From 6a6e30feb90e6dd57a5c2ff53fb3c86b0a125ab9 Mon Sep 17 00:00:00 2001 From: jdl Date: Mon, 23 Dec 2024 09:34:11 +0100 Subject: [PATCH] Cleanup, hub updates --- hub/api/api.go | 45 ++++++++++------------- hub/api/db/generated.go | 33 +++++++++-------- hub/api/db/sanitize-validate.go | 2 +- hub/api/db/tables.defs | 5 ++- hub/api/migrations/2024-11-30-init.sql | 5 ++- hub/handlers.go | 47 +++++++++++++++++------- hub/routes.go | 1 + hub/templates/admin-peer-create.html | 6 ++-- hub/templates/admin-peer-delete.html | 4 +-- hub/templates/admin-peer-edit.html | 4 +-- hub/templates/admin-peer-list.html | 7 ++-- hub/templates/admin-peer-view.html | 2 +- m/models.go | 35 +++++++++--------- node/main.go | 2 +- node/packets.go | 49 -------------------------- node/packets_test.go | 4 ++- node/peer-supervisor.go | 4 +-- 17 files changed, 108 insertions(+), 147 deletions(-) diff --git a/hub/api/api.go b/hub/api/api.go index 053c574..975149d 100644 --- a/hub/api/api.go +++ b/hub/api/api.go @@ -15,7 +15,6 @@ import ( "git.crumpington.com/lib/go/sqliteutil" "golang.org/x/crypto/bcrypt" "golang.org/x/crypto/nacl/box" - "golang.org/x/crypto/nacl/sign" ) //go:embed migrations @@ -146,7 +145,7 @@ type PeerCreateArgs struct { Name string PublicIP []byte Port uint16 - Mediator bool + Relay bool } // Create the intention to add a peer. The returned code is used to complete @@ -184,11 +183,6 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) { return nil, err } - signPubKey, signPrivKey, err := sign.GenerateKey(rand.Reader) - if err != nil { - return nil, err - } - // Get peer IP. peerIP := byte(0) @@ -208,15 +202,14 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) { } peer := &Peer{ - PeerIP: peerIP, - Version: idgen.NextID(0), - APIKey: idgen.NewToken(), - Name: args.Name, - PublicIP: args.PublicIP, - Port: args.Port, - Mediator: args.Mediator, - EncPubKey: encPubKey[:], - SignPubKey: signPubKey[:], + PeerIP: peerIP, + Version: idgen.NextID(0), + APIKey: idgen.NewToken(), + Name: args.Name, + PublicIP: args.PublicIP, + Port: args.Port, + Relay: args.Relay, + PubKey: encPubKey[:], } if err := db.Peer_Insert(a.db, peer); err != nil { @@ -226,17 +219,15 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) { conf := a.Config_Get() return &m.PeerConfig{ - PeerIP: peer.PeerIP, - HubAddress: conf.HubAddress, - APIKey: peer.APIKey, - Network: conf.VPNNetwork, - PublicIP: peer.PublicIP, - Port: peer.Port, - Mediator: peer.Mediator, - EncPubKey: encPubKey[:], - EncPrivKey: encPrivKey[:], - SignPubKey: signPubKey[:], - SignPrivKey: signPrivKey[:], + PeerIP: peer.PeerIP, + HubAddress: conf.HubAddress, + APIKey: peer.APIKey, + Network: conf.VPNNetwork, + PublicIP: peer.PublicIP, + Port: peer.Port, + Relay: peer.Relay, + PubKey: encPubKey[:], + PrivKey: encPrivKey[:], }, nil } diff --git a/hub/api/db/generated.go b/hub/api/db/generated.go index a23498d..1957b6f 100644 --- a/hub/api/db/generated.go +++ b/hub/api/db/generated.go @@ -307,18 +307,17 @@ func Session_List( // ---------------------------------------------------------------------------- type Peer struct { - PeerIP byte - Version int64 - APIKey string - Name string - PublicIP []byte - Port uint16 - Mediator bool - EncPubKey []byte - SignPubKey []byte + PeerIP byte + Version int64 + APIKey string + Name string + PublicIP []byte + Port uint16 + Relay bool + PubKey []byte } -const Peer_SelectQuery = "SELECT PeerIP,Version,APIKey,Name,PublicIP,Port,Mediator,EncPubKey,SignPubKey FROM peers" +const Peer_SelectQuery = "SELECT PeerIP,Version,APIKey,Name,PublicIP,Port,Relay,PubKey FROM peers" func Peer_Insert( tx TX, @@ -329,7 +328,7 @@ func Peer_Insert( return err } - _, err = tx.Exec("INSERT INTO peers(PeerIP,Version,APIKey,Name,PublicIP,Port,Mediator,EncPubKey,SignPubKey) VALUES(?,?,?,?,?,?,?,?,?)", row.PeerIP, row.Version, row.APIKey, row.Name, row.PublicIP, row.Port, row.Mediator, row.EncPubKey, row.SignPubKey) + _, err = tx.Exec("INSERT INTO peers(PeerIP,Version,APIKey,Name,PublicIP,Port,Relay,PubKey) VALUES(?,?,?,?,?,?,?,?)", row.PeerIP, row.Version, row.APIKey, row.Name, row.PublicIP, row.Port, row.Relay, row.PubKey) return err } @@ -342,7 +341,7 @@ func Peer_Update( return err } - result, err := tx.Exec("UPDATE peers SET Version=?,Name=?,PublicIP=?,Port=?,Mediator=? WHERE PeerIP=?", row.Version, row.Name, row.PublicIP, row.Port, row.Mediator, row.PeerIP) + result, err := tx.Exec("UPDATE peers SET Version=?,Name=?,PublicIP=?,Port=?,Relay=? WHERE PeerIP=?", row.Version, row.Name, row.PublicIP, row.Port, row.Relay, row.PeerIP) if err != nil { return err } @@ -370,7 +369,7 @@ func Peer_UpdateFull( return err } - result, err := tx.Exec("UPDATE peers SET Version=?,APIKey=?,Name=?,PublicIP=?,Port=?,Mediator=?,EncPubKey=?,SignPubKey=? WHERE PeerIP=?", row.Version, row.APIKey, row.Name, row.PublicIP, row.Port, row.Mediator, row.EncPubKey, row.SignPubKey, row.PeerIP) + result, err := tx.Exec("UPDATE peers SET Version=?,APIKey=?,Name=?,PublicIP=?,Port=?,Relay=?,PubKey=? WHERE PeerIP=?", row.Version, row.APIKey, row.Name, row.PublicIP, row.Port, row.Relay, row.PubKey, row.PeerIP) if err != nil { return err } @@ -420,8 +419,8 @@ func Peer_Get( err error, ) { row = &Peer{} - r := tx.QueryRow("SELECT PeerIP,Version,APIKey,Name,PublicIP,Port,Mediator,EncPubKey,SignPubKey FROM peers WHERE PeerIP=?", PeerIP) - err = r.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Mediator, &row.EncPubKey, &row.SignPubKey) + r := tx.QueryRow("SELECT PeerIP,Version,APIKey,Name,PublicIP,Port,Relay,PubKey FROM peers WHERE PeerIP=?", PeerIP) + err = r.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Relay, &row.PubKey) return } @@ -435,7 +434,7 @@ func Peer_GetWhere( ) { row = &Peer{} r := tx.QueryRow(query, args...) - err = r.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Mediator, &row.EncPubKey, &row.SignPubKey) + err = r.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Relay, &row.PubKey) return } @@ -455,7 +454,7 @@ func Peer_Iterate( defer rows.Close() for rows.Next() { row := &Peer{} - err := rows.