dandri/simplexmq
1
0
Fork 0
mirror of https://github.com/simplex-chat/simplexmq.git synced 2026-03-31 20:36:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,696 Commits 95 Branches 171 Tags
fef63f90832454fb85481fc7b90eae9d81871f34
Commit Graph

23 Commits

Author SHA1 Message Date
Evgeny
3c18c4b66a servers: refactor TLS credentials (#1326) 
* servers: refactor TLS credentials

* provide server credentials in SNI hook

* determine TLS server params dynamically, when starting the server

* remove alpn from TransportServerConfig to decide it dynamically where server is started
 2024-09-28 22:21:08 +01:00
Evgeny
7dcac19a67 xrcp: session encryption with forward secrecy (#1328) 
* xrcp: session encryption with forward secrecy

* update doc

* accept keys as parameters

* docs: counter

* spec corrections
 2024-09-24 09:22:26 +01:00
Evgeny
a9e8d02593 server: bind control port server only to 127.0.0.1 for better security (in case of firewall misconfuguration) (#1280) 2024-09-05 13:48:09 +01:00
Evgeny
5ad6e5f2f3 deps: upgrade tls to 1.9 (#1265) 
* deps: use tls-2.0

* roll back RCP "cleanup"

* use tls 1.9

---------

Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
 2024-08-18 13:55:12 +01:00
spaced4ndy
bb1d31e459 remote ctrl: differentiate RCP error when trying to connect to unknown host identity (#1195) 
* remote ctrl: differentiate RCP error when trying to connect to unknown host identity

* rename

* refactor

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2024-06-10 17:42:51 +04:00
Evgeny Poberezkin
3dab330480 use throwE instead of throwError (#1187) 
* use throwE instead of throwError

* test delay
 2024-06-05 11:20:50 +01:00
Evgeny Poberezkin
88f1b727e0 SMP protocol extension to debug subscribed SMP queues (#1181) 
* SMP protocol extension to debug subscribed SMP queues

* fix, test

* corrections

Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>

* increase delays

* increase timeout

* delay

* delay

* enable all tests

---------

Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
 2024-05-30 18:49:43 +01:00
Evgeny Poberezkin
6ded721daa remove monad typeclasses to reduce overhead (#1077) 
* remove monad typeclasses to reduce overhead

* remove unliftIO

* StrictData

* inline

* optional agent port

* avoid MonadUnliftIO instance (#1078)

* avoid MonadUnliftIO instance

* simpler liftError'

* rename

* narrow down instance

* revert

---------

Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>

* logServer

---------

Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
 2024-03-31 20:50:35 +01:00
Evgeny Poberezkin
dd2bd11584 parameterize version scopes with phantom types (#1026) 
* parameterize version scopes with phantom types

* move Version to another module

* parens
 2024-03-04 19:06:51 +00:00
Evgeny Poberezkin
13a60d1d39 use ChaChaDRG as the source of randomness (#920) 
* use ChaChaDRG as the source of randomness

* remove functions using entropy directly

* comment
 2023-12-21 00:12:08 +00:00
Alexander Bondarenko
6bffcc8503 compatibility with GHC 8.10.7 (#906) 
* build with ghc-8.10

* add 8.10 to matrix

* cleanup

* stats

* remove getField

* agent

* server

* remote

* space

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2023-11-29 12:53:06 +00:00
Alexander Bondarenko
febf9019e2 remote: add controller address preferences (#905) 
* remote: add controller address preferences

* suppress localhost from breaking multicast discovery w/o prefs

* rewrite findCtrlAddress

* refactor

* refactor2

* add tests

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2023-11-28 14:12:29 +00:00
Alexander Bondarenko
40ba94ce72 remote: add multicast discovery w/ encrypted announce (#895) 
* Implement multicast discovery

* replace rcConnectMulticast with explicit discoverRCCtrl

* add multicast source/invitation host check

* remove JSON encoding for multicast invitations

* add specific error for announcing "new" controllers

* rename

* set size, rename

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2023-11-17 17:56:14 +00:00
Alexander Bondarenko
c501f4f9cc remote: fix deadlocked client when server rejects its cert (#897) 
* remote: detect tls errors sooner to prevent deadlocks

* remove redundant error checking

* cleanup
 2023-11-17 10:37:32 +00:00
Evgeny Poberezkin
e0b7942e45 remote: return tls with remote host before host confirmation (#894) 2023-11-13 19:25:53 +00:00
Alexander Bondarenko
4f5d52ada4 Do not allow rejected client certificate (#893) 2023-11-13 17:57:26 +00:00
Evgeny Poberezkin
6a2e6b040e additional lazy crypto for XRCP (#890) 2023-11-10 11:16:43 +00:00
Evgeny Poberezkin
bd06b47a9d return TLS session on remote connection step (#891) 2023-11-09 22:27:30 +00:00
Evgeny Poberezkin
102487bc4f xrcp: error handling (#889) 
* xrcp: error handling

* rename

* dont lock on STM

* move catch

* controller error handling

* fail sooner on incorrect CA in host HELLO

* remove TODO lock session

* refactor
 2023-11-08 16:34:56 +00:00
Evgeny Poberezkin
248144f3de do not use previous KEM shared secret in multicast packets and in host HELLO (#888) 
* do not use previous KEM shared secret in multicast packets and in host HELLO

* simplify
 2023-11-08 12:06:10 +00:00
Alexander Bondarenko
ecb23c66e0 Extract public RC types (#887) 2023-11-07 20:30:28 +00:00
Alexander Bondarenko
1a8dfb4cbe agent: xrcp implementation for connection via link (no multicast) (#884) 
* WIP: start working on connection invites

startSession/OOB is broken now - the port isn't coming from the actualy assigned one.

* Add invite types

* clean old invite-related types

* apply renames

* Move SessionKeys from Invitation

* Stub host-side keys and handle

* move keys and handles to Types

* add Simplex.RemoteControl.Client

* more keys

* progress

* crypto for sessions

* progress to multicast

* multicast crypto

* add RC TLS server

* agent api for remote control

* WIP: tls client

* fix test

* update encoding to include nonce

* add TODO

* update

* Use network-info to find TransportHost

* request and submit tls client certificate

* WIP: add missing bits for testing RC client

* RCEncryptedHello encoding

* add block encoding

* refactor

* validate known host certificate

* remove some spaghetti

* functional API to host/ctrl clients

* refactor connectRCCtrl_

* refactor connectRCHost

* question

* add type

* fix RC session

* update doc

* update doc 2

* add block on confirmation

* remove unused parameter

* export CtrlSessKeys

* export

* fix parsing

* move test of xrcp handshake

* move KEM to HELLO step

* fix JSON

* type

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2023-11-07 13:05:18 +00:00
Alexander Bondarenko
8e2ffcb297 extract xrcp protocol (#878) 
* xrcp: files and folders

* extract remote up to rev-http

* Remove unused files

---------

Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
 2023-10-31 19:31:53 +00:00