Archives
/
lokinet
mirror of https://github.com/oxen-io/lokinet
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

make it compile

Browse Source
pull/209/head
Jeff Becker 6 years ago
parent 19a4a3ddbc
commit 593e2ddac6
No known key found for this signature in database
GPG Key ID: F357B3B42F6F9B05
5 changed files with 120 additions and 59 deletions
Show Stats Download Patch File Download Diff File

4
llarp/crypto.hpp
Unescape Escape View File

@ -91,6 +91,10 @@ namespace llarp
{
SecretKey() : AlignedBuffer< SECKEYSIZE >(){};
explicit SecretKey(const SecretKey &k) : AlignedBuffer< SECKEYSIZE >(k)
{
}
explicit SecretKey(const byte_t *ptr) : AlignedBuffer< SECKEYSIZE >(ptr)
{
}

45
llarp/link/dtls.cpp
Unescape Escape View File

@ -9,8 +9,7 @@ namespace llarp
{
const mbedtls_ecp_group_id LinkLayer::AllowedCurve[2] = {
MBEDTLS_ECP_DP_CURVE25519, MBEDTLS_ECP_DP_NONE};
const mbedtls_md_type_t LinkLayer::AllowedHash[2] = {MBEDTLS_MD_SHA256,
MBEDTLS_MD_NONE};
const int LinkLayer::AllowedHash[2] = {MBEDTLS_MD_SHA256, MBEDTLS_MD_NONE};
const int LinkLayer::CipherSuite[2] = {
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 0};
@ -55,11 +54,25 @@ namespace llarp
return -1;
}
static int
InboundVerifyCert(void *, mbedtls_x509_crt *, int, unsigned int *)
{
return 0;
}
static int
OutboundVerifyCert(void *, mbedtls_x509_crt *, int, unsigned int *)
{
return 0;
}
Session::Session(LinkLayer *parent) : ILinkSession(), crypto(parent->crypto)
{
m_Parent = parent;
mbedtls_ssl_config_init(&m_config);
mbedtls_ssl_conf_transport(&m_config, MBEDTLS_SSL_TRANSPORT_DATAGRAM);
mbedtls_ssl_conf_authmode(&m_config, MBEDTLS_SSL_VERIFY_REQUIRED);
mbedtls_ssl_conf_sig_hashes(&m_config, LinkLayer::AllowedHash);
m_config.p_vrfy = this;
m_config.key_cert = &m_Parent->ourKeys;
m_config.p_cookie = this;
@ -154,7 +167,7 @@ namespace llarp
}
else if(itr->second.ShouldRetransmit(now))
{
itr->second.TransmitAcks(&m_ctx);
itr->second.TransmitAcks(&m_ctx, itr->first);
}
++itr;
}
@ -173,7 +186,7 @@ namespace llarp
continue;
}
else if(itr->second.ShouldRetransmit(now))
itr->second.TransmitUnacked(&m_ctx);
itr->second.TransmitUnacked(&m_ctx, itr->first);
++itr;
}
@ -214,35 +227,27 @@ namespace llarp
llarp::_Log(llarp::eLogInfo, fname, lineno, msg);
}
LinkLayer::LinkLayer(llarp::Crypto *c, const byte_t *encryptionSecretKey,
const byte_t *identitySecretKey,
LinkLayer::LinkLayer(llarp::Crypto *c, const SecretKey &encryptionSecretKey,
const SecretKey &identitySecretKey,
llarp::GetRCFunc getrc, llarp::LinkMessageHandler h,
llarp::SignBufferFunc sign,
llarp::SessionEstablishedHandler established,
llarp::SessionRenegotiateHandler reneg,
llarp::TimeoutHandler timeout,
llarp::SessionClosedHandler closed)
: ILinkLayer(encryptionSecretKey, getrc, h,
std::bind(&LinkLayer::SignBuffer, this,
std::placeholders::_1, std::placeholders::_2),
established, reneg, timeout, closed)
: llarp::ILinkLayer(encryptionSecretKey, getrc, h, sign, established,
reneg, timeout, closed)
, crypto(c)
, m_IdentityKey(identitySecretKey)
{
}
static int
Random(void *ctx, unsigned char *buf, size_t sz)
{
static_cast< llarp::Crypto * >(ctx)->randbytes(buf, sz);
return 0;
}
bool
LinkLayer::Start(llarp::Logic *l)
{
if(!ILinkLayer::Start(l))
return false;
return crypto->shrothash(m_CookieSec, m_IdentityKey.toBuffer());
return crypto->shorthash(m_CookieSec, llarp::ConstBuffer(m_IdentityKey));
}
void
@ -300,12 +305,12 @@ namespace llarp
std::bind(&llarp::Router::rc, r),
std::bind(&llarp::Router::HandleRecvLinkMessageBuffer, r,
std::placeholders::_1, std::placeholders::_2),
std::bind(&llarp::Router::Sign, r, std::placeholders::_1,
std::placeholders::_2),
std::bind(&llarp::Router::OnSessionEstablished, r,
std::placeholders::_1),
std::bind(&llarp::Router::CheckRenegotiateValid, r,
std::placeholders::_1, std::placeholders::_2),
std::bind(&llarp::Router::Sign, r, std::placeholders::_1,
std::placeholders::_2),
std::bind(&llarp::Router::OnConnectTimeout, r, std::placeholders::_1),
std::bind(&llarp::Router::SessionClosed, r, std::placeholders::_1)));
}

