Networks/Reticulum-Go
2
1
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects 1 Releases 1 Wiki Activity

Compare commits

base: Networks:v0.3.9
Branches Tags
Networks:main Networks:transport-fixes Networks:tinygo Networks:microvm
Networks:v0.6.0 Networks:v0.5.0 Networks:v0.4.0 Networks:v0.3.9 Networks:v0.3.8 Networks:v0.1.0
...
compare: Networks:v0.5.0
Branches Tags
Networks:transport-fixes Networks:main Networks:tinygo Networks:microvm
Networks:v0.6.0 Networks:v0.5.0 Networks:v0.4.0 Networks:v0.3.9 Networks:v0.3.8 Networks:v0.1.0

104 Commits
v0.3.9 ... v0.5.0

Author SHA1 Message Date
Ivan
f097bb3241 security: use net.JoinHostPort instead of fmt.Sprintf
Some checks failed
Benchmark GC Performance / benchmark (push) Successful in 1m19s
Details
Run Gosec / tests (push) Successful in 48s
Details
Go Revive Lint / lint (push) Successful in 34s
Details
Go Build Multi-Platform / build (amd64, darwin) (push) Failing after 31s
Details
Go Build Multi-Platform / build (amd64, windows) (push) Failing after 34s
Details
Go Build Multi-Platform / build (arm, freebsd) (push) Failing after 29s
Details
Go Build Multi-Platform / build (arm, linux) (push) Failing after 27s
Details
Go Build Multi-Platform / Create Release (push) Has been skipped
Details
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 48s
Details
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m28s
Details
Go Build Multi-Platform / build (amd64, freebsd) (push) Failing after 27s
Details
Go Build Multi-Platform / build (amd64, linux) (push) Failing after 27s
Details
Go Build Multi-Platform / build (arm, windows) (push) Failing after 27s
Details
Go Build Multi-Platform / build (arm64, darwin) (push) Failing after 27s
Details
Go Build Multi-Platform / build (arm64, freebsd) (push) Failing after 27s
Details
Performance Monitor / performance-monitor (push) Successful in 2m40s
Details
Go Build Multi-Platform / build (arm64, windows) (push) Failing after 25s
Details
Go Build Multi-Platform / build (arm64, linux) (push) Failing after 27s
Details
Go Test Multi-Platform / Test (macos-latest, amd64) (push) Has been cancelled
Details
Go Test Multi-Platform / Test (windows-latest, amd64) (push) Has been cancelled
Details
Go Test Multi-Platform / Test (macos-latest, arm64) (push) Has been cancelled
Details
2025-11-09 00:05:36 -06:00
Ivan
22fc5093db perf: combine multiple append calls in transport 2025-11-09 00:05:31 -06:00
Ivan
fc95e54b2e update: Makefile with debug build target and update help text
Some checks failed
Go Build Multi-Platform / build (amd64, freebsd) (push) Failing after 55s
Details
Go Build Multi-Platform / build (amd64, darwin) (push) Failing after 58s
Details
Go Build Multi-Platform / build (amd64, linux) (push) Failing after 54s
Details
Benchmark GC Performance / benchmark (push) Successful in 1m28s
Details
Go Build Multi-Platform / build (arm, freebsd) (push) Failing after 48s
Details
Go Build Multi-Platform / build (arm, linux) (push) Failing after 46s
Details
Go Build Multi-Platform / build (arm64, darwin) (push) Failing after 29s
Details
Go Build Multi-Platform / build (arm64, windows) (push) Failing after 28s
Details
Go Test Multi-Platform / Test (ubuntu-latest, amd64) (push) Successful in 1m32s
Details
Go Test Multi-Platform / Test (macos-latest, amd64) (push) Has been cancelled
Details
Go Test Multi-Platform / Test (windows-latest, amd64) (push) Has been cancelled
Details
Go Test Multi-Platform / Test (macos-latest, arm64) (push) Has been cancelled
Details
Go Build Multi-Platform / build (amd64, windows) (push) Failing after 50s
Details
Go Build Multi-Platform / build (arm, windows) (push) Failing after 36s
Details
Go Build Multi-Platform / build (arm64, linux) (push) Failing after 38s
Details
Go Build Multi-Platform / build (arm64, freebsd) (push) Failing after 40s
Details
Go Test Multi-Platform / Test (ubuntu-latest, arm64) (push) Successful in 46s
Details
Run Gosec / tests (push) Successful in 51s
Details
Go Build Multi-Platform / Create Release (push) Has been skipped
Details
Go Revive Lint / lint (push) Successful in 36s
Details
Performance Monitor / performance-monitor (push) Has been cancelled
Details
2025-11-09 00:01:19 -06:00
Ivan
636d400f1e refactor: migrate to structured debug logging 2025-11-09 00:00:55 -06:00
Ivan
fd5eb65bc0 fix: use context.TODO() in logger.Enabled check for improved clarity 2025-11-07 12:51:14 -06:00
Ivan
4e13fe523b fix: resolve deepsource linter issues 
- Fixed the append usage warning (CRT-D0001)
- Fixed the nil context warning (SCC-SA1012)
 2025-11-07 12:47:47 -06:00
Ivan
dd2cc3e3d9 update logging function to improve argument handling 2025-11-07 12:44:40 -06:00
Ivan
353e9c6d9b Update logging to use new debug package 
- Removed the old debug logging functions and replaced them with calls to the new debug package.
- Updated logging statements throughout the main.go file to utilize adjustable logging levels.
- Enhanced the clarity and structure of log messages for better debugging and traceability.
 2025-11-07 12:41:29 -06:00
Ivan
088ba3337d Add debug package for logging with adjustable levels 
- Introduced a new debug package that allows for logging at various levels (1-7).
- Implemented initialization, logger retrieval, and logging functions.
- Added functionality to set and get the current debug level.
 2025-11-07 12:41:14 -06:00
Ivan
4cd2338095 Update README.md 2025-11-06 15:12:16 -06:00
Ivan
c6cc1d8ca8 Update 2025-10-31 07:39:51 -05:00
Ivan
0afb0e9ade Update 2025-10-31 07:39:41 -05:00
Ivan
feeaa72102 Update GitHub Actions workflows 
- Pin to full -length commit hash
- Add master alongside main
 2025-10-31 07:39:34 -05:00
Ivan
bb964445f3 add examples to gitignore for now 2025-10-30 18:57:48 -05:00
Ivan
5369037a74 Add TinyGo build targets to Makefile and create GitHub Actions workflow for TinyGo builds 2025-10-30 18:54:23 -05:00
Ivan
bb98248830 Update Go module dependencies and version in go.mod and go.sum files 2025-10-30 18:49:23 -05:00
Ivan
575657bbc5 Remove cyclomatic and cognitive complexity rules from revive.toml configuration 2025-10-26 11:49:48 -05:00
Ivan
8da4a759f5 Add FromHash method to create destinations from known hashes and enhance link handling capabilities 2025-10-07 22:44:08 -05:00
Ivan
dff1489ee5 Add link ID generation in Establish method for connection requests 2025-10-07 22:44:02 -05:00
Ivan
30c97bc9dd Implement identity recall functionality to retrieve existing identities by hash 2025-10-07 22:43:55 -05:00
Ivan
005e2566aa Add destination registration and link handling in Transport 2025-10-07 22:43:45 -05:00
Ivan
cc10830df3 Fix CreatePacket method in Announce struct to dynamically set context flag based on the existence of ratchet data. 2025-10-07 21:53:39 -05:00
Ivan
b548e5711e Add destination type constants for packet handling in types.go 2025-10-07 21:31:45 -05:00
Ivan
cc89bfef6e Update destination hash calculation in handleAnnouncePacket to use SHA256. 2025-10-07 21:31:40 -05:00
Ivan
45a3ac1e87 Fix destination hash calculation by incorporating SHA256 for name hashing. 2025-10-07 21:31:16 -05:00
Ivan
e39936ac30 Fix Announce struct to include destination name and hash validation. 
Also update New and NewAnnounce functions to require destinationHash and destinationName parameters.
 2025-10-07 21:30:57 -05:00
Ivan
b601ae1c51 Add read loop for UDP interface to handle incoming packets asynchronously. 2025-10-07 21:30:27 -05:00
Ivan
7d7a022736 Refine CPU usage calculation in performance monitoring script by truncating decimal values before summation. 2025-09-27 05:56:31 -05:00
Ivan
0ac2a8d200 Add binary execution tests for Linux, macOS, and Windows in CI workflow. Enhance ARM cross-compilation testing with specific environment variables. 2025-09-27 05:54:30 -05:00
Ivan
f3808a73e1 Remove caching step for Go modules in performance monitoring workflow 2025-09-27 05:51:43 -05:00
Ivan
cb908fb143 Increase monitoring duration 2025-09-27 05:50:29 -05:00
Ivan
f53194be25 Fix announce packet handling to align with RNS specification. Enhance payload parsing, signature verification, and destination hash validation. Improve logging for better debugging of announce packet processing. 2025-09-27 05:48:33 -05:00
Ivan
ad732d1465 mark interface as online 2025-09-27 05:47:28 -05:00
Ivan
b70a7d03af Add autointerface for testing 2025-09-27 05:47:17 -05:00
Ivan
911fe3ea8e Add support for 32-byte Ed25519 2025-09-27 05:46:51 -05:00
Ivan
b59bb349dc add basic performance monitoring action 2025-09-27 05:44:47 -05:00
Ivan
08cbacd69f Update README badges for clarity and consistency in multi-platform testing 2025-09-27 05:44:03 -05:00
Ivan
9a70a92261 Add support for multi-platform testing 2025-09-27 05:43:54 -05:00
Ivan
be34168a1b Refine comment in TCPClientInterface to clarify HDLC framing usage for TCP connections 2025-09-27 04:41:36 -05:00
Ivan
cebab6b2f3 Add debug logging and missing packet data 2025-09-27 04:41:25 -05:00
Ivan
fdcb371582 Fix announce packet creation and sending logic to use the announce package. Enhance error handling and logging for interface checks during packet transmission. 2025-09-27 04:40:47 -05:00
Ivan
f01b1f8bac Update Decrypt method in Identity to validate token structure and HMAC. Update extraction logic for ephemeral public key, ciphertext, and MAC, ensuring proper error handling for token size and HMAC validation. 2025-09-27 04:40:35 -05:00
Ivan
a0eca36884 Update logging in HandlePacket and handleAnnouncePacket. 2025-09-27 04:30:59 -05:00
Ivan
972d00df92 Fix TCPClientInterface readLoop and handlePacket methods to streamline HDLC framing logic and improve packet handling. Remove KISS framing support and update logging for received packets. Ensure outgoing data uses HDLC framing consistently. 2025-09-27 04:30:28 -05:00
Ivan
483b6e562b Update announce packet creation and sending logic to utilize transport methods 2025-09-27 04:30:13 -05:00
Ivan
cbb5ffa970 Cleanup incorrect or outdated code 2025-09-27 04:29:59 -05:00
Ivan
b7cc0c39b4 Fix announce data parsing to include ratchet field and update length checks 2025-09-27 04:26:22 -05:00
Ivan
982c173760 Add GitHub Actions workflow for benchmarking GC performance 2025-09-25 13:13:39 -05:00
Ivan
49ca73ab3a Update TODO 2025-09-25 13:11:56 -05:00
Ivan
43b224b4d7 Update README 2025-09-25 13:11:46 -05:00
Ivan
456a95d569 Add benchmarking tests for packet and transport operations 2025-09-25 12:42:44 -05:00
Ivan
53b2d18a79 Add benchmarking targets to Makefile for standard and experimental GC 2025-09-25 12:42:06 -05:00
Ivan
8d7f86e15a Update README 2025-09-25 12:28:24 -05:00
Ivan
40213eeac9 Add experimental greenteagc support, release build (strip debug symbols) and lint 2025-09-25 12:24:14 -05:00
Ivan
5cb8b12a0f Update Dockerfiles to use Go version 1.25 with ARG for flexibility 2025-09-25 03:31:57 -05:00
Ivan
2f165186d1 Update README 2025-09-25 03:29:24 -05:00
Ivan
6cd3b15d78 Update Go version to 1.25 in workflow files 2025-09-25 03:29:16 -05:00
Ivan
98c8d35f1e Update Go version to 1.25 and upgrade golang.org/x/crypto dependency to v0.42.0 2025-09-25 03:29:09 -05:00
Ivan
064b2b10b8 Update revive.toml rules 2025-09-25 03:27:49 -05:00
Ivan
a8d78d2784 Add Dockerfiles 2025-09-21 02:35:05 -05:00
Ivan
5a0c70190f Add full-length commit hashes for actions for improved supply chain security. 2025-09-21 02:20:58 -05:00
Ivan
d5bf7dc720 Update 2025-09-07 02:40:33 -05:00
Ivan
8b4bca7939 Update interface registration logging 2025-09-07 02:24:37 -05:00
Ivan
c004ff1a97 Fix packet header handling in Pack and Unpack methods to correct order of DestinationHash and TransportID. 2025-09-07 02:24:07 -05:00
Ivan
38323da57d Fix hash calculation in Destination to use TruncatedHash and improve logging for interface announcements 2025-09-07 02:23:30 -05:00
Ivan
2ffd12b3e1 Add Send method to TCPClientInterface and better logging in UDPInterface 2025-09-07 02:21:48 -05:00
Ivan
069d4163eb Update README 2025-09-07 01:58:53 -05:00
Ivan
93e1317789 Update wording for usage of LLMs 2025-09-07 01:58:41 -05:00
Ivan
3b270e05c4 Update Go version to 1.24.6 and upgrade golang.org/x/crypto to v0.41.0 2025-09-07 01:58:22 -05:00
Ivan
a05818b3a7 Add matrix link 2025-08-18 03:08:40 -05:00
Ivan
df2b0a0079 Remove outdated development guidelines from CONTRIBUTING.md 2025-08-16 19:34:23 -05:00
Ivan
c507e9125b Update README to include Go installation instructions 2025-08-16 19:34:15 -05:00
Ivan
767110f3d0 Merge pull request #2 from MikeColes/paramter-order 
match order of parameters to called function
 2025-08-10 17:09:49 -05:00
Mike Coles
8e5f193caf match order of parameters to called function 2025-08-07 11:12:09 -04:00
Ivan
fed33aadff add badge 2025-07-15 14:08:22 -05:00
Ivan
d0c83ec1a2 update revive workflow 2025-07-15 14:06:18 -05:00
Ivan
aa94bee606 fix workflow permissions 2025-07-15 14:02:22 -05:00
Ivan
745609423f update 2025-07-15 14:01:10 -05:00
Ivan
16e1c7e4eb add revive workflow 2025-07-15 13:59:27 -05:00
Ivan
aec3672228 update 2025-07-15 13:55:04 -05:00
Ivan
aace3abd6d update build workflow 2025-07-15 13:53:26 -05:00
Ivan
ca3fefaae8 Add workflow permissions 2025-07-15 13:51:32 -05:00
Ivan
d4f89735f6 add bearer 2025-07-15 13:51:13 -05:00
Ivan
b37d393286 Update SECURITY.md to simplify vulnerability reporting instructions. 2025-07-15 13:51:07 -05:00
Ivan
5e0c829cf6 Fix: Address various static analysis warnings 
- **pkg/announce/announce.go**: Added error handling for `rand.Read` to log potential issues when generating random hashes.
- **pkg/buffer/buffer.go**: Removed a redundant `#nosec G115` comment as the line no longer triggers the warning.
- **pkg/cryptography/aes.go**: Added `#nosec G407` to explicitly acknowledge the use of `cipher.NewCBCEncrypter` which is acceptable in this context.
- **pkg/transport/transport.go**: Removed redundant `#nosec G115` comments as the lines no longer trigger the warning.
 2025-07-15 13:45:48 -05:00
Ivan
a80f2bb2ac Add a GetConfig method to the Transport struct. 2025-07-15 13:40:28 -05:00
Ivan
7de206447a Migrate all AES encryption to AES-256-CBC and implement persistent ratchet storage. 2025-07-15 13:40:20 -05:00
Ivan
f740514e2b Fix Destination announcing to use a dedicated announce package and improve transport integration. 2025-07-15 13:40:11 -05:00
Ivan
b907dd93f1 Announce packet creation to strictly follow Reticulum specification. 2025-07-15 13:39:49 -05:00
Ivan
011a6303eb Use destination-based announcing and consolidate ratchet path handling. 2025-07-15 13:39:39 -05:00
Ivan
12f487d937 use AES-256-CBC only 2025-07-15 13:31:19 -05:00
Ivan
b9aebc8406 gosec fixes and added #nosec where necassary 2025-07-06 00:33:50 -05:00
Ivan
ffb3c3d4f4 Update Go version and x/crypto dependency to latest stable versions. 2025-07-06 00:09:53 -05:00
Ivan
f291ba74e9 update 2025-07-06 00:09:41 -05:00
Ivan
6e87fc9bcd go fmt 2025-07-06 00:09:14 -05:00
Ivan
cb402e2bb6 add badges 2025-07-06 00:07:19 -05:00
Ivan
fe5101340a Update TODO with AES 256 completion 2025-07-06 00:05:34 -05:00
Ivan
dfac66e8bc add workflows 2025-07-06 00:05:11 -05:00
Ivan
bc05835dae Add AES 256 and update AES test 2025-07-05 23:59:59 -05:00
Ivan
26371cdb6a Code cleanup of unused functions/variables 2025-05-07 18:35:45 -05:00
Ivan
41db0500af update x/crypto v0.37.0 > v0.38.0 2025-05-07 18:28:29 -05:00
Ivan
8114c3bda4 Add unit tests for configuration, cryptography, interfaces, and packet handling. 2025-05-07 18:24:52 -05:00
Ivan
3f141bf93b update 2025-05-07 18:24:07 -05:00
Ivan
a9bf658b03 update with badge 2025-05-07 18:23:50 -05:00
53 changed files with 3719 additions and 890 deletions
Expand all files Collapse all files

43
.github/workflows/benchmark-gc.yml vendored Normal file
View File

@@ -0,0 +1,43 @@
name: Benchmark GC Performance
on:
push:
branches: [ main, master ]
pull_request:
branches: [ main, master ]
workflow_dispatch:
permissions:
contents: read
actions: write
jobs:
benchmark:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
with:
go-version: '1.25'
- name: Cache Go modules
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Install dependencies
run: go mod download
- name: Run benchmark (standard GC)
run: make bench
- name: Run benchmark (experimental GC)
run: make bench-experimental

87
.github/workflows/build.yml vendored Normal file
View File

@@ -0,0 +1,87 @@
name: Go Build Multi-Platform
on:
push:
branches: [ "main", "master" ]
tags:
- 'v*'
pull_request:
branches: [ "main", "master" ]
jobs:
build:
permissions:
contents: write
strategy:
matrix:
goos: [linux, windows, darwin, freebsd]
goarch: [amd64, arm64, arm]
exclude:
- goos: darwin
goarch: arm
runs-on: ubuntu-latest
outputs:
build_complete: ${{ steps.build_step.outcome == 'success' }}
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
with:
go-version: '1.25'
- name: Build
id: build_step
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
GOARM: ${{ matrix.goarch == 'arm' && '6' || '' }}
run: |
output_name="reticulum-go-${GOOS}-${GOARCH}"
if [ "$GOOS" = "windows" ]; then
output_name+=".exe"
fi
go build -v -ldflags="-s -w" -o "${output_name}" ./cmd/reticulum-go
echo "Built: ${output_name}"
- name: Calculate SHA256 Checksum
run: |
output_name="reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}"
if [ "${{ matrix.goos }}" = "windows" ]; then
output_name+=".exe"
fi
sha256sum "${output_name}" > "${output_name}.sha256"
echo "Calculated SHA256 for ${output_name}"
- name: Upload Artifact
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}
path: reticulum-go-${{ matrix.goos }}-${{ matrix.goarch }}*
release:
name: Create Release
runs-on: ubuntu-latest
needs: build
if: startsWith(github.ref, 'refs/tags/')
permissions:
contents: write
steps:
- name: Download All Build Artifacts
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
path: ./release-assets
- name: List downloaded files (for debugging)
run: ls -R ./release-assets
- name: Create GitHub Release
uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1
with:
files: ./release-assets/*/*

103
.github/workflows/go-test.yml vendored Normal file
View File

@@ -0,0 +1,103 @@
name: Go Test Multi-Platform
on:
push:
branches:
- main
- master
pull_request:
branches:
- main
- master
permissions:
contents: read
jobs:
test:
name: Test (${{ matrix.os }}, ${{ matrix.goarch }})
strategy:
matrix:
include:
# AMD64 testing across major platforms
- os: ubuntu-latest
goarch: amd64
- os: windows-latest
goarch: amd64
- os: macos-latest
goarch: amd64
# ARM64 testing on supported platforms
- os: ubuntu-latest
goarch: arm64
- os: macos-latest
goarch: arm64
runs-on: ${{ matrix.os }}
steps:
- name: Checkout Source
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go 1.25
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
with:
go-version: '1.25'
- name: Cache Go modules
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go-${{ matrix.goarch }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-${{ matrix.goarch }}-
- name: Run Go tests
run: go test -v ./...
- name: Run Go tests with race detector (Linux AMD64 only)
if: matrix.os == 'ubuntu-latest' && matrix.goarch == 'amd64'
run: go test -race -v ./...
- name: Test build (ensure compilation works)
run: |
# Test that we can build for the current platform
echo "Testing build for current platform (${{ matrix.os }}, ${{ matrix.goarch }})..."
go build -v ./cmd/reticulum-go
- name: Test binary execution (Linux/macOS)
if: matrix.os != 'windows-latest'
run: |
echo "Testing binary execution on (${{ matrix.os }}, ${{ matrix.goarch }})..."
timeout 5s ./reticulum-go || echo "Binary started successfully (timeout expected)"
- name: Test binary execution (Windows)
if: matrix.os == 'windows-latest'
run: |
echo "Testing binary execution on (${{ matrix.os }}, ${{ matrix.goarch }})..."
# Start the binary and kill after 5 seconds to verify it can start
Start-Process -FilePath ".\reticulum-go.exe" -NoNewWindow
Start-Sleep -Seconds 5
Stop-Process -Name "reticulum-go" -Force -ErrorAction SilentlyContinue
echo "Binary started successfully"
shell: pwsh
- name: Test cross-compilation (AMD64 runners only)
if: matrix.goarch == 'amd64'
run: |
echo "Testing ARM64 cross-compilation from AMD64..."
go build -v ./cmd/reticulum-go
env:
GOOS: linux
GOARCH: arm64
- name: Test ARMv6 cross-compilation (AMD64 runners only)
if: matrix.goarch == 'amd64'
run: |
echo "Testing ARMv6 cross-compilation from AMD64..."
go build -v ./cmd/reticulum-go
env:
GOOS: linux
GOARCH: arm
GOARM: 6

27
.github/workflows/gosec.yml vendored Normal file
View File

@@ -0,0 +1,27 @@
name: Run Gosec
on:
push:
branches:
- main
- master
pull_request:
branches:
- main
- master
permissions:
contents: read
jobs:
tests:
runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...

31
.github/workflows/performance-monitor.yml vendored Normal file
View File

@@ -0,0 +1,31 @@
name: Performance Monitor
on:
push:
branches: [ main, master ]
pull_request:
branches: [ main, master ]
workflow_dispatch:
jobs:
performance-monitor:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
with:
go-version: '1.25'
- name: Build
run: |
go build -o bin/reticulum-go ./cmd/reticulum-go
- name: Run Performance Monitor
id: monitor
run: |
cp tests/scripts/monitor_performance.sh .
chmod +x monitor_performance.sh
./monitor_performance.sh

29
.github/workflows/revive.yml vendored Normal file
View File

@@ -0,0 +1,29 @@
name: Go Revive Lint
on:
push:
branches: [ "main", "master" ]
pull_request:
branches: [ "main", "master" ]
jobs:
lint:
permissions:
contents: read
pull-requests: read
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
with:
go-version: '1.25'
- name: Install revive
run: go install github.com/mgechev/revive@latest
- name: Run revive
run: |
revive -config revive.toml -formatter stylish ./...

