liz/veilid
1
0
Fork 0
Code Pull Requests Packages Releases Activity

break everything

Browse Source
This commit is contained in:
John Smith
2022-11-26 14:16:02 -05:00
parent 79f55f1a0c
commit 25ace50d45
17 changed files with 760 additions and 220 deletions
Download Patch File Download Diff File Expand all files Collapse all files
veilid-core/src/crypto/envelope.rs
+14 -20
View File
@@ -76,7 +76,7 @@ impl Envelope {
// Ensure we are at least the length of the envelope
// Silent drop here, as we use zero length packets as part of the protocol for hole punching
if data.len() < MIN_ENVELOPE_SIZE {
return Err(VeilidAPIError::generic("envelope data too small"));
apibail_generic!("envelope data too small");
}
// Verify magic number
@@ -84,31 +84,28 @@ impl Envelope {
.try_into()
.map_err(VeilidAPIError::internal)?;
if magic != *ENVELOPE_MAGIC {
return Err(VeilidAPIError::generic("bad magic number"));
apibail_generic!("bad magic number");
}
// Check version
let version = data[0x04];
if version > MAX_CRYPTO_VERSION || version < MIN_CRYPTO_VERSION {
return Err(VeilidAPIError::parse_error(
"unsupported cryptography version",
version,
));
apibail_parse_error!("unsupported cryptography version", version);
}
// Get min version
let min_version = data[0x05];
if min_version > version {
return Err(VeilidAPIError::parse_error("version too low", version));
apibail_parse_error!("version too low", version);
}
// Get max version
let max_version = data[0x06];
if version > max_version {
return Err(VeilidAPIError::parse_error("version too high", version));
apibail_parse_error!("version too high", version);
}
if min_version > max_version {
return Err(VeilidAPIError::generic("version information invalid"));
apibail_generic!("version information invalid");
}
// Get size and ensure it matches the size of the envelope and is less than the maximum message size
@@ -118,17 +115,17 @@ impl Envelope {
.map_err(VeilidAPIError::internal)?,
);
if (size as usize) > MAX_ENVELOPE_SIZE {
return Err(VeilidAPIError::parse_error("envelope too large", size));
apibail_parse_error!("envelope too large", size);
}
if (size as usize) != data.len() {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
"size doesn't match envelope size",
format!(
"size doesn't match envelope size: size={} data.len()={}",
size,
data.len()
),
));
)
);
}
// Get the timestamp
@@ -153,10 +150,10 @@ impl Envelope {
// Ensure sender_id and recipient_id are not the same
if sender_id == recipient_id {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
"sender_id should not be same as recipient_id",
recipient_id.encode(),
));
recipient_id.encode()
);
}
// Get signature
@@ -206,10 +203,7 @@ impl Envelope {
// Ensure body isn't too long
let envelope_size: usize = body.len() + MIN_ENVELOPE_SIZE;
if envelope_size > MAX_ENVELOPE_SIZE {
return Err(VeilidAPIError::parse_error(
"envelope size is too large",
envelope_size,
));
apibail_parse_error!("envelope size is too large", envelope_size);
}
let mut data = vec![0u8; envelope_size];
veilid-core/src/crypto/receipt.rs
+11 -20
View File
@@ -59,10 +59,10 @@ impl Receipt {
extra_data: D,
) -> Result<Self, VeilidAPIError> {
if extra_data.as_ref().len() > MAX_EXTRA_DATA_SIZE {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
