ligo/src/node/net/p2p_connection.ml

564 lines
19 KiB
OCaml
Raw Normal View History

2017-01-14 16:14:02 +04:00
(**************************************************************************)
(* *)
2017-11-14 03:36:14 +04:00
(* Copyright (c) 2014 - 2017. *)
2017-01-14 16:14:02 +04:00
(* Dynamic Ledger Solutions, Inc. <contact@tezos.com> *)
(* *)
(* All rights reserved. No warranty, explicit or implicit, provided. *)
(* *)
(**************************************************************************)
(* TODO encode/encrypt before to push into the writer pipe. *)
(* TODO patch Sodium.Box to avoid allocation of the encrypted buffer.*)
(* TODO patch Data_encoding for continuation-based binary writer/reader. *)
(* TODO test `close ~wait:true`. *)
(* TODO nothing in welcoming message proves that the incoming peer is
the owner of the public key... only the first message will
really proves it. Should this to be changed? Not really
important, but... an attacker might forge a random public key
with enough proof of work (hard task), open a connection, wait
infinitly. This would avoid the real peer to talk with us. And
this might also have an influence on its "score". *)
open P2p_types
include Logging.Make(struct let name = "p2p.connection" end)
type error += Decipher_error
type error += Invalid_message_size
type error += Encoding_error
type error += Rejected
type error += Decoding_error
type error += Myself of Id_point.t
2017-02-24 06:50:33 +04:00
type error += Not_enough_proof_of_work of Peer_id.t
type error += Invalid_auth
2017-04-18 20:32:31 +04:00
type error += Invalid_chunks_size of { value: int ; min: int ; max: int }
2017-01-14 16:14:02 +04:00
2017-01-20 18:25:12 +04:00
module Crypto = struct
let header_length = 2
let crypto_overhead = 18 (* FIXME import from Sodium.Box. *)
let max_content_length =
2017-04-18 20:32:31 +04:00
1 lsl (header_length * 8) - crypto_overhead - header_length
2017-01-20 18:25:12 +04:00
type data = {
channel_key : Crypto_box.channel_key ;
mutable local_nonce : Crypto_box.nonce ;
mutable remote_nonce : Crypto_box.nonce ;
}
let write_chunk fd cryptobox_data buf =
let header_buf = MBytes.create header_length in
let local_nonce = cryptobox_data.local_nonce in
cryptobox_data.local_nonce <- Crypto_box.increment_nonce local_nonce ;
let encrypted_message =
Crypto_box.fast_box cryptobox_data.channel_key buf local_nonce in
let encrypted_len = MBytes.length encrypted_message in
fail_unless
(encrypted_len < max_content_length)
Invalid_message_size >>=? fun () ->
MBytes.set_int16 header_buf 0 encrypted_len ;
P2p_io_scheduler.write fd header_buf >>=? fun () ->
P2p_io_scheduler.write fd encrypted_message >>=? fun () ->
return ()
let read_chunk fd cryptobox_data =
let header_buf = MBytes.create header_length in
P2p_io_scheduler.read_full ~len:header_length fd header_buf >>=? fun () ->
let len = MBytes.get_uint16 header_buf 0 in
let buf = MBytes.create len in
P2p_io_scheduler.read_full ~len fd buf >>=? fun () ->
let remote_nonce = cryptobox_data.remote_nonce in
cryptobox_data.remote_nonce <- Crypto_box.increment_nonce remote_nonce ;
match
Crypto_box.fast_box_open cryptobox_data.channel_key buf remote_nonce
with
| None ->
fail Decipher_error
| Some buf ->
return buf
2017-01-14 16:14:02 +04:00
2017-01-20 18:25:12 +04:00
end
2017-01-14 16:14:02 +04:00
2017-04-18 20:32:31 +04:00
