feat: massive overhaul, cleanup of repo

.github/workflows/validate.yml

@@ -18,7 +18,7 @@ jobs:
   core_libs:
     strategy:
       matrix:
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ ubuntu-latest, macos-latest, windows-latest ]
     runs-on: ${{ matrix.os }}
     timeout-minutes: 80
     steps:
@@ -40,7 +40,7 @@ jobs:
         run: mysql -uroot -h127.0.0.1 -ppassword -e 'CREATE DATABASE hyxewave; CREATE DATABASE hyxewave2; set global max_connections = 1000;'
       - name: Augment connection size for psql
         if: startsWith(matrix.os, 'ubuntu')
-        run:  psql -c 'ALTER SYSTEM SET max_connections TO 1000' postgresql://postgres:postgres@localhost/hyxewave && psql -c 'ALTER SYSTEM SET max_connections TO 1000' postgresql://postgres:postgres@localhost/hyxewave2
+        run: psql -c 'ALTER SYSTEM SET max_connections TO 1000' postgresql://postgres:postgres@localhost/hyxewave && psql -c 'ALTER SYSTEM SET max_connections TO 1000' postgresql://postgres:postgres@localhost/hyxewave2
       - name: Add sqlite databases
         if: startsWith(matrix.os, 'ubuntu')
         run: touch /home/runner/hyxewave.db && touch /home/runner/hyxewave2.db
@@ -127,47 +127,47 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: Avarok-Cybersecurity/gh-actions-deps@master
-#      - name: Install Valgrind
-#        run: |
-#          sudo apt-get update -y
-#          sudo apt-get install -y valgrind
-#      # Compile tests
-#      - name: cargo build secmem_bytes_test
-#        run: cargo build --bin secmem_bytes_test
+      #      - name: Install Valgrind
+      #        run: |
+      #          sudo apt-get update -y
+      #          sudo apt-get install -y valgrind
+      #      # Compile tests
+      #      - name: cargo build secmem_bytes_test
+      #        run: cargo build --bin secmem_bytes_test
       # Run with valgrind
-#      - name: Run valgrind secmem_bytes
-#        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/secmem_bytes_test
-#      - name: cargo build secmem_string_test
-#        run: cargo build --bin secmem_string_test
+      #      - name: Run valgrind secmem_bytes
+      #        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/secmem_bytes_test
+      #      - name: cargo build secmem_string_test
+      #        run: cargo build --bin secmem_string_test
       # Run with valgrind
-#      - name: Run valgrind secmem_string
-#        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/secmem_string_test
+      #      - name: Run valgrind secmem_string
+      #        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/secmem_string_test
       - run: cargo check --package citadel_sdk --release --features=webrtc,sql,redis,multi-threaded
       - run: cargo install --locked cargo-deny && cargo deny check all
       - run: rustup component add clippy-preview
       - run: cargo clippy --features=webrtc,sql,redis,multi-threaded -- -D warnings
       - run: cargo clippy --features=webrtc,sql,redis,multi-threaded --release -- -D warnings
       - run: cargo clippy --features=webrtc,sql,redis -- -D warnings
       - run: cargo clippy --features=webrtc,sql,redis --release -- -D warnings
-      - run: cargo clippy --tests -- -D warnings
+      - run: cargo clippy --tests --examples -- -D warnings
       - run: cargo fmt --check
       - run: RUSTDOCFLAGS="-D warnings" cargo make docs
       - run: cargo test --package citadel_sdk --doc
       #      - name: cargo build pq_kems
-#        run: cargo build --bin pq_kems_test
-#      # Run with valgrind
-#      - name: Run valgrind pq_kems
-#        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/pq_kems_test
+  #        run: cargo build --bin pq_kems_test
+  #      # Run with valgrind
+  #      - name: Run valgrind pq_kems
+  #        run: valgrind --error-exitcode=1 --leak-check=full --show-leak-kinds=all ./target/debug/pq_kems_test
 
