Commit Graph

253 Commits

Author SHA1 Message Date
Thomas Winget
4c630e0437 Large collection of changes to make android work
- Previous android java and jni code updated to work, but with much love
  still needed to make it work nicely, e.g. handling when the VPN is
  turned off.

- DNS handling refactored to allow android to intercept and handle DNS
  requests as we can't set the system DNS to use a high port
  (and apparently Chrome ignores system DNS settings anyway)

- add packet router structure to allow separate handling of specific
  intercepted traffic, e.g. UDP traffic to port 53 gets handled by our
  DNS handler rather than being naively forwarded as exit traffic.

- For now, android lokinet is exit-only and hard-coded to use exit.loki
  as its exit.  The exit will be configurable before release, but
  allowing to not use exit-only mode is more of a challenge.

- some old gitignore remnants which were matching to things we don't
  want them to (and are no longer relevant) removed

- some minor changes to CI configuration
2021-03-02 13:18:22 -05:00
Jeff Becker
063e982ef6
fix exit range default value 2021-02-16 11:25:44 -05:00
Jeff Becker
242e56507c
proper lokimq -> oxenmq refactor 2021-02-03 13:12:21 -05:00
Jeff Becker
df4ea34a56
nodedb refactor
* bump zmq static dep
* lokimq -> oxenmq
* llarp_nodedb -> llarp::NodeDB
* remove all crufty api parts of NodeDB
* make NodeDB rc selection api not suck
* make path builder api not suck
* propagate all above changes so that unit tests work and it all compiles
2021-02-02 09:35:40 -05:00
Jeff Becker
5233b26552
format 2020-10-30 15:53:05 -04:00
Jeff Becker
bf1a692005
key manager should throw on failures 2020-10-30 15:52:19 -04:00
Jeff
0e1e0aaef3
allow for relative file paths in config (#1432)
* llarp::Config constructor can take an empty fs::path now and it will default to fs::current_path
* llarp::ensureConfig now throws on fs error
* updates to daemon/main.cpp to reflect changes to llarp::ensureConfig's new throwability
* dowse parts of the code with holy water for the 0.8.1 tag
2020-10-30 09:38:17 -04:00
Jeff
dcb48db5fe
enable profiling on clients by default (#1421)
* enable client relay profiling by default

* macos dns fixes

* improve peer profiling algorithm to track timeouts vs failures

* remove debug ioctl call in tuntap code

* use ub_wait instead of ub_process as that was what was there before

* const correctness

* DRY out checking for SIIT

* typofix

* correct name
2020-10-27 17:34:09 -04:00
Jeff
7a1207dc47
dont bind inbound links as client (#1419)
* dont bind inbound links as client

* fix broken test

* logic call MUST defer call
2020-10-21 17:31:57 -04:00
Jeff
12eb32a816
add conf.d directory for config overrides (#1410)
* add conf.d directory for config overrides

* refactor llarp::Config

* add explicit constructor with datadir as parameter
* have all config files be passed as std::optional
* make Config::LoadDefault private and use std::optional in Config::Load to remove ambiguity
* update rest of codebase to reflect above changes

* fix pybind

* rename bootstrap config skipBootstrap to seednode as it's more descriptive
* make seednode configurable
* make pybind layer compile
* make pybind layer run
2020-10-21 08:58:08 -04:00
Jeff
22acf0a537
Lns exits (#1407)
* lns exits

* try appeasing the clang

* clean up lambda
2020-10-21 05:39:01 -04:00
Jeff
98e022ea21
Unflaky-ify lns dns (#1406)
* always ensure path to service on dns lookup

* deprecate profiles option
2020-10-12 13:55:58 -04:00
Jeff
3b70b99dd2
fix empty config case (#1400)
* fix empty config case

* * fix case for empty ifname / ifaddr on relay
* bail if no dns server bound

* use AssignmentAcceptor
2020-10-09 11:39:39 -04:00
Jason Rhinelander
af6caf776a
Config file improvements (#1397)
* Config file API/comment improvements

API improvements:
=================

Make the config API use position-independent tag parameters (Required,
Default{123}, MultiValue) rather than a sequence of bools with
overloads.  For example, instead of:

    conf.defineOption<int>("a", "b", false, true, 123, [] { ... });

you now write:

    conf.defineOption<int>("a", "b", MultiValue, Default{123}, [] { ... });

The tags are:
- Required
- MultiValue
- Default{value}
plus new abilities (see below):
- Hidden
- RelayOnly
- ClientOnly
- Comment{"line1", "line2", "line3"}

Made option definition more powerful:
=====================================

- `Hidden` allows you to define an option that won't show up in the
  generated config file if it isn't set.

- `RelayOnly`/`ClientOnly` sets up an option that is only accepted and
  only shows up for relay or client configs.  (If neither is specified
  the option shows up in both modes).

- `Comment{...}` lets the option comments be specified as part of the
  defineOption.

