diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-12-16 16:32:29 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-12-16 16:38:06 -0400 |
commit | 6aa7e136b5d246228723f4c9996bda11f66c4445 (patch) | |
tree | 145310079adb607fae058a0a1dd42c7f155d26e1 /P2P/Protocol.hs | |
parent | 353b59a000dd0e4941b3c36a7fd02d23f3cf44a1 (diff) |
p2p --link now defaults to setting up a bi-directional link
Both the local and remote git repositories get remotes added
pointing at one-another.
Makes pairing twice as easy!
Security: The new LINK command in the protocol can be sent repeatedly,
but only by a peer who has authenticated with us. So, it's entirely safe to
add a link back to that peer, or to some other peer it knows about.
Anything we receive over such a link, the peer could send us over the
current connection.
There is some risk of being flooded with LINKs, and adding too many
remotes. To guard against that, there's a hard cap on the number of remotes
that can be set up this way. This will only be a problem if setting up
large p2p networks that have exceptional interconnectedness.
A new, dedicated authtoken is created when sending LINK.
This also allows, in theory, using a p2p network like tor, to learn about
links on other networks, like telehash.
This commit was sponsored by Bruno BEAUFILS on Patreon.
Diffstat (limited to 'P2P/Protocol.hs')
-rw-r--r-- | P2P/Protocol.hs | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/P2P/Protocol.hs b/P2P/Protocol.hs index 135409e26..c383fa966 100644 --- a/P2P/Protocol.hs +++ b/P2P/Protocol.hs @@ -14,6 +14,7 @@ module P2P.Protocol where import qualified Utility.SimpleProtocol as Proto import Types.Key import Types.UUID +import P2P.Address import Utility.AuthToken import Utility.Applicative import Utility.PartialPrelude @@ -49,6 +50,7 @@ data Message = AUTH UUID AuthToken -- uuid of the peer that is authenticating | AUTH_SUCCESS UUID -- uuid of the remote peer | AUTH_FAILURE + | LINK P2PAddressAuth -- sending an address that the peer may link to | CONNECT Service | CONNECTDONE ExitCode | NOTIFYCHANGE @@ -69,8 +71,9 @@ data Message instance Proto.Sendable Message where formatMessage (AUTH uuid authtoken) = ["AUTH", Proto.serialize uuid, Proto.serialize authtoken] - formatMessage (AUTH_SUCCESS uuid) = ["AUTH-SUCCESS", Proto.serialize uuid] + formatMessage (AUTH_SUCCESS uuid) = ["AUTH-SUCCESS", Proto.serialize uuid] formatMessage AUTH_FAILURE = ["AUTH-FAILURE"] + formatMessage (LINK addr) = ["LINK", Proto.serialize addr] formatMessage (CONNECT service) = ["CONNECT", Proto.serialize service] formatMessage (CONNECTDONE exitcode) = ["CONNECTDONE", Proto.serialize exitcode] formatMessage NOTIFYCHANGE = ["NOTIFYCHANGE"] @@ -92,6 +95,7 @@ instance Proto.Receivable Message where parseCommand "AUTH" = Proto.parse2 AUTH parseCommand "AUTH-SUCCESS" = Proto.parse1 AUTH_SUCCESS parseCommand "AUTH-FAILURE" = Proto.parse0 AUTH_FAILURE + parseCommand "LINK" = Proto.parse1 LINK parseCommand "CONNECT" = Proto.parse1 CONNECT parseCommand "CONNECTDONE" = Proto.parse1 CONNECTDONE parseCommand "NOTIFYCHANGE" = Proto.parse0 NOTIFYCHANGE @@ -236,6 +240,8 @@ data LocalF c -- with False. | WaitRefChange (ChangedRefs -> c) -- ^ Waits for one or more git refs to change and returns them. + | AddLinkToPeer P2PAddressAuth (Bool -> c) + -- ^ Adds a link to a peer using the provided address. deriving (Functor) type Local = Free LocalF @@ -255,6 +261,11 @@ auth myuuid t = do net $ sendMessage (ERROR "auth failed") return Nothing +link :: P2PAddressAuth -> Proto Bool +link addr = do + net $ sendMessage (LINK addr) + checkSuccess + checkPresent :: Key -> Proto Bool checkPresent key = do net $ sendMessage (CHECKPRESENT key) @@ -354,6 +365,9 @@ serveAuth myuuid = serverLoop handler serveAuthed :: UUID -> Proto () serveAuthed myuuid = void $ serverLoop handler where + handler (LINK addr) = do + sendSuccess =<< local (addLinkToPeer addr) + return ServerContinue handler (LOCKCONTENT key) = do local $ tryLockContent key $ \locked -> do sendSuccess locked |