return calculate_address(_cached_addr.pubkey()); - } - - return true; - } - - std::string ServiceInfo::to_string() const - { - return "[ServiceInfo e={} s={} v={}]"_format(enckey, signkey, version); - } - -} // namespace llarp::service diff --git a/llarp/service/info.hpp b/llarp/service/info.hpp deleted file mode 100644 index ce8544d082..0000000000 --- a/llarp/service/info.hpp +++ /dev/null @@ -1,68 +0,0 @@ -#pragma once - -#include -#include -#include - -#include - -#include - -namespace llarp::service -{ - struct ServiceInfo - { - private: - PubKey enckey; - PubKey signkey; - mutable NetworkAddress _cached_addr; - - public: - uint64_t version = llarp::constants::proto_version; - - bool verify(uint8_t* buf, size_t size, const Signature& sig) const; - - const PubKey& encryption_pubkey() const - { - if (_cached_addr.is_empty()) - calculate_address(_cached_addr.pubkey()); - - return enckey; - } - - bool update(const uint8_t* sign, const uint8_t* enc); - - bool operator==(const ServiceInfo& other) const - { - return std::tie(enckey, version) == std::tie(other.enckey, other.version); - } - - bool operator!=(const ServiceInfo& other) const { return !(*this == other); } - - bool operator<(const ServiceInfo& other) const { return address() < other.address(); } - - std::string to_string() const; - - /// .loki address - std::string name() const; - - bool update_address(); - - const NetworkAddress& address() const - { - if (_cached_addr.is_empty()) - calculate_address(_cached_addr.pubkey()); - - return _cached_addr; - } - - /// calculate our address - bool calculate_address(PubKey& data) const; - - bool bt_decode(std::string_view buf); - - void bt_decode(oxenc::bt_dict_consumer& btdc); - - void bt_encode(oxenc::bt_dict_producer& btdp) const; - }; -} // namespace llarp::service diff --git a/llarp/service/intro.cpp b/llarp/service/intro.cpp deleted file mode 100644 index 9464019259..0000000000 --- a/llarp/service/intro.cpp +++ /dev/null @@ -1,107 +0,0 @@ -#include "intro.hpp" - -#include - -namespace llarp::service -{ - static auto logcat = log::Cat("introduction"); - - nlohmann::json Introduction::ExtractStatus() const - { - nlohmann::json obj{ - {"router", pivot_router.ToHex()}, - {"path", pivot_hop_id.ToHex()}, - {"expiresAt", to_json(expiry)}, - {"version", uint64_t(version)}}; - return obj; - } - - Introduction::Introduction(std::string buf) - { - try - { - oxenc::bt_dict_consumer btdc{std::move(buf)}; - - pivot_router.from_relay_address(btdc.require("k")); - pivot_hop_id.from_string(btdc.require("p")); - expiry = std::chrono::milliseconds{btdc.require("x")}; - } - catch (...) - { - log::critical(logcat, "Error: Introduction failed to populate with bt encoded contents"); - } - } - - void Introduction::bt_encode(oxenc::bt_list_producer& btlp) const - { - try - { - auto subdict = btlp.append_dict(); - bt_encode(subdict); - } - catch (...) - { - log::critical(logcat, "Error: Introduction failed to bt encode contents!"); - } - } - - void Introduction::bt_encode(oxenc::bt_dict_producer& subdict) const - { - try - { - subdict.append("k", pivot_router.to_view()); - subdict.append("p", pivot_hop_id.to_view()); - subdict.append("x", expiry.count()); - } - catch (...) - { - log::critical(logcat, "Error: Introduction failed to bt encode contents!"); - } - } - - bool Introduction::bt_decode(std::string_view buf) - { - try - { - oxenc::bt_dict_consumer btdc{buf}; - bt_decode(btdc); - } - catch (const std::exception& e) - { - // DISCUSS: rethrow or print warning/return false...? - auto err = "Introduction parsing exception: {}"_format(e.what()); - log::warning(logcat, "{}", err); - throw std::runtime_error{err}; - } - - return true; - } - - void Introduction::bt_decode(oxenc::bt_dict_consumer& btdc) - { - try - { - pivot_router.from_string(btdc.require("k")); - expiry = std::chrono::milliseconds{btdc.require("x")}; - } - catch (...) - { - log::critical(logcat, "Introcuction failed to populate with bt encoded contents"); - throw; - } - } - - void Introduction::clear() - { - pivot_router.zero(); - pivot_hop_id.zero(); - expiry = 0s; - } - - std::string Introduction::to_string() const - { - return fmt::format( - "[Intro k={} p={} v={} x={}]", RouterID{pivot_router}, pivot_hop_id, version, expiry.count()); - } - -} // namespace llarp::service diff --git a/llarp/service/intro.hpp b/llarp/service/intro.hpp deleted file mode 100644 index b3c1c11eab..0000000000 --- a/llarp/service/intro.hpp +++ /dev/null @@ -1,88 +0,0 @@ -#pragma once - -#include -#include - -#include - -#include -#include - -namespace llarp::service -{ - struct Introduction - { - RouterID pivot_router; - HopID pivot_hop_id; - std::chrono::milliseconds expiry = 0s; - uint64_t version = llarp::constants::proto_version; - - Introduction() = default; - Introduction(std::string buf); - - nlohmann::json ExtractStatus() const; - - bool is_expired(std::chrono::milliseconds now = llarp::time_now_ms()) const { return now >= expiry; } - - // TODO: get rid of this entirely, and use ::is_expired(...) - bool expires_soon( - std::chrono::milliseconds dlt = 30s, std::chrono::milliseconds now = llarp::time_now_ms()) const - { - return is_expired(now + dlt); - } - - std::string to_string() const; - - void bt_encode(oxenc::bt_list_producer& btlp) const; - - void bt_encode(oxenc::bt_dict_producer& subdict) const; - - bool bt_decode(std::string_view buf); - - void bt_decode(oxenc::bt_dict_consumer& btdc); - - void clear(); - - bool operator<(const Introduction& other) const - { - return std::tie(expiry, pivot_hop_id, pivot_router, version) - < std::tie(other.expiry, other.pivot_hop_id, other.pivot_router, other.version); - } - - bool operator==(const Introduction& other) const - { - return std::tie(expiry, pivot_hop_id, pivot_router, version) - == std::tie(other.expiry, other.pivot_hop_id, other.pivot_router, other.version); - } - - bool operator!=(const Introduction& other) const { return !(*this == other); } - - static constexpr bool to_string_formattable = true; - }; - - /// comparator for introduction timestamp in order of nearest to furthest expiry time - struct IntroExpiryComparator - { - bool operator()(const Introduction& left, const Introduction& right) const - { - return left.expiry < right.expiry; - } - }; - - using intro_que_old = std::priority_queue, IntroExpiryComparator>; - - using IntroductionSet_old = std::set; - -} // namespace llarp::service - -namespace std -{ - template <> - struct hash - { - size_t operator()(const llarp::service::Introduction& i) const - { - return std::hash{}(i.pivot_router) ^ std::hash{}(i.pivot_hop_id); - } - }; -} // namespace std diff --git a/llarp/service/intro_set.cpp b/llarp/service/intro_set.cpp deleted file mode 100644 index 5d72c9e7eb..0000000000 --- a/llarp/service/intro_set.cpp +++ /dev/null @@ -1,433 +0,0 @@ -#include "intro_set.hpp" - -#include - -#include - -namespace llarp::service -{ - static auto logcat = log::Cat("EncIntro"); - - EncryptedIntroSet::EncryptedIntroSet( - std::string signing_key, - std::chrono::milliseconds signed_at, - std::string enc_payload, - std::string nonce, - std::string s) - : signed_at{signed_at}, - introset_payload{reinterpret_cast(enc_payload.data()), enc_payload.size()}, - nonce{reinterpret_cast(nonce.data())} - { - derived_signing_key.from_hex(signing_key); - sig.from_string(std::move(s)); - } - - EncryptedIntroSet::EncryptedIntroSet(std::string bt_payload) - { - try - { - oxenc::bt_dict_consumer btdc{bt_payload}; - bt_decode(btdc); - } - catch (...) - { - log::critical(logcat, "Error: EncryptedIntroSet failed to bt encode contents!"); - } - } - - nlohmann::json EncryptedIntroSet::ExtractStatus() const - { - const auto sz = introset_payload.size(); - return {{"location", derived_signing_key.to_string()}, {"signedAt", to_json(signed_at)}, {"size", sz}}; - } - - bool EncryptedIntroSet::bt_decode(std::string_view buf) - { - try - { - oxenc::bt_dict_consumer btdc{buf}; - return bt_decode(btdc); - } - catch (const std::exception& e) - { - // DISCUSS: rethrow or print warning/return false...? - auto err = "EncryptedIntroSet parsing exception: {}"_format(e.what()); - log::warning(logcat, "{}", err); - throw std::runtime_error{err}; - } - } - - bool EncryptedIntroSet::bt_decode(oxenc::bt_dict_consumer& btdc) - { - try - { - derived_signing_key.from_string(btdc.require("d")); - nonce.from_string(btdc.require("n")); - signed_at = std::chrono::milliseconds{btdc.require("s")}; - introset_payload = btdc.require("x"); - sig.from_string(btdc.require("z")); - - return true; - } - catch (...) - { - log::critical(logcat, "EncryptedIntroSet failed to decode bt payload!"); - throw; - } - } - - std::string EncryptedIntroSet::bt_encode() const - { - oxenc::bt_dict_producer btdp; - - try - { - btdp.append("d", derived_signing_key.to_view()); - btdp.append("n", nonce.to_view()); - btdp.append("s", signed_at.count()); - btdp.append( - "x", std::string_view{reinterpret_cast(introset_payload.data()), introset_payload.size()}); - btdp.append("z", sig.to_view()); - } - catch (...) - { - log::critical(logcat, "Error: EncryptedIntroSet failed to bt encode contents!"); - } - - return std::move(btdp).str(); - } - - std::optional EncryptedIntroSet::construct(std::string bt) - { - if (EncryptedIntroSet ret; ret.bt_decode(std::move(bt))) - return ret; - - return std::nullopt; - } - - bool EncryptedIntroSet::other_is_newer(const EncryptedIntroSet& other) const - { - return signed_at < other.signed_at; - } - - std::string EncryptedIntroSet::to_string() const - { - return "[EncIntroSet d={} n={} s={} x=[{} bytes] z={}]"_format( - derived_signing_key, nonce, signed_at.count(), introset_payload.size(), sig); - } - - std::optional EncryptedIntroSet::decrypt(const PubKey& root) const - { - std::optional ret = std::nullopt; - - SharedSecret k(root); - std::string payload{reinterpret_cast(introset_payload.data()), introset_payload.size()}; - - if (crypto::xchacha20(reinterpret_cast(payload.data()), payload.size(), k, nonce)) - ret = IntroSetOld{payload}; - - return ret; - } - - bool EncryptedIntroSet::is_expired(std::chrono::milliseconds now) const - { - return now >= signed_at + path::DEFAULT_LIFETIME; - } - - bool EncryptedIntroSet::sign(const Ed25519PrivateData& k) - { - signed_at = llarp::time_now_ms(); - derived_signing_key = k.to_pubkey(); - sig.zero(); - auto bte = bt_encode(); - - if (not crypto::sign(sig, k, reinterpret_cast(bte.data()), bte.size())) - return false; - - log::debug(logcat, "Singed encrypted introset: {}", *this); - return true; - } - - bool EncryptedIntroSet::verify() const - { - if (is_expired()) - return false; - - EncryptedIntroSet copy(*this); - copy.sig.zero(); - - auto bte = copy.bt_encode(); - return crypto::verify(derived_signing_key, reinterpret_cast(bte.data()), bte.size(), sig); - } - - nlohmann::json IntroSetOld::ExtractStatus() const - { - nlohmann::json obj{{"published", to_json(time_signed)}}; - // TODO: this - // std::vector introsObjs; - // std::transform( - // intros.begin(), - // intros.end(), - // std::back_inserter(introsObjs), - // [](const auto& intro) -> nlohmann::json { return intro.ExtractStatus(); }); - // obj["intros"] = introsObjs; - // if (!topic.IsZero()) - // obj["topic"] = topic.to_string(); - - // std::vector protocols; - // std::transform( - // supported_protocols.begin(), - // supported_protocols.end(), - // std::back_inserter(protocols), - // [](const auto& proto) -> nlohmann::json { return service::to_string(proto); }); - // obj["protos"] = protocols; - // std::vector ranges; - // std::transform( - // owned_ranges.begin(), - // owned_ranges.end(), - // std::back_inserter(ranges), - // [](const auto& range) -> nlohmann::json { return range.to_string(); }); - - // obj["advertisedRanges"] = ranges; - // if (exit_policy) - // obj["exitPolicy"] = exit_policy->ExtractStatus(); - - return obj; - } - - IntroSetOld::IntroSetOld(std::string bt_payload) - { - try - { - oxenc::bt_dict_consumer btdc{bt_payload}; - bt_decode(btdc); - } - catch (...) - { - log::critical(logcat, "Error: EncryptedIntroSet failed to bt encode contents!"); - } - } - - bool IntroSetOld::bt_decode(std::string_view buf) - { - try - { - oxenc::bt_dict_consumer btdc{buf}; - bt_decode(btdc); - } - catch (const std::exception& e) - { - // DISCUSS: rethrow or print warning/return false...? - auto err = "IntroSetOld parsing exception: {}"_format(e.what()); - log::warning(logcat, "{}", err); - throw