-#  features_check:
-#    name: check features
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: Avarok-Cybersecurity/gh-actions-deps@master
-#      - name: Install features checker
-#        run: cargo install cargo-all-features
-#      - name: Check all feature combinations
-#        run: cargo check-all-features --package citadel_sdk
+  #  features_check:
+  #    name: check features
+  #    runs-on: ubuntu-latest
+  #    steps:
+  #      - uses: Avarok-Cybersecurity/gh-actions-deps@master
+  #      - name: Install features checker
+  #        run: cargo install cargo-all-features
+  #      - name: Check all feature combinations
+  #        run: cargo check-all-features --package citadel_sdk
 
   coverage:
     runs-on: macos-latest
@@ -192,11 +192,11 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-          nat_type_client_a:
-              - "full_cone"
-              - "address_restricted"
-              - "port_restricted"
-              - "symmetric"
+        nat_type_client_a:
+          - "full_cone"
+          - "address_restricted"
+          - "port_restricted"
+          - "symmetric"
     timeout-minutes: 60
     env:
       NAT_TYPE_CLIENT_A: ${{ matrix.nat_type_client_a }}

Cargo.toml

@@ -3,38 +3,41 @@ resolver = "2"
 
 members = [
     "citadel_sdk",
-	"citadel_wire",
-	"citadel_user",
-	"citadel_crypt",
-	"async_ip",
-	"citadel_pqcrypto",
-	"citadel_proto",
+    "citadel_wire",
+    "citadel_user",
+    "citadel_crypt",
+    "async_ip",
+    "citadel_pqcrypto",
+    "citadel_proto",
     "firebase-rtdb",
     "netbeam",
-	"citadel_logging",
+    "citadel_logging",
     "citadel_io",
     "citadel_types",
+    "example-library",
 ]
 
 exclude = [
     "./target/*",
-    "./examples"
 ]
 
 [workspace.dependencies]
 # workspace deps
-citadel_sdk = { path = "./citadel_sdk", default-features = false, version = "0.11.2" }
-citadel_wire = { path = "./citadel_wire", default-features = false, version = "0.11.2" }
-citadel_user = { path = "./citadel_user", default-features = false, version = "0.11.2" }
-citadel_crypt = { path = "./citadel_crypt", default-features = false, version = "0.11.2" }
-citadel_pqcrypto = { path = "./citadel_pqcrypto", default-features = false, version = "0.11.2" }
-citadel_proto = { path = "./citadel_proto", default-features = false, version = "0.11.2" }
-citadel_logging = { path = "./citadel_logging", default-features = false, version = "0.11.2" }
-citadel_io = { path = "./citadel_io", default-features = false, version = "0.11.2" }
-citadel_types = { path = "./citadel_types", default-features = false, version = "0.11.2" }
-netbeam = { path = "./netbeam", default-features = false, version = "0.11.2" }
-firebase-rtdb = { path = "./firebase-rtdb", default-features = false, version = "0.11.2" }
-async_ip = { path = "./async_ip", default-features = false, version = "0.11.2" }
+citadel_sdk = { path = "./citadel_sdk", default-features = false }
+citadel_wire = { path = "./citadel_wire", default-features = false }
+citadel_user = { path = "./citadel_user", default-features = false }
+citadel_crypt = { path = "./citadel_crypt", default-features = false }
+citadel_pqcrypto = { path = "./citadel_pqcrypto", default-features = false }
+citadel_proto = { path = "./citadel_proto", default-features = false }
+citadel_logging = { path = "./citadel_logging", default-features = false }
+citadel_io = { path = "./citadel_io", default-features = false }
+citadel_types = { path = "./citadel_types", default-features = false }
+netbeam = { path = "./netbeam", default-features = false }
+firebase-rtdb = { path = "./firebase-rtdb", default-features = false }
+async_ip = { path = "./async_ip", default-features = false }
+
+# examples
+citadel-examples = { path = "./example-library", default-features = false }
 
