StarMirror/toxcore
1
0
Fork 0
mirror of https://github.com/irungentoo/toxcore.git synced 2024-03-22 13:30:51 +08:00
Code Issues Projects Releases Wiki Activity

feat: add forwarding and announce request handling

Browse Source 
This is the "server-side" part of the new friend finding system,
allowing DHT nodes to store small amounts of data and permit searching
for it. A forwarding (proxying) mechanism allows this to be used by TCP
clients, and deals with non-transitivity in the network.
This commit is contained in:
zugz (tox) 2020-12-31 00:00:00 +00:00
parent 97acb39c1f
commit e49a477a84
No known key found for this signature in database
GPG Key ID: 6F2BDA289D04F249
45 changed files with 2523 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/scripts/flags-clang.sh vendored
View File

@ -50,8 +50,8 @@ add_flag -Wno-unused-function
add_flag -Wno-used-but-marked-unused
# We use variable length arrays a lot.
add_flag -Wno-vla
# Disable warning about Doxygen retval tag
add_flag -fcomment-block-commands=retval
# Disable warnings about unknown Doxygen commands
add_flag -Wno-documentation-unknown-command
# Disable specific warning flags for C++.

4
CMakeLists.txt
View File

@ -197,6 +197,8 @@ set(toxcore_PKGCONFIG_REQUIRES)
set(toxcore_SOURCES
third_party/cmp/cmp.c
third_party/cmp/cmp.h
toxcore/announce.c
toxcore/announce.h
toxcore/bin_pack.c
toxcore/bin_pack.h
toxcore/bin_unpack.c
@ -230,6 +232,8 @@ set(toxcore_SOURCES
toxcore/events/friend_status_message.c
toxcore/events/friend_typing.c
toxcore/events/self_connection_status.c
toxcore/forwarding.c
toxcore/forwarding.h
toxcore/friend_connection.c
toxcore/friend_connection.h
toxcore/friend_requests.c

2
auto_tests/BUILD.bazel
View File

@ -48,8 +48,10 @@ flaky_tests = {
"//c-toxcore/toxcore:TCP_common",
"//c-toxcore/toxcore:TCP_connection",
"//c-toxcore/toxcore:TCP_server",
"//c-toxcore/toxcore:announce",
"//c-toxcore/toxcore:ccompat",
"//c-toxcore/toxcore:crypto_core",
"//c-toxcore/toxcore:forwarding",
"//c-toxcore/toxcore:friend_connection",
"//c-toxcore/toxcore:logger",
"//c-toxcore/toxcore:mono_time",

2
auto_tests/CMakeLists.txt
View File

@ -19,6 +19,7 @@ function(auto_test target)
endfunction()
auto_test(TCP)
auto_test(announce)
auto_test(conference)
auto_test(conference_double_invite)
auto_test(conference_invite_merge)
@ -31,6 +32,7 @@ auto_test(dht_getnodes_api)
auto_test(encryptsave)
auto_test(file_transfer)
auto_test(file_saving)
auto_test(forwarding)
auto_test(friend_connection)
auto_test(friend_request)
auto_test(friend_request_spam)

10
auto_tests/Makefile.inc
View File

@ -5,6 +5,7 @@ libauto_test_support_la_SOURCES = ../auto_tests/auto_test_support.c ../auto_test
libauto_test_support_la_LIBADD = libmisc_tools.la libtoxcore.la
TESTS = \
announce_test \
conference_double_invite_test \
conference_invite_merge_test \
conference_peer_nick_test \
@ -13,6 +14,7 @@ TESTS = \
conference_two_test \
crypto_test \
file_transfer_test \
forwarding_test \
friend_connection_test \
friend_request_test \
invalid_tcp_proxy_test \
@ -68,6 +70,10 @@ endif
check_PROGRAMS = $(TESTS)
announce_test_SOURCES = ../auto_tests/announce_test.c
announce_test_CFLAGS = $(AUTOTEST_CFLAGS)
announce_test_LDADD = $(AUTOTEST_LDADD)
conference_double_invite_test_SOURCES = ../auto_tests/conference_double_invite_test.c
conference_double_invite_test_CFLAGS = $(AUTOTEST_CFLAGS)
conference_double_invite_test_LDADD = $(AUTOTEST_LDADD)
@ -108,6 +114,10 @@ file_transfer_test_SOURCES = ../auto_tests/file_transfer_test.c
file_transfer_test_CFLAGS = $(AUTOTEST_CFLAGS)
file_transfer_test_LDADD = $(AUTOTEST_LDADD)
forwarding_test_SOURCES = ../auto_tests/forwarding_test.c
forwarding_test_CFLAGS = $(AUTOTEST_CFLAGS)
forwarding_test_LDADD = $(AUTOTEST_LDADD)
friend_connection_test_SOURCES = ../auto_tests/friend_connection_test.c
friend_connection_test_CFLAGS = $(AUTOTEST_CFLAGS)
friend_connection_test_LDADD = $(AUTOTEST_LDADD)

10
auto_tests/TCP_test.c
View File

@ -56,7 +56,7 @@ static void test_basic(void)
uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(rng, self_public_key, self_secret_key);
const Network *ns = system_network();
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr, nullptr);
ck_assert_msg(tcp_s != nullptr, "Failed to create a TCP relay server.");
ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS,
"Failed to bind a TCP relay server to all %d attempted ports.", NUM_PORTS);
@ -306,7 +306,7 @@ static void test_some(void)
uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(rng, self_public_key, self_secret_key);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr, nullptr);
ck_assert_msg(tcp_s != nullptr, "Failed to create TCP relay server");
ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports.");
@ -497,7 +497,7 @@ static void test_client(void)
uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(rng, self_public_key, self_secret_key);
const Network *ns = system_network();
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr, nullptr);
ck_assert_msg(tcp_s != nullptr, "Failed to create a TCP relay server.");
ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind the relay server to all ports.");
@ -704,7 +704,7 @@ static void test_tcp_connection(void)
uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(rng, self_public_key, self_secret_key);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr, nullptr);
ck_assert_msg(pk_equal(tcp_server_public_key(tcp_s), self_public_key), "Wrong public key");
TCP_Proxy_Info proxy_info;
@ -815,7 +815,7 @@ static void test_tcp_connection2(void)
uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(rng, self_public_key, self_secret_key);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, USE_IPV6, NUM_PORTS, ports, self_secret_key, nullptr, nullptr);
ck_assert_msg(pk_equal(tcp_server_public_key(tcp_s), self_public_key), "Wrong public key");
TCP_Proxy_Info proxy_info;

123
auto_tests/announce_test.c Normal file
View File

@ -0,0 +1,123 @@
#include <stdint.h>
#include <string.h>
#include "../toxcore/announce.h"
#include "../toxcore/tox.h"
#include "../testing/misc_tools.h"
#include "../toxcore/mono_time.h"
#include "../toxcore/forwarding.h"
#include "../toxcore/net_crypto.h"
#include "../toxcore/util.h"
#include "auto_test_support.h"
#include "check_compat.h"
static void test_bucketnum(void)
{
const Random *rng = system_random();
ck_assert(rng != nullptr);
uint8_t key1[CRYPTO_PUBLIC_KEY_SIZE], key2[CRYPTO_PUBLIC_KEY_SIZE];
random_bytes(rng, key1, sizeof(key1));
memcpy(key2, key1, CRYPTO_PUBLIC_KEY_SIZE);
ck_assert_msg(get_bucketnum(key1, key2) == 0, "Bad bucketnum");
key2[4] ^= 0x09;
key2[5] ^= 0xc5;
ck_assert_msg(get_bucketnum(key1, key2) == 7, "Bad bucketnum");
key2[4] ^= 0x09;
ck_assert_msg(get_bucketnum(key1, key2) == 17, "Bad bucketnum");
key2[5] ^= 0xc5;
key2[31] ^= 0x09;
ck_assert_msg(get_bucketnum(key1, key2) == 4, "Bad bucketnum");
}
typedef struct Announce_Test_Data {
uint8_t data[MAX_ANNOUNCEMENT_SIZE];
uint16_t length;
bool passed;
} Announce_Test_Data;
static void test_announce_data(void *object, const uint8_t *data, uint16_t length)
{
Announce_Test_Data *test_data = (Announce_Test_Data *) object;
test_data->passed = test_data->length == length && memcmp(test_data->data, data, length) == 0;
}
static void test_store_data(void)
{
const Random *rng = system_random();
ck_assert(rng != nullptr);
const Network *ns = system_network();
ck_assert(ns != nullptr);
Logger *log = logger_new();
ck_assert(log != nullptr);
logger_callback_log(log, (logger_cb *)print_debug_log, nullptr, nullptr);
Mono_Time *mono_time = mono_time_new();
Networking_Core *net = new_networking_no_udp(log, ns);
DHT *dht = new_dht(log, rng, ns, mono_time, net, true, true);
Forwarding *forwarding = new_forwarding(log, rng, mono_time, dht);
Announcements *announce = new_announcements(log, rng, mono_time, forwarding);
ck_assert(announce != nullptr);
/* Just to prevent CI from complaining that set_synch_offset is unused: */
set_synch_offset(announce, 0);
Announce_Test_Data test_data;
random_bytes(rng, test_data.data, sizeof(test_data.data));
test_data.length = sizeof(test_data.data);
uint8_t key[CRYPTO_PUBLIC_KEY_SIZE];
random_bytes(rng, key, sizeof(key));
ck_assert_msg(!on_stored(announce, key, nullptr, nullptr), "Unstored announcement exists");
ck_assert_msg(store_data(announce, key, test_data.data, sizeof(test_data.data),
MAX_MAX_ANNOUNCEMENT_TIMEOUT), "Failed to store announcement");
ck_assert_msg(on_stored(announce, key, test_announce_data, &test_data), "Failed to get stored announcement");
ck_assert_msg(test_data.passed, "Bad stored announcement data");
const uint8_t *const base = dht_get_self_public_key(dht);
ck_assert_msg(store_data(announce, base, test_data.data, sizeof(test_data.data), 1), "failed to store base");
uint8_t test_keys[ANNOUNCE_BUCKET_SIZE + 1][CRYPTO_PUBLIC_KEY_SIZE];
for (uint8_t i = 0; i < ANNOUNCE_BUCKET_SIZE + 1; ++i) {
memcpy(test_keys[i], base, CRYPTO_PUBLIC_KEY_SIZE);
test_keys[i][i] ^= 1;
ck_assert_msg(store_data(announce, test_keys[i], test_data.data, sizeof(test_data.data), 1),
"Failed to store announcement %d", i);
}
ck_assert_msg(on_stored(announce, base, nullptr, nullptr), "base was evicted");
ck_assert_msg(!on_stored(announce, test_keys[0], nullptr, nullptr), "furthest was not evicted");
ck_assert_msg(!store_data(announce, test_keys[0], nullptr, 0, 1), "furthest evicted closer");
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
kill_networking(net);
mono_time_free(mono_time);
logger_kill(log);
}
static void basic_announce_tests(void)
{
test_bucketnum();
test_store_data();
}
int main(void)
{
setvbuf(stdout, nullptr, _IONBF, 0);
basic_announce_tests();
return 0;
}