64
.github/workflows/tinygo.yml vendored Normal file
View File

@@ -0,0 +1,64 @@
name: TinyGo Build
on:
push:
branches: [ "tinygo" ]
pull_request:
branches: [ "tinygo" ]
jobs:
tinygo-build:
permissions:
contents: read
strategy:
matrix:
include:
- name: tinygo-default
target: ""
output: reticulum-go-tinygo
make_target: tinygo-build
- name: tinygo-wasm
target: wasm
output: reticulum-go.wasm
make_target: tinygo-wasm
runs-on: ubuntu-latest
outputs:
build_complete: ${{ steps.build_step.outcome == 'success' }}
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set up Go
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00
with:
go-version: '1.24'
- name: Install TinyGo
run: |
wget https://github.com/tinygo-org/tinygo/releases/download/v0.37.0/tinygo_0.37.0_amd64.deb
sudo dpkg -i tinygo_0.37.0_amd64.deb
- name: Build with TinyGo
id: build_step
run: |
make ${{ matrix.make_target }}
output_name="${{ matrix.output }}"
if [ -f "bin/${output_name}" ]; then
sha256sum "bin/${output_name}" | cut -d' ' -f1 > "bin/${output_name}.sha256"
echo "Built: ${output_name}"
echo "Generated checksum: bin/${output_name}.sha256"
else
echo "Build output not found: bin/${output_name}"
ls -la bin/
exit 1
fi
- name: Upload Artifact
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ matrix.name }}
path: bin/${{ matrix.output }}*

2
.gitignore vendored
View File

@@ -5,3 +5,5 @@ logs/
.json
bin/
examples/

34
CONTRIBUTING.md
View File

@@ -2,20 +2,34 @@
Be good to each other.
## Development
By contributing to this project you agree to the following:
- All code must be tested using `gosec`.
- All code must be formatted with `gofmt`.
- All code must be documented.
## Communication
Feel free to join our seperate matrix channel for this implementation.
Feel free to join our telegram or matrix channels for this implementation.
- [Matrix](https://matrix.to/#/#reticulum-go-dev:matrix.org)
- [Telegram](https://t.me/reticulum_go)
## Usage of LLMs and other Generative AI tools
We would prefer if you did not use LLMs and other generative AI tools to write critical parts of the code.
You should not use LLMs and other generative AI tools to write critical parts of the code. They can produce lots of security issues and outdated code when used incorrectly. You are not required to report that you are using these tools.
## Static Analysis Tools
You are welcome to use the following tools, however there are actions in place to ensure the code is linted and checked with gosec.
### Linting (optional)
[Revive](https://github.com/mgechev/revive)
```bash
revive -config revive.toml -formatter friendly ./pkg/* ./cmd/* ./internal/*
```
### Security (optional)
[Gosec](https://github.com/securego/gosec)
```bash
gosec ./...
```

72
Makefile
View File

@@ -1,5 +1,8 @@
GOCMD=go
GOBUILD=$(GOCMD) build
GOBUILD_DEBUG=$(GOCMD) build
GOBUILD_RELEASE=CGO_ENABLED=0 $(GOCMD) build -ldflags="-s -w"
GOBUILD_EXPERIMENTAL=GOEXPERIMENT=greenteagc $(GOCMD) build
GOCLEAN=$(GOCMD) clean
GOTEST=$(GOCMD) test
GOGET=$(GOCMD) get
@@ -13,13 +16,38 @@ MAIN_PACKAGE=./cmd/reticulum-go
ALL_PACKAGES=$$(go list ./... | grep -v /vendor/)
.PHONY: all build clean test coverage deps help
.PHONY: all build build-experimental experimental release debug lint bench bench-experimental bench-compare clean test coverage deps help tinygo-build tinygo-wasm run
all: clean deps build test
build:
build:
@mkdir -p $(BUILD_DIR)
$(GOBUILD) -o $(BUILD_DIR)/$(BINARY_NAME) $(MAIN_PACKAGE)
$(GOBUILD_RELEASE) -o $(BUILD_DIR)/$(BINARY_NAME) $(MAIN_PACKAGE)
debug:
@mkdir -p $(BUILD_DIR)
$(GOBUILD_DEBUG) -o $(BUILD_DIR)/$(BINARY_NAME) $(MAIN_PACKAGE)
build-experimental:
@mkdir -p $(BUILD_DIR)
$(GOBUILD_EXPERIMENTAL) -o $(BUILD_DIR)/$(BINARY_NAME)-experimental $(MAIN_PACKAGE)
experimental: build-experimental
release:
@mkdir -p $(BUILD_DIR)
$(GOBUILD_RELEASE) -o $(BUILD_DIR)/$(BINARY_NAME) $(MAIN_PACKAGE)
lint:
revive -config revive.toml -formatter friendly ./pkg/* ./cmd/* ./internal/*
bench:
$(GOTEST) -bench=. -benchmem ./...
bench-experimental:
GOEXPERIMENT=greenteagc $(GOTEST) -bench=. -benchmem ./...
bench-compare: bench bench-experimental
clean:
@rm -rf $(BUILD_DIR)
@@ -33,7 +61,11 @@ coverage:
$(GOCMD) tool cover -html=coverage.out
deps:
@GOPROXY=$${GOPROXY:-https://proxy.golang.org,direct}; \
export GOPROXY; \
$(GOMOD) download
@GOPROXY=$${GOPROXY:-https://proxy.golang.org,direct}; \
export GOPROXY; \
$(GOMOD) verify
build-linux:
@@ -80,19 +112,35 @@ build-riscv:
build-all: build-linux build-windows build-darwin build-freebsd build-openbsd build-netbsd build-arm build-riscv
run:
@./$(BUILD_DIR)/$(BINARY_NAME)
$(GOCMD) run $(MAIN_PACKAGE)
tinygo-build:
@mkdir -p $(BUILD_DIR)
tinygo build -o $(BUILD_DIR)/$(BINARY_NAME)-tinygo -size short $(MAIN_PACKAGE)
tinygo-wasm:
@mkdir -p $(BUILD_DIR)
tinygo build -target wasm -o $(BUILD_DIR)/$(BINARY_NAME).wasm $(MAIN_PACKAGE)
install:
$(GOMOD) download
help:
@echo "Available targets:"
@echo " all - Clean, download dependencies, build and test"
@echo " build - Build binary"
@echo " clean - Remove build artifacts"
@echo " test - Run tests"
@echo " coverage - Generate test coverage report"
@echo " deps - Download dependencies"
@echo " all - Clean, download dependencies, build and test"
@echo " build - Build release binary (no debug symbols, static)"
@echo " debug - Build debug binary"
@echo " build-experimental - Build binary with experimental features (GOEXPERIMENT=greenteagc)"
@echo " experimental - Alias for build-experimental"
@echo " release - Build stripped static binary for release (alias for build)"
@echo " lint - Run revive linter"
@echo " bench - Run benchmarks with standard GC"
@echo " bench-experimental - Run benchmarks with experimental GC"
@echo " bench-compare - Run benchmarks with both GC settings"
@echo " clean - Remove build artifacts"
@echo " test - Run tests"
@echo " coverage - Generate test coverage report"
@echo " deps - Download dependencies"
@echo " build-linux - Build for Linux (amd64, arm64, arm)"
@echo " build-windows- Build for Windows (amd64, arm64)"
@echo " build-darwin - Build for MacOS (amd64, arm64)"
@@ -102,5 +150,7 @@ help:
@echo " build-arm - Build for ARM architectures (arm, arm64)"
@echo " build-riscv - Build for RISC-V architecture (riscv64)"
@echo " build-all - Build for all platforms and architectures"
@echo " run - Run reticulum binary"
@echo " run - Run with go run"
@echo " tinygo-build - Build binary with TinyGo compiler"
@echo " tinygo-wasm - Build WebAssembly binary with TinyGo compiler"
@echo " install - Install dependencies"

