Skip to content

Commit

Permalink
Include Name When Listing Peers (#217)
Browse files Browse the repository at this point in the history
  • Loading branch information
Tjemmmic authored Jul 22, 2024
1 parent e10577e commit ca198b3
Show file tree
Hide file tree
Showing 47 changed files with 225 additions and 192 deletions.
7 changes: 4 additions & 3 deletions async_ip/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

use reqwest::Client;
use serde::{Deserialize, Serialize};
use std::fmt::Formatter;
use std::net::IpAddr;
#[cfg(not(target_family = "wasm"))]
use std::net::SocketAddr;
Expand Down Expand Up @@ -190,10 +191,10 @@ pub enum IpRetrieveError {
Error(String),
}

impl ToString for IpRetrieveError {
fn to_string(&self) -> String {
impl std::fmt::Display for IpRetrieveError {
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
match self {
IpRetrieveError::Error(err) => err.to_string(),
IpRetrieveError::Error(err) => write!(f, "{}", err),
}
}
}
1 change: 0 additions & 1 deletion citadel_crypt/src/argon/mod.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
///
#[allow(missing_docs)]
pub mod argon_container;
#[cfg(not(target_family = "wasm"))]
Expand Down
2 changes: 0 additions & 2 deletions citadel_crypt/src/endpoint_crypto_container.rs
Original file line number Diff line number Diff line change
Expand Up @@ -195,13 +195,11 @@ impl<R: Ratchet> PeerSessionCrypto<R> {
self.latest_usable_version = self.latest_usable_version.wrapping_add(1);
}

///
pub fn get_and_increment_group_id(&mut self) -> u64 {
self.rolling_group_id = self.rolling_group_id.wrapping_add(1);
self.rolling_group_id.wrapping_sub(1)
}

///
pub fn get_and_increment_object_id(&mut self) -> u64 {
self.rolling_object_id = self.rolling_object_id.wrapping_add(1);
self.rolling_object_id.wrapping_sub(1)
Expand Down
9 changes: 0 additions & 9 deletions citadel_crypt/src/fcm/fcm_ratchet.rs
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@ impl ThinRatchet {
}

#[derive(Serialize, Deserialize)]
///
pub struct ThinRatchetInner {
drill: EntropyBank,
pqc: PostQuantumContainer,
Expand Down Expand Up @@ -199,7 +198,6 @@ impl EndpointRatchetConstructor<ThinRatchet> for ThinRatchetConstructor {
}

#[derive(Serialize, Deserialize)]
///
pub struct FcmAliceToBobTransfer {
transfer_params: AliceToBobTransferParameters,
pub params: CryptoParameters,
Expand Down Expand Up @@ -232,7 +230,6 @@ impl ThinRatchetConstructor {
})
}

///
pub fn new_bob(
opts: ConstructorOpts,
transfer: FcmAliceToBobTransfer,
Expand All @@ -253,7 +250,6 @@ impl ThinRatchetConstructor {
})
}

///
pub fn stage0_alice(&self) -> Option<FcmAliceToBobTransfer> {
let pk = self.pqc.generate_alice_to_bob_transfer().ok()?;
Some(FcmAliceToBobTransfer {
Expand All @@ -265,7 +261,6 @@ impl ThinRatchetConstructor {
})
}

///
pub fn stage0_bob(&self) -> Option<FcmBobToAliceTransfer> {
Some(FcmBobToAliceTransfer {
params_tx: self.pqc.generate_bob_to_alice_transfer().ok()?,
Expand All @@ -276,7 +271,6 @@ impl ThinRatchetConstructor {
})
}

///
pub fn stage1_alice(
&mut self,
transfer: FcmBobToAliceTransfer,
Expand All @@ -294,21 +288,18 @@ impl ThinRatchetConstructor {
Ok(())
}

///
pub fn update_version(&mut self, version: u32) -> Option<()> {
self.version = version;
self.drill.as_mut()?.version = version;
Some(())
}