std::runtime_error{err}; - } - - return true; - } - - void IntroSetOld::bt_decode(oxenc::bt_dict_consumer& btdc) - { - try - { - { - auto [key, subdict] = btdc.next_dict_consumer(); - - if (key != "a") - throw std::invalid_argument{ - "IntroSetOld received unexpected key (expected:'a', actual:{})"_format(key)}; - - address_keys.bt_decode(subdict); - } - - if (auto maybe_subdict = btdc.maybe("e"); maybe_subdict) - { - exit_policy->bt_decode(oxenc::bt_dict_consumer{*maybe_subdict}); - } - - { - auto [key, sublist] = btdc.next_list_consumer(); - - if (key != "i") - throw std::invalid_argument{ - "IntroSetOld received unexpected key (expected:'i', actual:{})"_format(key)}; - - while (not sublist.is_finished()) - { - intros.insert(sublist.consume_string()); - } - } - - if (auto maybe_supportedprotos = btdc.maybe("p"); maybe_supportedprotos) - { - oxenc::bt_list_consumer sublist{*maybe_supportedprotos}; - - while (not sublist.is_finished()) - { - supported_protocols.push_back(ProtocolType{sublist.consume_integer()}); - } - } - - if (auto maybe_ownedranges = btdc.maybe("i"); maybe_ownedranges) - { - oxenc::bt_list_consumer sublist{*maybe_ownedranges}; - - while (not sublist.is_finished()) - { - _routed_ranges.emplace(sublist.consume_string()); - } - } - - if (auto maybe_srvs = btdc.maybe("s"); maybe_srvs) - { - oxenc::bt_list_consumer sublist{*maybe_srvs}; - - while (not sublist.is_finished()) - { - SRVs.emplace_back(sublist.consume_string()); - } - } - - time_signed = std::chrono::milliseconds{btdc.require("t")}; - signature.from_string(btdc.require("z")); - } - catch (...) - { - log::critical(logcat, "IntroSetOld failed to decode bt payload!"); - throw; - } - } - - std::string IntroSetOld::bt_encode() const - { - oxenc::bt_dict_producer btdp; - - try - { - { - auto subdict = btdp.append_dict("a"); - address_keys.bt_encode(subdict); - } - - if (exit_policy) - { - exit_policy->bt_encode(btdp.append_dict("e")); - } - - { - auto sublist = btdp.append_list("i"); - for (auto& i : intros) - i.bt_encode(sublist); - } - - if (not supported_protocols.empty()) - { - auto sublist = btdp.append_list("p"); - for (auto& p : supported_protocols) - sublist.append(static_cast(p)); - } - - if (not _routed_ranges.empty()) - { - auto sublist = btdp.append_list("r"); - for (auto& r : _routed_ranges) - r.bt_encode(sublist); - } - - if (not SRVs.empty()) - { - auto sublist = btdp.append_list("s"); - for (auto& s : SRVs) - sublist.append(s.bt_encode()); - } - - btdp.append("t", time_signed.count()); - btdp.append("z", signature.to_view()); - } - catch (...) - { - log::critical(logcat, "Error: IntroSetOld failed to bt encode contents!"); - } - - return std::move(btdp).str(); - } - - bool IntroSetOld::HasExpiredIntros(std::chrono::milliseconds now) const - { - for (const auto& intro : intros) - if (now >= intro.expiry) - return true; - return false; - } - - bool IntroSetOld::HasStaleIntros(std::chrono::milliseconds now, std::chrono::milliseconds delta) const - { - for (const auto& intro : intros) - if (intro.expires_soon(delta, now)) - return true; - return false; - } - - bool IntroSetOld::IsExpired(std::chrono::milliseconds now) const - { - return GetNewestIntroExpiration() < now; - } - - std::vector IntroSetOld::GetMatchingSRVRecords(std::string_view service_proto) const - { - std::vector records; - - for (const auto& srv : SRVs) - { - if (srv.service_proto == service_proto) - { - records.push_back(srv); - } - } - - return records; - } - - bool IntroSetOld::verify(std::chrono::milliseconds now) const - { - IntroSetOld copy; - copy = *this; - copy.signature.zero(); - - auto bte = copy.bt_encode(); - - if (!address_keys.verify(reinterpret_cast(bte.data()), bte.size(), signature)) - { - return false; - } - // valid timestamps - // add max clock skew - now += MAX_INTROSET_TIME_DELTA; - for (const auto& intro : intros) - { - if (intro.expiry > now && intro.expiry - now > path::DEFAULT_LIFETIME) - { - return false; - } - } - return not IsExpired(now); - } - - std::chrono::milliseconds IntroSetOld::GetNewestIntroExpiration() const - { - std::chrono::milliseconds maxTime = 0s; - for (const auto& intro : intros) - maxTime = std::max(intro.expiry, maxTime); - return maxTime; - } - - std::string IntroSetOld::to_string() const - { - return "[IntroSetOld addressKeys={} intros={{}} topic={} signedAt={} v={} sig={}]"_format( - address_keys.to_string(), - "{}"_format(fmt::join(intros, ",")), - time_signed.count(), - version, - signature.to_view()); - } -} // namespace llarp::service diff --git a/llarp/service/intro_set.hpp b/llarp/service/intro_set.hpp deleted file mode 100644 index fb433ad79f..0000000000 --- a/llarp/service/intro_set.hpp +++ /dev/null @@ -1,160 +0,0 @@ -#pragma once - -#include "info.hpp" -#include "intro.hpp" -#include "types.hpp" - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -namespace llarp::service -{ - constexpr std::size_t MAX_INTROSET_SIZE = 4096; - // 10 seconds clock skew permitted for introset expiration - constexpr std::chrono::milliseconds MAX_INTROSET_TIME_DELTA = 10s; - - struct IntroSetOld - { - ServiceInfo address_keys; - IntroductionSet_old intros; - std::vector SRVs; - std::chrono::milliseconds time_signed = 0s; - - IntroSetOld() = default; - - explicit IntroSetOld(std::string bt_payload); - - /// ethertypes we advertise that we speak - std::vector supported_protocols; - /// aonnuce that these ranges are reachable via our endpoint - /// only set when we support exit traffic ethertype is supported - std::set _routed_ranges; // TESTNET: TOFIX: Move into exit policy! - - /// policies about traffic that we are willing to carry - /// a protocol/range whitelist or blacklist - /// only set when we support exit traffic ethertype - std::optional exit_policy = std::nullopt; - - Signature signature; - uint64_t version = llarp::constants::proto_version; - - bool OtherIsNewer(const IntroSetOld& other) const { return time_signed < other.time_signed; } - - std::string to_string() const; - - std::chrono::milliseconds GetNewestIntroExpiration() const; - - bool HasExpiredIntros(std::chrono::milliseconds now) const; - - /// return true if any of our intros expires soon given a delta - bool HasStaleIntros(std::chrono::milliseconds now, std::chrono::milliseconds delta) const; - - bool IsExpired(std::chrono::milliseconds now) const; - - std::vector GetMatchingSRVRecords(std::string_view service_proto) const; - - std::string bt_encode() const; - - bool bt_decode(std::string_view buf); - - void bt_decode(oxenc::bt_dict_consumer& btdc); - - bool verify(std::chrono::milliseconds now) const; - - nlohmann::json ExtractStatus() const; - - static constexpr bool to_string_formattable = true; - }; - - inline bool operator<(const IntroSetOld& lhs, const IntroSetOld& rhs) - { - return lhs.address_keys < rhs.address_keys; - } - - inline bool operator==(const IntroSetOld& lhs, const IntroSetOld& rhs) - { - return std::tie(lhs.address_keys, lhs.intros, lhs.time_signed, lhs.version, lhs.signature) - == std::tie(rhs.address_keys, rhs.intros, rhs.time_signed, rhs.version, rhs.signature); - } - - inline bool operator!=(const IntroSetOld& lhs, const IntroSetOld& rhs) - { - return !(lhs == rhs); - } - - /// public version of the introset that is encrypted - struct EncryptedIntroSet - { - private: - explicit EncryptedIntroSet(std::string bt_payload); - bool bt_decode(oxenc::bt_dict_consumer& btdc); - - public: - PubKey derived_signing_key; - std::chrono::milliseconds signed_at = 0s; - ustring introset_payload; - SymmNonce nonce; - Signature sig; - - EncryptedIntroSet() = default; - - explicit EncryptedIntroSet( - std::string signing_key, - std::chrono::milliseconds signed_at, - std::string enc_payload, - std::string nonce, - std::string sig); - - bool sign(const Ed25519PrivateData& k); - - bool is_expired(std::chrono::milliseconds now = time_now_ms()) const; - - std::string bt_encode() const; - - bool bt_decode(std::string_view buf); - - bool other_is_newer(const EncryptedIntroSet& other) const; - - /// verify signature and timestamp - bool verify() const; - - // this constructor will throw if ::bt_decode fails - static std::optional construct(std::string bt); - - std::string to_string() const; - - nlohmann::json ExtractStatus() const; - - std::optional decrypt(const PubKey& root) const; - static constexpr bool to_string_formattable = true; - }; - - inline bool operator<(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs) - { - return lhs.derived_signing_key < rhs.derived_signing_key; - } - - inline bool operator==(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs) - { - return std::tie(lhs.signed_at, lhs.derived_signing_key, lhs.nonce, lhs.sig) - == std::tie(rhs.signed_at, rhs.derived_signing_key, rhs.nonce, rhs.sig); - } - - inline bool operator!