Skip to content

Commit

Permalink
Merge pull request #2108 from majestrate/service-refactor-2023-01-08
Browse files Browse the repository at this point in the history
[internals refactor] docs and reorganize compilation units
  • Loading branch information
majestrate authored Jan 21, 2023
2 parents 0edfe8f + cd8316e commit 7ae1a1a
Show file tree
Hide file tree
Showing 68 changed files with 614 additions and 288 deletions.
5 changes: 5 additions & 0 deletions .clang-format
Original file line number Diff line number Diff line change
Expand Up @@ -54,3 +54,8 @@ PointerAlignment: Left
# when wrapping function calls/declarations, force each parameter to have its own line
BinPackParameters: 'false'
BinPackArguments: 'false'

# TODO: uncomment me when we are reading to rearrange the header includes
# IncludeBlocks: Regroup
# IncludeCategories: 'llarp/'

3 changes: 1 addition & 2 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,7 @@ endif()
option(USE_AVX2 "enable avx2 code" OFF)
option(USE_NETNS "enable networking namespace support. Linux only" OFF)
option(NATIVE_BUILD "optimise for host system and FPU" ON)
option(EMBEDDED_CFG "optimise for older hardware or embedded systems" OFF)
option(BUILD_LIBLOKINET "build liblokinet.so" ON)
option(WITH_EMBEDDED_LOKINET "build liblokinet.so for embedded lokinet" OFF)
option(XSAN "use sanitiser, if your system has it (requires -DCMAKE_BUILD_TYPE=Debug)" OFF)
option(USE_JEMALLOC "Link to jemalloc for memory allocations, if found" ON)
option(TESTNET "testnet build" OFF)
Expand Down
1 change: 0 additions & 1 deletion contrib/android-configure.sh
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ for abi in $build_abis; do
-DBUILD_PACKAGE=ON \
-DBUILD_SHARED_LIBS=OFF \
-DBUILD_TESTING=OFF \
-DBUILD_LIBLOKINET=OFF \
-DWITH_TESTS=OFF \
-DWITH_BOOTSTRAP=OFF \
-DNATIVE_BUILD=OFF \
Expand Down
1 change: 0 additions & 1 deletion contrib/mac-configure.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ cd build-mac
cmake \
-G Ninja \
-DBUILD_STATIC_DEPS=ON \
-DBUILD_LIBLOKINET=OFF \
-DWITH_TESTS=OFF \
-DWITH_BOOTSTRAP=OFF \
-DNATIVE_BUILD=OFF \
Expand Down
1 change: 0 additions & 1 deletion contrib/windows-configure.sh
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ cmake \
-DBUILD_PACKAGE=ON \
-DBUILD_SHARED_LIBS=OFF \
-DBUILD_TESTING=OFF \
-DBUILD_LIBLOKINET=OFF \
-DWITH_TESTS=OFF \
-DWITH_BOOTSTRAP=OFF \
-DNATIVE_BUILD=OFF \
Expand Down
2 changes: 1 addition & 1 deletion crypto/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ add_library(lokinet-cryptography
libntrup/src/ref/rq.c
)

target_include_directories(lokinet-cryptography PUBLIC libntrup/include)
target_include_directories(lokinet-cryptography PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/libntrup/include)

# The avx implementation uses runtime CPU feature detection to enable itself, so we *always* want to
# compile it with avx2/fma support when supported by the compiler even if we aren't compiling with
Expand Down
97 changes: 97 additions & 0 deletions docs/refactor_notes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
# High Level Iterative Approach

the desired outcome of this refactor will be splitting the existing code up into a stack of new components.
a layer hides all functionality of the layer below it to reduce the complexity like the OSI stack intends to.
the refactor starts at the top layer, wiring up the old implementation piecewise to the top layer.
once the top layer is wired up to the old implementation we will move down to the next layer.
this will repeat until we reach the bottom layer.
once the old implementation is wired up into these new clearly defined layers, we can fixup or replace different parts of each layer one at a time as needed.

working down from each layer will let us pick apart the old implementation (if needed) that we would wire up to the new base classes for that layer we are defining now without worrying about what is below it (yet).

this refactor is very able to be split up into small work units that (ideally) do not confict with each other.


PDU: https://en.wikipedia.org/wiki/Protocol_data_unit

# The New Layers

from top to bottom the new layers are:

* Platform Layer
* Flow Layer
* Routing Layer
* Onion Layer
* Link Layer
* Wire Layer


## Platform Layer

this is the top layer, it is responsibile ONLY to act as a handler of reading data from the "user" (via tun interface or whatever) to forward to the flow layer as desired, and to take data from the flow layer and send it to the "user".
any kind of IP/dns mapping or traffic isolation details are done here. embedded lokinet would be implemented in this layer as well, as it is without a full tun interface.

Platform layer PDU are what the OS gives us and we internally convert them into flow layer PDU and hand them off to the flow layer.


