Merge pull request #617 from majestrate/master

changes after consensous

docs/dht_v0.txt

@@ -1,11 +1,10 @@
 DHT messages
 
-these messages can be either wrapped in a LIDM message or sent anonymously over a path
+DHT messages can be either wrapped in a LIDM message or sent anonymously over a path inside a DHT routing message
 
-The distance function is distance = A ^ B
-
-This document is currently out of date (probably)
+The distance function is A xor B (traditional kademlia)
 
+The dht implements both iterative and recursive lookups.
 
 find introduction message (FIM)
 
@@ -13,7 +12,7 @@ variant 1: find an IS by SA
 
 {
   A: "F",
-  R: 0 or 1 if recurisve request,
+  R: 0 for iterative and 1 for recurisve,
   S: "<32 bytes SA>",
   T: transaction_id_uint64,
   V: 0
@@ -24,12 +23,20 @@ variant 2: recursively find many IS in a tag
 {
   A: "F",
   E: [list, of, excluded, SA],
-  R: 0 or 1 if recurisve request,
+  R:  0 for iterative and 1 for recurisve,
   N: "<16 bytes topic tag>",
   T: transaction_id_uint64,
   V: 0
 }
 
+variant 3: find many IS by what services they advertise
+
+{ 
+  A: "F",
+  H: 
+  R: 0 for iterative and 1 for recurisve,
+}
+
 exclude adding service addresses in E if present
 
 
@@ -77,8 +84,8 @@ As of protocol version 0, R is always 0.
 
 If S is provided store the IS for later lookup unconditionally, 
 decrement S by 1 and forward to dht peer who is next closest to 
-the SA of the IS. If S is greater than 3, don't store and discard
-this message.
+the SA of the IS. If S is greater than 3, don't store the IS and 
+discard this message.
 
 
 find router contact message (FRCM)

docs/proto_v0.txt

@@ -73,11 +73,11 @@ An address info (AI) defines a publically reachable endpoint
   v: 0
 }
 
-example iwp address info:
+example wank address info:
 
 {
   c: 1,
-  d: "iwp",
+  d: "wank",
   e: "<32 bytes of 0x61>",
   i: "123.123.123.123",
   p: 1234,
@@ -86,7 +86,7 @@ example iwp address info:
 
 bencoded form:
 
-d1:ci1e1:d3:iwp1:e32:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa1:d3:iwp1:i15:123.123.123.1231:pi1234e1:vi0ee
+d1:ci1e1:d4:wank1:e32:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa1:d3:iwp1:i15:123.123.123.1231:pi1234e1:vi0ee
 
 Traffic Policy (TP)
 
@@ -135,16 +135,30 @@ router's full identity
 
 {
   a: [ one, or, many, AI, here ... ],
+  e: extensions_supported,
   i: "<max 8 bytes network identifier>",
   k: "<32 bytes public long term identity signing key>",
   n: "<optional max 32 bytes router nickname>",
   p: "<32 bytes public path encryption key>",   
+  s: [services, supported],
   u: time_signed_at_milliseconds_since_epoch_uint64,
   v: 0,
   x: [ Exit, Infos ],
   z: "<64 bytes signature using identity key>"
 }
 
+e is a dict containing key/value of supported protocol extensions on this service node, keys are strings, values MUST be 0 or 1.
+
+s is a list of services on this service node:
+
+each service is a 6 item long, list of the following:
+
+["_service", "_proto", ttl_uint, priority_uint, weight_uint, port_uint]
+
+with the corrisponding SRV record: 
+
+<_service>.<_proto>.router_pubkey_goes_here.snode. <ttl_uint> IN SRV <priority_uint> <weight_uint> <port_uint> router_pubkey_goes_here.snode
+
 
 RC.t is the timestamp of when this RC was signed.
 RC is valid for a maximum of 1 hour after which it MUST be resigned with the new
@@ -206,8 +220,9 @@ x is the timestamp milliseconds since epoch that this introduction expires at
 
 introduction set (IS)
 
-a signed set of introductions for a hidden service
+and introset is a signed set of introductions for a hidden service
 a is the service info of the publisher
+h is a list of srv records in same format as in RCs
 i is the list of introductions that this service is advertising with
 k is the public key to use when doing encryption to this hidden service
 n is a 16 byte null padded utf-8 encoded string tagging the hidden service in 
@@ -219,6 +234,7 @@ service's signing key.
 
