* wire up jsonrpc caller for lokid integration

* add jsonrpc caller http basic auth
5 years ago · 18c4107ff6
parent 519cec50ac
commit 18c4107ff6
7 changed files with 145 additions and 23 deletions
--- a/llarp/ev/ev.cpp
+++ b/llarp/ev/ev.cpp
@ -151,7 +151,7 @@ llarp_ev_add_tun(struct llarp_ev_loop *loop, struct llarp_tun_io *tun)
  if(strcmp(tun->ifaddr, "") == 0 || strcmp(tun->ifaddr, "auto"))
  {
    std::string ifaddr = llarp::findFreePrivateRange();
-    auto pos = ifaddr.find("/");
+    auto pos           = ifaddr.find("/");
    if(pos == std::string::npos)
    {
      llarp::LogWarn("Auto ifaddr didn't return a netmask: ", ifaddr);
@ -169,15 +169,17 @@ llarp_ev_add_tun(struct llarp_ev_loop *loop, struct llarp_tun_io *tun)
      llarp::LogError("bad ifaddr netmask value: ", ifaddr);
      return false;
    }
-    tun->netmask = num;
+    tun->netmask           = num;
    const std::string addr = ifaddr.substr(0, pos);
-    std::copy_n(addr.begin(), std::min(sizeof(tun->ifaddr), addr.size()), tun->ifaddr);
+    std::copy_n(addr.begin(), std::min(sizeof(tun->ifaddr), addr.size()),
+                tun->ifaddr);
    llarp::LogInfo("IfAddr autodetect: ", tun->ifaddr, "/", tun->netmask);
  }
  if(strcmp(tun->ifname, "") == 0 || strcmp(tun->ifname, "auto"))
  {
    std::string ifname = llarp::findFreeLokiTunIfName();
-    std::copy_n(ifname.begin(), std::min(sizeof(tun->ifname), ifname.size()), tun->ifname);
+    std::copy_n(ifname.begin(), std::min(sizeof(tun->ifname), ifname.size()),
+                tun->ifname);
    llarp::LogInfo("IfName autodetect: ", tun->ifname);
  }
  llarp::LogDebug("Tun Interface will use the following settings:");
--- a/llarp/router/router.cpp
+++ b/llarp/router/router.cpp
@ -1002,6 +1002,21 @@ namespace llarp
      }
      llarp::LogInfo("Bound RPC server to ", rpcBindAddr);
    }
+    if(whitelistRouters)
+    {
+      rpcCaller = std::make_unique<llarp::rpc::Caller>(this);
+      rpcCaller->SetBasicAuth(lokidRPCUser, lokidRPCPassword);
+      while(!rpcCaller->Start(lokidRPCAddr))
+      {
+        llarp::LogError("failed to start jsonrpc caller to ", lokidRPCAddr);
+#if defined(ANDROID) || defined(RPI)
+        sleep(1);
+#else
+        std::this_thread::sleep_for(std::chrono::seconds(1));
+#endif
+      }
+      llarp::LogInfo("RPC Caller to ", lokidRPCAddr, " started");
+    }

    llarp_threadpool_start(tp);
    llarp_threadpool_start(disk);
@ -1590,6 +1605,14 @@ namespace llarp
      {
        self->lokidRPCAddr = val;
      }
+      if(StrEq(key, "username"))
+      {
+        self->lokidRPCUser = val;
+      }
+      if(StrEq(key, "password"))
+      {
+        self->lokidRPCPassword = val;
+      }
    }
    else if(StrEq(section, "dns"))
    {
@ -1662,7 +1685,8 @@ namespace llarp
      {
        self->transport_keyfile = val;
      }
-      if((StrEq(key, "identity-privkey") || StrEq(key, "ident-privkey")) && !self->usingSNSeed)
+      if((StrEq(key, "identity-privkey") || StrEq(key, "ident-privkey"))
+         && !self->usingSNSeed)
      {
        self->ident_keyfile = val;
      }
--- a/llarp/router/router.hpp
+++ b/llarp/router/router.hpp
@ -174,7 +174,9 @@ namespace llarp
    /// lokid caller
    const std::string DefaultLokidRPCAddr = "127.0.0.1:22023";
    std::unique_ptr< llarp::rpc::Caller > rpcCaller;
-    std::string lokidRPCAddr = DefaultLokidRPCAddr;
+    std::string lokidRPCAddr     = DefaultLokidRPCAddr;
+    std::string lokidRPCUser     = "";
+    std::string lokidRPCPassword = "";