"extra data too large for receipt",
extra_data.as_ref().len(),
));
extra_data.as_ref().len()
);
}
Ok(Self {
version,
@@ -75,7 +75,7 @@ impl Receipt {
pub fn from_signed_data(data: &[u8]) -> Result<Receipt, VeilidAPIError> {
// Ensure we are at least the length of the envelope
if data.len() < MIN_RECEIPT_SIZE {
return Err(VeilidAPIError::parse_error("receipt too small", data.len()));
apibail_parse_error!("receipt too small", data.len());
}
// Verify magic number
@@ -83,16 +83,13 @@ impl Receipt {
.try_into()
.map_err(VeilidAPIError::internal)?;
if magic != *RECEIPT_MAGIC {
return Err(VeilidAPIError::generic("bad magic number"));
apibail_generic!("bad magic number");
}
// Check version
let version = data[0x04];
if version > MAX_CRYPTO_VERSION || version < MIN_CRYPTO_VERSION {
return Err(VeilidAPIError::parse_error(
"unsupported cryptography version",
version,
));
apibail_parse_error!("unsupported cryptography version", version);
}
// Get size and ensure it matches the size of the envelope and is less than the maximum message size
@@ -102,16 +99,13 @@ impl Receipt {
.map_err(VeilidAPIError::internal)?,
);
if (size as usize) > MAX_RECEIPT_SIZE {
return Err(VeilidAPIError::parse_error(
"receipt size is too large",
size,
));
apibail_parse_error!("receipt size is too large", size);
}
if (size as usize) != data.len() {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
"size doesn't match receipt size",
format!("size={} data.len()={}", size, data.len()),
));
format!("size={} data.len()={}", size, data.len())
);
}
// Get sender id
@@ -153,10 +147,7 @@ impl Receipt {
// Ensure extra data isn't too long
let receipt_size: usize = self.extra_data.len() + MIN_RECEIPT_SIZE;
if receipt_size > MAX_RECEIPT_SIZE {
return Err(VeilidAPIError::parse_error(
"receipt too large",
receipt_size,
));
apibail_parse_error!("receipt too large", receipt_size);
}
let mut data: Vec<u8> = vec![0u8; receipt_size];
veilid-core/src/intf/wasm/protected_store.rs
+32 -18
View File
@@ -2,10 +2,7 @@ use super::*;
use crate::xx::*;
use crate::*;
use data_encoding::BASE64URL_NOPAD;
use js_sys::*;
use send_wrapper::*;
use serde::{Deserialize, Serialize};
use wasm_bindgen_futures::*;
use rkyv::{Archive as RkyvArchive, Deserialize as RkyvDeserialize, Serialize as RkyvSerialize};
use web_sys::*;
#[derive(Clone)]
@@ -44,15 +41,6 @@ impl ProtectedStore {
#[instrument(level = "debug", skip(self))]
pub async fn terminate(&self) {}
fn keyring_name(&self) -> String {
let c = self.config.get();
if c.namespace.is_empty() {
"veilid_protected_store".to_owned()
} else {
format!("veilid_protected_store_{}", c.namespace)
}
}
fn browser_key_name(&self, key: &str) -> String {
let c = self.config.get();
if c.namespace.is_empty() {
@@ -136,22 +124,31 @@ impl ProtectedStore {
}
#[instrument(level = "trace", skip(self, value))]
pub async fn save_user_secret_frozen<T>(&self, key: &str, value: &T) -> EyreResult<bool>
pub async fn save_user_secret_rkyv<T>(&self, key: &str, value: &T) -> EyreResult<bool>
where
T: RkyvSerialize<rkyv::ser::serializers::AllocSerializer<1024>>,
{
let v = to_frozen(value)?;
let v = to_rkyv(value)?;
self.save_user_secret(&key, &v).await
}
#[instrument(level = "trace", skip(self, value))]
pub async fn save_user_secret_json<T>(&self, key: &str, value: &T) -> EyreResult<bool>