60
README.md
View File

@@ -1,28 +1,64 @@
[![Socket Badge](https://socket.dev/api/badge/go/package/github.com/sudo-ivan/reticulum-go?version=v0.4.0)](https://socket.dev/go/package/github.com/sudo-ivan/reticulum-go)
![Multi-Platform Tests](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/go-test.yml/badge.svg)
![Gosec Scan](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/gosec.yml/badge.svg)
[![Multi-Platform Build](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/build.yml/badge.svg)](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/build.yml)
[![Revive Linter](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/revive.yml/badge.svg)](https://github.com/Sudo-Ivan/Reticulum-Go/actions/workflows/revive.yml)
# Reticulum-Go
A Go implementation of the [Reticulum Network Protocol](https://github.com/markqvist/Reticulum).
> [!WARNING]
> This project is still work in progress. Currently not compatible with the Python version.
> This project is currently in development and is not yet compatible with the Python reference implementation.
[Reticulum Network](https://github.com/markqvist/Reticulum) implementation in Go `1.24+`.
## Goals
Aiming to be fully compatible with the Python version.
- To be fully compatible with the Python reference implementation.
- Additional privacy and security features.
- Support for a broader range of platforms and architectures old and new.
# Testing
## Quick Start
```
make install
### Prerequisites
- Go 1.24 or later
### Build
```bash
make build
```
### Run
```bash
make run
```
## Linter
[Revive](https://github.com/mgechev/revive)
### Test
```bash
revive -config revive.toml -formatter friendly ./pkg/* ./cmd/* ./internal/*
make test
```
## External Packages
## Embedded systems and WebAssembly
- `golang.org/x/crypto` `v0.37.0` - Cryptographic primitives
For building for WebAssembly and embedded systems, see the [tinygo branch](https://github.com/Sudo-Ivan/Reticulum-Go/tree/tinygo). Requires TinyGo 0.37.0+.
```bash
make tinygo-build
make tinygo-wasm
```
### Experimental Features
Build with experimental Green Tea GC (Go 1.25+):
```bash
make build-experimental
```
## Official Channels
- [Telegram](https://t.me/reticulum_go)
- [Matrix](https://matrix.to/#/#reticulum-go-dev:matrix.org)

32
SECURITY.md
View File

@@ -2,9 +2,9 @@
We use [Socket](https://socket.dev/), [Deepsource](https://deepsource.com/) and [gosec](https://github.com/securego/gosec) for this project.
## Strict Verfication of Contributors and Code Quality
## Supply Chain Security
We are strict about the quality of the code and the contributors. Please read the [CONTRIBUTING.md](CONTRIBUTING.md) file for more information.
- All actions are pinned to a commit hash.
## Cryptography Dependencies
@@ -22,30 +22,4 @@ We are strict about the quality of the code and the contributors. Please read th
## Reporting a Vulnerability
Please report any security vulnerabilities to [rns@quad4.io](mailto:rns@quad4.io)
**PGP Key:**
```
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZ3RaxBYJKwYBBAHaRw8BAQdAcW8OFXyQ6KuqoTWKVbULYgakD/CeW50y
W0KFou8WwJTNG3Juc0BxdWFkNC5pbyA8cm5zQHF1YWQ0LmlvPsLAEQQTFgoA
gwWCZ3RaxAMLCQcJkJm7qyNLc8pmRRQAAAAAABwAIHNhbHRAbm90YXRpb25z
Lm9wZW5wZ3Bqcy5vcmdVRY9jqwrIm+oRWRFnnBjKUcqvkG/kwkQZ3T74Xz3K
QQMVCggEFgACAQIZAQKbAwIeARYhBG62BFzXpfHCy0yV95m7qyNLc8pmAACS
oQD+K8oIaGx3tOlQbBV5AT3pHCaqXpRoL4W0V4JWc3VCi+MA/iiW6peitoae
+YhKE5lnkiU1jP47VuItQDNt+fNyqNAOzjgEZ3RaxBIKKwYBBAGXVQEFAQEH
QOBQyIb3gXV0Uih/V9Yx5JsFavxSenCtncNXx5KM6cB8AwEIB8K+BBgWCgBw
BYJndFrECZCZu6sjS3PKZkUUAAAAAAAcACBzYWx0QG5vdGF0aW9ucy5vcGVu
cGdwanMub3Jnpqm3qWGYB50CM/kuv+byGwQ3wxIGIpRlK8pwT4l+wXICmwwW
IQRutgRc16XxwstMlfeZu6sjS3PKZgAAzm0BAIKHfL9G+IzCX9B1gVGcG9an
j+gC4y9FrEsmFEBpvGeXAP93FfhO447jWijmxsImTtHTyvhpfeR3a7huFFyi
lh60DA==
=Nm9f
-----END PGP PUBLIC KEY BLOCK-----
```
## Gosec Command
`gosec ./cmd/* ./pkg/* ./internal/*`
Please report any security vulnerabilities using Github reporting tool or email to [rns@quad4.io](mailto:rns@quad4.io)

19
TODO.md
View File

@@ -1,6 +1,8 @@
### Core Components (In Progress)
Last Updated: 2025-04-18
*Needs verification with Reticulum 1.0.0.*
Last Updated: 2025-09-25
- [x] Basic Configuration System
- [x] Basic config structure
@@ -25,8 +27,8 @@ Last Updated: 2025-04-18
- [x] Cryptographic Primitives (Testing required)
- [x] Ed25519
- [x] Curve25519
- [x] AES-128-CBC
- [ ] AES-256-CBC
- [x] ~~AES-128-CBC~~ (Deprecated)
- [x] AES-256-CBC
- [x] SHA-256
- [x] HKDF
- [x] Secure random number generation
@@ -131,7 +133,6 @@ Last Updated: 2025-04-18
- [ ] RNS Utilities.
- [ ] Reticulum config.
### Testing & Validation (Priority)
- [ ] Unit tests for all components
- [ ] Identity tests
@@ -152,8 +153,7 @@ Last Updated: 2025-04-18
- [ ] Channel system end-to-end
- [ ] Buffer system performance
- [ ] Cross-client compatibility tests
- [ ] Performance benchmarks
- [ ] Security auditing (When Reticulum is 1.0 / stable)
- [ ] Performance and memory benchmarks
### Documentation
- [ ] API documentation
@@ -164,4 +164,9 @@ Last Updated: 2025-04-18
- [ ] Move constants to their own files
- [ ] Remove default community interfaces in default config creation after testing
- [ ] Optimize announce packet creation and caching
- [ ] Improve debug logging system
- [ ] Improve debug logging system
### Experimental Features
- [x] Experimental Green Tea GC (build option) (Go 1.25+)
- [ ] MicroVM (firecracker)
- [ ] Kata Container Support

346
cmd/reticulum-go/main.go
View File

@@ -4,7 +4,6 @@ import (
"encoding/binary"
"flag"
"fmt"
"log"
"os"
"os/signal"
"runtime"
@@ -13,10 +12,10 @@ import (
"time"
"github.com/Sudo-Ivan/reticulum-go/internal/config"
"github.com/Sudo-Ivan/reticulum-go/pkg/announce"
"github.com/Sudo-Ivan/reticulum-go/pkg/buffer"
"github.com/Sudo-Ivan/reticulum-go/pkg/channel"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
"github.com/Sudo-Ivan/reticulum-go/pkg/destination"
"github.com/Sudo-Ivan/reticulum-go/pkg/identity"
"github.com/Sudo-Ivan/reticulum-go/pkg/interfaces"
@@ -25,29 +24,15 @@ import (
)
var (
debugLevel = flag.Int("debug", 7, "Debug level (0-7)")
interceptPackets = flag.Bool("intercept-packets", false, "Enable packet interception")
interceptOutput = flag.String("intercept-output", "packets.log", "Output file for intercepted packets")
)
func debugLog(level int, format string, v ...interface{}) {
if *debugLevel >= level {
log.Printf("[DEBUG-%d] %s", level, fmt.Sprintf(format, v...))
}
}
const (
ANNOUNCE_RATE_TARGET = 3600 // Default target time between announces (1 hour)
ANNOUNCE_RATE_GRACE = 3 // Number of grace announces before enforcing rate
ANNOUNCE_RATE_PENALTY = 7200 // Additional penalty time for rate violations
MAX_ANNOUNCE_HOPS = 128 // Maximum number of hops for announces
DEBUG_CRITICAL = 1 // Critical errors
DEBUG_ERROR = 2 // Non-critical errors
DEBUG_INFO = 3 // Important information
DEBUG_VERBOSE = 4 // Detailed information
DEBUG_TRACE = 5 // Very detailed tracing
DEBUG_PACKETS = 6 // Packet-level details
DEBUG_ALL = 7 // Everything including identity operations
APP_NAME = "Go-Client"
APP_ASPECT = "node" // Always use "node" for node announces
)
@@ -91,30 +76,31 @@ func NewReticulum(cfg *common.ReticulumConfig) (*Reticulum, error) {
if err := initializeDirectories(); err != nil {
return nil, fmt.Errorf("failed to initialize directories: %v", err)
}
debugLog(3, "Directories initialized")
debug.Log(debug.DEBUG_INFO, "Directories initialized")
t := transport.NewTransport(cfg)
debugLog(3, "Transport initialized")
debug.Log(debug.DEBUG_INFO, "Transport initialized")
identity, err := identity.NewIdentity()
if err != nil {
return nil, fmt.Errorf("failed to create identity: %v", err)
}
debugLog(2, "Created new identity: %x", identity.Hash())
debug.Log(debug.DEBUG_ERROR, "Created new identity", "hash", fmt.Sprintf("%x", identity.Hash()))
// Create destination
debugLog(DEBUG_INFO, "Creating destination...")
debug.Log(debug.DEBUG_INFO, "Creating destination...")
dest, err := destination.New(
identity,
destination.IN,
destination.SINGLE,
"reticulum",
"nomadnetwork",
t,
"node",
)
if err != nil {
return nil, fmt.Errorf("failed to create destination: %v", err)
}
debugLog(DEBUG_INFO, "Created destination with hash: %x", dest.GetHash())
debug.Log(debug.DEBUG_INFO, "Created destination with hash", "hash", fmt.Sprintf("%x", dest.GetHash()))
// Set node metadata
nodeTimestamp := time.Now().Unix()
@@ -138,9 +124,12 @@ func NewReticulum(cfg *common.ReticulumConfig) (*Reticulum, error) {
// Enable destination features
dest.AcceptsLinks(true)
dest.EnableRatchets("") // Empty string for default path
// Enable ratchets and point to a file for persistence.
// The actual path should probably be configurable.
ratchetPath := ".reticulum-go/storage/ratchets/" + r.identity.GetHexHash()
dest.EnableRatchets(ratchetPath)
dest.SetProofStrategy(destination.PROVE_APP)
debugLog(DEBUG_VERBOSE, "Configured destination features")
debug.Log(debug.DEBUG_VERBOSE, "Configured destination features")
// Initialize interfaces from config
for name, ifaceConfig := range cfg.Interfaces {
@@ -157,9 +146,9 @@ func NewReticulum(cfg *common.ReticulumConfig) (*Reticulum, error) {
name,
ifaceConfig.TargetHost,
ifaceConfig.TargetPort,
ifaceConfig.KISSFraming,
ifaceConfig.I2PTunneled,
ifaceConfig.Enabled,
true, // IN
true, // OUT
)
case "UDPInterface":
iface, err = interfaces.NewUDPInterface(
@@ -171,7 +160,7 @@ func NewReticulum(cfg *common.ReticulumConfig) (*Reticulum, error) {
case "AutoInterface":
iface, err = interfaces.NewAutoInterface(name, ifaceConfig)
default:
debugLog(1, "Unknown interface type: %s", ifaceConfig.Type)
debug.Log(debug.DEBUG_CRITICAL, "Unknown interface type", "type", ifaceConfig.Type)
continue
}
@@ -179,27 +168,30 @@ func NewReticulum(cfg *common.ReticulumConfig) (*Reticulum, error) {
if cfg.PanicOnInterfaceErr {
return nil, fmt.Errorf("failed to create interface %s: %v", name, err)
}
debugLog(1, "Error creating interface %s: %v", name, err)
debug.Log(debug.DEBUG_CRITICAL, "Error creating interface", "name", name, "error", err)
continue
}
// Set packet callback
iface.SetPacketCallback(func(data []byte, ni common.NetworkInterface) {
debug.Log(debug.DEBUG_INFO, "Packet callback called for interface", "name", ni.GetName(), "data_len", len(data))
if r.transport != nil {
r.transport.HandlePacket(data, ni)
} else {
debug.Log(debug.DEBUG_CRITICAL, "Transport is nil in packet callback")
}
})
debugLog(2, "Configuring interface %s (type=%s)...", name, ifaceConfig.Type)
debug.Log(debug.DEBUG_ERROR, "Configuring interface", "name", name, "type", ifaceConfig.Type)
r.interfaces = append(r.interfaces, iface)
debugLog(3, "Interface %s started successfully", name)
debug.Log(debug.DEBUG_INFO, "Interface started successfully", "name", name)
}
return r, nil
}
func (r *Reticulum) handleInterface(iface common.NetworkInterface) {
debugLog(DEBUG_INFO, "Setting up interface %s (type=%T)", iface.GetName(), iface)
debug.Log(debug.DEBUG_INFO, "Setting up interface", "name", iface.GetName(), "type", fmt.Sprintf("%T", iface))
ch := channel.NewChannel(&transportWrapper{r.transport})
r.channels[iface.GetName()] = ch
@@ -210,11 +202,11 @@ func (r *Reticulum) handleInterface(iface common.NetworkInterface) {
ch,
func(size int) {
data := make([]byte, size)
debugLog(DEBUG_PACKETS, "Interface %s: Reading %d bytes from buffer", iface.GetName(), size)
debug.Log(debug.DEBUG_PACKETS, "Interface reading bytes from buffer", "name", iface.GetName(), "size", size)
iface.ProcessIncoming(data)
if len(data) > 0 {
debugLog(DEBUG_TRACE, "Interface %s: Received packet type 0x%02x", iface.GetName(), data[0])
debug.Log(debug.DEBUG_TRACE, "Interface received packet type", "name", iface.GetName(), "type", fmt.Sprintf("0x%02x", data[0]))
r.transport.HandlePacket(data, iface)
}
},
@@ -245,7 +237,7 @@ func (r *Reticulum) monitorInterfaces() {
stats = fmt.Sprintf("%s, RTT: %v", stats, tcpClient.GetRTT())
}
debugLog(DEBUG_VERBOSE, stats)
debug.Log(debug.DEBUG_VERBOSE, "Interface status", "stats", stats)
}
}
}
@@ -253,22 +245,30 @@ func (r *Reticulum) monitorInterfaces() {
func main() {
flag.Parse()
debugLog(1, "Initializing Reticulum (Debug Level: %d)...", *debugLevel)
debug.Init()
debug.Log(debug.DEBUG_CRITICAL, "Initializing Reticulum", "debug_level", debug.GetDebugLevel())
cfg, err := config.InitConfig()
if err != nil {
log.Fatalf("Failed to initialize config: %v", err)
debug.GetLogger().Error("Failed to initialize config", "error", err)
os.Exit(1)
}
debugLog(2, "Configuration loaded from: %s", cfg.ConfigPath)
debug.Log(debug.DEBUG_ERROR, "Configuration loaded", "path", cfg.ConfigPath)
// Add default TCP interfaces if none configured
if len(cfg.Interfaces) == 0 {
debugLog(2, "No interfaces configured, adding default TCP interfaces")
debug.Log(debug.DEBUG_ERROR, "No interfaces configured, adding default interfaces")
cfg.Interfaces = make(map[string]*common.InterfaceConfig)
// Auto interface for local discovery
cfg.Interfaces["Auto Discovery"] = &common.InterfaceConfig{
Type: "AutoInterface",
Enabled: true,
Name: "Auto Discovery",
}
cfg.Interfaces["Go-RNS-Testnet"] = &common.InterfaceConfig{
Type: "TCPClientInterface",
Enabled: true,
Enabled: false,
TargetHost: "127.0.0.1",
TargetPort: 4242,
Name: "Go-RNS-Testnet",
@@ -285,7 +285,8 @@ func main() {
r, err := NewReticulum(cfg)
if err != nil {
log.Fatalf("Failed to create Reticulum instance: %v", err)
debug.GetLogger().Error("Failed to create Reticulum instance", "error", err)
os.Exit(1)
}
// Start monitoring interfaces
@@ -297,60 +298,19 @@ func main() {
// Start Reticulum
if err := r.Start(); err != nil {
log.Fatalf("Failed to start Reticulum: %v", err)
debug.GetLogger().Error("Failed to start Reticulum", "error", err)
os.Exit(1)
}
// Start periodic announces
go func() {
ticker := time.NewTicker(5 * time.Minute) // Adjust interval as needed
defer ticker.Stop()
for range ticker.C {
debugLog(3, "Starting periodic announce cycle")
// Create a new announce packet for this cycle
periodicAnnounce, err := announce.NewAnnounce(
r.identity,
r.createNodeAppData(),
nil, // No ratchet ID for now
false,
r.config,
)
if err != nil {
debugLog(1, "Failed to create periodic announce: %v", err)
continue
}
// Propagate announce to all online interfaces
var onlineInterfaces []common.NetworkInterface
for _, iface := range r.interfaces {
if netIface, ok := iface.(common.NetworkInterface); ok {
if netIface.IsEnabled() && netIface.IsOnline() {
onlineInterfaces = append(onlineInterfaces, netIface)
}
}
}
if len(onlineInterfaces) > 0 {
debugLog(2, "Sending periodic announce on %d interfaces", len(onlineInterfaces))
if err := periodicAnnounce.Propagate(onlineInterfaces); err != nil {
debugLog(1, "Failed to propagate periodic announce: %v", err)
}
} else {
debugLog(3, "No online interfaces for periodic announce")
}
}
}()
sigChan := make(chan os.Signal, 1)
signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
<-sigChan
debugLog(1, "Shutting down...")
debug.Log(debug.DEBUG_CRITICAL, "Shutting down...")
if err := r.Stop(); err != nil {
debugLog(1, "Error during shutdown: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Error during shutdown", "error", err)
}
debugLog(1, "Goodbye!")
debug.Log(debug.DEBUG_CRITICAL, "Goodbye!")
}
type transportWrapper struct {
@@ -411,7 +371,7 @@ func initializeDirectories() error {
}
for _, dir := range dirs {
if err := os.MkdirAll(dir, 0755); err != nil {
if err := os.MkdirAll(dir, 0700); err != nil { // #nosec G301
return fmt.Errorf("failed to create directory %s: %v", dir, err)
}
}
@@ -419,124 +379,86 @@ func initializeDirectories() error {
}
func (r *Reticulum) Start() error {
debugLog(2, "Starting Reticulum...")
debug.Log(debug.DEBUG_ERROR, "Starting Reticulum...")
if err := r.transport.Start(); err != nil {
return fmt.Errorf("failed to start transport: %v", err)
}
debugLog(3, "Transport started successfully")
debug.Log(debug.DEBUG_INFO, "Transport started successfully")
// Start interfaces
for _, iface := range r.interfaces {
debugLog(2, "Starting interface %s...", iface.GetName())
debug.Log(debug.DEBUG_ERROR, "Starting interface", "name", iface.GetName())
if err := iface.Start(); err != nil {
if r.config.PanicOnInterfaceErr {
return fmt.Errorf("failed to start interface %s: %v", iface.GetName(), err)
}
debugLog(1, "Error starting interface %s: %v", iface.GetName(), err)
debug.Log(debug.DEBUG_CRITICAL, "Error starting interface", "name", iface.GetName(), "error", err)
continue
}
if netIface, ok := iface.(common.NetworkInterface); ok {
// Register interface with transport
if err := r.transport.RegisterInterface(iface.GetName(), netIface); err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to register interface with transport", "name", iface.GetName(), "error", err)
} else {
debug.Log(debug.DEBUG_INFO, "Registered interface with transport", "name", iface.GetName())
}
r.handleInterface(netIface)
}
debugLog(3, "Interface %s started successfully", iface.GetName())
debug.Log(debug.DEBUG_INFO, "Interface started successfully", "name", iface.GetName())
}
// Wait for interfaces to initialize
time.Sleep(2 * time.Second)
// Send initial announce once per interface
initialAnnounce, err := announce.NewAnnounce(
r.identity,
r.createNodeAppData(),
nil,
false,
r.config,
)
if err != nil {
return fmt.Errorf("failed to create announce: %v", err)
// Send initial announce
debug.Log(debug.DEBUG_ERROR, "Sending initial announce")
nodeName := "Go-Client"
if err := r.destination.Announce([]byte(nodeName)); err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to send initial announce", "error", err)
}
for _, iface := range r.interfaces {
if netIface, ok := iface.(common.NetworkInterface); ok {
if netIface.IsEnabled() && netIface.IsOnline() {
debugLog(2, "Sending initial announce on interface %s", netIface.GetName())
if err := initialAnnounce.Propagate([]common.NetworkInterface{netIface}); err != nil {
debugLog(1, "Failed to send initial announce on interface %s: %v", netIface.GetName(), err)
}
// Add delay between interfaces
time.Sleep(100 * time.Millisecond)
}
}
}
// Start periodic announce goroutine with rate limiting
// Start periodic announce goroutine
go func() {
ticker := time.NewTicker(ANNOUNCE_RATE_TARGET * time.Second)
defer ticker.Stop()
// Wait a bit before the first announce
time.Sleep(5 * time.Second)
announceCount := 0
for range ticker.C {
announceCount++
debugLog(3, "Starting periodic announce cycle #%d", announceCount)
periodicAnnounce, err := announce.NewAnnounce(
r.identity,
r.createNodeAppData(),
nil,
false,
r.config,
)
for {
debug.Log(debug.DEBUG_INFO, "Announcing destination...")
err := r.destination.Announce([]byte(nodeName))
if err != nil {
debugLog(1, "Failed to create periodic announce: %v", err)
continue
debug.Log(debug.DEBUG_CRITICAL, "Could not send announce", "error", err)
}
// Send to each interface with rate limiting
for _, iface := range r.interfaces {
if netIface, ok := iface.(common.NetworkInterface); ok {
if netIface.IsEnabled() && netIface.IsOnline() {
// Apply rate limiting after grace period
if announceCount > ANNOUNCE_RATE_GRACE {
time.Sleep(time.Duration(ANNOUNCE_RATE_PENALTY) * time.Second)
}
debugLog(2, "Sending periodic announce on interface %s", netIface.GetName())
if err := periodicAnnounce.Propagate([]common.NetworkInterface{netIface}); err != nil {
debugLog(1, "Failed to send periodic announce on interface %s: %v", netIface.GetName(), err)
continue
}
}
}
}
time.Sleep(60 * time.Second)
}
}()
go r.monitorInterfaces()
debugLog(2, "Reticulum started successfully")
debug.Log(debug.DEBUG_ERROR, "Reticulum started successfully")
return nil
}
func (r *Reticulum) Stop() error {
debugLog(2, "Stopping Reticulum...")
debug.Log(debug.DEBUG_ERROR, "Stopping Reticulum...")
for _, buf := range r.buffers {
if err := buf.Close(); err != nil {
debugLog(1, "Error closing buffer: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Error closing buffer", "error", err)
}
}
for _, ch := range r.channels {
if err := ch.Close(); err != nil {
debugLog(1, "Error closing channel: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Error closing channel", "error", err)
}
}
for _, iface := range r.interfaces {
if err := iface.Stop(); err != nil {
debugLog(1, "Error stopping interface %s: %v", iface.GetName(), err)
debug.Log(debug.DEBUG_CRITICAL, "Error stopping interface", "name", iface.GetName(), "error", err)
}
}
@@ -544,7 +466,7 @@ func (r *Reticulum) Stop() error {
return fmt.Errorf("failed to close transport: %v", err)
}
debugLog(2, "Reticulum stopped successfully")
debug.Log(debug.DEBUG_ERROR, "Reticulum stopped successfully")
return nil
}
@@ -565,102 +487,58 @@ func (h *AnnounceHandler) AspectFilter() []string {
}
func (h *AnnounceHandler) ReceivedAnnounce(destHash []byte, id interface{}, appData []byte) error {
debugLog(DEBUG_INFO, "Received announce from %x", destHash)
debugLog(DEBUG_PACKETS, "Raw announce data: %x", appData)
debug.Log(debug.DEBUG_INFO, "Received announce", "hash", fmt.Sprintf("%x", destHash))
debug.Log(debug.DEBUG_PACKETS, "Raw announce data", "data", fmt.Sprintf("%x", appData))
debug.Log(debug.DEBUG_INFO, "MAIN HANDLER: Received announce", "hash", fmt.Sprintf("%x", destHash), "appData_len", len(appData))
var isNode bool
var nodeEnabled bool
var nodeTimestamp int64
var nodeMaxSize int16
// Parse msgpack array
// Parse msgpack appData from transport announce format
if len(appData) > 0 {
if appData[0] == 0x92 {
// Format [name, ticket] for standard peers
debugLog(DEBUG_VERBOSE, "Received standard peer announce")
isNode = false
var pos = 1
// Parse first element (NameBytes)
if pos+1 < len(appData) && appData[pos] == 0xc4 {
// appData is msgpack array [name, customData]
if appData[0] == 0x92 { // array of 2 elements
// Skip array header and first element (name)
pos := 1
if pos < len(appData) && appData[pos] == 0xc4 { // bin 8
nameLen := int(appData[pos+1])
if pos+2+nameLen <= len(appData) {
nameBytes := appData[pos+2 : pos+2+nameLen]
name := string(nameBytes)
pos += 2 + nameLen
debugLog(DEBUG_VERBOSE, "Peer name: %s (bytes: %x)", name, nameBytes)
// Parse second element (TicketValue)
if pos < len(appData) {
ticketValue := appData[pos] // Assuming fixint for now
debugLog(DEBUG_VERBOSE, "Peer ticket value: %d", ticketValue)
} else {
debugLog(DEBUG_ERROR, "Could not parse ticket value from announce appData")
pos += 2 + nameLen
if pos < len(appData) && appData[pos] == 0xc4 { // bin 8
dataLen := int(appData[pos+1])
if pos+2+dataLen <= len(appData) {
customData := appData[pos+2 : pos+2+dataLen]
