tomato/toxcore/ping.c

/* SPDX-License-Identifier: GPL-3.0-or-later
 * Copyright © 2016-2018 The TokTok team.
 * Copyright © 2013 Tox project.
 * Copyright © 2013 plutooo
 */

/**
 * Buffered pinging using cyclic arrays.
 */
#include "ping.h"

#include <string.h>

#include "DHT.h"
#include "attributes.h"
#include "ccompat.h"
#include "crypto_core.h"
#include "mem.h"
#include "mono_time.h"
#include "network.h"
#include "ping_array.h"

#define PING_NUM_MAX 512

/** Maximum newly announced nodes to ping per TIME_TO_PING seconds. */
#define MAX_TO_PING 32

/** Ping newly announced nodes to ping per TIME_TO_PING seconds*/
#define TIME_TO_PING 2

struct Ping {
    const Mono_Time *mono_time;
    const Random *rng;
    DHT *dht;

    Ping_Array  *ping_array;
    Node_format to_ping[MAX_TO_PING];
    uint64_t    last_to_ping;
};

#define PING_PLAIN_SIZE (1 + sizeof(uint64_t))
#define DHT_PING_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + PING_PLAIN_SIZE + CRYPTO_MAC_SIZE)
#define PING_DATA_SIZE (CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port))

void ping_send_request(Ping *ping, const IP_Port *ipp, const uint8_t *public_key)
{
    uint8_t   pk[DHT_PING_SIZE];
    int       rc;
    uint64_t  ping_id;

    if (pk_equal(public_key, dht_get_self_public_key(ping->dht))) {
        return;
    }

    // generate key to encrypt ping_id with recipient privkey
    const uint8_t *shared_key = dht_get_shared_key_sent(ping->dht, public_key);
    // Generate random ping_id.
    uint8_t data[PING_DATA_SIZE];
    pk_copy(data, public_key);
    memcpy(data + CRYPTO_PUBLIC_KEY_SIZE, ipp, sizeof(IP_Port));
    ping_id = ping_array_add(ping->ping_array, ping->mono_time, ping->rng, data, sizeof(data));

    if (ping_id == 0) {
        return;
    }

    uint8_t ping_plain[PING_PLAIN_SIZE];
    ping_plain[0] = NET_PACKET_PING_REQUEST;
    memcpy(ping_plain + 1, &ping_id, sizeof(ping_id));

    pk[0] = NET_PACKET_PING_REQUEST;
    pk_copy(pk + 1, dht_get_self_public_key(ping->dht));     // Our pubkey
    random_nonce(ping->rng, pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce

    rc = encrypt_data_symmetric(shared_key,
                                pk + 1 + CRYPTO_PUBLIC_KEY_SIZE,
                                ping_plain, sizeof(ping_plain),
                                pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);

    if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) {
        return;
    }

    // We never check this return value and failures in sendpacket are already logged
    sendpacket(dht_get_net(ping->dht), ipp, pk, sizeof(pk));
}

non_null()
static int ping_send_response(const Ping *ping, const IP_Port *ipp, const uint8_t *public_key,
                              uint64_t ping_id, const uint8_t *shared_encryption_key)
{
    uint8_t pk[DHT_PING_SIZE];

    if (pk_equal(public_key, dht_get_self_public_key(ping->dht))) {
        return 1;
    }

    uint8_t ping_plain[PING_PLAIN_SIZE];
    ping_plain[0] = NET_PACKET_PING_RESPONSE;
    memcpy(ping_plain + 1, &ping_id, sizeof(ping_id));

    pk[0] = NET_PACKET_PING_RESPONSE;
    pk_copy(pk + 1, dht_get_self_public_key(ping->dht));     // Our pubkey
    random_nonce(ping->rng, pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce

    // Encrypt ping_id using recipient privkey
    const int rc = encrypt_data_symmetric(shared_encryption_key,
                                          pk + 1 + CRYPTO_PUBLIC_KEY_SIZE,
                                          ping_plain, sizeof(ping_plain),
                                          pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);

    if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) {
        return 1;
    }

    return sendpacket(dht_get_net(ping->dht), ipp, pk, sizeof(pk));
}

non_null()
static int handle_ping_request(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
                               void *userdata)
{
    DHT *dht = (DHT *)object;

    if (length != DHT_PING_SIZE) {
        return 1;
    }

    Ping *ping = dht_get_ping(dht);

    if (pk_equal(packet + 1, dht_get_self_public_key(ping->dht))) {
        return 1;
    }

    const uint8_t *shared_key = dht_get_shared_key_recv(dht, packet + 1);

    uint8_t ping_plain[PING_PLAIN_SIZE];

    // Decrypt ping_id
    const int rc = decrypt_data_symmetric(shared_key,
                                          packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
                                          packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
                                          PING_PLAIN_SIZE + CRYPTO_MAC_SIZE,
                                          ping_plain);

    if (rc != sizeof(ping_plain)) {
        return 1;
    }

    if (ping_plain[0] != NET_PACKET_PING_REQUEST) {
        return 1;
    }

    uint64_t ping_id;
    memcpy(&ping_id, ping_plain + 1, sizeof(ping_id));
    // Send response
    ping_send_response(ping, source, packet + 1, ping_id, shared_key);
    ping_add(ping, packet + 1, source);

    return 0;
}

non_null()
static int handle_ping_response(void *object, const IP_Port *source, const uint8_t *packet, uint16_t length,
                                void *userdata)
{
    DHT      *dht = (DHT *)object;
    int       rc;

    if (length != DHT_PING_SIZE) {
        return 1;
    }

    Ping *ping = dht_get_ping(dht);

    if (pk_equal(packet + 1, dht_get_self_public_key(ping->dht))) {
        return 1;
    }

    // generate key to encrypt ping_id with recipient privkey
    const uint8_t *shared_key = dht_get_shared_key_sent(ping->dht, packet + 1);

    uint8_t ping_plain[PING_PLAIN_SIZE];
    // Decrypt ping_id
    rc = decrypt_data_symmetric(shared_key,
                                packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
                                packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
                                PING_PLAIN_SIZE + CRYPTO_MAC_SIZE,
                                ping_plain);

    if (rc != sizeof(ping_plain)) {
        return 1;
    }

    if (ping_plain[0] != NET_PACKET_PING_RESPONSE) {
        return 1;
    }

    uint64_t   ping_id;
    memcpy(&ping_id, ping_plain + 1, sizeof(ping_id));
    uint8_t data[PING_DATA_SIZE];

    if (ping_array_check(ping->ping_array, ping->mono_time, data, sizeof(data), ping_id) != sizeof(data)) {
        return 1;
    }

    if (!pk_equal(packet + 1, data)) {
        return 1;
    }

    IP_Port ipp;
    memcpy(&ipp, data + CRYPTO_PUBLIC_KEY_SIZE, sizeof(IP_Port));

    if (!ipport_equal(&ipp, source)) {
        return 1;
    }

    addto_lists(dht, source, packet + 1);
    return 0;
}

/** @brief Check if public_key with ip_port is in the list.
 *
 * return true if it is.
 * return false if it isn't.
 */
non_null()
static bool in_list(const Client_data *list, uint16_t length, const Mono_Time *mono_time, const uint8_t *public_key,
                    const IP_Port *ip_port)
{
    for (unsigned int i = 0; i < length; ++i) {
        if (pk_equal(list[i].public_key, public_key)) {
            const IPPTsPng *ipptp;

            if (net_family_is_ipv4(ip_port->ip.family)) {
                ipptp = &list[i].assoc4;
            } else {
                ipptp = &list[i].assoc6;
            }

            if (!mono_time_is_timeout(mono_time, ipptp->timestamp, BAD_NODE_TIMEOUT)
                    && ipport_equal(&ipptp->ip_port, ip_port)) {
                return true;
            }
        }
    }