///
pub fn finish_with_custom_cid(mut self, cid: u64) -> Option<ThinRatchet> {
self.cid = cid;
self.drill.as_mut()?.cid = cid;
self.finish()
}

///
pub fn finish(self) -> Option<ThinRatchet> {
ThinRatchet::try_from(self).ok()
}
Expand Down
2 changes: 1 addition & 1 deletion citadel_crypt/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ pub mod secure_buffer;
pub mod stacked_ratchet;
/// Allows thread-pooled asynchronous and parallel file processing
pub mod streaming_crypt_scrambler;
///

pub mod sync_toggle;
/// Provides drill management, update, and versioning. This is what's exposed to the citadel_user api. The drills themselves are abstracted beneath
pub mod toolset;
2 changes: 1 addition & 1 deletion citadel_crypt/src/scramble/crypt_splitter.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ use rayon::prelude::*;

/// The maximum bytes per group
pub const MAX_BYTES_PER_GROUP: usize = 1024 * 1024 * 10;
///

pub const MAX_WAVEFORM_PACKET_SIZE: usize = 480;

/// The overhead of the GHASH function
Expand Down
8 changes: 0 additions & 8 deletions citadel_crypt/src/stacked_ratchet.rs
Original file line number Diff line number Diff line change
Expand Up @@ -361,14 +361,12 @@ impl StackedRatchet {
}

#[derive(Serialize, Deserialize, Debug)]
///
pub struct StackedRatchetInner {
pub(crate) message: MessageRatchet,
pub(crate) scramble: ScrambleRatchet,
pub(crate) default_security_level: SecurityLevel,
}

///
#[derive(Serialize, Deserialize, Debug)]
pub(crate) struct MessageRatchet {
inner: Vec<MessageRatchetInner>,
Expand All @@ -380,7 +378,6 @@ pub(crate) struct MessageRatchetInner {
pub(crate) pqc: PostQuantumContainer,
}

///
#[derive(Serialize, Deserialize, Debug)]
pub(crate) struct ScrambleRatchet {
pub(crate) drill: EntropyBank,
Expand Down Expand Up @@ -559,13 +556,11 @@ pub mod constructor {
#[derive(Serialize, Deserialize)]
/// Transferred during KEM
pub struct AliceToBobTransfer {
///
pub params: CryptoParameters,
params_txs: Vec<AliceToBobTransferParameters>,
scramble_alice_params: AliceToBobTransferParameters,
scramble_nonce: ArrayVec<u8, LARGEST_NONCE_LEN>,
msg_nonce: ArrayVec<u8, LARGEST_NONCE_LEN>,
///
pub security_level: SecurityLevel,
cid: u64,
new_version: u32,
Expand All @@ -590,7 +585,6 @@ pub mod constructor {
}

impl BobToAliceTransfer {
///
pub fn serialize_into(&self, buf: &mut BytesMut) -> Option<()> {
let len = bincode2::serialized_size(self).ok()?;
buf.reserve(len as usize);
Expand All @@ -603,12 +597,10 @@ pub mod constructor {
}

impl AliceToBobTransfer {
///
pub fn serialize_to_vec(&self) -> Option<Vec<u8>> {
bincode2::serialize(self).ok()
}

///
pub fn deserialize_from(source: &[u8]) -> Option<AliceToBobTransfer> {
bincode2::deserialize(source).ok()
}
Expand Down
4 changes: 2 additions & 2 deletions citadel_pqcrypto/tests/primary.rs
Original file line number Diff line number Diff line change
Expand Up @@ -301,8 +301,8 @@ mod tests {
// pretend someone grabs the header + ciphertext
let mut intercepted_packet = buf.clone();
if y == 0 {
zeroth = intercepted_packet.clone();
zeroth_nonce = nonce.clone();
zeroth.clone_from(&intercepted_packet);
zeroth_nonce.clone_from(&nonce);
}