let check_binary_chunks_size size =
let value = size - Crypto.crypto_overhead - Crypto.header_length in
fail_unless
(value > 0 &&
value <= Crypto.max_content_length)
(Invalid_chunks_size
{ value = size ;
min = Crypto.(header_length + crypto_overhead + 1) ;
max = Crypto.(max_content_length + crypto_overhead + header_length)
})
2017-01-14 16:14:02 +04:00
module Connection_message = struct
type t = {
port : int option ;
versions : Version.t list ;
public_key : Crypto_box.public_key ;
proof_of_work_stamp : Crypto_box.nonce ;
message_nonce : Crypto_box.nonce ;
}
let encoding =
let open Data_encoding in
conv
(fun { port ; public_key ; proof_of_work_stamp ;
message_nonce ; versions } ->
let port = match port with None -> 0 | Some port -> port in
(port, public_key, proof_of_work_stamp,
message_nonce, versions))
(fun (port, public_key, proof_of_work_stamp,
message_nonce, versions) ->
let port = if port = 0 then None else Some port in
{ port ; public_key ; proof_of_work_stamp ;
message_nonce ; versions })
(obj5
(req "port" uint16)
(req "pubkey" Crypto_box.public_key_encoding)
(req "proof_of_work_stamp" Crypto_box.nonce_encoding)
(req "message_nonce" Crypto_box.nonce_encoding)
(req "versions" (Variable.list Version.encoding)))
let write fd message =
let encoded_message_len =
Data_encoding.Binary.length encoding message in
fail_unless
2017-01-20 18:25:12 +04:00
(encoded_message_len < Crypto.max_content_length)
2017-01-14 16:14:02 +04:00
Encoding_error >>=? fun () ->
2017-01-20 18:25:12 +04:00
let len = Crypto.header_length + encoded_message_len in
2017-01-14 16:14:02 +04:00
let buf = MBytes.create len in
2017-01-20 18:25:12 +04:00
match Data_encoding.Binary.write
encoding message buf Crypto.header_length with
2017-01-14 16:14:02 +04:00
| None ->
fail Encoding_error
| Some last ->
fail_unless (last = len) Encoding_error >>=? fun () ->
MBytes.set_int16 buf 0 encoded_message_len ;
P2p_io_scheduler.write fd buf
let read fd =
2017-01-20 18:25:12 +04:00
let header_buf = MBytes.create Crypto.header_length in
P2p_io_scheduler.read_full
~len:Crypto.header_length fd header_buf >>=? fun () ->
2017-01-14 16:14:02 +04:00
let len = MBytes.get_uint16 header_buf 0 in
let buf = MBytes.create len in
P2p_io_scheduler.read_full ~len fd buf >>=? fun () ->
match Data_encoding.Binary.read encoding buf 0 len with
| None ->
fail Decoding_error
| Some (read_len, message) ->
if read_len <> len then
fail Decoding_error
else
return message
end
module Ack = struct
2017-01-20 18:25:12 +04:00
type t = Ack | Nack
2017-01-14 16:14:02 +04:00
let ack = MBytes.of_string "\255"
let nack = MBytes.of_string "\000"
2017-01-20 18:25:12 +04:00
let write cryptobox_data fd b =
Crypto.write_chunk cryptobox_data fd
(match b with Ack -> ack | Nack -> nack)
2017-01-14 16:14:02 +04:00
2017-01-20 18:25:12 +04:00
let read fd cryptobox_data =
Crypto.read_chunk fd cryptobox_data >>=? fun buf ->
2017-01-14 16:14:02 +04:00
return (buf <> nack)
end
type authenticated_fd =
2017-01-20 18:25:12 +04:00
P2p_io_scheduler.connection * Connection_info.t * Crypto.data
2017-01-14 16:14:02 +04:00
2017-01-20 18:25:12 +04:00
let kick (fd, _ , cryptobox_data) =
Ack.write fd cryptobox_data Nack >>= fun _ ->
2017-01-14 16:14:02 +04:00
P2p_io_scheduler.close fd >>= fun _ ->
Lwt.return_unit
(* First step: write and read credentials, makes no difference