    return false;
}

/** @brief Add nodes to the to_ping list.
 * All nodes in this list are pinged every TIME_TO_PING seconds
 * and are then removed from the list.
 * If the list is full the nodes farthest from our public_key are replaced.
 * The purpose of this list is to enable quick integration of new nodes into the
 * network while preventing amplification attacks.
 *
 * @retval 0 if node was added.
 * @retval -1 if node was not added.
 */
int32_t ping_add(Ping *ping, const uint8_t *public_key, const IP_Port *ip_port)
{
    if (!ip_isset(&ip_port->ip)) {
        return -1;
    }

    if (!node_addable_to_close_list(ping->dht, public_key, ip_port)) {
        return -1;
    }

    if (in_list(dht_get_close_clientlist(ping->dht), LCLIENT_LIST, ping->mono_time, public_key, ip_port)) {
        return -1;
    }

    IP_Port temp;

    if (dht_getfriendip(ping->dht, public_key, &temp) == 0) {
        ping_send_request(ping, ip_port, public_key);
        return -1;
    }

    for (unsigned int i = 0; i < MAX_TO_PING; ++i) {
        if (!ip_isset(&ping->to_ping[i].ip_port.ip)) {
            memcpy(ping->to_ping[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
            ipport_copy(&ping->to_ping[i].ip_port, ip_port);
            return 0;
        }

        if (pk_equal(ping->to_ping[i].public_key, public_key)) {
            return -1;
        }
    }

    if (add_to_list(ping->to_ping, MAX_TO_PING, public_key, ip_port, dht_get_self_public_key(ping->dht))) {
        return 0;
    }

    return -1;
}

/** @brief Ping all the valid nodes in the to_ping list every TIME_TO_PING seconds.
 * This function must be run at least once every TIME_TO_PING seconds.
 */
void ping_iterate(Ping *ping)
{
    if (!mono_time_is_timeout(ping->mono_time, ping->last_to_ping, TIME_TO_PING)) {
        return;
    }

    if (!ip_isset(&ping->to_ping[0].ip_port.ip)) {
        return;
    }

    unsigned int i;

    for (i = 0; i < MAX_TO_PING; ++i) {
        if (!ip_isset(&ping->to_ping[i].ip_port.ip)) {
            break;
        }

        if (!node_addable_to_close_list(ping->dht, ping->to_ping[i].public_key, &ping->to_ping[i].ip_port)) {
            continue;
        }

        ping_send_request(ping, &ping->to_ping[i].ip_port, ping->to_ping[i].public_key);
        ip_reset(&ping->to_ping[i].ip_port.ip);
    }

    if (i != 0) {
        ping->last_to_ping = mono_time_get(ping->mono_time);
    }
}

Ping *ping_new(const Memory *mem, const Mono_Time *mono_time, const Random *rng, DHT *dht)
{
    Ping *ping = (Ping *)mem_alloc(mem, sizeof(Ping));

    if (ping == nullptr) {
        return nullptr;
    }

    ping->ping_array = ping_array_new(mem, PING_NUM_MAX, PING_TIMEOUT);

    if (ping->ping_array == nullptr) {
        mem_delete(mem, ping);
        return nullptr;
    }

    ping->mono_time = mono_time;
    ping->rng = rng;
    ping->dht = dht;
    networking_registerhandler(dht_get_net(ping->dht), NET_PACKET_PING_REQUEST, &handle_ping_request, dht);
    networking_registerhandler(dht_get_net(ping->dht), NET_PACKET_PING_RESPONSE, &handle_ping_response, dht);

    return ping;
}

void ping_kill(const Memory *mem, Ping *ping)
{
    if (ping == nullptr) {
        return;
    }

    networking_registerhandler(dht_get_net(ping->dht), NET_PACKET_PING_REQUEST, nullptr, nullptr);
    networking_registerhandler(dht_get_net(ping->dht), NET_PACKET_PING_RESPONSE, nullptr, nullptr);
    ping_array_kill(ping->ping_array);

    mem_delete(mem, ping);
}