Commit Graph

108 Commits

Author SHA1 Message Date
Jason Rhinelander
febcd44ea1
Fix pubkey parsing to be read as bytes
from_string was trying to parse it as base32z.snode

Also leave FIXMEs behind for the badly named methods (both in RouterID
itself and in ancestor classes).
2023-12-11 15:42:27 -04:00
dr7ana
e58e8473f8
Merge pull request #2216 from tewinget/path-messages
Path build and onioned messages
2023-11-27 09:23:16 -08:00
Thomas Winget
9e9c1ea732 chahca nonce size is 24 bytes
Lots of code was using 32-byte nonces for xchacha20 symmetric
encryption, but this just means 8 extra bytes per packet wasted as
chacha is only using the first 24 bytes of that nonce anyway.

Changing this resulted in a lot of dead/dying code breaking, so this
commit also removes a lot of that (and comments a couple places with
TODO instead)

Also nounce -> nonce where it came up.
2023-11-08 15:13:44 -05:00
Thomas Winget
b0fb194e2c path control messages and onioning fleshed out
- control messages can be sent along a path
- the path owner onion-encrypts the "inner" message for each hop in the
  path
- relays on the path will onion the payload in both directions, such
  that the terminal relay will get the plaintext "inner" message and the
  client will get the plaintext "response" to that.
- control messages have (mostly, see below) been changed to be invokable
  either over a path or directly to a relay, as appropriate.

TODO:
  - exit messages need looked at, so they have not yet been changed for
    this
  - path transfer messages (traffic from client to client over 2 paths
    with a shared "pivot") are not yet implemented
2023-11-06 12:31:24 -05:00
dr7ana
39c70b575d config addr change
- the one addr to rule them all, and its name was oxen::quic::Address
- no more vectors of inbound/outbound junk
2023-11-06 04:17:09 -08:00
dr7ana
fa4471f566 {Remote,Local}RC's
- RemoteRC supplants most of the functionality throughout the code of RouterContact
- Next step will be to sort out CI issues, then see if we can get rid of either LocalRC (and therefore RouterContact entirely)
2023-11-02 05:30:49 -07:00
dr7ana
07271f9ae7 RC refactor layout
- Local and Remote RC's now implemented with discrete functionalities and uses
2023-10-31 13:49:14 -07:00
Jason Rhinelander
16506b6d8b
Default libcrypt to whether or not we find it
Also deliberately don't provide the function at all if we aren't
compiled with libcrypt so that we can't link if we try to call it when
not available.
2023-10-25 17:14:54 -03:00
dr7ana
46ad8d4058 Clang format include sorting + CMake
- includes are now sorted in consistent, logical order; first step in an attempt to fix the tomfoolery (no relation to Tom) brought in by include-what-you-use
- shuffled around some cmake linking to simplify dependency graph
- superfluous files removed
2023-10-24 12:11:51 -07:00
dr7ana
bda8b211dd Cmake restructuring 2023-10-24 08:40:18 -07:00
Jason Rhinelander
f4f5ab0109 "Refactor" aka delete Crypto/CryptoManager
- Get rid of CryptoManager.
- Get rid of Crypto.
- Move all the Crypto instance methods to llarp::crypto functions.
  (None of them needed to be methods at all, so this is simple).
- Move sodium/ntru initialization into static initialization.
- Add llarp::csrng, which is an available llarp::CSRNG instance which is
  a bit easier than needing to construct a `CSRNG rng{};` in various
  places.
- Various related small simplifications/cleanups.
2023-10-24 08:40:18 -07:00
dr7ana
e710cfea47 Review commit 2023-10-24 08:40:18 -07:00
dr7ana
41312abab0 introset and message transmission underway
- message handling through classes that inherit from PathSet
- cleanups around link_manager
- etc etc
2023-10-24 08:40:18 -07:00
dr7ana
6b1e3fbbc0 Touched up path build message handling 2023-10-16 06:39:57 -07:00
dr7ana
65bd224cf0 Exit endpoints implemented
- free standing functions in link_manager
- sign and serialize functionalities siloed in llarp/messages/exit.hpp
2023-10-06 08:35:34 -07:00
dr7ana
1a9f977208 Message method implementation continued
- tons of surrounding stupid refactoring required
2023-10-03 13:00:32 -07:00
dr7ana
d9ead7d0f6 crypto and message encoding
- libsodium calls streamlined and moved away from stupid typedefs
- buffer handling taken away from buffer_t and towards ustrings and strings
- lots of stuff deleted
- team is working well
- re-implementing message handling in proper link_manager methods
2023-09-29 10:29:05 -07:00
dr7ana
11e54f6552 More message refactoring
- routing messages and surrounding code
- shim code in place for iteration and optimization after deciding what to do with buffer, string handling, and subsequent function calls
2023-08-31 09:28:16 -07:00
Jason Rhinelander
d335527a70
Add binary file slurp/dump utility functions
We have basically this same bit of code in tons of places; consolidate
it into llarp::util::slurp_file/llarp::util::dump_file.

