Archives
/
lokinet
mirror of https://github.com/oxen-io/lokinet
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ubuntu/noble
ubuntu/mantic
quic-wip
dev
dev-next
opensuse/tumbleweed
ubuntu/lunar
ubuntu/kinetic
ubuntu/jammy
ubuntu/focal
ubuntu/bionic
debian/buster
debian/bullseye
debian/bookworm
debian/sid
fedora/36
fedora/37
stable
makepkg
fedora/35
ubuntu/impish
fedora/34
centos/8
ubuntu/hirsute
ubuntu/groovy
v0.9.11
v0.9.10
v0.9.9
v0.9.8
v0.9.7
v0.9.6
v0.9.5
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.1-rc3
v0.8.1-rc2
v0.8.1-rc1
v0.7.1
v0.7.0
v0.7.0-rc3
v0.7.0-rc2
v0.7.0-rc1
v0.6.4
v0.6.2
v0.6.1
v0.6.0
v0.6.0-rc2
v0.6.0-rc1
v0.5.2
v0.5.0
v0.4.2½
v0.4.2
v0.4.1
v0.4.0-release
0.4.0-release
v0.4.0
v0.4.0-rc3
v0.4.0-rc2
v0.3.1
0.3.0-neuro1
v0.2.3-rc1
v0.2.2
v0.2.1
v0.1.0
v0.0.3
0.2.3-neuro0
0.6.1
rm
v0.0.1
v0.0.2
v0.3.0
v0.4.3
v0.5.1
v0.6.3
v0.7
v0.8.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2a8fc53ca6'
${ noResults }
lokinet/llarp/link/utp.cpp

577 lines
15 KiB
C++
Raw Normal View History Unescape Escape

implement utp link protocol gut curvecp for now
6 years ago
#include <llarp/link/utp.hpp>
#include "router.hpp"
#include <llarp/messages/link_intro.hpp>
#include <llarp/buffer.hpp>
#include <llarp/endian.h>
#include <utp.h>
namespace llarp
{
namespace utp
{
constexpr size_t FragmentBufferSize = 1088;
constexpr size_t FragmentHashSize = 32;
constexpr size_t FragmentNonceSize = 24;
constexpr size_t FragmentOverheadSize =
FragmentHashSize + FragmentNonceSize;
constexpr size_t FragmentBodySize =
FragmentBufferSize - FragmentOverheadSize;
#ifdef __int128
typedef unsigned __int128 Long_t;
#else
typedef uint64_t Long_t;
#endif
typedef llarp::AlignedBuffer< FragmentBufferSize, false, Long_t >
FragmentBuffer;
typedef llarp::AlignedBuffer< MAX_LINK_MSG_SIZE, false, Long_t >
MessageBuffer;
struct LinkLayer;
struct BaseSession : public ILinkSession
{
utp_socket* sock;
llarp_router* router;
RouterContact remoteRC;
Addr remoteAddr;
SharedSecret sessionKey;
llarp_time_t lastActive;
llarp_time_t sessionTimeout = 10 * 1000;
std::queue< FragmentBuffer > sendq;
FragmentBuffer recvBuf;
size_t recvBufOffset = 0;
MessageBuffer recvMsg;
size_t recvMsgOffset = 0;
enum State
{
eInitial,
eConnecting,
eLinkEstablished, // when utp connection is established
eCryptoHandshake, // crypto handshake initiated
eSessionReady, // session is ready
eClose // utp connection is closed
};
State state;
virtual void
LinkEstablished() = 0;
void
EnterState(State st)
{
state = st;
lastActive = llarp_time_now_ms();
}
BaseSession(llarp_router* r, utp_socket* s);
virtual ~BaseSession();
void
Pump()
{
// TODO: use utp_writev
while(sendq.size())
{
auto& front = sendq.front();
write_ll(front.data(), front.size());
sendq.pop();
}
}
void
write_ll(void* buf, size_t sz)
{
llarp::LogDebug("utp_write ", sz, " bytes to ", remoteAddr);
ssize_t wrote = utp_write(sock, buf, sz);
if(wrote < 0)
{
llarp::LogWarn("utp_write returned ", wrote);
}
llarp::LogDebug("utp_write wrote ", wrote, " bytes to ", remoteAddr);