Comment improvements
====================

- Rewrote comments for various options to expand on details.
- Inlined all the comments with the option definitions.
- Several options that were missing comments got comments added.
- Made various options for deprecated and or internal options hidden by
  default so that they don't show up in a default config file.
- show the section comment (but not option comments) *after* the
  [section] tag instead of before it as it makes more sense that way
  (particularly for the [bind] section which has a new long comment to
  describe how it works).

Disable profiling by default
============================

We had this weird state where we use and store profiling by default but
never *load* it when starting up.  This commit makes us just not use
profiling at all unless explicitly enabled.

Other misc changes:
===================

- change default worker threads to 0 (= num cpus) instead of 1, and fix
  it to allow 0.
- Actually apply worker-threads option
- fixed default data-dir value erroneously having quotes around it
- reordered ifname/ifaddr/mapaddr (was previously mapaddr/ifaddr/ifname)
  as mapaddr is a sort of specialization of ifaddr and so makes more
  sense to come after it (particularly because it now references ifaddr
  in its help message).
- removed peer-stats option (since we always require it for relays and
  never use it for clients)
- removed router profiles filename option (this doesn't need to be
  configurable)
- removed defunct `service-node-seed` option
- Change default logging output file to "" (which means stdout), and
  also made "-" work for stdout.

* Router hive compilation fixes

* Comments for SNApp SRV settings in ini file

* Add extra blank line after section comments

* Better deprecated option handling

Allow {client,relay}-only options in {relay,client} configs to be
specified as implicitly deprecated options: they warn, and don't set
anything.

Add an explicit `Deprecated` tag and move deprecated option handling
into definition.cpp.

* Move backwards compat options into section definitions

Keep the "addBackwardsCompatibleConfigOptions" only for options in
sections that no longer exist.

* Fix INI parsing issues & C++17-ify

- don't allow inline comments because it seems they aren't allowed in
ini formats in general, and is going to cause problems if there is a
comment character in a value (e.g. an exit auth string).  Additionally
it was breaking on a line such as:

    # some comment; see?

because it was treating only `; see?` as the comment and then producing
an error message about the rest of the line being invalid.

- make section parsing stricter: the `[` and `]` have to be at the
beginning at end of the line now (after stripping whitespace).

- Move whitespace stripping to the top since everything in here does it.

- chop off string_view suffix/prefix rather than maintaining position
values

- fix potential infinite loop/segfault when given a line such as `]foo[`

* Make config parsing failure fatal

Load() LogError's and returns false on failure, so we weren't aborting
on config file errors.

* Formatting: allow `{}` for empty functions/structs

Instead of using two lines when empty:

    {
    }

* Make default dns bind 127.0.0.1 on non-Linux

* Don't show empty section; fix tests

We can conceivably have sections that only make sense for clients or
relays, and so want to completely omit that section if we have no
options for the type of config being generated.

Also fixes missing empty lines between tests.

Co-authored-by: Thomas Winget <tewinget@gmail.com>
2020-10-07 18:22:58 -04:00
Jason Rhinelander
753d989f7c Set default inbound link to best public interface
Fixes default config not working.
2020-10-02 23:27:25 -03:00
Jason Rhinelander
7aa4566016 Make format 2020-10-02 20:57:51 -03:00
Jason Rhinelander
01013c1963 Make upstream= override work; reject non-default upstream port
If you specify upstream= then you get no upstream, if you give one then
you use that instead of the default, but you can still list multiple.

unbound doesn't support an upstream port, so bail if the user gives a
non-port-53 response.
2020-10-02 20:17:12 -03:00
Jason Rhinelander
d129b0432a Allow empty values so that upstream= can disable the default 2020-10-02 19:39:43 -03:00
Jason Rhinelander
c97b9ef31b Simplify k=v parsing code 2020-10-02 19:38:58 -03:00
Jeff
9d6dc40f81 format 2020-10-02 18:02:03 -04:00
Jeff
2b5b3ce8e1 default upstream dns to cloudflare 2020-10-02 18:01:26 -04:00
Jeff
0f7e848903
disable rpc on relays by default (#1383)
* disable rpc on relays by default

* add default inbound link as service node

* throw if public-ip and public-port are not set
2020-10-02 16:54:31 -04:00
Jason Rhinelander
fbfa8ca89c
make format (#1381) 2020-10-02 15:50:20 -04:00
Jason Rhinelander
b121933374
Make public-ip option work (#1380)
0.7 supported both public-address and public-ip, but only the former was
being allowed in 0.8.

This makes `public-ip=...` work again, and makes it the canonical option
(because it makes a bit more sense than address when we also have the
public-port parameter), while making `public-address=` accepted with a
deprecation warning.