nodeName := string(customData)
debug.Log(debug.DEBUG_INFO, "Parsed node name", "name", nodeName)
debug.Log(debug.DEBUG_INFO, "Announced node", "name", nodeName)
}
} else {
debugLog(DEBUG_ERROR, "Could not parse name bytes from announce appData")
}
} else {
debugLog(DEBUG_ERROR, "Announce appData name is not in expected bin 8 format")
}
} else if appData[0] == 0x93 {
// Format [enable, timestamp, maxsize] for nodes
debugLog(DEBUG_VERBOSE, "Received node announce")
isNode = true
var pos = 1
// Parse first element (Boolean enable/disable)
if pos < len(appData) {
if appData[pos] == 0xc3 {
nodeEnabled = true
} else if appData[pos] == 0xc2 {
nodeEnabled = false
} else {
debugLog(DEBUG_ERROR, "Unexpected format for node enabled status: %x", appData[pos])
}
pos++
debugLog(DEBUG_VERBOSE, "Node enabled: %v", nodeEnabled)
// Parse second element (Int32 timestamp)
if pos+4 < len(appData) && appData[pos] == 0xd2 {
pos++
timestamp := binary.BigEndian.Uint32(appData[pos : pos+4])
nodeTimestamp = int64(timestamp)
pos += 4
debugLog(DEBUG_VERBOSE, "Node timestamp: %d (%s)", timestamp, time.Unix(nodeTimestamp, 0))
// Parse third element (Int16 max transfer size)
if pos+2 < len(appData) && appData[pos] == 0xd1 {
pos++
maxSize := binary.BigEndian.Uint16(appData[pos : pos+2])
nodeMaxSize = int16(maxSize)
debugLog(DEBUG_VERBOSE, "Node max transfer size: %d KB", nodeMaxSize)
} else {
debugLog(DEBUG_ERROR, "Could not parse max transfer size from node announce")
}
} else {
debugLog(DEBUG_ERROR, "Could not parse timestamp from node announce")
}
}
} else {
debugLog(DEBUG_VERBOSE, "Unknown announce data format: %x", appData)
// Fallback: treat as raw node name
nodeName := string(appData)
debug.Log(debug.DEBUG_INFO, "Raw node name", "name", nodeName)
debug.Log(debug.DEBUG_INFO, "Announced node", "name", nodeName)
}
} else {
debug.Log(debug.DEBUG_INFO, "No appData (empty announce)")
}
// Type assert and log identity details
if identity, ok := id.(*identity.Identity); ok {
debugLog(DEBUG_ALL, "Identity details:")
debugLog(DEBUG_ALL, " Hash: %s", identity.GetHexHash())
debugLog(DEBUG_ALL, " Public Key: %x", identity.GetPublicKey())
debug.Log(debug.DEBUG_ALL, "Identity details")
debug.Log(debug.DEBUG_ALL, "Identity hash", "hash", identity.GetHexHash())
debug.Log(debug.DEBUG_ALL, "Identity public key", "key", fmt.Sprintf("%x", identity.GetPublicKey()))
ratchets := identity.GetRatchets()
debugLog(DEBUG_ALL, " Active Ratchets: %d", len(ratchets))
debug.Log(debug.DEBUG_ALL, "Active ratchets", "count", len(ratchets))
if len(ratchets) > 0 {
ratchetKey := identity.GetCurrentRatchetKey()
if ratchetKey != nil {
ratchetID := identity.GetRatchetID(ratchetKey)
debugLog(DEBUG_ALL, " Current Ratchet ID: %x", ratchetID)
debug.Log(debug.DEBUG_ALL, "Current ratchet ID", "id", fmt.Sprintf("%x", ratchetID))
}
}
@@ -668,8 +546,7 @@ func (h *AnnounceHandler) ReceivedAnnounce(destHash []byte, id interface{}, appD
recordType := "peer"
if isNode {
recordType = "node"
debugLog(DEBUG_INFO, "Storing node in announce history: enabled=%v, timestamp=%d, maxsize=%dKB",
nodeEnabled, nodeTimestamp, nodeMaxSize)
debug.Log(debug.DEBUG_INFO, "Storing node in announce history", "enabled", nodeEnabled, "timestamp", nodeTimestamp, "maxsize", fmt.Sprintf("%dKB", nodeMaxSize))
}
h.reticulum.announceHistoryMu.Lock()
@@ -679,7 +556,7 @@ func (h *AnnounceHandler) ReceivedAnnounce(destHash []byte, id interface{}, appD
}
h.reticulum.announceHistoryMu.Unlock()
debugLog(DEBUG_VERBOSE, "Stored %s announce in history for identity %s", recordType, identity.GetHexHash())
debug.Log(debug.DEBUG_VERBOSE, "Stored announce in history", "type", recordType, "identity", identity.GetHexHash())
}
return nil
@@ -710,16 +587,15 @@ func (r *Reticulum) createNodeAppData() []byte {
r.nodeTimestamp = time.Now().Unix()
appData = append(appData, 0xd2) // int32 format
timeBytes := make([]byte, 4)
binary.BigEndian.PutUint32(timeBytes, uint32(r.nodeTimestamp))
binary.BigEndian.PutUint32(timeBytes, uint32(r.nodeTimestamp)) // #nosec G115
appData = append(appData, timeBytes...)
// Element 2: Int16 max transfer size in KB
appData = append(appData, 0xd1) // int16 format
sizeBytes := make([]byte, 2)
binary.BigEndian.PutUint16(sizeBytes, uint16(r.maxTransferSize))
binary.BigEndian.PutUint16(sizeBytes, uint16(r.maxTransferSize)) // #nosec G115
appData = append(appData, sizeBytes...)
log.Printf("[DEBUG-7] Created node appData (msgpack [enable=%v, timestamp=%d, maxsize=%d]): %x",
r.nodeEnabled, r.nodeTimestamp, r.maxTransferSize, appData)
debug.Log(debug.DEBUG_ALL, "Created node appData", "enable", r.nodeEnabled, "timestamp", r.nodeTimestamp, "maxsize", r.maxTransferSize, "data", fmt.Sprintf("%x", appData))
return appData
}

39
docker/Dockerfile Normal file
View File

@@ -0,0 +1,39 @@
ARG GO_VERSION=1.25
FROM golang:${GO_VERSION}-alpine AS builder
ENV CGO_ENABLED=0
ENV GOOS=linux
ENV GOARCH=amd64
RUN apk add --no-cache git
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY cmd/ cmd/
COPY internal/ internal/
COPY pkg/ pkg/
RUN go build \
-ldflags='-w -s -extldflags "-static"' \
-a -installsuffix cgo \
-o reticulum-go \
./cmd/reticulum-go
FROM busybox:latest
RUN adduser -D -s /bin/sh app
COPY --from=builder /build/reticulum-go /usr/local/bin/reticulum-go
RUN chmod +x /usr/local/bin/reticulum-go
RUN mkdir -p /app && chown app:app /app
USER app
WORKDIR /app
EXPOSE 4242
ENTRYPOINT ["/usr/local/bin/reticulum-go"]

27
docker/Dockerfile.build Normal file
View File

@@ -0,0 +1,27 @@
ARG GO_VERSION=1.25
FROM golang:${GO_VERSION}-alpine
ENV CGO_ENABLED=0
ENV GOOS=linux
ENV GOARCH=amd64
RUN apk add --no-cache git
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY cmd/ cmd/
COPY internal/ internal/
COPY pkg/ pkg/
ARG BINARY_NAME=reticulum-go
ARG BUILD_PATH=./cmd/reticulum-go
RUN mkdir -p /dist && \
go build \
-ldflags='-w -s -extldflags "-static"' \
-a -installsuffix cgo \
-o /dist/${BINARY_NAME} \
${BUILD_PATH}

7
go.mod
View File

@@ -2,4 +2,9 @@ module github.com/Sudo-Ivan/reticulum-go
go 1.24.0
require golang.org/x/crypto v0.37.0
require (
github.com/vmihailenco/msgpack/v5 v5.4.1
golang.org/x/crypto v0.43.0
)
require github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect

16
go.sum
View File

@@ -1,2 +1,14 @@
golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IUPn0Bjt8=
github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok=
github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=
github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04=
golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

8
internal/config/config.go
View File

@@ -44,7 +44,7 @@ func EnsureConfigDir() error {
}
configDir := filepath.Join(homeDir, ".reticulum-go")
return os.MkdirAll(configDir, 0755)
return os.MkdirAll(configDir, 0700) // #nosec G301
}
// parseValue parses string values into appropriate types
@@ -70,7 +70,7 @@ func parseValue(value string) interface{} {
// LoadConfig loads the configuration from the specified path
func LoadConfig(path string) (*common.ReticulumConfig, error) {
file, err := os.Open(path)
file, err := os.Open(path) // #nosec G304
if err != nil {
return nil, err
}
@@ -202,7 +202,7 @@ func SaveConfig(cfg *common.ReticulumConfig) error {
builder.WriteString("\n")
}
return os.WriteFile(cfg.ConfigPath, []byte(builder.String()), 0644)
return os.WriteFile(cfg.ConfigPath, []byte(builder.String()), 0600) // #nosec G306
}
// CreateDefaultConfig creates a default configuration file
@@ -244,7 +244,7 @@ func CreateDefaultConfig(path string) error {
Port: 37696,
}
if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil {
if err := os.MkdirAll(filepath.Dir(path), 0700); err != nil { // #nosec G301
return err
}

227
pkg/announce/announce.go
View File

@@ -12,6 +12,7 @@ import (
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/identity"
"golang.org/x/crypto/curve25519"
)
const (
@@ -57,6 +58,7 @@ type AnnounceHandler interface {
type Announce struct {
mutex *sync.RWMutex
destinationHash []byte
destinationName string
identity *identity.Identity
appData []byte
config *common.ReticulumConfig
@@ -71,32 +73,40 @@ type Announce struct {
hash []byte
}
func New(dest *identity.Identity, appData []byte, pathResponse bool, config *common.ReticulumConfig) (*Announce, error) {
func New(dest *identity.Identity, destinationHash []byte, destinationName string, appData []byte, pathResponse bool, config *common.ReticulumConfig) (*Announce, error) {
if dest == nil {
return nil, errors.New("destination identity required")
}
a := &Announce{
mutex: &sync.RWMutex{},
identity: dest,
appData: appData,
config: config,
hops: 0,
timestamp: time.Now().Unix(),
pathResponse: pathResponse,
retries: 0,
handlers: make([]AnnounceHandler, 0),
if len(destinationHash) == 0 {
return nil, errors.New("destination hash required")
}
// Generate truncated hash from public key
pubKey := dest.GetPublicKey()
hash := sha256.Sum256(pubKey)
a.destinationHash = hash[:identity.TRUNCATED_HASHLENGTH/8]
if destinationName == "" {
return nil, errors.New("destination name required")
}
a := &Announce{
mutex: &sync.RWMutex{},
identity: dest,
destinationHash: destinationHash,
destinationName: destinationName,
appData: appData,
config: config,
hops: 0,
timestamp: time.Now().Unix(),
pathResponse: pathResponse,
retries: 0,
handlers: make([]AnnounceHandler, 0),
}
// Get current ratchet ID if enabled
currentRatchet := dest.GetCurrentRatchetKey()
if currentRatchet != nil {
a.ratchetID = dest.GetRatchetID(currentRatchet)
ratchetPub, err := curve25519.X25519(currentRatchet, curve25519.Basepoint)
if err == nil {
a.ratchetID = dest.GetRatchetID(ratchetPub)
}
}
// Sign announce data
@@ -221,9 +231,9 @@ func (a *Announce) HandleAnnounce(data []byte) error {
}
// Now parse the data portion according to the spec
// Public Key (32) + Signing Key (32) + Name Hash (10) + Random Hash (10) + [Ratchet] + Signature (64) + App Data
// Public Key (32) + Signing Key (32) + Name Hash (10) + Random Hash (10) + Ratchet (32) + Signature (64) + App Data
if len(packetData) < 148 { // 32 + 32 + 10 + 10 + 64
if len(packetData) < 180 { // 32 + 32 + 10 + 10 + 32 + 64
return errors.New("announce data too short")
}
@@ -232,16 +242,13 @@ func (a *Announce) HandleAnnounce(data []byte) error {
signKey := packetData[32:64]
nameHash := packetData[64:74]
randomHash := packetData[74:84]
// The next field could be a ratchet (32 bytes) or signature (64 bytes)
// We need to detect this somehow or use a flag
// For now, assume no ratchet
signature := packetData[84:148]
appData := packetData[148:]
ratchetData := packetData[84:116]
signature := packetData[116:180]
appData := packetData[180:]
log.Printf("[DEBUG-7] Announce fields: encKey=%x, signKey=%x", encKey, signKey)
log.Printf("[DEBUG-7] Name hash=%x, random hash=%x", nameHash, randomHash)
log.Printf("[DEBUG-7] Ratchet=%x", ratchetData[:8])
log.Printf("[DEBUG-7] Signature=%x, appDataLen=%d", signature[:8], len(appData))
// Get the destination hash from header
@@ -268,6 +275,7 @@ func (a *Announce) HandleAnnounce(data []byte) error {
signedData = append(signedData, signKey...)
signedData = append(signedData, nameHash...)
signedData = append(signedData, randomHash...)
signedData = append(signedData, ratchetData...)
signedData = append(signedData, appData...)
if !announcedIdentity.Verify(signedData, signature) {
@@ -318,100 +326,97 @@ func CreateHeader(ifacFlag byte, headerType byte, contextFlag byte, propType byt
}
func (a *Announce) CreatePacket() []byte {
// Create header
// This function creates the complete announce packet according to the Reticulum specification.
// Announce Packet Structure:
// [Header (2 bytes)][Dest Hash (16 bytes)][Transport ID (16 bytes)][Context (1 byte)][Announce Data]
// Announce Data Structure:
// [Public Key (32 bytes)][Signing Key (32 bytes)][Name Hash (10 bytes)][Random Hash (10 bytes)][Ratchet (32 bytes)][Signature (64 bytes)][App Data]
// 2. Destination Hash
destHash := a.destinationHash
if len(destHash) == 0 {
}
// 3. Transport ID (zeros for broadcast announce)
transportID := make([]byte, 16)
// 5. Announce Data
// 5.1 Public Keys
pubKey := a.identity.GetPublicKey()
encKey := pubKey[:32]
signKey := pubKey[32:]
// 5.2 Name Hash
nameHash := sha256.Sum256([]byte(a.destinationName))
nameHash10 := nameHash[:10]
// 5.3 Random Hash
randomHash := make([]byte, 10)
_, err := rand.Read(randomHash)
if err != nil {
log.Printf("Error reading random bytes for announce: %v", err)
}
// 5.4 Ratchet (only include if exists)
var ratchetData []byte
currentRatchetKey := a.identity.GetCurrentRatchetKey()
if currentRatchetKey != nil {
ratchetPub, err := curve25519.X25519(currentRatchetKey, curve25519.Basepoint)
if err == nil {
ratchetData = make([]byte, 32)
copy(ratchetData, ratchetPub)
}
}
// Determine context flag based on whether ratchet exists
contextFlag := byte(0)
if len(ratchetData) > 0 {
contextFlag = 1 // FLAG_SET
}
// 1. Create Header (now that we know context flag)
header := CreateHeader(
IFAC_NONE,
HEADER_TYPE_2, // Use header type 2 for announces
0, // No context flag
HEADER_TYPE_2,
contextFlag,
PROP_TYPE_BROADCAST,
DEST_TYPE_SINGLE,
PACKET_TYPE_ANNOUNCE,
a.hops,
)
packet := header
// 4. Context Byte
contextByte := byte(0)
// Add destination hash (16 bytes)
packet = append(packet, a.destinationHash...)
// If using header type 2, add transport ID (16 bytes)
// For broadcast announces, this is filled with zeroes
transportID := make([]byte, 16)
packet = append(packet, transportID...)
// Add context byte
packet = append(packet, byte(0)) // Context byte, 0 for announces
// Add public key parts (32 bytes each)
pubKey := a.identity.GetPublicKey()
encKey := pubKey[:32] // Encryption key
signKey := pubKey[32:] // Signing key
// Start building data portion according to spec
data := make([]byte, 0, 32+32+10+10+32+64+len(a.appData))
data = append(data, encKey...) // Encryption key (32 bytes)
data = append(data, signKey...) // Signing key (32 bytes)
// Determine if this is a node announce based on appData format
var appName string
if len(a.appData) > 2 && a.appData[0] == 0x93 {
// This is a node announcement
appName = "reticulum.node"
} else if len(a.appData) > 3 && a.appData[0] == 0x92 && a.appData[1] == 0xc4 {
nameLen := int(a.appData[2])
if 3+nameLen <= len(a.appData) {
appName = string(a.appData[3 : 3+nameLen])
} else {
appName = fmt.Sprintf("%s.%s", a.config.AppName, a.config.AppAspect)
}
} else {
// Default fallback using config values
appName = fmt.Sprintf("%s.%s", a.config.AppName, a.config.AppAspect)
}
// Add name hash (10 bytes)
nameHash := sha256.Sum256([]byte(appName))
nameHash10 := nameHash[:10]
log.Printf("[DEBUG-6] Using name hash for '%s': %x", appName, nameHash10)
data = append(data, nameHash10...)
// Add random hash (10 bytes) - 5 bytes random + 5 bytes time
randomHash := make([]byte, 10)
rand.Read(randomHash[:5])
timeBytes := make([]byte, 8)
binary.BigEndian.PutUint64(timeBytes, uint64(time.Now().Unix()))
copy(randomHash[5:], timeBytes[:5])
data = append(data, randomHash...)
// Add ratchet ID (32 bytes) - required in the packet format
if a.ratchetID != nil {
data = append(data, a.ratchetID...)
} else {
// If there's no ratchet, add 32 zero bytes as placeholder
data = append(data, make([]byte, 32)...)
}
// Create validation data for signature
// Signature consists of destination hash, public keys, name hash, random hash, and app data
// 5.5 Signature
// The signature is calculated over: Dest Hash + Public Keys + Name Hash + Random Hash + Ratchet (if exists) + App Data
validationData := make([]byte, 0)
validationData = append(validationData, a.destinationHash...)
validationData = append(validationData, destHash...)
validationData = append(validationData, encKey...)
validationData = append(validationData, signKey...)
validationData = append(validationData, nameHash10...)
validationData = append(validationData, randomHash...)
validationData = append(validationData, a.appData...)
// Add signature (64 bytes)
signature := a.identity.Sign(validationData)
data = append(data, signature...)
// Add app data
if len(a.appData) > 0 {
data = append(data, a.appData...)
if len(ratchetData) > 0 {
validationData = append(validationData, ratchetData...)
}
validationData = append(validationData, a.appData...)
signature := a.identity.Sign(validationData)
// Combine header and data
packet = append(packet, data...)
// 6. Assemble the packet
packet := make([]byte, 0)
packet = append(packet, header...)
packet = append(packet, destHash...)
packet = append(packet, transportID...)
packet = append(packet, contextByte)
packet = append(packet, encKey...)
packet = append(packet, signKey...)
packet = append(packet, nameHash10...)
packet = append(packet, randomHash...)
if len(ratchetData) > 0 {
packet = append(packet, ratchetData...)
}
packet = append(packet, signature...)
packet = append(packet, a.appData...)
return packet
}
@@ -435,7 +440,7 @@ func NewAnnouncePacket(pubKey []byte, appData []byte, announceID []byte) *Announ
// Add app data length and content
appDataLen := make([]byte, 2)
binary.BigEndian.PutUint16(appDataLen, uint16(len(appData)))
binary.BigEndian.PutUint16(appDataLen, uint16(len(appData))) // #nosec G115
packet.Data = append(packet.Data, appDataLen...)
packet.Data = append(packet.Data, appData...)
@@ -446,9 +451,9 @@ func NewAnnouncePacket(pubKey []byte, appData []byte, announceID []byte) *Announ
}
// NewAnnounce creates a new announce packet for a destination
func NewAnnounce(identity *identity.Identity, appData []byte, ratchetID []byte, pathResponse bool, config *common.ReticulumConfig) (*Announce, error) {
log.Printf("[DEBUG-7] Creating new announce: appDataLen=%d, hasRatchet=%v, pathResponse=%v",
len(appData), ratchetID != nil, pathResponse)
func NewAnnounce(identity *identity.Identity, destinationHash []byte, appData []byte, ratchetID []byte, pathResponse bool, config *common.ReticulumConfig) (*Announce, error) {
log.Printf("[DEBUG-7] Creating new announce: destHash=%x, appDataLen=%d, hasRatchet=%v, pathResponse=%v",
destinationHash, len(appData), ratchetID != nil, pathResponse)
if identity == nil {
log.Printf("[DEBUG-7] Error: nil identity provided")
@@ -459,8 +464,12 @@ func NewAnnounce(identity *identity.Identity, appData []byte, ratchetID []byte,
return nil, errors.New("config cannot be nil")
}
destHash := identity.Hash()
log.Printf("[DEBUG-7] Generated destination hash: %x", destHash)
if len(destinationHash) == 0 {
return nil, errors.New("destination hash cannot be empty")
}
destHash := destinationHash
log.Printf("[DEBUG-7] Using provided destination hash: %x", destHash)
a := &Announce{
identity: identity,

24
pkg/buffer/buffer.go
View File

@@ -35,7 +35,9 @@ func (m *StreamDataMessage) Pack() ([]byte, error) {
}
buf := new(bytes.Buffer)
binary.Write(buf, binary.BigEndian, headerVal)
if err := binary.Write(buf, binary.BigEndian, headerVal); err != nil { // #nosec G104
return nil, err // Or handle the error appropriately
}
buf.Write(m.Data)
return buf.Bytes(), nil
}
@@ -111,8 +113,8 @@ func (r *RawChannelReader) Read(p []byte) (n int, err error) {
return
}
func (r *RawChannelReader) HandleMessage(msg channel.MessageBase) bool {
if streamMsg, ok := msg.(*StreamDataMessage); ok && streamMsg.StreamID == uint16(r.streamID) {
func (r *RawChannelReader) HandleMessage(msg channel.MessageBase) bool { // #nosec G115
if streamMsg, ok := msg.(*StreamDataMessage); ok && streamMsg.StreamID == uint16(r.streamID) {
r.mutex.Lock()
defer r.mutex.Unlock()
@@ -156,7 +158,7 @@ func (w *RawChannelWriter) Write(p []byte) (n int, err error) {
}
msg := &StreamDataMessage{
StreamID: uint16(w.streamID),
StreamID: uint16(w.streamID), // #nosec G115
Data: p,
EOF: w.eof,
}
@@ -228,13 +230,23 @@ func compressData(data []byte) []byte {
var compressed bytes.Buffer
w := bytes.NewBuffer(data)
r := bzip2.NewReader(w)
io.Copy(&compressed, r)
_, err := io.Copy(&compressed, r) // #nosec G104 #nosec G110
if err != nil {
// Handle error, e.g., log it or return an error
return nil
}
return compressed.Bytes()
}
func decompressData(data []byte) []byte {
reader := bzip2.NewReader(bytes.NewReader(data))
var decompressed bytes.Buffer
io.Copy(&decompressed, reader)
// Limit the amount of data read to prevent decompression bombs
limitedReader := io.LimitReader(reader, MaxChunkLen) // #nosec G110
_, err := io.Copy(&decompressed, limitedReader)
if err != nil {
// Handle error, e.g., log it or return an error
return nil
}
return decompressed.Bytes()
}

10
pkg/channel/channel.go
View File

@@ -2,6 +2,7 @@ package channel
import (
"errors"
"log"
"math"
"sync"
"time"
@@ -138,7 +139,14 @@ func (c *Channel) handleTimeout(packet interface{}) {
return
}
env.Tries++
c.link.Resend(packet)
if err := c.link.Resend(packet); err != nil { // #nosec G104
// Handle resend error, e.g., log it or mark envelope as failed
log.Printf("Failed to resend packet: %v", err)
// Optionally, mark the envelope as failed or remove it from txRing
// env.State = MsgStateFailed
// c.txRing = append(c.txRing[:i], c.txRing[i+1:]...)
return
}
timeout := c.getPacketTimeout(env.Tries)
c.link.SetPacketTimeout(packet, c.handleTimeout, timeout)
break

94
pkg/common/config_test.go Normal file
View File

@@ -0,0 +1,94 @@
package common
import (
"testing"
)
func TestNewReticulumConfig(t *testing.T) {
cfg := NewReticulumConfig()
if !cfg.EnableTransport {
t.Errorf("NewReticulumConfig() EnableTransport = %v; want true", cfg.EnableTransport)
}
if cfg.ShareInstance {
t.Errorf("NewReticulumConfig() ShareInstance = %v; want false", cfg.ShareInstance)
}
if cfg.SharedInstancePort != DEFAULT_SHARED_INSTANCE_PORT {
t.Errorf("NewReticulumConfig() SharedInstancePort = %d; want %d", cfg.SharedInstancePort, DEFAULT_SHARED_INSTANCE_PORT)
}
if cfg.InstanceControlPort != DEFAULT_INSTANCE_CONTROL_PORT {
t.Errorf("NewReticulumConfig() InstanceControlPort = %d; want %d", cfg.InstanceControlPort, DEFAULT_INSTANCE_CONTROL_PORT)
}
if cfg.PanicOnInterfaceErr {
t.Errorf("NewReticulumConfig() PanicOnInterfaceErr = %v; want false", cfg.PanicOnInterfaceErr)
}
if cfg.LogLevel != DEFAULT_LOG_LEVEL {
t.Errorf("NewReticulumConfig() LogLevel = %d; want %d", cfg.LogLevel, DEFAULT_LOG_LEVEL)
}
if len(cfg.Interfaces) != 0 {
t.Errorf("NewReticulumConfig() Interfaces length = %d; want 0", len(cfg.Interfaces))
}
}
func TestDefaultConfig(t *testing.T) {
cfg := DefaultConfig()
if !cfg.EnableTransport {
t.Errorf("DefaultConfig() EnableTransport = %v; want true", cfg.EnableTransport)
}
if cfg.ShareInstance {
t.Errorf("DefaultConfig() ShareInstance = %v; want false", cfg.ShareInstance)