// to simulate out-of order delivery, protect a new packet in place and validate that one
Expand Down
6 changes: 0 additions & 6 deletions citadel_proto/backup/constants.rs
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ pub const MAX_PAYLOAD_SIZE_IPV4: usize = MTU - BASE_HEADER_LEN_IPV4;
pub const MAX_PAYLOAD_SIZE_IPV6: usize = MTU - BASE_HEADER_LEN_IPV6;
/// the initial reconnect delay
pub const INITIAL_RECONNECT_LOCKOUT_TIME_NS: i64 = NANOSECONDS_PER_SECOND;
///
pub const KEEP_ALIVE_INTERVAL_MS: u64 = 15000;
/// The keep alive max interval
pub const KEEP_ALIVE_TIMEOUT_NS: i64 = (KEEP_ALIVE_INTERVAL_MS * 3 * 1_000_000) as i64;
Expand All @@ -49,9 +48,7 @@ pub const KEEP_ALIVE_TIMEOUT_NS: i64 = (KEEP_ALIVE_INTERVAL_MS * 3 * 1_000_000)
pub const DRILL_UPDATE_TIMEOUT_NS: i64 = KEEP_ALIVE_TIMEOUT_NS;
/// For setting up the GroupReceivers
pub const GROUP_TIMEOUT_MS: usize = KEEP_ALIVE_INTERVAL_MS as usize;
///
pub const INDIVIDUAL_WAVE_TIMEOUT_MS: usize = (GROUP_TIMEOUT_MS / 2) as usize;
///
pub const DO_DEREGISTER_EXPIRE_TIME_NS: i64 = KEEP_ALIVE_TIMEOUT_NS;

/// The frequency at which KEEP_ALIVES need to be sent through the system
Expand All @@ -72,10 +69,8 @@ pub const DO_CONNECT_EXPIRE_TIME_MS: std::time::Duration = std::time::Duration::
/// After this timeout,
pub const UPNP_FIREWALL_LOAD_TIMEOUT: std::time::Duration = std::time::Duration::from_millis(1500);
pub const MULTIPORT_START: u16 = 25000;
///
//pub const MULTIPORT_END: u16 = citadel_crypt::entropy_bank::PORT_RANGE as u16 + MULTIPORT_START;
pub const MULTIPORT_END: u16 = 1 + MULTIPORT_START;
///
pub const PRIMARY_PORT: u16 = 25021;
pub const DEFAULT_PQC_ALGORITHM: u8 = citadel_pqcrypto::algorithm_dictionary::FIRESABER;
/// The minimum time (in nanoseconds) per drill update (nanoseconds per update)
Expand All @@ -96,7 +91,6 @@ pub const HOLE_PUNCH_SYNC_TIME_MULTIPLIER: f64 = 2.0f64;

/// The maximum number of signals per peer mailbox
pub const PEER_EVENT_MAILBOX_SIZE: usize = 50;
///
pub const TIMED_TICKET_LIFETIME: std::time::Duration = std::time::Duration::from_secs(30);
/// the preconnect + connect stage will be limited by this duration
pub const LOGIN_EXPIRATION_TIME: std::time::Duration = std::time::Duration::from_secs(8);
Expand Down
7 changes: 0 additions & 7 deletions citadel_proto/src/constants.rs
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ pub const MAX_PAYLOAD_SIZE_IPV4: usize = MTU - BASE_HEADER_LEN_IPV4;
pub const MAX_PAYLOAD_SIZE_IPV6: usize = MTU - BASE_HEADER_LEN_IPV6;
/// the initial reconnect delay
pub const INITIAL_RECONNECT_LOCKOUT_TIME_NS: i64 = NANOSECONDS_PER_SECOND;
///
pub const KEEP_ALIVE_INTERVAL_MS: u64 = 60000 * 15; // every 15 minutes
/// The keep alive max interval
pub const KEEP_ALIVE_TIMEOUT_NS: i64 = (KEEP_ALIVE_INTERVAL_MS * 3 * 1_000_000) as i64;
Expand All @@ -59,9 +58,7 @@ pub const KEEP_ALIVE_TIMEOUT_NS: i64 = (KEEP_ALIVE_INTERVAL_MS * 3 * 1_000_000)
pub const DRILL_UPDATE_TIMEOUT_NS: i64 = KEEP_ALIVE_TIMEOUT_NS;
/// For setting up the GroupReceivers
pub const GROUP_TIMEOUT_MS: usize = KEEP_ALIVE_INTERVAL_MS as usize;
///
pub const INDIVIDUAL_WAVE_TIMEOUT_MS: usize = GROUP_TIMEOUT_MS / 2;
///
pub const DO_DEREGISTER_EXPIRE_TIME_NS: i64 = KEEP_ALIVE_TIMEOUT_NS;