## Flow Layer

this layer is tl;dr mean to multiplex data from the platform layer across the routing layer and propagating PDU from the routing to the platform layer if needed.

the flow layer is responsible for sending platform layer PDU across path we have already established.
this layer is informed by the routing layer below it of state changes in what paths are available for use.
the flow layer requests from the layer below to make new paths if it wishes to get new ones on demand.
this layer will recieve routing layer PDU from the routing layer and apply any congestion control needed to buffer things to the os if it is needed at all.

flow layer PDU are (data, ethertype, src-pubkey, dst-pubkey, isolation-metric) tuples.
data is the datum we are tunneling over lokinet. ethertype tells us what kind of datum this is, e.g. plainquic/ipv4/ipv6/auth/etc.
src-pubkey and dst-pubkey are public the ed25519 public keys of each end of the flow in use.
the isolation metric is a piece of metadata we use to distinguish unique flows (convotag). in this new seperation convotags explicitly do not hand over across paths.


## Routing Layer

this layer is tl;dr meant for path management but not path building.

the routing layer is responsible for sending/recieving flow layer PDU, DHT requests/responses, latency testing PDU and any other kind of PDU we send/recieve over the onion layer.
this layer will be responsible for managing paths we have already built across lokinet.
the routing layer will periodically measure path status/latency, and do any other kinds of perioidic path related tasks post build.
this layer when asked for a new path from the flow layer will use one that has been prebuilt already and if the number of prebuilt paths is below a threshold we will tell the onion layer to build more paths.
the routing layer will recieve path build results be their success/fail/timeout from the onion layer that were requested and apply any congestion control needed at the pivot router.

routing layer PDU are (data, src-path, dst-path) tuples.
data is the datum we are transferring between paths.
src-path and dst-path are (pathid, router id) tuples, the source being which path this routing layer PDU originated from, destination being which path it is going to.
in the old model, router id is always the router that recieves it as the pivot router, this remains the same unless we explicitly provide router-id.
this lets us propagate hints to DHT related PDU held inside the datum.


## Onion Layer

the onion layer is repsonsible for path builds, path selection logic and low level details of encrypted/decrypting PDU that are onion routed over paths.
this layer is requested by the routing layer to build a path to a pivot router with an optional additional constraints (e.g. unique cidr/operator/geoip/etc, latency constaints, hop length, path lifetime).
the onion layer will encrypt PDU and send them to link layer as (frame/edge router id) tuples, and recieve link layer frames from edge routers, decrypt them and propagate them as needed to the routing layer.
this layer also handles transit onion traffic and transit path build responsibilities as a snode and apply congestion control as needed per transit path.

the onion layer PDU are (data, src-path, dst-path) tuples.
src-path and dst-path are (router-id, path-id) tuples which contain the ed25519 pubkey of the node and the 128 bit path-id it was associated with.
data is some datum we are onion routing that we would apply symettric encryption as needed before propagating to upper or lower layers.


## Link Layer

the link layer is responsbile for transmission of frames between nodes.
this layer will handle queuing and congestion control between wire proto sessions between nodes.
the link layer is will initate and recieve wire session to/from remote nodes.

the link layer PDU is (data, src-router-id, dst-router-id) tuples.
data is a datum of a link layer frame.
src-router-id and dst-router-id are (ed25519-pubkey, net-addr, wire-proto-info) tuples.
the ed25519 pubkey is a .snode address, (clients have these too but they are ephemeral).
net-addr is an (ip, port) tuple the node is reachable via the wire protocol.
wire-proto-info is dialect specific wire protocol specific info.

## Wire Layer

the wire layer is responsible for transmitting link layer frames between nodes.
all details here are specific to each wire proto dialect.
25 changes: 24 additions & 1 deletion external/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

option(SUBMODULE_CHECK "Enables checking that vendored library submodules are up to date" ON)
if(SUBMODULE_CHECK)
find_package(Git)
Expand Down Expand Up @@ -140,3 +139,27 @@ if(WITH_BOOTSTRAP)
endif()

endif()


# libcrypt defaults, only on with macos and non static linux
set(default_libcrypt OFF)

if(LINUX AND NOT STATIC_LINK)
set(default_libcrypt ON)
endif()
if(MACOS)
set(default_libcrypt ON)
endif()

option(WITH_LIBCRYPT "enable fast password hash with libcrypt" ${default_libcrypt})

add_library(lokinet-libcrypt INTERFACE)
if(WITH_LIBCRYPT)
pkg_check_modules(LIBCRYPT libcrypt IMPORTED_TARGET REQUIRED)
add_definitions(-DHAVE_CRYPT)
target_link_libraries(lokinet-libcrypt INTERFACE PkgConfig::LIBCRYPT)
message(STATUS "using libcrypt ${LIBCRYPT_VERSION}")
else()
# TODO static build lib crypt?
message(STATUS "not building with libcrypt")
endif()
Loading

0 comments on commit 7ae1a1a

Please sign in to comment.