where
T: serde::Serialize,
{
let v = serde_json::to_vec(value)?;
self.save_user_secret(&key, &v).await
}
#[instrument(level = "trace", skip(self))]
pub async fn load_user_secret_frozen<T>(&self, key: &str) -> EyreResult<Option<T>>
pub async fn load_user_secret_rkyv<T>(&self, key: &str) -> EyreResult<Option<T>>
where
T: RkyvArchive,
<T as RkyvArchive>::Archived:
for<'t> bytecheck::CheckBytes<rkyv::validation::validators::DefaultValidator<'t>>,
<T as RkyvArchive>::Archived:
rkyv::Deserialize<T, rkyv::de::deserializers::SharedDeserializeMap>,
RkyvDeserialize<T, rkyv::de::deserializers::SharedDeserializeMap>,
{
let out = self.load_user_secret(key).await?;
let b = match out {
@@ -161,7 +158,24 @@ impl ProtectedStore {
}
};
let obj = from_frozen(&b)?;
let obj = from_rkyv(b)?;
Ok(Some(obj))
}
#[instrument(level = "trace", skip(self))]
pub async fn load_user_secret_json<T>(&self, key: &str) -> EyreResult<Option<T>>
where
T: for<'de> serde::de::Deserialize<'de>,
{
let out = self.load_user_secret(key).await?;
let b = match out {
Some(v) => v,
None => {
return Ok(None);
}
};
let obj = serde_json::from_slice(&b)?;
Ok(Some(obj))
}
veilid-core/src/routing_table/route_spec_store.rs
+2 -2
View File
@@ -964,8 +964,8 @@ impl RouteSpecStore {
let safety_spec = SafetySpec {
preferred_route: None,
hop_count: self.unlocked_inner.default_route_hop_count,
stability: Stability::LowLatency,
sequencing: Sequencing::NoPreference,
stability: Stability::default(),
sequencing: Sequencing::default(),
};
let safety_selection = SafetySelection::Safe(safety_spec);
veilid-core/src/veilid_api/debug.rs
+6 -6
View File
@@ -57,14 +57,14 @@ fn get_safety_selection(text: &str, rss: RouteSpecStore) -> Option<SafetySelecti
if text.len() != 0 && &text[0..1] == "-" {
// Unsafe
let text = &text[1..];
let seq = get_sequencing(text).unwrap_or(Sequencing::NoPreference);
let seq = get_sequencing(text).unwrap_or_default();
Some(SafetySelection::Unsafe(seq))
} else {
// Safe
let mut preferred_route = None;
let mut hop_count = 2;
let mut stability = Stability::LowLatency;
let mut sequencing = Sequencing::NoPreference;
let mut stability = Stability::default();
let mut sequencing = Sequencing::default();
for x in text.split(",") {
let x = x.trim();
if let Some(pr) = get_route_id(rss.clone())(x) {
@@ -134,7 +134,7 @@ fn get_destination(routing_table: RoutingTable) -> impl FnOnce(&str) -> Option<D
};
Some(Destination::private_route(
private_route,
ss.unwrap_or(SafetySelection::Unsafe(Sequencing::NoPreference)),
ss.unwrap_or(SafetySelection::Unsafe(Sequencing::default())),
))
} else {
let (text, mods) = text
@@ -585,8 +585,8 @@ impl VeilidAPI {
};
let mut ai = 1;
let mut sequencing = Sequencing::NoPreference;
let mut stability = Stability::LowLatency;
let mut sequencing = Sequencing::default();
let mut stability = Stability::default();
let mut hop_count = default_route_hop_count;
let mut directions = DirectionSet::all();
veilid-core/src/veilid_api/mod.rs
+67 -55
View File
@@ -54,7 +54,7 @@ macro_rules! apibail_internal {
#[allow(unused_macros)]
#[macro_export]
macro_rules! apibail_parse {
macro_rules! apibail_parse_error {
($x:expr, $y:expr) => {
return Err(VeilidAPIError::parse_error($x, $y))
};
@@ -563,6 +563,12 @@ pub enum Sequencing {