/// The frequency at which KEEP_ALIVES need to be sent through the system
Expand All @@ -81,10 +78,8 @@ pub const DO_CONNECT_EXPIRE_TIME_MS: std::time::Duration = std::time::Duration::
/// After this timeout,
pub const UPNP_FIREWALL_LOAD_TIMEOUT: std::time::Duration = std::time::Duration::from_millis(1500);
pub const MULTIPORT_START: u16 = 25000;
///
//pub const MULTIPORT_END: u16 = citadel_crypt::entropy_bank::PORT_RANGE as u16 + MULTIPORT_START;
pub const MULTIPORT_END: u16 = 1 + MULTIPORT_START;
///
pub const PRIMARY_PORT: u16 = 25021;
/// The minimum time (in nanoseconds) per drill update (nanoseconds per update)
pub const DRILL_UPDATE_FREQUENCY_LOW_BASE: u64 = 480 * 1_000_000_000;
Expand All @@ -100,13 +95,11 @@ pub const DRILL_UPDATE_FREQUENCY_DIVINE_BASE: u64 = 480 * 1_000_000_000;
/// this is applied to the ping. If the ping is 200ms, the a multiplier of 2.0 will mean that in 200*2.0 = 400ms,
/// the hole-punching process will begin
pub const HOLE_PUNCH_SYNC_TIME_MULTIPLIER: f64 = 2.0f64;
///
pub const TIMED_TICKET_LIFETIME: std::time::Duration = std::time::Duration::from_secs(30);
/// the preconnect + connect stage will be limited by this duration
pub const LOGIN_EXPIRATION_TIME: std::time::Duration = std::time::Duration::from_secs(20);
/// Every 30 minutes, resync the clocks. This was to fix bugs related to long-lasting connections and reconnections
pub const NTP_RESYNC_FREQUENCY: std::time::Duration = std::time::Duration::from_secs(60 * 30);
///
pub const TCP_CONN_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(4);

pub const MAX_OUTGOING_UNPROCESSED_REQUESTS: usize = 512;
Expand Down
2 changes: 0 additions & 2 deletions citadel_proto/src/error.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ pub enum NetworkError {
InvalidPacketSize(usize),
/// A bad external request
InvalidRequest(&'static str),
///
InternalError(&'static str),
/// For a converted error
Generic(String),
Expand All @@ -27,7 +26,6 @@ pub enum NetworkError {
request: Box<NodeRequest>,
reason: String,
},
///
ProperShutdown,
}

Expand Down
1 change: 0 additions & 1 deletion citadel_proto/src/proto/misc/session_security_settings.rs
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ impl SessionSecuritySettingsBuilder {

/// Sets the session secrecy mode. If Perfect is selected, then each message is guaranteed to use only a single symmetric key for encryption (best for high-security protocols that do not need high throughput)
/// If BestEffort is selected, the protocol will attempt to re-key the system at the earliest opportunity, and will not enqueue packets if a re-key has not yet completed (best for high-throughput applications)
///
/// If high relatively throughput is desired, but additional security is needed, consider coupling BestEffort mode with a higher security level for multi-layered cryptography
/// ```
/// use citadel_proto::prelude::{SessionSecuritySettingsBuilder, SecrecyMode};
Expand Down
2 changes: 0 additions & 2 deletions citadel_proto/src/proto/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ use bytes::BytesMut;