whether we're trying to connect to a peer or checking an incoming
connection, both parties must first introduce themselves. *)
let authenticate
~proof_of_work_target
~incoming fd (remote_addr, remote_socket_port as point)
?listening_port identity supported_versions =
let local_nonce = Crypto_box.random_nonce () in
lwt_debug "Sending authenfication to %a" Point.pp point >>= fun () ->
Connection_message.write fd
{ public_key = identity.Identity.public_key ;
proof_of_work_stamp = identity.proof_of_work_stamp ;
message_nonce = local_nonce ;
port = listening_port ;
versions = supported_versions } >>=? fun () ->
Connection_message.read fd >>=? fun msg ->
let remote_listening_port =
if incoming then msg.port else Some remote_socket_port in
let id_point = remote_addr, remote_listening_port in
2017-02-24 06:50:33 +04:00
let remote_peer_id = Crypto_box.hash msg.public_key in
2017-01-14 16:14:02 +04:00
fail_unless
2017-02-24 06:50:33 +04:00
(remote_peer_id <> identity.Identity.peer_id)
2017-01-14 16:14:02 +04:00
(Myself id_point) >>=? fun () ->
fail_unless
(Crypto_box.check_proof_of_work
msg.public_key msg.proof_of_work_stamp proof_of_work_target)
2017-02-24 06:50:33 +04:00
(Not_enough_proof_of_work remote_peer_id) >>=? fun () ->
2017-01-14 16:14:02 +04:00
let channel_key =
Crypto_box.precompute identity.Identity.secret_key msg.public_key in
let info =
2017-02-24 06:50:33 +04:00
{ Connection_info.peer_id = remote_peer_id ;
versions = msg.versions ; incoming ;
2017-01-14 16:14:02 +04:00
id_point ; remote_socket_port ;} in
let cryptobox_data =
2017-01-20 18:25:12 +04:00
{ Crypto.channel_key ; local_nonce ;
2017-01-14 16:14:02 +04:00
remote_nonce = msg.message_nonce } in
return (info, (fd, info, cryptobox_data))
type connection = {
2017-03-14 13:51:44 +04:00
id : int ;
2017-01-14 16:14:02 +04:00
info : Connection_info.t ;
fd : P2p_io_scheduler.connection ;
2017-01-20 18:25:12 +04:00
cryptobox_data : Crypto.data ;
2017-01-14 16:14:02 +04:00
}
2017-03-14 13:51:44 +04:00
let next_conn_id =
let cpt = ref 0 in
fun () -> incr cpt ;!cpt
2017-01-14 16:14:02 +04:00
module Reader = struct
type 'msg t = {
canceler: Canceler.t ;
conn: connection ;
encoding: 'msg Data_encoding.t ;
messages: (int * 'msg) tzresult Lwt_pipe.t ;
2017-01-14 16:14:02 +04:00
mutable worker: unit Lwt.t ;
}
2017-11-13 17:29:28 +04:00
let read_message st init_mbytes =
2017-04-18 20:32:31 +04:00
let rec loop status =
Lwt_unix.yield () >>= fun () ->
let open Data_encoding.Binary in
match status with
| Success { res ; res_len ; remaining } ->
return (Some (res, res_len, remaining))
| Error ->
lwt_debug "[read_message] incremental decoding error" >>= fun () ->
return None
| Await decode_next_buf ->
Lwt_utils.protect ~canceler:st.canceler begin fun () ->
Crypto.read_chunk st.conn.fd st.conn.cryptobox_data
end >>=? fun buf ->
lwt_debug
"reading %d bytes from %a"
(MBytes.length buf) Connection_info.pp st.conn.info >>= fun () ->
loop (decode_next_buf buf) in
loop
(Data_encoding.Binary.read_stream_of_bytes ~init:init_mbytes st.encoding)
let rec worker_loop st init_mbytes =
begin
read_message st init_mbytes >>=? fun msg ->
match msg with
| None ->
Lwt_utils.protect ~canceler:st.canceler begin fun () ->
Lwt_pipe.push st.messages (Error [Decoding_error]) >>= fun () ->
return None
end
2017-04-18 20:32:31 +04:00