}
bool
VerifyThenDecrypt(FragmentBuffer& buf)
{
ShortHash digest;
if(!router->crypto.hmac(
digest,
InitBuffer(buf.data() + FragmentHashSize,
FragmentBufferSize - FragmentHashSize),
sessionKey))
{
llarp::LogError("keyed hash failed");
return false;
}
if(digest != ShortHash(buf.data()))
{
llarp::LogError("Message Integrity Failed");
return false;
}
AlignedBuffer< FragmentNonceSize > nonce(buf.data() + FragmentHashSize);
auto body = InitBuffer(buf.data() + FragmentOverheadSize,
FragmentBufferSize - FragmentOverheadSize);
router->crypto.xchacha20(body, sessionKey, nonce);
uint32_t upper, lower;
if(!(llarp_buffer_read_uint32(&body, &upper)
&& llarp_buffer_read_uint32(&body, &lower)))
return false;
bool fragmentEnd = upper == 0;
if(lower > recvMsgOffset + recvMsg.size())
{
llarp::LogError("Fragment too big: ", lower, " bytes");
return false;
}
byte_t* ptr = recvMsg.data() + recvMsgOffset;
memcpy(ptr, body.cur, lower);
recvMsgOffset += lower;
if(fragmentEnd)
{
// got a message
auto msgbuf = InitBuffer(recvMsg.data(), recvMsgOffset);
recvMsgOffset = 0;
return router->HandleRecvLinkMessageBuffer(this, msgbuf);
}
return true;
}
void
EncryptThenHash(FragmentBuffer& buf, const byte_t* ptr, uint32_t sz,
bool isLastFragment)
{
buf.Randomize();
const byte_t* nonce = buf.data() + FragmentHashSize;
byte_t* body = buf.data() + FragmentOverheadSize;
byte_t* base = body;
if(isLastFragment)
htobe32buf(body, 0);
body += sizeof(uint32_t);
htobe32buf(body, sz);
body += sizeof(uint32_t);
memcpy(body, ptr, sz);
auto payload = InitBuffer(base, FragmentBodySize);
router->crypto.xchacha20(payload, sessionKey, nonce);
router->crypto.hmac(buf, payload, sessionKey);
}
bool
SendMessageBuffer(llarp_buffer_t buf)
{
if(state != eSessionReady)
return false;
size_t sz = buf.sz;
while(sz)
{
uint32_t s =
std::min((FragmentBodySize - (llarp_randint() % 128)), sz);
sendq.emplace();
EncryptThenHash(sendq.back(), buf.cur, s, ((sz - s) == 0));
buf.cur += s;
sz -= s;
}
return true;
}
void
DoKeyExchange(llarp_transport_dh_func dh, const KeyExchangeNonce& n,
const PubKey& other, const SecretKey& secret)
{
if(!dh(sessionKey, other, secret, n))
{
llarp::LogError("key exchange with ", other, " failed");
SendClose();
return;
}
EnterState(eSessionReady);
}
void
Tick(llarp_time_t now)
{
}
bool
SendKeepAlive()
{
return true;
}
void
SendClose()
{
if(state != eClose)
{
utp_set_userdata(sock, nullptr);
utp_close(sock);
}
EnterState(eClose);
sock = nullptr;
}
bool
IsEstablished() const
{
return state == eSessionReady;
}
bool
Recv(const void* buf, size_t sz)
{
const byte_t* ptr = (const byte_t*)buf;
llarp::LogDebug("utp read ", sz, " from ", remoteAddr);
while(sz + recvBufOffset > FragmentBufferSize)
{
memcpy(recvBuf.data() + recvBufOffset, ptr, FragmentBufferSize);
sz -= FragmentBufferSize;
ptr += FragmentBufferSize;
VerifyThenDecrypt(recvBuf);
recvBufOffset = 0;
}
memcpy(recvBuf.data() + recvBufOffset, ptr, sz);
if(sz + recvBufOffset <= FragmentBufferSize)
{
recvBufOffset = 0;
VerifyThenDecrypt(recvBuf);