81
llarp/link/dtls_internal.hpp
Unescape Escape View File

@ -98,7 +98,7 @@ namespace llarp
static constexpr uint8_t maxfrags = 8;
/// maximum fragment size
static constexpr size_t fragsize = MAX_LINK_MSG_SIZE / maxfrags;
static constexpr FragLen_t fragsize = MAX_LINK_MSG_SIZE / maxfrags;
struct FragmentHeader
{
@ -106,9 +106,10 @@ namespace llarp
Proto_t version = LLARP_PROTO_VERSION;
/// fragment command type
Cmd_t cmd = 0;
/// if cmd is XMIT this is the number of fragments this message has
/// if cmd is FACK this is the fragment bitfield of the messages acked
/// otherwise 0
/// if cmd is XMIT this is the number of additional fragments this
/// message has
/// if cmd is FACK this is the fragment bitfield of the
/// messages acked otherwise 0
Flags_t flags = 0;
/// if cmd is XMIT this is the fragment index
/// if cmd is FACK this is set to 0xff to indicate message drop
@ -160,7 +161,8 @@ namespace llarp
buf->cur++;
llarp_buffer_put_uint16(buf, fraglen);
llarp_buffer_put_uint32(buf, seqno);
memcpy(buf->cur, body.base, fraglen);
if(fraglen)
memcpy(buf->cur, body.base, fraglen);
buf->cur += fraglen;
return true;
}
@ -225,18 +227,63 @@ namespace llarp
return now > lastActiveAt && now - lastActiveAt > 500;
}
int
TransmitUnacked(mbedtls_ssl_context *ctx)
bool
TransmitUnacked(mbedtls_ssl_context *ctx, Seqno_t seqno) const
{
AlignedBuffer< fragoverhead + fragsize > buf;
return mbedtls_ssl_write(ctx, buf.data(), buf.size());
FragmentHeader hdr;
hdr.seqno = seqno;
hdr.cmd = XMIT;
AlignedBuffer< fragoverhead + fragsize > frag;
auto buf = frag.as_buffer();
const byte_t *ptr = msg.data();
Fragno_t idx = 0;
FragLen_t len = sz;
while(idx < maxfrags)
{
const FragLen_t l = std::min(len, fragsize);
if(!acks.test(idx))
{
hdr.fragno = idx;
hdr.fraglen = l;
if(!hdr.Encode(&buf, llarp::InitBuffer(ptr, l)))
return false;
buf.sz = buf.cur - buf.base;
buf.cur = buf.base;
len -= l;
if(mbedtls_ssl_write(ctx, buf.base, buf.sz) != int(buf.sz))
return false;
}
ptr += l;
len -= l;
if(l >= fragsize)
++idx;
else
break;
}
return true;
}
void
TransmitAcks(mbedtls_ssl_context *ctx)
bool
TransmitAcks(mbedtls_ssl_context *ctx, Seqno_t seqno)
{
AlignedBuffer< fragoverhead > buf;
return mbedtls_ssl_write(ctx, buf.data(), buf.size());
FragmentHeader hdr;
hdr.seqno = seqno;
hdr.cmd = FACK;
hdr.flags = 0;
byte_t idx = 0;
while(idx < maxfrags)
{
if(acks.test(idx))
hdr.flags |= 1 << idx;
++idx;
}
hdr.fraglen = 0;
hdr.fragno = 0;
AlignedBuffer< fragoverhead > frag;
auto buf = frag.as_buffer();
if(!hdr.Encode(&buf, llarp::InitBuffer(nullptr, 0)))
return false;
return mbedtls_ssl_write(ctx, buf.base, buf.sz) == int(buf.sz);
}
};
@ -254,9 +301,9 @@ namespace llarp
struct LinkLayer final : public llarp::ILinkLayer
{
LinkLayer(llarp::Crypto *crypto, const byte_t *encryptionSecretKey,
const byte_t *identitySecretKey, llarp::GetRCFunc getrc,
llarp::LinkMessageHandler h,
LinkLayer(llarp::Crypto *crypto, const SecretKey &encryptionSecretKey,
const SecretKey &identitySecretKey, llarp::GetRCFunc getrc,
llarp::LinkMessageHandler h, llarp::SignBufferFunc sign,
llarp::SessionEstablishedHandler established,
llarp::SessionRenegotiateHandler reneg,
llarp::TimeoutHandler timeout,
@ -266,7 +313,7 @@ namespace llarp
llarp::Crypto *const crypto;
static const mbedtls_ecp_group_id AllowedCurve[2];
static const mbedtls_md_type_t AllowedHash[2];
static const int AllowedHash[2];
static const int CipherSuite[2];
static const mbedtls_x509_crt_profile X509Profile;