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Mediator, &row.EncPubKey, &row.SignPubKey) + err := rows.Scan(&row.PeerIP, &row.Version, &row.APIKey, &row.Name, &row.PublicIP, &row.Port, &row.Relay, &row.PubKey) if !yield(row, err) { return } diff --git a/hub/api/db/sanitize-validate.go b/hub/api/db/sanitize-validate.go index b4ed8ff..e06ad94 100644 --- a/hub/api/db/sanitize-validate.go +++ b/hub/api/db/sanitize-validate.go @@ -51,7 +51,7 @@ func Peer_Sanitize(p *Peer) { } } if p.Port == 0 { - p.Port = 515 + p.Port = 456 } } diff --git a/hub/api/db/tables.defs b/hub/api/db/tables.defs index c9e35e2..6df286f 100644 --- a/hub/api/db/tables.defs +++ b/hub/api/db/tables.defs @@ -20,7 +20,6 @@ TABLE peers OF Peer ( Name string, PublicIP []byte, Port uint16, - Mediator bool, - EncPubKey []byte NoUpdate, - SignPubKey []byte NoUpdate + Relay bool, + PubKey []byte NoUpdate ); diff --git a/hub/api/migrations/2024-11-30-init.sql b/hub/api/migrations/2024-11-30-init.sql index eb5da37..ee37ddc 100644 --- a/hub/api/migrations/2024-11-30-init.sql +++ b/hub/api/migrations/2024-11-30-init.sql @@ -22,7 +22,6 @@ CREATE TABLE peers ( Name TEXT NOT NULL UNIQUE, -- For humans. PublicIP BLOB NOT NULL, Port INTEGER NOT NULL, - Mediator INTEGER NOT NULL DEFAULT 0, -- Boolean if peer will forward packets. Must also have public address. - EncPubKey BLOB NOT NULL, - SignPubKey BLOB NOT NULL + Relay INTEGER NOT NULL DEFAULT 0, -- Boolean if peer will forward packets. Must also have public address. + PubKey BLOB NOT NULL ) WITHOUT ROWID; diff --git a/hub/handlers.go b/hub/handlers.go index f24aaaa..aabf3c7 100644 --- a/hub/handlers.go +++ b/hub/handlers.go @@ -4,6 +4,8 @@ import ( "errors" "log" "net/http" + "net/netip" + "strings" "vppn/hub/api" "vppn/m" @@ -155,6 +157,29 @@ func (a *App) _adminPeerList(s *api.Session, w http.ResponseWriter, r *http.Requ }) } +func (a *App) _adminHosts(s *api.Session, w http.ResponseWriter, r *http.Request) error { + conf := a.api.Config_Get() + + peers, err := a.api.Peer_List() + if err != nil { + return err + } + + b := strings.Builder{} + + for _, peer := range peers { + ip := conf.VPNNetwork + ip[3] = peer.PeerIP + b.WriteString(netip.AddrFrom4([4]byte(ip)).String()) + b.WriteString(" ") + b.WriteString(peer.Name) + b.WriteString("\n") + } + + w.Write([]byte(b.String())) + return nil +} + func (a *App) _adminPeerCreate(s *api.Session, w http.ResponseWriter, r *http.Request) error { return a.render("/admin-peer-create.html", w, struct{ Session *api.Session }{s}) } @@ -167,7 +192,7 @@ func (a *App) _adminPeerCreateSubmit(s *api.Session, w http.ResponseWriter, r *h Scan("Name", &args.Name). Scan("PublicIP", &ipStr). Scan("Port", &args.Port). - Scan("Mediator", &args.Mediator). + Scan("Relay", &args.Relay). Error() if err != nil { return err @@ -249,7 +274,7 @@ func (a *App) _adminPeerEditSubmit(s *api.Session, w http.ResponseWriter, r *htt Scan("Name", &peer.Name). Scan("PublicIP", &ipStr). Scan("Port", &peer.Port). - Scan("Mediator", &peer.Mediator). + Scan("Relay", &peer.Relay). Error() if err != nil { return err @@ -311,19 +336,16 @@ func (a *App) _peerCreate(w http.ResponseWriter, r *http.Request) error { func (a *App) _peerFetchState(w http.ResponseWriter, r *http.Request) error { _, apiKey, ok := r.BasicAuth() if !ok { - log.Printf("1") return api.ErrNotAuthorized } peer, err := a.api.Peer_GetByAPIKey(apiKey) if err != nil { - log.Printf("2") return err } peers, err := a.api.Peer_List() if err != nil { - log.Printf("3") return err } @@ -339,14 +361,13 @@ func (a *App) _peerFetchState(w http.ResponseWriter, r *http.Request) error { for _, p := range peers { state.Peers[p.PeerIP] = &m.Peer{ - PeerIP: p.PeerIP, - Version: p.Version, - Name: p.Name, - PublicIP: p.PublicIP, - Port: p.Port, - Mediator: p.Mediator, - EncPubKey: p.EncPubKey, - SignPubKey: p.SignPubKey, + PeerIP: p.PeerIP, + Version: p.Version, + Name: p.Name, + PublicIP: p.PublicIP, + Port: p.Port, + Relay: p.Relay, + PubKey: p.PubKey, } } diff --git a/hub/routes.go b/hub/routes.go index 0fa47f2..a29736f 100644 --- a/hub/routes.go +++ b/hub/routes.go @@ -17,6 +17,7 @@ func (a *App) registerRoutes() { a.handleSignedIn("GET /admin/password/edit/", a._adminPasswordEdit) a.handleSignedIn("POST /admin/password/edit/", a._adminPasswordSubmit) a.handleSignedIn("GET /admin/peer/list/", a._adminPeerList) + a.handleSignedIn("GET /admin/peer/hosts/", a._adminHosts) a.handleSignedIn("GET /admin/peer/create/", a._adminPeerCreate) a.handleSignedIn("POST /admin/peer/create/", a._adminPeerCreateSubmit) a.handleSignedIn("GET /admin/peer/intent-created/", a._adminPeerIntentCreated) diff --git a/hub/templates/admin-peer-create.html b/hub/templates/admin-peer-create.html index f2f0c39..8225fc8 100644 --- a/hub/templates/admin-peer-create.html +++ b/hub/templates/admin-peer-create.html @@ -13,12 +13,12 @@


- +

diff --git a/hub/templates/admin-peer-delete.html b/hub/templates/admin-peer-delete.html index a330eb8..9290f68 100644 --- a/hub/templates/admin-peer-delete.html +++ b/hub/templates/admin-peer-delete.html @@ -22,8 +22,8 @@

diff --git a/hub/templates/admin-peer-edit.html b/hub/templates/admin-peer-edit.html index c6081b1..da40de8 100644 --- a/hub/templates/admin-peer-edit.html +++ b/hub/templates/admin-peer-edit.html @@ -22,8 +22,8 @@

diff --git a/hub/templates/admin-peer-list.html b/hub/templates/admin-peer-list.html index 4acadc7..cb7c72c 100644 --- a/hub/templates/admin-peer-list.html +++ b/hub/templates/admin-peer-list.html @@ -2,7 +2,8 @@

Peers

- Add Peer + Add Peer / + Hosts

{{if .Peers -}} @@ -13,7 +14,7 @@ Name Public IP Port - Mediator + Relay @@ -27,7 +28,7 @@ {{.Name}} {{ipToString .PublicIP}} {{.Port}} - {{if .Mediator}}T{{else}}F{{end}} + {{if .Relay}}T{{else}}F{{end}} {{- end}} diff --git a/hub/templates/admin-peer-view.html b/hub/templates/admin-peer-view.html index 89ff754..e8d6f6e 100644 --- a/hub/templates/admin-peer-view.html +++ b/hub/templates/admin-peer-view.html @@ -12,7 +12,7 @@ Name{{.Name}} Public IP{{ipToString .PublicIP}} Port{{.Port}} - Mediator{{if .Mediator}}T{{else}}F{{end}} + Relay{{if .Relay}}T{{else}}F{{end}} API Key{{.APIKey}} {{- end}} diff --git a/m/models.go b/m/models.go index 29c39f9..345bf5d 100644 --- a/m/models.go +++ b/m/models.go @@ -2,28 +2,25 @@ package m type PeerConfig struct { - PeerIP byte - HubAddress string - Network []byte - APIKey string - PublicIP []byte - Port uint16 - Mediator bool - EncPubKey []byte - EncPrivKey []byte - SignPubKey []byte - SignPrivKey []byte + PeerIP byte + HubAddress string + Network []byte + APIKey string + PublicIP []byte + Port uint16 + Relay bool + PubKey []byte + PrivKey []byte } type Peer struct { - PeerIP byte - Version int64 - Name string - PublicIP []byte - Port uint16 - Mediator bool - EncPubKey []byte - SignPubKey []byte + PeerIP byte + Version int64 + Name string + PublicIP []byte + Port uint16 + Relay bool + PubKey []byte } type NetworkState struct { diff --git a/node/main.go b/node/main.go index d9d865a..419f644 100644 --- a/node/main.go +++ b/node/main.go @@ -106,7 +106,7 @@ func main(listenIP string, port uint16) { // Intialize globals. localIP = config.PeerIP localPub = addrIsValid(config.PublicIP) - privateKey = config.EncPrivKey + privateKey = config.PrivKey _iface = newIFWriter(iface) _conn = newConnWriter(conn) diff --git a/node/packets.go b/node/packets.go index 04db2a9..f6d92e1 100644 --- a/node/packets.go +++ b/node/packets.go @@ -14,8 +14,6 @@ const ( packetTypeSyn = iota + 1 packetTypeSynAck packetTypeAck - packetTypeAddrReq - packetTypeAddrResp ) // ---------------------------------------------------------------------------- @@ -34,10 +32,6 @@ func (p *controlPacket) ParsePayload(buf []byte) (err error) { p.Payload, err = parseSynAckPacket(buf) case packetTypeAck: p.Payload, err = parseAckPacket(buf) - case packetTypeAddrReq: - p.Payload, err = parseAddrReqPacket(buf) - case packetTypeAddrResp: - p.Payload, err = parseAddrRespPacket(buf) default: return errUnknownPacketType } @@ -118,46 +112,3 @@ func parseAckPacket(buf []byte) (p ackPacket, err error) { Error() return } - -// ---------------------------------------------------------------------------- - -type addrReqPacket struct { - TraceID uint64 -} - -func (p addrReqPacket) Marshal(buf []byte) []byte { - return newBinWriter(buf). - Byte(packetTypeAddrReq). - Uint64(p.TraceID). - Build() -} - -func parseAddrReqPacket(buf []byte) (p addrReqPacket, err error) { - err = newBinReader(buf[1:]). - Uint64(&p.TraceID). - Error() - return -} - -// ---------------------------------------------------------------------------- - -type addrRespPacket struct { - TraceID uint64 - Addr netip.AddrPort -} - -func (p addrRespPacket) Marshal(buf []byte) []byte { - return newBinWriter(buf). - Byte(packetTypeAddrResp). - Uint64(p.TraceID). - AddrPort(p.Addr). - Build() -} - -func parseAddrRespPacket(buf []byte) (p addrRespPacket, err error) { - err = newBinReader(buf[1:]). - Uint64(&p.TraceID). - AddrPort(&p.Addr). - Error() - return -} diff --git a/node/packets_test.go b/node/packets_test.go index 660d30e..bd83080 100644 --- a/node/packets_test.go +++ b/node/packets_test.go @@ -2,6 +2,7 @@ package node import ( "crypto/rand" + "net/netip" "reflect" "testing" ) @@ -24,7 +25,8 @@ func TestPacketSyn(t *testing.T) { func TestPacketSynAck(t *testing.T) { in := synAckPacket{ - TraceID: newTraceID(), + TraceID: newTraceID(), + RecvAddr: netip.AddrPort{}, } out, err := parseSynAckPacket(in.Marshal(make([]byte, bufferSize))) diff --git a/node/peer-supervisor.go b/node/peer-supervisor.go index 6741f48..e47d0ae 100644 --- a/node/peer-supervisor.go +++ b/node/peer-supervisor.go @@ -102,12 +102,12 @@ func (s *peerSupervisor) _peerUpdate(peer *m.Peer) stateFunc { } s.staged.IP = s.remoteIP - s.staged.ControlCipher = newControlCipher(privateKey, peer.EncPubKey) + s.staged.ControlCipher = newControlCipher(privateKey, peer.PubKey) s.staged.DataCipher = newDataCipher() if ip, isValid := netip.AddrFromSlice(peer.PublicIP); isValid { s.remotePub = true - s.staged.Relay = peer.Mediator + s.staged.Relay = peer.Relay s.staged.RemoteAddr = netip.AddrPortFrom(ip, peer.Port) }