}
else
recvBufOffset += sz;
return true;
}
void
RecvHandshake(const void* buf, size_t sz, ILinkLayer* parent)
{
if((recvBuf.size() - recvBufOffset) < sz)
{
llarp::LogInfo("handshake too big");
SendClose();
return;
}
memcpy(recvBuf.data() + recvBufOffset, buf, sz);
recvBufOffset += sz;
if(recvBufOffset > 8)
{
// process handshake header
uint8_t* ptr = recvBuf.data();
uint32_t version = bufbe32toh(ptr);
if(version != LLARP_PROTO_VERSION)
{
llarp::LogWarn("protocol version missmatch ", version,
" != ", LLARP_PROTO_VERSION);
return;
}
ptr += sizeof(uint32_t);
uint32_t limsz = bufbe32toh(ptr);
ptr += sizeof(uint32_t);
if(((sizeof(uint32_t) * 2) + limsz) > sz)
{
// not enough data
// TODO: don't bail here, continue reading
SendClose();
}
LinkIntroMessage msg(this);
auto mbuf = InitBuffer(ptr, limsz);
if(!msg.BDecode(&mbuf))
{
llarp::LogError("malfromed LIM from ", remoteAddr);
return;
}
if(!msg.HandleMessage(router))
{
llarp::LogError("failed to handle LIM from ", remoteAddr);
SendClose();
return;
}
remoteRC = msg.rc;
DoKeyExchange(router->crypto.dh_server, msg.N, msg.rc.enckey,
parent->TransportSecretKey());
}
}
bool
TimedOut(llarp_time_t now) const
{
if(now < lastActive)
return false;
return lastActive - now > sessionTimeout;
}
const PubKey&
GetPubKey() const
{
return remoteRC.pubkey;
}
const Addr&
GetRemoteEndpoint() const
{
return remoteAddr;
}
void
MarkEstablished();
};
struct LinkLayer : public ILinkLayer
{
utp_context* _utp_ctx = nullptr;
static uint64
OnRead(utp_callback_arguments* arg)
{
BaseSession* self =
static_cast< BaseSession* >(utp_get_userdata(arg->socket));
if(self)
{
if(self->IsEstablished())
self->Recv(arg->buf, arg->len);
else
{
LinkLayer* parent = static_cast< LinkLayer* >(
utp_context_get_userdata(arg->context));
self->RecvHandshake(arg->buf, arg->len, parent);
}
utp_read_drained(arg->socket);
}
else
{
llarp::LogWarn("utp_socket got data with no underlying session");
}
return 0;
}
static uint64
SendTo(utp_callback_arguments* arg)
{
LinkLayer* l =
static_cast< LinkLayer* >(utp_context_get_userdata(arg->context));
llarp_ev_udp_sendto(&l->m_udp, arg->address, arg->buf, arg->len);
return 0;
}
static uint64
OnConnect(utp_callback_arguments* arg)
{
BaseSession* session =
static_cast< BaseSession* >(utp_get_userdata(arg->socket));
session->LinkEstablished();
return 0;
}
static uint64
OnAccept(utp_callback_arguments*);
LinkLayer(llarp_router* r) : ILinkLayer(r)
{
_utp_ctx = utp_init(2);
utp_context_set_userdata(_utp_ctx, this);
utp_set_callback(_utp_ctx, UTP_SENDTO, &LinkLayer::SendTo);
utp_set_callback(_utp_ctx, UTP_ON_ACCEPT, &LinkLayer::OnAccept);
utp_set_callback(_utp_ctx, UTP_ON_CONNECT, &LinkLayer::OnConnect);
utp_set_callback(_utp_ctx, UTP_ON_READ, &LinkLayer::OnRead);
}
~LinkLayer()
{
utp_destroy(_utp_ctx);
}
uint16_t
Rank() const
{
return 1;
}
void
RecvFrom(const Addr& from, const void* buf, size_t sz)
{
utp_process_udp(_utp_ctx, (const byte_t*)buf, sz, from, from.SockLen());
}
void
Pump()
{
utp_check_timeouts(_utp_ctx);
