handshake_dir_sync #2

luca.fulchir · 2023-06-17T09:38:03Z

luca.fulchir commented

2023-06-17 09:38:03 +00:00

Finally broken and fixed enough stuff that we have a working handshake between client and server!

luca.fulchir added 33 commits 2023-06-17 09:38:04 +00:00

7a129dbe90

Handhsake DirSync RespInner

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

a5f18ac533

DirSync::Resp work

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

ace56f32e7

refactor lib.rs in other files

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

28cbe2ae20

more refactoring

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

c0d6cf1824

Per-thread work loop

This will let us have a lot less locking.
We can do better in the future with ebpf and pinning connection to
a specific CPU with multiple listen() points on the same address,
but good enough for now

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

9b33ed8828

Refactor, more pinned-thread work

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

810cc16ce6

More thread-pinning work.

No more Arc<Connection>, Rc<Connection> is better on the same thread.
Track the thread number so we can generate the correct connection IDs

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

4287540695

Upgrade flakes to 23.05

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

e71167224c

Track auth and service connections client side

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

1259996201

Connect boilerplate, cleanup

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

e581cb064a

Update architecture.md

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

110a346551

dnssec: use the proper enc::asym types

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

a3430f1813

Initial connections: share auth.server connection

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

c6a3bf0820

More work on connect(), use our own Random

We use :💍:rand::SystemRandom, but we need to wrap it
for a couple of traits needed by ::x25519_dalek

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

1bae4c9953

DNSSEC: add ciphers/key exchanges/hkdfs

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

ac213a6528

More work on key exhcnage negotiation

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

08d2755656

KeyExchange->KeyExchangeKind for consistency

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

5b338c8758

More on negotiation and dnssec record verification

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

9634fbba31

Move enc::sym::Secret to enc::Secret

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

289c6c318e

More work on Dirsync request sending

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

3e09b9cee0

Send initial dirsync packet and handshake timeout

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

6da5464c68

Helpers for dnssec

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

787e11e8e4

Fixes for Hati

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

55e10a60c6

Fix Dnssec record serializing/deserializing

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

5625bd95a4

Test request serialization

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

a6fda8180d

DNSSEC: move keys before addresses

it was kinda stupid to keep the keys *after* the addresses
but have the addresses keep an index to the array of pubkeys anyway

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

4df73b658a

Correctly test for equality the DirSync::Req

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

e2874451d1

Return error from parsing the encrypted ReqData

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

a32dfe098f

Add the git pre-commit hook

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

faaf8762c7

Test (de)serialization of DirSync::Resp

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

aff1c313f5

Cleanup & incomplete tests

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

b682068dca

Test and fix shutdowns

we have a Quick but partial shutdown, which lets the async "threads"
work in the background and shutdown after a bit more time

and the graceful/full shutdown, which waits for everything.

Unfortunately `Drop` can't manage async and blocks everything,
no way to yeld either, so if we only have a thread
we would deadlock if we tried to stop things gracefully

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

866edc2d7d

TONS of bugfixing. Add tests. Client now connects

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

luca.fulchir added this to the Handshakes Support milestone 2023-06-17 09:38:55 +00:00

luca.fulchir added this to the Kanboard project 2023-06-17 09:38:59 +00:00

luca.fulchir added the

enhancement

label 2023-06-17 09:39:19 +00:00

luca.fulchir added 1 commit 2023-06-17 12:07:31 +00:00

376e8fb833

Remove some warnings

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>

luca.fulchir self-assigned this 2023-06-17 12:13:11 +00:00

luca.fulchir added a new dependency 2023-06-20 16:26:30 +00:00

#4 namespace

dexter commented

2023-06-27 19:48:33 +00:00

LGTM

luca.fulchir closed this pull request

2023-06-28 16:54:19 +00:00

luca.fulchir reopened this pull request

2023-06-28 16:56:31 +00:00

luca.fulchir manually merged commit d6825980fd into main

2023-06-28 16:56:32 +00:00

Sign in to join this conversation.

No reviewers

No Label

No Milestone

No project

No Assignees

2 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Blocks

#4 namespace

RunesAuth/libFenrir

Reference: RunesAuth/libFenrir#2