yggdrasil-go/src/tuntap/conn.go

package tuntap

import (
	"bytes"
	"errors"
	"time"

	"github.com/Arceliar/phony"
	"github.com/yggdrasil-network/yggdrasil-go/src/address"
	"github.com/yggdrasil-network/yggdrasil-go/src/crypto"
	"github.com/yggdrasil-network/yggdrasil-go/src/util"
	"github.com/yggdrasil-network/yggdrasil-go/src/yggdrasil"
	"golang.org/x/net/icmp"
	"golang.org/x/net/ipv6"
)

const tunConnTimeout = 2 * time.Minute

type tunConn struct {
	phony.Inbox
	tun   *TunAdapter
	conn  *yggdrasil.Conn
	addr  address.Address
	snet  address.Subnet
	stop  chan struct{}
	alive *time.Timer // From calling time.AfterFunc
}

func (s *tunConn) close() {
	s.tun.Act(s, s._close_from_tun)
}

func (s *tunConn) _close_from_tun() {
	go s.conn.Close() // Just in case it blocks on actor operations
	delete(s.tun.addrToConn, s.addr)
	delete(s.tun.subnetToConn, s.snet)
	func() {
		defer func() { recover() }()
		close(s.stop) // Closes reader/writer goroutines
	}()
}

func (s *tunConn) _read(bs []byte) (err error) {
	select {
	case <-s.stop:
		err = errors.New("session was already closed")
		util.PutBytes(bs)
		return
	default:
	}
	if len(bs) == 0 {
		err = errors.New("read packet with 0 size")
		util.PutBytes(bs)
		return
	}
	ipv4 := len(bs) > 20 && bs[0]&0xf0 == 0x40
	ipv6 := len(bs) > 40 && bs[0]&0xf0 == 0x60
	isCGA := true
	// Check source addresses
	switch {
	case ipv6 && bs[8] == 0x02 && bytes.Equal(s.addr[:16], bs[8:24]): // source
	case ipv6 && bs[8] == 0x03 && bytes.Equal(s.snet[:8], bs[8:16]): // source
	default:
		isCGA = false
	}
	// Check destiantion addresses
	switch {
	case ipv6 && bs[24] == 0x02 && bytes.Equal(s.tun.addr[:16], bs[24:40]): // destination
	case ipv6 && bs[24] == 0x03 && bytes.Equal(s.tun.subnet[:8], bs[24:32]): // destination
	default:
		isCGA = false
	}
	// Decide how to handle the packet
	var skip bool
	switch {
	case isCGA: // Allowed
	case s.tun.ckr.isEnabled() && (ipv4 || ipv6):
		var srcAddr address.Address
		var dstAddr address.Address
		var addrlen int
		if ipv4 {
			copy(srcAddr[:], bs[12:16])
			copy(dstAddr[:], bs[16:20])
			addrlen = 4
		}
		if ipv6 {
			copy(srcAddr[:], bs[8:24])
			copy(dstAddr[:], bs[24:40])
			addrlen = 16
		}
		if !s.tun.ckr.isValidLocalAddress(dstAddr, addrlen) {
			// The destination address isn't in our CKR allowed range
			skip = true
		} else if key, err := s.tun.ckr.getPublicKeyForAddress(srcAddr, addrlen); err == nil {
			srcNodeID := crypto.GetNodeID(&key)
			if s.conn.RemoteAddr() == *srcNodeID {
				// This is the one allowed CKR case, where source and destination addresses are both good
			} else {
				// The CKR key associated with this address doesn't match the sender's NodeID
				skip = true
			}
		} else {
			// We have no CKR route for this source address
			skip = true
		}
	default:
		skip = true
	}
	if skip {
		err = errors.New("address not allowed")
		util.PutBytes(bs)
		return
	}
	s.tun.writer.writeFrom(s, bs)
	s.stillAlive()
	return
}

func (s *tunConn) writeFrom(from phony.Actor, bs []byte) {
	s.Act(from, func() {
		s._write(bs)
	})
}