 {
   a: SI,
+  h: [list, of, advertised, services],
   i: [ I, I, I, ... ],
   k: "<1218 bytes sntrup4591761 public key block>",
   n: "<16 bytes service topic (optional)>",
@@ -228,6 +244,17 @@ service's signing key.
   z: "<64 bytes signature using service info signing key>"
 }
 
+h is a list of services on this endpoint
+
+each service is a 7 item long, list of the following:
+
+["_service", "_proto", ttl_uint, priority_uint, weight_uint, port_uint, "<32 bytes SA of the service>"]
+
+with the corrisponding SRV record: 
+
+<_service>.<_proto>.<service_address>.loki. <ttl_uint> IN SRV <priority_uint> <weight_uint> <port_uint> <SA of sub service>.loki.
+
+recursion on SRV records is NOT permitted.
 
 ---
 
@@ -328,7 +355,7 @@ link relay commit record (LRCR)
 
 record requesting relaying messages for 600 seconds to router
 on network who's i is equal to RC.k and decrypt data any messages using
-PKE(n, rc.K, c) as symettric key for encryption and decryption.
+PKE(n, rc.p, c) as symettric key for encryption and decryption.
 
 if l is provided and is less than 600 and greater than 10 then that lifespan 
 is used (in seconds) instead of 600 seconds.
@@ -338,6 +365,7 @@ the path is extended by w.y seconds
 
 {
   c: "<32 byte public encryption key used for upstream>",
+  d: uint_optional_ms_delay,
   i: "<32 byte RC.k of next hop>",
   l: uint_optional_lifespan,
   n: "<32 bytes nounce for key exchange>",
@@ -446,6 +474,10 @@ transfer a state message between nodes
 
 state message:
 
+NOTE: this message type is currently a documentation stub and remains unimplemented.
+
+state messages propagate changes to the service nodes concensous to thin clients.
+
 service node joined network
 
 {
@@ -464,11 +496,11 @@ service node parted network
 
 service node list request
 
-request the service node list starting at index O containing R entries
+request the service node list starting at index I containing R entries
 
 {
   A: "R",
-  O: starting_offset_int, 
+  I: starting_offset_int, 
   R: number_of_entires_to_request_int,
   V: 0
 }
@@ -480,8 +512,8 @@ response to service node list request
 {
   A: "L",
   S: {
-     "<32 bytes pubkey>" : first_seen_time_uint64,
-     "<32 bytes pubkey>" : first_seen_time_uint64,
+     "<32 bytes pubkey>" : 1,
+     "<32 bytes pubkey>" : 1,
      ....
   },
   V: 0
@@ -640,9 +672,9 @@ hidden service frame (HSF)
 
 TODO: document this better
 
-intro message (variant 1)
+establish converstation tag message (variant 1)
 
-start a new session
+generate a new convotag that is contained inside an encrypted HSD
 
 {
   A: "H",
@@ -650,6 +682,7 @@ start a new session
   D: "<N bytes encrypted HSD>",
   F: "<16 bytes source path_id>",
   N: "<32 bytes nonce for key exchange>",
+  S: sequence_number,
   V: 0,
   Z: "<64 bytes signature of entire message using sender's signing key>"
 }
@@ -657,7 +690,7 @@ start a new session
 alice (A) wants to talk to bob (B) over the network, both have hidden services
 set up and are online on the network. 
 
