all ngd CLI config options working

11 months ago · 5453b661be
parent 83d691d591
commit 5453b661be
9 changed files with 689 additions and 189 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2,6 +2,16 @@
 # It is not intended for manual editing.
 version = 3

+[[package]]
+name = "addr"
+version = "0.15.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a93b8a41dbe230ad5087cc721f8d41611de654542180586b315d9f4cf6b72bef"
+dependencies = [
+ "psl",
+ "psl-types",
+]
+
 [[package]]
 name = "adler"
 version = "1.0.2"
@ -2752,6 +2762,7 @@ dependencies = [
 name = "ngd"
 version = "0.1.0"
 dependencies = [
+ "addr",
 "async-std",
 "base64-url",
 "clap",
@ -3451,6 +3462,21 @@ dependencies = [
 "unicode-ident",
 ]

+[[package]]
+name = "psl"
+version = "2.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4a1be0afcd844b15cfce18bf8cccf2dfa887a00a6454a9ea135f122b948cee91"
+dependencies = [
+ "psl-types",
+]
+
+[[package]]
+name = "psl-types"
+version = "2.0.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "33cb294fe86a74cbcf50d4445b37da762029549ebeea341421c7c70370f86cac"
+
 [[package]]
 name = "qoi"
 version = "0.4.1"
--- a/ngd/Cargo.toml
+++ b/ngd/Cargo.toml
@ -18,9 +18,10 @@ async-std = {  version = "1.12.0", features = ["attributes"] }
 default-net = "0.15"
 log = "0.4"
 env_logger = "0.10"
-clap = { version = "4.3.4", features = ["derive","env"] }
+clap = { version = "4.3.4", features = ["derive","env","string"] }
 base64-url = "2.0.0"
 slice_as_array = "1.1.0"
 serde_json = "1.0"
 regex = "1.8.4"
-lazy_static = "1.4.0"
+lazy_static = "1.4.0"
+addr = "0.15.6"
--- a/ngd/src/cli.rs
+++ b/ngd/src/cli.rs
@ -7,9 +7,10 @@
 // notice may not be copied, modified, or distributed except
 // according to those terms.

+use clap::builder::OsStr;
 use clap::Parser;

-use p2p_net::WS_PORT;
+use crate::DEFAULT_PORT;

 #[derive(Parser, Debug)]
 #[command(author, version, about, long_about = None)]
@ -35,14 +36,14 @@ pub(crate) struct Cli {
    pub save_key: bool,

    /// Quick config to listen for clients on localhost port PORT. Defaults to port 80
-    #[arg(short, long, value_name("PORT"), default_missing_value("80"), num_args(0..=1))]
+    #[arg(short, long, value_name("PORT"), default_missing_value(format!("{}",DEFAULT_PORT)), num_args(0..=1))]
    pub local: Option<u16>,

    /// Quick config to listen for core brokers on public INTERFACE (and optional :PORT). Defaults to first public interface on the host, port 80
    #[arg(short, long, value_name("INTERFACE:PORT"), default_missing_value("default"), num_args(0..=1))]
    pub core: Option<String>,

-    /// Quick config to forward all requests to another BROKER. format is "DOMAIN/IP[:PORT]@PEERID"
+    /// Quick config to forward all requests to another BROKER. format is "[DOMAIN/IP:PORT]@PEERID". An IPv6 should be encased in square brackets [IPv6] and the whole option should be between double quotes. Port defaults to 80 for IPs and 443 for domains
    #[arg(
        short,
        long,
@ -57,22 +58,32 @@ pub(crate) struct Cli {
    #[arg(short, long, value_name("INTERFACE:PORT"), default_missing_value("default"), num_args(0..=1))]
    pub private: Option<String>,

-    /// Quick config to listen for clients and core brokers on PRIVATE_INTERFACE, behind a DMZ or port forwarding of a public static IP. PORTs defaults to 80
+    /// Quick config to listen for clients and core brokers on PRIVATE_INTERFACE (can be "default"), behind a DMZ or port forwarding of a public static IP. PUBLIC_IPV6 is optional. PORTs defaults to 80.
    #[arg(
-        short('g'),
+        short('u'),
        long,
-        value_name("PRIVATE_INTERFACE:PORT,[PUBLIC_IPV6,]PUBLIC_IPV4:PORT")
+        value_name("PRIVATE_INTERFACE:PORT,[PUBLIC_IPV6,]PUBLIC_IPV4:PORT"),
+        conflicts_with("core")
    )]
    pub public: Option<String>,