| Some (msg, size, rem_mbytes) ->
Lwt_utils.protect ~canceler:st.canceler begin fun () ->
Lwt_pipe.push st.messages (Ok (size, msg)) >>= fun () ->
return (Some rem_mbytes)
end
2017-01-14 16:14:02 +04:00
end >>= function
2017-04-18 20:32:31 +04:00
| Ok Some rem_mbytes ->
worker_loop st rem_mbytes
| Ok None ->
Canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit
2017-01-14 16:14:02 +04:00
| Error [Lwt_utils.Canceled | Exn Lwt_pipe.Closed] ->
2017-04-18 20:32:31 +04:00
lwt_debug "connection closed to %a"
Connection_info.pp st.conn.info >>= fun () ->
2017-01-14 16:14:02 +04:00
Lwt.return_unit
| Error _ as err ->
Lwt_pipe.safe_push_now st.messages err ;
2017-01-14 16:14:02 +04:00
Canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit
let run ?size conn encoding canceler =
2017-01-24 02:59:16 +04:00
let compute_size = function
| Ok (size, _) -> (Sys.word_size / 8) * 11 + size + Lwt_pipe.push_overhead
2017-01-24 02:59:16 +04:00
| Error _ -> 0 (* we push Error only when we close the socket,
we don't fear memory leaks in that case... *) in
let size = map_option size ~f:(fun max -> (max, compute_size)) in
2017-01-14 16:14:02 +04:00
let st =
{ canceler ; conn ; encoding ;
messages = Lwt_pipe.create ?size () ;
worker = Lwt.return_unit ;
} in
Canceler.on_cancel st.canceler begin fun () ->
Lwt_pipe.close st.messages ;
Lwt.return_unit
end ;
st.worker <-
Lwt_utils.worker "reader"
2017-11-13 17:29:28 +04:00
~run:(fun () -> worker_loop st [])
~cancel:(fun () -> Canceler.cancel st.canceler) ;
2017-01-14 16:14:02 +04:00
st
let shutdown st =
Canceler.cancel st.canceler >>= fun () ->
st.worker
end
module Writer = struct
type 'msg t = {
canceler: Canceler.t ;
conn: connection ;
encoding: 'msg Data_encoding.t ;
2017-04-18 20:32:31 +04:00
messages: (MBytes.t list * unit tzresult Lwt.u option) Lwt_pipe.t ;
2017-01-14 16:14:02 +04:00
mutable worker: unit Lwt.t ;
2017-04-18 20:32:31 +04:00
binary_chunks_size: int ; (* in bytes *)
2017-01-14 16:14:02 +04:00
}
2017-11-13 17:29:28 +04:00
let send_message st buf =
2017-04-18 20:32:31 +04:00
let rec loop = function
| [] -> return ()
| buf :: l ->
Lwt_utils.protect ~canceler:st.canceler begin fun () ->
Crypto.write_chunk st.conn.fd st.conn.cryptobox_data buf
end >>=? fun () ->
lwt_debug "writing %d bytes to %a"
(MBytes.length buf) Connection_info.pp st.conn.info >>= fun () ->
loop l in
loop buf
2017-01-14 16:14:02 +04:00
let encode_message st msg =
2017-04-18 20:32:31 +04:00
try ok (Data_encoding.Binary.to_bytes_list st.binary_chunks_size st.encoding msg)
with _ -> error Encoding_error
2017-01-14 16:14:02 +04:00
let rec worker_loop st =
Lwt_unix.yield () >>= fun () ->
Lwt_utils.protect ~canceler:st.canceler begin fun () ->
Lwt_pipe.pop st.messages >>= return
2017-01-14 16:14:02 +04:00
end >>= function
| Error [Lwt_utils.Canceled | Exn Lwt_pipe.Closed] ->
2017-02-13 16:37:57 +04:00
lwt_debug "connection closed to %a"
Connection_info.pp st.conn.info >>= fun () ->
2017-01-14 16:14:02 +04:00
Lwt.return_unit
| Error err ->
lwt_log_error
2017-02-13 16:37:57 +04:00
"@[<v 2>error writing to %a@ %a@]"
2017-01-14 16:14:02 +04:00
Connection_info.pp st.conn.info pp_print_error err >>= fun () ->
Canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit
| Ok (buf, wakener) ->
2017-04-18 20:32:31 +04:00
send_message st buf >>= fun res ->
match res with
| Ok () ->