}
if cfg.SharedInstancePort != DEFAULT_SHARED_INSTANCE_PORT {
t.Errorf("DefaultConfig() SharedInstancePort = %d; want %d", cfg.SharedInstancePort, DEFAULT_SHARED_INSTANCE_PORT)
}
if cfg.InstanceControlPort != DEFAULT_INSTANCE_CONTROL_PORT {
t.Errorf("DefaultConfig() InstanceControlPort = %d; want %d", cfg.InstanceControlPort, DEFAULT_INSTANCE_CONTROL_PORT)
}
if cfg.PanicOnInterfaceErr {
t.Errorf("DefaultConfig() PanicOnInterfaceErr = %v; want false", cfg.PanicOnInterfaceErr)
}
if cfg.LogLevel != DEFAULT_LOG_LEVEL {
t.Errorf("DefaultConfig() LogLevel = %d; want %d", cfg.LogLevel, DEFAULT_LOG_LEVEL)
}
if len(cfg.Interfaces) != 0 {
t.Errorf("DefaultConfig() Interfaces length = %d; want 0", len(cfg.Interfaces))
}
if cfg.AppName != "Go Client" {
t.Errorf("DefaultConfig() AppName = %q; want %q", cfg.AppName, "Go Client")
}
if cfg.AppAspect != "node" {
t.Errorf("DefaultConfig() AppAspect = %q; want %q", cfg.AppAspect, "node")
}
}
func TestReticulumConfig_Validate(t *testing.T) {
validConfig := DefaultConfig()
if err := validConfig.Validate(); err != nil {
t.Errorf("Validate() on default config failed: %v", err)
}
invalidPortConfig1 := DefaultConfig()
invalidPortConfig1.SharedInstancePort = 0
if err := invalidPortConfig1.Validate(); err == nil {
t.Errorf("Validate() did not return error for invalid SharedInstancePort 0")
}
invalidPortConfig2 := DefaultConfig()
invalidPortConfig2.SharedInstancePort = 65536
if err := invalidPortConfig2.Validate(); err == nil {
t.Errorf("Validate() did not return error for invalid SharedInstancePort 65536")
}
invalidPortConfig3 := DefaultConfig()
invalidPortConfig3.InstanceControlPort = 0
if err := invalidPortConfig3.Validate(); err == nil {
t.Errorf("Validate() did not return error for invalid InstanceControlPort 0")
}
invalidPortConfig4 := DefaultConfig()
invalidPortConfig4.InstanceControlPort = 65536
if err := invalidPortConfig4.Validate(); err == nil {
t.Errorf("Validate() did not return error for invalid InstanceControlPort 65536")
}
}

2
pkg/common/interfaces.go
View File

@@ -183,7 +183,7 @@ func (i *BaseInterface) SendLinkPacket(dest []byte, data []byte, timestamp time.
// Add timestamp
ts := make([]byte, 8)
binary.BigEndian.PutUint64(ts, uint64(timestamp.Unix()))
binary.BigEndian.PutUint64(ts, uint64(timestamp.Unix())) // #nosec G115
packet = append(packet, ts...)
// Add data

7
pkg/common/types.go
View File

@@ -4,6 +4,13 @@ import (
"time"
)
// Destination type constants
const (
DESTINATION_SINGLE = 0x00
DESTINATION_GROUP = 0x01
DESTINATION_PLAIN = 0x02
)
// Transport related types
type TransportMode byte
type PathStatus byte

6
pkg/config/config.go
View File

@@ -39,7 +39,7 @@ type Config struct {
}
func LoadConfig(path string) (*Config, error) {
file, err := os.Open(path)
file, err := os.Open(path) // #nosec G304
if err != nil {
return nil, err
}
@@ -176,7 +176,7 @@ func SaveConfig(cfg *Config, path string) error {
builder.WriteString(fmt.Sprintf("i2p_tunneled = %v\n\n", iface.I2PTunneled))
}
return os.WriteFile(path, []byte(builder.String()), 0644)
return os.WriteFile(path, []byte(builder.String()), 0600) // #nosec G306
}
func GetConfigDir() string {
@@ -194,7 +194,7 @@ func GetDefaultConfigPath() string {
func EnsureConfigDir() error {
configDir := GetConfigDir()
return os.MkdirAll(configDir, 0755)
return os.MkdirAll(configDir, 0700) // #nosec G301
}
func InitConfig() (*Config, error) {

65
pkg/cryptography/aes.go
View File

@@ -8,19 +8,39 @@ import (
"io"
)
func EncryptAESCBC(key, plaintext []byte) ([]byte, error) {
const (
// AES256KeySize is the size of an AES-256 key in bytes.
AES256KeySize = 32 // 256 bits
)
// GenerateAES256Key generates a random AES-256 key.
func GenerateAES256Key() ([]byte, error) {
key := make([]byte, AES256KeySize)
if _, err := io.ReadFull(rand.Reader, key); err != nil {
return nil, err
}
return key, nil
}
// EncryptAES256CBC encrypts data using AES-256 in CBC mode.
// The IV is prepended to the ciphertext.
func EncryptAES256CBC(key, plaintext []byte) ([]byte, error) {
if len(key) != AES256KeySize {
return nil, errors.New("invalid key size: must be 32 bytes for AES-256")
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
// Generate IV
// Generate a random IV.
iv := make([]byte, aes.BlockSize)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
// Add PKCS7 padding
// Add PKCS7 padding.
padding := aes.BlockSize - len(plaintext)%aes.BlockSize
padtext := make([]byte, len(plaintext)+padding)
copy(padtext, plaintext)
@@ -28,36 +48,63 @@ func EncryptAESCBC(key, plaintext []byte) ([]byte, error) {
padtext[i] = byte(padding)
}
// Encrypt
mode := cipher.NewCBCEncrypter(block, iv)
// Encrypt the data.
mode := cipher.NewCBCEncrypter(block, iv) // #nosec G407
ciphertext := make([]byte, len(padtext))
mode.CryptBlocks(ciphertext, padtext)
// Prepend the IV to the ciphertext.
return append(iv, ciphertext...), nil
}
func DecryptAESCBC(key, ciphertext []byte) ([]byte, error) {
// DecryptAES256CBC decrypts data using AES-256 in CBC mode.
// It assumes the IV is prepended to the ciphertext.
func DecryptAES256CBC(key, ciphertext []byte) ([]byte, error) {
if len(key) != AES256KeySize {
return nil, errors.New("invalid key size: must be 32 bytes for AES-256")
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
if len(ciphertext) < aes.BlockSize {
return nil, errors.New("ciphertext too short")
return nil, errors.New("ciphertext is too short")
}
// Extract the IV from the beginning of the ciphertext.
iv := ciphertext[:aes.BlockSize]
ciphertext = ciphertext[aes.BlockSize:]
if len(ciphertext)%aes.BlockSize != 0 {
return nil, errors.New("ciphertext is not a multiple of block size")
return nil, errors.New("ciphertext is not a multiple of the block size")
}
// Decrypt the data.
mode := cipher.NewCBCDecrypter(block, iv)
plaintext := make([]byte, len(ciphertext))
mode.CryptBlocks(plaintext, ciphertext)
// Remove PKCS7 padding
// Remove PKCS7 padding.
if len(plaintext) == 0 {
return nil, errors.New("invalid padding: plaintext is empty")
}
padding := int(plaintext[len(plaintext)-1])
if padding > aes.BlockSize || padding == 0 {
return nil, errors.New("invalid padding size")
}
if len(plaintext) < padding {
return nil, errors.New("invalid padding: padding size is larger than plaintext")
}
// Verify the padding bytes.
for i := len(plaintext) - padding; i < len(plaintext); i++ {
if plaintext[i] != byte(padding) {
return nil, errors.New("invalid padding bytes")
}
}
return plaintext[:len(plaintext)-padding], nil
}

194
pkg/cryptography/aes_test.go Normal file
View File

@@ -0,0 +1,194 @@
package cryptography
import (
"bytes"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"fmt"
"testing"
)
func TestGenerateAES256Key(t *testing.T) {
key, err := GenerateAES256Key()
if err != nil {
t.Fatalf("GenerateAES256Key failed: %v", err)
}
if len(key) != AES256KeySize {
t.Errorf("Expected key size %d, got %d", AES256KeySize, len(key))
}
}
func TestAES256CBCEncryptionDecryption(t *testing.T) {
key, err := GenerateAES256Key()
if err != nil {
t.Fatalf("Failed to generate AES-256 key: %v", err)
}
testCases := []struct {
name string
plaintext []byte
}{
{"ShortMessage", []byte("Hello")},
{"BlockSizeMessage", []byte("This is 16 bytes")},
{"LongMessage", []byte("This is a longer message that spans multiple AES blocks and tests the padding.")},
{"EmptyMessage", []byte("")},
{"SingleByte", []byte("A")},
{"ExactlyTwoBlocks", []byte("This is exactly 32 bytes long!!!")},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
ciphertext, err := EncryptAES256CBC(key, tc.plaintext)
if err != nil {
t.Fatalf("EncryptAES256CBC failed: %v", err)
}
decrypted, err := DecryptAES256CBC(key, ciphertext)
if err != nil {
t.Fatalf("DecryptAES256CBC failed: %v", err)
}
if !bytes.Equal(tc.plaintext, decrypted) {
t.Errorf("Decrypted text does not match original plaintext.\nGot: %q (%x)\nWant: %q (%x)",
decrypted, decrypted, tc.plaintext, tc.plaintext)
}
})
}
}
func TestAES256CBC_InvalidKeySize(t *testing.T) {
plaintext := []byte("test message")
invalidKeys := [][]byte{
make([]byte, 16), // AES-128
make([]byte, 24), // AES-192
make([]byte, 15), // Too short
make([]byte, 33), // Too long
nil, // Nil key
}
for i, key := range invalidKeys {
t.Run(fmt.Sprintf("InvalidKey_%d", i), func(t *testing.T) {
_, err := EncryptAES256CBC(key, plaintext)
if err == nil {
t.Error("EncryptAES256CBC should have failed with invalid key size")
}
// Test with some dummy ciphertext
dummyCiphertext := make([]byte, 32) // Just enough for IV + one block
rand.Read(dummyCiphertext)
_, err = DecryptAES256CBC(key, dummyCiphertext)
if err == nil {
t.Error("DecryptAES256CBC should have failed with invalid key size")
}
})
}
}
func TestDecryptAES256CBCErrorCases(t *testing.T) {
key, err := GenerateAES256Key()
if err != nil {
t.Fatalf("Failed to generate key: %v", err)
}
t.Run("CiphertextTooShort", func(t *testing.T) {
shortCiphertext := []byte{0x01, 0x02, 0x03} // Less than AES block size
_, err := DecryptAES256CBC(key, shortCiphertext)
if err == nil {
t.Error("DecryptAES256CBC should have failed for ciphertext shorter than block size")
}
})
t.Run("CiphertextNotMultipleOfBlockSize", func(t *testing.T) {
iv := make([]byte, aes.BlockSize)
rand.Read(iv)
invalidCiphertext := append(iv, []byte{0x01, 0x02, 0x03}...) // IV + data not multiple of block size
_, err := DecryptAES256CBC(key, invalidCiphertext)
if err == nil {
t.Error("DecryptAES256CBC should have failed for ciphertext not multiple of block size")
}
})
t.Run("InvalidPadding", func(t *testing.T) {
// Create a valid ciphertext first
plaintext := []byte("valid data")
ciphertext, err := EncryptAES256CBC(key, plaintext)
if err != nil {
t.Fatalf("Failed to create test ciphertext: %v", err)
}
// Corrupt the last byte (which affects padding)
corruptedCiphertext := make([]byte, len(ciphertext))
copy(corruptedCiphertext, ciphertext)
corruptedCiphertext[len(corruptedCiphertext)-1] ^= 0xFF
_, err = DecryptAES256CBC(key, corruptedCiphertext)
if err == nil {
t.Error("DecryptAES256CBC should have failed for corrupted padding")
}
})
t.Run("EmptyPlaintextAfterDecryption", func(t *testing.T) {
// This creates a ciphertext that decrypts to just padding
key, _ := GenerateAES256Key()
iv := make([]byte, aes.BlockSize)
// A block of padding bytes
paddedBlock := bytes.Repeat([]byte{byte(aes.BlockSize)}, aes.BlockSize)
block, _ := aes.NewCipher(key)
mode := cipher.NewCBCEncrypter(block, iv)
ciphertext := make([]byte, len(paddedBlock))
mode.CryptBlocks(ciphertext, paddedBlock)
// Prepend IV
fullCiphertext := append(iv, ciphertext...)
// This should decrypt to an empty slice, which is valid
decrypted, err := DecryptAES256CBC(key, fullCiphertext)
if err != nil {
t.Errorf("DecryptAES256CBC failed for empty plaintext case: %v", err)
}
if len(decrypted) != 0 {
t.Errorf("Expected empty plaintext, got %q", decrypted)
}
})
}
func TestConstants(t *testing.T) {
if AES256KeySize != 32 {
t.Errorf("AES256KeySize should be 32, got %d", AES256KeySize)
}
}
func BenchmarkAES256CBC(b *testing.B) {
key, err := GenerateAES256Key()
if err != nil {
b.Fatalf("Failed to generate key: %v", err)
}
data := make([]byte, 1024) // 1KB of data
rand.Read(data)
b.Run("Encrypt", func(b *testing.B) {
b.ResetTimer()
for i := 0; i < b.N; i++ {
_, err := EncryptAES256CBC(key, data)
if err != nil {
b.Fatal(err)
}
}
})
ciphertext, _ := EncryptAES256CBC(key, data)
b.Run("Decrypt", func(b *testing.B) {
b.ResetTimer()
for i := 0; i < b.N; i++ {
_, err := DecryptAES256CBC(key, ciphertext)
if err != nil {
b.Fatal(err)
}
}
})
}

63
pkg/cryptography/curve25519_test.go Normal file
View File

@@ -0,0 +1,63 @@
package cryptography
import (
"bytes"
"testing"
"golang.org/x/crypto/curve25519"
)
func TestGenerateKeyPair(t *testing.T) {
priv1, pub1, err := GenerateKeyPair()
if err != nil {
t.Fatalf("GenerateKeyPair failed: %v", err)
}
if len(priv1) != curve25519.ScalarSize {
t.Errorf("Private key length is %d, want %d", len(priv1), curve25519.ScalarSize)
}
if len(pub1) != curve25519.PointSize {
t.Errorf("Public key length is %d, want %d", len(pub1), curve25519.PointSize)
}
// Generate another pair, should be different
priv2, pub2, err := GenerateKeyPair()
if err != nil {
t.Fatalf("Second GenerateKeyPair failed: %v", err)
}
if bytes.Equal(priv1, priv2) {
t.Error("Generated private keys are identical")
}
if bytes.Equal(pub1, pub2) {
t.Error("Generated public keys are identical")
}
}
func TestDeriveSharedSecret(t *testing.T) {
privA, pubA, err := GenerateKeyPair()
if err != nil {
t.Fatalf("GenerateKeyPair A failed: %v", err)
}
privB, pubB, err := GenerateKeyPair()
if err != nil {
t.Fatalf("GenerateKeyPair B failed: %v", err)
}
secretA, err := DeriveSharedSecret(privA, pubB)
if err != nil {
t.Fatalf("DeriveSharedSecret (A perspective) failed: %v", err)
}
secretB, err := DeriveSharedSecret(privB, pubA)
if err != nil {
t.Fatalf("DeriveSharedSecret (B perspective) failed: %v", err)
}
if !bytes.Equal(secretA, secretB) {
t.Errorf("Derived shared secrets do not match:\nSecret A: %x\nSecret B: %x", secretA, secretB)
}
if len(secretA) != curve25519.PointSize { // Shared secret length
t.Errorf("Shared secret length is %d, want %d", len(secretA), curve25519.PointSize)
}
}

79
pkg/cryptography/ed25519_test.go Normal file
View File

@@ -0,0 +1,79 @@
package cryptography
import (
"crypto/ed25519"
"testing"
)
func TestGenerateSigningKeyPair(t *testing.T) {
pub1, priv1, err := GenerateSigningKeyPair()
if err != nil {
t.Fatalf("GenerateSigningKeyPair failed: %v", err)
}
if len(pub1) != ed25519.PublicKeySize {
t.Errorf("Public key length is %d, want %d", len(pub1), ed25519.PublicKeySize)
}
if len(priv1) != ed25519.PrivateKeySize {
t.Errorf("Private key length is %d, want %d", len(priv1), ed25519.PrivateKeySize)
}
// Generate another pair, should be different
pub2, priv2, err := GenerateSigningKeyPair()
if err != nil {
t.Fatalf("Second GenerateSigningKeyPair failed: %v", err)
}
if pub1.Equal(pub2) {
t.Error("Generated public keys are identical")
}
if priv1.Equal(priv2) {
t.Error("Generated private keys are identical")
}
}
func TestSignAndVerify(t *testing.T) {
pub, priv, err := GenerateSigningKeyPair()
if err != nil {
t.Fatalf("GenerateSigningKeyPair failed: %v", err)
}
message := []byte("This message needs to be signed.")
signature := Sign(priv, message)
if len(signature) != ed25519.SignatureSize {
t.Errorf("Signature length is %d, want %d", len(signature), ed25519.SignatureSize)
}
// Verify correct signature
if !Verify(pub, message, signature) {
t.Errorf("Verify failed for a valid signature")
}
// Verify with tampered message
tamperedMessage := append(message, '!')
if Verify(pub, tamperedMessage, signature) {
t.Errorf("Verify succeeded for a tampered message")
}
// Verify with tampered signature
tamperedSignature := append(signature[:len(signature)-1], ^signature[len(signature)-1])
if Verify(pub, message, tamperedSignature) {
t.Errorf("Verify succeeded for a tampered signature")
}
// Verify with wrong public key
wrongPub, _, _ := GenerateSigningKeyPair()
if Verify(wrongPub, message, signature) {
t.Errorf("Verify succeeded with the wrong public key")
}
// Verify empty message
emptyMessage := []byte("")
emptySig := Sign(priv, emptyMessage)
if !Verify(pub, emptyMessage, emptySig) {
t.Errorf("Verify failed for an empty message")
}
if Verify(pub, message, emptySig) {
t.Errorf("Verify succeeded comparing non-empty message with empty signature")
}
}

108
pkg/cryptography/hkdf_test.go Normal file
View File

@@ -0,0 +1,108 @@
package cryptography
import (
"bytes"
"testing"
)
func TestDeriveKey(t *testing.T) {
secret := []byte("test-secret")
salt := []byte("test-salt")
info := []byte("test-info")
length := 32 // Desired key length
key1, err := DeriveKey(secret, salt, info, length)
if err != nil {
t.Fatalf("DeriveKey failed: %v", err)
}
if len(key1) != length {
t.Errorf("DeriveKey returned key of length %d; want %d", len(key1), length)
}
// Derive another key with the same parameters, should be identical
key2, err := DeriveKey(secret, salt, info, length)
if err != nil {
t.Fatalf("Second DeriveKey failed: %v", err)
}
if !bytes.Equal(key1, key2) {
t.Errorf("DeriveKey is not deterministic. Got %x and %x for the same inputs", key1, key2)
}
// Derive a key with different info, should be different
differentInfo := []byte("different-info")
key3, err := DeriveKey(secret, salt, differentInfo, length)
if err != nil {
t.Fatalf("DeriveKey with different info failed: %v", err)
}
if bytes.Equal(key1, key3) {
t.Errorf("DeriveKey produced the same key for different info strings")
}
// Derive a key with different salt, should be different
differentSalt := []byte("different-salt")
key4, err := DeriveKey(secret, differentSalt, info, length)
if err != nil {
t.Fatalf("DeriveKey with different salt failed: %v", err)
}
if bytes.Equal(key1, key4) {
t.Errorf("DeriveKey produced the same key for different salts")
}
// Derive a key with different secret, should be different
differentSecret := []byte("different-secret")
key5, err := DeriveKey(differentSecret, salt, info, length)
if err != nil {
t.Fatalf("DeriveKey with different secret failed: %v", err)
}
if bytes.Equal(key1, key5) {
t.Errorf("DeriveKey produced the same key for different secrets")
}
// Derive a key with different length
differentLength := 64
key6, err := DeriveKey(secret, salt, info, differentLength)
if err != nil {
t.Fatalf("DeriveKey with different length failed: %v", err)
}
if len(key6) != differentLength {
t.Errorf("DeriveKey returned key of length %d; want %d", len(key6), differentLength)
}
}
func TestDeriveKeyEdgeCases(t *testing.T) {
secret := []byte("test-secret")
salt := []byte("test-salt")
info := []byte("test-info")
t.Run("EmptySecret", func(t *testing.T) {
_, err := DeriveKey([]byte{}, salt, info, 32)
if err != nil {
t.Errorf("DeriveKey failed with empty secret: %v", err)
}
})
t.Run("EmptySalt", func(t *testing.T) {
_, err := DeriveKey(secret, []byte{}, info, 32)
if err != nil {
t.Errorf("DeriveKey failed with empty salt: %v", err)
}
})
t.Run("EmptyInfo", func(t *testing.T) {
_, err := DeriveKey(secret, salt, []byte{}, 32)
if err != nil {
t.Errorf("DeriveKey failed with empty info: %v", err)
}
})
t.Run("ZeroLength", func(t *testing.T) {
key, err := DeriveKey(secret, salt, info, 0)
if err != nil {
t.Errorf("DeriveKey failed with zero length: %v", err)
}
if len(key) != 0 {
t.Errorf("DeriveKey with zero length returned non-empty key: %x", key)
}
})
}

80
pkg/cryptography/hmac_test.go Normal file
View File

@@ -0,0 +1,80 @@
package cryptography
import (
"testing"
)
func TestGenerateHMACKey(t *testing.T) {
testSizes := []int{16, 32, 64}
for _, size := range testSizes {
t.Run("Size"+string(rune(size)), func(t *testing.T) { // Simple name conversion
key, err := GenerateHMACKey(size)
if err != nil {
t.Fatalf("GenerateHMACKey(%d) failed: %v", size, err)
}
if len(key) != size {
t.Errorf("GenerateHMACKey(%d) returned key of length %d; want %d", size, len(key), size)
}
// Check if key is not all zeros (basic check for randomness)
isZero := true
for _, b := range key {
if b != 0 {
isZero = false
break
}
}
if isZero {
t.Errorf("GenerateHMACKey(%d) returned an all-zero key", size)
}
})
}
}
func TestComputeAndValidateHMAC(t *testing.T) {
key, err := GenerateHMACKey(32) // Use SHA256 key size
if err != nil {
t.Fatalf("Failed to generate HMAC key: %v", err)
}
message := []byte("This is a test message.")
// Compute HMAC
computedHMAC := ComputeHMAC(key, message)
if len(computedHMAC) != 32 { // SHA256 output size
t.Errorf("ComputeHMAC returned HMAC of length %d; want 32", len(computedHMAC))
}
// Validate correct HMAC
if !ValidateHMAC(key, message, computedHMAC) {
t.Errorf("ValidateHMAC failed for correctly computed HMAC")
}
// Validate incorrect HMAC (tampered message)
tamperedMessage := append(message, byte('!'))
if ValidateHMAC(key, tamperedMessage, computedHMAC) {
t.Errorf("ValidateHMAC succeeded for tampered message")
}
// Validate incorrect HMAC (tampered key)
wrongKey, _ := GenerateHMACKey(32)
if ValidateHMAC(wrongKey, message, computedHMAC) {
t.Errorf("ValidateHMAC succeeded for incorrect key")
}
// Validate incorrect HMAC (tampered HMAC)
tamperedHMAC := append(computedHMAC[:len(computedHMAC)-1], ^computedHMAC[len(computedHMAC)-1])
if ValidateHMAC(key, message, tamperedHMAC) {
t.Errorf("ValidateHMAC succeeded for tampered HMAC")
}
// Validate empty message
emptyMessage := []byte("")
emptyHMAC := ComputeHMAC(key, emptyMessage)
if !ValidateHMAC(key, emptyMessage, emptyHMAC) {
t.Errorf("ValidateHMAC failed for empty message")
}
if ValidateHMAC(key, message, emptyHMAC) {
t.Errorf("ValidateHMAC succeeded comparing non-empty message with empty HMAC")
}
}

116
pkg/debug/debug.go Normal file
View File

@@ -0,0 +1,116 @@
package debug
import (
"context"
"flag"
"log/slog"
"os"
)
const (
DEBUG_CRITICAL = 1
DEBUG_ERROR = 2
DEBUG_INFO = 3
DEBUG_VERBOSE = 4
DEBUG_TRACE = 5
DEBUG_PACKETS = 6
DEBUG_ALL = 7
)
var (
debugLevel = flag.Int("debug", 3, "debug level (1-7)")
logger *slog.Logger
initialized bool
)
func Init() {
if initialized {
return
}
initialized = true
var level slog.Level
switch {
case *debugLevel >= DEBUG_ALL:
level = slog.LevelDebug
case *debugLevel >= DEBUG_PACKETS:
level = slog.LevelDebug
case *debugLevel >= DEBUG_TRACE:
level = slog.LevelDebug
case *debugLevel >= DEBUG_VERBOSE:
level = slog.LevelDebug
case *debugLevel >= DEBUG_INFO:
level = slog.LevelInfo
case *debugLevel >= DEBUG_ERROR:
level = slog.LevelWarn
case *debugLevel >= DEBUG_CRITICAL:
level = slog.LevelError
default:
level = slog.LevelError
}
opts := &slog.HandlerOptions{
Level: level,
}
logger = slog.New(slog.NewTextHandler(os.Stderr, opts))
slog.SetDefault(logger)
}
func GetLogger() *slog.Logger {
if !initialized {
Init()
}
return logger
}
func Log(level int, msg string, args ...interface{}) {
if !initialized {
Init()
}
if *debugLevel < level {
return
}
var slogLevel slog.Level
switch {
case level >= DEBUG_ALL:
slogLevel = slog.LevelDebug
case level >= DEBUG_PACKETS:
slogLevel = slog.LevelDebug
case level >= DEBUG_TRACE:
slogLevel = slog.LevelDebug
case level >= DEBUG_VERBOSE:
slogLevel = slog.LevelDebug
case level >= DEBUG_INFO:
slogLevel = slog.LevelInfo
case level >= DEBUG_ERROR:
slogLevel = slog.LevelWarn
case level >= DEBUG_CRITICAL:
slogLevel = slog.LevelError
default:
slogLevel = slog.LevelError
}
if !logger.Enabled(context.TODO(), slogLevel) {
return
}
allArgs := make([]interface{}, len(args)+2)
copy(allArgs, args)
allArgs[len(args)] = "debug_level"
allArgs[len(args)+1] = level