325
auto_tests/forwarding_test.c Normal file
View File

@ -0,0 +1,325 @@
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include "../toxcore/tox.h"
#include "../toxcore/announce.h"
#include "../testing/misc_tools.h"
#include "../toxcore/mono_time.h"
#include "../toxcore/forwarding.h"
#include "../toxcore/net_crypto.h"
#include "../toxcore/util.h"
#include "auto_test_support.h"
#include "check_compat.h"
#ifndef USE_IPV6
#define USE_IPV6 1
#endif
static inline IP get_loopback(void)
{
IP ip;
#if USE_IPV6
ip.family = net_family_ipv6;
ip.ip.v6 = get_ip6_loopback();
#else
ip.family = net_family_ipv4;
ip.ip.v4 = get_ip4_loopback();
#endif
return ip;
}
#define NUM_FORWARDER 20
#define NUM_FORWARDER_TCP 5
#define NUM_FORWARDER_DHT (NUM_FORWARDER - NUM_FORWARDER_TCP)
#define NUM_FORWARDING_ITERATIONS 1
#define FORWARD_SEND_INTERVAL 2
#define FORWARDER_TCP_RELAY_PORT 36570
#define FORWARDING_BASE_PORT 36571
typedef struct Test_Data {
Networking_Core *net;
uint32_t send_back;
uint64_t sent;
bool returned;
} Test_Data;
static void test_forwarded_request_cb(void *object, const IP_Port *forwarder,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length, void *userdata)
{
Test_Data *test_data = (Test_Data *)object;
uint8_t *index = (uint8_t *)userdata;
if (length != 12 || memcmp("hello: ", data, 8) != 0) {
printf("[%u] got unexpected data of length %d\n", *index, length);
return;
}
uint8_t reply[12];
memcpy(reply, "reply: ", 8);
memcpy(reply + 8, data + 8, 4);
ck_assert_msg(forward_reply(test_data->net, forwarder, sendback, sendback_length, reply, 12),
"[%u] forward_reply failed", *index);
}
static void test_forwarded_response_cb(void *object,
const uint8_t *data, uint16_t length, void *userdata)
{
Test_Data *test_data = (Test_Data *)object;
uint8_t *index = (uint8_t *)userdata;
if (length != 12 || memcmp("reply: ", data, 8) != 0) {
printf("[%u] got unexpected data of length %d\n", *index, length);
return;
}
uint32_t send_back;
net_unpack_u32(data + 8, &send_back);
if (test_data->send_back == send_back) {
test_data->returned = true;
}
}
static bool all_returned(Test_Data *test_data)
{
for (uint32_t i = 0; i < NUM_FORWARDER; ++i) {
if (!test_data[i].returned) {
return false;
}
}
return true;
}
typedef struct Forwarding_Subtox {
Logger *log;
Mono_Time *mono_time;
Networking_Core *net;
DHT *dht;
Net_Crypto *c;
Forwarding *forwarding;
Announcements *announce;
} Forwarding_Subtox;
static Forwarding_Subtox *new_forwarding_subtox(bool no_udp, uint32_t *index, uint16_t port)
{
Forwarding_Subtox *subtox = (Forwarding_Subtox *)calloc(1, sizeof(Forwarding_Subtox));
ck_assert(subtox != nullptr);
subtox->log = logger_new();
ck_assert(subtox->log != nullptr);
logger_callback_log(subtox->log, (logger_cb *)print_debug_log, nullptr, index);
subtox->mono_time = mono_time_new();
const Random *rng= system_random();
ck_assert(rng != nullptr);
const Network *ns = system_network();
ck_assert(ns != nullptr);
if (no_udp) {
subtox->net = new_networking_no_udp(subtox->log, ns);
} else {
const IP ip = get_loopback();
subtox->net = new_networking_ex(subtox->log, ns, &ip, port, port, nullptr);
}
subtox->dht = new_dht(subtox->log, rng, ns, subtox->mono_time, subtox->net, true, true);
const TCP_Proxy_Info inf = {{{{0}}}};
subtox->c = new_net_crypto(subtox->log, rng, ns, subtox->mono_time, subtox->dht, &inf);
subtox->forwarding = new_forwarding(subtox->log, rng, subtox->mono_time, subtox->dht);
ck_assert(subtox->forwarding != nullptr);
subtox->announce = new_announcements(subtox->log, rng, subtox->mono_time, subtox->forwarding);
ck_assert(subtox->announce != nullptr);
return subtox;
}
static void kill_forwarding_subtox(Forwarding_Subtox *subtox)
{
kill_announcements(subtox->announce);
kill_forwarding(subtox->forwarding);
kill_net_crypto(subtox->c);
kill_dht(subtox->dht);
kill_networking(subtox->net);
mono_time_free(subtox->mono_time);
logger_kill(subtox->log);
free(subtox);
}
static void test_forwarding(void)
{
const Random *rng = system_random();
ck_assert(rng != nullptr);
const Network *ns = system_network();
ck_assert(ns != nullptr);
uint32_t index[NUM_FORWARDER];
Forwarding_Subtox *subtoxes[NUM_FORWARDER];
Test_Data test_data[NUM_FORWARDER];
const IP ip = get_loopback();
for (uint32_t i = 0; i < NUM_FORWARDER; ++i) {
index[i] = i + 1;
subtoxes[i] = new_forwarding_subtox(i < NUM_FORWARDER_TCP, &index[i], FORWARDING_BASE_PORT + i);
test_data[i].net = subtoxes[i]->net;
test_data[i].send_back = 0;
test_data[i].sent = 0;
test_data[i].returned = false;
set_callback_forwarded_request(subtoxes[i]->forwarding, test_forwarded_request_cb, &test_data[i]);
set_callback_forwarded_response(subtoxes[i]->forwarding, test_forwarded_response_cb, &test_data[i]);
set_forwarding_packet_tcp_connection_callback(nc_get_tcp_c(subtoxes[i]->c), test_forwarded_response_cb, &test_data[i]);
}
printf("testing forwarding via tcp relays and dht\n");
struct Tox_Options *opts = tox_options_new(nullptr);
tox_options_set_tcp_port(opts, FORWARDER_TCP_RELAY_PORT);
IP_Port relay_ipport_tcp = {ip, net_htons(FORWARDER_TCP_RELAY_PORT)};
Tox *relay = tox_new_log(opts, nullptr, nullptr);
tox_options_free(opts);
ck_assert_msg(relay != nullptr, "Failed to create TCP relay");
uint8_t dpk[TOX_PUBLIC_KEY_SIZE];
tox_self_get_dht_id(relay, dpk);
printf("1-%d connected only to TCP server; %d-%d connected only to DHT\n",
NUM_FORWARDER_TCP, NUM_FORWARDER_TCP + 1, NUM_FORWARDER);
for (uint32_t i = 0; i < NUM_FORWARDER_TCP; ++i) {
set_tcp_onion_status(nc_get_tcp_c(subtoxes[i]->c), 1);
ck_assert_msg(add_tcp_relay(subtoxes[i]->c, &relay_ipport_tcp, dpk) == 0,
"Failed to add TCP relay");
}
IP_Port relay_ipport_udp = {ip, net_htons(tox_self_get_udp_port(relay, nullptr))};
for (uint32_t i = NUM_FORWARDER_TCP; i < NUM_FORWARDER; ++i) {
dht_bootstrap(subtoxes[i]->dht, &relay_ipport_udp, dpk);
}
printf("allowing DHT to populate\n");
uint16_t dht_establish_iterations = NUM_FORWARDER * 5;
for (uint32_t n = 0; n < NUM_FORWARDING_ITERATIONS; ++n) {
for (uint32_t i = 0; i < NUM_FORWARDER; ++i) {
test_data[i].sent = 0;
test_data[i].returned = false;
}
do {
for (uint32_t i = 0; i < NUM_FORWARDER; ++i) {
Forwarding_Subtox *const subtox = subtoxes[i];
mono_time_update(subtox->mono_time);
networking_poll(subtox->net, &index[i]);
do_net_crypto(subtox->c, &index[i]);
do_dht(subtox->dht);
if (dht_establish_iterations ||
test_data[i].returned ||
!mono_time_is_timeout(subtox->mono_time, test_data[i].sent, FORWARD_SEND_INTERVAL)) {
continue;
}
printf("%u", i + 1);
if (i < NUM_FORWARDER_TCP) {
printf(" --> TCPRelay");
}
const uint16_t chain_length = i < NUM_FORWARDER_TCP ? i % 5 : i % 4 + 1;
uint8_t chain_keys[4 * CRYPTO_PUBLIC_KEY_SIZE];
uint32_t chain_i = NUM_FORWARDER_TCP + (random_u32(rng) % NUM_FORWARDER_DHT);
const IP_Port first_ipp = {ip, net_htons(FORWARDING_BASE_PORT + chain_i)};
printf(" --> %u", chain_i + 1);
for (uint16_t j = 0; j < chain_length; ++j) {
// pick random different dht node:
chain_i += 1 + random_u32(rng) % (NUM_FORWARDER_DHT - 1);
chain_i = NUM_FORWARDER_TCP + (chain_i - NUM_FORWARDER_TCP) % NUM_FORWARDER_DHT;
const uint8_t *dest_pubkey = dht_get_self_public_key(subtoxes[chain_i]->dht);
memcpy(chain_keys + j * CRYPTO_PUBLIC_KEY_SIZE, dest_pubkey, CRYPTO_PUBLIC_KEY_SIZE);
printf(" --> %u", chain_i + 1);
}
printf("\n");
const uint16_t length = 12;
uint8_t data[12];
memcpy(data, "hello: ", 8);
test_data[i].send_back = random_u32(rng);
net_pack_u32(data + 8, test_data[i].send_back);
if (i < NUM_FORWARDER_TCP) {
IP_Port tcp_forwarder;
if (!get_random_tcp_conn_ip_port(subtox->c, &tcp_forwarder)) {
continue;
}
if (send_tcp_forward_request(subtox->log, subtox->c, &tcp_forwarder, &first_ipp,
chain_keys, chain_length, data, length) == 0) {
test_data[i].sent = mono_time_get(subtox->mono_time);
}
} else {
if (send_forward_request(subtox->net, &first_ipp,
chain_keys, chain_length, data, length)) {
test_data[i].sent = mono_time_get(subtox->mono_time);
}
}
}
tox_iterate(relay, nullptr);
if (dht_establish_iterations) {
--dht_establish_iterations;
if (!dht_establish_iterations) {
printf("making forward requests and expecting replies\n");
}
}
c_sleep(50);
} while (!all_returned(test_data));
// This doesn't really belong in this test.
// It can be removed once the full announce client test is in place.
printf("checking that nodes are marked as announce nodes\n");
Node_format nodes[MAX_SENT_NODES];
ck_assert(NUM_FORWARDER - NUM_FORWARDER_TCP > 1);
for (uint32_t i = NUM_FORWARDER_TCP; i < NUM_FORWARDER; ++i) {
ck_assert_msg(get_close_nodes(subtoxes[i]->dht, dht_get_self_public_key(subtoxes[i]->dht), nodes, net_family_unspec, true,
true) > 0,
"node %u has no nodes marked as announce nodes", i);
}
}
for (uint32_t i = 0; i < NUM_FORWARDER; ++i) {
kill_forwarding_subtox(subtoxes[i]);
}
tox_kill(relay);
}
int main(void)
{
setvbuf(stdout, nullptr, _IONBF, 0);
test_forwarding();
return 0;
}

5
other/DHT_bootstrap.c
View File

@ -149,13 +149,14 @@ int main(int argc, char *argv[])
const Network *ns = system_network();
DHT *dht = new_dht(logger, rng, ns, mono_time, new_networking_ex(logger, ns, &ip, start_port, end_port, nullptr), true, true);
Onion *onion = new_onion(logger, mono_time, rng, dht);
Forwarding *forwarding = new_forwarding(logger, rng, mono_time, dht);
const Onion_Announce *onion_a = new_onion_announce(logger, rng, mono_time, dht);
#ifdef DHT_NODE_EXTRA_PACKETS
bootstrap_set_callbacks(dht_get_net(dht), DHT_VERSION_NUMBER, DHT_MOTD, sizeof(DHT_MOTD));
#endif
if (!(onion && onion_a)) {
if (!(onion && forwarding && onion_a)) {
printf("Something failed to initialize.\n");
exit(1);
}
@ -168,7 +169,7 @@ int main(int argc, char *argv[])
#ifdef TCP_RELAY_ENABLED
#define NUM_PORTS 3
uint16_t ports[NUM_PORTS] = {443, 3389, PORT};
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, ipv6enabled, NUM_PORTS, ports, dht_get_self_secret_key(dht), onion);
TCP_Server *tcp_s = new_TCP_server(logger, rng, ns, ipv6enabled, NUM_PORTS, ports, dht_get_self_secret_key(dht), onion, forwarding);
if (tcp_s == nullptr) {
printf("TCP server failed to initialize.\n");

1
other/analysis/run-clang
View File

@ -20,6 +20,7 @@ run() {
-Wno-covered-switch-default \
-Wno-disabled-macro-expansion \
-Wno-documentation-deprecated-sync \
-Wno-documentation-unknown-command \
-Wno-global-constructors \
-Wno-missing-braces \
-Wno-missing-field-initializers \

1
other/bootstrap_daemon/BUILD.bazel
View File

@ -13,6 +13,7 @@ cc_binary(
"//c-toxcore/toxcore:DHT",
"//c-toxcore/toxcore:LAN_discovery",
"//c-toxcore/toxcore:TCP_server",
"//c-toxcore/toxcore:announce",
"//c-toxcore/toxcore:ccompat",
"//c-toxcore/toxcore:logger",
"//c-toxcore/toxcore:mono_time",

2
other/bootstrap_daemon/docker/tox-bootstrapd.sha256
View File

@ -1 +1 @@
21f18736f7f4a5d4c6d93347df95dbf16b5ed583dcb47bf463526e03ee50f3e9 /usr/local/bin/tox-bootstrapd
96618672392dc44a2f0a480f6415380e3fc588ace646345d31a297e80f7c271f /usr/local/bin/tox-bootstrapd

50
other/bootstrap_daemon/src/tox-bootstrapd.c
View File

@ -28,6 +28,7 @@
#include "../../../toxcore/tox.h"
#include "../../../toxcore/LAN_discovery.h"
#include "../../../toxcore/TCP_server.h"
#include "../../../toxcore/announce.h"
#include "../../../toxcore/logger.h"
#include "../../../toxcore/mono_time.h"
#include "../../../toxcore/onion_announce.h"
@ -334,10 +335,41 @@ int main(int argc, char *argv[])
return 1;
}
Forwarding *forwarding = new_forwarding(logger, rng, mono_time, dht);
if (forwarding == nullptr) {
log_write(LOG_LEVEL_ERROR, "Couldn't initialize forwarding. Exiting.\n");
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
logger_kill(logger);
free(motd);
free(tcp_relay_ports);
free(keys_file_path);
return 1;
}
Announcements *announce = new_announcements(logger, rng, mono_time, forwarding);
if (announce == nullptr) {
log_write(LOG_LEVEL_ERROR, "Couldn't initialize DHT announcements. Exiting.\n");
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
logger_kill(logger);
free(motd);
free(tcp_relay_ports);
free(keys_file_path);
return 1;
}
Onion *onion = new_onion(logger, mono_time, rng, dht);
if (!onion) {
log_write(LOG_LEVEL_ERROR, "Couldn't initialize Tox Onion. Exiting.\n");
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -353,6 +385,8 @@ int main(int argc, char *argv[])
if (!onion_a) {
log_write(LOG_LEVEL_ERROR, "Couldn't initialize Tox Onion Announce. Exiting.\n");
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -371,6 +405,8 @@ int main(int argc, char *argv[])
log_write(LOG_LEVEL_ERROR, "Couldn't set MOTD: %s. Exiting.\n", motd);
kill_onion_announce(onion_a);
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -389,6 +425,8 @@ int main(int argc, char *argv[])
log_write(LOG_LEVEL_ERROR, "Couldn't read/write: %s. Exiting.\n", keys_file_path);
kill_onion_announce(onion_a);
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -404,6 +442,8 @@ int main(int argc, char *argv[])
if (tcp_relay_port_count == 0) {
log_write(LOG_LEVEL_ERROR, "No TCP relay ports read. Exiting.\n");
kill_onion_announce(onion_a);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_onion(onion);
kill_dht(dht);
mono_time_free(mono_time);
@ -413,8 +453,8 @@ int main(int argc, char *argv[])
return 1;
}
tcp_server = new_TCP_server(
logger, rng, ns, enable_ipv6, tcp_relay_port_count, tcp_relay_ports, dht_get_self_secret_key(dht), onion);
tcp_server = new_TCP_server(logger, rng, ns, enable_ipv6, tcp_relay_port_count, tcp_relay_ports,
dht_get_self_secret_key(dht), onion, forwarding);
free(tcp_relay_ports);
@ -448,6 +488,8 @@ int main(int argc, char *argv[])
log_write(LOG_LEVEL_ERROR, "Couldn't initialize Tox TCP server. Exiting.\n");
kill_onion_announce(onion_a);
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -463,6 +505,8 @@ int main(int argc, char *argv[])
kill_TCP_server(tcp_server);
kill_onion_announce(onion_a);
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);
@ -543,6 +587,8 @@ int main(int argc, char *argv[])
kill_TCP_server(tcp_server);
kill_onion_announce(onion_a);
kill_onion(onion);
kill_announcements(announce);
kill_forwarding(forwarding);
kill_dht(dht);
mono_time_free(mono_time);
kill_networking(net);

1
testing/BUILD.bazel
View File

@ -18,6 +18,7 @@ sh_test(
"-Wno-callgraph",
"-Wno-enum-names",
"-Wno-type-check",
"-Wno-var-unused-in-scope",
"+RTS",
"-N3",
"-RTS",

45
toxcore/BUILD.bazel
View File

@ -332,6 +332,47 @@ cc_library(
],
)
cc_library(
name = "forwarding",
srcs = ["forwarding.c"],
hdrs = ["forwarding.h"],
visibility = ["//c-toxcore/auto_tests:__pkg__"],
deps = [
":DHT",
":ccompat",
":network",
":timed_auth",
],
)
cc_fuzz_test(
name = "forwarding_fuzz_test",
srcs = ["forwarding_fuzz_test.cc"],
#corpus = ["//tools/toktok-fuzzer/corpus:forwarding_fuzz_test"],
deps = [
":forwarding",
"//c-toxcore/testing/fuzzing:fuzz_support",
"//c-toxcore/testing/fuzzing:fuzz_tox",
],
)
cc_library(
name = "announce",
srcs = ["announce.c"],
hdrs = ["announce.h"],
visibility = [
"//c-toxcore/auto_tests:__pkg__",
"//c-toxcore/other/bootstrap_daemon:__pkg__",
],
deps = [
":LAN_discovery",
":ccompat",
":forwarding",
":timed_auth",
":util",
],
)
cc_library(
name = "TCP_common",
srcs = ["TCP_common.c"],
@ -360,6 +401,7 @@ cc_library(
":TCP_common",
":ccompat",
":crypto_core",
":forwarding",
":list",
":mono_time",
":onion",
@ -375,6 +417,7 @@ cc_library(
deps = [
":TCP_common",
":ccompat",
":forwarding",
":mono_time",
":util",
],
@ -552,7 +595,9 @@ cc_library(
],
deps = [
":TCP_server",
":announce",
":ccompat",
":forwarding",
":friend_requests",
":logger",
":mono_time",

