mirror of
https://github.com/cwinfo/yggdrasil-go.git
synced 2024-11-22 13:00:47 +00:00
(broken state) more tuntap WIP to add out-of-band key lookup
This commit is contained in:
parent
5b22392c66
commit
0f787364de
@ -39,6 +39,7 @@ const tun_IPv6_HEADER_LENGTH = 40
|
|||||||
// calling yggdrasil.Start().
|
// calling yggdrasil.Start().
|
||||||
type TunAdapter struct {
|
type TunAdapter struct {
|
||||||
core *yggdrasil.Core
|
core *yggdrasil.Core
|
||||||
|
secret ed25519.PrivateKey
|
||||||
store keyStore
|
store keyStore
|
||||||
writer tunWriter
|
writer tunWriter
|
||||||
reader tunReader
|
reader tunReader
|
||||||
@ -109,13 +110,14 @@ func MaximumMTU() MTU {
|
|||||||
|
|
||||||
// Init initialises the TUN module. You must have acquired a Listener from
|
// Init initialises the TUN module. You must have acquired a Listener from
|
||||||
// the Yggdrasil core before this point and it must not be in use elsewhere.
|
// the Yggdrasil core before this point and it must not be in use elsewhere.
|
||||||
func (tun *TunAdapter) Init(core *yggdrasil.Core, config *config.NodeState, log *log.Logger, options interface{}) error {
|
func (tun *TunAdapter) Init(secret ed25519.PrivateKey, core *yggdrasil.Core, config *config.NodeState, log *log.Logger, options interface{}) error {
|
||||||
/* TODO
|
/* TODO
|
||||||
tunoptions, ok := options.(TunOptions)
|
tunoptions, ok := options.(TunOptions)
|
||||||
if !ok {
|
if !ok {
|
||||||
return fmt.Errorf("invalid options supplied to TunAdapter module")
|
return fmt.Errorf("invalid options supplied to TunAdapter module")
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
tun.secret = secret
|
||||||
tun.core = core
|
tun.core = core
|
||||||
tun.store.init(tun)
|
tun.store.init(tun)
|
||||||
tun.config = config
|
tun.config = config
|
||||||
@ -224,78 +226,41 @@ func (tun *TunAdapter) UpdateConfig(config *config.NodeConfig) {
|
|||||||
tun.Act(nil, tun.ckr.configure)
|
tun.Act(nil, tun.ckr.configure)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
func (tun *TunAdapter) handler() error {
|
|
||||||
for {
|
|
||||||
// Accept the incoming connection
|
|
||||||
conn, err := tun.listener.Accept()
|
|
||||||
if err != nil {
|
|
||||||
tun.log.Errorln("TUN connection accept error:", err)
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
phony.Block(tun, func() {
|
|
||||||
if _, err := tun._wrap(conn.(*yggdrasil.Conn)); err != nil {
|
|
||||||
// Something went wrong when storing the connection, typically that
|
|
||||||
// something already exists for this address or subnet
|
|
||||||
tun.log.Debugln("TUN handler wrap:", err)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (tun *TunAdapter) _wrap(conn *yggdrasil.Conn) (c *tunConn, err error) {
|
|
||||||
// Prepare a session wrapper for the given connection
|
|
||||||
s := tunConn{
|
|
||||||
tun: tun,
|
|
||||||
conn: conn,
|
|
||||||
stop: make(chan struct{}),
|
|
||||||
}
|
|
||||||
c = &s
|
|
||||||
// Get the remote address and subnet of the other side
|
|
||||||
panic("TODO")
|
|
||||||
//remotePubKey := conn.RemoteAddr().(*crypto.BoxPubKey)
|
|
||||||
//remoteNodeID := crypto.GetNodeID(remotePubKey)
|
|
||||||
//s.addr = *address.AddrForNodeID(remoteNodeID)
|
|
||||||
//s.snet = *address.SubnetForNodeID(remoteNodeID)
|
|
||||||
// Work out if this is already a destination we already know about
|
|
||||||
atc, aok := tun.addrToConn[s.addr]
|
|
||||||
stc, sok := tun.subnetToConn[s.snet]
|
|
||||||
// If we know about a connection for this destination already then assume it
|
|
||||||
// is no longer valid and close it
|
|
||||||
if aok {
|
|
||||||
atc._close_from_tun()
|
|
||||||
err = errors.New("replaced connection for address")
|
|
||||||
} else if sok {
|
|
||||||
stc._close_from_tun()
|
|
||||||
err = errors.New("replaced connection for subnet")
|
|
||||||
}
|
|
||||||
// Save the session wrapper so that we can look it up quickly next time
|
|
||||||
// we receive a packet through the interface for this address
|
|
||||||
tun.addrToConn[s.addr] = &s
|
|
||||||
tun.subnetToConn[s.snet] = &s
|
|
||||||
// Set the read callback and start the timeout
|
|
||||||
conn.SetReadCallback(func(bs []byte) {
|
|
||||||
s.Act(conn, func() {
|
|
||||||
s._read(bs)
|
|
||||||
})
|
|
||||||
})
|
|
||||||
s.Act(nil, s.stillAlive)
|
|
||||||
// Return
|
|
||||||
return c, err
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
func (tun *TunAdapter) oobHandler(fromKey, toKey ed25519.PublicKey, data []byte) {
|
func (tun *TunAdapter) oobHandler(fromKey, toKey ed25519.PublicKey, data []byte) {
|
||||||
panic("TODO")
|
if len(data) != 1+ed25519.SignatureSize {
|
||||||
// parse packet
|
return
|
||||||
// If it's a lookup then send a response
|
}
|
||||||
// If it's a response then (maybe) update the keystore
|
sig := data[1:]
|
||||||
|
switch data[0] {
|
||||||
|
case typeKeyLookup:
|
||||||
|
snet := *address.SubnetForKey(toKey)
|
||||||
|
if snet == tun.subnet && ed25519.Verify(fromKey, toKey[:], sig) {
|
||||||
|
// This is looking for at least our subnet (possibly our address)
|
||||||
|
// Send a response
|
||||||
|
tun.sendKeyResponse(fromKey)
|
||||||
|
}
|
||||||
|
case typeKeyResponse:
|
||||||
|
// TODO keep a list of something to match against...
|
||||||
|
// Ignore the response if it doesn't match anything of interest...
|
||||||
|
if ed25519.Verify(fromKey, toKey[:], sig) {
|
||||||
|
tun.store.update(fromKey)
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const (
|
||||||
|
typeKeyLookup = 1
|
||||||
|
typeKeyResponse = 2
|
||||||
|
)
|
||||||
|
|
||||||
func (tun *TunAdapter) sendKeyLookup(partial ed25519.PublicKey) {
|
func (tun *TunAdapter) sendKeyLookup(partial ed25519.PublicKey) {
|
||||||
panic("TODO")
|
sig := ed25519.Sign(tun.secret, partial[:])
|
||||||
|
bs := append([]byte{typeKeyLookup}, sig...)
|
||||||
|
tun.core.SendOutOfBand(partial, bs)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (tun *TunAdapter) sendKeyResponse(dest ed25519.PublicKey) {
|
func (tun *TunAdapter) sendKeyResponse(dest ed25519.PublicKey) {
|
||||||
panic("TODO")
|
sig := ed25519.Sign(tun.secret, dest[:])
|
||||||
|
bs := append([]byte{typeKeyResponse}, sig...)
|
||||||
|
tun.core.SendOutOfBand(dest, bs)
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user