func (s *tunConn) _write(bs []byte) (err error) {
	select {
	case <-s.stop:
		err = errors.New("session was already closed")
		util.PutBytes(bs)
		return
	default:
	}
	v4 := len(bs) > 20 && bs[0]&0xf0 == 0x40
	v6 := len(bs) > 40 && bs[0]&0xf0 == 0x60
	isCGA := true
	// Check source addresses
	switch {
	case v6 && bs[8] == 0x02 && bytes.Equal(s.tun.addr[:16], bs[8:24]): // source
	case v6 && bs[8] == 0x03 && bytes.Equal(s.tun.subnet[:8], bs[8:16]): // source
	default:
		isCGA = false
	}
	// Check destiantion addresses
	switch {
	case v6 && bs[24] == 0x02 && bytes.Equal(s.addr[:16], bs[24:40]): // destination
	case v6 && bs[24] == 0x03 && bytes.Equal(s.snet[:8], bs[24:32]): // destination
	default:
		isCGA = false
	}
	// Decide how to handle the packet
	var skip bool
	switch {
	case isCGA: // Allowed
	case s.tun.ckr.isEnabled() && (v4 || v6):
		var srcAddr address.Address
		var dstAddr address.Address
		var addrlen int
		if v4 {
			copy(srcAddr[:], bs[12:16])
			copy(dstAddr[:], bs[16:20])
			addrlen = 4
		}
		if v6 {
			copy(srcAddr[:], bs[8:24])
			copy(dstAddr[:], bs[24:40])
			addrlen = 16
		}
		if !s.tun.ckr.isValidLocalAddress(srcAddr, addrlen) {
			// The source address isn't in our CKR allowed range
			skip = true
		} else if key, err := s.tun.ckr.getPublicKeyForAddress(dstAddr, addrlen); err == nil {
			dstNodeID := crypto.GetNodeID(&key)
			if s.conn.RemoteAddr() == *dstNodeID {
				// This is the one allowed CKR case, where source and destination addresses are both good
			} else {
				// The CKR key associated with this address doesn't match the sender's NodeID
				skip = true
			}
		} else {
			// We have no CKR route for this destination address... why do we have the packet in the first place?
			skip = true
		}
	default:
		skip = true
	}
	if skip {
		err = errors.New("address not allowed")
		util.PutBytes(bs)
		return
	}
	msg := yggdrasil.FlowKeyMessage{
		FlowKey: util.GetFlowKey(bs),
		Message: bs,
	}
	s.conn.WriteFrom(s, msg, func(err error) {
		if err == nil {
			// No point in wasting resources to send back an error if there was none
			return
		}
		s.Act(s.conn, func() {
			if e, eok := err.(yggdrasil.ConnError); !eok {
				if e.Closed() {
					s.tun.log.Debugln(s.conn.String(), "TUN/TAP generic write debug:", err)
				} else {
					s.tun.log.Errorln(s.conn.String(), "TUN/TAP generic write error:", err)
				}
			} else if e.PacketTooBig() {
				// TODO: This currently isn't aware of IPv4 for CKR
				ptb := &icmp.PacketTooBig{
					MTU:  int(e.PacketMaximumSize()),
					Data: bs[:900],
				}
				if packet, err := CreateICMPv6(bs[8:24], bs[24:40], ipv6.ICMPTypePacketTooBig, 0, ptb); err == nil {
					s.tun.writer.writeFrom(s, packet)
				}
			} else {
				if e.Closed() {
					s.tun.log.Debugln(s.conn.String(), "TUN/TAP conn write debug:", err)
				} else {
					s.tun.log.Errorln(s.conn.String(), "TUN/TAP conn write error:", err)
				}
			}
		})
	})
	s.stillAlive()
	return
}

func (s *tunConn) stillAlive() {
	if s.alive != nil {
		s.alive.Stop()
	}
	s.alive = time.AfterFunc(tunConnTimeout, s.close)
}
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`package tuntap`