178
toxcore/DHT.c
View File

@ -224,9 +224,8 @@ int id_closest(const uint8_t *pk, const uint8_t *pk1, const uint8_t *pk2)
return 0;
}
/** Return index of first unequal bit number. */
non_null()
static unsigned int bit_by_bit_cmp(const uint8_t *pk1, const uint8_t *pk2)
/** Return index of first unequal bit number between public keys pk1 and pk2. */
unsigned int bit_by_bit_cmp(const uint8_t *pk1, const uint8_t *pk2)
{
unsigned int i;
unsigned int j = 0;
@ -453,11 +452,11 @@ int packed_node_size(Family ip_family)
}
/** @brief Packs an IP_Port structure into data of max size length.
/** @brief Pack an IP_Port structure into data of max size length.
*
* Packed_length is the offset of data currently packed.
*
* @return size of packed IP_Port data on success
* @return size of packed IP_Port data on success.
* @retval -1 on failure.
*/
int pack_ip_port(const Logger *logger, uint8_t *data, uint16_t length, const IP_Port *ip_port)
@ -515,10 +514,15 @@ int pack_ip_port(const Logger *logger, uint8_t *data, uint16_t length, const IP_
}
}
non_null()
static int dht_create_packet(const Random *rng, const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
const uint8_t *shared_key, const uint8_t type,
const uint8_t *plain, size_t plain_length, uint8_t *packet)
/** @brief Encrypt plain and write resulting DHT packet into packet with max size length.
*
* @return size of packet on success.
* @retval -1 on failure.
*/
int dht_create_packet(const Random *rng, const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
const uint8_t *shared_key, const uint8_t type,
const uint8_t *plain, size_t plain_length,
uint8_t *packet, size_t length)
{
uint8_t *encrypted = (uint8_t *)malloc(plain_length + CRYPTO_MAC_SIZE);
uint8_t nonce[CRYPTO_NONCE_SIZE];
@ -536,6 +540,10 @@ static int dht_create_packet(const Random *rng, const uint8_t public_key[CRYPTO_
return -1;
}
if (length < 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + encrypted_length) {
return -1;
}
packet[0] = type;
memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE);
memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE);
@ -871,7 +879,8 @@ bool add_to_list(Node_format *nodes_list, uint32_t length, const uint8_t *pk, co
non_null()
static void get_close_nodes_inner(uint64_t cur_time, const uint8_t *public_key, Node_format *nodes_list,
Family sa_family, const Client_data *client_list, uint32_t client_list_length,
uint32_t *num_nodes_ptr, bool is_LAN)
uint32_t *num_nodes_ptr, bool is_LAN,
bool want_announce)
{
if (!net_family_is_ipv4(sa_family) && !net_family_is_ipv6(sa_family) && !net_family_is_unspec(sa_family)) {
return;
@ -909,11 +918,21 @@ static void get_close_nodes_inner(uint64_t cur_time, const uint8_t *public_key,
continue;
}
#ifdef CHECK_ANNOUNCE_NODE
if (want_announce && !client->announce_node) {
continue;
}
#endif
if (num_nodes < MAX_SENT_NODES) {
memcpy(nodes_list[num_nodes].public_key, client->public_key, CRYPTO_PUBLIC_KEY_SIZE);
nodes_list[num_nodes].ip_port = ipptp->ip_port;
++num_nodes;
} else {
// TODO(zugz): this could be made significantly more efficient by
// using a version of add_to_list which works with a sorted list.
add_to_list(nodes_list, MAX_SENT_NODES, client->public_key, &ipptp->ip_port, public_key);
}
}
@ -925,30 +944,31 @@ static void get_close_nodes_inner(uint64_t cur_time, const uint8_t *public_key,
* Find MAX_SENT_NODES nodes closest to the public_key for the send nodes request:
* put them in the nodes_list and return how many were found.
*
* TODO(irungentoo): make this function cleaner and much more efficient.
* want_announce: return only nodes which implement the dht announcements protocol.
*/
non_null()
static int get_somewhat_close_nodes(const DHT *dht, const uint8_t *public_key, Node_format *nodes_list,
Family sa_family, bool is_LAN)
Family sa_family, bool is_LAN, bool want_announce)
{
uint32_t num_nodes = 0;
get_close_nodes_inner(dht->cur_time, public_key, nodes_list, sa_family,
dht->close_clientlist, LCLIENT_LIST, &num_nodes, is_LAN);
dht->close_clientlist, LCLIENT_LIST, &num_nodes, is_LAN, want_announce);
for (uint32_t i = 0; i < dht->num_friends; ++i) {
get_close_nodes_inner(dht->cur_time, public_key, nodes_list, sa_family,
dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS,
&num_nodes, is_LAN);
&num_nodes, is_LAN, want_announce);
}
return num_nodes;
}
int get_close_nodes(const DHT *dht, const uint8_t *public_key, Node_format *nodes_list, Family sa_family,
bool is_LAN)
bool is_LAN, bool want_announce)
{
memset(nodes_list, 0, MAX_SENT_NODES * sizeof(Node_format));
return get_somewhat_close_nodes(dht, public_key, nodes_list, sa_family, is_LAN);
return get_somewhat_close_nodes(dht, public_key, nodes_list, sa_family,
is_LAN, want_announce);
}
typedef struct DHT_Cmp_Data {
@ -994,6 +1014,109 @@ static int dht_cmp_entry(const void *a, const void *b)
return 0;
}
#ifdef CHECK_ANNOUNCE_NODE
non_null()
static void set_announce_node_in_list(Client_data *list, uint32_t list_len, const uint8_t *public_key)
{
const uint32_t index = index_of_client_pk(list, list_len, public_key);
if (index != UINT32_MAX) {
list[index].announce_node = true;
}
}
void set_announce_node(DHT *dht, const uint8_t *public_key)
{
unsigned int index = bit_by_bit_cmp(public_key, dht->self_public_key);
if (index >= LCLIENT_LENGTH) {
index = LCLIENT_LENGTH - 1;
}
set_announce_node_in_list(dht->close_clientlist + index * LCLIENT_NODES, LCLIENT_LIST, public_key);
for (int32_t i = 0; i < dht->num_friends; ++i) {
set_announce_node_in_list(dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS, public_key);
}
}
/** @brief Send data search request, searching for a random key. */
non_null()
static bool send_announce_ping(DHT *dht, const uint8_t *public_key, const IP_Port *ip_port)
{
uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)];
uint8_t unused_secret_key[CRYPTO_SECRET_KEY_SIZE];
crypto_new_keypair(dht->rng, plain, unused_secret_key);
const uint64_t ping_id = ping_array_add(dht->dht_ping_array,
dht->mono_time,
dht->rng,
public_key, CRYPTO_PUBLIC_KEY_SIZE);
memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, &ping_id, sizeof(ping_id));
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
dht_get_shared_key_sent(dht, shared_key, public_key);
uint8_t request[1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE];
if (dht_create_packet(dht->rng, dht->self_public_key, shared_key, NET_PACKET_DATA_SEARCH_REQUEST,
plain, sizeof(plain), request, sizeof(request)) != sizeof(request)) {
return false;
}
return sendpacket(dht->net, ip_port, request, sizeof(request)) == sizeof(request);
}
/** @brief If the response is valid, set the sender as an announce node. */
non_null(1, 2, 3) nullable(5)
static int handle_data_search_response(void *object, const IP_Port *source,
const uint8_t *packet, uint16_t length,
void *userdata)
{
DHT *dht = (DHT *) object;
const int32_t plain_len = (int32_t)length - (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE);
if (plain_len < CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)) {
return 1;
}
VLA(uint8_t, plain, plain_len);
const uint8_t *public_key = packet + 1;
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
dht_get_shared_key_recv(dht, shared_key, public_key);
if (decrypt_data_symmetric(shared_key,
packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
plain_len + CRYPTO_MAC_SIZE,
plain) != plain_len) {
return 1;
}
uint64_t ping_id;
memcpy(&ping_id, plain + (plain_len - sizeof(uint64_t)), sizeof(ping_id));
uint8_t ping_data[CRYPTO_PUBLIC_KEY_SIZE];
if (ping_array_check(dht->dht_ping_array,
dht->mono_time, ping_data,
sizeof(ping_data), ping_id) != sizeof(ping_data)) {
return 1;
}
if (!pk_equal(ping_data, public_key)) {
return 1;
}
set_announce_node(dht, public_key);
return 0;
}
#endif
/** @brief Is it ok to store node with public_key in client.
*
* return false if node can't be stored.
@ -1134,6 +1257,10 @@ static bool add_to_close(DHT *dht, const uint8_t *public_key, const IP_Port *ip_
pk_copy(client->public_key, public_key);
update_client_with_reset(dht->mono_time, client, ip_port);
#ifdef CHECK_ANNOUNCE_NODE
client->announce_node = false;
send_announce_ping(dht, public_key, ip_port);
#endif
return true;
}
@ -1389,8 +1516,9 @@ bool dht_getnodes(DHT *dht, const IP_Port *ip_port, const uint8_t *public_key, c
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
dht_get_shared_key_sent(dht, shared_key, public_key);
const int len = dht_create_packet(dht->rng, dht->self_public_key, shared_key, NET_PACKET_GET_NODES,
plain, sizeof(plain), data);
const int len = dht_create_packet(dht->rng,
dht->self_public_key, shared_key, NET_PACKET_GET_NODES,
plain, sizeof(plain), data, sizeof(data));
crypto_memzero(shared_key, sizeof(shared_key));
@ -1420,7 +1548,7 @@ static int sendnodes_ipv6(const DHT *dht, const IP_Port *ip_port, const uint8_t
Node_format nodes_list[MAX_SENT_NODES];
const uint32_t num_nodes =
get_close_nodes(dht, client_id, nodes_list, net_family_unspec, ip_is_lan(&ip_port->ip));
get_close_nodes(dht, client_id, nodes_list, net_family_unspec, ip_is_lan(&ip_port->ip), false);
VLA(uint8_t, plain, 1 + node_format_size * MAX_SENT_NODES + length);
@ -1440,8 +1568,9 @@ static int sendnodes_ipv6(const DHT *dht, const IP_Port *ip_port, const uint8_t
const uint32_t crypto_size = 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE;
VLA(uint8_t, data, 1 + nodes_length + length + crypto_size);
const int len = dht_create_packet(dht->rng, dht->self_public_key, shared_encryption_key,
NET_PACKET_SEND_NODES_IPV6, plain, 1 + nodes_length + length, data);
const int len = dht_create_packet(dht->rng,
dht->self_public_key, shared_encryption_key, NET_PACKET_SEND_NODES_IPV6,
plain, 1 + nodes_length + length, data, SIZEOF_VLA(data));
if (len != SIZEOF_VLA(data)) {
return -1;
@ -1663,7 +1792,7 @@ int dht_addfriend(DHT *dht, const uint8_t *public_key, dht_ip_cb *ip_callback,
dht_friend_lock(dht_friend, ip_callback, data, number, lock_count);
dht_friend->num_to_bootstrap = get_close_nodes(dht, dht_friend->public_key, dht_friend->to_bootstrap, net_family_unspec,
true);
true, false);
return 0;
}
@ -1930,6 +2059,7 @@ int dht_bootstrap_from_address(DHT *dht, const char *address, bool ipv6enabled,
/** @brief Send the given packet to node with public_key.
*
* @return number of bytes sent.
* @retval -1 if failure.
*/
int route_packet(const DHT *dht, const uint8_t *public_key, const uint8_t *packet, uint16_t length)
@ -2608,6 +2738,10 @@ DHT *new_dht(const Logger *log, const Random *rng, const Network *ns, Mono_Time
networking_registerhandler(dht->net, NET_PACKET_LAN_DISCOVERY, &handle_LANdiscovery, dht);
cryptopacket_registerhandler(dht, CRYPTO_PACKET_NAT_PING, &handle_NATping, dht);
#ifdef CHECK_ANNOUNCE_NODE
networking_registerhandler(dht->net, NET_PACKET_DATA_SEARCH_RESPONSE, &handle_data_search_response, dht);
#endif
crypto_new_keypair(rng, dht->self_public_key, dht->self_secret_key);
dht->dht_ping_array = ping_array_new(DHT_PING_ARRAY_SIZE, PING_TIMEOUT);

44
toxcore/DHT.h
View File

@ -70,6 +70,12 @@ extern "C" {
#define PACKED_NODE_SIZE_IP4 (1 + SIZE_IP4 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE)
#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE)
/**
* This define can eventually be removed; it is necessary if a significant
* proportion of dht nodes do not implement the dht announcements protocol.
*/
#define CHECK_ANNOUNCE_NODE
/**
* @brief Create a request to peer.
*
@ -144,6 +150,11 @@ typedef struct Client_data {
uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
IPPTsPng assoc4;
IPPTsPng assoc6;
#ifdef CHECK_ANNOUNCE_NODE
/* Responded to data search? */
bool announce_node;
#endif
} Client_data;
/*----------------------------------------------------------------------------------*/
@ -180,16 +191,28 @@ non_null() const Client_data *dht_friend_client(const DHT_Friend *dht_friend, si
*/
int packed_node_size(Family ip_family);
/** @brief Packs an IP_Port structure into data of max size length.
/** @brief Pack an IP_Port structure into data of max size length.
*
* Packed_length is the offset of data currently packed.
*
* @return size of packed IP_Port data on success
* @return size of packed IP_Port data on success.
* @retval -1 on failure.
*/
non_null()
int pack_ip_port(const Logger *logger, uint8_t *data, uint16_t length, const IP_Port *ip_port);
/** @brief Encrypt plain and write resulting DHT packet into packet with max size length.
*
* @return size of packet on success.
* @retval -1 on failure.
*/
non_null()
int dht_create_packet(const Random *rng,
const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
const uint8_t *shared_key, const uint8_t type,
const uint8_t *plain, size_t plain_length,
uint8_t *packet, size_t length);
/** @brief Unpack IP_Port structure from data of max size length into ip_port.
*
* len_processed is the offset of data currently unpacked.
@ -348,6 +371,10 @@ int dht_getfriendip(const DHT *dht, const uint8_t *public_key, IP_Port *ip_port)
non_null()
int id_closest(const uint8_t *pk, const uint8_t *pk1, const uint8_t *pk2);
/** Return index of first unequal bit number between public keys pk1 and pk2. */
non_null()
unsigned int bit_by_bit_cmp(const uint8_t *pk1, const uint8_t *pk2);
/**
* Add node to the node list making sure only the nodes closest to cmp_pk are in the list.
*
@ -361,19 +388,25 @@ bool add_to_list(
non_null()
bool node_addable_to_close_list(DHT *dht, const uint8_t *public_key, const IP_Port *ip_port);
#ifdef CHECK_ANNOUNCE_NODE
/** Set node as announce node. */
non_null()
void set_announce_node(DHT *dht, const uint8_t *public_key);
#endif
/**
* Get the (maximum MAX_SENT_NODES) closest nodes to public_key we know
* and put them in nodes_list (must be MAX_SENT_NODES big).
*
* sa_family = family (IPv4 or IPv6) (0 if we don't care)?
* is_LAN = return some LAN ips (true or false)
* want_good = do we want tested nodes or not? (TODO(irungentoo))
* want_announce: return only nodes which implement the dht announcements protocol.
*
* @return the number of nodes returned.
*/
non_null()
int get_close_nodes(
const DHT *dht, const uint8_t *public_key, Node_format *nodes_list, Family sa_family, bool is_LAN);
int get_close_nodes(const DHT *dht, const uint8_t *public_key, Node_format *nodes_list, Family sa_family,
bool is_LAN, bool want_announce);
/** @brief Put up to max_num nodes in nodes from the random friends.
@ -432,6 +465,7 @@ int dht_connect_after_load(DHT *dht);
/** @brief Send the given packet to node with public_key.
*
* @return number of bytes sent.
* @retval -1 if failure.
*/
non_null()