logger.Log(context.TODO(), slogLevel, msg, allArgs...)
}
func SetDebugLevel(level int) {
*debugLevel = level
if initialized {
Init()
}
}
func GetDebugLevel() int {
return *debugLevel
}

207
pkg/destination/destination.go
View File

@@ -2,21 +2,26 @@ package destination
import (
"crypto/sha256"
"encoding/binary"
"errors"
"fmt"
"log"
"sync"
"github.com/Sudo-Ivan/reticulum-go/pkg/announce"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
"github.com/Sudo-Ivan/reticulum-go/pkg/identity"
"github.com/Sudo-Ivan/reticulum-go/pkg/transport"
)
const (
// Destination direction types
// The IN bit specifies that the destination can receive traffic.
// The OUT bit specifies that the destination can send traffic.
// A destination can be both IN and OUT.
IN = 0x01
OUT = 0x02
// Destination types
SINGLE = 0x00
GROUP = 0x01
PLAIN = 0x02
@@ -31,15 +36,6 @@ const (
RATCHET_COUNT = 512 // Default number of retained ratchet keys
RATCHET_INTERVAL = 1800 // Minimum interval between ratchet rotations in seconds
// Debug levels
DEBUG_CRITICAL = 1 // Critical errors
DEBUG_ERROR = 2 // Non-critical errors
DEBUG_INFO = 3 // Important information
DEBUG_VERBOSE = 4 // Detailed information
DEBUG_TRACE = 5 // Very detailed tracing
DEBUG_PACKETS = 6 // Packet-level details
DEBUG_ALL = 7 // Everything
)
type PacketCallback = common.PacketCallback
@@ -60,6 +56,7 @@ type Destination struct {
appName string
aspects []string
hashValue []byte
transport *transport.Transport
acceptsLinks bool
proofStrategy byte
@@ -80,15 +77,11 @@ type Destination struct {
requestHandlers map[string]*RequestHandler
}
func debugLog(level int, format string, v ...interface{}) {
log.Printf("[DEBUG-%d] %s", level, fmt.Sprintf(format, v...))
}
func New(id *identity.Identity, direction byte, destType byte, appName string, aspects ...string) (*Destination, error) {
debugLog(DEBUG_INFO, "Creating new destination: app=%s type=%d direction=%d", appName, destType, direction)
func New(id *identity.Identity, direction byte, destType byte, appName string, transport *transport.Transport, aspects ...string) (*Destination, error) {
debug.Log(debug.DEBUG_INFO, "Creating new destination", "app", appName, "type", destType, "direction", direction)
if id == nil {
debugLog(DEBUG_ERROR, "Cannot create destination: identity is nil")
debug.Log(debug.DEBUG_ERROR, "Cannot create destination: identity is nil")
return nil, errors.New("identity cannot be nil")
}
@@ -98,6 +91,7 @@ func New(id *identity.Identity, direction byte, destType byte, appName string, a
destType: destType,
appName: appName,
aspects: aspects,
transport: transport,
acceptsLinks: false,
proofStrategy: PROVE_NONE,
ratchetCount: RATCHET_COUNT,
@@ -107,27 +101,62 @@ func New(id *identity.Identity, direction byte, destType byte, appName string, a
// Generate destination hash
d.hashValue = d.calculateHash()
debugLog(DEBUG_VERBOSE, "Created destination with hash: %x", d.hashValue)
debug.Log(debug.DEBUG_VERBOSE, "Created destination with hash", "hash", fmt.Sprintf("%x", d.hashValue))
return d, nil
}
// FromHash creates a destination from a known hash (e.g., from an announce).
// This is used by clients to create destination objects for servers they've discovered.
func FromHash(hash []byte, id *identity.Identity, destType byte, transport *transport.Transport) (*Destination, error) {
debug.Log(debug.DEBUG_INFO, "Creating destination from hash", "hash", fmt.Sprintf("%x", hash))
if id == nil {
debug.Log(debug.DEBUG_ERROR, "Cannot create destination: identity is nil")
return nil, errors.New("identity cannot be nil")
}
d := &Destination{
identity: id,
direction: OUT,
destType: destType,
hashValue: hash,
transport: transport,
acceptsLinks: false,
proofStrategy: PROVE_NONE,
ratchetCount: RATCHET_COUNT,
ratchetInterval: RATCHET_INTERVAL,
requestHandlers: make(map[string]*RequestHandler),
}
debug.Log(debug.DEBUG_VERBOSE, "Created destination from hash", "hash", fmt.Sprintf("%x", hash))
return d, nil
}
func (d *Destination) calculateHash() []byte {
debugLog(DEBUG_TRACE, "Calculating hash for destination %s", d.ExpandName())
debug.Log(debug.DEBUG_TRACE, "Calculating hash for destination", "name", d.ExpandName())
nameHash := sha256.Sum256([]byte(d.ExpandName()))
identityHash := sha256.Sum256(d.identity.GetPublicKey())
// destination_hash = SHA256(name_hash_10bytes + identity_hash_16bytes)[:16]
// Identity hash is the truncated hash of the public key (16 bytes)
identityHash := identity.TruncatedHash(d.identity.GetPublicKey())
// Name hash is the FULL 32-byte SHA256, then we take first 10 bytes for concatenation
nameHashFull := sha256.Sum256([]byte(d.ExpandName()))
nameHash10 := nameHashFull[:10] // Only use 10 bytes
debugLog(DEBUG_ALL, "Name hash: %x", nameHash)
debugLog(DEBUG_ALL, "Identity hash: %x", identityHash)
debug.Log(debug.DEBUG_ALL, "Identity hash", "hash", fmt.Sprintf("%x", identityHash))
debug.Log(debug.DEBUG_ALL, "Name hash (10 bytes)", "hash", fmt.Sprintf("%x", nameHash10))
combined := append(nameHash[:], identityHash[:]...)
finalHash := sha256.Sum256(combined)
// Concatenate name_hash (10 bytes) + identity_hash (16 bytes) = 26 bytes
combined := append(nameHash10, identityHash...)
// Then hash again and truncate to 16 bytes
finalHashFull := sha256.Sum256(combined)
finalHash := finalHashFull[:16]
truncated := finalHash[:16]
debugLog(DEBUG_VERBOSE, "Calculated destination hash: %x", truncated)
debug.Log(debug.DEBUG_VERBOSE, "Calculated destination hash", "hash", fmt.Sprintf("%x", finalHash))
return truncated
return finalHash
}
func (d *Destination) ExpandName() string {
@@ -142,67 +171,62 @@ func (d *Destination) Announce(appData []byte) error {
d.mutex.Lock()
defer d.mutex.Unlock()
log.Printf("[DEBUG-4] Creating announce packet for destination %s", d.ExpandName())
debug.Log(debug.DEBUG_VERBOSE, "Announcing destination", "name", d.ExpandName())
// If no specific appData provided, use default
if appData == nil {
log.Printf("[DEBUG-4] Using default app data for announce")
appData = d.defaultAppData
}
// Create announce packet
packet := make([]byte, 0, 256) // Pre-allocate reasonable size
// Create announce packet using announce package
// Pass the destination hash, name, and app data
announce, err := announce.New(d.identity, d.hashValue, d.ExpandName(), appData, false, d.transport.GetConfig())
if err != nil {
return fmt.Errorf("failed to create announce: %w", err)
}
// Add packet type and header
packet = append(packet, 0x01) // PACKET_TYPE_ANNOUNCE
packet = append(packet, 0x00) // Initial hop count
packet := announce.GetPacket()
if packet == nil {
return errors.New("failed to create announce packet")
}
// Add destination hash (16 bytes)
packet = append(packet, d.hashValue...)
log.Printf("[DEBUG-4] Added destination hash %x to announce", d.hashValue[:8])
// Send announce packet to all interfaces
debug.Log(debug.DEBUG_VERBOSE, "Sending announce packet to all interfaces")
if d.transport == nil {
return errors.New("transport not initialized")
}
// Add identity public key (32 bytes)
pubKey := d.identity.GetPublicKey()
packet = append(packet, pubKey...)
log.Printf("[DEBUG-4] Added public key %x to announce", pubKey[:8])
interfaces := d.transport.GetInterfaces()
debug.Log(debug.DEBUG_ALL, "Got interfaces from transport", "count", len(interfaces))
// Add app data with length prefix
appDataLen := make([]byte, 2)
binary.BigEndian.PutUint16(appDataLen, uint16(len(appData)))
packet = append(packet, appDataLen...)
packet = append(packet, appData...)
log.Printf("[DEBUG-4] Added %d bytes of app data to announce", len(appData))
// Add ratchet data if enabled
if d.ratchetsEnabled {
log.Printf("[DEBUG-4] Adding ratchet data to announce")
ratchetKey := d.identity.GetCurrentRatchetKey()
if ratchetKey == nil {
log.Printf("[DEBUG-3] Failed to get current ratchet key")
return errors.New("failed to get current ratchet key")
var lastErr error
for name, iface := range interfaces {
debug.Log(debug.DEBUG_ALL, "Checking interface", "name", name, "enabled", iface.IsEnabled(), "online", iface.IsOnline())
if iface.IsEnabled() && iface.IsOnline() {
debug.Log(debug.DEBUG_ALL, "Sending announce to interface", "name", name, "bytes", len(packet))
if err := iface.Send(packet, ""); err != nil {
debug.Log(debug.DEBUG_ERROR, "Failed to send announce on interface", "name", name, "error", err)
lastErr = err
} else {
debug.Log(debug.DEBUG_ALL, "Successfully sent announce to interface", "name", name)
}
} else {
debug.Log(debug.DEBUG_ALL, "Skipping interface", "name", name, "reason", "not enabled or not online")
}
packet = append(packet, ratchetKey...)
log.Printf("[DEBUG-4] Added ratchet key %x to announce", ratchetKey[:8])
}
// Sign the announce packet (64 bytes)
signData := append(d.hashValue, appData...)
if d.ratchetsEnabled {
signData = append(signData, d.identity.GetCurrentRatchetKey()...)
}
signature := d.identity.Sign(signData)
packet = append(packet, signature...)
log.Printf("[DEBUG-4] Added signature to announce packet (total size: %d bytes)", len(packet))
// Send announce packet through transport
log.Printf("[DEBUG-4] Sending announce packet through transport layer")
return transport.SendAnnounce(packet)
return lastErr
}
func (d *Destination) AcceptsLinks(accepts bool) {
d.mutex.Lock()
defer d.mutex.Unlock()
d.acceptsLinks = accepts
// Register with transport if accepting links
if accepts && d.transport != nil {
d.transport.RegisterDestination(d.hashValue, d)
debug.Log(debug.DEBUG_VERBOSE, "Destination registered with transport for link requests", "hash", fmt.Sprintf("%x", d.hashValue))
}
}
func (d *Destination) SetLinkEstablishedCallback(callback common.LinkEstablishedCallback) {
@@ -211,6 +235,31 @@ func (d *Destination) SetLinkEstablishedCallback(callback common.LinkEstablished
d.linkCallback = callback
}
func (d *Destination) GetLinkCallback() common.LinkEstablishedCallback {
d.mutex.RLock()
defer d.mutex.RUnlock()
return d.linkCallback
}
func (d *Destination) HandleIncomingLinkRequest(linkID []byte, transport interface{}, networkIface common.NetworkInterface) error {
debug.Log(debug.DEBUG_INFO, "Handling incoming link request for destination", "hash", fmt.Sprintf("%x", d.GetHash()))
// Import link package here to avoid circular dependency at package level
// We'll use dynamic import by having the caller create the link
// For now, just call the callback with a placeholder
if d.linkCallback != nil {
debug.Log(debug.DEBUG_INFO, "Calling link established callback")
// Pass linkID as the link object for now
// The callback will need to handle creating the actual link
d.linkCallback(linkID)
} else {
debug.Log(debug.DEBUG_VERBOSE, "No link callback set")
}
return nil
}
func (d *Destination) SetPacketCallback(callback common.PacketCallback) {
d.mutex.Lock()
defer d.mutex.Unlock()
@@ -317,32 +366,32 @@ func (d *Destination) DeregisterRequestHandler(path string) bool {
func (d *Destination) Encrypt(plaintext []byte) ([]byte, error) {
if d.destType == PLAIN {
log.Printf("[DEBUG-4] Using plaintext transmission for PLAIN destination")
debug.Log(debug.DEBUG_VERBOSE, "Using plaintext transmission for PLAIN destination")
return plaintext, nil
}
if d.identity == nil {
log.Printf("[DEBUG-3] Cannot encrypt: no identity available")
debug.Log(debug.DEBUG_INFO, "Cannot encrypt: no identity available")
return nil, errors.New("no identity available for encryption")
}
log.Printf("[DEBUG-4] Encrypting %d bytes for destination type %d", len(plaintext), d.destType)
debug.Log(debug.DEBUG_VERBOSE, "Encrypting bytes for destination", "bytes", len(plaintext), "destType", d.destType)
switch d.destType {
case SINGLE:
recipientKey := d.identity.GetPublicKey()
log.Printf("[DEBUG-4] Encrypting for single recipient with key %x", recipientKey[:8])
debug.Log(debug.DEBUG_VERBOSE, "Encrypting for single recipient", "key", fmt.Sprintf("%x", recipientKey[:8]))
return d.identity.Encrypt(plaintext, recipientKey)
case GROUP:
key := d.identity.GetCurrentRatchetKey()
if key == nil {
log.Printf("[DEBUG-3] Cannot encrypt: no ratchet key available")
debug.Log(debug.DEBUG_INFO, "Cannot encrypt: no ratchet key available")
return nil, errors.New("no ratchet key available")
}
log.Printf("[DEBUG-4] Encrypting for group with ratchet key %x", key[:8])
debug.Log(debug.DEBUG_VERBOSE, "Encrypting for group with ratchet key", "key", fmt.Sprintf("%x", key[:8]))
return d.identity.EncryptWithHMAC(plaintext, key)
default:
log.Printf("[DEBUG-3] Unsupported destination type %d for encryption", d.destType)
debug.Log(debug.DEBUG_INFO, "Unsupported destination type for encryption", "destType", d.destType)
return nil, errors.New("unsupported destination type for encryption")
}
}

263
pkg/identity/identity.go
View File

@@ -12,13 +12,13 @@ import (
"errors"
"fmt"
"io"
"log"
"os"
"sync"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/cryptography"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
"golang.org/x/crypto/curve25519"
"golang.org/x/crypto/hkdf"
)
@@ -44,7 +44,7 @@ const (
type Identity struct {
privateKey []byte
publicKey []byte
signingKey ed25519.PrivateKey
signingSeed []byte // 32-byte Ed25519 seed (compatible with Python RNS)
verificationKey ed25519.PublicKey
hash []byte
hexHash string
@@ -76,13 +76,18 @@ func New() (*Identity, error) {
i.privateKey = privKey
i.publicKey = pubKey
// Generate Ed25519 signing keypair
verificationKey, signingKey, err := cryptography.GenerateSigningKeyPair()
if err != nil {
return nil, fmt.Errorf("failed to generate Ed25519 keypair: %v", err)
// Generate 32-byte Ed25519 seed (compatible with Python RNS)
var ed25519Seed [32]byte
if _, err := io.ReadFull(rand.Reader, ed25519Seed[:]); err != nil {
return nil, fmt.Errorf("failed to generate Ed25519 seed: %v", err)
}
i.signingKey = signingKey
i.verificationKey = verificationKey
// Derive Ed25519 keypair from seed
privKeyEd := ed25519.NewKeyFromSeed(ed25519Seed[:])
pubKeyEd := privKeyEd.Public().(ed25519.PublicKey)
i.signingSeed = ed25519Seed[:]
i.verificationKey = pubKeyEd
return i, nil
}
@@ -96,11 +101,13 @@ func (i *Identity) GetPublicKey() []byte {
}
func (i *Identity) GetPrivateKey() []byte {
return append(i.privateKey, i.signingKey...)
return append(i.privateKey, i.signingSeed...)
}
func (i *Identity) Sign(data []byte) []byte {
return cryptography.Sign(i.signingKey, data)
// Derive Ed25519 private key from seed (compatible with Python RNS)
privKey := ed25519.NewKeyFromSeed(i.signingSeed)
return cryptography.Sign(privKey, data)
}
func (i *Identity) Verify(data []byte, signature []byte) bool {
@@ -133,7 +140,7 @@ func (i *Identity) Encrypt(plaintext []byte, ratchet []byte) ([]byte, error) {
}
// Encrypt data
ciphertext, err := cryptography.EncryptAESCBC(key[:16], plaintext)
ciphertext, err := cryptography.EncryptAES256CBC(key[:32], plaintext)
if err != nil {
return nil, err
}
@@ -164,7 +171,11 @@ func TruncatedHash(data []byte) []byte {
func GetRandomHash() []byte {
randomData := make([]byte, TRUNCATED_HASHLENGTH/8)
rand.Read(randomData)
_, err := rand.Read(randomData) // #nosec G104
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to read random data for hash", "error", err)
return nil // Or handle the error appropriately
}
return TruncatedHash(randomData)
}
@@ -228,9 +239,18 @@ func (i *Identity) String() string {
}
func Recall(hash []byte) (*Identity, error) {
// TODO: Implement persistence
// For now just create new identity
return New()
hashStr := hex.EncodeToString(hash)
if data, exists := knownDestinations[hashStr]; exists {
// data is [packet, destHash, identity, appData]
if len(data) >= 3 {
if id, ok := data[2].(*Identity); ok {
return id, nil
}
}
}
return nil, fmt.Errorf("identity not found for hash %x", hash)
}
func (i *Identity) GenerateHMACKey() []byte {
@@ -256,47 +276,61 @@ func (i *Identity) GetCurrentRatchetKey() []byte {
i.mutex.RLock()
defer i.mutex.RUnlock()
// Generate new ratchet key if none exists
if len(i.ratchets) == 0 {
key := make([]byte, RATCHETSIZE/8)
if _, err := io.ReadFull(rand.Reader, key); err != nil {
// If no ratchets exist, generate one.
// This should ideally be handled by an explicit setup process.
debug.Log(debug.DEBUG_TRACE, "No ratchets found, generating a new one on-the-fly")
// Temporarily unlock to call RotateRatchet, which locks internally.
i.mutex.RUnlock()
newRatchet, err := i.RotateRatchet()
i.mutex.RLock()
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to generate initial ratchet key", "error", err)
return nil
}
i.ratchets[string(key)] = key
i.ratchetExpiry[string(key)] = time.Now().Unix() + RATCHET_EXPIRY
return key
return newRatchet
}
// Return most recent ratchet key
// Return the most recently generated ratchet key
var latestKey []byte
var latestTime int64
for key, expiry := range i.ratchetExpiry {
var latestTime int64 = 0
for id, expiry := range i.ratchetExpiry {
if expiry > latestTime {
latestTime = expiry
latestKey = i.ratchets[key]
latestKey = i.ratchets[id]
}
}
if latestKey == nil {
debug.Log(debug.DEBUG_ERROR, "Could not determine the latest ratchet key", "ratchet_count", len(i.ratchets))
}
return latestKey
}
func (i *Identity) Decrypt(ciphertextToken []byte, ratchets [][]byte, enforceRatchets bool, ratchetIDReceiver *common.RatchetIDReceiver) ([]byte, error) {
if i.privateKey == nil {
log.Printf("[DEBUG-1] Decryption failed: identity has no private key")
debug.Log(debug.DEBUG_CRITICAL, "Decryption failed: identity has no private key")
return nil, errors.New("decryption failed because identity does not hold a private key")
}
log.Printf("[DEBUG-7] Starting decryption for identity %s", i.GetHexHash())
debug.Log(debug.DEBUG_ALL, "Starting decryption for identity", "hash", i.GetHexHash())
if len(ratchets) > 0 {
log.Printf("[DEBUG-7] Attempting decryption with %d ratchets", len(ratchets))
debug.Log(debug.DEBUG_ALL, "Attempting decryption with ratchets", "count", len(ratchets))
}
if len(ciphertextToken) <= KEYSIZE/8/2 {
return nil, errors.New("decryption failed because the token size was invalid")
}
// Extract peer public key and ciphertext
peerPubBytes := ciphertextToken[:KEYSIZE/8/2]
ciphertext := ciphertextToken[KEYSIZE/8/2:]
// Extract components: ephemeralPubKey(32) + ciphertext + mac(32)
if len(ciphertextToken) < 32+32+32 { // minimum sizes
return nil, errors.New("token too short")
}
peerPubBytes := ciphertextToken[:32]
ciphertext := ciphertextToken[32 : len(ciphertextToken)-32]
mac := ciphertextToken[len(ciphertextToken)-32:]
// Try decryption with ratchets first if provided
if len(ratchets) > 0 {
@@ -330,6 +364,11 @@ func (i *Identity) Decrypt(ciphertextToken []byte, ratchets [][]byte, enforceRat
return nil, fmt.Errorf("failed to derive key: %v", err)
}
// Validate HMAC
if !cryptography.ValidateHMAC(derivedKey, append(peerPubBytes, ciphertext...), mac) {
return nil, errors.New("invalid HMAC")
}
// Create AES cipher
block, err := aes.NewCipher(derivedKey)
if err != nil {
@@ -368,7 +407,7 @@ func (i *Identity) Decrypt(ciphertextToken []byte, ratchets [][]byte, enforceRat
ratchetIDReceiver.LatestRatchetID = nil
}
log.Printf("[DEBUG-7] Decryption completed successfully")
debug.Log(debug.DEBUG_ALL, "Decryption completed successfully")
return plaintext[:len(plaintext)-padding], nil
}
@@ -380,7 +419,7 @@ func (i *Identity) tryRatchetDecryption(peerPubBytes, ciphertext, ratchet []byte
// Get ratchet ID
ratchetPubBytes, err := curve25519.X25519(ratchetPriv, cryptography.GetBasepoint())
if err != nil {
log.Printf("[DEBUG-7] Failed to generate ratchet public key: %v", err)
debug.Log(debug.DEBUG_ALL, "Failed to generate ratchet public key", "error", err)
return nil, nil, err
}
ratchetID := i.GetRatchetID(ratchetPubBytes)
@@ -395,7 +434,7 @@ func (i *Identity) tryRatchetDecryption(peerPubBytes, ciphertext, ratchet []byte
return nil, nil, err
}
plaintext, err := cryptography.DecryptAESCBC(key, ciphertext)
plaintext, err := cryptography.DecryptAES256CBC(key, ciphertext)
if err != nil {
return nil, nil, err
}
@@ -404,7 +443,7 @@ func (i *Identity) tryRatchetDecryption(peerPubBytes, ciphertext, ratchet []byte
}
func (i *Identity) EncryptWithHMAC(plaintext []byte, key []byte) ([]byte, error) {
ciphertext, err := cryptography.EncryptAESCBC(key, plaintext)
ciphertext, err := cryptography.EncryptAES256CBC(key, plaintext)
if err != nil {
return nil, err
}
@@ -426,67 +465,157 @@ func (i *Identity) DecryptWithHMAC(data []byte, key []byte) ([]byte, error) {
return nil, errors.New("invalid HMAC")
}
return cryptography.DecryptAESCBC(key, ciphertext)
return cryptography.DecryptAES256CBC(key, ciphertext)
}
func (i *Identity) ToFile(path string) error {
log.Printf("[DEBUG-7] Saving identity %s to file: %s", i.GetHexHash(), path)
debug.Log(debug.DEBUG_ALL, "Saving identity to file", "hash", i.GetHexHash(), "path", path)
// Persist ratchets to a separate file
ratchetPath := path + ".ratchets"
if err := i.saveRatchets(ratchetPath); err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to save ratchets", "error", err)
// Continue saving the main identity file even if ratchets fail
}
data := map[string]interface{}{
"private_key": i.privateKey,
"public_key": i.publicKey,
"signing_key": i.signingKey,
"signing_seed": i.signingSeed,
"verification_key": i.verificationKey,
"app_data": i.appData,
}
file, err := os.Create(path)
file, err := os.Create(path) // #nosec G304
if err != nil {
log.Printf("[DEBUG-1] Failed to create identity file: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Failed to create identity file", "error", err)
return err
}
defer file.Close()
if err := json.NewEncoder(file).Encode(data); err != nil {
log.Printf("[DEBUG-1] Failed to encode identity data: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Failed to encode identity data", "error", err)
return err
}
log.Printf("[DEBUG-7] Identity saved successfully")
debug.Log(debug.DEBUG_ALL, "Identity saved successfully")
return nil
}
func RecallIdentity(path string) (*Identity, error) {
log.Printf("[DEBUG-7] Attempting to recall identity from: %s", path)
func (i *Identity) saveRatchets(path string) error {
i.mutex.RLock()
defer i.mutex.RUnlock()
file, err := os.Open(path)
if len(i.ratchets) == 0 {
return nil // Nothing to save
}
debug.Log(debug.DEBUG_PACKETS, "Saving ratchets", "count", len(i.ratchets), "path", path)
data := map[string]interface{}{
"ratchets": i.ratchets,
"ratchet_expiry": i.ratchetExpiry,
}
file, err := os.Create(path) // #nosec G304
if err != nil {
log.Printf("[DEBUG-1] Failed to open identity file: %v", err)
return fmt.Errorf("failed to create ratchet file: %w", err)
}
defer file.Close()