=(const EncryptedIntroSet& lhs, const EncryptedIntroSet& rhs) - { - return !(lhs == rhs); - } - - using EncryptedIntroSetLookupHandler = std::function&)>; - using IntroSetLookupHandler = std::function&)>; - -} // namespace llarp::service diff --git a/llarp/service/name.hpp b/llarp/service/name.hpp deleted file mode 100644 index c524af4231..0000000000 --- a/llarp/service/name.hpp +++ /dev/null @@ -1,96 +0,0 @@ -#pragma once - -#include -#include - -#include - -namespace llarp -{ - struct NetworkAddress; - - namespace service - { - /** Holds an entire ONS Record returned from a succfessful request to the `lookup_name` endpoint. - When transmitted over the wire back to the calling instance, it is bt-encoded and the ONS hash - ('ciphertext') is decrypted using the ons_name. - - bt-encoded keys: - 'c' : ciphertext - 'n' : nonce - */ - struct EncryptedONSRecord - { - private: - explicit EncryptedONSRecord(std::string bt); - bool bt_decode(oxenc::bt_dict_consumer& btdc); - - public: - SymmNonce nonce; - std::string ciphertext; - - EncryptedONSRecord() = default; - - static std::optional construct(std::string bt); - - std::string bt_encode() const; - - bool bt_decode(std::string bt); - - std::optional decrypt(std::string_view ons_name) const; - }; - - /// check if an ons name complies with the registration rules - inline bool is_valid_ons(std::string_view ons_name) - { - // make sure it ends with .loki because no fucking shit right? - if (not ons_name.ends_with(".loki")) - return false; - - // strip off .loki suffix - ons_name.remove_suffix(5); - - // ensure chars are sane - for (const auto ch : ons_name) - { - if (ch == '-') - continue; - if (ch == '.') - continue; - if (ch >= 'a' and ch <= 'z') - continue; - if (ch >= '0' and ch <= '9') - continue; - return false; - } - - // split into domain parts - const auto parts = split(ons_name, "."); - - // get root domain - const auto primaryName = parts[parts.size() - 1]; - constexpr size_t MaxNameLen = 32; - constexpr size_t MaxPunycodeNameLen = 63; - - // check against lns name blacklist - if (primaryName == "localhost") - return false; - if (primaryName == "loki") - return false; - if (primaryName == "snode") - return false; - // check for dashes - if (primaryName.find("-") == std::string_view::npos) - return primaryName.size() <= MaxNameLen; - // check for dashes and end or beginning - if (*primaryName.begin() == '-' or *(primaryName.end() - 1) == '-') - return false; - // check for punycode name length - if (primaryName.size() > MaxPunycodeNameLen) - return false; - // check for xn-- - return (primaryName[2] == '-' and primaryName[3] == '-') ? (primaryName[0] == 'x' and primaryName[1] == 'n') - : true; - } - } // namespace service -} // namespace llarp diff --git a/llarp/service/types.cpp b/llarp/service/types.cpp deleted file mode 100644 index 91148cb26b..0000000000 --- a/llarp/service/types.cpp +++ /dev/null @@ -1,145 +0,0 @@ -#include "types.hpp" - -#include - -namespace llarp::service::util -{ - // void ExpireSNodeSessions(std::chrono::milliseconds now, SNodeConnectionMap& sessions) - // { - // auto itr = sessions.begin(); - // while (itr != sessions.end()) - // { - // if (itr->second->ShouldRemove() && itr->second->IsStopped()) - // { - // itr = sessions.erase(itr); - // continue; - // } - // // expunge next tick - // if (itr->second->IsExpired(now)) - // { - // itr->second->Stop(); - // } - // else - // { - // itr->second->Tick(now); - // } - - // ++itr; - // } - // } - - // void DeregisterDeadSessions(std::chrono::milliseconds now, ConnectionMap& sessions) - // { - // auto itr = sessions.begin(); - // while (itr != sessions.end()) - // { - // if (itr->second->IsDone(now)) - // { - // itr = sessions.erase(itr); - // } - // else - // { - // ++itr; - // } - // } - // } - - // void TickRemoteSessions( - // std::chrono::milliseconds now, - // ConnectionMap& remoteSessions, - // ConnectionMap& deadSessions, - // std::unordered_map& sessions) - // { - // auto itr = remoteSessions.begin(); - // while (itr != remoteSessions.end()) - // { - // itr->second->Tick(now); - // if (itr->second->Pump(now)) - // { - // LogInfo( - // "marking session as dead T=", - // itr->second->get_current_tag(), - // " to ", - // itr->second->Addr()); - // itr->second->Stop(); - // sessions.erase(itr->second->get_current_tag()); - // deadSessions.emplace(std::move(*itr)); - // itr = remoteSessions.erase(itr); - // } - // else - // { - // ++itr; - // } - // } - // for (auto& item : deadSessions) - // { - // item.second->Tick(now); - // } - // } - - // void ExpireConvoSessions( - // std::chrono::milliseconds now, std::unordered_map& sessions) - // { - // auto itr = sessions.begin(); - // while (itr != sessions.end()) - // { - // if (itr->second.IsExpired(now)) - // { - // LogInfo("Expire session T=", itr->first, " to ", itr->second.Addr()); - // itr = sessions.erase(itr); - // } - // else - // ++itr; - // } - // } - - // void StopRemoteSessions(ConnectionMap& remoteSessions) - // { - // for (auto& item : remoteSessions) - // { - // item.second->Stop(); - // } - // } - - // void StopSnodeSessions(SNodeConnectionMap& sessions) - // { - // for (auto& item : sessions) - // { - // item.second->Stop(); - // } - // } - - // bool HasPathToService(const Address& addr, const ConnectionMap& remoteSessions) - // { - // auto range = remoteSessions.equal_range(addr); - // auto itr = range.first; - // while (itr != range.second) - // { - // if (itr->second->ReadyToSend()) - // return true; - // ++itr; - // } - // return false; - // } - - // bool GetConvoTagsForService( - // const std::unordered_map& sessions, - // const Address& info, - // std::set& tags) - // { - // bool inserted = false; - // auto itr = sessions.begin(); - // while (itr != sessions.end()) - // { - // if (itr->second.remote.Addr() == info) - // { - // if (tags.emplace(itr->first).second) - // { - // inserted = true; - // } - // } - // ++itr; - // } - // return inserted; - // } -} // namespace llarp::service::util diff --git a/llarp/service/types.hpp b/llarp/service/types.hpp deleted file mode 100644 index 6d025a9c40..0000000000 --- a/llarp/service/types.hpp +++ /dev/null @@ -1,123 +0,0 @@ -#pragma once - -#include -#include - -#include -#include -#include -#include - -/** TODO: - - The commented functions are utilities for managing sessions to remote hidden services. They - need to be redefined with the correct parameters and called from service::Handler, as - service::Endpoint is for local hidden service management - - ^^ Is this still true...? -*/ - -using namespace std::literals; - -namespace llarp -{ - namespace session - { - struct OutboundSession; - } - namespace path - { - struct Path; - } - namespace routing - { - struct PathTransferMessage; - } - - namespace service - { - // Supported protocol types; the values are given explicitly because they are specifically - // used when sending over the wire. - enum class ProtocolType : uint64_t - { - CONTROL = 0UL, - IPV4 = 1UL, - IPV6 = 2UL, - EXIT = 3UL, - AUTH = 4UL, - TCP2QUIC = 5UL, - }; - - inline constexpr std::string_view to_string(ProtocolType t) - { - return t == ProtocolType::CONTROL ? "Control"sv - : t == ProtocolType::IPV4 ? "TrafficV4"sv - : t == ProtocolType::IPV6 ? "TrafficV6"sv - : t == ProtocolType::EXIT ? "Exit"sv - : t == ProtocolType::AUTH ? "Auth"sv - : t == ProtocolType::TCP2QUIC ? "TCP->QUIC"sv - : "(unknown-protocol-type)"sv; - } - - // namespace util - // { - // static void ExpireSNodeSessions(/* std::chrono::milliseconds now, SNodeConnectionMap& sessions */); - - // static void DeregisterDeadSessions(/* std::chrono::milliseconds now, ConnectionMap& sessions */); - - // static void TickRemoteSessions( - // /* std::chrono::milliseconds