-A and B are both SI.
+A and B are both referring to alice and bob's SI respectively.
 A_sk is alice's private signing key.
 
 for alice (A) to send the string "beep" to bob (B), alice picks an introduction
@@ -732,13 +765,12 @@ S = HS(K + PKE(A, B, sk, N))
 given sk is the local secret encryption key used by the current hidden service
 
 please note:
-signature verification can only be done after decryption
-
-TODO: explain bob's side too (it's invsere of alice's process)
+signature verification of the outer message can only be done after decryption
+because the signing keys are inside the encrypted HSD.
 
 data from a previously made session (variant 2)
 
-transfer data on a session previously made
+transfer data on a converstation previously made
 
 {
   A: "H",
@@ -759,13 +791,13 @@ transfer ip traffic
   A: "I",
   S: uint64_sequence_number,
   V: 0,
-  X: "<list of ip packet buffers>",
+  X: [list, of, ip, packet, buffers],
 }
 
 an ip packet buffer is prefixed with a 64 bit big endian unsigned integer 
 denoting the sequence number for re-ordering followed by the ip packet itself.
 
-X is parsed as a alist of IP packet buffers.
+X is parsed as a list of IP packet buffers.
 for each ip packet the source addresss is extracted and sent on the 
 appropriate network interface.
 

docs/wire-protocol.txt

@@ -30,15 +30,22 @@ A asks for a flow id from B.
 
 B MAY send a flow id to A or MAY reject the message from A.
 
-
 session handshake:
 
 an encrypted session is established using establish wire session messages
 using a newly created flow id.
 
+message format:
 
-outer message format:
+there are 2 layers in this protocol, outer messages and inner messages.
+
+outer messages are sent in plaintext and / or obfsucated with symettric
+encryption using a preshared key.
 
+inner messages are inside an encrypted and authenticated envelope
+wrapped by an outer messages, which is always a data tranmssion message.
+
+outer message format:
 
 every outer message MAY be obfsucated via symettric encryption for dpi
 resistance reasons, this is not authenticated encryption.
@@ -57,6 +64,11 @@ K = HS(B_k)
 N = HS(n + K)
 X = SD(K, m, N[0:24])
 
+where
+B_k is the long term identity public key of the recipient.
+HS is blake2 256 bit non keyed hash
+SD is xchacha20 symettric stream cipher (decryption)
+
 outer-header:
 
 <1 byte command>
@@ -70,7 +82,7 @@ obtain a flow id
 <6 magic bytes "netid?">
 <8 bytes netid, I>
 <8 bytes timestamp milliseconds since epoch, T>
-<32 bytes ed25519 public key of sender, A_k>
+<32 bytes public identity key of sender, A_k>
 <0-N bytes discarded>
 <last 64 bytes signature of unobfuscated packet, Z>
 
@@ -84,8 +96,8 @@ command 'G' - give flow id
 <outer-header>
 <6 magic bytes "netid!">
 <16 bytes new flow id>
-<32 bytes ed25519 public key of sender, A_k>
-<0-N bytes discarded>
+<32 bytes public identiy key of sender, A_k>
+<0-N bytes ignored but included in signature>
 <last 64 bytes signature of unobfsucated packet, Z>
 
 after recieving a give flow id message a session negotiation can happen with that flow id.
@@ -97,8 +109,8 @@ reject new flow
 <outer-header>
 <14 ascii bytes reason for rejection null padded>
 <8 bytes timestamp>
-<32 bytes ed25519 public key of sender, A_k>
-<0-N bytes discarded>
+<32 bytes public identity key of sender, A_k>
+<0-N bytes ignored but included in signature>
 <last 64 bytes signature of unobsfucated packet, Z>
 
 command 'E' - establish wire session
@@ -106,12 +118,17 @@ command 'E' - establish wire session
 establish an encrypted session using a flow id
 
 <outer-header>
+<2 bytes 0x0a 0x0d>
+<4 bytes flags, F>
 <16 bytes flow id, B>
 <32 bytes ephemeral public encryption key, E>
 <8 bytes packet counter starting at 0>
 <optional 32 bytes authenticated credentials, A>
 <last 64 bytes signature of unobfuscated packet using identity key, Z>
 
+
+F is currently set to all zeros
+
 every time we try establishing a wire session we increment the counter
 by 1 for the next message we send.
 