4
toxcore/Makefile.inc
View File

@ -87,6 +87,10 @@ libtoxcore_la_SOURCES = ../third_party/cmp/cmp.c \
../toxcore/onion_announce.c \
../toxcore/onion_client.h \
../toxcore/onion_client.c \
../toxcore/announce.h \
../toxcore/announce.c \
../toxcore/forwarding.h \
../toxcore/forwarding.c \
../toxcore/TCP_client.h \
../toxcore/TCP_client.c \
../toxcore/TCP_common.h \

19
toxcore/Messenger.c
View File

@ -3237,16 +3237,27 @@ Messenger *new_messenger(Mono_Time *mono_time, const Random *rng, const Network
return nullptr;
}
if (options->dht_announcements_enabled) {
m->forwarding = new_forwarding(m->log, m->rng, m->mono_time, m->dht);
m->announce = new_announcements(m->log, m->rng, m->mono_time, m->forwarding);
} else {
m->forwarding = nullptr;
m->announce = nullptr;
}
m->onion = new_onion(m->log, m->mono_time, m->rng, m->dht);
m->onion_a = new_onion_announce(m->log, m->rng, m->mono_time, m->dht);
m->onion_c = new_onion_client(m->log, m->rng, m->mono_time, m->net_crypto);
m->fr_c = new_friend_connections(m->log, m->mono_time, m->ns, m->onion_c, options->local_discovery_enabled);
if (m->onion == nullptr || m->onion_a == nullptr || m->onion_c == nullptr || m->fr_c == nullptr) {
if ((options->dht_announcements_enabled && (m->forwarding == nullptr || m->announce == nullptr)) ||
m->onion == nullptr || m->onion_a == nullptr || m->onion_c == nullptr || m->fr_c == nullptr) {
kill_friend_connections(m->fr_c);
kill_onion(m->onion);
kill_onion_announce(m->onion_a);
kill_onion_client(m->onion_c);
kill_announcements(m->announce);
kill_forwarding(m->forwarding);
kill_net_crypto(m->net_crypto);
kill_dht(m->dht);
kill_networking(m->net);
@ -3258,13 +3269,15 @@ Messenger *new_messenger(Mono_Time *mono_time, const Random *rng, const Network
if (options->tcp_server_port != 0) {
m->tcp_server = new_TCP_server(m->log, m->rng, m->ns, options->ipv6enabled, 1, &options->tcp_server_port,
dht_get_self_secret_key(m->dht), m->onion);
dht_get_self_secret_key(m->dht), m->onion, m->forwarding);
if (m->tcp_server == nullptr) {
kill_friend_connections(m->fr_c);
kill_onion(m->onion);
kill_onion_announce(m->onion_a);
kill_onion_client(m->onion_c);
kill_announcements(m->announce);
kill_forwarding(m->forwarding);
kill_net_crypto(m->net_crypto);
kill_dht(m->dht);
kill_networking(m->net);
@ -3316,6 +3329,8 @@ void kill_messenger(Messenger *m)
kill_onion(m->onion);
kill_onion_announce(m->onion_a);
kill_onion_client(m->onion_c);
kill_announcements(m->announce);
kill_forwarding(m->forwarding);
kill_net_crypto(m->net_crypto);
kill_dht(m->dht);
kill_networking(m->net);

6
toxcore/Messenger.h
View File

@ -11,6 +11,8 @@
#define C_TOXCORE_TOXCORE_MESSENGER_H
#include "TCP_server.h"
#include "announce.h"
#include "forwarding.h"
#include "friend_connection.h"
#include "friend_requests.h"
#include "logger.h"
@ -60,6 +62,7 @@ typedef struct Messenger_Options {
bool hole_punching_enabled;
bool local_discovery_enabled;
bool dht_announcements_enabled;
logger_cb *log_callback;
void *log_context;
@ -241,6 +244,9 @@ struct Messenger {
Net_Crypto *net_crypto;
DHT *dht;
Forwarding *forwarding;
Announcements *announce;
Onion *onion;
Onion_Announce *onion_a;
Onion_Client *onion_c;

36
toxcore/TCP_client.c
View File

@ -57,6 +57,9 @@ struct TCP_Client_Connection {
tcp_onion_response_cb *onion_callback;
void *onion_callback_object;
forwarded_response_cb *forwarded_response_callback;
void *forwarded_response_callback_object;
/* Can be used by user. */
void *custom_object;
uint32_t custom_uint;
@ -527,6 +530,34 @@ void onion_response_handler(TCP_Client_Connection *con, tcp_onion_response_cb *o
con->onion_callback_object = object;
}
/** @retval 1 on success.
* @retval 0 if could not send packet.
* @retval -1 on failure (connection must be killed).
*/
int send_forward_request_tcp(const Logger *logger, TCP_Client_Connection *con, const IP_Port *dest, const uint8_t *data, uint16_t length)
{
if (length > MAX_FORWARD_DATA_SIZE) {
return -1;
}
VLA(uint8_t, packet, 1 + MAX_PACKED_IPPORT_SIZE + length);
packet[0] = TCP_PACKET_FORWARD_REQUEST;
const int ipport_length = pack_ip_port(logger, packet + 1, MAX_PACKED_IPPORT_SIZE, dest);
if (ipport_length == -1) {
return 0;
}
memcpy(packet + 1 + ipport_length, data, length);
return write_packet_TCP_secure_connection(logger, &con->con, packet, 1 + ipport_length + length, false);
}
void forwarding_handler(TCP_Client_Connection *con, forwarded_response_cb *forwarded_response_callback, void *object)
{
con->forwarded_response_callback = forwarded_response_callback;
con->forwarded_response_callback_object = object;
}
/** Create new TCP connection to ip_port/public_key */
TCP_Client_Connection *new_TCP_connection(
const Logger *logger, const Mono_Time *mono_time, const Random *rng, const Network *ns, const IP_Port *ip_port,
@ -785,6 +816,11 @@ static int handle_TCP_client_packet(const Logger *logger, TCP_Client_Connection
return 0;
}
case TCP_PACKET_FORWARDING: {
conn->forwarded_response_callback(conn->forwarded_response_callback_object, data + 1, length - 1, userdata);
return 0;
}
default: {
if (data[0] < NUM_RESERVED_PORTS) {
return -1;

7
toxcore/TCP_client.h
View File

@ -10,6 +10,7 @@
#define C_TOXCORE_TOXCORE_TCP_CLIENT_H
#include "crypto_core.h"
#include "forwarding.h"
#include "mono_time.h"
#include "network.h"
@ -83,6 +84,12 @@ int send_onion_request(const Logger *logger, TCP_Client_Connection *con, const u
non_null()
void onion_response_handler(TCP_Client_Connection *con, tcp_onion_response_cb *onion_callback, void *object);
non_null()
int send_forward_request_tcp(const Logger *logger, TCP_Client_Connection *con, const IP_Port *dest, const uint8_t *data,
uint16_t length);
non_null()
void forwarding_handler(TCP_Client_Connection *con, forwarded_response_cb *forwarded_response_callback, void *object);
typedef int tcp_routing_response_cb(void *object, uint8_t connection_id, const uint8_t *public_key);
typedef int tcp_routing_status_cb(void *object, uint32_t number, uint8_t connection_id, uint8_t status);

2
toxcore/TCP_common.h
View File

@ -33,6 +33,8 @@ void wipe_priority_list(TCP_Priority_List *p);
#define TCP_PACKET_OOB_RECV 7
#define TCP_PACKET_ONION_REQUEST 8
#define TCP_PACKET_ONION_RESPONSE 9
#define TCP_PACKET_FORWARD_REQUEST 10
#define TCP_PACKET_FORWARDING 11
#define TCP_HANDSHAKE_PLAIN_SIZE (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE)
#define TCP_SERVER_HANDSHAKE_SIZE (CRYPTO_NONCE_SIZE + TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE)

91
toxcore/TCP_connection.c
View File

@ -42,6 +42,9 @@ struct TCP_Connections {
tcp_onion_cb *tcp_onion_callback;
void *tcp_onion_callback_object;
forwarded_response_cb *tcp_forwarded_response_callback;
void *tcp_forwarded_response_callback_object;
TCP_Proxy_Info proxy_info;
bool onion_status;
@ -394,6 +397,43 @@ int get_random_tcp_onion_conn_number(const TCP_Connections *tcp_c)
return -1;
}
/** @brief Return TCP connection number of active TCP connection with ip_port.
*
* return TCP connection number on success.
* return -1 on failure.
*/
non_null()
static int get_conn_number_by_ip_port(TCP_Connections *tcp_c, const IP_Port *ip_port)
{
for (uint32_t i = 0; i < tcp_c->tcp_connections_length; ++i) {
const IP_Port conn_ip_port = tcp_con_ip_port(tcp_c->tcp_connections[i].connection);
if (ipport_equal(ip_port, &conn_ip_port) &&
tcp_c->tcp_connections[i].status == TCP_CONN_CONNECTED) {
return i;
}
}
return -1;
}
/** @brief Put IP_Port of a random onion TCP connection in ip_port.
*
* return true on success.
* return false on failure.
*/
bool tcp_get_random_conn_ip_port(const TCP_Connections *tcp_c, IP_Port *ip_port)
{
const int index = get_random_tcp_onion_conn_number(tcp_c);
if (index == -1) {
return false;
}
*ip_port = tcp_con_ip_port(tcp_c->tcp_connections[index].connection);
return true;
}
/** @brief Send an onion packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -418,6 +458,36 @@ int tcp_send_onion_request(TCP_Connections *tcp_c, uint32_t tcp_connections_numb
return -1;
}
/* Send a forward request to the TCP relay with IP_Port tcp_forwarder,
* requesting to forward data via a chain of dht nodes starting with dht_node.
* A chain_length of 0 means that dht_node is the final destination of data.
*
* return 0 on success.
* return -1 on failure.
*/
int tcp_send_forward_request(const Logger *logger, TCP_Connections *tcp_c, const IP_Port *tcp_forwarder,
const IP_Port *dht_node,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length)
{
const int index = get_conn_number_by_ip_port(tcp_c, tcp_forwarder);
if (index == -1) {
return -1;
}
if (chain_length == 0) {
return send_forward_request_tcp(logger, tcp_c->tcp_connections[index].connection, dht_node, data,
data_length) == 1 ? 0 : -1;
}
const uint16_t len = forward_chain_packet_size(chain_length, data_length);
VLA(uint8_t, packet, len);
return create_forward_chain_packet(chain_keys, chain_length, data, data_length, packet)
&& send_forward_request_tcp(logger, tcp_c->tcp_connections[index].connection, dht_node, packet, len) == 1 ? 0 : -1;
}
/** @brief Send an oob packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -486,6 +556,15 @@ void set_onion_packet_tcp_connection_callback(TCP_Connections *tcp_c, tcp_onion_
tcp_c->tcp_onion_callback_object = object;
}
/** @brief Set the callback for TCP forwarding packets. */
void set_forwarding_packet_tcp_connection_callback(TCP_Connections *tcp_c,
forwarded_response_cb *tcp_forwarded_response_callback,
void *object)
{
tcp_c->tcp_forwarded_response_callback = tcp_forwarded_response_callback;
tcp_c->tcp_forwarded_response_callback_object = object;
}
/** @brief Encode tcp_connections_number as a custom ip_port.
*
* return ip_port.
@ -503,7 +582,6 @@ IP_Port tcp_connections_number_to_ip_port(unsigned int tcp_connections_number)
* return true on success.
* return false if ip_port is invalid.
*/
non_null()
bool ip_port_to_tcp_connections_number(const IP_Port *ip_port, unsigned int *tcp_connections_number)
{
*tcp_connections_number = ip_port->ip.ip.v6.uint32[0];
@ -1119,6 +1197,16 @@ static int tcp_onion_callback(void *object, const uint8_t *data, uint16_t length
return 0;
}
non_null()
static void tcp_forwarding_callback(void *object, const uint8_t *data, uint16_t length, void *userdata)
{
TCP_Connections *tcp_c = (TCP_Connections *)object;
if (tcp_c->tcp_forwarded_response_callback != nullptr) {
tcp_c->tcp_forwarded_response_callback(tcp_c->tcp_forwarded_response_callback_object, data, length, userdata);
}
}
/** @brief Set callbacks for the TCP relay connection.
*
* return 0 on success.
@ -1138,6 +1226,7 @@ static int tcp_relay_set_callbacks(TCP_Connections *tcp_c, int tcp_connections_n
tcp_con_set_custom_object(con, tcp_c);
tcp_con_set_custom_uint(con, tcp_connections_number);
onion_response_handler(con, &tcp_onion_callback, tcp_c);
forwarding_handler(con, &tcp_forwarding_callback, tcp_c);
routing_response_handler(con, &tcp_response_callback, con);
routing_status_handler(con, &tcp_status_callback, con);
routing_data_handler(con, &tcp_conn_data_callback, con);

29
toxcore/TCP_connection.h
View File

@ -102,6 +102,14 @@ int send_packet_tcp_connection(const TCP_Connections *tcp_c, int connections_num
non_null()
int get_random_tcp_onion_conn_number(const TCP_Connections *tcp_c);
/** @brief Put IP_Port of a random onion TCP connection in ip_port.
*
* return true on success.
* return false on failure.
*/
non_null()
bool tcp_get_random_conn_ip_port(const TCP_Connections *tcp_c, IP_Port *ip_port);
/** @brief Send an onion packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -121,6 +129,20 @@ int tcp_send_onion_request(TCP_Connections *tcp_c, unsigned int tcp_connections_
non_null()
int set_tcp_onion_status(TCP_Connections *tcp_c, bool status);
/**
* Send a forward request to the TCP relay with IP_Port tcp_forwarder,
* requesting to forward data via a chain of dht nodes starting with dht_node.
* A chain_length of 0 means that dht_node is the final destination of data.
*
* return 0 on success.
* return -1 on failure.
*/
non_null()
int tcp_send_forward_request(const Logger *logger, TCP_Connections *tcp_c, const IP_Port *tcp_forwarder,
const IP_Port *dht_node,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length);
/** @brief Send an oob packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -146,6 +168,13 @@ typedef int tcp_onion_cb(void *object, const uint8_t *data, uint16_t length, voi
non_null(1) nullable(2, 3)
void set_onion_packet_tcp_connection_callback(TCP_Connections *tcp_c, tcp_onion_cb *tcp_onion_callback, void *object);
/** @brief Set the callback for TCP forwarding packets. */
non_null(1) nullable(2, 3)
void set_forwarding_packet_tcp_connection_callback(TCP_Connections *tcp_c,
forwarded_response_cb *tcp_forwarded_response_callback,
void *object);
typedef int tcp_oob_cb(void *object, const uint8_t *public_key, unsigned int tcp_connections_number,
const uint8_t *data, uint16_t length, void *userdata);