Also renames all the extra junk that crept into llarp/util/fs.hpp out of
there into llarp/util/file.hpp instead.
2022-10-05 16:34:32 -03:00
Jason Rhinelander
b81f7025c9
Replace logging with oxen-logger
Replaces custom logging system with spdlog-based oxen logging.  This
commit mainly replaces the backend logging with the spdlog-based system,
but doesn't (yet) convert all the existing LogWarn, etc. to use the new
format-based logging.

New logging statements will look like:

    llarp::log::warning(cat, "blah: {}", val);

where `cat` should be set up in each .cpp or cluster of .cpp files, as
described in the oxen-logging README.

As part of spdlog we get fmt, which gives us nice format strings, where
are applied generously in this commit.

Making types printable now requires two steps:
- add a ToString() method
- add this specialization:

      template <>
      constexpr inline bool llarp::IsToStringFormattable<llarp::Whatever> = true;

This will then allow the type to be printed as a "{}" value in a
fmt::format string.  This is applied to all our printable types here,
and all of the `operator<<` are removed.

This commit also:
- replaces various uses of `operator<<` to ToString()
- replaces various uses of std::stringstream with either fmt::format or
  plain std::string
- Rename some to_string and toString() methods to ToString() for
  consistency (and to work with fmt)
- Replace `stringify(...)` and `make_exception` usage with fmt::format
  (and remove stringify/make_exception from util/str.hpp).
2022-07-15 22:17:59 -03:00
Jason Rhinelander
b09298e211
Replace llarp/util/endian.hpp with oxenc/endian.h 2022-04-28 12:09:51 -03:00
Jeff
7a8410b375 make more platforms ignore libcrypt 2022-04-20 15:26:39 -04:00
Jeff
ee12ba51d5 disable hashed auth on windows 2022-04-20 15:26:39 -04:00
Jeff
5050cd0299 add hashed password capability to endpoint auth by file 2022-04-20 15:26:39 -04:00
Jeff
6bb438ca33 make comments with colins in them not have them in it 2022-02-17 18:01:53 -05:00
Jason Rhinelander
d02558350a
Crank oxen-mq to (1.2.)11; switch to oxen-encoding
- Update oxen-mq submodule to latest stable
- Add oxen-encoding submodule
- Convert all oxenmq encoding usage to oxenc
- Modernize cmake handling of oxenmq/oxenc
2022-02-17 16:30:17 -04:00
Jason Rhinelander
bfc6d35b33 Simplifications & C++17
- Modernize some iterator loops
- Simplify a couple places by using `if (init; ...)`
- Replace various std::binds with lambdas
2021-11-14 10:11:00 -04:00
Jason Rhinelander
181953b4a6 Replace ::Hash nested structs with std::hash specializations 2021-03-10 11:19:52 -04:00
Thomas Winget
7caa87862e standardize include format and pragma once
All #ifndef guards on headers have been removed, I think,
in favor of #pragma once

Headers are now included as `#include "filename"` if the included file
resides in the same directory as the file including it, or any
subdirectory therein.  Otherwise they are included as
`#include <project/top/dir/relative/path/filename>`

The above does not include system/os headers.
2021-03-09 19:01:41 -05:00
Jeff Becker
0fa91381ba
add llarp::CSRNG for cryptographically secure random number generator for use in std::shuffle 2021-03-02 07:20:29 -05:00
Jeff Becker
242e56507c
proper lokimq -> oxenmq refactor 2021-02-03 13:12:21 -05:00
Jeff Becker
df4ea34a56
nodedb refactor
* bump zmq static dep
* lokimq -> oxenmq
* llarp_nodedb -> llarp::NodeDB
* remove all crufty api parts of NodeDB
* make NodeDB rc selection api not suck
* make path builder api not suck
* propagate all above changes so that unit tests work and it all compiles
2021-02-02 09:35:40 -05:00
Jason Rhinelander
af6caf776a
Config file improvements (#1397)
* Config file API/comment improvements

API improvements:
=================

Make the config API use position-independent tag parameters (Required,
Default{123}, MultiValue) rather than a sequence of bools with
overloads.  For example, instead of:

    conf.defineOption<int>("a", "b", false, true, 123, [] { ... });

you now write:

    conf.defineOption<int>("a", "b", MultiValue, Default{123}, [] { ... });

The tags are:
- Required
- MultiValue
- Default{value}
plus new abilities (see below):
- Hidden
- RelayOnly
- ClientOnly
- Comment{"line1", "line2", "line3"}

Made option definition more powerful:
=====================================

- `Hidden` allows you to define an option that won't show up in the
  generated config file if it isn't set.

