15f0bb9e79
tcp-server: recover from accept errors ( #1179 )
...
* tcp-server: recover from accept errors
* log
* warn
* where
* retry
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-05-29 13:18:00 +01:00
2ff5f5a832
agent: add context to CMD error ( #1167 )
...
* agent: add context to CMD error
* tests, more warnings
* fix tests
* log TBQueue sizes
* log locks
* more logs
* log sendMessagesB
* fix test
* log length
* refactor
* remove logging
* revert lock scope change
* cleanup
* add string error to A_PROHIBITED
* remove
* remove test limitations
* language
2024-05-24 14:13:01 +01:00
7a07076277
transport: require ALPN for extended handshakes ( #1134 )
...
* transport: require ALPN for extended handshakes
* fix 8.10 build
* rename
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-05-08 00:06:09 +01:00
e13b0df539
client: remove TLS handshake timeout ( #1129 )
...
* client: remove TLS handshake timeout
* remove comment
2024-05-05 17:05:51 +01:00
6f83273318
client: increase timeout for SOCKS connection, increase timeout for direct connection ( #1123 )
2024-05-02 15:14:01 +01:00
2347b82b47
adjust timeouts and delayed response errors ( #1112 )
2024-04-21 22:57:07 +01:00
b98fdb672d
transport: increase client timeouts, don't send command after timeout ( #1110 )
...
* transport: fix client handshake timeouts
* fix handshake timeout
* skip sending requests for timed out responses
* expose batch concurrency as PClient field
* move to NetworkConfig
* remove Request on timeout
* use record
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-04-20 18:17:48 +01:00
036b7523a5
xftp: matrix test for new versions ( #1093 )
...
* xftp: matrix test for new versions
* manual matrix
* more, faster
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-04-12 13:28:16 +01:00
91cf6841e0
http2: fix client setup ( #1090 )
...
* http2: cancel client action on setup timeout
* ignore incompatible server keys
2024-04-10 21:00:39 +01:00
4c20ff6d00
xftp: negotiate protocol with ALPN ( #1047 )
...
* xftp: negotiate protocol with ALPN
* add RFC
* add handshake implementation
* implement extended handshake
* enable authentication
* update rfc
* Apply suggestions from code review
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
* cleanup
* discard trailing data
* cleanup diff
* use find
* rename
* refactor
* add x509 tests
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-04-09 15:03:40 +01:00
6ded721daa
remove monad typeclasses to reduce overhead ( #1077 )
...
* remove monad typeclasses to reduce overhead
* remove unliftIO
* StrictData
* inline
* optional agent port
* avoid MonadUnliftIO instance (#1078 )
* avoid MonadUnliftIO instance
* simpler liftError'
* rename
* narrow down instance
* revert
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
* logServer
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com >
2024-03-31 20:50:35 +01:00
0d843ea4ce
Merge branch 'stable'
2024-02-21 20:33:06 +00:00
5c1519df7f
optimize: use IntMap ( #1005 )
2024-02-21 11:52:24 +00:00
416f1b1721
smp: command authorization ( #982 )
...
* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985 )
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb8711996+spaced4ndy@users.noreply.github.com >
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com >
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com >
2024-02-16 11:45:54 +00:00
15bc027f23
core: fix reconnection bugs ( #979 )
...
* core: fix reconnection bugs
* untangle newProtocolClient
* refactor
* report busy clientVar error
* log error
* comments
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com >
2024-02-01 10:55:50 +00:00
7f7a77c4eb
SMP protocol: optimize batching transactions, remove Builder ( #961 )
...
* remove Builder
* fewer chunks
* remove lazy bytestrings
* optimize
* pad
2024-01-14 20:42:47 +00:00
ca527b4d6c
use Builder for batching commands ( #953 )
...
* use Builder for batching commands
* refactor
* refactor
* increase timeout in test
* do not materialize builder
* use concat
* debug test
* debug2
* delays
* more delay, less worker delay
* remove logs
* reduce delay
* tests
* sized builder
* builder
* comment
* remove unsafe
* style
* remove fromIntegral
2024-01-08 22:54:27 +00:00
7eb7bd5e81
xftp-server: add inactiveClientExpiration ( #936 )
...
* xftp-server: add inactiveClientExpiration
* fix test config
* add test
* add xftpPing
* switch to PCEUnexpectedResponse
* remove watchdog when server quits
* rename, loop
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-12-27 20:31:19 +00:00
13a60d1d39
use ChaChaDRG as the source of randomness ( #920 )
...
* use ChaChaDRG as the source of randomness
* remove functions using entropy directly
* comment
2023-12-21 00:12:08 +00:00
7c27357eb2
server: stop inactive clients without subscriptions, additional monitoring via control port ( #901 )
...