    std::set< std::unique_ptr< llarp::ILinkLayer >,
              CompareLinks< llarp::ILinkLayer > >
--- a/llarp/rpc/rpc.cpp
+++ b/llarp/rpc/rpc.cpp
@ -3,6 +3,7 @@
 #include <router/router.hpp>

 #ifdef USE_ABYSS
+#include <util/encode.hpp>
 #include <libabyss.hpp>
 #endif

@ -14,8 +15,9 @@ namespace llarp

    struct CallerHandler : public ::abyss::http::IRPCClientHandler
    {
-      CallerHandler(::abyss::http::ConnImpl* impl)
-          : ::abyss::http::IRPCClientHandler(impl)
+      CallerImpl* m_Parent;
+      CallerHandler(::abyss::http::ConnImpl* impl, CallerImpl* parent)
+          : ::abyss::http::IRPCClientHandler(impl), m_Parent(parent)
      {
      }

@ -44,11 +46,7 @@ namespace llarp
      }

      void
-      PopulateReqHeaders(abyss::http::Headers_t& hdr)
-      {
-        (void)hdr;
-        // TODO: add http auth (?)
-      }
+      PopulateReqHeaders(abyss::http::Headers_t& hdr);
    };

    struct GetServiceNodeListHandler final : public CallerHandler
@ -61,8 +59,9 @@ namespace llarp
      }
      Callback_t handler;

-      GetServiceNodeListHandler(::abyss::http::ConnImpl* impl, Callback_t h)
-          : CallerHandler(impl), handler(h)
+      GetServiceNodeListHandler(::abyss::http::ConnImpl* impl,
+                                CallerImpl* parent, Callback_t h)
+          : CallerHandler(impl, parent), handler(h)
      {
      }

@ -96,7 +95,7 @@ namespace llarp
            if(str.size() != Base32DecodeSize(keys.back().size()))
            {
              keys.pop_back();
-            } 
+            }
            else if(!Base32Decode(str, keys.back()))
            {
              keys.pop_back();
@ -118,10 +117,13 @@ namespace llarp
    struct CallerImpl : public ::abyss::http::JSONRPC
    {
      Router* router;
-      llarp_time_t m_NextKeyUpdate = 0;
+      llarp_time_t m_NextKeyUpdate         = 0;
      const llarp_time_t KeyUpdateInterval = 1000 * 60 * 2;
      using PubkeyList_t = GetServiceNodeListHandler::PubkeyList_t;

+      std::string username;
+      std::string password;
+
      CallerImpl(Router* r) : ::abyss::http::JSONRPC(), router(r)
      {
      }
@ -137,6 +139,13 @@ namespace llarp
        Flush();
      }

+      void
+      SetBasicAuth(const std::string& user, const std::string& passwd)
+      {
+        username = user;
+        password = passwd;
+      }
+
      void
      AsyncUpdatePubkeyList()
      {
@ -158,7 +167,7 @@ namespace llarp
      NewAsyncUpdatePubkeyListConn(abyss::http::ConnImpl* impl)
      {
        return new GetServiceNodeListHandler(
-            impl,
+            impl, this,
            std::bind(&CallerImpl::HandleServiceNodeListUpdated, this,
                      std::placeholders::_1, std::placeholders::_2));
      }
@ -184,6 +193,18 @@ namespace llarp
      }
    };

