diff --git a/CMakeLists.txt b/CMakeLists.txt index c2a903f79..ac2067e0d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -56,9 +56,7 @@ option(XSAN "use sanitiser, if your system has it (requires -DCMAKE_BUILD_TYPE=D option(USE_JEMALLOC "Link to jemalloc for memory allocations, if found" ON) option(TESTNET "testnet build" OFF) option(WITH_COVERAGE "generate coverage data" OFF) -option(USE_SHELLHOOKS "enable shell hooks on compile time (dangerous)" OFF) option(WARNINGS_AS_ERRORS "treat all warnings as errors. turn off for development, on for release" OFF) -option(TRACY_ROOT "include tracy profiler source" OFF) option(WITH_TESTS "build unit tests" OFF) option(WITH_HIVE "build simulation stubs" OFF) option(BUILD_PACKAGE "builds extra components for making an installer (with 'make package')" OFF) @@ -107,8 +105,6 @@ if (STATIC_LINK) message(STATUS "setting static library suffix search") endif() -add_definitions(-D${CMAKE_SYSTEM_NAME}) - include(cmake/solaris.cmake) include(cmake/win32.cmake) @@ -198,15 +194,6 @@ if(CMAKE_BUILD_TYPE MATCHES "[Dd][Ee][Bb][Uu][Gg]") add_definitions(-DLOKINET_DEBUG=1) endif() -if(WITH_SHELLHOOKS) - add_definitions(-DENABLE_SHELLHOOKS) -endif() - -if(TRACY_ROOT) - include_directories(${TRACY_ROOT}) - add_definitions(-DTRACY_ENABLE) -endif() - include(cmake/coverage.cmake) @@ -236,12 +223,6 @@ set(CMAKE_THREAD_PREFER_PTHREAD TRUE) set(THREADS_PREFER_PTHREAD_FLAG TRUE) find_package(Threads REQUIRED) -if(USE_NETNS) - add_definitions(-DNETNS=1) -else() - add_definitions(-DNETNS=0) -endif() - if(TESTNET) add_definitions(-DTESTNET=1) # 5 times slower than realtime @@ -306,10 +287,6 @@ if(ANDROID) set(ANDROID_PLATFORM_SRC android/ifaddrs.c) endif() -if(TRACY_ROOT) - target_link_libraries(base_libs INTERFACE dl) -endif() - if(WITH_HIVE) add_definitions(-DLOKINET_HIVE=1) endif() diff --git a/llarp/CMakeLists.txt b/llarp/CMakeLists.txt index 40786322b..f91a0dee2 100644 --- a/llarp/CMakeLists.txt +++ b/llarp/CMakeLists.txt @@ -66,8 +66,6 @@ if (ANDROID) endif() if(CMAKE_SYSTEM_NAME MATCHES "Linux") - target_sources(lokinet-platform PRIVATE linux/netns.cpp) - if(NON_PC_TARGET) add_import_library(rt) target_link_libraries(lokinet-platform PUBLIC rt) @@ -139,7 +137,6 @@ add_library(liblokinet exit/session.cpp handlers/exit.cpp handlers/tun.cpp - hook/shell.cpp iwp/iwp.cpp iwp/linklayer.cpp iwp/message_buffer.cpp diff --git a/llarp/handlers/tun.cpp b/llarp/handlers/tun.cpp index c31a300e6..3b13e1d16 100644 --- a/llarp/handlers/tun.cpp +++ b/llarp/handlers/tun.cpp @@ -953,10 +953,6 @@ namespace llarp m_LocalResolverAddr.createSockAddr(), false /* just .loki/.snode DNS initially */); - if (m_OnUp) - { - m_OnUp->NotifyAsync(NotifyParams()); - } return HasAddress(ourAddr); } diff --git a/llarp/hook/ihook.hpp b/llarp/hook/ihook.hpp deleted file mode 100644 index 0f132ba45..000000000 --- a/llarp/hook/ihook.hpp +++ /dev/null @@ -1,30 +0,0 @@ -#pragma once -#include -#include -#include - -namespace llarp -{ - namespace hooks - { - /// base type for event hook handlers - struct IBackend - { - virtual ~IBackend() = 0; - virtual void - NotifyAsync(std::unordered_map params) = 0; - - /// start backend - virtual bool - Start() = 0; - - /// stop backend - virtual bool - Stop() = 0; - }; - - using Backend_ptr = std::shared_ptr; - - inline IBackend::~IBackend() = default; - } // namespace hooks -} // namespace llarp diff --git a/llarp/hook/shell.cpp b/llarp/hook/shell.cpp deleted file mode 100644 index 2a740ea14..000000000 --- a/llarp/hook/shell.cpp +++ /dev/null @@ -1,157 +0,0 @@ -#include "shell.hpp" - -#if defined(ENABLE_SHELLHOOKS) -#include -#include -#include -#include -#if !defined(__linux__) || !defined(_GNU_SOURCE) -// Not all systems declare this variable -extern char** environ; -#endif -#if defined(Darwin) -#include -#endif -#endif - -namespace llarp -{ - namespace hooks - { -#if defined(ENABLE_SHELLHOOKS) - struct ExecShellHookBackend : public IBackend, - public std::enable_shared_from_this - { - thread::ThreadPool m_ThreadPool; - - std::vector _args; - std::vector args; - - ExecShellHookBackend(std::string script) : m_ThreadPool(1, 1000, "exechook") - { - do - { - const auto idx = script.find_first_of(' '); - std::string sub; - if (idx == std::string::npos) - sub = script; - else - sub = script.substr(0, idx); - _args.emplace_back(std::move(sub)); - args.push_back((char*)_args.back().c_str()); - script = script.substr(idx + 1); - } while (script.find_first_of(' ') != std::string::npos); - args.push_back(nullptr); - LogInfo("make hook ", args.size()); - } - - ~ExecShellHookBackend() - { - m_ThreadPool.shutdown(); - } - - bool - Start() override - { - m_ThreadPool.start(); - return true; - } - - bool - Stop() override - { - m_ThreadPool.stop(); - return true; - } - - char* - Exe() const - { - return args[0]; - } - - char* const* - Args() const - { - return args.data(); - } - - void - NotifyAsync(std::unordered_map params) override; - }; - - struct ExecShellHookJob - { - std::vector m_env; - std::vector _m_env; - std::shared_ptr m_Parent; - - ExecShellHookJob( - std::shared_ptr b, - const std::unordered_map env) - : m_Parent(b) - { -#if defined(Darwin) - char** ptr = *_NSGetEnviron(); -#else - char** ptr = environ; -#endif - do - { - m_env.emplace_back(*ptr); - ++ptr; - } while (ptr && *ptr); - for (const auto& item : env) - m_env.emplace_back(item.first + "=" + item.second); - for (const auto& item : m_env) - _m_env.push_back((char*)item.c_str()); - _m_env.push_back(nullptr); - } - - char* const* - Env() - { - return _m_env.data(); - } - - void - Exec() - { - std::thread t([&]() { - int result = 0; - const pid_t child = ::fork(); - if (child == -1) - return; - if (child) - ::waitpid(child, &result, 0); - else - ::execve(m_Parent->Exe(), m_Parent->Args(), Env()); - }); - t.join(); - } - }; - - void - ExecShellHookBackend::NotifyAsync(std::unordered_map params) - { - auto job = std::make_shared(shared_from_this(), std::move(params)); - - m_ThreadPool.addJob([job = std::move(job)] { job->Exec(); }); - } - - Backend_ptr - ExecShellBackend(std::string execFilePath) - { - Backend_ptr ptr = std::make_shared(execFilePath); - if (!ptr->Start()) - return nullptr; - return ptr; - } -#else - Backend_ptr ExecShellBackend(std::string) - { - return nullptr; - } -#endif - } // namespace hooks -} // namespace llarp diff --git a/llarp/hook/shell.hpp b/llarp/hook/shell.hpp deleted file mode 100644 index 32695542f..000000000 --- a/llarp/hook/shell.hpp +++ /dev/null @@ -1,13 +0,0 @@ -#pragma once - -#include "ihook.hpp" - -namespace llarp -{ - namespace hooks - { - /// exec file based hook notifier - Backend_ptr - ExecShellBackend(std::string execFilePath); - } // namespace hooks -} // namespace llarp diff --git a/llarp/linux/netns.cpp b/llarp/linux/netns.cpp deleted file mode 100644 index a40dbf768..000000000 --- a/llarp/linux/netns.cpp +++ /dev/null @@ -1,319 +0,0 @@ -#if defined(ANDROID) || NETNS == 0 - -#else -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "netns.hpp" -#include -#ifndef MS_REC -#define MS_REC (16384) -#endif -#include - -namespace llarp -{ - namespace GNULinux - { - static const char netns_rundir[] = "/var/run/netns"; - static const char netns_etcdir[] = "/etc/netns"; - - static bool - GetCGroups2MountPoint(fs::path& cgroups2_mount) - { - std::string mountpoint; - std::ifstream inf; - inf.open("/proc/mounts"); - if (!inf.is_open()) - { - llarp::LogError("failed to open /proc/mounts"); - return false; - } - std::string line; - while (std::getline(inf, line)) - { - std::string part; - std::stringstream parts; - parts.str(line); - // discard - std::getline(parts, part); - // mount point - std::getline(parts, part); - mountpoint = part; - // type - std::getline(parts, part); - if (part == "cgroup2") - { - // found cgroup2 mountpoint - cgroups2_mount = mountpoint; - return true; - } - } - llarp::LogError("cannot find cgroups2 in /proc/mounts"); - return false; - } - - static bool - GetNetNS(std::string& netns) - { - auto nfd = open("/proc/self/ns/net", O_RDONLY); - if (nfd < 0) - { - llarp::LogError("Failed to get our own netns, could not open /proc/self/ns/net"); - return false; - } - struct stat netst; - if (::fstat(nfd, &netst) < 0) - { - close(nfd); - llarp::LogError("stat of netns failed: ", strerror(errno)); - return false; - } - close(nfd); - fs::path run_dir = netns_rundir; - bool foundIt = false; - // find corrosponding file for netns - llarp::util::IterDir(run_dir, [&](const fs::path& f) -> bool { - struct stat fst; - if (::stat(f.string().c_str(), &fst) >= 0) - { - if (fst.st_dev == netst.st_dev && fst.st_ino == netst.st_ino) - { - // found it - foundIt = true; - netns = f.filename().string(); - // break iteration - return false; - } - } - // continue iteration - return true; - }); - return foundIt; - } - - static bool - GetVRFPath(std::string& path) - { - char p[256] = {0}; - snprintf(p, sizeof(p), "/proc/%d/cgroup", getpid()); - std::ifstream inf; - inf.open(p); - if (!inf.is_open()) - { - llarp::LogError("could not open '", p, "': ", strerror(errno)); - return false; - } - path = ""; - std::string line; - while (std::getline(inf, line)) - { - auto pos = line.find("::/"); - if (pos != std::string::npos) - { - line = line.substr(pos + 2); - pos = line.find("/vrf"); - if (pos != std::string::npos) - { - path = line.substr(pos); - if (path == "/") - path = ""; - } - break; - } - } - return true; - } - - static bool - ResetVRF() - { - fs::path cgroups2_mount; - if (!GetCGroups2MountPoint(cgroups2_mount)) - { - llarp::LogError("could not find cgroup2 mount point, is it mounted?"); - return false; - } - std::string netns; - if (!GetNetNS(netns)) - { - llarp::LogError("could not get our netns: ", strerror(errno)); - return false; - } - std::string vrfpath; - if (!GetVRFPath(vrfpath)) - { - llarp::LogError("could not determine vrf cgroup path: ", strerror(errno)); - return false; - } - fs::path cgroup_path = cgroups2_mount / vrfpath / netns / "vrf" / "default"; - std::error_code ec; - if (!fs::exists(cgroup_path, ec)) - { - if (!fs::create_directories(cgroup_path, ec)) - { - llarp::LogError("could not create '", cgroup_path.string(), "': ", ec); - return false; - } - } - else if (ec) - { - llarp::LogError("Could not check '", cgroup_path.string(), "': ", ec); - return false; - } - cgroup_path /= "cgroup.procs"; - auto fd = open(cgroup_path.string().c_str(), O_RDWR | O_APPEND); - if (fd < 0) - { - llarp::LogError("could not open '", cgroup_path.string(), "': ", strerror(errno)); - return false; - } - bool success = true; - std::string pid = std::to_string(getpid()); - if (write(fd, pid.c_str(), pid.size()) < 0) - { - llarp::LogError("failed to join cgroup"); - success = false; - } - close(fd); - return success; - } - - /// bind network namespace paths into /etc/ - static bool - BindNetworkNS(const char* name) - { - fs::path etc_dir = netns_etcdir; - etc_dir /= name; - std::error_code ec; - if (!fs::exists(etc_dir, ec)) - { - errno = 0; - llarp::LogInfo(etc_dir, " does not exist, skipping"); - return true; - } - bool didFail = false; - llarp::util::IterDir(etc_dir, [&](const fs::path& f) -> bool { - if (fs::is_regular_file(f)) - { - fs::path netns_path = "/etc"; - netns_path /= f.filename(); - if (mount(f.string().c_str(), netns_path.string().c_str(), "none", MS_BIND, nullptr) < 0) - { - llarp::LogError( - "failed to bind '", - f.string(), - "' to '", - netns_path.string(), - "': ", - strerror(errno)); - didFail = true; - } - } - // continue iteration - return true; - }); - return !didFail; - } - - static void - DropCap() - { - if (getuid() != 0 && geteuid() != 0) - { - cap_t capabilities; - cap_value_t net_admin = CAP_NET_ADMIN; - cap_flag_t inheritable = CAP_INHERITABLE; - cap_flag_value_t is_set; - - capabilities = cap_get_proc(); - if (!capabilities) - exit(EXIT_FAILURE); - if (cap_get_flag(capabilities, net_admin, inheritable, &is_set) != 0) - exit(EXIT_FAILURE); - - if (is_set == CAP_CLEAR) - { - if (cap_clear(capabilities) != 0) - exit(EXIT_FAILURE); - if (cap_set_proc(capabilities) != 0) - exit(EXIT_FAILURE); - } - cap_free(capabilities); - } - } - - bool - NetNSSwitch(const char* name) - { - fs::path netns_path = netns_rundir; - netns_path /= name; - auto nsfd = open(netns_path.string().c_str(), O_RDONLY | O_CLOEXEC); - if (nsfd < 0) - { - llarp::LogError("Failed to open network namespace '", name, "': ", strerror(errno)); - return false; - } - if (setns(nsfd, CLONE_NEWNET) < 0) - { - llarp::LogError("Failed to enter network namespace '", name, "': ", strerror(errno)); - close(nsfd); - return false; - } - close(nsfd); - if (unshare(CLONE_NEWNS) < 0) - { - llarp::LogError("unshare failed: ", strerror(errno)); - return false; - } - // dont let any mount points prop back to parent - // iproute2 source does this - if (mount("", "/", "none", MS_SLAVE | MS_REC, nullptr)) - { - llarp::LogError("mount --make-rslave failed: ", strerror(errno)); - return false; - } - unsigned long mountflags = 0; - // ensaure /sys not mounted - if (umount2("/sys", MNT_DETACH) < 0) - { - struct statvfs fsstat; - if (statvfs("/sys", &fsstat) == 0) - { - if (fsstat.f_flag & ST_RDONLY) - mountflags = MS_RDONLY; - } - } - // mount sysfs for our namespace - if (mount(name, "/sys", "sysfs", mountflags, nullptr) < 0) - { - llarp::LogError("failed to mount sysfs: ", strerror(errno)); - return false; - } - if (!BindNetworkNS(name)) - { - llarp::LogError("failed to bind namespace directories"); - return false; - } - if (!ResetVRF()) - { - llarp::LogError("failed to reset vrf"); - return false; - } - DropCap(); - return true; - } - } // namespace GNULinux -} // namespace llarp - -#endif diff --git a/llarp/linux/netns.hpp b/llarp/linux/netns.hpp deleted file mode 100644 index 8b7ddd56b..000000000 --- a/llarp/linux/netns.hpp +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once -#ifdef __linux__ -namespace llarp -{ - namespace GNULinux - { - /// switch current process to use network namepsace by name - /// returns true if successfully switched otherwise returns false - bool - NetNSSwitch(const char* name); - } // namespace GNULinux -} // namespace llarp -#else -#error "Don't include this file" -#endif diff --git a/llarp/service/endpoint.cpp b/llarp/service/endpoint.cpp index 18e7876df..3c266c247 100644 --- a/llarp/service/endpoint.cpp +++ b/llarp/service/endpoint.cpp @@ -27,7 +27,6 @@ #include #include #include -#include #include #include #include @@ -341,8 +340,6 @@ namespace llarp EndpointUtil::StopRemoteSessions(m_state->m_RemoteSessions); // stop snode sessions EndpointUtil::StopSnodeSessions(m_state->m_SNodeSessions); - if (m_OnDown) - m_OnDown->NotifyAsync(NotifyParams()); return path::Builder::Stop(); } @@ -590,16 +587,6 @@ namespace llarp return true; } - Endpoint::~Endpoint() - { - if (m_OnUp) - m_OnUp->Stop(); - if (m_OnDown) - m_OnDown->Stop(); - if (m_OnReady) - m_OnReady->Stop(); - } - bool Endpoint::PublishIntroSet(const EncryptedIntroSet& introset, AbstractRouter* r) { @@ -762,9 +749,6 @@ namespace llarp LogDebug(Name(), " Additional IntroSet publish confirmed"); m_state->m_LastPublish = now; - if (m_OnReady) - m_OnReady->NotifyAsync(NotifyParams()); - m_OnReady = nullptr; } std::optional> diff --git a/llarp/service/endpoint.hpp b/llarp/service/endpoint.hpp index e7364d1f3..296f107af 100644 --- a/llarp/service/endpoint.hpp +++ b/llarp/service/endpoint.hpp @@ -7,6 +7,7 @@ #include #include #include "address.hpp" +#include "endpoint_state.hpp" #include "handler.hpp" #include "identity.hpp" #include "pendingbuffer.hpp" @@ -15,7 +16,6 @@ #include "service/protocol_type.hpp" #include "session.hpp" #include "lookup.hpp" -#include #include #include #include @@ -62,7 +62,6 @@ namespace llarp public EndpointBase { Endpoint(AbstractRouter* r, Context* parent); - ~Endpoint() override; /// return true if we are ready to recv packets from the void bool @@ -516,9 +515,6 @@ namespace llarp IDataHandler* m_DataHandler = nullptr; Identity m_Identity; net::IPRangeMap m_ExitMap; - hooks::Backend_ptr m_OnUp; - hooks::Backend_ptr m_OnDown; - hooks::Backend_ptr m_OnReady; bool m_PublishIntroSet = true; std::unique_ptr m_state; std::shared_ptr m_AuthPolicy; diff --git a/llarp/service/endpoint_state.cpp b/llarp/service/endpoint_state.cpp index 383519dc9..95f013a27 100644 --- a/llarp/service/endpoint_state.cpp +++ b/llarp/service/endpoint_state.cpp @@ -1,7 +1,6 @@ #include "endpoint_state.hpp" #include -#include #include "endpoint.hpp" #include "outbound_context.hpp" #include @@ -23,33 +22,6 @@ namespace llarp m_IntroSet.SRVs.push_back(record.toTuple()); } - // TODO: - /* - if (k == "on-up") - { - m_OnUp = hooks::ExecShellBackend(v); - if (m_OnUp) - LogInfo(name, " added on up script: ", v); - else - LogError(name, " failed to add on up script"); - } - if (k == "on-down") - { - m_OnDown = hooks::ExecShellBackend(v); - if (m_OnDown) - LogInfo(name, " added on down script: ", v); - else - LogError(name, " failed to add on down script"); - } - if (k == "on-ready") - { - m_OnReady = hooks::ExecShellBackend(v); - if (m_OnReady) - LogInfo(name, " added on ready script: ", v); - else - LogError(name, " failed to add on ready script"); - } - */ return true; } diff --git a/llarp/service/endpoint_state.hpp b/llarp/service/endpoint_state.hpp index c256acf88..7cbae0894 100644 --- a/llarp/service/endpoint_state.hpp +++ b/llarp/service/endpoint_state.hpp @@ -1,6 +1,5 @@ #pragma once -#include #include #include "address.hpp" #include "pendingbuffer.hpp" @@ -25,10 +24,6 @@ namespace llarp { struct EndpointState { - hooks::Backend_ptr m_OnUp; - hooks::Backend_ptr m_OnDown; - hooks::Backend_ptr m_OnReady; - std::set m_SnodeBlacklist; AbstractRouter* m_Router;