utp_issue_deferred_acks(_utp_ctx);
ILinkLayer::Pump();
}
void
Stop()
{
}
bool
KeyGen(SecretKey& k)
{
m_router->crypto.encryption_keygen(k);
return true;
}
ILinkSession*
NewOutboundSession(const RouterContact& rc, const AddressInfo& addr);
ILinkSession*
NewInboundSession(const Addr& addr);
utp_socket*
NewSocket()
{
return utp_create_socket(_utp_ctx);
}
const char*
Name() const
{
return "utp";
}
};
std::unique_ptr< ILinkLayer >
NewServer(llarp_router* r)
{
return std::unique_ptr< ILinkLayer >(new LinkLayer(r));
}
struct OutboundSession : public BaseSession
{
PubKey remoteTransportPubKey;
OutboundSession(llarp_router* r, utp_socket* s, const RouterContact& rc,
const AddressInfo& addr)
: BaseSession(r, s)
{
remoteRC = rc;
remoteAddr = addr;
remoteTransportPubKey = addr.pubkey;
}
void
LinkEstablished()
{
llarp::LogDebug("link established with ", remoteAddr);
EnterState(eLinkEstablished);
KeyExchangeNonce nonce;
nonce.Randomize();
SendHandshake(nonce);
EnterState(eCryptoHandshake);
DoKeyExchange(router->crypto.dh_client, nonce, remoteTransportPubKey,
router->encryption);
}
// send our RC to the remote
void
SendHandshake(const KeyExchangeNonce& n)
{
byte_t tmp[MAX_RC_SIZE + 128] = {0};
auto buf = StackBuffer< decltype(tmp) >(tmp);
// fastforward buffer for handshake to fit before
buf.cur += sizeof(uint32_t) * 2;
LinkIntroMessage msg(this);
msg.rc = router->rc;
msg.N = n;
if(!msg.BEncode(&buf))
return;
uint32_t sz = buf.cur - buf.base;
sz -= sizeof(uint32_t) * 2;
// write handshake header
buf.cur = buf.base;
llarp_buffer_put_uint32(&buf, LLARP_PROTO_VERSION);
llarp_buffer_put_uint32(&buf, sz);
// send it
write_ll(buf.base, sz);
}
void
Start()
{
utp_connect(sock, remoteAddr, remoteAddr.SockLen());
EnterState(eConnecting);
}
};
struct InboundSession : public BaseSession
{
InboundSession(llarp_router* r, utp_socket* s, const Addr& addr)
: BaseSession(r, s)
{
remoteAddr = addr;
}
void
Start()
{
}
void
LinkEstablished()
{
EnterState(eLinkEstablished);
}
};
BaseSession::BaseSession(llarp_router* r, utp_socket* s)
{
router = r;
sock = s;
utp_set_userdata(sock, this);
lastActive = llarp_time_now_ms();
}
BaseSession::~BaseSession()
{
}
ILinkSession*
LinkLayer::NewOutboundSession(const RouterContact& rc,
const AddressInfo& addr)
{
return new OutboundSession(m_router, utp_create_socket(_utp_ctx), rc,
addr);
}
ILinkSession*
LinkLayer::NewInboundSession(const Addr& addr)
{
return nullptr;
}
uint64
LinkLayer::OnAccept(utp_callback_arguments* arg)
{
LinkLayer* self =
static_cast< LinkLayer* >(utp_context_get_userdata(arg->context));
Addr remote(*arg->address);
llarp::LogDebug("utp accepted from ", remote);
if(self->HasSessionVia(remote))
{
// TODO should we do this?
llarp::LogWarn(
"utp socket closed because we already have a session "
"via ",
remote);
utp_close(arg->socket);
return 0;
}
InboundSession* session =
new InboundSession(self->m_router, arg->socket, remote);
self->PutSession(remote, session);
session->LinkEstablished();
return 0;
}
} // namespace utp
} // namespace llarp