99
toxcore/TCP_server.c
View File

@ -61,6 +61,7 @@ struct TCP_Server {
const Random *rng;
const Network *ns;
Onion *onion;
Forwarding *forwarding;
#ifdef TCP_SERVER_USE_EPOLL
int efd;
@ -566,9 +567,9 @@ static int rm_connection_index(TCP_Server *tcp_server, TCP_Secure_Connection *co
return -1;
}
/* Encode con_id and identifier as a custom IP_Port.
/** @brief Encode con_id and identifier as a custom IP_Port.
*
* return ip_port.
* @return ip_port.
*/
static IP_Port con_id_to_ip_port(uint32_t con_id, uint64_t identifier)
{
@ -580,19 +581,19 @@ static IP_Port con_id_to_ip_port(uint32_t con_id, uint64_t identifier)
}
/* Decode ip_port created by con_id_to_ip_port to con_id.
/** @brief Decode ip_port created by con_id_to_ip_port to con_id.
*
* return true on success.
* return false if ip_port is invalid.
* @retval true on success.
* @retval false if ip_port is invalid.
*/
non_null()
static bool ip_port_to_con_id(const TCP_Server *tcp_server, const IP_Port *ip_port, uint32_t *con_id)
{
*con_id = ip_port->ip.ip.v6.uint32[0];
return (net_family_is_tcp_client(ip_port->ip.family) &&
*con_id < tcp_server->size_accepted_connections &&
tcp_server->accepted_connection_array[*con_id].identifier == ip_port->ip.ip.v6.uint64[1]);
return net_family_is_tcp_client(ip_port->ip.family) &&
*con_id < tcp_server->size_accepted_connections &&
tcp_server->accepted_connection_array[*con_id].identifier == ip_port->ip.ip.v6.uint64[1];
}
non_null()
@ -618,6 +619,42 @@ static int handle_onion_recv_1(void *object, const IP_Port *dest, const uint8_t
return 0;
}
non_null()
static bool handle_forward_reply_tcp(void *object, const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *data, uint16_t length)
{
TCP_Server *tcp_server = (TCP_Server *)object;
if (sendback_data_len != 1 + sizeof(uint32_t) + sizeof(uint64_t)) {
return false;
}
if (*sendback_data != SENDBACK_TCP) {
return false;
}
uint32_t con_id;
uint64_t identifier;
net_unpack_u32(sendback_data + 1, &con_id);
net_unpack_u64(sendback_data + 1 + sizeof(uint32_t), &identifier);
if (con_id >= tcp_server->size_accepted_connections) {
return false;
}
TCP_Secure_Connection *con = &tcp_server->accepted_connection_array[con_id];
if (con->identifier != identifier) {
return false;
}
VLA(uint8_t, packet, 1 + length);
memcpy(packet + 1, data, length);
packet[0] = TCP_PACKET_FORWARDING;
return write_packet_TCP_secure_connection(tcp_server->logger, &con->con, packet, SIZEOF_VLA(packet), false) == 1;
}
/**
* @retval 0 on success
* @retval -1 on failure
@ -726,6 +763,39 @@ static int handle_TCP_packet(TCP_Server *tcp_server, uint32_t con_id, const uint
return -1;
}
case TCP_PACKET_FORWARD_REQUEST: {
if (tcp_server->forwarding == nullptr) {
return -1;
}
const uint16_t sendback_data_len = 1 + sizeof(uint32_t) + sizeof(uint64_t);
uint8_t sendback_data[1 + sizeof(uint32_t) + sizeof(uint64_t)];
sendback_data[0] = SENDBACK_TCP;
net_pack_u32(sendback_data + 1, con_id);
net_pack_u64(sendback_data + 1 + sizeof(uint32_t), con->identifier);
IP_Port dest;
const int ipport_length = unpack_ip_port(&dest, data + 1, length - 1, false);
if (ipport_length == -1) {
return -1;
}
const uint8_t *const forward_data = data + (1 + ipport_length);
const uint16_t forward_data_len = length - (1 + ipport_length);
if (forward_data_len > MAX_FORWARD_DATA_SIZE) {
return -1;
}
send_forwarding(tcp_server->forwarding, &dest, sendback_data, sendback_data_len, forward_data, forward_data_len);
return 0;
}
case TCP_PACKET_FORWARDING: {
return -1;
}
default: {
if (data[0] < NUM_RESERVED_PORTS) {
return -1;
@ -866,8 +936,8 @@ static Socket new_listening_TCP_socket(const Logger *logger, const Network *ns,
}
TCP_Server *new_TCP_server(const Logger *logger, const Random *rng, const Network *ns,
bool ipv6_enabled, uint16_t num_sockets, const uint16_t *ports,
const uint8_t *secret_key, Onion *onion)
bool ipv6_enabled, uint16_t num_sockets,
const uint16_t *ports, const uint8_t *secret_key, Onion *onion, Forwarding *forwarding)
{
if (num_sockets == 0 || ports == nullptr) {
LOGGER_ERROR(logger, "no sockets");
@ -946,6 +1016,11 @@ TCP_Server *new_TCP_server(const Logger *logger, const Random *rng, const Networ
set_callback_handle_recv_1(onion, &handle_onion_recv_1, temp);
}
if (forwarding != nullptr) {
temp->forwarding = forwarding;
set_callback_forward_reply(forwarding, &handle_forward_reply_tcp, temp);
}
memcpy(temp->secret_key, secret_key, CRYPTO_SECRET_KEY_SIZE);
crypto_derive_public_key(temp->public_key, temp->secret_key);
@ -1309,6 +1384,10 @@ void kill_TCP_server(TCP_Server *tcp_server)
set_callback_handle_recv_1(tcp_server->onion, nullptr, nullptr);
}
if (tcp_server->forwarding != nullptr) {
set_callback_forward_reply(tcp_server->forwarding, nullptr, nullptr);
}
bs_list_free(&tcp_server->accepted_key_list);
#ifdef TCP_SERVER_USE_EPOLL

5
toxcore/TCP_server.h
View File

@ -10,6 +10,7 @@
#define C_TOXCORE_TOXCORE_TCP_SERVER_H
#include "crypto_core.h"
#include "forwarding.h"
#include "onion.h"
#define MAX_INCOMING_CONNECTIONS 256
@ -33,10 +34,10 @@ non_null()
size_t tcp_server_listen_count(const TCP_Server *tcp_server);
/** Create new TCP server instance. */
non_null(1, 2, 3, 6, 7) nullable(8)
non_null(1, 2, 3, 6, 7) nullable(8, 9)
TCP_Server *new_TCP_server(const Logger *logger, const Random *rng, const Network *ns,
bool ipv6_enabled, uint16_t num_sockets, const uint16_t *ports,
const uint8_t *secret_key, Onion *onion);
const uint8_t *secret_key, Onion *onion, Forwarding *forwarding);
/** Run the TCP_server */
non_null()