			`import (`
Strict checking of Yggdrasil source/destination addresses 2019-08-20 11:38:27 +03:00			`"bytes"`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`"errors"`
have the tunConn close things after a 2 minute timeout 2019-05-29 02:35:52 +03:00			`"time"`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00
start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`"github.com/Arceliar/phony"`
don't spam searches for unused connections. todo: timeout old connections somehow 2019-05-24 04:27:52 +03:00			`"github.com/yggdrasil-network/yggdrasil-go/src/address"`
move ckr checks into the tunConn code 2019-08-21 02:10:08 +03:00			`"github.com/yggdrasil-network/yggdrasil-go/src/crypto"`
fix some races and GetBytes/PutBytes usage, but this still seems to deadlock somewhere in iperf tests 2019-05-03 01:37:49 +03:00			`"github.com/yggdrasil-network/yggdrasil-go/src/util"`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`"github.com/yggdrasil-network/yggdrasil-go/src/yggdrasil"`
Re-add ICMPv6 packet too big handling 2019-05-29 22:16:17 +03:00			`"golang.org/x/net/icmp"`
			`"golang.org/x/net/ipv6"`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`)`

Try to fix TUN/TAP conn reader leakage 2019-07-17 12:12:10 +03:00			`const tunConnTimeout = 2 * time.Minute`

Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`type tunConn struct {`
upgrade phony dependency and switch to its new interface 2019-08-25 18:36:09 +03:00			`phony.Inbox`
have the tunConn close things after a 2 minute timeout 2019-05-29 02:35:52 +03:00			`tun *TunAdapter`
			`conn *yggdrasil.Conn`
			`addr address.Address`
			`snet address.Subnet`
			`stop chan struct{}`
a couple race fixes and use timer.AfterFunc instead of sleeping goroutines or ticker in a few places 2019-08-26 01:00:02 +03:00			`alive *time.Timer // From calling time.AfterFunc`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`}`

			`func (s *tunConn) close() {`
update to latest phony, adjust interface use accordingly 2019-08-28 03:43:54 +03:00			`s.tun.Act(s, s._close_from_tun)`
don't spam searches for unused connections. todo: timeout old connections somehow 2019-05-24 04:27:52 +03:00			`}`

more TunAdapter migration 2019-08-26 02:53:11 +03:00			`func (s *tunConn) _close_from_tun() {`
fix deadlock from use of phony.Block by actors when ckr is enabled 2019-10-04 02:44:47 +03:00			`go s.conn.Close() // Just in case it blocks on actor operations`
don't spam searches for unused connections. todo: timeout old connections somehow 2019-05-24 04:27:52 +03:00			`delete(s.tun.addrToConn, s.addr)`
			`delete(s.tun.subnetToConn, s.snet)`
have the tunConn close things after a 2 minute timeout 2019-05-29 02:35:52 +03:00			`func() {`
			`defer func() { recover() }()`
			`close(s.stop) // Closes reader/writer goroutines`
			`}()`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`}`