EnsureOrdered,
}
impl Default for Sequencing {
fn default() -> Self {
Self::NoPreference
}
}
// Ordering here matters, >= is used to check strength of stability requirement
#[derive(
Copy,
@@ -585,6 +591,12 @@ pub enum Stability {
Reliable,
}
impl Default for Stability {
fn default() -> Self {
Self::LowLatency
}
}
/// The choice of safety route to include in compiled routes
#[derive(
Copy,
@@ -1543,10 +1555,7 @@ impl FromStr for DialInfo {
VeilidAPIError::parse_error(format!("unable to split WS url: {}", e), &url)
})?;
if split_url.scheme != "ws" || !url.starts_with("ws://") {
return Err(VeilidAPIError::parse_error(
"incorrect scheme for WS dialinfo",
url,
));
apibail_parse_error!("incorrect scheme for WS dialinfo", url);
}
let url_port = split_url.port.unwrap_or(80u16);
@@ -1574,10 +1583,7 @@ impl FromStr for DialInfo {
VeilidAPIError::parse_error(format!("unable to split WSS url: {}", e), &url)
})?;
if split_url.scheme != "wss" || !url.starts_with("wss://") {
return Err(VeilidAPIError::parse_error(
"incorrect scheme for WSS dialinfo",
url,
));
apibail_parse_error!("incorrect scheme for WSS dialinfo", url);
}
let url_port = split_url.port.unwrap_or(443u16);
@@ -1628,24 +1634,18 @@ impl DialInfo {
VeilidAPIError::parse_error(format!("unable to split WS url: {}", e), &url)
})?;
if split_url.scheme != "ws" || !url.starts_with("ws://") {
return Err(VeilidAPIError::parse_error(
"incorrect scheme for WS dialinfo",
url,
));
apibail_parse_error!("incorrect scheme for WS dialinfo", url);
}
let url_port = split_url.port.unwrap_or(80u16);
if url_port != socket_address.port() {
return Err(VeilidAPIError::parse_error(
"socket address port doesn't match url port",
url,
));
apibail_parse_error!("socket address port doesn't match url port", url);
}
if let SplitUrlHost::IpAddr(a) = split_url.host {
if socket_address.to_ip_addr() != a {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
format!("request address does not match socket address: {}", a),
socket_address,
));
socket_address
);
}
}
Ok(Self::WS(DialInfoWS {
@@ -1658,23 +1658,17 @@ impl DialInfo {
VeilidAPIError::parse_error(format!("unable to split WSS url: {}", e), &url)
})?;
if split_url.scheme != "wss" || !url.starts_with("wss://") {
return Err(VeilidAPIError::parse_error(
"incorrect scheme for WSS dialinfo",
url,
));
apibail_parse_error!("incorrect scheme for WSS dialinfo", url);
}
let url_port = split_url.port.unwrap_or(443u16);
if url_port != socket_address.port() {
return Err(VeilidAPIError::parse_error(
"socket address port doesn't match url port",
url,
));
apibail_parse_error!("socket address port doesn't match url port", url);
}
if !matches!(split_url.host, SplitUrlHost::Hostname(_)) {
return Err(VeilidAPIError::parse_error(
apibail_parse_error!(
"WSS url can not use address format, only hostname format",
url,
));
url
);
}
Ok(Self::WSS(DialInfoWSS {
socket_address: socket_address.to_canonical(),
@@ -1778,10 +1772,7 @@ impl DialInfo {
let hostname = hostname.as_ref();
if short.len() < 2 {
return Err(VeilidAPIError::parse_error(
"invalid short url length",
short,
));
apibail_parse_error!("invalid short url length", short);
}
let url = match &short[0..1] {
"U" => {
@@ -1797,7 +1788,7 @@ impl DialInfo {
format!("wss://{}:{}", hostname, &short[1..])