 # ordinary deps
 generic-array = { version = "0.14.6" }
@@ -50,7 +53,7 @@ getrandom = { version = "0.2.8", default-features = false }
 serde-big-array = { default-features = false, version = "0.5.0" }
 ascon-aead = { default-features = false, version = "0.4.0" }
 oqs = { version = "0.9.0", default-features = false }
-pqcrypto-falcon-wasi = { version = "0.2.14", default-features=false}
+pqcrypto-falcon-wasi = { version = "0.2.14", default-features = false }
 pqcrypto-traits-wasi = { version = "0.3.4", default-features = false }
 tracing-subscriber = { version = "0.3.16" }
 reqwest_wasi = { version = "0.11.16", default-features = false }
@@ -65,9 +68,9 @@ sync_wrapper = { default-features = false, version = "1.0.0" }
 async-recursion = { version = "1.0.4" }
 rstest = { version = "0.23.0" }
 bincode = { default-features = false, version = "1.3.3" }
-serde = { version="1.0.152", default-features = false }
+serde = { version = "1.0.152", default-features = false }
 futures = { version = "0.3.25", default-features = false }
-byteorder = { version = "1.4.3", default-features=false }
+byteorder = { version = "1.4.3", default-features = false }
 num-integer = { default-features = false, version = "0.1.45" }
 arrayvec = { version = "0.7.2", default-features = false }
 bitvec = { default-features = false, version = "1.0.1" }
@@ -112,7 +115,7 @@ embedded-semver = { version = "0.3.0", default-features = false }
 auto_impl = { default-features = false, version = "1.0.1" }
 zerocopy = { default-features = false, version = "0.7.7" }
 atomic = { default-features = false, version = "0.6.0" }
-bytemuck = { default-features = false, version = "1.13.1"}
+bytemuck = { default-features = false, version = "1.13.1" }
 either = { default-features = false, version = "1.8.0" }
 once_cell = { default-features = false, version = "1.17.0" }
 webrtc-util = { version = "0.8.0" }

Cargo.wasix.toml

@@ -22,18 +22,18 @@ exclude = [
 
 [workspace.dependencies]
 # workspace deps
-citadel_sdk = { path = "./citadel_sdk", default-features = false, version = "0.9.0" }
-citadel_wire = { path = "./citadel_wire", default-features = false, version = "0.9.0" }
-citadel_user = { path = "./citadel_user", default-features = false, version = "0.9.0" }
-citadel_crypt = { path = "./citadel_crypt", default-features = false, version = "0.9.0" }
-citadel_pqcrypto = { path = "./citadel_pqcrypto", default-features = false, version = "0.9.0" }
-citadel_proto = { path = "./citadel_proto", default-features = false, version = "0.9.0" }
-citadel_logging = { path = "./citadel_logging", default-features = false, version = "0.9.0" }
-citadel_io = { path = "./citadel_io", default-features = false, version = "0.9.0" }
-citadel_types = { path = "./citadel_types", default-features = false, version = "0.9.0" }
-netbeam = { path = "./netbeam", default-features = false, version = "0.8.0" }
-firebase-rtdb = { path = "./firebase-rtdb", default-features = false, version = "0.8.0" }
-async_ip = { path = "./async_ip", default-features = false, version = "0.8.0" }
+citadel_sdk = { path = "./citadel_sdk", default-features = false }
+citadel_wire = { path = "./citadel_wire", default-features = false }
+citadel_user = { path = "./citadel_user", default-features = false }
+citadel_crypt = { path = "./citadel_crypt", default-features = false }
+citadel_pqcrypto = { path = "./citadel_pqcrypto", default-features = false }
+citadel_proto = { path = "./citadel_proto", default-features = false }
+citadel_logging = { path = "./citadel_logging", default-features = false }
+citadel_io = { path = "./citadel_io", default-features = false }
+citadel_types = { path = "./citadel_types", default-features = false }
+netbeam = { path = "./netbeam", default-features = false }
+firebase-rtdb = { path = "./firebase-rtdb", default-features = false }
+async_ip = { path = "./async_ip", default-features = false }
 