- `RelayOnly`/`ClientOnly` sets up an option that is only accepted and
  only shows up for relay or client configs.  (If neither is specified
  the option shows up in both modes).

- `Comment{...}` lets the option comments be specified as part of the
  defineOption.

Comment improvements
====================

- Rewrote comments for various options to expand on details.
- Inlined all the comments with the option definitions.
- Several options that were missing comments got comments added.
- Made various options for deprecated and or internal options hidden by
  default so that they don't show up in a default config file.
- show the section comment (but not option comments) *after* the
  [section] tag instead of before it as it makes more sense that way
  (particularly for the [bind] section which has a new long comment to
  describe how it works).

Disable profiling by default
============================

We had this weird state where we use and store profiling by default but
never *load* it when starting up.  This commit makes us just not use
profiling at all unless explicitly enabled.

Other misc changes:
===================

- change default worker threads to 0 (= num cpus) instead of 1, and fix
  it to allow 0.
- Actually apply worker-threads option
- fixed default data-dir value erroneously having quotes around it
- reordered ifname/ifaddr/mapaddr (was previously mapaddr/ifaddr/ifname)
  as mapaddr is a sort of specialization of ifaddr and so makes more
  sense to come after it (particularly because it now references ifaddr
  in its help message).
- removed peer-stats option (since we always require it for relays and
  never use it for clients)
- removed router profiles filename option (this doesn't need to be
  configurable)
- removed defunct `service-node-seed` option
- Change default logging output file to "" (which means stdout), and
  also made "-" work for stdout.

* Router hive compilation fixes

* Comments for SNApp SRV settings in ini file

* Add extra blank line after section comments

* Better deprecated option handling

Allow {client,relay}-only options in {relay,client} configs to be
specified as implicitly deprecated options: they warn, and don't set
anything.

Add an explicit `Deprecated` tag and move deprecated option handling
into definition.cpp.

* Move backwards compat options into section definitions

Keep the "addBackwardsCompatibleConfigOptions" only for options in
sections that no longer exist.

* Fix INI parsing issues & C++17-ify

- don't allow inline comments because it seems they aren't allowed in
ini formats in general, and is going to cause problems if there is a
comment character in a value (e.g. an exit auth string).  Additionally
it was breaking on a line such as:

    # some comment; see?

because it was treating only `; see?` as the comment and then producing
an error message about the rest of the line being invalid.

- make section parsing stricter: the `[` and `]` have to be at the
beginning at end of the line now (after stripping whitespace).

- Move whitespace stripping to the top since everything in here does it.

- chop off string_view suffix/prefix rather than maintaining position
values

- fix potential infinite loop/segfault when given a line such as `]foo[`

* Make config parsing failure fatal

Load() LogError's and returns false on failure, so we weren't aborting
on config file errors.

* Formatting: allow `{}` for empty functions/structs

Instead of using two lines when empty:

    {
    }

* Make default dns bind 127.0.0.1 on non-Linux

* Don't show empty section; fix tests

We can conceivably have sections that only make sense for clients or
relays, and so want to completely omit that section if we have no
options for the type of config being generated.

Also fixes missing empty lines between tests.

Co-authored-by: Thomas Winget <tewinget@gmail.com>
2020-10-07 18:22:58 -04:00
Jeff
21930cf667
LNS (#1342)
* initial relay side lns

* fix typo

* add reserved names and refactor test for dns

* lns name decryption

* all wired up (allegedly)

* refact to use service::EncryptedName for LNS responses to include nonce with ciphertext

* fully rwemove tag_lookup_job

* replace lns cache with DecayingHashTable

* check for lns name validity against the following rules:

* not localhost.loki, loki.loki, or snode.loki

* if it contains no dash then max 32 characters long, not including the .loki tld (and also assuming a leading subdomain has been stripped)

* These are from general DNS requirements, and also enforced in
registrations:

* Must be all [A-Za-z0-9-]. (A-Z will be lower-cased by the RPC call).