}
_ => {
return Err(VeilidAPIError::parse_error("invalid short url type", short));
apibail_parse_error!("invalid short url type", short);
}
};
Self::try_vec_from_url(url)
@@ -1815,10 +1806,7 @@ impl DialInfo {
"ws" => split_url.port.unwrap_or(80u16),
"wss" => split_url.port.unwrap_or(443u16),
_ => {
return Err(VeilidAPIError::parse_error(
"Invalid dial info url scheme",
split_url.scheme,
));
apibail_parse_error!("Invalid dial info url scheme", split_url.scheme);
}
};
@@ -2753,36 +2741,35 @@ impl VeilidAPI {
// Private route allocation
#[instrument(level = "debug", skip(self))]
pub async fn new_default_private_route(&self) -> Result<(DHTKey, Vec<u8>), VeilidAPIError> {
let config = self.config()?;
let c = config.get();
self.new_private_route(
Stability::LowLatency,
Sequencing::NoPreference,
c.network.rpc.default_route_hop_count.into(),
)
.await
pub async fn new_private_route(&self) -> Result<(DHTKey, Vec<u8>), VeilidAPIError> {
self.new_custom_private_route(Stability::default(), Sequencing::default())
.await
}
#[instrument(level = "debug", skip(self))]
pub async fn new_private_route(
pub async fn new_custom_private_route(
&self,
stability: Stability,
sequencing: Sequencing,
hop_count: usize,
) -> Result<(DHTKey, Vec<u8>), VeilidAPIError> {
let default_route_hop_count: usize = {
let config = self.config()?;
let c = config.get();
c.network.rpc.default_route_hop_count.into()
};
let rss = self.routing_table()?.route_spec_store();
let r = rss
.allocate_route(
stability,
sequencing,
hop_count,
default_route_hop_count,
Direction::Inbound.into(),
&[],
)
.map_err(VeilidAPIError::internal)?;
let Some(pr_pubkey) = r else {
return Err(VeilidAPIError::generic("unable to allocate route"));
apibail_generic!("unable to allocate route");
};
if !rss
.test_route(&pr_pubkey)
@@ -2790,7 +2777,7 @@ impl VeilidAPI {
.map_err(VeilidAPIError::no_connection)?
{
rss.release_route(&pr_pubkey);
return Err(VeilidAPIError::generic("allocated route failed to test"));
apibail_generic!("allocated route failed to test");
}
let private_route = rss
.assemble_private_route(&pr_pubkey, Some(true))
@@ -2799,12 +2786,37 @@ impl VeilidAPI {
Ok(v) => v,
Err(e) => {
rss.release_route(&pr_pubkey);
return Err(VeilidAPIError::internal(e));
apibail_internal!(e);
}
};
rss.mark_route_published(&pr_pubkey, true)
.map_err(VeilidAPIError::internal)?;
Ok((pr_pubkey, blob))
}
#[instrument(level = "debug", skip(self))]
pub fn import_remote_private_route(&self, blob: Vec<u8>) -> Result<DHTKey, VeilidAPIError> {
let rss = self.routing_table()?.route_spec_store();
rss.import_remote_private_route(blob)
.map_err(|e| VeilidAPIError::invalid_argument(e, "blob", "private route blob"))
}
#[instrument(level = "debug", skip(self))]
pub fn release_private_route(&self, key: &DHTKey) -> Result<(), VeilidAPIError> {
let rss = self.routing_table()?.route_spec_store();
if rss.release_route(key) {
Ok(())
} else {
Err(VeilidAPIError::invalid_argument(
"release_private_route",
"key",
key,
))
}
}
////////////////////////////////////////////////////////////////
// App Calls
veilid-core/src/veilid_api/routing_context.rs
+12 -21
View File
@@ -39,14 +39,19 @@ impl RoutingContext {
api,
inner: Arc::new(Mutex::new(RoutingContextInner {})),
unlocked_inner: Arc::new(RoutingContextUnlockedInner {
safety_selection: SafetySelection::Unsafe(Sequencing::NoPreference),
safety_selection: SafetySelection::Unsafe(Sequencing::default()),
}),
}
}
pub fn with_default_privacy(self) -> Result<Self, VeilidAPIError> {