now, - // ConnectionMap& remoteSessions, - // ConnectionMap& deadSessions, - // std::unordered_map& sessions */); - - // static void ExpireConvoSessions( - // /* std::chrono::milliseconds now, std::unordered_map& sessions */); - - // static void StopRemoteSessions(/* ConnectionMap& remoteSessions */); - - // static void StopSnodeSessions(/* SNodeConnectionMap& sessions */); - - // static bool HasPathToService( - // /* const Address& addr, const ConnectionMap& remoteSessions */); - - // static bool GetConvoTagsForService( - // /* const std::unordered_map& sessions, - // const Address& addr, - // std::set& tags */); - // } // namespace util - - // template - // static std:: - // unordered_set, path::Endpoint_Hash, path::endpoint_comparator> - // GetManyPathsWithUniqueEndpoints( - // /* Endpoint_t* ep, - // size_t N, - // std::optional maybeLocation = std::nullopt, - // size_t tries = 10 */) - // { - // // std::unordered_set exclude; - // std::unordered_set, path::Endpoint_Hash, path::endpoint_comparator> - // paths; - // // do - // // { - // // --tries; - // // std::shared_ptr path; - // // if (maybeLocation) - // // { - // // path = ep->GetEstablishedPathClosestTo(RouterID{maybeLocation->as_array()}, - // // exclude); - // // } - // // else - // // { - // // path = ep->PickRandomEstablishedPath(); - // // } - // // if (path and path->IsReady()) - // // { - // // paths.emplace(path); - // // exclude.insert(path->Endpoint()); - // // } - // // } while (tries > 0 and paths.size() < N); - // return paths; - // } - } // namespace service - -} // namespace llarp diff --git a/llarp/session/session.cpp b/llarp/session/session.cpp index 457f047956..5fb380ce99 100644 --- a/llarp/session/session.cpp +++ b/llarp/session/session.cpp @@ -56,7 +56,7 @@ namespace llarp::session _current_path = std::move(_new_path); - _current_hop_id = _current_path->intro_old.pivot_hop_id; + _current_hop_id = _current_path->intro.pivot_hid; if (_use_tun) _current_path->link_session([this](bstring data) { diff --git a/llarp/session/session.hpp b/llarp/session/session.hpp index 71a9ae5a58..8db1de9d0c 100644 --- a/llarp/session/session.hpp +++ b/llarp/session/session.hpp @@ -3,9 +3,9 @@ #include #include #include +#include #include #include -#include #include diff --git a/llarp/vpn/egres_packet_router.hpp b/llarp/vpn/egres_packet_router.hpp index 1963eca553..98544d4cd1 100644 --- a/llarp/vpn/egres_packet_router.hpp +++ b/llarp/vpn/egres_packet_router.hpp @@ -2,7 +2,6 @@ #include #include -#include #include #include diff --git a/llarp/vpn/linux.hpp b/llarp/vpn/linux.hpp index 55c3ab3fc8..ca209bdddd 100644 --- a/llarp/vpn/linux.hpp +++ b/llarp/vpn/linux.hpp @@ -28,6 +28,8 @@ namespace llarp::vpn inline constexpr ipv4 ipv4_subnet{255, 255, 255, 255}; + inline constexpr std::array if_ipv6_addrs{ipv6{}, ipv6{0x4000}, ipv6{0x8000}, ipv6{0xc000}}; + struct in6_ifreq { in6_addr addr; @@ -219,20 +221,6 @@ namespace llarp::vpn auto in6 = v6.to_in6(); std::memcpy(&data, &in6, sizeof(in6_addr)); } - - _inet_addr(net::ipv4addr_t addr, size_t bits = 32) - { - family = AF_INET; - bitlen = bits; - std::memcpy(data, &addr.n, 4); - } - - _inet_addr(net::ipv6addr_t addr, size_t bits = 128) - { - family = AF_INET6; - bitlen = bits; - std::memcpy(data, &addr.n, 16); - } }; void make_blackhole(int cmd, int flags, int af) @@ -336,10 +324,10 @@ namespace llarp::vpn if (const auto maybe6 = Net().get_interface_ipv6_addr(info.ifname)) { const _inet_addr gateway6{*maybe6}; - for (const std::string str : {"::", "4000::", "8000::", "c000::"}) + + for (const auto& v6 : if_ipv6_addrs) { - const _inet_addr hole6{net::ipv6addr_t::from_string(str), 2}; - make_route(cmd, flags, hole6, gateway6, GatewayMode::eUpperDefault, info.index); + make_route(cmd, flags, _inet_addr{v6}, gateway6, GatewayMode::eUpperDefault, info.index); } } } diff --git a/test/service/test_llarp_service_identity.cpp b/test/service/test_llarp_service_identity.cpp index 1a2b29f166..bc819631cf 100644 --- a/test/service/test_llarp_service_identity.cpp +++ b/test/service/test_llarp_service_identity.cpp @@ -1,9 +1,6 @@ #include -#include #include #include -#include -#include #include #include