@@ -145,14 +162,13 @@ Z is keyed hash of entire message
 
 Z is generated via:
 
-msg.Z = '0x00' * 32
-msg.Z = MDS(msg, tx_K)
+msg.Z = MDS(outer-header + F + N + X, tx_K)
 
 data tranmission:
 
 inner message format of X (after decryption):
 
-header:
+inner header:
 
 <1 byte protocol version>
 <1 byte command>
@@ -162,7 +178,7 @@ command: 'k' (keep alive)
 
 tell other side to acknoledge they are alive
 
-<header>
+<inner header>
 <2 bytes resevered, set to 0>
 <2 bytes attempt counter, set to 0 and incremented every retransmit, reset when we get a keepalive ack>
 <2 bytes milliseconds ping timeout>
@@ -175,7 +191,7 @@ command: 'l' (keep alive ack)
 
 acknolege keep alive message
 
-<header>
+<inner header>
 <6 bytes reserved, set to 0>
 <8 bytes current session RX limit in bytes per second>
 <8 bytes current session TX use in bytes per second>
@@ -188,7 +204,7 @@ command: 'n' (advertise neighboors)
 tell peer about neighboors, only sent by non service nodes to other non service
 nodes.
 
-<header>
+<inner header>
 <route between us and them>
 <0 or more intermediate routes>
 <route from a service node>
@@ -209,7 +225,7 @@ command: 'c' (congestion)
 
 tell other side to slow down
 
-<header>
+<inner header>
 <2 bytes reduce TX rate by this many 1024 bytes per second>
 <4 bytes milliseconds slowdown lifetime>
 <remaining bytes discarded>
@@ -218,48 +234,42 @@ command: 'd' (anti-congestion)
 
 tell other side to speed up
 
-<header>
+<inner header>
 <2 bytes increase TX rate by this many 1024 bytes per second>
 <4 bytes milliseconds speedup lifetime>
 <remaining bytes discarded>
 
-command: 't' (transmit data)
 
-transmit a message to a peer
+command: 's' (start transmission)
+
+initate the transmission of a message to the remote peer
 
-if this fragment is not addressed to us we route it to the neighboor
-with the shortest route to the recipiant as advertised by all neighboors.
+<inner header>
+<1 byte flags F>
+<1 byte reserved R set to zero>
+<2 bytes total size of full message>
+<4 bytes sequence number S>
+<32 bytes blake2 hash of full message>
+<N remaining bytes first fragment of message>
 
-<header>
-<32 bytes public identity key of recipiant>
-<32 bytes public identity key of sender>
-<24 bytes nounce, N>
-<N bytes encrypted message, X>
-<last 32 bytes keyed hash, Z>
+if F lsb is set then there is no further fragments
 
-encrypted via:
+command: 't' (continued transmission)
 
-K = EDDH(recipiant, sender)
-X = SE(msg, K, N)
-Z = MDS(X, K)
+continue transmission of a bigger message
 
-encrypted message format:
+<inner header>
+<1 byte flags F>
+<1 bytes reserved R set to zero>
+<2 bytes 16 byte block offset in message>
+<4 bytes sequence number S>
+<N remaining bytes fragment of message aligned to 16 bytes>
+<remaining bytes not aligned to 16 bytes discarded>
 
-<1 byte version, currently 0>
-<1 byte number of acks following, aN>
-<8 * aN bytes acks>
-<4 byte sequence number of fragment or 0 if no fragment is included>
-<2 byte 16 byte block offset in message of this fragment if it is included>
-<remaining bytes fragment data aligned to 16 bytes>
-<discard anything not aligned to 16 bytes>
+command: 'q' (acknoledge transmission)
 
-ack format:
+acknoledges a transmitted message
 
-<4 byte message sequence number>
-<1 byte reserved current set to 0>
-<1 byte ack counter (number of acks sent for the corrisponding message)>
-<1 byte bitmask fragments selective ack (msb is fragment 0, lsb is fragment 7)>
-<1 byte bitmask fragments posative ack (msb is fragment 0, lsb is fragment 7)>
 
 
 command: 'r' (rotate keys)
@@ -273,6 +283,7 @@ n_K = TKE(K, B_e, K_seed, N)
 A.tx_K = n_K
 B.rx_K = n_K
 