 # ordinary deps
 generic-array = { version = "0.14.6" }

citadel_proto/src/auth.rs

@@ -29,7 +29,7 @@ impl AuthenticationRequest {
     }
 
     /// No credentials will be used for login, only a one-time device-dependent cryptographic bundle
-    pub fn passwordless(uuid: Uuid, server_addr: SocketAddr) -> Self {
+    pub fn transient(uuid: Uuid, server_addr: SocketAddr) -> Self {
         Self::Passwordless {
             username: uuid.to_string(),
             server_addr,

citadel_proto/src/proto/packet_processor/peer/peer_cmd_packet.rs

@@ -625,6 +625,12 @@ pub async fn process_peer_cmd(
                                         )
                                     };
 
+                                    let udp_mode = if udp_rx_opt.is_some() {
+                                        UdpMode::Enabled
+                                    } else {
+                                        UdpMode::Disabled
+                                    };
+
                                     let channel_signal =
                                         NodeResult::PeerChannelCreated(PeerChannelCreated {
                                             ticket: ticket_for_chan.unwrap_or(ticket),
@@ -660,6 +666,7 @@ pub async fn process_peer_cmd(
                                             app,
                                             encrypted_config_container,
                                             client_config,
+                                            udp_mode,
                                         )
                                         .await;
                                     }
@@ -762,6 +769,12 @@ pub async fn process_peer_cmd(
                                         )
                                     };
 
+                                    let udp_mode = if udp_rx_opt.is_some() {
+                                        UdpMode::Enabled
+                                    } else {
+                                        UdpMode::Disabled
+                                    };
+
                                     let channel_signal =
                                         NodeResult::PeerChannelCreated(PeerChannelCreated {
                                             ticket: ticket_for_chan.unwrap_or(ticket),
@@ -810,6 +823,7 @@ pub async fn process_peer_cmd(
                                             app,
                                             encrypted_config_container,
                                             client_config,
+                                            udp_mode,
                                         )
                                         .await;
                                     }
@@ -1136,6 +1150,7 @@ async fn process_signal_command_as_server(
                                     )
                                     .await;
                             }
+                            drop(peer_layer_lock);
                             let peer_alert_signal = PeerSignal::DeregistrationSuccess {
                                 peer_conn_type: peer_conn_type.reverse(),
                             };

citadel_proto/src/proto/packet_processor/preconnect_packet.rs

@@ -24,7 +24,15 @@ use netbeam::sync::network_endpoint::NetworkEndpoint;
 use std::sync::atomic::Ordering;
 
 /// Handles preconnect packets. Handles the NAT traversal
-#[cfg_attr(feature = "localhost-testing", tracing::instrument(level = "trace", target = "citadel", skip_all, ret, err, fields(is_server = session_orig.is_server, src = packet.parse().unwrap().0.session_cid.get(), target = packet.parse().unwrap().0.target_cid.get())))]
+#[cfg_attr(feature = "localhost-testing", tracing::instrument(
+    level = "trace",
+    target = "citadel",
+    skip_all,
+    ret,
+    err,
+    fields(is_server = session_orig.is_server, src = packet.parse().unwrap().0.session_cid.get(), target = packet.parse().unwrap().0.target_cid.get()
+    )
+))]
 pub async fn process_preconnect(
     session_orig: &CitadelSession,
     packet: HdpPacket,
@@ -601,14 +609,16 @@ fn handle_success_as_receiver(
     if let Some(udp_splittable) = udp_splittable {
         let peer_addr = udp_splittable.peer_addr();
         // the UDP subsystem will automatically engage at this point
-        CitadelSession::udp_socket_loader(
-            session.clone(),
-            VirtualTargetType::LocalGroupServer { implicated_cid },
-            udp_splittable,
-            peer_addr,
-            session.kernel_ticket.get(),
-            Some(tcp_loaded_alerter_rx),
-        );
+        if state_container.udp_mode == UdpMode::Enabled {
+            CitadelSession::udp_socket_loader(
+                session.clone(),
+                VirtualTargetType::LocalGroupServer { implicated_cid },
+                udp_splittable,
+                peer_addr,
+                session.kernel_ticket.get(),
+                Some(tcp_loaded_alerter_rx),
+            );
+        }
     } else {
         log::warn!(target: "citadel", "No UDP splittable was specified. UdpMode: {:?}", state_container.udp_mode);
     }