    /// Quick config to listen for clients and core brokers on PRIVATE_INTERFACE, behind a DMZ or port forwarding of a public dynamic IP. PORTs defaults to 80
-    #[arg(short('n'), long, value_name("PRIVATE_INTERFACE:PORT,PORT"), default_missing_value("default"), num_args(0..=1))]
+    #[arg(short('y'), long, value_name("PRIVATE_INTERFACE:PORT,PUBLIC_PORT"), default_missing_value("default"), num_args(0..=1), conflicts_with("public"), conflicts_with("core"))]
    pub dynamic: Option<String>,

-    /// Quick config to listen for clients on localhost port PORT, behind a reverse proxy that sends X-Forwarded-For for a TLS terminated DOMAIN name
-    #[arg(short, long, value_name("DOMAIN:PORT"))]
+    /// Quick config to listen for clients on localhost interface with port LOCAL_PORT (defaults to 1440), behind a reverse proxy that sends X-Forwarded-For for a TLS terminated DOMAIN name
+    #[arg(short, long, value_name("DOMAIN:PORT,LOCAL_PORT"))]
    pub domain: Option<String>,

+    /// Quick config to listen for clients on private INTERFACE:PORT (defaults to first private interface and/or port 1440), behind a reverse proxy that sends X-Forwarded-For for a TLS terminated DOMAIN name. Domain Port defaults to 443
+    #[arg(
+        short('x'),
+        long,
+        value_name("DOMAIN:PORT,INTERFACE:PORT"),
+        conflicts_with("domain")
+    )]
+    pub domain_private: Option<String>,
+
    /// Option for --domain if this host is part of a pool of load-balanced servers behind a reverse proxy, and the same PeerId should be shared among them all
    #[arg(short('e'), long, value_name("PEER_KEY"))]
    pub domain_peer: Option<String>,
@ -84,4 +95,10 @@ pub(crate) struct Cli {
    /// Saves the quick config into a file on disk, that can then be modified for advanced configs
    #[arg(long)]
    pub save_config: bool,
+
+    /// Prints on stdout the Quick config submitted on command-line, or alternatively, the config already saved on disk
+    #[arg(long)]
+    pub print_config: bool,
+    //TODO: to switch lang of error messages and CLI interface
+    // pub lang: Option<String>,
 }
--- a/ngd/src/main.rs
+++ b/ngd/src/main.rs
--- a/ngd/src/types.rs
+++ b/ngd/src/types.rs
@ -17,7 +17,7 @@ pub struct DaemonConfigV0 {
    /// List of listeners for TCP (HTTP) incoming connections
    pub listeners: Vec<ListenerV0>,

-    pub overlays_config: BrokerOverlayConfigV0,
+    pub overlays_configs: Vec<BrokerOverlayConfigV0>,
 }

 /// Daemon config
--- a/p2p-broker/src/server_ws.rs
+++ b/p2p-broker/src/server_ws.rs
@ -89,7 +89,7 @@ pub async fn run_server(
    peer_priv_key: Sensitive<[u8; 32]>,
    peer_pub_key: PubKey,
    mut path: PathBuf,
-) -> std::io::Result<()> {
+) -> Result<(), ()> {
    let addrs = format!("{}:{}", addr, port);
    //let root = tempfile::Builder::new().prefix("ngd").tempdir().unwrap();

@ -106,7 +106,9 @@ pub async fn run_server(
    //     BrokerServer::new(store, ConfigMode::Local).expect("starting broker");
    // let server_arc = Arc::new(server);

-    let socket = TcpListener::bind(addrs.as_str()).await?;
+    let socket = TcpListener::bind(addrs.as_str())
+        .await
+        .map_err(|e| log_err!("bind error: {}", e.to_string()))?;
    log_debug!("Listening on {}", addrs.as_str());
    let mut connections = socket.incoming();

--- a/p2p-net/src/lib.rs
+++ b/p2p-net/src/lib.rs
@ -29,4 +29,14 @@ pub mod utils;

 pub mod tests;

