vecna
/
lox
mirror of https://gitlab.torproject.org/vecna/lox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add handling for unaccounted for bridges

This commit is contained in:
onyinyang 2023-10-02 13:51:19 -04:00
parent b6ff0c60e2
commit 89fb0fbf4b
No known key found for this signature in database
GPG Key ID: 156A6435430C2036
6 changed files with 60 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
crates/lox-distributor/src/lox_context.rs
View File

@ -74,7 +74,6 @@ impl LoxServerContext {
pub fn sync_with_bridgetable(&self, resources: ResourceState) {
// Check if the resource is already in the Lox bridgetable. If it is, it's probably fine
// to replace the existing resource with the incoming one to account for changes
let mut unaccounted_for_bridges: Vec<u64> = Vec::new();
let mut accounted_for_bridges: Vec<u64> = Vec::new();
if let Some(working_resources) = resources.working {
// ensure all working resources are updated and accounted for
@ -140,10 +139,39 @@ impl LoxServerContext {
}
}
// Make sure that all bridges are accounted for
let ba_clone = self.ba.lock().unwrap();
let mut ba_clone = self.ba.lock().unwrap();
let total_reachable = ba_clone.bridge_table.reachable.len();
if total_reachable > accounted_for_bridges.len() {
// Search for extra fingerprints, assume those bridges are gone and remove?
let unaccounted_for =
ba_clone.find_and_remove_unaccounted_for_bridges(accounted_for_bridges);
for bridgeline in unaccounted_for {
let res = self.replace_with_new(bridgeline);
if res == lox_library::ReplaceSuccess::Replaced {
println!(
"BridgeLine {:?} not found in rdsys update was successfully replaced.",
bridgeline.uid_fingerprint
);
} else if res == lox_library::ReplaceSuccess::NotReplaced {
// Add the bridge to the list of to_be_replaced bridges in the Lox context and try
// again to replace at the next update (nothing changes in the Lox Authority)
println!(
"BridgeLine {:?} not found in rdsys update NOT replaced, saved for next update!",
bridgeline.uid_fingerprint
);
self.new_to_be_replaced_bridge(bridgeline);
} else {
// NotFound
assert!(
res == lox_library::ReplaceSuccess::NotFound,
"ReplaceSuccess incorrectly set"
);
println!(
"BridgeLine {:?} no longer in reachable bridges.",
bridgeline.uid_fingerprint
);
}
}
// Search for extra fingerprints, assume those bridges are gone and remove
} else if total_reachable < accounted_for_bridges.len() {
println!("Something unexpected occurred: The number of reachable bridges should not be less than those updated from rdsys");
}

2
crates/lox-library/src/bridge_table.rs
View File

@ -11,7 +11,7 @@ use super::cred;
use super::IssuerPrivKey;
use super::CMZ_B_TABLE;
use aes_gcm::aead;
use aes_gcm::aead::{Aead, generic_array::GenericArray};
use aes_gcm::aead::{generic_array::GenericArray, Aead};
use aes_gcm::{Aes128Gcm, KeyInit};
use base64::{engine::general_purpose, Engine as _};
use curve25519_dalek::ristretto::CompressedRistretto;

23
crates/lox-library/src/lib.rs
View File

@ -381,16 +381,19 @@ impl BridgeAuth {
}
// TODO Ensure synchronization of Lox bridge_table with rdsys
pub fn sync_table(&mut self) {
// Create a hashtable (?) of bridges in the lox distributor from new resources
// accept the hashtable and recreate the bridge table from the hash table here
// using existing reachable bridges, other table checks and placements from existing bridge table
// If bridges are in reachable bridges, put them in the table with their Vec
// How to check for bridges that aren't there/are extra?
// After going through the update, make sure bridges in the table are the same and deal with discrepencies
// This will be the bad/annoying part
//also use open_inv_keys and blocked_keys from bridge_table to remove expired keys from table.
pub fn find_and_remove_unaccounted_for_bridges(
&mut self,
accounted_for_bridges: Vec<u64>,
) -> Vec<BridgeLine> {
// If there are expired blockages, separate them from the fresh blockages
let mut unaccounted_for: Vec<BridgeLine> = Vec::new();
for (k, _v) in self.bridge_table.reachable.clone() {
if !accounted_for_bridges.contains(&k.uid_fingerprint) {
unaccounted_for.push(k);
}
}
unaccounted_for
//use open_inv_keys and blocked_keys from bridge_table to remove expired keys from table.
// make sure this happens before they are removed from the structures in the bridge table
}

2
crates/lox-library/src/migration_table.rs
View File

@ -16,7 +16,7 @@ use curve25519_dalek::scalar::Scalar;
use sha2::Digest;
use sha2::Sha256;
use aes_gcm::aead::{Aead, generic_array::GenericArray};
use aes_gcm::aead::{generic_array::GenericArray, Aead};
use aes_gcm::{Aes128Gcm, KeyInit};
use rand::RngCore;

12
crates/lox-library/src/tests.rs
View File

@ -394,17 +394,21 @@ fn test_open_invite() {
assert!(bridgeline == bucket.0[0]);
}
#[test]
fn test_k_invites() {
let mut th = TestHarness::new();
for i in 0..25 {
let _ = th.open_invite();
if (i + 1) % OPENINV_K != 0 {
assert!(th.bdb.current_k == (i+1)%OPENINV_K, "the current_k should be (i+1)%OPENINV_K");
assert!(
th.bdb.current_k == (i + 1) % OPENINV_K,
"the current_k should be (i+1)%OPENINV_K"
);
} else {
assert!(th.bdb.current_k == OPENINV_K, "the current_k should be OPENINV_K");
assert!(
th.bdb.current_k == OPENINV_K,
"the current_k should be OPENINV_K"
);
}
}
}

7
crates/rdsys-backend-api/src/proto.rs
View File

@ -10,10 +10,9 @@ pub struct ResourceRequest {
pub resource_types: Vec<String>,
}
#[derive(Serialize, Deserialize, Debug, PartialEq, Eq)]
pub struct TestResults {
pub last_passed: DateTime<Utc>
pub last_passed: DateTime<Utc>,
}
/// Representation of a bridge resource
@ -105,7 +104,9 @@ mod tests {
let bridge = Resource {
r#type: String::from("scramblesuit"),
blocked_in: HashMap::new(),
test_result: TestResults { last_passed: "2023-05-30T14:20:28Z".parse::<DateTime<Utc>>().unwrap() },
test_result: TestResults {
last_passed: "2023-05-30T14:20:28Z".parse::<DateTime<Utc>>().unwrap(),
},
protocol: String::from("tcp"),
address: String::from("216.117.3.62"),
port: 63174,