* use exceptions when fetching identity key instead of std::optional, will throw on fail
* fix up config options for endpoint auth and add better docs
* add llarp::serive::AuthType enum for controlling what kind of endpoint auth to use
* rework net code for ip ranges to be cleaner
* clean up endpoint auth code
* refactor config to validate network configs before setting up endpoints
* remove buildone from path/pathbuilder.cpp so we don't spam connection attempts
This replaces all use of std::optional's `opt.value()` with `*opt`
because macOS is great and the ghost of Steve Jobs says that actually
supporting std::optional's value() method is not for chumps before macOS
10.14. So don't use it because Apple is great.
Pretty much all of our use of it actually is done better with operator*
anyway (since operator* doesn't do a check that the optional has a
value).
Also replaced *most* of the `has_value()` calls with direct bool
context, except for one in the config section which looked really
confusing at a glance without a has_value().
macOS doing a shared library build is not working without untangling
some of the interdependencies. This commit does that, at least enough
to get macOS to compile.
This isn't the cleanest as currently implemented (we have some net/
things in `liblokinet-platform` and some in `liblokinet`, and likewise
ev/vpnio.cpp is in `liblokinet` while the rest of `ev/*` is in
`liblokinet-platform`).
llarp/config/config.cpp:
respect [network]:type option
llarp/handlers/exit.cpp:
when [network]:type is null dont init tun interface
llarp/service/context.cpp:
respect [network]:type option
change endpoint name back to "default"
llarp/tooling/router_hive.cpp:
dont use LogicCall for obtaining RCs from underlying relays, it crashes the mainloop and it's probably safe to readonly access RCs.
pybind/common.hpp:
remove typecasters as we use C++17 now
pybind/llarp/config.cpp:
remove SnappConfig
wire up NetworkConfig
pybind/llarp/handlers/pyhandler.hpp:
remove SnappConfig from constructor
pybind/llarp/handlers/pyhandler.cpp:
update constructor implementation to match header
test/hive/hive.py:
remove broke endpoint related code
wire up null endpoint option using NetworkConfig
use index at 0 for relays and clients instead of 1
dont add a python endpoint to all clients
This is an initial pass at doing explicit value checks when handling
config parsing, as opposed to using a visiting pattern. The latter
made it difficult to check for conditions such as missing required
values, multiple values, etc.
It was also generally less readable (think declarative) which further
made it difficult to get a grasp for what our actual configuration file
requirements were.
This commit reflects changes to clang-format rules. Unfortunately,
these rule changes create a massive change to the codebase, which
causes an apparent rewrite of git history.
Git blame's --ignore-rev flag can be used to ignore this commit when
attempting to `git blame` some code.
This template-ifies Router::NotifyRouterEvent() up so that it accepts
the arguments to instantiate the specified event type, forwarding them
to std::make_unique. This would allow (in the future) the function to
no-op the call and avoid memory allocation. It also slightly reduces
the amount of code required to fire an event.
This commit also simplifies some of the RouterEvent code to reduce
redundancy.
DHT PubIntroSentEvent
some helper functions added to RouterHive (C++ class) as well as RouterHive(Python class)
hive.py main() continues to be a testbed for new event types
some more internal classes in pybind
This caused some unwanted behaviour:
- on initial startup we often get two publishes in quick succession
because we're publishing and building paths at the same time
- at the 10m mark we enter a publish loop every 5 seconds because we
have paths with lifetimes < 10min that was triggering this condition,
and yet those paths will never actually be included in the introset
because they are expiring in <10m.
This should ensure that we have enough shortly after startup for initial
path builds.
The spread speed here gets slightly increased to lifetime/5 (=4min)
instead of lifetime/4 (=5min) so that our "normal" number of paths is 5
with occassional momentary drops to 4, but should always keep us >= the
new minimum of 4.
Because the path spread happens over time, this shouldn't result in a
rebuild of several paths: we'll build 4 quickly, then another at +4m,
another at +8m, etc. When the initial 4 expire, we'll be dropping from
9 to 5 established but that's still above the minimum (4) so we won't
need to reconnect to several at once, and the spread builds should keep
us at 5 all the time.
These aren't needed: CMake already knows how to follow #includes and
rebuild when headers change as long as the headers are included
*somewhere*. The extra .cpp files here just require building a bunch of
.cpp files with just header content that we just end up throw away
during linking (since the same things will also be compiled in whatever
other compilation units include the same headers).
- util::Mutex is now a std::shared_timed_mutex, which is capable of
exclusive and shared locks.
- util::Lock is still present as a std::lock_guard<util::Mutex>.
- the locking annotations are preserved, but updated to the latest
supported by clang rather than using abseil's older/deprecated ones.
- ACQUIRE_LOCK macro is gone since we don't pass mutexes by pointer into
locks anymore (WTF abseil).
- ReleasableLock is gone. Instead there are now some llarp::util helper
methods to obtain unique and/or shared locks:
- `auto lock = util::unique_lock(mutex);` gets an RAII-but-also
unlockable object (std::unique_lock<T>, with T inferred from
`mutex`).
- `auto lock = util::shared_lock(mutex);` gets an RAII shared (i.e.
"reader") lock of the mutex.
- `auto lock = util::unique_locks(mutex1, mutex2, mutex3);` can be
used to atomically lock multiple mutexes at once (returning a
tuple of the locks).
This are templated on the mutex which makes them a bit more flexible
than using a concrete type: they can be used for any type of lockable
mutex, not only util::Mutex. (Some of the code here uses them for
getting locks around a std::mutex). Until C++17, using the RAII types
is painfully verbose:
```C++
// pre-C++17 - needing to figure out the mutex type here is annoying:
std::unique_lock<util::Mutex> lock(mutex);
// pre-C++17 and even more verbose (but at least the type isn't needed):
std::unique_lock<decltype(mutex)> lock(mutex);
// our compromise:
auto lock = util::unique_lock(mutex);
// C++17:
std::unique_lock lock(mutex);
```
All of these functions will also warn (under gcc or clang) if you
discard the return value. You can also do fancy things like
`auto l = util::unique_lock(mutex, std::adopt_lock)` (which lets a
lock take over an already-locked mutex).
- metrics code is gone, which also removes a big pile of code that was
only used by metrics:
- llarp::util::Scheduler
- llarp:🧵:TimerQueue
- llarp::util::Stopwatch
Step 1 of removing abseil from lokinet.
For the most part this is a drop-in replacement, but there are also a
few changes here to the JSONRPC layer that were needed to work around
current gcc 10 dev snapshot:
- JSONRPC returns a json now instead of an optional<json>. It doesn't
make any sense to have a json rpc call that just closes the connection
with returning anything. Invoked functions can return a null (default
constructed) result now if they don't have anything to return (such a
null value won't be added as "result").
The reason things weren't working here is because libsodium does
something completely unintuitive and called the seed the "secret key"
when it isn't, it's the seed.
This adds a new PrivateKey class (alongside the existing SecretKey and
PubKey) that holds just a private key value but no seed -- which we need
to do because there is no way we can get a seed after calculating a
derived keypair.
With these changes, we now generate exactly the same keys and subkeys as
Tor (and a new test case uses values generated in Tor to verify this).
This is incomplete -- the subkey signing code is still not implemented;
it has to be adapted to create a signature from a PrivateKey rather than
a SecretKey which will probably requiring working around/reimplementing
some of what libsodium does for creating a signature since it expects
"secret keys" i.e. the seed.
So far only a bit of the code using timers has been modified to use
the new libuv-based timers. Also only the non-Windows case has been
implemented. Seems to be working though, so it's a good time to commit.