+<inner header>
 <2 bytes milliseconds lifetime of old keys, retain them for this long and then discard>
 <4 bytes reserved, set to 0>
 <32 bytes key exchange nounce, N>
@@ -283,7 +294,7 @@ command: 'u' (upgrade)
 
 request protocol upgrade
 
-<header>
+<inner header>
 <1 byte protocol min version to upgrade to>
 <1 byte protocol max version to upgrade to>
 <remaining bytes discarded>
@@ -292,7 +303,7 @@ command: 'v' (version upgrade)
 
 sent in response to upgrade message
 
-<header>
+<inner header>
 <1 byte protocol version selected>
 <1 byte protocol version highest we support>
 <remaining bytes discarded>

llarp/dht/context.cpp

@@ -653,7 +653,8 @@ namespace llarp
       {
         llarp::LogError(
             "not enough dht nodes to handle exploritory router lookup, "
-            "have ", nodeCount, " dht peers");
+            "have ",
+            nodeCount, " dht peers");
         return false;
       }
       for(const auto& f : found)

llarp/ev/ev.cpp

@@ -164,7 +164,7 @@ llarp_ev_add_tun(struct llarp_ev_loop *loop, struct llarp_tun_io *tun)
   llarp::LogDebug("IfAddr: ", tun->ifaddr);
   llarp::LogDebug("IfName: ", tun->ifname);
   llarp::LogDebug("IfNMsk: ", tun->netmask);
-#ifndef _WIN32  
+#ifndef _WIN32
   auto dev  = loop->create_tun(tun);
   tun->impl = dev;
   if(dev)
@@ -173,7 +173,7 @@ llarp_ev_add_tun(struct llarp_ev_loop *loop, struct llarp_tun_io *tun)
   }
 #else
   UNREFERENCED_PARAMETER(loop);
-  auto dev = new win32_tun_io(tun);
+  auto dev  = new win32_tun_io(tun);
   tun->impl = dev;
   // We're not even going to add this to the socket event loop
   if(dev)
@@ -181,7 +181,7 @@ llarp_ev_add_tun(struct llarp_ev_loop *loop, struct llarp_tun_io *tun)
     dev->setup();
     return dev->add_ev();  // start up tun and add to event queue
   }
-#endif  
+#endif
   llarp::LogWarn("Loop could not create tun");
   return false;
 }
@@ -194,7 +194,7 @@ llarp_ev_tun_async_write(struct llarp_tun_io *tun, const llarp_buffer_t &buf)
     llarp::LogWarn("packet too big, ", buf.sz, " > ", EV_WRITE_BUF_SZ);
     return false;
   }
-#ifndef _WIN32  
+#ifndef _WIN32
   return static_cast< llarp::tun * >(tun->impl)->queue_write(buf.base, buf.sz);
 #else
   return static_cast< win32_tun_io * >(tun->impl)->queue_write(buf.base,

llarp/link/server.cpp

@@ -94,7 +94,7 @@ namespace llarp
   ILinkLayer::Configure(llarp_ev_loop_ptr loop, const std::string& ifname,
                         int af, uint16_t port)
   {
-    m_Loop         = std::move(loop);
+    m_Loop         = loop;
     m_udp.user     = this;
     m_udp.recvfrom = &ILinkLayer::udp_recv_from;
     m_udp.tick     = &ILinkLayer::udp_tick;
@@ -104,7 +104,7 @@ namespace llarp
         return false;
     }
     else if(!GetIFAddr(ifname, m_ourAddr, af))
-      return false;
+      m_ourAddr = ifname;
     m_ourAddr.port(port);
     return llarp_ev_add_udp(m_Loop.get(), &m_udp, m_ourAddr) != -1;
   }

llarp/link/server.hpp

@@ -258,7 +258,7 @@ namespace llarp
     Pending m_Pending GUARDED_BY(m_PendingMutex);
   };
 