start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`func (s *tunConn) _read(bs []byte) (err error) {`
			`select {`
			`case <-s.stop:`
			`err = errors.New("session was already closed")`
			`util.PutBytes(bs)`
			`return`
			`default:`
			`}`
			`if len(bs) == 0 {`
			`err = errors.New("read packet with 0 size")`
			`util.PutBytes(bs)`
			`return`
			`}`
			`ipv4 := len(bs) > 20 && bs[0]&0xf0 == 0x40`
			`ipv6 := len(bs) > 40 && bs[0]&0xf0 == 0x60`
			`isCGA := true`
			`// Check source addresses`
			`switch {`
			`case ipv6 && bs[8] == 0x02 && bytes.Equal(s.addr[:16], bs[8:24]): // source`
			`case ipv6 && bs[8] == 0x03 && bytes.Equal(s.snet[:8], bs[8:16]): // source`
			`default:`
			`isCGA = false`
			`}`
			`// Check destiantion addresses`
			`switch {`
			`case ipv6 && bs[24] == 0x02 && bytes.Equal(s.tun.addr[:16], bs[24:40]): // destination`
			`case ipv6 && bs[24] == 0x03 && bytes.Equal(s.tun.subnet[:8], bs[24:32]): // destination`
			`default:`
			`isCGA = false`
			`}`
			`// Decide how to handle the packet`
			`var skip bool`
			`switch {`
			`case isCGA: // Allowed`
			`case s.tun.ckr.isEnabled() && (ipv4 \|\| ipv6):`
			`var srcAddr address.Address`
			`var dstAddr address.Address`
			`var addrlen int`
			`if ipv4 {`
			`copy(srcAddr[:], bs[12:16])`
			`copy(dstAddr[:], bs[16:20])`
			`addrlen = 4`
			`}`
			`if ipv6 {`
			`copy(srcAddr[:], bs[8:24])`
			`copy(dstAddr[:], bs[24:40])`
			`addrlen = 16`
			`}`
			`if !s.tun.ckr.isValidLocalAddress(dstAddr, addrlen) {`
			`// The destination address isn't in our CKR allowed range`
			`skip = true`
			`} else if key, err := s.tun.ckr.getPublicKeyForAddress(srcAddr, addrlen); err == nil {`
			`srcNodeID := crypto.GetNodeID(&key)`
			`if s.conn.RemoteAddr() == *srcNodeID {`
			`// This is the one allowed CKR case, where source and destination addresses are both good`
			`} else {`
			`// The CKR key associated with this address doesn't match the sender's NodeID`
			`skip = true`
			`}`
			`} else {`
			`// We have no CKR route for this source address`
			`skip = true`
			`}`
			`default:`
			`skip = true`
			`}`
			`if skip {`
			`err = errors.New("address not allowed")`
			`util.PutBytes(bs)`
			`return`
			`}`
start migrating the TunAdapter to the actor model 2019-08-26 02:08:43 +03:00			`s.tun.writer.writeFrom(s, bs)`
start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`s.stillAlive()`
			`return`
			`}`

more TunAdapter migration 2019-08-26 02:53:11 +03:00			`func (s *tunConn) writeFrom(from phony.Actor, bs []byte) {`
update to latest phony, adjust interface use accordingly 2019-08-28 03:43:54 +03:00			`s.Act(from, func() {`
more TunAdapter migration 2019-08-26 02:53:11 +03:00			`s._write(bs)`
			`})`
			`}`