iter_option wakener ~f:(fun u -> Lwt.wakeup_later u res) ;
worker_loop st
| Error err ->
iter_option wakener
~f:(fun u ->
Lwt.wakeup_later u
(Error [P2p_io_scheduler.Connection_closed])) ;
match err with
| [ Lwt_utils.Canceled | Exn Lwt_pipe.Closed ] ->
lwt_debug "connection closed to %a"
Connection_info.pp st.conn.info >>= fun () ->
Lwt.return_unit
| [ P2p_io_scheduler.Connection_closed ] ->
lwt_debug "connection closed to %a"
Connection_info.pp st.conn.info >>= fun () ->
Canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit
| err ->
lwt_log_error
"@[<v 2>error writing to %a@ %a@]"
Connection_info.pp st.conn.info
pp_print_error err >>= fun () ->
Canceler.cancel st.canceler >>= fun () ->
Lwt.return_unit
2017-01-14 16:14:02 +04:00
2017-04-18 20:32:31 +04:00
let run
?size ?binary_chunks_size
conn encoding canceler =
let binary_chunks_size =
match binary_chunks_size with
| None -> Crypto.max_content_length
| Some size ->
let size = size - Crypto.crypto_overhead - Crypto.header_length in
assert (size > 0) ;
assert (size <= Crypto.max_content_length) ;
size
in
let compute_size =
let buf_list_size =
List.fold_left
(fun sz buf ->
sz + MBytes.length buf + 2 * Sys.word_size) 0
in
function
| buf_l, None ->
Sys.word_size + buf_list_size buf_l + Lwt_pipe.push_overhead
| buf_l, Some _ ->
2 * Sys.word_size + buf_list_size buf_l + Lwt_pipe.push_overhead
2017-01-24 02:59:16 +04:00
in
let size = map_option size ~f:(fun max -> max, compute_size) in
2017-01-14 16:14:02 +04:00
let st =
{ canceler ; conn ; encoding ;
messages = Lwt_pipe.create ?size () ;
worker = Lwt.return_unit ;
2017-04-18 20:32:31 +04:00
binary_chunks_size = binary_chunks_size ;
2017-01-14 16:14:02 +04:00
} in
Canceler.on_cancel st.canceler begin fun () ->
Lwt_pipe.close st.messages ;
while not (Lwt_pipe.is_empty st.messages) do
let _, w = Lwt_pipe.pop_now_exn st.messages in
iter_option w
~f:(fun u -> Lwt.wakeup_later u (Error [Exn Lwt_pipe.Closed]))
done ;
2017-01-14 16:14:02 +04:00
Lwt.return_unit
end ;
st.worker <-
Lwt_utils.worker "writer"
2017-11-13 17:29:28 +04:00
~run:(fun () -> worker_loop st)
~cancel:(fun () -> Canceler.cancel st.canceler) ;
2017-01-14 16:14:02 +04:00
st
let shutdown st =
Canceler.cancel st.canceler >>= fun () ->
st.worker
end
type 'msg t = {
conn : connection ;
reader : 'msg Reader.t ;
writer : 'msg Writer.t ;
}
2017-03-14 13:51:44 +04:00
let equal { conn = { id = id1 } } { conn = { id = id2 } } = id1 = id2
2017-01-14 16:14:02 +04:00
let pp ppf { conn } = Connection_info.pp ppf conn.info
let info { conn } = conn.info
let accept
?incoming_message_queue_size ?outgoing_message_queue_size
2017-04-18 20:32:31 +04:00
?binary_chunks_size (fd, info, cryptobox_data) encoding =
2017-01-14 16:14:02 +04:00
Lwt_utils.protect begin fun () ->
2017-01-20 18:25:12 +04:00
Ack.write fd cryptobox_data Ack >>=? fun () ->
Ack.read fd cryptobox_data
end ~on_error:begin fun err ->
2017-01-14 16:14:02 +04:00
P2p_io_scheduler.close fd >>= fun _ ->
match err with
| [ P2p_io_scheduler.Connection_closed ] -> fail Rejected
| [ Decipher_error ] -> fail Invalid_auth
| err -> Lwt.return (Error err)
2017-01-14 16:14:02 +04:00
end >>=? fun accepted ->
fail_unless accepted Rejected >>=? fun () ->
let canceler = Canceler.create () in
2017-04-18 20:32:31 +04:00
let conn = { id = next_conn_id () ; fd ; info ; cryptobox_data } in