43
llarp/link/server.cpp
Unescape Escape View File

@ -112,9 +112,9 @@ namespace llarp
auto itr = m_Pending.begin();
while(itr != m_Pending.end())
{
if(itr->get() && !(*itr)->TimedOut(_now))
if(itr->second.get() && !itr->second->TimedOut(_now))
{
(*itr)->Pump();
itr->second->Pump();
++itr;
}
else
@ -129,20 +129,14 @@ namespace llarp
static constexpr size_t MaxSessionsPerKey = 16;
Lock l_authed(m_AuthedLinksMutex);
Lock l_pending(m_PendingMutex);
auto itr = m_Pending.begin();
while(itr != m_Pending.end())
auto itr = m_Pending.find(s->GetRemoteEndpoint());
if(itr != m_Pending.end())
{
if(itr->get() == s)
{
if(m_AuthedLinks.count(pk) < MaxSessionsPerKey)
m_AuthedLinks.emplace(pk, std::move(*itr));
else
s->SendClose();
itr = m_Pending.erase(itr);
return;
}
if(m_AuthedLinks.count(pk) < MaxSessionsPerKey)
m_AuthedLinks.emplace(pk, std::move(itr->second));
else
++itr;
s->SendClose();
itr = m_Pending.erase(itr);
}
}
@ -171,9 +165,13 @@ namespace llarp
llarp::LogInfo("Try establish to ", RouterID(rc.pubkey.as_array()));
llarp::Addr addr(to);
auto s = NewOutboundSession(rc, to);
s->Start();
PutSession(s);
return true;
if(PutSession(s))
{
s->Start();
return true;
}
delete s;
return false;
}
bool
@ -203,7 +201,7 @@ namespace llarp
auto itr = m_Pending.begin();
while(itr != m_Pending.end())
{
(*itr)->SendClose();
itr->second->SendClose();
++itr;
}
}
@ -314,11 +312,16 @@ namespace llarp
return true;
}
void
bool
ILinkLayer::PutSession(ILinkSession* s)
{
Lock lock(m_PendingMutex);
m_Pending.emplace_back(s);
auto itr = m_Pending.find(s->GetRemoteEndpoint());
if(itr != m_Pending.end())
return false;
m_Pending.emplace(s->GetRemoteEndpoint(), s);
return true;
}
void

6
llarp/link/server.hpp
Unescape Escape View File

@ -199,7 +199,7 @@ namespace llarp
using Lock = util::NullLock;
using Mutex = util::NullMutex;
void
bool
PutSession(ILinkSession* s);
llarp::Logic* m_Logic = nullptr;
@ -213,7 +213,9 @@ namespace llarp
RouterID::Hash >
m_AuthedLinks;
Mutex m_PendingMutex;
std::list< std::unique_ptr< ILinkSession > > m_Pending;
std::unordered_map< llarp::Addr, std::unique_ptr< ILinkSession >,
llarp::Addr::Hash >
m_Pending;
};
} // namespace llarp

Write Preview
Loading…
Cancel
Save