-  using LinkLayer_ptr = std::shared_ptr<ILinkLayer>;
+  using LinkLayer_ptr = std::shared_ptr< ILinkLayer >;
 }  // namespace llarp
 
 #endif

llarp/net/net.cpp

@@ -992,7 +992,7 @@ namespace llarp
   bool
   IsBogon(const in6_addr& addr)
   {
-#ifdef TESTNET
+#if defined(TESTNET)
     (void)addr;
     return false;
 #else
@@ -1022,12 +1022,15 @@ namespace llarp
         iprange_ipv4(192, 168, 0, 0, 16),  iprange_ipv4(198, 18, 0, 0, 15),
         iprange_ipv4(198, 51, 100, 0, 24), iprange_ipv4(203, 0, 113, 0, 24),
         iprange_ipv4(224, 0, 0, 0, 4),     iprange_ipv4(240, 0, 0, 0, 4)};
-
     for(const auto& bogon : bogonRanges)
     {
       if(bogon.Contains(addr))
       {
+#if defined(TESTNET)
+        return false;
+#else
         return true;
+#endif
       }
     }
     return false;

llarp/util/alloc.hpp

@@ -1,118 +0,0 @@
-#ifndef LLARP_UTIL_ALLOC_HPP
-#define LLARP_UTIL_ALLOC_HPP
-#include <bitset>
-#include <array>
-
-#include <absl/base/attributes.h>
-
-namespace llarp
-{
-  namespace util
-  {
-    /// simple single threaded allocatable super type template
-    template < typename Value_t, std::size_t maxEntries >
-    struct AllocPool
-    {
-      using Ptr_t = Value_t *;
-
-      AllocPool()
-      {
-        mem = nullptr;
-      }
-
-      ~AllocPool()
-      {
-        // delete mem;
-      }
-
-      Ptr_t
-      NewPtr()
-      {
-        /*
-        Ptr_t ptr = mem->allocate();
-        ::new(ptr) Value_t;
-        return ptr;
-        */
-        return new Value_t();
-      }
-
-      void
-      DelPtr(Ptr_t p)
-      {
-        /*
-        p->~Value_t();
-        mem->deallocate(p);
-        */
-        delete p;
-      }
-
-      bool
-      Full() const
-      {
-        /*
-        return mem->full();
-        */
-        return false;
-      }
-
-      bool
-      HasRoomFor(ABSL_ATTRIBUTE_UNUSED size_t numItems)
-      {
-        return true;
-        /* return mem->hasRoomFor(numItems); */
-      }
-
-     private:
-      struct Memory
-      {
-        uint8_t _buffer[maxEntries * sizeof(Value_t)];
-        std::bitset< maxEntries > _allocated = {0};
-        std::size_t _pos                     = 0;
-
-        bool
-        full() const
-        {
-          return _allocated.size() == _allocated.count();
-        }
-
-        bool
-        hasRoomFor(size_t num)
-        {
-          return _allocated.count() + num <= _allocated.size();
-        }
-
-        void
-        deallocate(void *ptr)
-        {
-          if(ptr == nullptr)
-            throw std::bad_alloc();
-          uint8_t *v_ptr         = (uint8_t *)ptr;
-          const std::size_t _idx = (v_ptr - _buffer) / sizeof(Value_t);
-          _allocated.reset(_idx);
-        }
-
-        [[nodiscard]] Ptr_t
-        allocate()
-        {
-          const std::size_t _started = _pos;
-          while(_allocated.test(_pos))
-          {
-            _pos = (_pos + 1) % maxEntries;
-            if(_pos == _started)
-            {
-              // we are full
-              throw std::bad_alloc();
-            }
-          }
-          _allocated.set(_pos);
-          return (Ptr_t)&_buffer[_pos * sizeof(Value_t)];
-        }
-      };
-
-      Memory *mem;
-    };
-
-  }  // namespace util
-}  // namespace llarp
-
-#endif