2017-01-14 16:14:02 +04:00
let reader =
2017-01-24 02:59:16 +04:00
Reader.run ?size:incoming_message_queue_size conn encoding canceler
2017-01-14 16:14:02 +04:00
and writer =
2017-04-18 20:32:31 +04:00
Writer.run
?size:outgoing_message_queue_size ?binary_chunks_size
conn encoding canceler
in
2017-01-14 16:14:02 +04:00
let conn = { conn ; reader ; writer } in
Canceler.on_cancel canceler begin fun () ->
P2p_io_scheduler.close fd >>= fun _ ->
Lwt.return_unit
end ;
return conn
let catch_closed_pipe f =
Lwt.catch f begin function
| Lwt_pipe.Closed -> fail P2p_io_scheduler.Connection_closed
| exn -> fail (Exn exn)
end
2017-11-11 06:34:12 +04:00
let pp_json encoding ppf msg =
Format.pp_print_string ppf
(Data_encoding_ezjsonm.to_string
(Data_encoding.Json.construct encoding msg))
let write { writer ; conn } msg =
2017-01-14 16:14:02 +04:00
catch_closed_pipe begin fun () ->
2017-11-11 06:34:12 +04:00
debug "Sending message to %a: %a"
P2p_types.Peer_id.pp_short conn.info.peer_id (pp_json writer.encoding) msg ;
Lwt.return (Writer.encode_message writer msg) >>=? fun buf ->
Lwt_pipe.push writer.messages (buf, None) >>= return
2017-01-14 16:14:02 +04:00
end
2017-11-11 06:34:12 +04:00
let write_sync { writer ; conn } msg =
2017-01-14 16:14:02 +04:00
catch_closed_pipe begin fun () ->
let waiter, wakener = Lwt.wait () in
2017-11-11 06:34:12 +04:00
debug "Sending message to %a: %a"
P2p_types.Peer_id.pp_short conn.info.peer_id (pp_json writer.encoding) msg ;
Lwt.return (Writer.encode_message writer msg) >>=? fun buf ->
Lwt_pipe.push writer.messages (buf, Some wakener) >>= fun () ->
2017-01-14 16:14:02 +04:00
waiter
end
2017-11-11 06:34:12 +04:00
let write_now { writer ; conn } msg =
debug "Try sending message to %a: %a"
P2p_types.Peer_id.pp_short conn.info.peer_id (pp_json writer.encoding) msg ;
Writer.encode_message writer msg >>? fun buf ->
try Ok (Lwt_pipe.push_now writer.messages (buf, None))
2017-01-14 16:14:02 +04:00
with Lwt_pipe.Closed -> Error [P2p_io_scheduler.Connection_closed]
2017-04-18 20:32:31 +04:00
let rec split_bytes size bytes =
if MBytes.length bytes <= size then
[bytes]
else
MBytes.sub bytes 0 size ::
split_bytes size (MBytes.sub bytes size (MBytes.length bytes - size))
let raw_write_sync { writer } bytes =
2017-04-18 20:32:31 +04:00
let bytes = split_bytes writer.binary_chunks_size bytes in
catch_closed_pipe begin fun () ->
let waiter, wakener = Lwt.wait () in
Lwt_pipe.push writer.messages (bytes, Some wakener) >>= fun () ->
waiter
end
2017-01-14 16:14:02 +04:00
let is_readable { reader } =
not (Lwt_pipe.is_empty reader.messages)
let wait_readable { reader } =
catch_closed_pipe begin fun () ->
Lwt_pipe.values_available reader.messages >>= return
end
let read { reader } =
catch_closed_pipe begin fun () ->
Lwt_pipe.pop reader.messages
end
let read_now { reader } =
try Lwt_pipe.pop_now reader.messages
with Lwt_pipe.Closed -> Some (Error [P2p_io_scheduler.Connection_closed])
let stat { conn = { fd } } = P2p_io_scheduler.stat fd
let close ?(wait = false) st =
begin
if not wait then Lwt.return_unit
else begin
Lwt_pipe.close st.reader.messages ;
Lwt_pipe.close st.writer.messages ;
st.writer.worker
end
end >>= fun () ->
Reader.shutdown st.reader >>= fun () ->
Writer.shutdown st.writer >>= fun () ->
P2p_io_scheduler.close st.conn.fd >>= fun _ ->
Lwt.return_unit