689
toxcore/announce.c Normal file
View File

@ -0,0 +1,689 @@
/* SPDX-License-Identifier: GPL-3.0-or-later
* Copyright © 2020-2021 The TokTok team.
*/
/**
* "Server side" of the DHT announcements protocol.
*/
#include "announce.h"
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include "LAN_discovery.h"
#include "ccompat.h"
#include "timed_auth.h"
#include "util.h"
uint8_t response_of_request_type(uint8_t request_type)
{
switch (request_type) {
case NET_PACKET_DATA_SEARCH_REQUEST:
return NET_PACKET_DATA_SEARCH_RESPONSE;
case NET_PACKET_DATA_RETRIEVE_REQUEST:
return NET_PACKET_DATA_RETRIEVE_RESPONSE;
case NET_PACKET_STORE_ANNOUNCE_REQUEST:
return NET_PACKET_STORE_ANNOUNCE_RESPONSE;
default: {
assert(false);
return NET_PACKET_MAX;
}
}
}
typedef struct Announce_Entry {
uint64_t store_until;
uint8_t data_public_key[CRYPTO_PUBLIC_KEY_SIZE];
uint8_t *data;
uint32_t length;
} Announce_Entry;
struct Announcements {
const Logger *log;
const Random *rng;
Forwarding *forwarding;
const Mono_Time *mono_time;
DHT *dht;
Networking_Core *net;
const uint8_t *public_key;
const uint8_t *secret_key;
Shared_Keys shared_keys;
uint8_t hmac_key[CRYPTO_HMAC_KEY_SIZE];
int32_t synch_offset;
uint64_t start_time;
Announce_Entry entries[ANNOUNCE_BUCKETS * ANNOUNCE_BUCKET_SIZE];
};
void set_synch_offset(Announcements *announce, int32_t synch_offset)
{
announce->synch_offset = synch_offset;
}
/**
* An entry is considered to be "deleted" for the purposes of the protocol
* once it has timed out.
*/
non_null()
static bool entry_is_empty(const Announcements *announce, const Announce_Entry *entry)
{
return mono_time_get(announce->mono_time) >= entry->store_until;
}
non_null()
static void delete_entry(Announce_Entry *entry)
{
entry->store_until = 0;
}
/** Return bits (at most 8) from pk starting at index as uint8_t */
non_null()
static uint8_t truncate_pk_at_index(const uint8_t *pk, uint16_t index, uint16_t bits)
{
assert(bits < 8);
const uint8_t i = index / 8;
const uint8_t j = index % 8;
return ((uint8_t)((i < CRYPTO_PUBLIC_KEY_SIZE ? pk[i] : 0) << j) >> (8 - bits)) |
((i + 1 < CRYPTO_PUBLIC_KEY_SIZE ? pk[i + 1] : 0) >> (16 - bits - j));
}
uint16_t get_bucketnum(const uint8_t *base, const uint8_t *pk)
{
const uint16_t index = bit_by_bit_cmp(base, pk);
return truncate_pk_at_index(base, index + 1, ANNOUNCE_BUCKET_PREFIX_LENGTH) ^
truncate_pk_at_index(pk, index + 1, ANNOUNCE_BUCKET_PREFIX_LENGTH);
}
non_null()
static Announce_Entry *bucket_of_key(Announcements *announce, const uint8_t *pk)
{
return &announce->entries[get_bucketnum(announce->public_key, pk) * ANNOUNCE_BUCKET_SIZE];
}
non_null()
static Announce_Entry *get_stored(Announcements *announce, const uint8_t *data_public_key)
{
Announce_Entry *const bucket = bucket_of_key(announce, data_public_key);
for (uint32_t i = 0; i < ANNOUNCE_BUCKET_SIZE; ++i) {
if (pk_equal(bucket[i].data_public_key, data_public_key)) {
if (entry_is_empty(announce, &bucket[i])) {
break;
}
return &bucket[i];
}
}
return nullptr;
}
non_null()
static const Announce_Entry *bucket_of_key_const(const Announcements *announce, const uint8_t *pk)
{
return &announce->entries[get_bucketnum(announce->public_key, pk) * ANNOUNCE_BUCKET_SIZE];
}
non_null()
static const Announce_Entry *get_stored_const(const Announcements *announce, const uint8_t *data_public_key)
{
const Announce_Entry *const bucket = bucket_of_key_const(announce, data_public_key);
for (uint32_t i = 0; i < ANNOUNCE_BUCKET_SIZE; ++i) {
if (pk_equal(bucket[i].data_public_key, data_public_key)) {
if (entry_is_empty(announce, &bucket[i])) {
break;
}
return &bucket[i];
}
}
return nullptr;
}
bool on_stored(const Announcements *announce, const uint8_t *data_public_key,
on_retrieve_cb *on_retrieve_callback, void *object)
{
const Announce_Entry *const entry = get_stored_const(announce, data_public_key);
if (entry == nullptr || entry->data == nullptr) {
return false;
}
if (on_retrieve_callback != nullptr) {
on_retrieve_callback(object, entry->data, entry->length);
}
return true;
}
/**
* Return existing entry for this key if it exists, else an empty
* slot in the key's bucket if one exists, else an entry in the key's bucket
* of greatest 2-adic distance greater than that of the key bucket if one
* exists, else nullptr.
*/
non_null()
static Announce_Entry *find_entry_slot(Announcements *announce, const uint8_t *data_public_key)
{
Announce_Entry *const bucket = bucket_of_key(announce, data_public_key);
Announce_Entry *slot = nullptr;
uint16_t min_index = bit_by_bit_cmp(announce->public_key, data_public_key);
for (uint32_t i = 0; i < ANNOUNCE_BUCKET_SIZE; ++i) {
if (pk_equal(bucket[i].data_public_key, data_public_key)) {
return &bucket[i];
}
if (entry_is_empty(announce, &bucket[i])) {
slot = &bucket[i];
min_index = 0;
continue;
}
const uint16_t index = bit_by_bit_cmp(announce->public_key, bucket[i].data_public_key);
if (index < min_index) {
slot = &bucket[i];
min_index = index;
}
}
return slot;
}
non_null()
static bool would_accept_store_request(Announcements *announce, const uint8_t *data_public_key)
{
return find_entry_slot(announce, data_public_key) != nullptr;
}
bool store_data(Announcements *announce, const uint8_t *data_public_key,
const uint8_t *data, uint32_t length, uint32_t timeout)
{
if (length > MAX_ANNOUNCEMENT_SIZE) {
return false;
}
Announce_Entry *entry = find_entry_slot(announce, data_public_key);
if (entry == nullptr) {
return false;
}
if (length > 0) {
assert(data != nullptr);
if (entry->data != nullptr) {
free(entry->data);
}
entry->data = (uint8_t *)malloc(length);
if (entry->data == nullptr) {
return false;
}
memcpy(entry->data, data, length);
}
entry->length = length;
memcpy(entry->data_public_key, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
entry->store_until = mono_time_get(announce->mono_time) + timeout;
return true;
}
non_null()
static uint32_t calculate_timeout(const Announcements *announce, uint32_t requested_timeout)
{
const uint64_t uptime = mono_time_get(announce->mono_time) - announce->start_time;
const uint32_t max_announcement_timeout = max_u32(
(uint32_t)min_u64(
MAX_MAX_ANNOUNCEMENT_TIMEOUT,
uptime / MAX_ANNOUNCEMENT_TIMEOUT_UPTIME_RATIO),
MIN_MAX_ANNOUNCEMENT_TIMEOUT);
return min_u32(max_announcement_timeout, requested_timeout);
}
#define DATA_SEARCH_TO_AUTH_MAX_SIZE (CRYPTO_PUBLIC_KEY_SIZE * 2 + MAX_PACKED_IPPORT_SIZE + MAX_SENDBACK_SIZE)
non_null(1, 2, 3, 4, 7) nullable(5)
static int create_data_search_to_auth(const Logger *logger, const uint8_t *data_public_key,
const uint8_t *requester_key,
const IP_Port *source, const uint8_t *sendback, uint16_t sendback_length,
uint8_t *dest, uint16_t max_length)
{
if (max_length < DATA_SEARCH_TO_AUTH_MAX_SIZE
|| sendback_length > MAX_SENDBACK_SIZE) {
return -1;
}
memcpy(dest, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
memcpy(dest + CRYPTO_PUBLIC_KEY_SIZE, requester_key, CRYPTO_PUBLIC_KEY_SIZE);
const int ipport_length = pack_ip_port(logger, dest + CRYPTO_PUBLIC_KEY_SIZE * 2, MAX_PACKED_IPPORT_SIZE, source);
if (ipport_length == -1) {
return -1;
}
if (sendback_length > 0) {
assert(sendback != nullptr);
memcpy(dest + CRYPTO_PUBLIC_KEY_SIZE * 2 + ipport_length, sendback, sendback_length);
}
return CRYPTO_PUBLIC_KEY_SIZE * 2 + ipport_length + sendback_length;
}
#define DATA_SEARCH_TIMEOUT 60
non_null()
static int create_reply_plain_data_search_request(Announcements *announce,
const IP_Port *source,
const uint8_t *data, uint16_t length,
uint8_t *reply, uint16_t reply_max_length,
uint8_t *to_auth, uint16_t to_auth_length)
{
if (length != CRYPTO_PUBLIC_KEY_SIZE &&
length != CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA256_SIZE) {
return -1;
}
const uint8_t *const data_public_key = data;
const uint8_t *previous_hash = nullptr;
if (length == CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA256_SIZE) {
previous_hash = data + CRYPTO_PUBLIC_KEY_SIZE;
}
const int nodes_max_length = (int)reply_max_length -
(CRYPTO_PUBLIC_KEY_SIZE + 1 + CRYPTO_SHA256_SIZE + TIMED_AUTH_SIZE + 1 + 1);
if (nodes_max_length < 0) {
return -1;
}
uint8_t *p = reply;
memcpy(p, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
p += CRYPTO_PUBLIC_KEY_SIZE;
const Announce_Entry *const stored = get_stored_const(announce, data_public_key);
if (stored == nullptr) {
*p = 0;
++p;
} else {
*p = 1;
++p;
crypto_sha256(p, stored->data, stored->length);
p += CRYPTO_SHA256_SIZE;
}
generate_timed_auth(announce->mono_time, DATA_SEARCH_TIMEOUT, announce->hmac_key,
to_auth, to_auth_length, p);
p += TIMED_AUTH_SIZE;
*p = would_accept_store_request(announce, data_public_key);
++p;
Node_format nodes_list[MAX_SENT_NODES];
const int num_nodes = get_close_nodes(announce->dht, data_public_key, nodes_list,
net_family_unspec, ip_is_lan(&source->ip), true);
if (num_nodes < 0 || num_nodes > MAX_SENT_NODES) {
return -1;
}
*p = num_nodes;
++p;
p += pack_nodes(announce->log, p, nodes_max_length, nodes_list, num_nodes);
const uint32_t reply_len = p - reply;
if (previous_hash != nullptr) {
uint8_t hash[CRYPTO_SHA256_SIZE];
crypto_sha256(hash, reply, reply_len);
if (crypto_sha256_eq(hash, previous_hash)) {
return CRYPTO_PUBLIC_KEY_SIZE;
}
}
return reply_len;
}
non_null()
static int create_reply_plain_data_retrieve_request(Announcements *announce,
const IP_Port *source,
const uint8_t *data, uint16_t length,
uint8_t *reply, uint16_t reply_max_length,
uint8_t *to_auth, uint16_t to_auth_length)
{
if (length != CRYPTO_PUBLIC_KEY_SIZE + 1 + TIMED_AUTH_SIZE) {
return -1;
}
if (data[CRYPTO_PUBLIC_KEY_SIZE] != 0) {
return -1;
}
const uint8_t *const data_public_key = data;
const uint8_t *const auth = data + CRYPTO_PUBLIC_KEY_SIZE + 1;
if (!check_timed_auth(announce->mono_time, DATA_SEARCH_TIMEOUT, announce->hmac_key,
to_auth, to_auth_length, auth)) {
return -1;
}
const Announce_Entry *const entry = get_stored_const(announce, data_public_key);
if (entry == nullptr) {
return -1;
}
const uint16_t reply_len = CRYPTO_PUBLIC_KEY_SIZE + 1 + entry->length;
if (reply_max_length < reply_len) {
return -1;
}
memcpy(reply, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
reply[CRYPTO_PUBLIC_KEY_SIZE] = 1;
memcpy(reply + CRYPTO_PUBLIC_KEY_SIZE + 1, entry->data, entry->length);
return reply_len;
}
non_null()
static int create_reply_plain_store_announce_request(Announcements *announce,
const IP_Port *source,
const uint8_t *data, uint16_t length,
uint8_t *reply, uint16_t reply_max_length,
uint8_t *to_auth, uint16_t to_auth_length)
{
const int plain_len = (int)length - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE);
const int announcement_len = (int)plain_len - (TIMED_AUTH_SIZE + sizeof(uint32_t) + 1);
const uint8_t *const data_public_key = data;
if (announcement_len < 0) {
return -1;
}
VLA(uint8_t, plain, plain_len);
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
get_shared_key(announce->mono_time, &announce->shared_keys, shared_key,
announce->secret_key, data_public_key);
if (decrypt_data_symmetric(shared_key,
data + CRYPTO_PUBLIC_KEY_SIZE,
data + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
plain_len + CRYPTO_MAC_SIZE,
plain) != plain_len) {
return -1;
}
const uint8_t *const auth = plain;
uint32_t requested_timeout;
net_unpack_u32(plain + TIMED_AUTH_SIZE, &requested_timeout);
const uint32_t timeout = calculate_timeout(announce, requested_timeout);
const uint8_t announcement_type = plain[TIMED_AUTH_SIZE + sizeof(uint32_t)];
const uint8_t *announcement = plain + TIMED_AUTH_SIZE + sizeof(uint32_t) + 1;
if (!check_timed_auth(announce->mono_time, DATA_SEARCH_TIMEOUT, announce->hmac_key,
to_auth, to_auth_length, auth)) {
return -1;
}
if (announcement_type > 1) {
return -1;
}
if (announcement_type == 1) {
if (announcement_len != CRYPTO_SHA256_SIZE) {
return -1;
}
Announce_Entry *stored = get_stored(announce, data_public_key);
if (stored == nullptr) {
return -1;
}
uint8_t stored_hash[CRYPTO_SHA256_SIZE];
crypto_sha256(stored_hash, stored->data, stored->length);
if (!crypto_sha256_eq(announcement, stored_hash)) {
delete_entry(stored);
return -1;
} else {
stored->store_until = mono_time_get(announce->mono_time) + timeout;
}
} else {
if (!store_data(announce, data_public_key, announcement, announcement_len, timeout)) {
return -1;
}
}
const uint16_t reply_len = CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t) + sizeof(uint64_t);
if (reply_max_length < reply_len) {
return -1;
}
memcpy(reply, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
net_pack_u32(reply + CRYPTO_PUBLIC_KEY_SIZE, timeout);
net_pack_u64(reply + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t),
mono_time_get(announce->mono_time) + announce->synch_offset);
return reply_len;
}
non_null(1, 2, 3, 7, 9) nullable(5)
static int create_reply_plain(Announcements *announce,
const uint8_t *requester_key, const IP_Port *source, uint8_t type,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length,
uint8_t *reply, uint16_t reply_max_length)
{
if (length < CRYPTO_PUBLIC_KEY_SIZE) {
return -1;
}
const uint8_t *const data_public_key = data;
uint8_t to_auth[DATA_SEARCH_TO_AUTH_MAX_SIZE];
const int to_auth_length = create_data_search_to_auth(announce->log, data_public_key, requester_key, source,
sendback, sendback_length, to_auth, DATA_SEARCH_TO_AUTH_MAX_SIZE);
if (to_auth_length == -1) {
return -1;
}
switch (type) {
case NET_PACKET_DATA_SEARCH_REQUEST:
return create_reply_plain_data_search_request(announce, source, data, length, reply, reply_max_length, to_auth,
(uint16_t)to_auth_length);
case NET_PACKET_DATA_RETRIEVE_REQUEST:
return create_reply_plain_data_retrieve_request(announce, source, data, length, reply, reply_max_length, to_auth,
(uint16_t)to_auth_length);
case NET_PACKET_STORE_ANNOUNCE_REQUEST:
return create_reply_plain_store_announce_request(announce, source, data, length, reply, reply_max_length, to_auth,
(uint16_t)to_auth_length);
default:
return -1;
}
}
non_null(1, 2, 5, 7) nullable(3)
static int create_reply(Announcements *announce, const IP_Port *source,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length,
uint8_t *reply, uint16_t reply_max_length)
{
const int plain_len = (int)length - (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE);
if (plain_len < sizeof(uint64_t)) {
return -1;
}
VLA(uint8_t, plain, plain_len);
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
dht_get_shared_key_recv(announce->dht, shared_key, data + 1);
if (decrypt_data_symmetric(shared_key,
data + 1 + CRYPTO_PUBLIC_KEY_SIZE,
data + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
plain_len + CRYPTO_MAC_SIZE,
plain) != plain_len) {
return -1;
}
const int plain_reply_max_len = (int)reply_max_length -
(1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE);
if (plain_reply_max_len < sizeof(uint64_t)) {
return -1;
}
VLA(uint8_t, plain_reply, plain_reply_max_len);
const int plain_reply_noping_len = create_reply_plain(announce,
data + 1, source, data[0],
sendback, sendback_length,
plain, plain_len - sizeof(uint64_t),
plain_reply, plain_reply_max_len - sizeof(uint64_t));
if (plain_reply_noping_len == -1) {
return -1;
}
memcpy(plain_reply + plain_reply_noping_len,
plain + (plain_len - sizeof(uint64_t)), sizeof(uint64_t));
const uint16_t plain_reply_len = plain_reply_noping_len + sizeof(uint64_t);
const uint8_t response_type = response_of_request_type(data[0]);
return dht_create_packet(announce->rng, announce->public_key, shared_key, response_type,
plain_reply, plain_reply_len, reply, reply_max_length);
}
non_null(1, 2, 3, 5) nullable(7)
static void forwarded_request_callback(void *object, const IP_Port *forwarder,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length, void *userdata)
{
Announcements *announce = (Announcements *) object;
uint8_t reply[MAX_FORWARD_DATA_SIZE];
const int len = create_reply(announce, forwarder,
sendback, sendback_length,
data, length, reply, sizeof(reply));
if (len == -1) {
return;
}
forward_reply(announce->net, forwarder, sendback, sendback_length, reply, len);
}
non_null(1, 2, 3) nullable(5)
static int handle_dht_announce_request(void *object, const IP_Port *source,
const uint8_t *data, uint16_t length, void *userdata)
{
Announcements *announce = (Announcements *) object;
uint8_t reply[MAX_FORWARD_DATA_SIZE];
const int len = create_reply(announce, source,
nullptr, 0,
data, length, reply, sizeof(reply));
if (len == -1) {
return -1;
}
return sendpacket(announce->net, source, reply, len) == len ? 0 : -1;
}
Announcements *new_announcements(const Logger *log, const Random *rng, const Mono_Time *mono_time,
Forwarding *forwarding)
{
if (log == nullptr || mono_time == nullptr || forwarding == nullptr) {
return nullptr;
}
Announcements *announce = (Announcements *)calloc(1, sizeof(Announcements));
if (announce == nullptr) {
return nullptr;
}
announce->log = log;
announce->rng = rng;
announce->forwarding = forwarding;
announce->mono_time = mono_time;
announce->dht = forwarding_get_dht(forwarding);
announce->net = dht_get_net(announce->dht);
announce->public_key = dht_get_self_public_key(announce->dht);
announce->secret_key = dht_get_self_secret_key(announce->dht);
new_hmac_key(announce->rng, announce->hmac_key);
announce->start_time = mono_time_get(announce->mono_time);
set_callback_forwarded_request(forwarding, forwarded_request_callback, announce);
networking_registerhandler(announce->net, NET_PACKET_DATA_SEARCH_REQUEST, handle_dht_announce_request, announce);
networking_registerhandler(announce->net, NET_PACKET_DATA_RETRIEVE_REQUEST, handle_dht_announce_request, announce);
networking_registerhandler(announce->net, NET_PACKET_STORE_ANNOUNCE_REQUEST, handle_dht_announce_request, announce);
return announce;
}
void kill_announcements(Announcements *announce)
{
if (announce == nullptr) {
return;
}
set_callback_forwarded_request(announce->forwarding, nullptr, nullptr);
networking_registerhandler(announce->net, NET_PACKET_DATA_SEARCH_REQUEST, nullptr, nullptr);
networking_registerhandler(announce->net, NET_PACKET_DATA_RETRIEVE_REQUEST, nullptr, nullptr);
networking_registerhandler(announce->net, NET_PACKET_STORE_ANNOUNCE_REQUEST, nullptr, nullptr);
crypto_memzero(announce->hmac_key, CRYPTO_HMAC_KEY_SIZE);
crypto_memzero(&announce->shared_keys, sizeof(Shared_Keys));
for (uint32_t i = 0; i < ANNOUNCE_BUCKETS * ANNOUNCE_BUCKET_SIZE; ++i) {
if (announce->entries[i].data != nullptr) {
free(announce->entries[i].data);
}
}
free(announce);
}

67
toxcore/announce.h Normal file
View File

@ -0,0 +1,67 @@
/* SPDX-License-Identifier: GPL-3.0-or-later
* Copyright © 2020-2021 The TokTok team.
*/
#ifndef C_TOXCORE_TOXCORE_ANNOUNCE_H
#define C_TOXCORE_TOXCORE_ANNOUNCE_H
#include "forwarding.h"
#define MAX_ANNOUNCEMENT_SIZE 512
typedef void on_retrieve_cb(void *object, const uint8_t *data, uint16_t length);
uint8_t response_of_request_type(uint8_t request_type);
typedef struct Announcements Announcements;
non_null()
Announcements *new_announcements(const Logger *log, const Random *rng, const Mono_Time *mono_time, Forwarding *forwarding);
/**
* @brief If data is stored, run `on_retrieve_callback` on it.
*
* @return true if data is stored, false otherwise.
*/
non_null(1, 2) nullable(3, 4)
bool on_stored(const Announcements *announce, const uint8_t *data_public_key,
on_retrieve_cb *on_retrieve_callback, void *object);
non_null()
void set_synch_offset(Announcements *announce, int32_t synch_offset);
nullable(1)
void kill_announcements(Announcements *announce);
/* The declarations below are not public, they are exposed only for tests. */
/** @private
* Return xor of first ANNOUNCE_BUCKET_PREFIX_LENGTH bits from one bit after
* base and pk first differ
*/
non_null()
uint16_t get_bucketnum(const uint8_t *base, const uint8_t *pk);
/** @private */
non_null(1, 2) nullable(3)
bool store_data(Announcements *announce, const uint8_t *data_public_key,
const uint8_t *data, uint32_t length, uint32_t timeout);
/** @private */
#define MAX_MAX_ANNOUNCEMENT_TIMEOUT 900
#define MIN_MAX_ANNOUNCEMENT_TIMEOUT 10
#define MAX_ANNOUNCEMENT_TIMEOUT_UPTIME_RATIO 4
/** @private
* For efficient lookup and updating, entries are stored as a hash table keyed
* to the first ANNOUNCE_BUCKET_PREFIX_LENGTH bits starting from one bit after
* the first bit in which data public key first differs from the dht key, with
* (2-adically) closest keys preferentially stored within a given bucket. A
* given key appears at most once (even if timed out).
*/
#define ANNOUNCE_BUCKET_SIZE 8
#define ANNOUNCE_BUCKET_PREFIX_LENGTH 5
#define ANNOUNCE_BUCKETS 32 // ANNOUNCE_BUCKETS = 2 ** ANNOUNCE_BUCKET_PREFIX_LENGTH
#endif

7
toxcore/crypto_core.c
View File

@ -178,6 +178,11 @@ bool crypto_sha512_eq(const uint8_t *cksum1, const uint8_t *cksum2)
#endif
}
bool crypto_sha256_eq(const uint8_t *cksum1, const uint8_t *cksum2)
{
return crypto_verify_32(cksum1, cksum2) == 0;
}
uint8_t random_u08(const Random *rng)
{
uint8_t randnum;
@ -464,7 +469,7 @@ void crypto_hmac(uint8_t auth[CRYPTO_HMAC_SIZE], const uint8_t key[CRYPTO_HMAC_K
bool crypto_hmac_verify(const uint8_t auth[CRYPTO_HMAC_SIZE], const uint8_t key[CRYPTO_HMAC_KEY_SIZE],
const uint8_t *data, size_t length)
{
return (crypto_auth_verify(auth, data, length, key) == 0);
return crypto_auth_verify(auth, data, length, key) == 0;
}
void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length)

9
toxcore/crypto_core.h
View File

@ -193,6 +193,15 @@ bool public_key_eq(const uint8_t pk1[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t pk2[
non_null()
bool crypto_sha512_eq(const uint8_t *cksum1, const uint8_t *cksum2);
/**
* @brief Compare 2 SHA256 checksums of length CRYPTO_SHA256_SIZE, not vulnerable to
* timing attacks.
*
* @return true if both mem locations of length are equal, false if they are not.
*/
non_null()
bool crypto_sha256_eq(const uint8_t *cksum1, const uint8_t *cksum2);
/**
* @brief Return a random 8 bit integer.
*/