* fix thread labelling points
* add subscription thread labels
* add explicit sections for sockets/sessions/disconnects
* adjust label threads wrt. next blocking op
* WIP: emit event on server finish
So the event log wouldn't be cut short giving
false impression of unterminated sessions.
* add handshake timeout
* hack server socket stats
* trace closeTLS exceptions
* fix build
* clean up disconnectTransport
* make disconnectTransport terminating
Thus, participating in racyAny_ around it.
* trach snd/rcv time separately, log clients as CSV
* add direct client counting/stats
* add csv dump for socket threads
* guard socket threads dump from older GHC
* cut socket thread listing into socket-threads command
* store client creation time for stats
* wrap tls setup in timeout and labels
* server: expire clients without subscriptions
* fix check for subscriptions
* remove excess tracing
* move hardcoded timeouts to configs
* cleanup
* fix tests
* wrap direct queue waits in timeout
* rewrite old TCP wrappers with their SocketState variants
* add testInactiveWithSubs
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-12-19 15:50:45 +00:00
c501f4f9cc
remote: fix deadlocked client when server rejects its cert ( #897 )
...
* remote: detect tls errors sooner to prevent deadlocks
* remove redundant error checking
* cleanup
2023-11-17 10:37:32 +00:00
1a8dfb4cbe
agent: xrcp implementation for connection via link (no multicast) ( #884 )
...
* WIP: start working on connection invites
startSession/OOB is broken now - the port isn't coming from the actualy assigned one.
* Add invite types
* clean old invite-related types
* apply renames
* Move SessionKeys from Invitation
* Stub host-side keys and handle
* move keys and handles to Types
* add Simplex.RemoteControl.Client
* more keys
* progress
* crypto for sessions
* progress to multicast
* multicast crypto
* add RC TLS server
* agent api for remote control
* WIP: tls client
* fix test
* update encoding to include nonce
* add TODO
* update
* Use network-info to find TransportHost
* request and submit tls client certificate
* WIP: add missing bits for testing RC client
* RCEncryptedHello encoding
* add block encoding
* refactor
* validate known host certificate
* remove some spaghetti
* functional API to host/ctrl clients
* refactor connectRCCtrl_
* refactor connectRCHost
* question
* add type
* fix RC session
* update doc
* update doc 2
* add block on confirmation
* remove unused parameter
* export CtrlSessKeys
* export
* fix parsing
* move test of xrcp handshake
* move KEM to HELLO step
* fix JSON
* type
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-11-07 13:05:18 +00:00
e9b5a849ab
update http2 to 4.2.2 ( #879 )
2023-11-01 10:57:19 +00:00
0410948b56
add runTransportWith ( #875 )
...
* Cut transport server to allow custom tcp servers
Allows socket inspection before wrapping up in a transport/prototocol.
* rename
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-10-27 14:40:53 +01:00
511d793b92
derive JSON instances with TH ( #869 )
...
* derive JSON instances with TH
* defaultJSON
* remove ToJSON
2023-10-26 09:20:30 +01:00
9d12d76078
add fourmolu ( #868 )
...
* add fourmolu
* linebreak
* simplify
* comment
2023-10-22 09:20:14 +01:00
decf25d7dc
refactor http2 file ( #864 )
...
* refactor http2 file
* move fileBlockSize to HTTP2.File
2023-10-19 10:25:21 +01:00
96a38505d6
add FromJSON instances ( #856 )
...
* Add FromJSON instances
* add missing FromJSON instances
* more JSON instances
* update comments
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-10-05 15:57:53 +01:00
753a6c7542
add X509 cert and TLS credentials generator ( #857 )
...
* Add X509 cert and TLS credentials generator
* Expand Crypto toolkit and rewrite tls credentials with it
* Exclude X keys from SignatureAlgorithmX509 and TLS.PrivKey
* Add helpers for DB marshalling and fingerprints
* Derive public key from private
* remove module name from selectors
* Remove StrEncoding (PrivateKey Ed25519)
* remove comment
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-10-03 13:43:21 +01:00
ec1b72cb80
Run HTTP2 sessions over existing TLS transport ( #852 )
...
* Split HTTP2 server and client setup
For attaching to an existing TLS session.
* Add genTlsCredentials
* Allow chain construction from separate credentials
So the CA may be stored and leaf ephemeral.
* Rewrap X509 fingerprint into simplex KeyHash used in transport
* Fix docstring
* Remove TLS.Credentials generator
2023-09-27 17:29:39 +01:00
7bdae793cb
server: add control port commands for clients and ghc threads ( #836 )
...
* server: add control port commands for clients and ghc threads (#835 )
* Add stats-rts control query
With supporting ghc-options that would provide the data.