+    void
+    CallerHandler::PopulateReqHeaders(abyss::http::Headers_t& hdr)
+    {
+      if(m_Parent->username.empty() || m_Parent->password.empty())
+        return;
+      std::stringstream ss;
+      ss << "Basic ";
+      std::string cred = m_Parent->username + ":" + m_Parent->password;
+      llarp::Base64Encode(ss, (const byte_t*)cred.c_str(), cred.size());
+      hdr.emplace("Authorization", ss.str());
+    }
+
    struct Handler : public ::abyss::httpd::IRPCHandler
    {
      Router* router;
@ -358,6 +379,11 @@ namespace llarp
      {
        (void)now;
      }
+
+      void
+      SetBasicAuth(const std::string&, const std::string&)
+      {
+      }
    };

 #endif
@ -389,6 +415,12 @@ namespace llarp
      m_Impl->Tick(now);
    }

+    void
+    Caller::SetBasicAuth(const std::string& user, const std::string& passwd)
+    {
+      m_Impl->SetBasicAuth(user, passwd);
+    }
+
    Server::Server(Router* r) : m_Impl(new ServerImpl(r))
    {
    }
--- a/llarp/rpc/rpc.hpp
+++ b/llarp/rpc/rpc.hpp
@ -40,6 +40,10 @@ namespace llarp
      Caller(Router* r);
      ~Caller();

+      /// set http basic auth for use with remote rpc endpoint
+      void
+      SetBasicAuth(const std::string& user, const std::string& password);
+
      /// start with jsonrpc endpoint address
      bool
      Start(const std::string& remote);
@ -48,10 +52,6 @@ namespace llarp
      void
      Stop();

-      /// test if a router is valid
-      bool
-      VerifyRouter(const PubKey& pk);
-
      /// do per second tick
      void
      Tick(llarp_time_t now);
--- a/llarp/service/endpoint.cpp
+++ b/llarp/service/endpoint.cpp
@ -512,7 +512,7 @@ namespace llarp
    Endpoint::Start()
    {
      // how can I tell if a m_Identity isn't loaded?
-      //this->LoadKeyFile();
+      // this->LoadKeyFile();
      if(!m_DataHandler)
      {
        m_DataHandler = this;
--- a/llarp/util/encode.hpp
+++ b/llarp/util/encode.hpp
@ -152,6 +152,68 @@ namespace llarp
    return sz == 0;
  }

+  static const char base64_table[] = {
+      'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+      'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+      'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+      'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+      '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'};
+
+  template < typename OStream_t >
+  void
+  Base64Encode(OStream_t& out, const uint8_t* src, size_t len)
+  {
+    size_t i       = 0;
+    size_t j       = 0;
+    uint8_t buf[4] = {0};
+    uint8_t tmp[3] = {0};
+    while(len--)
+    {
+      tmp[i++] = *(src++);
+      if(3 == i)
+      {
+        buf[0] = (tmp[0] & 0xfc) >> 2;
+        buf[1] = ((tmp[0] & 0x03) << 4) + ((tmp[1] & 0xf0) >> 4);
+        buf[2] = ((tmp[1] & 0x0f) << 2) + ((tmp[2] & 0xc0) >> 6);
+        buf[3] = tmp[2] & 0x3f;
+
+        // encode
+        for(i = 0; i < 4; ++i)
+        {
+          out << base64_table[buf[i]];
+        }
+        // reset
+        i = 0;
+      }
+    }
+
+    // remainder
+    if(i > 0)
+    {
+      // fill `tmp' with `\0' at most 3 times
+      for(j = i; j < 3; ++j)
+      {
+        tmp[j] = 0;
+      }
+
+      // encode remainder
+      buf[0] = (tmp[0] & 0xfc) >> 2;
+      buf[1] = ((tmp[0] & 0x03) << 4) + ((tmp[1] & 0xf0) >> 4);
+      buf[2] = ((tmp[1] & 0x0f) << 2) + ((tmp[2] & 0xc0) >> 6);
+      buf[3] = tmp[2] & 0x3f;
+      for(j = 0; (j < i + 1); ++j)
+      {
+        out << base64_table[buf[j]];
+      }
+
+      // pad
+      while((i++ < 3))
+      {
+        out << '=';
+      }
+    }
+  }
+
 }  // namespace llarp

 #endif