25
toxcore/crypto_core_test.cc
View File

@ -10,6 +10,8 @@
namespace {
using HmacKey = std::array<uint8_t, CRYPTO_HMAC_KEY_SIZE>;
using Hmac = std::array<uint8_t, CRYPTO_HMAC_SIZE>;
using ExtPublicKey = std::array<uint8_t, EXT_PUBLIC_KEY_SIZE>;
using ExtSecretKey = std::array<uint8_t, EXT_SECRET_KEY_SIZE>;
using Signature = std::array<uint8_t, CRYPTO_SIGNATURE_SIZE>;
@ -62,12 +64,33 @@ TEST(CryptoCore, Signatures)
// Try a few different sizes, including empty 0 length message.
for (uint8_t i = 0; i < 100; ++i) {
message.push_back(random_u08(rng));
Signature signature;
EXPECT_TRUE(crypto_signature_create(
signature.data(), message.data(), message.size(), get_sig_sk(sk.data())));
EXPECT_TRUE(crypto_signature_verify(
signature.data(), message.data(), message.size(), get_sig_pk(pk.data())));
message.push_back(random_u08(rng));
}
}
TEST(CryptoCore, Hmac)
{
const Random *rng = system_random();
ASSERT_NE(rng, nullptr);
HmacKey sk;
new_hmac_key(rng, sk.data());
std::vector<uint8_t> message;
// Try a few different sizes, including empty 0 length message.
for (uint8_t i = 0; i < 100; ++i) {
Hmac auth;
crypto_hmac(auth.data(), sk.data(), message.data(), message.size());
EXPECT_TRUE(crypto_hmac_verify(auth.data(), sk.data(), message.data(), message.size()));
message.push_back(random_u08(rng));
}
}

395
toxcore/forwarding.c Normal file
View File

@ -0,0 +1,395 @@
/* SPDX-License-Identifier: GPL-3.0-or-later
* Copyright © 2019-2022 The TokTok team.
*/
#include "forwarding.h"
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include "DHT.h"
#include "ccompat.h"
#include "timed_auth.h"
struct Forwarding {
const Logger *log;
const Random *rng;
DHT *dht;
const Mono_Time *mono_time;
Networking_Core *net;
uint8_t hmac_key[CRYPTO_HMAC_KEY_SIZE];
forward_reply_cb *forward_reply_callback;
void *forward_reply_callback_object;
forwarded_request_cb *forwarded_request_callback;
void *forwarded_request_callback_object;
forwarded_response_cb *forwarded_response_callback;
void *forwarded_response_callback_object;
};
DHT *forwarding_get_dht(Forwarding *forwarding)
{
return forwarding->dht;
}
#define SENDBACK_TIMEOUT 3600
bool send_forward_request(Networking_Core *net, const IP_Port *forwarder,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length)
{
if (chain_length == 0 || chain_length > MAX_FORWARD_CHAIN_LENGTH
|| data_length > MAX_FORWARD_DATA_SIZE) {
return false;
}
const uint16_t len = forward_chain_packet_size(chain_length, data_length);
VLA(uint8_t, packet, len);
return create_forward_chain_packet(chain_keys, chain_length, data, data_length, packet)
&& sendpacket(net, forwarder, packet, len) == len;
}
uint16_t forward_chain_packet_size(uint16_t chain_length, uint16_t data_length)
{
return chain_length * (1 + CRYPTO_PUBLIC_KEY_SIZE) + data_length;
}
bool create_forward_chain_packet(const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length,
uint8_t *packet)
{
if (chain_length == 0 || chain_length > MAX_FORWARD_CHAIN_LENGTH
|| data_length > MAX_FORWARD_DATA_SIZE) {
return false;
}
uint16_t offset = 0;
for (uint16_t j = 0; j < chain_length; ++j) {
packet[offset] = NET_PACKET_FORWARD_REQUEST;
++offset;
memcpy(packet + offset, chain_keys + j * CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE);
offset += CRYPTO_PUBLIC_KEY_SIZE;
}
memcpy(packet + offset, data, data_length);
return true;
}
non_null()
static uint16_t forwarding_packet_length(uint16_t sendback_data_len, uint16_t data_length)
{
const uint16_t sendback_len = sendback_data_len == 0 ? 0 : TIMED_AUTH_SIZE + sendback_data_len;
return 1 + 1 + sendback_len + data_length;
}
non_null(1, 4, 6) nullable(2)
static bool create_forwarding_packet(const Forwarding *forwarding,
const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *data, uint16_t length,
uint8_t *packet)
{
packet[0] = NET_PACKET_FORWARDING;
if (sendback_data_len == 0) {
packet[1] = 0;
memcpy(packet + 1 + 1, data, length);
} else {
const uint16_t sendback_len = TIMED_AUTH_SIZE + sendback_data_len;
if (sendback_len > MAX_SENDBACK_SIZE) {
return false;
}
packet[1] = sendback_len;
generate_timed_auth(forwarding->mono_time, SENDBACK_TIMEOUT, forwarding->hmac_key, sendback_data,
sendback_data_len, packet + 1 + 1);
if (sendback_data_len != 0) {
assert(sendback_data != nullptr);
memcpy(packet + 1 + 1 + TIMED_AUTH_SIZE, sendback_data, sendback_data_len);
}
memcpy(packet + 1 + 1 + sendback_len, data, length);
}
return true;
}
bool send_forwarding(const Forwarding *forwarding, const IP_Port *dest,
const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *data, uint16_t length)
{
if (length > MAX_FORWARD_DATA_SIZE) {
return false;
}
const uint16_t len = forwarding_packet_length(sendback_data_len, length);
VLA(uint8_t, packet, len);
create_forwarding_packet(forwarding, sendback_data, sendback_data_len, data, length, packet);
return sendpacket(forwarding->net, dest, packet, len) == len;
}
#define FORWARD_REQUEST_MIN_PACKET_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE)
non_null(1) nullable(2, 4)
static bool handle_forward_request_dht(const Forwarding *forwarding,
const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *packet, uint16_t length)
{
if (length < FORWARD_REQUEST_MIN_PACKET_SIZE) {
return false;
}
const uint8_t *const public_key = packet + 1;
const uint8_t *const forward_data = packet + (1 + CRYPTO_PUBLIC_KEY_SIZE);
const uint16_t forward_data_len = length - (1 + CRYPTO_PUBLIC_KEY_SIZE);
if (TIMED_AUTH_SIZE + sendback_data_len > MAX_SENDBACK_SIZE ||
forward_data_len > MAX_FORWARD_DATA_SIZE) {
return false;
}
const uint16_t len = forwarding_packet_length(sendback_data_len, forward_data_len);
VLA(uint8_t, forwarding_packet, len);
create_forwarding_packet(forwarding, sendback_data, sendback_data_len, forward_data, forward_data_len,
forwarding_packet);
return route_packet(forwarding->dht, public_key, forwarding_packet, len) == len;
}
non_null(1, 2) nullable(3, 5)
static int handle_forward_request(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
void *userdata)
{
const Forwarding *forwarding = (const Forwarding *)object;
uint8_t sendback_data[1 + MAX_PACKED_IPPORT_SIZE];
sendback_data[0] = SENDBACK_IPPORT;
const int ipport_length = pack_ip_port(forwarding->log, sendback_data + 1, MAX_PACKED_IPPORT_SIZE, source);
if (ipport_length == -1) {
return 1;
}
return handle_forward_request_dht(forwarding, sendback_data, 1 + ipport_length, packet, length) ? 0 : 1;
}
#define MIN_NONEMPTY_SENDBACK_SIZE TIMED_AUTH_SIZE
#define FORWARD_REPLY_MIN_PACKET_SIZE (1 + 1 + MIN_NONEMPTY_SENDBACK_SIZE)
non_null(1, 2) nullable(3, 5)
static int handle_forward_reply(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
void *userdata)
{
const Forwarding *forwarding = (const Forwarding *)object;
if (length < FORWARD_REPLY_MIN_PACKET_SIZE) {
return 1;
}
const uint8_t sendback_len = packet[1];
const uint8_t *const sendback_auth = packet + 1 + 1;
const uint8_t *const sendback_data = sendback_auth + TIMED_AUTH_SIZE;
if (sendback_len > MAX_SENDBACK_SIZE) {
/* value 0xff is reserved for possible future expansion */
return 1;
}
if (sendback_len < TIMED_AUTH_SIZE + 1) {
return 1;
}
const uint16_t sendback_data_len = sendback_len - TIMED_AUTH_SIZE;
if (length < 1 + 1 + sendback_len) {
return 1;
}
const uint8_t *const to_forward = packet + (1 + 1 + sendback_len);
const uint16_t to_forward_len = length - (1 + 1 + sendback_len);
if (!check_timed_auth(forwarding->mono_time, SENDBACK_TIMEOUT, forwarding->hmac_key, sendback_data, sendback_data_len,
sendback_auth)) {
return 1;
}
if (sendback_data[0] == SENDBACK_IPPORT) {
IP_Port dest;
if (unpack_ip_port(&dest, sendback_data + 1, sendback_data_len - 1, false)
!= sendback_data_len - 1) {
return 1;
}
return send_forwarding(forwarding, &dest, nullptr, 0, to_forward, to_forward_len) ? 0 : 1;
}
if (sendback_data[0] == SENDBACK_FORWARD) {
IP_Port forwarder;
const int ipport_length = unpack_ip_port(&forwarder, sendback_data + 1, sendback_data_len - 1, false);
if (ipport_length == -1) {
return 1;
}
const uint8_t *const forward_sendback = sendback_data + (1 + ipport_length);
const uint16_t forward_sendback_len = sendback_data_len - (1 + ipport_length);
return forward_reply(forwarding->net, &forwarder, forward_sendback, forward_sendback_len, to_forward,
to_forward_len) ? 0 : 1;
}
if (forwarding->forward_reply_callback == nullptr) {
return 1;
}
return forwarding->forward_reply_callback(forwarding->forward_reply_callback_object,
sendback_data, sendback_data_len,
to_forward, to_forward_len) ? 0 : 1;
}
#define FORWARDING_MIN_PACKET_SIZE (1 + 1)
non_null(1, 2) nullable(3, 5)
static int handle_forwarding(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
void *userdata)
{
const Forwarding *forwarding = (const Forwarding *)object;
if (length < FORWARDING_MIN_PACKET_SIZE) {
return 1;
}
const uint8_t sendback_len = packet[1];
if (length < 1 + 1 + sendback_len) {
return 1;
}
const uint8_t *const sendback = packet + 1 + 1;
const uint8_t *const forwarded = sendback + sendback_len;
const uint16_t forwarded_len = length - (1 + 1 + sendback_len);
if (forwarded_len >= 1 && forwarded[0] == NET_PACKET_FORWARD_REQUEST) {
VLA(uint8_t, sendback_data, 1 + MAX_PACKED_IPPORT_SIZE + sendback_len);
sendback_data[0] = SENDBACK_FORWARD;
const int ipport_length = pack_ip_port(forwarding->log, sendback_data + 1, MAX_PACKED_IPPORT_SIZE, source);
if (ipport_length == -1) {
return 1;
}
memcpy(sendback_data + 1 + ipport_length, sendback, sendback_len);
return handle_forward_request_dht(forwarding, sendback_data, 1 + ipport_length + sendback_len, forwarded,
forwarded_len) ? 0 : 1;
}
if (sendback_len > 0) {
if (forwarding->forwarded_request_callback == nullptr) {
return 1;
}
forwarding->forwarded_request_callback(forwarding->forwarded_request_callback_object,
source, sendback, sendback_len,
forwarded, forwarded_len, userdata);
return 0;
} else {
if (forwarding->forwarded_response_callback == nullptr) {
return 1;
}
forwarding->forwarded_response_callback(forwarding->forwarded_response_callback_object,
forwarded, forwarded_len, userdata);
return 0;
}
}
bool forward_reply(Networking_Core *net, const IP_Port *forwarder,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length)
{
if (sendback_length > MAX_SENDBACK_SIZE ||
length > MAX_FORWARD_DATA_SIZE) {
return false;
}
const uint16_t len = 1 + 1 + sendback_length + length;
VLA(uint8_t, packet, len);
packet[0] = NET_PACKET_FORWARD_REPLY;
packet[1] = (uint8_t) sendback_length;
memcpy(packet + 1 + 1, sendback, sendback_length);
memcpy(packet + 1 + 1 + sendback_length, data, length);
return sendpacket(net, forwarder, packet, len) == len;
}
void set_callback_forwarded_request(Forwarding *forwarding, forwarded_request_cb *function, void *object)
{
forwarding->forwarded_request_callback = function;
forwarding->forwarded_request_callback_object = object;
}
void set_callback_forwarded_response(Forwarding *forwarding, forwarded_response_cb *function, void *object)
{
forwarding->forwarded_response_callback = function;
forwarding->forwarded_response_callback_object = object;
}
void set_callback_forward_reply(Forwarding *forwarding, forward_reply_cb *function, void *object)
{
forwarding->forward_reply_callback = function;
forwarding->forward_reply_callback_object = object;
}
Forwarding *new_forwarding(const Logger *log, const Random *rng, const Mono_Time *mono_time, DHT *dht)
{
if (log == nullptr || mono_time == nullptr || dht == nullptr) {
return nullptr;
}
Forwarding *forwarding = (Forwarding *)calloc(1, sizeof(Forwarding));
if (forwarding == nullptr) {
return nullptr;
}
forwarding->log = log;
forwarding->rng = rng;
forwarding->mono_time = mono_time;
forwarding->dht = dht;
forwarding->net = dht_get_net(dht);
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REQUEST, &handle_forward_request, forwarding);
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REPLY, &handle_forward_reply, forwarding);
networking_registerhandler(forwarding->net, NET_PACKET_FORWARDING, &handle_forwarding, forwarding);
new_hmac_key(forwarding->rng, forwarding->hmac_key);
return forwarding;
}
void kill_forwarding(Forwarding *forwarding)
{
if (forwarding == nullptr) {
return;
}
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REQUEST, nullptr, nullptr);
networking_registerhandler(forwarding->net, NET_PACKET_FORWARD_REPLY, nullptr, nullptr);
networking_registerhandler(forwarding->net, NET_PACKET_FORWARDING, nullptr, nullptr);
crypto_memzero(forwarding->hmac_key, CRYPTO_HMAC_KEY_SIZE);
free(forwarding);
}