start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`func (s *tunConn) _write(bs []byte) (err error) {`
			`select {`
			`case <-s.stop:`
			`err = errors.New("session was already closed")`
			`util.PutBytes(bs)`
			`return`
			`default:`
			`}`
			`v4 := len(bs) > 20 && bs[0]&0xf0 == 0x40`
			`v6 := len(bs) > 40 && bs[0]&0xf0 == 0x60`
			`isCGA := true`
			`// Check source addresses`
			`switch {`
			`case v6 && bs[8] == 0x02 && bytes.Equal(s.tun.addr[:16], bs[8:24]): // source`
			`case v6 && bs[8] == 0x03 && bytes.Equal(s.tun.subnet[:8], bs[8:16]): // source`
			`default:`
			`isCGA = false`
			`}`
			`// Check destiantion addresses`
			`switch {`
			`case v6 && bs[24] == 0x02 && bytes.Equal(s.addr[:16], bs[24:40]): // destination`
			`case v6 && bs[24] == 0x03 && bytes.Equal(s.snet[:8], bs[24:32]): // destination`
			`default:`
			`isCGA = false`
			`}`
			`// Decide how to handle the packet`
			`var skip bool`
			`switch {`
			`case isCGA: // Allowed`
			`case s.tun.ckr.isEnabled() && (v4 \|\| v6):`
			`var srcAddr address.Address`
			`var dstAddr address.Address`
			`var addrlen int`
			`if v4 {`
			`copy(srcAddr[:], bs[12:16])`
			`copy(dstAddr[:], bs[16:20])`
			`addrlen = 4`
			`}`
			`if v6 {`
			`copy(srcAddr[:], bs[8:24])`
			`copy(dstAddr[:], bs[24:40])`
			`addrlen = 16`
			`}`
			`if !s.tun.ckr.isValidLocalAddress(srcAddr, addrlen) {`
			`// The source address isn't in our CKR allowed range`
			`skip = true`
			`} else if key, err := s.tun.ckr.getPublicKeyForAddress(dstAddr, addrlen); err == nil {`
			`dstNodeID := crypto.GetNodeID(&key)`
			`if s.conn.RemoteAddr() == *dstNodeID {`
			`// This is the one allowed CKR case, where source and destination addresses are both good`
			`} else {`
			`// The CKR key associated with this address doesn't match the sender's NodeID`
			`skip = true`
			`}`
			`} else {`
			`// We have no CKR route for this destination address... why do we have the packet in the first place?`
			`skip = true`
			`}`
			`default:`
			`skip = true`
			`}`
			`if skip {`
			`err = errors.New("address not allowed")`
			`util.PutBytes(bs)`
			`return`
			`}`
			`msg := yggdrasil.FlowKeyMessage{`
			`FlowKey: util.GetFlowKey(bs),`
			`Message: bs,`
			`}`
			`s.conn.WriteFrom(s, msg, func(err error) {`
			`if err == nil {`
			`// No point in wasting resources to send back an error if there was none`
			`return`
			`}`
update to latest phony, adjust interface use accordingly 2019-08-28 03:43:54 +03:00			`s.Act(s.conn, func() {`
start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`if e, eok := err.(yggdrasil.ConnError); !eok {`
			`if e.Closed() {`
			`s.tun.log.Debugln(s.conn.String(), "TUN/TAP generic write debug:", err)`
			`} else {`
			`s.tun.log.Errorln(s.conn.String(), "TUN/TAP generic write error:", err)`
			`}`
			`} else if e.PacketTooBig() {`
			`// TODO: This currently isn't aware of IPv4 for CKR`
			`ptb := &icmp.PacketTooBig{`
			`MTU: int(e.PacketMaximumSize()),`
			`Data: bs[:900],`
			`}`
			`if packet, err := CreateICMPv6(bs[8:24], bs[24:40], ipv6.ICMPTypePacketTooBig, 0, ptb); err == nil {`
start migrating the TunAdapter to the actor model 2019-08-26 02:08:43 +03:00			`s.tun.writer.writeFrom(s, packet)`
start migrating tunConn to the actor model 2019-08-24 19:38:47 +03:00			`}`
			`} else {`
			`if e.Closed() {`
			`s.tun.log.Debugln(s.conn.String(), "TUN/TAP conn write debug:", err)`
			`} else {`
			`s.tun.log.Errorln(s.conn.String(), "TUN/TAP conn write error:", err)`
			`}`
			`}`
			`})`
			`})`
			`s.stillAlive()`
			`return`
			`}`

Revert "Remove stillAlive code from TUN/TAP conn as it is no longer required with the new deadlines" This reverts commit eec70bf2f22028a1cae5fe60f8a89dfbb84bc1b0. 2019-07-17 21:43:29 +03:00			`func (s *tunConn) stillAlive() {`
a couple race fixes and use timer.AfterFunc instead of sleeping goroutines or ticker in a few places 2019-08-26 01:00:02 +03:00			`if s.alive != nil {`
			`s.alive.Stop()`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`}`
a couple race fixes and use timer.AfterFunc instead of sleeping goroutines or ticker in a few places 2019-08-26 01:00:02 +03:00			`s.alive = time.AfterFunc(tunConnTimeout, s.close)`
Try using separate workers for each TUN/TAP connection (sometimes produces duplicate packets when communicating with both the node address and a subnet address, sometimes also can't Ctrl-C to quit) 2019-04-28 19:14:09 +03:00			`}`