llarp/utp/inbound_message.cpp

@@ -1,23 +1,23 @@
 #include <utp/inbound_message.hpp>
 
-#include <string.h>
+#include <cstring>
 
 namespace llarp
 {
   namespace utp
   {
     bool
-    _InboundMessage::IsExpired(llarp_time_t now) const
+    InboundMessage::IsExpired(llarp_time_t now) const
     {
       return now > lastActive && now - lastActive >= 2000;
     }
 
     bool
-    _InboundMessage::AppendData(const byte_t* ptr, uint16_t sz)
+    InboundMessage::AppendData(const byte_t* ptr, uint16_t sz)
     {
       if(buffer.size_left() < sz)
         return false;
-      memcpy(buffer.cur, ptr, sz);
+      std::copy_n(ptr, sz, buffer.cur);
       buffer.cur += sz;
       return true;
     }

llarp/utp/inbound_message.hpp

@@ -6,10 +6,7 @@
 #include <util/types.hpp>
 
 #include <utp_types.h>  // for uint32
-
-#include <string.h>
-
-#include <util/alloc.hpp>
+#include <cstring>
 
 namespace llarp
 {
@@ -48,7 +45,7 @@ namespace llarp
     using MessageBuffer = AlignedBuffer< MAX_LINK_MSG_SIZE >;
 
     /// pending inbound message being received
-    struct _InboundMessage
+    struct InboundMessage
     {
       /// timestamp of last activity
       llarp_time_t lastActive;
@@ -69,19 +66,22 @@ namespace llarp
       bool
       AppendData(const byte_t* ptr, uint16_t sz);
 
-      _InboundMessage() : lastActive(0), _msg(), buffer(_msg)
+      InboundMessage() : lastActive(0), _msg(), buffer(_msg)
+      {
+      }
+
+      InboundMessage(const InboundMessage& other)
+          : lastActive(other.lastActive), _msg(other._msg), buffer(_msg)
       {
       }
     };
 
     inline bool
-    operator==(const _InboundMessage& lhs, const _InboundMessage& rhs)
+    operator==(const InboundMessage& lhs, const InboundMessage& rhs)
     {
       return lhs.buffer.base == rhs.buffer.base;
     }
 
-    using InboundMessage = std::shared_ptr< _InboundMessage >;
-
   }  // namespace utp
 
 }  // namespace llarp

llarp/utp/session.cpp

@@ -9,12 +9,6 @@ namespace llarp
 {
   namespace utp
   {
-    using SendBufferPool = util::AllocPool< FragmentBuffer, 1024 * 4 >;
-    using RecvBufferPool = util::AllocPool< _InboundMessage, 1024 >;
-
-    static SendBufferPool OBPool;
-    static RecvBufferPool IBPool;
-
     using namespace std::placeholders;
 
     void
@@ -81,7 +75,7 @@ namespace llarp
       auto itr = m_RecvMsgs.begin();
       while(itr != m_RecvMsgs.end())
       {
-        if(itr->second->IsExpired(now))
+        if(itr->second.IsExpired(now))
         {
           itr = m_RecvMsgs.erase(itr);
         }
@@ -275,12 +269,7 @@ namespace llarp
         // this means we're stalled
         return false;
       }
-      size_t sz = buf.sz;
-      if(!OBPool.HasRoomFor(sz / FragmentBodyPayloadSize))
-      {
-        LogError("Send buffers are full");
-        return false;
-      }
+      size_t sz      = buf.sz;
       byte_t* ptr    = buf.base;
       uint32_t msgid = m_NextTXMsgID++;
       while(sz)
@@ -380,15 +369,14 @@ namespace llarp
                              uint16_t remaining)
 