return json.NewEncoder(file).Encode(data)
}
func RecallIdentity(path string) (*Identity, error) {
debug.Log(debug.DEBUG_ALL, "Attempting to recall identity", "path", path)
file, err := os.Open(path) // #nosec G304
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to open identity file", "error", err)
return nil, err
}
defer file.Close()
var data map[string]interface{}
if err := json.NewDecoder(file).Decode(&data); err != nil {
log.Printf("[DEBUG-1] Failed to decode identity data: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Failed to decode identity data", "error", err)
return nil, err
}
var signingSeed []byte
var verificationKey ed25519.PublicKey
if seedData, exists := data["signing_seed"]; exists {
signingSeed = seedData.([]byte)
verificationKey = data["verification_key"].(ed25519.PublicKey)
} else if keyData, exists := data["signing_key"]; exists {
oldKey := keyData.(ed25519.PrivateKey)
signingSeed = oldKey[:32]
verificationKey = data["verification_key"].(ed25519.PublicKey)
} else {
return nil, fmt.Errorf("no signing key data found in identity file")
}
id := &Identity{
privateKey: data["private_key"].([]byte),
publicKey: data["public_key"].([]byte),
signingKey: data["signing_key"].(ed25519.PrivateKey),
verificationKey: data["verification_key"].(ed25519.PublicKey),
signingSeed: signingSeed,
verificationKey: verificationKey,
appData: data["app_data"].([]byte),
ratchets: make(map[string][]byte),
ratchetExpiry: make(map[string]int64),
mutex: &sync.RWMutex{},
}
log.Printf("[DEBUG-7] Successfully recalled identity with hash: %s", id.GetHexHash())
// Load ratchets if they exist
ratchetPath := path + ".ratchets"
if err := id.loadRatchets(ratchetPath); err != nil {
debug.Log(debug.DEBUG_ERROR, "Could not load ratchets for identity", "hash", id.GetHexHash(), "error", err)
// This is not a fatal error, the identity can still function
}
debug.Log(debug.DEBUG_ALL, "Successfully recalled identity", "hash", id.GetHexHash())
return id, nil
}
func (i *Identity) loadRatchets(path string) error {
i.mutex.Lock()
defer i.mutex.Unlock()
file, err := os.Open(path) // #nosec G304
if err != nil {
if os.IsNotExist(err) {
debug.Log(debug.DEBUG_PACKETS, "No ratchet file found, skipping", "path", path)
return nil
}
return fmt.Errorf("failed to open ratchet file: %w", err)
}
defer file.Close()
var data map[string]interface{}
if err := json.NewDecoder(file).Decode(&data); err != nil {
return fmt.Errorf("failed to decode ratchet data: %w", err)
}
if ratchets, ok := data["ratchets"].(map[string]interface{}); ok {
for id, key := range ratchets {
if keyStr, ok := key.(string); ok {
i.ratchets[id] = []byte(keyStr)
}
}
}
if expiry, ok := data["ratchet_expiry"].(map[string]interface{}); ok {
for id, timeVal := range expiry {
if timeFloat, ok := timeVal.(float64); ok {
i.ratchetExpiry[id] = int64(timeFloat)
}
}
}
debug.Log(debug.DEBUG_PACKETS, "Loaded ratchets", "count", len(i.ratchets), "path", path)
return nil
}
func HashFromString(hash string) ([]byte, error) {
if len(hash) != 32 {
return nil, fmt.Errorf("invalid hash length: expected 32, got %d", len(hash))
@@ -539,12 +668,16 @@ func (i *Identity) SetRatchetKey(id string, key []byte) {
// NewIdentity creates a new Identity instance with fresh keys
func NewIdentity() (*Identity, error) {
// Generate Ed25519 signing keypair
pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
return nil, fmt.Errorf("failed to generate Ed25519 keypair: %v", err)
// Generate 32-byte Ed25519 seed (compatible with Python RNS)
var ed25519Seed [32]byte
if _, err := io.ReadFull(rand.Reader, ed25519Seed[:]); err != nil {
return nil, fmt.Errorf("failed to generate Ed25519 seed: %v", err)
}
// Derive Ed25519 keypair from seed
privKey := ed25519.NewKeyFromSeed(ed25519Seed[:])
pubKey := privKey.Public().(ed25519.PublicKey)
// Generate X25519 encryption keypair
var encPrivKey [32]byte
if _, err := io.ReadFull(rand.Reader, encPrivKey[:]); err != nil {
@@ -559,7 +692,7 @@ func NewIdentity() (*Identity, error) {
i := &Identity{
privateKey: encPrivKey[:],
publicKey: encPubKey,
signingKey: privKey,
signingSeed: ed25519Seed[:],
verificationKey: pubKey,
ratchets: make(map[string][]byte),
ratchetExpiry: make(map[string]int64),
@@ -580,19 +713,19 @@ func (i *Identity) RotateRatchet() ([]byte, error) {
i.mutex.Lock()
defer i.mutex.Unlock()
log.Printf("[DEBUG-7] Rotating ratchet for identity %s", i.GetHexHash())
debug.Log(debug.DEBUG_ALL, "Rotating ratchet for identity", "hash", i.GetHexHash())
// Generate new ratchet key
newRatchet := make([]byte, RATCHETSIZE/8)
if _, err := io.ReadFull(rand.Reader, newRatchet); err != nil {
log.Printf("[DEBUG-1] Failed to generate new ratchet: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Failed to generate new ratchet", "error", err)
return nil, err
}
// Get public key for ratchet ID
ratchetPub, err := curve25519.X25519(newRatchet, curve25519.Basepoint)
if err != nil {
log.Printf("[DEBUG-1] Failed to generate ratchet public key: %v", err)
debug.Log(debug.DEBUG_CRITICAL, "Failed to generate ratchet public key", "error", err)
return nil, err
}
@@ -603,7 +736,7 @@ func (i *Identity) RotateRatchet() ([]byte, error) {
i.ratchets[string(ratchetID)] = newRatchet
i.ratchetExpiry[string(ratchetID)] = expiry
log.Printf("[DEBUG-7] New ratchet generated with ID: %x, expiry: %d", ratchetID, expiry)
debug.Log(debug.DEBUG_ALL, "New ratchet generated", "id", fmt.Sprintf("%x", ratchetID), "expiry", expiry)
// Cleanup old ratchets if we exceed max retained
if len(i.ratchets) > MAX_RETAINED_RATCHETS {
@@ -619,10 +752,10 @@ func (i *Identity) RotateRatchet() ([]byte, error) {
delete(i.ratchets, oldestID)
delete(i.ratchetExpiry, oldestID)
log.Printf("[DEBUG-7] Cleaned up oldest ratchet with ID: %x", []byte(oldestID))
debug.Log(debug.DEBUG_ALL, "Cleaned up oldest ratchet", "id", fmt.Sprintf("%x", []byte(oldestID)))
}
log.Printf("[DEBUG-7] Current number of active ratchets: %d", len(i.ratchets))
debug.Log(debug.DEBUG_ALL, "Current number of active ratchets", "count", len(i.ratchets))
return newRatchet, nil
}
@@ -630,7 +763,7 @@ func (i *Identity) GetRatchets() [][]byte {
i.mutex.RLock()
defer i.mutex.RUnlock()
log.Printf("[DEBUG-7] Getting ratchets for identity %s", i.GetHexHash())
debug.Log(debug.DEBUG_ALL, "Getting ratchets for identity", "hash", i.GetHexHash())
ratchets := make([][]byte, 0, len(i.ratchets))
now := time.Now().Unix()
@@ -648,7 +781,7 @@ func (i *Identity) GetRatchets() [][]byte {
}
}
log.Printf("[DEBUG-7] Retrieved %d active ratchets, cleaned up %d expired", len(ratchets), expired)
debug.Log(debug.DEBUG_ALL, "Retrieved active ratchets", "active", len(ratchets), "expired", expired)
return ratchets
}
@@ -656,7 +789,7 @@ func (i *Identity) CleanupExpiredRatchets() {
i.mutex.Lock()
defer i.mutex.Unlock()
log.Printf("[DEBUG-7] Starting ratchet cleanup for identity %s", i.GetHexHash())
debug.Log(debug.DEBUG_ALL, "Starting ratchet cleanup for identity", "hash", i.GetHexHash())
now := time.Now().Unix()
cleaned := 0
@@ -668,7 +801,7 @@ func (i *Identity) CleanupExpiredRatchets() {
}
}
log.Printf("[DEBUG-7] Cleaned up %d expired ratchets, %d remaining", cleaned, len(i.ratchets))
debug.Log(debug.DEBUG_ALL, "Cleaned up expired ratchets", "cleaned", cleaned, "remaining", len(i.ratchets))
}
// ValidateAnnounce validates an announce packet's signature

40
pkg/interfaces/auto.go
View File

@@ -44,21 +44,19 @@ type Peer struct {
}
func NewAutoInterface(name string, config *common.InterfaceConfig) (*AutoInterface, error) {
base := &BaseInterface{
Name: name,
Mode: common.IF_MODE_FULL,
Type: common.IF_TYPE_AUTO,
Online: false,
Enabled: config.Enabled,
Detached: false,
IN: false,
OUT: false,
MTU: common.DEFAULT_MTU,
Bitrate: BITRATE_MINIMUM,
}
ai := &AutoInterface{
BaseInterface: *base,
BaseInterface: BaseInterface{
Name: name,
Mode: common.IF_MODE_FULL,
Type: common.IF_TYPE_AUTO,
Online: false,
Enabled: config.Enabled,
Detached: false,
IN: false,
OUT: false,
MTU: common.DEFAULT_MTU,
Bitrate: BITRATE_MINIMUM,
},
discoveryPort: DEFAULT_DISCOVERY_PORT,
dataPort: DEFAULT_DATA_PORT,
discoveryScope: SCOPE_LINK,
@@ -99,6 +97,10 @@ func (ai *AutoInterface) Start() error {
return fmt.Errorf("no suitable interfaces found")
}
// Mark interface as online
ai.Online = true
ai.Enabled = true
go ai.peerJobs()
return nil
}
@@ -165,13 +167,13 @@ func (ai *AutoInterface) startDataListener(iface *net.Interface) error {
func (ai *AutoInterface) handleDiscovery(conn *net.UDPConn, ifaceName string) {
buf := make([]byte, 1024)
for {
n, remoteAddr, err := conn.ReadFromUDP(buf)
_, remoteAddr, err := conn.ReadFromUDP(buf)
if err != nil {
log.Printf("Discovery read error: %v", err)
continue
}
ai.handlePeerAnnounce(remoteAddr, buf[:n], ifaceName)
ai.handlePeerAnnounce(remoteAddr, ifaceName)
}
}
@@ -192,7 +194,7 @@ func (ai *AutoInterface) handleData(conn *net.UDPConn) {
}
}
func (ai *AutoInterface) handlePeerAnnounce(addr *net.UDPAddr, data []byte, ifaceName string) {
func (ai *AutoInterface) handlePeerAnnounce(addr *net.UDPAddr, ifaceName string) {
ai.mutex.Lock()
defer ai.mutex.Unlock()
@@ -266,11 +268,11 @@ func (ai *AutoInterface) Stop() error {
defer ai.mutex.Unlock()
for _, server := range ai.interfaceServers {
server.Close()
server.Close() // #nosec G104
}
if ai.outboundConn != nil {
ai.outboundConn.Close()
ai.outboundConn.Close() // #nosec G104
}
return nil

290
pkg/interfaces/auto_test.go Normal file
View File

@@ -0,0 +1,290 @@
package interfaces
import (
"net"
"testing"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
)
func TestNewAutoInterface(t *testing.T) {
t.Run("DefaultConfig", func(t *testing.T) {
config := &common.InterfaceConfig{Enabled: true}
ai, err := NewAutoInterface("autoDefault", config)
if err != nil {
t.Fatalf("NewAutoInterface failed with default config: %v", err)
}
if ai == nil {
t.Fatal("NewAutoInterface returned nil with default config")
}
if ai.GetName() != "autoDefault" {
t.Errorf("GetName() = %s; want autoDefault", ai.GetName())
}
if ai.GetType() != common.IF_TYPE_AUTO {
t.Errorf("GetType() = %v; want %v", ai.GetType(), common.IF_TYPE_AUTO)
}
if ai.discoveryPort != DEFAULT_DISCOVERY_PORT {
t.Errorf("discoveryPort = %d; want %d", ai.discoveryPort, DEFAULT_DISCOVERY_PORT)
}
if ai.dataPort != DEFAULT_DATA_PORT {
t.Errorf("dataPort = %d; want %d", ai.dataPort, DEFAULT_DATA_PORT)
}
if string(ai.groupID) != "reticulum" {
t.Errorf("groupID = %s; want reticulum", string(ai.groupID))
}
if ai.discoveryScope != SCOPE_LINK {
t.Errorf("discoveryScope = %s; want %s", ai.discoveryScope, SCOPE_LINK)
}
if len(ai.peers) != 0 {
t.Errorf("peers map not empty initially")
}
})
t.Run("CustomConfig", func(t *testing.T) {
config := &common.InterfaceConfig{
Enabled: true,
Port: 12345, // Custom discovery port
GroupID: "customGroup",
}
ai, err := NewAutoInterface("autoCustom", config)
if err != nil {
t.Fatalf("NewAutoInterface failed with custom config: %v", err)
}
if ai == nil {
t.Fatal("NewAutoInterface returned nil with custom config")
}
if ai.discoveryPort != 12345 {
t.Errorf("discoveryPort = %d; want 12345", ai.discoveryPort)
}
if string(ai.groupID) != "customGroup" {
t.Errorf("groupID = %s; want customGroup", string(ai.groupID))
}
})
}
// mockAutoInterface embeds AutoInterface but overrides methods that start goroutines
type mockAutoInterface struct {
*AutoInterface
}
func newMockAutoInterface(name string, config *common.InterfaceConfig) (*mockAutoInterface, error) {
ai, err := NewAutoInterface(name, config)
if err != nil {
return nil, err
}
// Initialize maps that would normally be initialized in Start()
ai.peers = make(map[string]*Peer)
ai.linkLocalAddrs = make([]string, 0)
ai.adoptedInterfaces = make(map[string]string)
ai.interfaceServers = make(map[string]*net.UDPConn)
ai.multicastEchoes = make(map[string]time.Time)
return &mockAutoInterface{AutoInterface: ai}, nil
}
func (m *mockAutoInterface) Start() error {
// Don't start any goroutines
return nil
}
func (m *mockAutoInterface) Stop() error {
// Don't try to close connections that were never opened
return nil
}
// mockHandlePeerAnnounce is a test-only method that doesn't handle its own locking
func (m *mockAutoInterface) mockHandlePeerAnnounce(addr *net.UDPAddr, ifaceName string) {
peerAddr := addr.IP.String() + "%" + addr.Zone
for _, localAddr := range m.linkLocalAddrs {
if peerAddr == localAddr {
m.multicastEchoes[ifaceName] = time.Now()
return
}
}
if _, exists := m.peers[peerAddr]; !exists {
m.peers[peerAddr] = &Peer{
ifaceName: ifaceName,
lastHeard: time.Now(),
}
} else {
m.peers[peerAddr].lastHeard = time.Now()
}
}
func TestAutoInterfacePeerManagement(t *testing.T) {
// Use a shorter timeout for testing
testTimeout := 100 * time.Millisecond
config := &common.InterfaceConfig{Enabled: true}
ai, err := newMockAutoInterface("autoPeerTest", config)
if err != nil {
t.Fatalf("Failed to create mock interface: %v", err)
}
// Create a done channel to signal goroutine cleanup
done := make(chan struct{})
// Start peer management with done channel
go func() {
ticker := time.NewTicker(testTimeout)
defer ticker.Stop()
for {
select {
case <-ticker.C:
ai.mutex.Lock()
now := time.Now()
for addr, peer := range ai.peers {
if now.Sub(peer.lastHeard) > testTimeout {
delete(ai.peers, addr)
}
}
ai.mutex.Unlock()
case <-done:
return
}
}
}()
// Ensure cleanup
defer func() {
close(done)
ai.Stop()
}()
// Simulate receiving peer announces
peer1AddrStr := "fe80::1%eth0"
peer2AddrStr := "fe80::2%eth0"
localAddrStr := "fe80::aaaa%eth0" // Simulate a local address
peer1Addr := &net.UDPAddr{IP: net.ParseIP("fe80::1"), Zone: "eth0"}
peer2Addr := &net.UDPAddr{IP: net.ParseIP("fe80::2"), Zone: "eth0"}
localAddr := &net.UDPAddr{IP: net.ParseIP("fe80::aaaa"), Zone: "eth0"}
// Add a simulated local address to avoid adding it as a peer
ai.mutex.Lock()
ai.linkLocalAddrs = append(ai.linkLocalAddrs, localAddrStr)
ai.mutex.Unlock()
t.Run("AddPeer1", func(t *testing.T) {
ai.mutex.Lock()
ai.mockHandlePeerAnnounce(peer1Addr, "eth0")
ai.mutex.Unlock()
// Give a small amount of time for the peer to be processed
time.Sleep(10 * time.Millisecond)
ai.mutex.RLock()
count := len(ai.peers)
peer, exists := ai.peers[peer1AddrStr]
var ifaceName string
if exists {
ifaceName = peer.ifaceName
}
ai.mutex.RUnlock()
if count != 1 {
t.Fatalf("Expected 1 peer, got %d", count)
}
if !exists {
t.Fatalf("Peer %s not found in map", peer1AddrStr)
}
if ifaceName != "eth0" {
t.Errorf("Peer %s interface name = %s; want eth0", peer1AddrStr, ifaceName)
}
})
t.Run("AddPeer2", func(t *testing.T) {
ai.mutex.Lock()
ai.mockHandlePeerAnnounce(peer2Addr, "eth0")
ai.mutex.Unlock()
// Give a small amount of time for the peer to be processed
time.Sleep(10 * time.Millisecond)
ai.mutex.RLock()
count := len(ai.peers)
_, exists := ai.peers[peer2AddrStr]
ai.mutex.RUnlock()
if count != 2 {
t.Fatalf("Expected 2 peers, got %d", count)
}
if !exists {
t.Fatalf("Peer %s not found in map", peer2AddrStr)
}
})
t.Run("IgnoreLocalAnnounce", func(t *testing.T) {
ai.mutex.Lock()
ai.mockHandlePeerAnnounce(localAddr, "eth0")
ai.mutex.Unlock()
// Give a small amount of time for the peer to be processed
time.Sleep(10 * time.Millisecond)
ai.mutex.RLock()
count := len(ai.peers)
ai.mutex.RUnlock()
if count != 2 {
t.Fatalf("Expected 2 peers after local announce, got %d", count)
}
})
t.Run("UpdatePeerTimestamp", func(t *testing.T) {
ai.mutex.RLock()
peer, exists := ai.peers[peer1AddrStr]
var initialTime time.Time
if exists {
initialTime = peer.lastHeard
}
ai.mutex.RUnlock()
if !exists {
t.Fatalf("Peer %s not found before timestamp update", peer1AddrStr)
}
ai.mutex.Lock()
ai.mockHandlePeerAnnounce(peer1Addr, "eth0")
ai.mutex.Unlock()
// Give a small amount of time for the peer to be processed
time.Sleep(10 * time.Millisecond)
ai.mutex.RLock()
peer, exists = ai.peers[peer1AddrStr]
var updatedTime time.Time
if exists {
updatedTime = peer.lastHeard
}
ai.mutex.RUnlock()
if !exists {
t.Fatalf("Peer %s not found after timestamp update", peer1AddrStr)
}
if !updatedTime.After(initialTime) {
t.Errorf("Peer timestamp was not updated after receiving another announce")
}
})
t.Run("PeerTimeout", func(t *testing.T) {
// Wait for peer timeout
time.Sleep(testTimeout * 2)
ai.mutex.RLock()
count := len(ai.peers)
ai.mutex.RUnlock()
if count != 0 {
t.Errorf("Expected all peers to timeout, got %d peers", count)
}
})
}

35
pkg/interfaces/interface.go
View File

@@ -3,12 +3,12 @@ package interfaces
import (
"encoding/binary"
"fmt"
"log"
"net"
"sync"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
)
const (
@@ -26,17 +26,6 @@ const (
TYPE_TCP = 0x02
PROPAGATION_RATE = 0.02 // 2% of interface bandwidth
DEBUG_LEVEL = 4 // Default debug level for interface logging
// Debug levels
DEBUG_CRITICAL = 1
DEBUG_ERROR = 2
DEBUG_INFO = 3
DEBUG_VERBOSE = 4
DEBUG_TRACE = 5
DEBUG_PACKETS = 6
DEBUG_ALL = 7
)
type Interface interface {
@@ -127,7 +116,7 @@ func (i *BaseInterface) ProcessIncoming(data []byte) {
func (i *BaseInterface) ProcessOutgoing(data []byte) error {
if !i.Online || i.Detached {
log.Printf("[DEBUG-1] Interface %s: Cannot process outgoing packet - interface offline or detached", i.Name)
debug.Log(debug.DEBUG_CRITICAL, "Interface cannot process outgoing packet - interface offline or detached", "name", i.Name)
return fmt.Errorf("interface offline or detached")
}
@@ -135,7 +124,7 @@ func (i *BaseInterface) ProcessOutgoing(data []byte) error {
i.TxBytes += uint64(len(data))
i.mutex.Unlock()
log.Printf("[DEBUG-%d] Interface %s: Processed outgoing packet of %d bytes, total TX: %d", DEBUG_LEVEL, i.Name, len(data), i.TxBytes)
debug.Log(debug.DEBUG_VERBOSE, "Interface processed outgoing packet", "name", i.Name, "bytes", len(data), "total_tx", i.TxBytes)
return nil
}
@@ -161,7 +150,7 @@ func (i *BaseInterface) SendLinkPacket(dest []byte, data []byte, timestamp time.
frame = append(frame, dest...)
ts := make([]byte, 8)
binary.BigEndian.PutUint64(ts, uint64(timestamp.Unix()))
binary.BigEndian.PutUint64(ts, uint64(timestamp.Unix())) // #nosec G115
frame = append(frame, ts...)
frame = append(frame, data...)
@@ -189,7 +178,7 @@ func (i *BaseInterface) Enable() {
i.Enabled = true
i.Online = true
log.Printf("[DEBUG-%d] Interface %s: State changed - Enabled: %v->%v, Online: %v->%v", DEBUG_INFO, i.Name, prevState, i.Enabled, !i.Online, i.Online)
debug.Log(debug.DEBUG_INFO, "Interface state changed", "name", i.Name, "enabled_prev", prevState, "enabled", i.Enabled, "online_prev", !i.Online, "online", i.Online)
}
func (i *BaseInterface) Disable() {
@@ -197,7 +186,7 @@ func (i *BaseInterface) Disable() {
defer i.mutex.Unlock()
i.Enabled = false
i.Online = false
log.Printf("[DEBUG-2] Interface %s: Disabled and offline", i.Name)
debug.Log(debug.DEBUG_ERROR, "Interface disabled and offline", "name", i.Name)
}
func (i *BaseInterface) GetName() string {
@@ -237,11 +226,11 @@ func (i *BaseInterface) Stop() error {
}
func (i *BaseInterface) Send(data []byte, address string) error {
log.Printf("[DEBUG-%d] Interface %s: Sending %d bytes to %s", DEBUG_LEVEL, i.Name, len(data), address)
debug.Log(debug.DEBUG_VERBOSE, "Interface sending bytes", "name", i.Name, "bytes", len(data), "address", address)
err := i.ProcessOutgoing(data)
if err != nil {
log.Printf("[DEBUG-1] Interface %s: Failed to send data: %v", i.Name, err)
debug.Log(debug.DEBUG_CRITICAL, "Interface failed to send data", "name", i.Name, "error", err)
return err
}
@@ -261,7 +250,7 @@ func (i *BaseInterface) GetBandwidthAvailable() bool {
timeSinceLastTx := now.Sub(i.lastTx)
if timeSinceLastTx > time.Second {
log.Printf("[DEBUG-%d] Interface %s: Bandwidth available (idle for %.2fs)", DEBUG_VERBOSE, i.Name, timeSinceLastTx.Seconds())
debug.Log(debug.DEBUG_VERBOSE, "Interface bandwidth available", "name", i.Name, "idle_seconds", timeSinceLastTx.Seconds())
return true
}
@@ -270,7 +259,7 @@ func (i *BaseInterface) GetBandwidthAvailable() bool {
maxUsage := float64(i.Bitrate) * PROPAGATION_RATE
available := currentUsage < maxUsage
log.Printf("[DEBUG-%d] Interface %s: Bandwidth stats - Current: %.2f bps, Max: %.2f bps, Usage: %.1f%%, Available: %v", DEBUG_VERBOSE, i.Name, currentUsage, maxUsage, (currentUsage/maxUsage)*100, available)
debug.Log(debug.DEBUG_VERBOSE, "Interface bandwidth stats", "name", i.Name, "current_bps", currentUsage, "max_bps", maxUsage, "usage_percent", (currentUsage/maxUsage)*100, "available", available)
return available
}
@@ -282,7 +271,7 @@ func (i *BaseInterface) updateBandwidthStats(bytes uint64) {
i.TxBytes += bytes
i.lastTx = time.Now()
log.Printf("[DEBUG-%d] Interface %s: Updated bandwidth stats - TX bytes: %d, Last TX: %v", DEBUG_LEVEL, i.Name, i.TxBytes, i.lastTx)
debug.Log(debug.DEBUG_VERBOSE, "Interface updated bandwidth stats", "name", i.Name, "tx_bytes", i.TxBytes, "last_tx", i.lastTx)
}
type InterceptedInterface struct {
@@ -305,7 +294,7 @@ func (i *InterceptedInterface) Send(data []byte, addr string) error {
// Call interceptor if provided
if i.interceptor != nil && len(data) > 0 {
if err := i.interceptor(data, i); err != nil {
log.Printf("[DEBUG-2] Failed to intercept outgoing packet: %v", err)
debug.Log(debug.DEBUG_ERROR, "Failed to intercept outgoing packet", "error", err)
}
}

230
pkg/interfaces/interface_test.go Normal file
View File

@@ -0,0 +1,230 @@
package interfaces
import (
"bytes"
"net"
"sync"
"testing"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
)
func TestBaseInterfaceStateChanges(t *testing.T) {
bi := NewBaseInterface("test", common.IF_TYPE_TCP, false) // Start disabled
if bi.IsEnabled() {
t.Error("Newly created disabled interface reports IsEnabled() == true")
}
if bi.IsOnline() {
t.Error("Newly created disabled interface reports IsOnline() == true")
}
if bi.IsDetached() {
t.Error("Newly created interface reports IsDetached() == true")
}
bi.Enable()
if !bi.IsEnabled() {
t.Error("After Enable(), IsEnabled() == false")
}
if !bi.IsOnline() {
t.Error("After Enable(), IsOnline() == false")
}
if bi.IsDetached() {
t.Error("After Enable(), IsDetached() == true")
}
bi.Detach()
if bi.IsEnabled() {
t.Error("After Detach(), IsEnabled() == true")
}
if bi.IsOnline() {
t.Error("After Detach(), IsOnline() == true")
}
if !bi.IsDetached() {
t.Error("After Detach(), IsDetached() == false")
}
// Reset for Disable test
bi = NewBaseInterface("test2", common.IF_TYPE_UDP, true) // Start enabled
if !bi.Enabled { // Check the Enabled field directly first
t.Error("Newly created enabled interface reports Enabled == false")
}
if bi.IsEnabled() { // IsEnabled should still be false because Online is false