-pub static WS_PORT: u16 = 1025;
+#[cfg(debug_assertions)]
+pub static WS_PORT: u16 = 14400;
+
+#[cfg(not(debug_assertions))]
+pub static WS_PORT: u16 = 80;
+
+pub static WS_PORT_ALTERNATE: [u16; 4] = [14400, 28800, 43200, 57600];
+
+pub static WS_PORT_ALTERNATE_SUPERUSER: u16 = 144;
+
+pub static WS_PORT_REVERSE_PROXY: u16 = 1440;
--- a/p2p-net/src/utils.rs
+++ b/p2p-net/src/utils.rs
@ -95,3 +95,98 @@ impl Dual25519Keys {
        }
    }
 }
+use std::net::{Ipv4Addr, Ipv6Addr};
+
+#[must_use]
+#[inline]
+pub const fn is_ipv4_shared(addr: &Ipv4Addr) -> bool {
+    addr.octets()[0] == 100 && (addr.octets()[1] & 0b1100_0000 == 0b0100_0000)
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv4_benchmarking(addr: &Ipv4Addr) -> bool {
+    addr.octets()[0] == 198 && (addr.octets()[1] & 0xfe) == 18
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv4_reserved(addr: &Ipv4Addr) -> bool {
+    addr.octets()[0] & 240 == 240 && !addr.is_broadcast()
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv4_private(addr: &Ipv4Addr) -> bool {
+    addr.is_private() || addr.is_link_local()
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv4_global(addr: &Ipv4Addr) -> bool {
+    !(addr.octets()[0] == 0 // "This network"
+            || addr.is_private()
+            || is_ipv4_shared(addr)
+            || addr.is_loopback()
+            || addr.is_link_local()
+            // addresses reserved for future protocols (`192.0.0.0/24`)
+            ||(addr.octets()[0] == 192 && addr.octets()[1] == 0 && addr.octets()[2] == 0)
+            || addr.is_documentation()
+            || is_ipv4_benchmarking(addr)
+            || is_ipv4_reserved(addr)
+            || addr.is_broadcast())
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv6_unique_local(addr: &Ipv6Addr) -> bool {
+    (addr.segments()[0] & 0xfe00) == 0xfc00
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv6_unicast_link_local(addr: &Ipv6Addr) -> bool {
+    (addr.segments()[0] & 0xffc0) == 0xfe80
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv6_documentation(addr: &Ipv6Addr) -> bool {
+    (addr.segments()[0] == 0x2001) && (addr.segments()[1] == 0xdb8)
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv6_private(addr: &Ipv6Addr) -> bool {
+    is_ipv6_unique_local(addr)
+}
+
+#[must_use]
+#[inline]
+pub const fn is_ipv6_global(addr: &Ipv6Addr) -> bool {
+    !(addr.is_unspecified()
+        || addr.is_loopback()
+        // IPv4-mapped Address (`::ffff:0:0/96`)
+        || matches!(addr.segments(), [0, 0, 0, 0, 0, 0xffff, _, _])
+        // IPv4-IPv6 Translat. (`64:ff9b:1::/48`)
+        || matches!(addr.segments(), [0x64, 0xff9b, 1, _, _, _, _, _])
+        // Discard-Only Address Block (`100::/64`)
+        || matches!(addr.segments(), [0x100, 0, 0, 0, _, _, _, _])
+        // IETF Protocol Assignments (`2001::/23`)
+        || (matches!(addr.segments(), [0x2001, b, _, _, _, _, _, _] if b < 0x200)
+            && !(
+                // Port Control Protocol Anycast (`2001:1::1`)
+                u128::from_be_bytes(addr.octets()) == 0x2001_0001_0000_0000_0000_0000_0000_0001
+                // Traversal Using Relays around NAT Anycast (`2001:1::2`)
+                || u128::from_be_bytes(addr.octets()) == 0x2001_0001_0000_0000_0000_0000_0000_0002
+                // AMT (`2001:3::/32`)
+                || matches!(addr.segments(), [0x2001, 3, _, _, _, _, _, _])
+                // AS112-v6 (`2001:4:112::/48`)
+                || matches!(addr.segments(), [0x2001, 4, 0x112, _, _, _, _, _])
+                // ORCHIDv2 (`2001:20::/28`)
+                || matches!(addr.segments(), [0x2001, b, _, _, _, _, _, _] if b >= 0x20 && b <= 0x2F)
+            ))
+        || is_ipv6_documentation(addr)
+        || is_ipv6_unique_local(addr)
+        || is_ipv6_unicast_link_local(addr))
+}
--- a/p2p-repo/src/types.rs
+++ b/p2p-repo/src/types.rs
@ -83,7 +83,7 @@ impl PubKey {
 impl fmt::Display for PubKey {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
-            PubKey::Ed25519PubKey(d) => write!(f, "{}", hex::encode(d)),
+            PubKey::Ed25519PubKey(d) => write!(f, "{}", base64_url::encode(d)),
        }
    }
 }