pub fn with_privacy(self) -> Result<Self, VeilidAPIError> {
self.with_custom_privacy(Stability::default())
}
pub fn with_custom_privacy(self, stability: Stability) -> Result<Self, VeilidAPIError> {
let config = self.api.config()?;
let c = config.get();
Ok(Self {
api: self.api.clone(),
inner: Arc::new(Mutex::new(RoutingContextInner {})),
@@ -54,22 +59,13 @@ impl RoutingContext {
safety_selection: SafetySelection::Safe(SafetySpec {
preferred_route: None,
hop_count: c.network.rpc.default_route_hop_count as usize,
stability: Stability::LowLatency,
sequencing: Sequencing::NoPreference,
stability,
sequencing: self.sequencing(),
}),
}),
})
}
pub fn with_privacy(self, safety_spec: SafetySpec) -> Result<Self, VeilidAPIError> {
Ok(Self {
api: self.api.clone(),
inner: Arc::new(Mutex::new(RoutingContextInner {})),
unlocked_inner: Arc::new(RoutingContextUnlockedInner {
safety_selection: SafetySelection::Safe(safety_spec),
}),
})
}
pub fn with_sequencing(self, sequencing: Sequencing) -> Self {
Self {
api: self.api.clone(),
@@ -87,18 +83,13 @@ impl RoutingContext {
}),
}
}
pub fn sequencing(&self) -> Sequencing {
fn sequencing(&self) -> Sequencing {
match self.unlocked_inner.safety_selection {
SafetySelection::Unsafe(sequencing) => sequencing,
SafetySelection::Safe(safety_spec) => safety_spec.sequencing,
}
}
pub fn safety_spec(&self) -> Option<SafetySpec> {
match self.unlocked_inner.safety_selection {
SafetySelection::Unsafe(_) => None,
SafetySelection::Safe(safety_spec) => Some(safety_spec.clone()),
}
}
pub fn api(&self) -> VeilidAPI {
self.api.clone()
veilid-core/src/veilid_config.rs
+3 -3
View File
@@ -756,7 +756,7 @@ impl VeilidConfig {
let mut out = &jvc;
for k in keypath {
if !out.has_key(k) {
apibail_parse!(format!("invalid subkey in key '{}'", key), k);
apibail_parse_error!(format!("invalid subkey in key '{}'", key), k);
}
out = &out[k];
}
@@ -781,12 +781,12 @@ impl VeilidConfig {
let mut out = &mut jvc;
for k in objkeypath {
if !out.has_key(*k) {
apibail_parse!(format!("invalid subkey in key '{}'", key), k);
apibail_parse_error!(format!("invalid subkey in key '{}'", key), k);
}
out = &mut out[*k];
}
if !out.has_key(objkeyname) {
apibail_parse!(format!("invalid subkey in key '{}'", key), objkeyname);
apibail_parse_error!(format!("invalid subkey in key '{}'", key), objkeyname);
}
out[*objkeyname] = newval;
jvc.to_string()
veilid-core/src/xx/ip_extra.rs
-1
View File
@@ -1,6 +1,5 @@
//
// This file really shouldn't be necessary, but 'ip' isn't a stable feature
// and things may not agree between the no_std_net crate and the stuff in std.
//
use crate::xx::*;
veilid-core/src/xx/mod.rs
+3 -4
View File
@@ -55,6 +55,9 @@ pub use std::convert::{TryFrom, TryInto};
pub use std::fmt;
pub use std::future::Future;
pub use std::mem;
pub use std::net::{
IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs,
};
pub use std::ops::{Fn, FnMut, FnOnce};
pub use std::pin::Pin;
pub use std::rc::Rc;
@@ -73,10 +76,7 @@ cfg_if! {
pub use async_lock::MutexGuard as AsyncMutexGuard;
pub use async_lock::MutexGuardArc as AsyncMutexGuardArc;
pub use async_executors::JoinHandle as LowLevelJoinHandle;
pub use no_std_net::{ SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs, IpAddr, Ipv4Addr, Ipv6Addr };
} else {
cfg_if! {
if #[cfg(feature="rt-async-std")] {
pub use async_std::sync::Mutex as AsyncMutex;
@@ -92,7 +92,6 @@ cfg_if! {
#[compile_error("must use an executor")]
}
}
pub use std::net::{ SocketAddr, SocketAddrV4, SocketAddrV6, ToSocketAddrs, IpAddr, Ipv4Addr, Ipv6Addr };
}
}