     {
-      sendq.emplace_back(OBPool.NewPtr(),
-                         [](FragmentBuffer* ptr) { OBPool.DelPtr(ptr); });
+      sendq.emplace_back();
       auto& buf = sendq.back();
       vecq.emplace_back();
       auto& vec    = vecq.back();
-      vec.iov_base = buf->data();
+      vec.iov_base = buf.data();
       vec.iov_len  = FragmentBufferSize;
-      buf->Randomize();
-      byte_t* noncePtr = buf->data() + FragmentHashSize;
+      buf.Randomize();
+      byte_t* noncePtr = buf.data() + FragmentHashSize;
       byte_t* body     = noncePtr + FragmentNonceSize;
       byte_t* base     = body;
       AlignedBuffer< 24 > A(base);
@@ -419,7 +407,7 @@ namespace llarp
       payload.cur  = payload.base;
       payload.sz   = FragmentBufferSize - FragmentHashSize;
       // key'd hash
-      if(!OurCrypto()->hmac(buf->data(), payload, txKey))
+      if(!OurCrypto()->hmac(buf.data(), payload, txKey))
         return false;
       return MutateKey(txKey, A);
     }
@@ -556,22 +544,14 @@ namespace llarp
       // get message
       if(m_RecvMsgs.find(msgid) == m_RecvMsgs.end())
       {
-        if(IBPool.Full())
-        {
-          LogError("inbound buffer mempool full");
-          return false;
-        }
-        m_RecvMsgs.emplace(
-            msgid, InboundMessage(IBPool.NewPtr(), [](_InboundMessage* m) {
-              IBPool.DelPtr(m);
-            }));
+        m_RecvMsgs.emplace(msgid, InboundMessage());
       }
 
       auto itr = m_RecvMsgs.find(msgid);
       // add message activity
-      itr->second->lastActive = parent->Now();
+      itr->second.lastActive = parent->Now();
       // append data
-      if(!itr->second->AppendData(out.cur, length))
+      if(!itr->second.AppendData(out.cur, length))
       {
         LogError("inbound buffer is full");
         return false;  // not enough room
@@ -586,8 +566,8 @@ namespace llarp
       if(remaining == 0)
       {
         // we done with this guy, prune next tick
-        itr->second->lastActive = 0;
-        ManagedBuffer buf(itr->second->buffer);
+        itr->second.lastActive = 0;
+        ManagedBuffer buf{itr->second.buffer};
         // resize
         buf.underlying.sz = buf.underlying.cur - buf.underlying.base;
         // rewind

llarp/utp/session.hpp

@@ -14,8 +14,6 @@ namespace llarp
   {
     struct LinkLayer;
 
-    using SendFragmentBuffer = std::shared_ptr< FragmentBuffer >;
-
     struct Session : public ILinkSession
     {
       /// remote router's rc
@@ -44,7 +42,7 @@ namespace llarp
       /// send queue for utp
       std::deque< utp_iovec > vecq;
       /// tx fragment queue
-      std::deque< SendFragmentBuffer > sendq;
+      std::deque< FragmentBuffer > sendq;
       /// current rx fragment buffer
       FragmentBuffer recvBuf;
       /// current offset in current rx fragment buffer

llarp/utp/utp.cpp

@@ -15,8 +15,8 @@ namespace llarp
               SessionRenegotiateHandler reneg, SignBufferFunc sign,
               TimeoutHandler timeout, SessionClosedHandler closed)
     {
-      return std::make_shared< LinkLayer >(crypto, routerEncSecret, getrc, h, sign, est, reneg,
-                        timeout, closed);
+      return std::make_shared< LinkLayer >(crypto, routerEncSecret, getrc, h,
+                                           sign, est, reneg, timeout, closed);
     }
 
     LinkLayer_ptr

readme.md

@@ -80,6 +80,13 @@ install:
 
     $ sudo make install
 
+
+alternatively make a debian package with:
+
+    $ debuild -uc -us -b
+
+this puts the built files in `../`
+
 ### MacOS
 
 build:

ui-win32/lokivpn.csproj

@@ -128,4 +128,4 @@ $(SolutionDir)versioning\release.bat</PreBuildEvent>
     <PostBuildEvent>$(SolutionDir)versioning\NetRevisionTool /restore "$(ProjectDir)"
 $(SolutionDir)versioning\unpatch.bat</PostBuildEvent>
   </PropertyGroup>
-</Project>
+</Project>