WIP - cleanup / local discovery
This commit is contained in:
jdl
128
hub/api/api.go
128
hub/api/api.go
@@ -15,6 +15,7 @@ import (
|
||||
"git.crumpington.com/lib/go/sqliteutil"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
"golang.org/x/crypto/nacl/box"
|
||||
"golang.org/x/crypto/nacl/sign"
|
||||
)
|
||||
|
||||
//go:embed migrations
|
||||
@@ -24,6 +25,7 @@ type API struct {
|
||||
db *sql.DB
|
||||
lock sync.Mutex
|
||||
peerIntents map[string]PeerCreateArgs
|
||||
initIntents map[string]byte // Map from intent key to peer IP
|
||||
}
|
||||
|
||||
func New(dbPath string) (*API, error) {
|
||||
@@ -39,6 +41,7 @@ func New(dbPath string) (*API, error) {
|
||||
a := &API{
|
||||
db: sqlDB,
|
||||
peerIntents: map[string]PeerCreateArgs{},
|
||||
initIntents: map[string]byte{},
|
||||
}
|
||||
|
||||
return a, a.ensurePassword()
|
||||
@@ -141,6 +144,16 @@ func (a *API) Session_SignIn(s *Session, pwd string) error {
|
||||
return db.Session_SetSignedIn(a.db, s.SessionID)
|
||||
}
|
||||
|
||||
func (a *API) Peer_CreateNew(p *Peer) error {
|
||||
p.Version = idgen.NextID(0)
|
||||
p.PubKey = []byte{}
|
||||
p.PubSignKey = []byte{}
|
||||
p.APIKey = idgen.NewToken()
|
||||
|
||||
return db.Peer_Insert(a.db, p)
|
||||
}
|
||||
|
||||
// TODO: Remove
|
||||
type PeerCreateArgs struct {
|
||||
Name string
|
||||
PublicIP []byte
|
||||
@@ -148,6 +161,7 @@ type PeerCreateArgs struct {
|
||||
Relay bool
|
||||
}
|
||||
|
||||
// TODO: Remove
|
||||
// Create the intention to add a peer. The returned code is used to complete
|
||||
// the peer creation. The code is valid for 5 minutes.
|
||||
func (a *API) Peer_CreateIntent(args PeerCreateArgs) string {
|
||||
@@ -167,6 +181,78 @@ func (a *API) Peer_CreateIntent(args PeerCreateArgs) string {
|
||||
return code
|
||||
}
|
||||
|
||||
// Create the intention to initialize a peer. The returned code is used to
|
||||
// complete the peer initialization. The code is valid for 5 minutes.
|
||||
func (a *API) Peer_CreateInitIntent(peerIP byte) string {
|
||||
a.lock.Lock()
|
||||
defer a.lock.Unlock()
|
||||
|
||||
code := idgen.NewToken()
|
||||
a.initIntents[code] = peerIP
|
||||
|
||||
go func() {
|
||||
time.Sleep(5 * time.Minute)
|
||||
a.lock.Lock()
|
||||
defer a.lock.Unlock()
|
||||
delete(a.initIntents, code)
|
||||
}()
|
||||
|
||||
return code
|
||||
}
|
||||
|
||||
func (a *API) Peer_Init(initCode string) (*m.PeerConfig, error) {
|
||||
a.lock.Lock()
|
||||
defer a.lock.Unlock()
|
||||
|
||||
ip, ok := a.initIntents[initCode]
|
||||
if !ok {
|
||||
return nil, ErrNotAuthorized
|
||||
}
|
||||
|
||||
peer, err := a.Peer_Get(ip)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
delete(a.initIntents, initCode)
|
||||
|
||||
encPubKey, encPrivKey, err := box.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
signPubKey, signPrivKey, err := sign.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
peer.Version = idgen.NextID(0)
|
||||
peer.APIKey = idgen.NewToken()
|
||||
peer.PubKey = encPubKey[:]
|
||||
peer.PubSignKey = signPubKey[:]
|
||||
|
||||
if err := db.Peer_UpdateFull(a.db, peer); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
conf := a.Config_Get()
|
||||
|
||||
return &m.PeerConfig{
|
||||
PeerIP: peer.PeerIP,
|
||||
HubAddress: conf.HubAddress,
|
||||
APIKey: peer.APIKey,
|
||||
Network: conf.VPNNetwork,
|
||||
PublicIP: peer.PublicIP,
|
||||
Port: peer.Port,
|
||||
Relay: peer.Relay,
|
||||
PubKey: encPubKey[:],
|
||||
PrivKey: encPrivKey[:],
|
||||
PubSignKey: signPubKey[:],
|
||||
PrivSignKey: signPrivKey[:],
|
||||
}, nil
|
||||
}
|
||||
|
||||
// TODO: Remove
|
||||
func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) {
|
||||
a.lock.Lock()
|
||||
defer a.lock.Unlock()
|
||||
@@ -183,6 +269,11 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
signPubKey, signPrivKey, err := sign.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Get peer IP.
|
||||
peerIP := byte(0)
|
||||
|
||||
@@ -202,14 +293,15 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) {
|
||||
}
|
||||
|
||||
peer := &Peer{
|
||||
PeerIP: peerIP,
|
||||
Version: idgen.NextID(0),
|
||||
APIKey: idgen.NewToken(),
|
||||
Name: args.Name,
|
||||
PublicIP: args.PublicIP,
|
||||
Port: args.Port,
|
||||
Relay: args.Relay,
|
||||
PubKey: encPubKey[:],
|
||||
PeerIP: peerIP,
|
||||
Version: idgen.NextID(0),
|
||||
APIKey: idgen.NewToken(),
|
||||
Name: args.Name,
|
||||
PublicIP: args.PublicIP,
|
||||
Port: args.Port,
|
||||
Relay: args.Relay,
|
||||
PubKey: encPubKey[:],
|
||||
PubSignKey: signPubKey[:],
|
||||
}
|
||||
|
||||
if err := db.Peer_Insert(a.db, peer); err != nil {
|
||||
@@ -219,15 +311,17 @@ func (a *API) Peer_Create(creationCode string) (*m.PeerConfig, error) {
|
||||
conf := a.Config_Get()
|
||||
|
||||
return &m.PeerConfig{
|
||||
PeerIP: peer.PeerIP,
|
||||
HubAddress: conf.HubAddress,
|
||||
APIKey: peer.APIKey,
|
||||
Network: conf.VPNNetwork,
|
||||
PublicIP: peer.PublicIP,
|
||||
Port: peer.Port,
|
||||
Relay: peer.Relay,
|
||||
PubKey: encPubKey[:],
|
||||
PrivKey: encPrivKey[:],
|
||||
PeerIP: peer.PeerIP,
|
||||
HubAddress: conf.HubAddress,
|
||||
APIKey: peer.APIKey,
|
||||
Network: conf.VPNNetwork,
|
||||
PublicIP: peer.PublicIP,
|
||||
Port: peer.Port,
|
||||
Relay: peer.Relay,
|
||||
PubKey: encPubKey[:],
|
||||
PrivKey: encPrivKey[:],
|
||||
PubSignKey: signPubKey[:],
|
||||
PrivSignKey: signPrivKey[:],
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user