/// For the custom BytesCodec that doesn't overflow
pub(crate) mod codec;
///
pub(crate) mod endpoint_crypto_accessor;
pub(crate) mod misc;
/// Used at each HyperNode
Expand All @@ -21,7 +20,6 @@ pub(crate) mod packet;
pub(crate) mod packet_crafter;
/// Contains the library for processing inbound packet types. all #[inline]'d
pub(crate) mod packet_processor;
///
pub(crate) mod peer;
pub mod remote;
/// Each CID gets a session
Expand Down
7 changes: 1 addition & 6 deletions citadel_proto/src/proto/node.rs
Original file line number Diff line number Diff line change
Expand Up @@ -138,9 +138,7 @@ impl Node {

/// Note: spawning via handle is more efficient than joining futures. Source: https://cafbit.com/post/tokio_internals/
/// To handle the shutdown process, we need
///
/// This will panic if called twice in succession without a proper server reload.
///
/// Returns a handle to communicate with the [Node].
#[allow(unused_results, unused_must_use)]
fn load(
Expand Down Expand Up @@ -403,9 +401,7 @@ impl Node {

/// Returns a TcpStream to the remote addr, as well as a local TcpListener on the same bind addr going to remote
/// to allow for TCP hole-punching (we need the same port to cover port-restricted NATS, worst-case scenario)
///
/// The remote is usually the central server. Then the P2P listener binds to it to allow NATs to keep the hole punched
///
/// It is expected that the listener_underlying_proto is QUIC here since this is called for p2p connections!
pub(crate) async fn create_session_transport_init<R: ToSocketAddrs>(
remote: R,
Expand Down Expand Up @@ -562,7 +558,7 @@ impl Node {
.map_err(generic_error)?
};

quic_endpoint.tls_domain_opt = domain.clone();
quic_endpoint.tls_domain_opt.clone_from(&domain);

Self::quic_p2p_connect_defaults(
quic_endpoint.endpoint.clone(),
Expand Down Expand Up @@ -594,7 +590,6 @@ impl Node {
/// In impersonal mode, each hypernode needs to check for incoming connections on the primary port.
/// Once a TcpStream is established, it is passed into the underlying HdpSessionManager and a Session
/// is created to handle the stream.
///
/// In personal mode, if a new connection needs to be forged with another node, then a new SO_REUSE socket
/// will need to be created that is bound to the local primary port and connected to the adjacent hypernode's
/// primary port. That socket will be created in the underlying HdpSessionManager during the connection process
Expand Down
1 change: 0 additions & 1 deletion citadel_proto/src/proto/node_request.rs
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,6 @@ pub struct PreSharedKey {
impl PreSharedKey {
/// Adds a password to the session password list. Both connecting nodes
/// must have matching passwords in order to establish a connection.
///
/// Note: The password is hashed using SHA-256 before being added to the list to increase security.
pub fn add_password<T: AsRef<[u8]>>(mut self, password: T) -> Self {
self.passwords.push(sha256(password.as_ref()).to_vec());
Expand Down
3 changes: 0 additions & 3 deletions citadel_proto/src/proto/packet_crafter.rs
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,6 @@ pub struct GroupTransmitter {

/// The base ratchet is always required, whether between HyperLAN peer to server or hyperlan p2p.
/// base_constructor may not be present, since a concurrent update may already be occurring
///
/// Fcm may be present, in which case, the innermost encryption pass goes through the fcm ratchet to ensure
/// Google can't see the information. The fcm constructor may not be present either, since a concurrent update may
/// be occurring
Expand Down Expand Up @@ -665,9 +664,7 @@ pub(crate) mod do_register {
}

/// At this stage, the drill does not exist. There is no verifying such packets. The payload contains Alice's public key.
///
/// Since this is sent over TCP, the size of the packet can be up to ~64k bytes
///
/// We also use the NID in place of the CID because the CID only exists AFTER registration completes
pub(crate) fn craft_stage0(
algorithm: u8,
Expand Down
Loading

0 comments on commit ca198b3

Please sign in to comment.