Also adds default descriptions for port and ip for the generated ini.
2020-10-02 14:47:14 -04:00
Jeff
7852735b36 tweak configuration defaults 2020-10-02 05:48:08 -04:00
Jeff
8943be6c3a
serialize auth codes in rpc (#1369)
* serialize auth codes in rpc

* format

* format

* config and route fixups

* bump lokimq

* fix compile

* discard unknown members in service keys

* format
2020-09-29 09:26:45 -04:00
Jason Rhinelander
d03066ee05
Support [dns] no-resolvconf option (ignored by lokinet) for deb compatibility (#1362)
* Add ignored [dns]no-resolvconf option for deb backwards compat

The debs hack a `#no-resolvconf=1` into the config file in 0.7 to allow
a user to disable resolvconf setup during startup by uncommenting it.
That doesn't work anymore since 0.8 errors on invalid config options, so
add it as an ignored option so that 0.7 deb config files can still be
compatible.

* Fix `[dns]upstream` comment not being produced in generated conf file

* fix test

Co-authored-by: Jeff <jeff@i2p.rocks>
2020-09-22 17:46:06 -04:00
Jeff
a035dbdb9a enable peer stats by default 2020-09-19 09:56:47 -04:00
Jeff
78b40d6725 wire up lns gotnamemessage handler to kitchen sink 2020-09-19 09:29:36 -04:00
Jeff
c64c9093f2
make endpoints reachable by default (#1344) 2020-09-14 18:19:17 -04:00
Thomas Winget
b1c14af938
SRV Record handling for introsets (#1331)
* update loki-mq submodule for tuple support

* srv record reply implementation

still need to encode srv records into intro sets / router contacts
as well as decode from them and match against queried service.proto

* inverted condition fix in config code

* SRV record struct (de-)serialization for intro sets

* parsing and using srv records from config (for/in introsets)

* adopt str utils from core and use for srv parsing

* changes to repeat requests

no longer drop repeat requests on the floor, but do not make
an *actual* request for them if one is in progress.

do not call reply hook for each reply for a request, as
each userland request is actually made into several lokinet
requests and this would result in duplicate replies.

* fetch SRVs from introsets for .loki

* make format

* dns and srv fixes, srv appears to be working
2020-08-31 16:07:17 -04:00
jeff
5391e6a66a initial config overriding on runtime 2020-08-27 12:43:53 +00:00
jeff
e3bfe76f98 add exit auth token awareness to config 2020-08-27 07:12:56 -04:00
Jeff Becker
d8dcffe80a
resolve conflict with dev 2020-08-24 20:27:47 -04:00
jeff
30a6e901f5
add router.enable-peer-stats config option unconditionally 2020-08-24 20:21:18 -04:00
Jeff Becker
ff130e2b5e
die if we are a relay and don't have any inbound links 2020-08-24 20:19:51 -04:00
Jeff Becker
8c3621cead
fix issue #1328 2020-08-24 20:19:51 -04:00
Jeff Becker
301cb6d32f
fix issue #1320 (allow providing ip/port in bind section of config) 2020-07-30 10:36:36 -04:00
Stephen Shelton
b0d8568452
Remove llarp C API usage from RouterHive 2020-07-02 10:24:19 -06:00
Stephen Shelton
023e061146
Make [router]:enable-peer-stats only valid for client 2020-07-02 10:13:25 -06:00
Stephen Shelton
2a30e7dac2
Add PeerDb to Router 2020-07-02 10:13:21 -06:00
Jeff Becker
d85c7bc628
remove wrapper and just use a lambda that throws on non empty value 2020-07-02 11:13:32 -04:00
Jeff Becker
a0dc2e795c
add a wrapper that always throws with a custom error message
use that wrapper for lokid.jsonrpc
2020-07-02 11:13:32 -04:00
Jeff Becker
a9109aa91b
* deprecate old unused lokid rpc options
* use lokimq::address in config and in lokid rpc
* bump lokimq submodule
2020-07-02 11:13:31 -04:00
Jeff Becker
80919a3b76
address feedback.
* use exceptions when fetching identity key instead of std::optional, will throw on fail
* fix up config options for endpoint auth and add better docs
* add llarp::serive::AuthType enum for controlling what kind of endpoint auth to use
2020-07-02 11:13:31 -04:00
Jeff Becker
0f21eeccb0
* rework exit codepath to allow multiple exits
* rework net code for ip ranges to be cleaner
* clean up endpoint auth code
* refactor config to validate network configs before setting up endpoints
* remove buildone from path/pathbuilder.cpp so we don't spam connection attempts
2020-07-02 11:13:30 -04:00
Jeff Becker
0d6e3bcd89
fix crashing tests 2020-07-02 11:13:30 -04:00
Jeff Becker
e95b9d530e
fix unit tests, make them pass 2020-07-02 11:10:06 -04:00
Jeff Becker
5abf111159
endpoint auth whitelist 2020-07-02 11:07:33 -04:00
Jeff Becker
a42d3d51c3
more 2020-07-02 11:07:33 -04:00