* cannot start or end with a -

* max 63 characters long if it does contain a dash

* cannot contain -- in the third and fourth characters unless it starts with xn--

* handle timeout in name lookup job by calling the right handler with std::nullopt
2020-09-17 15:18:08 -04:00
Jason Rhinelander
a7c42ab2bd
Use lokimq's hex/base32z encoding/decoding 2020-07-02 11:13:31 -04:00
Jeff Becker
f4971a88fd
use lokimq workers instead of llarp:🧵:ThreadPool 2020-07-02 11:07:34 -04:00
Rick V
1340cd0dce remove some string conversions entirely 2020-05-26 23:09:16 -05:00
Jason Rhinelander
ebd2142114 Don't use std::optional::value() because f u macos
This replaces all use of std::optional's `opt.value()` with `*opt`
because macOS is great and the ghost of Steve Jobs says that actually
supporting std::optional's value() method is not for chumps before macOS
10.14.  So don't use it because Apple is great.

Pretty much all of our use of it actually is done better with operator*
anyway (since operator* doesn't do a check that the optional has a
value).

Also replaced *most* of the `has_value()` calls with direct bool
context, except for one in the config section which looked really
confusing at a glance without a has_value().
2020-05-20 19:18:28 -03:00
Jason Rhinelander
e03dfc751c Remove crypto_noop
It isn't used anywhere, and has bitrotted (it is marked final, but is
missing some required abstract method instances).
2020-05-17 17:08:11 -03:00
Stephen Shelton
273270916e
The Great Wall of Blame
This commit reflects changes to clang-format rules. Unfortunately,
these rule changes create a massive change to the codebase, which
causes an apparent rewrite of git history.

Git blame's --ignore-rev flag can be used to ignore this commit when
attempting to `git blame` some code.
2020-04-07 12:38:56 -06:00
Jason Rhinelander
870062e8cc Remove absl optimization
This was being used to get at gcc/clang's __builtin_expect, but we don't
really need that: we can just avoid the check entirely when not in debug
mode which should be even faster.
2020-02-24 14:27:44 -04:00
Jason Rhinelander
f84ce61d66 Removed empty cpp files
These aren't needed: CMake already knows how to follow #includes and
rebuild when headers change as long as the headers are included
*somewhere*.  The extra .cpp files here just require building a bunch of
.cpp files with just header content that we just end up throw away
during linking (since the same things will also be compiled in whatever
other compilation units include the same headers).
2020-02-21 23:39:11 -04:00
Jason Rhinelander
8cd95c01b3 Abstract signing hash data location
This makes the interface a little cleaner by not requiring the class
user to know how we laid out the data in the object.
2020-02-02 16:38:48 -04:00
Jason Rhinelander
739ce92aeb Remove unused ristretto includes 2020-02-01 12:44:31 -04:00
Jason Rhinelander
f1171ed7a2 make format 😠 🤮 2020-01-31 17:05:50 -04:00
Jason Rhinelander
cd8f26deff Use hash instead of random for signing hash data
This makes PrivateKey store both the key followed by the hash.  For
PrivateKeys based on SecretKeys this just means the second half of the
SHA-512 of the seed, and makes a PrivateKey constructed from a SecretKey
give an identical signature to signing directly with sodium.

For derived keys we use a ShortHash of the root key's signing hash
concatenated with the publicly known hash value, so that our derived key
signing hash will be different from the root signing hash and also
different for different derivation parameters.

This also changed one of the asserts in crypto_noop, but upon closer
inspection the copying of the secret key into the signature seems really
wrong, so just changed them to fill with 0s.
2020-01-31 16:47:25 -04:00
Thomas Winget
afd87eedb4 NO CLAMPS YOU IDIOT!!! 2020-01-31 12:05:27 -04:00
Thomas Winget
a487982c49 initial implementation of blinded sign -- not working yet 2020-01-31 12:05:20 -04:00
Jason Rhinelander
f7cd10a82e Fix Recalculate()
Recalculate did what should have been the right thing but wasn't because
of libsodium's mislabelling the "seed" as the secret key.
2020-01-30 12:38:39 -04:00
Jason Rhinelander
860c5efd47 Derived key fixes
The reason things weren't working here is because libsodium does
something completely unintuitive and called the seed the "secret key"
when it isn't, it's the seed.

This adds a new PrivateKey class (alongside the existing SecretKey and
PubKey) that holds just a private key value but no seed -- which we need
to do because there is no way we can get a seed after calculating a
derived keypair.

With these changes, we now generate exactly the same keys and subkeys as
Tor (and a new test case uses values generated in Tor to verify this).

This is incomplete -- the subkey signing code is still not implemented;
it has to be adapted to create a signature from a PrivateKey rather than
a SecretKey which will probably requiring working around/reimplementing
some of what libsodium does for creating a signature since it expects
"secret keys" i.e. the seed.
2020-01-30 12:34:05 -04:00