125
toxcore/forwarding.h Normal file
View File

@ -0,0 +1,125 @@
/* SPDX-License-Identifier: GPL-3.0-or-later
* Copyright © 2019-2022 The TokTok team.
*/
#ifndef C_TOXCORE_TOXCORE_FORWARDING_H
#define C_TOXCORE_TOXCORE_FORWARDING_H
#include "DHT.h"
#include "network.h"
#ifdef __cplusplus
extern "C" {
#endif
#define SENDBACK_IPPORT 0
#define SENDBACK_FORWARD 1
#define SENDBACK_TCP 2
#define MAX_SENDBACK_SIZE (0xff - 1)
#define MAX_FORWARD_DATA_SIZE (MAX_UDP_PACKET_SIZE - (1 + 1 + MAX_SENDBACK_SIZE))
#define MAX_FORWARD_CHAIN_LENGTH 4
#define MAX_PACKED_IPPORT_SIZE (1 + SIZE_IP6 + sizeof(uint16_t))
typedef struct Forwarding Forwarding;
non_null()
DHT *forwarding_get_dht(Forwarding *forwarding);
/**
* @brief Send data to forwarder for forwarding via chain of dht nodes.
* Destination is last key in the chain.
*
* @param data Must be of length at most MAX_FORWARD_DATA_SIZE.
* @param chain_length Number of intermediate nodes in chain.
* Must be at least 1 and at most MAX_FORWARD_CHAIN_LENGTH.
* @param chain_keys Public keys of chain nodes. Must be of length
* `chain_length * CRYPTO_PUBLIC_KEY_SIZE`.
*
* @return true on success, false otherwise.
*/
non_null()
bool send_forward_request(Networking_Core *net, const IP_Port *forwarder,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length);
/** Returns size of packet written by create_forward_chain_packet. */
uint16_t forward_chain_packet_size(uint16_t chain_length, uint16_t data_length);
/**
* @brief Create forward request packet for forwarding data via chain of dht nodes.
* Destination is last key in the chain.
*
* @param data Must be of length at most MAX_FORWARD_DATA_SIZE.
* @param chain_length Number of intermediate nodes in chain.
* Must be at least 1 and at most MAX_FORWARD_CHAIN_LENGTH.
* @param chain_keys Public keys of chain nodes. Must be of length
* `chain_length * CRYPTO_PUBLIC_KEY_SIZE`.
* @param packet Must be of size at least
* `forward_chain_packet_size(chain_length, data_length)` bytes.
*
* @return true on success, false otherwise.
*/
non_null()
bool create_forward_chain_packet(const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length,
uint8_t *packet);
/**
* @brief Send reply to forwarded packet via forwarder.
* @param sendback Must be of size at most MAX_SENDBACK_SIZE.
* @param data Must be of size at most MAX_FORWARD_DATA_SIZE.
*
* @return true on success, false otherwise.
*/
non_null()
bool forward_reply(Networking_Core *net, const IP_Port *forwarder,
const uint8_t *sendback, uint16_t sendback_length,
const uint8_t *data, uint16_t length);
/**
* @brief Set callback to handle a forwarded request.
* To reply to the packet, callback should use `forward_reply()` to send a reply
* forwarded via forwarder, passing the provided sendback.
*/
typedef void forwarded_request_cb(void *object, const IP_Port *forwarder, const uint8_t *sendback,
uint16_t sendback_length, const uint8_t *data,
uint16_t length, void *userdata);
non_null(1) nullable(2, 3)
void set_callback_forwarded_request(Forwarding *forwarding, forwarded_request_cb *function, void *object);
/** @brief Set callback to handle a forwarded response. */
typedef void forwarded_response_cb(void *object, const uint8_t *data, uint16_t length, void *userdata);
non_null(1) nullable(2, 3)
void set_callback_forwarded_response(Forwarding *forwarding, forwarded_response_cb *function, void *object);
/** @brief Send forwarding packet to dest with given sendback data and data. */
non_null(1, 2, 5) nullable(3)
bool send_forwarding(const Forwarding *forwarding, const IP_Port *dest,
const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *data, uint16_t length);
typedef bool forward_reply_cb(void *object, const uint8_t *sendback_data, uint16_t sendback_data_len,
const uint8_t *data, uint16_t length);
/**
* @brief Set callback to handle a forward reply with an otherwise unhandled
* sendback.
*/
non_null(1) nullable(2, 3)
void set_callback_forward_reply(Forwarding *forwarding, forward_reply_cb *function, void *object);
non_null()
Forwarding *new_forwarding(const Logger *log, const Random *rng, const Mono_Time *mono_time, DHT *dht);
nullable(1)
void kill_forwarding(Forwarding *forwarding);
#ifdef __cplusplus
} // extern "C"
#endif
#endif

50
toxcore/forwarding_fuzz_test.cc Normal file
View File

@ -0,0 +1,50 @@
#include "forwarding.h"
#include <cassert>
#include <memory>
#include "../testing/fuzzing/fuzz_support.h"
#include "../testing/fuzzing/fuzz_tox.h"
namespace {
void TestSendForwardRequest(Fuzz_Data &input)
{
const Network *ns = system_network(); // TODO(iphydf): fuzz_network
assert(ns != nullptr);
with<Logger>{} >> with<Networking_Core>{input, ns} >> [&input](Ptr<Networking_Core> net) {
with<IP_Port>{input} >> [net = std::move(net), &input](const IP_Port &forwarder) {
CONSUME1_OR_RETURN(const uint16_t chain_length, input);
const uint16_t chain_keys_size = chain_length * CRYPTO_PUBLIC_KEY_SIZE;
CONSUME_OR_RETURN(const uint8_t *chain_keys, input, chain_keys_size);
send_forward_request(
net.get(), &forwarder, chain_keys, chain_length, input.data, input.size);
};
};
}
void TestForwardReply(Fuzz_Data &input)
{
const Network *ns = system_network(); // TODO(iphydf): fuzz_network
assert(ns != nullptr);
with<Logger>{} >> with<Networking_Core>{input, ns} >> [&input](Ptr<Networking_Core> net) {
with<IP_Port>{input} >> [net = std::move(net), &input](const IP_Port &forwarder) {
CONSUME1_OR_RETURN(const uint16_t sendback_length, input);
CONSUME_OR_RETURN(const uint8_t *sendback, input, sendback_length);
forward_reply(net.get(), &forwarder, sendback, sendback_length, input.data, input.size);
};
};
}
} // namespace
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
fuzz_select_target(data, size, TestSendForwardRequest, TestForwardReply);
return 0;
}

34
toxcore/net_crypto.c
View File

@ -2331,6 +2331,20 @@ int get_random_tcp_con_number(Net_Crypto *c)
return ret;
}
/** @brief Put IP_Port of a random onion TCP connection in ip_port.
*
* return true on success.
* return false on failure.
*/
bool get_random_tcp_conn_ip_port(Net_Crypto *c, IP_Port *ip_port)
{
pthread_mutex_lock(&c->tcp_mutex);
const bool ret = tcp_get_random_conn_ip_port(c->tcp_c, ip_port);
pthread_mutex_unlock(&c->tcp_mutex);
return ret;
}
/** @brief Send an onion packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -2345,6 +2359,26 @@ int send_tcp_onion_request(Net_Crypto *c, unsigned int tcp_connections_number, c
return ret;
}
/**
* Send a forward request to the TCP relay with IP_Port tcp_forwarder,
* requesting to forward data via a chain of dht nodes starting with dht_node.
* A chain_length of 0 means that dht_node is the final destination of data.
*
* return 0 on success.
* return -1 on failure.
*/
int send_tcp_forward_request(const Logger *logger, Net_Crypto *c, const IP_Port *tcp_forwarder, const IP_Port *dht_node,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length)
{
pthread_mutex_lock(&c->tcp_mutex);
const int ret = tcp_send_forward_request(logger, c->tcp_c, tcp_forwarder, dht_node,
chain_keys, chain_length, data, data_length);
pthread_mutex_unlock(&c->tcp_mutex);
return ret;
}
/** @brief Copy a maximum of num random TCP relays we are connected to to tcp_relays.
*
* NOTE that the family of the copied ip ports will be set to TCP_INET or TCP_INET6.

21
toxcore/net_crypto.h
View File

@ -306,6 +306,14 @@ int add_tcp_relay(Net_Crypto *c, const IP_Port *ip_port, const uint8_t *public_k
non_null()
int get_random_tcp_con_number(Net_Crypto *c);
/** @brief Put IP_Port of a random onion TCP connection in ip_port.
*
* return true on success.
* return false on failure.
*/
non_null()
bool get_random_tcp_conn_ip_port(Net_Crypto *c, IP_Port *ip_port);
/** @brief Send an onion packet via the TCP relay corresponding to tcp_connections_number.
*
* return 0 on success.
@ -315,6 +323,19 @@ non_null()
int send_tcp_onion_request(Net_Crypto *c, unsigned int tcp_connections_number,
const uint8_t *data, uint16_t length);
/**
* Send a forward request to the TCP relay with IP_Port tcp_forwarder,
* requesting to forward data via a chain of dht nodes starting with dht_node.
* A chain_length of 0 means that dht_node is the final destination of data.
*
* return 0 on success.
* return -1 on failure.
*/
non_null()
int send_tcp_forward_request(const Logger *logger, Net_Crypto *c, const IP_Port *tcp_forwarder, const IP_Port *dht_node,
const uint8_t *chain_keys, uint16_t chain_length,
const uint8_t *data, uint16_t data_length);
/** @brief Copy a maximum of num random TCP relays we are connected to to tcp_relays.
*
* NOTE that the family of the copied ip ports will be set to TCP_INET or TCP_INET6.

11
toxcore/network.h
View File

@ -170,6 +170,17 @@ typedef enum Net_Packet_Type {
NET_PACKET_ONION_RECV_2 = 0x8d,
NET_PACKET_ONION_RECV_1 = 0x8e,
NET_PACKET_FORWARD_REQUEST = 0x90,
NET_PACKET_FORWARDING = 0x91,
NET_PACKET_FORWARD_REPLY = 0x92,
NET_PACKET_DATA_SEARCH_REQUEST = 0x93,
NET_PACKET_DATA_SEARCH_RESPONSE = 0x94,
NET_PACKET_DATA_RETRIEVE_REQUEST = 0x95,
NET_PACKET_DATA_RETRIEVE_RESPONSE = 0x96,
NET_PACKET_STORE_ANNOUNCE_REQUEST = 0x97,
NET_PACKET_STORE_ANNOUNCE_RESPONSE = 0x98,
BOOTSTRAP_INFO_PACKET_ID = 0xf0, /* Only used for bootstrap nodes */
NET_PACKET_MAX = 0xff, /* This type must remain within a single uint8. */

2
toxcore/onion_announce.c
View File

@ -465,7 +465,7 @@ static int handle_announce_request_common(
/* Respond with a announce response packet */
Node_format nodes_list[MAX_SENT_NODES];
const unsigned int num_nodes =
get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, net_family_unspec, ip_is_lan(&source->ip));
get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, net_family_unspec, ip_is_lan(&source->ip), false);
assert(num_nodes <= UINT8_MAX);

2
toxcore/ping_array.h
View File

@ -27,7 +27,7 @@ typedef struct Ping_Array Ping_Array;
* @param size represents the total size of the array and should be a power of 2.
* @param timeout represents the maximum timeout in seconds for the entry.
*
* @return 0 on success, -1 on failure.
* @return pointer to allocated Ping_Array on success, nullptr on failure.
*/
struct Ping_Array *ping_array_new(uint32_t size, uint32_t timeout);

10
toxcore/timed_auth.c
View File

@ -7,12 +7,16 @@
#include "ccompat.h"
non_null(1,6) nullable(4)
static void create_timed_auth_to_hash(const Mono_Time *mono_time, uint16_t timeout, bool previous, const uint8_t *data,
uint16_t length, uint8_t *to_hash)
{
const uint64_t t = (mono_time_get(mono_time) / timeout) - previous;
const uint64_t t = (mono_time_get(mono_time) / timeout) - (previous ? 1 : 0);
memcpy(to_hash, &t, sizeof(t));
memcpy(to_hash + sizeof(t), data, length);
if (data != nullptr) {
memcpy(to_hash + sizeof(t), data, length);
}
}
void generate_timed_auth(const Mono_Time *mono_time, uint16_t timeout, const uint8_t *key,
@ -29,7 +33,7 @@ bool check_timed_auth(const Mono_Time *mono_time, uint16_t timeout, const uint8_
VLA(uint8_t, to_hash, sizeof(uint64_t) + length);
for (uint8_t i = 0; i < 2; ++i) {
create_timed_auth_to_hash(mono_time, timeout, i, data, length, to_hash);
create_timed_auth_to_hash(mono_time, timeout, i != 0, data, length, to_hash);
if (crypto_hmac_verify(timed_auth, key, to_hash, SIZEOF_VLA(to_hash))) {
return true;

25
toxcore/timed_auth.h
View File

@ -9,16 +9,27 @@
#define TIMED_AUTH_SIZE CRYPTO_HMAC_SIZE
/* Put timed authentication code of data in timed_auth. */
/**
* @brief Write timed authentication code of data to timed_auth.
*
* @param timed_auth Must be of size TIMED_AUTH_SIZE.
*/
non_null(1, 3, 6) nullable(4)
void generate_timed_auth(const Mono_Time *mono_time, uint16_t timeout, const uint8_t *key,
const uint8_t *data, uint16_t length, uint8_t *timed_auth);
/* Check timed_auth. This succeeds if timed_auth was generated by
* generate_timed_auth at most timeout seconds ago, and fails if at least
* `2*timeout` seconds ago.
/**
* @brief Check timed_auth. This succeeds if `timed_auth` was generated by
* `generate_timed_auth` at most `timeout` seconds ago, and fails if at least
* `2*timeout` seconds ago. More precisely, it succeeds iff
* `current_time / timeout` is equal to or one more than
* `creation_time / timeout`.
*
* return true on success, false otherwise.
* @param timed_auth Must be of size TIMED_AUTH_SIZE.
* @return true on success, false otherwise.
*/
bool check_timed_auth(const Mono_Time *mono_time, uint16_t timeout, const uint8_t *key, const uint8_t *data,
uint16_t length, const uint8_t *timed_auth);
non_null(1, 3, 6) nullable(4)
bool check_timed_auth(const Mono_Time *mono_time, uint16_t timeout, const uint8_t *key,
const uint8_t *data, uint16_t length, const uint8_t *timed_auth);
#endif

1
toxcore/tox.c
View File

@ -486,6 +486,7 @@ Tox *tox_new(const struct Tox_Options *options, Tox_Err_New *error)
m_options.tcp_server_port = tox_options_get_tcp_port(opts);
m_options.hole_punching_enabled = tox_options_get_hole_punching_enabled(opts);
m_options.local_discovery_enabled = tox_options_get_local_discovery_enabled(opts);
m_options.dht_announcements_enabled = tox_options_get_dht_announcements_enabled(opts);
if (m_options.udp_disabled) {
m_options.local_discovery_enabled = false;

11
toxcore/tox.h
View File

@ -549,6 +549,13 @@ struct Tox_Options {
bool local_discovery_enabled;
/**
* Enable storing DHT announcements and forwarding corresponding requests.
*
* Disabling this will cause Tox to ignore the relevant packets.
*/
bool dht_announcements_enabled;
/**
* Pass communications through a proxy.
*/
@ -681,6 +688,10 @@ bool tox_options_get_local_discovery_enabled(const struct Tox_Options *options);
void tox_options_set_local_discovery_enabled(struct Tox_Options *options, bool local_discovery_enabled);
bool tox_options_get_dht_announcements_enabled(const struct Tox_Options *options);
void tox_options_set_dht_announcements_enabled(struct Tox_Options *options, bool dht_announcements_enabled);
Tox_Proxy_Type tox_options_get_proxy_type(const struct Tox_Options *options);
void tox_options_set_proxy_type(struct Tox_Options *options, Tox_Proxy_Type type);

2
toxcore/tox_api.c
View File

@ -124,6 +124,7 @@ ACCESSORS(size_t, savedata_, length)
ACCESSORS(tox_log_cb *, log_, callback)
ACCESSORS(void *, log_, user_data)
ACCESSORS(bool,, local_discovery_enabled)
ACCESSORS(bool,, dht_announcements_enabled)
ACCESSORS(bool,, experimental_thread_safety)
//!TOKSTYLE+
@ -149,6 +150,7 @@ void tox_options_default(struct Tox_Options *options)
tox_options_set_proxy_type(options, TOX_PROXY_TYPE_NONE);
tox_options_set_hole_punching_enabled(options, true);
tox_options_set_local_discovery_enabled(options, true);
tox_options_set_dht_announcements_enabled(options, true);
tox_options_set_experimental_thread_safety(options, false);
}
}