* Add CPSkip command
Allows spamming empty lines a few times to clean up the view.
* server: Add CP commands to enumerate clients and threads
* style
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
* use base64 encoding for session ID
* fromMaybe
* whitespace
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com >
2023-08-26 16:02:18 +01:00
002f36dde0
5.4.0.0: use ghc 9.6.2 ( #791 )
...
* Add 9.6 compat
* compile with GHC9.6.2: dependencies, imports, code
* refactor typeclasses
* refactor record dot
* update cabal version
* update github actions
* update direct-sqlcipher
* 5.4.0.0
* update cabal.project
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
2023-08-24 20:22:02 +01:00
b61e3b5f95
server: disable transport timeout ( #793 )
2023-07-11 19:43:31 +01:00
94540a2c71
servers: add TCP timeouts to avoid memory leaks ( #776 )
...
* servers: add TCP timeouts to avoid memory leaks
* fix tests
* only use RecvTimeOut
* servers: simple timeout for TCP transport
* revert dependency change
* simplify
* simplify
* simplify 2
2023-06-30 16:22:01 +01:00
9692e636ac
support ipv6 ( #715 )
...
* support ipv6
* fix
* refactor
* only listen to ipv6
* refactor
* refactor 2
* 3
* fix build?
* fix release
2023-04-15 21:40:02 +01:00
02eb1e9822
add stateTVar imports for compatibility with older hackage index in nix builds
2023-03-18 07:57:25 +00:00
9255d48b69
xftp: move delay to replica ( #688 )
2023-03-16 18:12:38 +04:00
249bcc7bb3
update cGet to not throw exception if returned string is shorter (trying to fix HTTP2), fix test ( #663 )
2023-02-28 19:16:35 +00:00
781f8e0000
xftp: increase timeouts for file uploads, show progress ( #658 )
...
* xftp: increase timeouts for file uploads, show progress
* refactor
* use default port 443
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com >
* upload/download to/from chosen servers concurrently
---------
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com >
2023-02-27 13:42:15 +00:00
bccef0ba47
files: server and client spike - basic upload/download ( #591 )
...
* Files: main, env, stats, storeLog
* Better + transport
* Executable
* Env
* Update Client.hs, Server.hs, and 4 more files...
* Answer on request
* Delay
* Temp file
* Bypass cert check
* update package.yml, rename
* update store log
* extend HTTP2 transport
* refactor caStore
* HTTP2 body
* update server stats
* file server/client framework
* verify server commands
* process FNEW command, CLI test works
* simple XFTP server test (fails)
* fix test, refactor
* upload chunk works
* receive file chunk in the client
* remove transport handshake
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com >
* fix names
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com >
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com >
2023-02-13 13:36:02 +00:00
eb1723acce
refactor transport encoding, make client IO error "temporary" ( #634 )
...
* file server/client framework
* refactor
* make IOError temporary
* fix test
2023-02-10 19:06:28 +00:00
b342b1dc59
extend HTTP2 transport ( #632 )
...
* extend HTTP2 transport
* refactor caStore
* HTTP2 body
* enable test
* remove maxBodySize
2023-02-09 23:09:24 +00:00
ee2a764f93
agent: more strict parsing of TransportHost, tests ( #629 )
2023-02-04 22:59:28 +00:00
f4ad3a983e
support users in agent to isolate traffic of different users ( #598 )
...
* users table, isolate traffic sessions by users or by queues
* remove extra indices
* corrections
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com >
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com >
2023-01-11 17:47:20 +04:00
874f9f5cd6
option to enable/disable TLS handshake error logs (disable by default) ( #581 )
...
* option to enable/disable TLS handshake error logs (disable by default)
* refactor
2022-12-27 10:13:51 +00:00
1d3a604988
refactor SMP client, NTF server store ( #580 )
...
* refactor SMP client, NTF server store
* remove undefined
2022-12-26 18:54:28 +00:00
02bba01c16
send host events when server hosts are connected and disconnected ( #496 )
2022-08-13 11:57:36 +01:00
68138c08d2
support multiple server hostnames per queue ( #494 )
...
* store SMP client version per queue
* use versioned format for queue addresses (not compatible with v1)
* multiple server hosts in queue URI/data, versioned encoding (cross-version tests fail)
* choose server host based on socksProxy setting
* test works
* multiple server addresses mostly work
* add onion hosts for provided servers
* update SMP hosts
2022-08-12 11:32:04 +01:00
7d99c4b35c
reconnect agent clients on any network config change ( #489 )
...
* reconnect agent clients on any network config change
* add Eq instances
2022-08-03 09:59:49 +01:00
e9db0a1162
allow passing all network configuration to the agent ( #488 )
2022-08-02 13:30:00 +01:00
Alexander Bondarenko