From 9046dbde4fe8b71df2dbb0b5a0091d59d29adb95 Mon Sep 17 00:00:00 2001 From: Arceliar Date: Sun, 25 Nov 2018 13:06:54 -0600 Subject: [PATCH] remove sigManager, it seems safer to just burn the CPU than to store a map of strings of potentially arbitrary length --- src/yggdrasil/core.go | 2 - src/yggdrasil/peer.go | 2 +- src/yggdrasil/router.go | 1 - src/yggdrasil/signature.go | 95 -------------------------------------- 4 files changed, 1 insertion(+), 99 deletions(-) delete mode 100644 src/yggdrasil/signature.go diff --git a/src/yggdrasil/core.go b/src/yggdrasil/core.go index 2f60a1b..9b9bcc1 100644 --- a/src/yggdrasil/core.go +++ b/src/yggdrasil/core.go @@ -22,7 +22,6 @@ type Core struct { sigPriv sigPrivKey switchTable switchTable peers peers - sigs sigManager sessions sessions router router dht dht @@ -50,7 +49,6 @@ func (c *Core) init(bpub *boxPubKey, c.boxPub, c.boxPriv = *bpub, *bpriv c.sigPub, c.sigPriv = *spub, *spriv c.admin.core = c - c.sigs.init() c.searches.init(c) c.dht.init(c) c.sessions.init(c) diff --git a/src/yggdrasil/peer.go b/src/yggdrasil/peer.go index e4d0998..67aa805 100644 --- a/src/yggdrasil/peer.go +++ b/src/yggdrasil/peer.go @@ -316,7 +316,7 @@ func (p *peer) handleSwitchMsg(packet []byte) { sigMsg.Hops = msg.Hops[:idx] loc.coords = append(loc.coords, hop.Port) bs := getBytesForSig(&hop.Next, &sigMsg) - if !p.core.sigs.check(&prevKey, &hop.Sig, bs) { + if !verify(&prevKey, bs, &hop.Sig) { p.core.peers.removePeer(p.port) } prevKey = hop.Next diff --git a/src/yggdrasil/router.go b/src/yggdrasil/router.go index 41e2863..b482476 100644 --- a/src/yggdrasil/router.go +++ b/src/yggdrasil/router.go @@ -121,7 +121,6 @@ func (r *router) mainLoop() { r.core.switchTable.doMaintenance() r.core.dht.doMaintenance() r.core.sessions.cleanup() - r.core.sigs.cleanup() util_getBytes() // To slowly drain things } case f := <-r.admin: diff --git a/src/yggdrasil/signature.go b/src/yggdrasil/signature.go deleted file mode 100644 index 12a3d37..0000000 --- a/src/yggdrasil/signature.go +++ /dev/null @@ -1,95 +0,0 @@ -package yggdrasil - -// This is where we record which signatures we've previously checked -// It's so we can avoid needlessly checking them again - -import ( - "sync" - "time" -) - -// This keeps track of what signatures have already been checked. -// It's used to skip expensive crypto operations, given that many signatures are likely to be the same for the average node's peers. -type sigManager struct { - mutex sync.RWMutex - checked map[sigBytes]knownSig - lastCleaned time.Time -} - -// Represents a known signature. -// Includes the key, the signature bytes, the bytes that were signed, and the time it was last used. -type knownSig struct { - key sigPubKey - sig sigBytes - bs []byte - time time.Time -} - -// Initializes the signature manager. -func (m *sigManager) init() { - m.checked = make(map[sigBytes]knownSig) -} - -// Checks if a key and signature match the supplied bytes. -// If the same key/sig/bytes have been checked before, it returns true from the cached results. -// If not, it checks the key, updates it in the cache if successful, and returns the checked results. -func (m *sigManager) check(key *sigPubKey, sig *sigBytes, bs []byte) bool { - if m.isChecked(key, sig, bs) { - return true - } - verified := verify(key, bs, sig) - if verified { - m.putChecked(key, sig, bs) - } - return verified -} - -// Checks the cache to see if this key/sig/bytes combination has already been verified. -// Returns true if it finds a match. -func (m *sigManager) isChecked(key *sigPubKey, sig *sigBytes, bs []byte) bool { - m.mutex.RLock() - defer m.mutex.RUnlock() - k, isIn := m.checked[*sig] - if !isIn { - return false - } - if k.key != *key || k.sig != *sig || len(bs) != len(k.bs) { - return false - } - for idx := 0; idx < len(bs); idx++ { - if bs[idx] != k.bs[idx] { - return false - } - } - k.time = time.Now() - return true -} - -// Puts a new result into the cache. -// This result is then used by isChecked to skip the expensive crypto verification if it's needed again. -// This is useful because, for nodes with multiple peers, there is often a lot of overlap between the signatures provided by each peer. -func (m *sigManager) putChecked(key *sigPubKey, newsig *sigBytes, bs []byte) { - m.mutex.Lock() - defer m.mutex.Unlock() - k := knownSig{key: *key, sig: *newsig, bs: bs, time: time.Now()} - m.checked[*newsig] = k -} - -func (m *sigManager) cleanup() { - m.mutex.Lock() - defer m.mutex.Unlock() - if time.Since(m.lastCleaned) < time.Minute { - return - } - for s, k := range m.checked { - if time.Since(k.time) > time.Minute { - delete(m.checked, s) - } - } - newChecked := make(map[sigBytes]knownSig, len(m.checked)) - for s, k := range m.checked { - newChecked[s] = k - } - m.checked = newChecked - m.lastCleaned = time.Now() -}