Beta 23 exit format changes #955
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit is the first checkpoint in a full refactor of exit client code. Starting by changing the settings structure to be more appropriate for the global curated list of exits maintained by the exit registration smart contract rather than many distinct exit clusters populating the config. The next phase of this change will be to dig into the code responsible for for getting the exits list and modify it to work with a larger in memory list / update the config with new exits.
Considering a lot of settings changes are planned this is a far easier way to handle testing settings changes.
The exit blacklist feature was originally designed for the case where we used subnets to identify exits. Meaning any device in a given configured subnet would be assumed to be an exit. This strategy was dropped for it's many deficiencies and with the new solidity contract based structure we're moving to it's no longer a risk. If we can't successfully checkin an decrypt an exit response we're not going to select the exit anyways and there's absolutely no risk of a 'rouge exit' sneaking in.
Just to simplify mod.rs but we probably should move all of this into kernel interface so we can unit test it nicely.
This one line patch resolves an issue introduced 10 months ago in the patch "This commit updates the client exit manager to work with the new exit format". That split off the exit status updates and slacc setup from the main exit loop by accident. The only reason this has not been noticed is because this code never entered production since that time.
This patch cleans up the exit loop by separating it out into several functions. The new code organization revealed several itneresting bugs, including two different indentation errors. One corrected in the previous commit and another that would cause the loop to spinlock on settings if we had no selected exit yet. In addition to that some flow problems have been modified. Since we always have a selected exit when we go into the exit switcher we now attempt to setup that exit right away rather than waiting for a successful run of the exit switching logic. Worst case scenario we do end up having to wait but best case we can have a tunnel up much faster. Note that because we're always saving out to the config the best case is the common case and on average this can speed up reboot times for users by 30 seconds or more.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
8 times, most recently
from
fe07d57
to
2fad4dd
Compare
This patch converts the exit client state from expecting an array of distinct exit clusters to expecting only a single exit cluster active at any given time as defined by the current exit registration smart contract. Bootstrapping exits in the devices local config are used to get an update of the smart contract state for roaming exits. This is one part of a still in progress refactor.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
2fad4dd
to
9125baf
Compare
This config file allows us to mute specific cve warnings. The first of which is a Diesel upgrade warning. Diesel is not used in prod anymore and it's only use in this repo is for migration from legacy databases.
this endpoint is unused and bringing it up to functionality again after recent migrations just isn't justified.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
50d2214
to
dd9dc79
Compare
We are using in memory configs for this now
These are easier to read and more correct.
There's no need for a thread safe lock for this data, it's only accessed from a single thread anyways.
This is part of a continued effort to reduce the huge size of these files and get something more readable out of this module.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
561629f
to
10bd6b1
Compare
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
9 times, most recently
from
6b41e8b
to
651db44
Compare
This patch represents a continued overhaul of the exit manager functionality. Two major things are occuring a simplification and an overall change in the functionality of the code to track a single cluster of exits managed by a smart contract instead of many clusters of exits managed by ip ranges. This implies a lot of touch point changes, to exactly how logic changes. This makes up a significant part of this commit. The biggest single change in this commit is a total re-write of the exit switching functionality which was designed for subnet based exits originally and inherited complexity that is no longer needed given our new reality of exits with a fixed list of members. The new simplified design maintains the vast majority of the old feature set but does not for example implement the blacklisting feature, where exits that where online but enough to be in babel but otherwise not working correctly are removed from the selection process.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
651db44
to
d9c590f
Compare
This patch moves all exit encryption functions into a module in althea kernel interface, which will make it much easier to update libraries and generally test functionality instead of having the encryption logic closely tied to the buisness logic in exit manager.
The dual keys where required to allow clients to roam between multiple exits while maintaining the same wg_exit key across the whole cluster, this is no longer required by the new clustering scheme.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
d9c590f
to
710c905
Compare
This is a temporary fix for the multi exit test that has exit clients use the config entierly for the next exit to select, the next step in our refactor is to refactor the exit list component that's failing here. So I wanted to get the test green without fully updating that component.
This should handle both situatiosn where switching is faster and when it is slower, hopefully making the tests more reliable and faster.
jkilpatr
force-pushed
the
jkilpatr/exit-settings-changes
branch
from
170d597
to
1a328b3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See individual commit messages. The general theme is that we are moving to routers having a single exit cluster managed by the smart contract with many different participants rather than many exit clusters in their config each managed by a single organization. Practically it was not easy enough to setup an exit cluster and very few people did. Furthermore they mostly joined the existing Hawk Networks managed exit cluster because they wanted failover roaming and didn't care to change the configuration of the pre-built images.
The exit database smart contract when paired with these new changes will allow easy to easily setup an exit and easily join the list of available exits. In short it matches the way we actually use exits rather than the way we thought we might use them years ago.