t.Error("Newly created enabled interface reports IsEnabled() == true before Enable() is called")
}
bi.Enable() // Explicitly enable to set Online = true
if !bi.IsEnabled() { // Now IsEnabled should be true
t.Error("After Enable() on initially enabled interface, IsEnabled() == false")
}
bi.Disable()
if bi.Enabled { // Check Enabled field after Disable()
t.Error("After Disable(), Enabled == true")
}
if bi.IsOnline() {
t.Error("After Disable(), IsOnline() == true")
}
if bi.IsDetached() { // Disable doesn't detach
t.Error("After Disable(), IsDetached() == true")
}
}
func TestBaseInterfaceGetters(t *testing.T) {
bi := NewBaseInterface("getterTest", common.IF_TYPE_AUTO, true)
if bi.GetName() != "getterTest" {
t.Errorf("GetName() = %s; want getterTest", bi.GetName())
}
if bi.GetType() != common.IF_TYPE_AUTO {
t.Errorf("GetType() = %v; want %v", bi.GetType(), common.IF_TYPE_AUTO)
}
if bi.GetMode() != common.IF_MODE_FULL {
t.Errorf("GetMode() = %v; want %v", bi.GetMode(), common.IF_MODE_FULL)
}
if bi.GetMTU() != common.DEFAULT_MTU { // Assuming default MTU
t.Errorf("GetMTU() = %d; want %d", bi.GetMTU(), common.DEFAULT_MTU)
}
}
func TestBaseInterfaceCallbacks(t *testing.T) {
bi := NewBaseInterface("callbackTest", common.IF_TYPE_TCP, true)
var wg sync.WaitGroup
var callbackCalled bool
callback := func(data []byte, iface common.NetworkInterface) {
if len(data) != 5 {
t.Errorf("Callback received data length %d; want 5", len(data))
}
if iface.GetName() != "callbackTest" {
t.Errorf("Callback received interface name %s; want callbackTest", iface.GetName())
}
callbackCalled = true
wg.Done()
}
bi.SetPacketCallback(callback)
if bi.GetPacketCallback() == nil { // Cannot directly compare functions
t.Error("GetPacketCallback() returned nil after SetPacketCallback()")
}
wg.Add(1)
go bi.ProcessIncoming([]byte{1, 2, 3, 4, 5}) // Run in goroutine as callback might block
// Wait for callback or timeout
waitTimeout(&wg, 1*time.Second, t)
if !callbackCalled {
t.Error("Packet callback was not called after ProcessIncoming")
}
}
func TestBaseInterfaceStats(t *testing.T) {
bi := NewBaseInterface("statsTest", common.IF_TYPE_UDP, true)
bi.Enable() // Need to be Online for ProcessOutgoing
data1 := []byte{1, 2, 3}
data2 := []byte{4, 5, 6, 7, 8}
bi.ProcessIncoming(data1)
if bi.RxBytes != uint64(len(data1)) {
t.Errorf("RxBytes = %d; want %d after first ProcessIncoming", bi.RxBytes, len(data1))
}
bi.ProcessIncoming(data2)
if bi.RxBytes != uint64(len(data1)+len(data2)) {
t.Errorf("RxBytes = %d; want %d after second ProcessIncoming", bi.RxBytes, len(data1)+len(data2))
}
// ProcessOutgoing only updates TxBytes in BaseInterface
err := bi.ProcessOutgoing(data1)
if err != nil {
t.Fatalf("ProcessOutgoing failed: %v", err)
}
if bi.TxBytes != uint64(len(data1)) {
t.Errorf("TxBytes = %d; want %d after first ProcessOutgoing", bi.TxBytes, len(data1))
}
err = bi.ProcessOutgoing(data2)
if err != nil {
t.Fatalf("ProcessOutgoing failed: %v", err)
}
if bi.TxBytes != uint64(len(data1)+len(data2)) {
t.Errorf("TxBytes = %d; want %d after second ProcessOutgoing", bi.TxBytes, len(data1)+len(data2))
}
}
// Helper function to wait for a WaitGroup with a timeout
func waitTimeout(wg *sync.WaitGroup, timeout time.Duration, t *testing.T) {
c := make(chan struct{})
go func() {
defer close(c)
wg.Wait()
}()
select {
case <-c:
// Completed normally
case <-time.After(timeout):
t.Fatal("Timed out waiting for WaitGroup")
}
}
// Minimal mock interface for InterceptedInterface test
type mockInterface struct {
BaseInterface
sendCalled bool
sendData []byte
}
func (m *mockInterface) Send(data []byte, addr string) error {
m.sendCalled = true
m.sendData = data
return nil
}
// Add other methods to satisfy the Interface interface (can be minimal/panic)
func (m *mockInterface) GetType() common.InterfaceType { return common.IF_TYPE_NONE }
func (m *mockInterface) GetMode() common.InterfaceMode { return common.IF_MODE_FULL }
func (m *mockInterface) ProcessIncoming(data []byte) {}
func (m *mockInterface) ProcessOutgoing(data []byte) error { return nil }
func (m *mockInterface) SendPathRequest([]byte) error { return nil }
func (m *mockInterface) SendLinkPacket([]byte, []byte, time.Time) error { return nil }
func (m *mockInterface) Start() error { return nil }
func (m *mockInterface) Stop() error { return nil }
func (m *mockInterface) GetConn() net.Conn { return nil }
func (m *mockInterface) GetBandwidthAvailable() bool { return true }
func TestInterceptedInterface(t *testing.T) {
mockBase := &mockInterface{}
var interceptorCalled bool
var interceptedData []byte
interceptor := func(data []byte, iface common.NetworkInterface) error {
interceptorCalled = true
interceptedData = data
return nil
}
intercepted := NewInterceptedInterface(mockBase, interceptor)
testData := []byte("intercept me")
err := intercepted.Send(testData, "dummy_addr")
if err != nil {
t.Fatalf("Intercepted Send failed: %v", err)
}
if !interceptorCalled {
t.Error("Interceptor function was not called")
}
if !bytes.Equal(interceptedData, testData) {
t.Errorf("Interceptor received data %x; want %x", interceptedData, testData)
}
if !mockBase.sendCalled {
t.Error("Original Send function was not called")
}
if !bytes.Equal(mockBase.sendData, testData) {
t.Errorf("Original Send received data %x; want %x", mockBase.sendData, testData)
}
}

168
pkg/interfaces/tcp.go
View File

@@ -2,13 +2,13 @@ package interfaces
import (
"fmt"
"log"
"net"
"runtime"
"sync"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
)
const (
@@ -68,7 +68,7 @@ func NewTCPClientInterface(name string, targetHost string, targetPort int, kissF
}
if enabled {
addr := fmt.Sprintf("%s:%d", targetHost, targetPort)
addr := net.JoinHostPort(targetHost, fmt.Sprintf("%d", targetPort))
conn, err := net.Dial("tcp", addr)
if err != nil {
return nil, err
@@ -95,7 +95,7 @@ func (tc *TCPClientInterface) Start() error {
return nil
}
addr := fmt.Sprintf("%s:%d", tc.targetAddr, tc.targetPort)
addr := net.JoinHostPort(tc.targetAddr, fmt.Sprintf("%d", tc.targetPort))
conn, err := net.Dial("tcp", addr)
if err != nil {
return err
@@ -106,11 +106,11 @@ func (tc *TCPClientInterface) Start() error {
switch runtime.GOOS {
case "linux":
if err := tc.setTimeoutsLinux(); err != nil {
log.Printf("[DEBUG-2] Failed to set Linux TCP timeouts: %v", err)
debug.Log(debug.DEBUG_ERROR, "Failed to set Linux TCP timeouts", "error", err)
}
case "darwin":
if err := tc.setTimeoutsOSX(); err != nil {
log.Printf("[DEBUG-2] Failed to set OSX TCP timeouts: %v", err)
debug.Log(debug.DEBUG_ERROR, "Failed to set OSX TCP timeouts", "error", err)
}
}
@@ -138,58 +138,29 @@ func (tc *TCPClientInterface) readLoop() {
}
// Update RX bytes for raw received data
tc.UpdateStats(uint64(n), true)
tc.UpdateStats(uint64(n), true) // #nosec G115
for i := 0; i < n; i++ {
b := buffer[i]
if tc.kissFraming {
// KISS framing logic
if b == KISS_FEND {
if inFrame && len(dataBuffer) > 0 {
tc.handlePacket(dataBuffer)
dataBuffer = dataBuffer[:0]
}
inFrame = !inFrame
continue
if b == HDLC_FLAG {
if inFrame && len(dataBuffer) > 0 {
tc.handlePacket(dataBuffer)
dataBuffer = dataBuffer[:0]
}
inFrame = !inFrame
continue
}
if inFrame {
if b == KISS_FESC {
escape = true
} else {
if escape {
if b == KISS_TFEND {
b = KISS_FEND
} else if b == KISS_TFESC {
b = KISS_FESC
}
escape = false
}
dataBuffer = append(dataBuffer, b)
}
}
} else {
// HDLC framing logic
if b == HDLC_FLAG {
if inFrame && len(dataBuffer) > 0 {
tc.handlePacket(dataBuffer)
dataBuffer = dataBuffer[:0]
}
inFrame = !inFrame
continue
}
if inFrame {
if b == HDLC_ESC {
escape = true
} else {
if escape {
b ^= HDLC_ESC_MASK
escape = false
}
dataBuffer = append(dataBuffer, b)
if inFrame {
if b == HDLC_ESC {
escape = true
} else {
if escape {
b ^= HDLC_ESC_MASK
escape = false
}
dataBuffer = append(dataBuffer, b)
}
}
}
@@ -198,46 +169,44 @@ func (tc *TCPClientInterface) readLoop() {
func (tc *TCPClientInterface) handlePacket(data []byte) {
if len(data) < 1 {
log.Printf("[DEBUG-7] Received invalid packet: empty")
debug.Log(debug.DEBUG_ALL, "Received invalid packet: empty")
return
}
tc.mutex.Lock()
tc.packetType = data[0]
tc.RxBytes += uint64(len(data))
lastRx := time.Now()
tc.lastRx = lastRx
tc.mutex.Unlock()
log.Printf("[DEBUG-7] Received packet: type=0x%02x, size=%d bytes", tc.packetType, len(data))
debug.Log(debug.DEBUG_ALL, "Received packet", "type", fmt.Sprintf("0x%02x", data[0]), "size", len(data))
payload := data[1:]
switch tc.packetType {
case 0x01: // Announce packet
log.Printf("[DEBUG-7] Processing announce packet: payload=%d bytes", len(payload))
if len(payload) >= 53 {
tc.BaseInterface.ProcessIncoming(payload)
} else {
log.Printf("[DEBUG-7] Announce packet too small: %d bytes", len(payload))
}
case 0x02: // Link packet
log.Printf("[DEBUG-7] Processing link packet: payload=%d bytes", len(payload))
if len(payload) < 40 {
log.Printf("[DEBUG-7] Link packet too small: %d bytes", len(payload))
return
}
tc.BaseInterface.ProcessIncoming(payload)
case 0x03: // Announce packet
tc.BaseInterface.ProcessIncoming(payload)
case 0x04: // Transport packet
tc.BaseInterface.ProcessIncoming(payload)
default:
// Unknown packet type
return
// For RNS packets, call the packet callback directly
if callback := tc.GetPacketCallback(); callback != nil {
debug.Log(debug.DEBUG_ALL, "Calling packet callback for RNS packet")
callback(data, tc)
} else {
debug.Log(debug.DEBUG_ALL, "No packet callback set for TCP interface")
}
}
// Send implements the interface Send method for TCP interface
func (tc *TCPClientInterface) Send(data []byte, address string) error {
debug.Log(debug.DEBUG_ALL, "TCP interface sending bytes", "name", tc.Name, "bytes", len(data))
if !tc.IsEnabled() || !tc.IsOnline() {
return fmt.Errorf("TCP interface %s is not online", tc.Name)
}
// For TCP interface, we need to prepend a packet type byte for announce packets
// RNS TCP protocol expects: [packet_type][data]
frame := make([]byte, 0, len(data)+1)
frame = append(frame, 0x01) // Announce packet type
frame = append(frame, data...)
return tc.ProcessOutgoing(frame)
}
func (tc *TCPClientInterface) ProcessOutgoing(data []byte) error {
if !tc.Online {
return fmt.Errorf("interface offline")
@@ -246,19 +215,19 @@ func (tc *TCPClientInterface) ProcessOutgoing(data []byte) error {
tc.writing = true
defer func() { tc.writing = false }()
// For TCP connections, use HDLC framing
var frame []byte
if tc.kissFraming {
frame = append([]byte{KISS_FEND}, escapeKISS(data)...)
frame = append(frame, KISS_FEND)
} else {
frame = append([]byte{HDLC_FLAG}, escapeHDLC(data)...)
frame = append(frame, HDLC_FLAG)
}
frame = append([]byte{HDLC_FLAG}, escapeHDLC(data)...)
frame = append(frame, HDLC_FLAG)
// Update TX stats before sending
tc.UpdateStats(uint64(len(frame)), false)
debug.Log(debug.DEBUG_ALL, "TCP interface writing to network", "name", tc.Name, "bytes", len(frame))
_, err := tc.conn.Write(frame)
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "TCP interface write failed", "name", tc.Name, "error", err)
}
return err
}
@@ -267,7 +236,7 @@ func (tc *TCPClientInterface) teardown() {
tc.IN = false
tc.OUT = false
if tc.conn != nil {
tc.conn.Close()
tc.conn.Close() // #nosec G104
}
}
@@ -346,7 +315,7 @@ func (tc *TCPClientInterface) reconnect() {
for retries < tc.maxReconnectTries {
tc.teardown()
addr := fmt.Sprintf("%s:%d", tc.targetAddr, tc.targetPort)
addr := net.JoinHostPort(tc.targetAddr, fmt.Sprintf("%d", tc.targetPort))
conn, err := net.Dial("tcp", addr)
if err == nil {
@@ -364,7 +333,7 @@ func (tc *TCPClientInterface) reconnect() {
// Log reconnection attempt
fmt.Printf("Failed to reconnect to %s (attempt %d/%d): %v\n",
addr, retries+1, tc.maxReconnectTries, err)
net.JoinHostPort(tc.targetAddr, fmt.Sprintf("%d", tc.targetPort)), retries+1, tc.maxReconnectTries, err)
// Wait with exponential backoff
time.Sleep(backoff)
@@ -385,7 +354,7 @@ func (tc *TCPClientInterface) reconnect() {
// If we've exhausted all retries, perform final teardown
tc.teardown()
fmt.Printf("Failed to reconnect to %s after %d attempts\n",
fmt.Sprintf("%s:%d", tc.targetAddr, tc.targetPort), tc.maxReconnectTries)
net.JoinHostPort(tc.targetAddr, fmt.Sprintf("%d", tc.targetPort)), tc.maxReconnectTries)
}
func (tc *TCPClientInterface) Enable() {
@@ -418,9 +387,11 @@ func (tc *TCPClientInterface) GetRTT() time.Duration {
var rtt time.Duration = 0
if runtime.GOOS == "linux" {
if info, err := tcpConn.SyscallConn(); err == nil {
info.Control(func(fd uintptr) {
if err := info.Control(func(fd uintptr) { // #nosec G104
rtt = platformGetRTT(fd)
})
}); err != nil {
debug.Log(debug.DEBUG_ERROR, "Error in SyscallConn Control", "error", err)
}
}
}
return rtt
@@ -449,13 +420,11 @@ func (tc *TCPClientInterface) UpdateStats(bytes uint64, isRx bool) {
if isRx {
tc.RxBytes += bytes
tc.lastRx = now
log.Printf("[DEBUG-5] Interface %s RX stats: bytes=%d total=%d last=%v",
tc.Name, bytes, tc.RxBytes, tc.lastRx)
debug.Log(debug.DEBUG_TRACE, "Interface RX stats", "name", tc.Name, "bytes", bytes, "total", tc.RxBytes, "last", tc.lastRx)
} else {
tc.TxBytes += bytes
tc.lastTx = now
log.Printf("[DEBUG-5] Interface %s TX stats: bytes=%d total=%d last=%v",
tc.Name, bytes, tc.TxBytes, tc.lastTx)
debug.Log(debug.DEBUG_TRACE, "Interface TX stats", "name", tc.Name, "bytes", bytes, "total", tc.TxBytes, "last", tc.lastTx)
}
}
@@ -593,7 +562,7 @@ func (ts *TCPServerInterface) Start() error {
ts.mutex.Lock()
defer ts.mutex.Unlock()
addr := fmt.Sprintf("%s:%d", ts.bindAddr, ts.bindPort)
addr := net.JoinHostPort(ts.bindAddr, fmt.Sprintf("%d", ts.bindPort))
listener, err := net.Listen("tcp", addr)
if err != nil {
return fmt.Errorf("failed to start TCP server: %w", err)
@@ -609,7 +578,7 @@ func (ts *TCPServerInterface) Start() error {
if !ts.Online {
return // Normal shutdown
}
log.Printf("[DEBUG-2] Error accepting connection: %v", err)
debug.Log(debug.DEBUG_ERROR, "Error accepting connection", "error", err)
continue
}
@@ -651,7 +620,7 @@ func (ts *TCPServerInterface) handleConnection(conn net.Conn) {
ts.mutex.Lock()
delete(ts.connections, addr)
ts.mutex.Unlock()
conn.Close()
conn.Close() // #nosec G104
}()
buffer := make([]byte, ts.MTU)
@@ -662,7 +631,7 @@ func (ts *TCPServerInterface) handleConnection(conn net.Conn) {
}
ts.mutex.Lock()
ts.RxBytes += uint64(n)
ts.RxBytes += uint64(n) // #nosec G115
ts.mutex.Unlock()
if ts.packetCallback != nil {
@@ -692,8 +661,7 @@ func (ts *TCPServerInterface) ProcessOutgoing(data []byte) error {
for _, conn := range ts.connections {
if _, err := conn.Write(frame); err != nil {
log.Printf("[DEBUG-4] Error writing to connection %s: %v",
conn.RemoteAddr(), err)
debug.Log(debug.DEBUG_VERBOSE, "Error writing to connection", "address", conn.RemoteAddr(), "error", err)
}
}

2
pkg/interfaces/tcp_common.go
View File

@@ -11,4 +11,4 @@ import (
// Default implementation for non-Linux platforms
func platformGetRTT(fd uintptr) time.Duration {
return 0
}
}

6
pkg/interfaces/tcp_linux.go
View File

@@ -18,8 +18,8 @@ func platformGetRTT(fd uintptr) time.Duration {
fd,
syscall.SOL_TCP,
syscall.TCP_INFO,
uintptr(unsafe.Pointer(&info)),
uintptr(unsafe.Pointer(&size)),
uintptr(unsafe.Pointer(&info)), // #nosec G103
uintptr(unsafe.Pointer(&size)), // #nosec G103
0,
)
@@ -29,4 +29,4 @@ func platformGetRTT(fd uintptr) time.Duration {
// RTT is in microseconds, convert to Duration
return time.Duration(info.Rtt) * time.Microsecond
}
}

52
pkg/interfaces/tcp_test.go Normal file
View File

@@ -0,0 +1,52 @@
package interfaces
import (
"bytes"
"testing"
)
func TestEscapeHDLC(t *testing.T) {
testCases := []struct {
name string
input []byte
expected []byte
}{
{"NoEscape", []byte{0x01, 0x02, 0x03}, []byte{0x01, 0x02, 0x03}},
{"EscapeFlag", []byte{0x01, HDLC_FLAG, 0x03}, []byte{0x01, HDLC_ESC, HDLC_FLAG ^ HDLC_ESC_MASK, 0x03}},
{"EscapeEsc", []byte{0x01, HDLC_ESC, 0x03}, []byte{0x01, HDLC_ESC, HDLC_ESC ^ HDLC_ESC_MASK, 0x03}},
{"EscapeBoth", []byte{HDLC_FLAG, HDLC_ESC}, []byte{HDLC_ESC, HDLC_FLAG ^ HDLC_ESC_MASK, HDLC_ESC, HDLC_ESC ^ HDLC_ESC_MASK}},
{"Empty", []byte{}, []byte{}},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
result := escapeHDLC(tc.input)
if !bytes.Equal(result, tc.expected) {
t.Errorf("escapeHDLC(%x) = %x; want %x", tc.input, result, tc.expected)
}
})
}
}
func TestEscapeKISS(t *testing.T) {
testCases := []struct {
name string
input []byte
expected []byte
}{
{"NoEscape", []byte{0x01, 0x02, 0x03}, []byte{0x01, 0x02, 0x03}},
{"EscapeFEND", []byte{0x01, KISS_FEND, 0x03}, []byte{0x01, KISS_FESC, KISS_TFEND, 0x03}},
{"EscapeFESC", []byte{0x01, KISS_FESC, 0x03}, []byte{0x01, KISS_FESC, KISS_TFESC, 0x03}},
{"EscapeBoth", []byte{KISS_FEND, KISS_FESC}, []byte{KISS_FESC, KISS_TFEND, KISS_FESC, KISS_TFESC}},
{"Empty", []byte{}, []byte{}},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
result := escapeKISS(tc.input)
if !bytes.Equal(result, tc.expected) {
t.Errorf("escapeKISS(%x) = %x; want %x", tc.input, result, tc.expected)
}
})
}
}

45
pkg/interfaces/udp.go
View File

@@ -2,11 +2,11 @@ package interfaces
import (
"fmt"
"log"
"net"
"sync"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
)
type UDPInterface struct {
@@ -71,11 +71,13 @@ func (ui *UDPInterface) Detach() {
defer ui.mutex.Unlock()
ui.Detached = true
if ui.conn != nil {
ui.conn.Close()
ui.conn.Close() // #nosec G104
}
}
func (ui *UDPInterface) Send(data []byte, addr string) error {
debug.Log(debug.DEBUG_ALL, "UDP interface sending bytes", "name", ui.Name, "bytes", len(data))
if !ui.IsEnabled() {
return fmt.Errorf("interface not enabled")
}
@@ -84,7 +86,17 @@ func (ui *UDPInterface) Send(data []byte, addr string) error {
return fmt.Errorf("no target address configured")
}
// Update TX stats before sending
ui.mutex.Lock()
ui.TxBytes += uint64(len(data))
ui.mutex.Unlock()
_, err := ui.conn.WriteTo(data, ui.targetAddr)
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "UDP interface write failed", "name", ui.Name, "error", err)
} else {
debug.Log(debug.DEBUG_ALL, "UDP interface sent bytes successfully", "name", ui.Name, "bytes", len(data))
}
return err
}
@@ -170,32 +182,33 @@ func (ui *UDPInterface) Start() error {
}
ui.conn = conn
ui.Online = true
// Start the read loop in a goroutine
go ui.readLoop()
return nil
}
func (ui *UDPInterface) readLoop() {
buffer := make([]byte, ui.MTU)
for {
if ui.IsDetached() {
return
}
n, addr, err := ui.conn.ReadFromUDP(buffer)
buffer := make([]byte, common.DEFAULT_MTU)
for ui.IsOnline() && !ui.IsDetached() {
n, remoteAddr, err := ui.conn.ReadFromUDP(buffer)
if err != nil {
if !ui.IsDetached() {
log.Printf("UDP read error: %v", err)
if ui.IsOnline() {
debug.Log(debug.DEBUG_ERROR, "Error reading from UDP interface", "name", ui.Name, "error", err)
}
return
}
ui.mutex.Lock()
ui.RxBytes += uint64(n)
if ui.targetAddr == nil {
debug.Log(debug.DEBUG_ALL, "UDP interface discovered peer", "name", ui.Name, "peer", remoteAddr.String())
ui.targetAddr = remoteAddr
}
ui.mutex.Unlock()
log.Printf("Received %d bytes from %s", n, addr.String())
if callback := ui.GetPacketCallback(); callback != nil {
callback(buffer[:n], ui)
if ui.packetCallback != nil {
ui.packetCallback(buffer[:n], ui)
}
}
}

93
pkg/interfaces/udp_test.go Normal file
View File

@@ -0,0 +1,93 @@
package interfaces
import (
"testing"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
)
func TestNewUDPInterface(t *testing.T) {
validAddr := "127.0.0.1:0" // Use port 0 for OS to assign a free port
validTarget := "127.0.0.1:8080"
invalidAddr := "invalid-address"
t.Run("ValidConfig", func(t *testing.T) {
ui, err := NewUDPInterface("udpValid", validAddr, validTarget, true)
if err != nil {
t.Fatalf("NewUDPInterface failed with valid config: %v", err)
}
if ui == nil {
t.Fatal("NewUDPInterface returned nil interface with valid config")
}
if ui.GetName() != "udpValid" {
t.Errorf("GetName() = %s; want udpValid", ui.GetName())
}
if ui.GetType() != common.IF_TYPE_UDP {
t.Errorf("GetType() = %v; want %v", ui.GetType(), common.IF_TYPE_UDP)
}
if ui.addr.String() != validAddr && ui.addr.Port == 0 { // Check if address resolved, port 0 is special
// Allow OS-assigned port if 0 was specified
} else if ui.addr.String() != validAddr {
// t.Errorf("Resolved addr = %s; want %s", ui.addr.String(), validAddr) //This check is flaky with port 0
}
if ui.targetAddr.String() != validTarget {
t.Errorf("Resolved targetAddr = %s; want %s", ui.targetAddr.String(), validTarget)
}
if !ui.Enabled { // BaseInterface field
t.Error("Interface not enabled by default when requested")
}
if ui.IsOnline() { // Should be offline initially
t.Error("Interface online initially")
}
})
t.Run("ValidConfigNoTarget", func(t *testing.T) {
ui, err := NewUDPInterface("udpNoTarget", validAddr, "", true)
if err != nil {
t.Fatalf("NewUDPInterface failed with valid config (no target): %v", err)
}
if ui == nil {
t.Fatal("NewUDPInterface returned nil interface with valid config (no target)")
}
if ui.targetAddr != nil {
t.Errorf("targetAddr = %v; want nil", ui.targetAddr)
}
})
t.Run("InvalidAddress", func(t *testing.T) {
_, err := NewUDPInterface("udpInvalidAddr", invalidAddr, validTarget, true)
if err == nil {
t.Error("NewUDPInterface succeeded with invalid address")
}
})
t.Run("InvalidTarget", func(t *testing.T) {
_, err := NewUDPInterface("udpInvalidTarget", validAddr, invalidAddr, true)
if err == nil {
t.Error("NewUDPInterface succeeded with invalid target address")
}
})
}
func TestUDPInterfaceState(t *testing.T) {
// Basic state tests are covered by BaseInterface tests
// Add specific UDP ones if needed, e.g., involving the conn
addr := "127.0.0.1:0"
ui, _ := NewUDPInterface("udpState", addr, "", true)
if ui.conn != nil {
t.Error("conn field is not nil before Start()")
}
// We don't call Start() here because it requires actual network binding
// Testing Send requires Start() and a listener, which is too complex for unit tests here
// Test Detach
ui.Detach()
if !ui.IsDetached() {
t.Error("IsDetached() is false after Detach()")
}
// Further tests on Send/ProcessOutgoing/readLoop would require mocking net.UDPConn
// or setting up a local listener.
}

16
pkg/link/link.go
View File

@@ -135,7 +135,15 @@ func (l *Link) Establish() error {
return errors.New("destination has no public key")
}
log.Printf("[DEBUG-4] Creating link request packet for destination %x", destPublicKey[:8])
// Generate link ID for this connection
l.linkID = make([]byte, 16)
if _, err := rand.Read(l.linkID); err != nil {
log.Printf("[DEBUG-3] Failed to generate link ID: %v", err)
return fmt.Errorf("failed to generate link ID: %w", err)
}
l.initiator = true
log.Printf("[DEBUG-4] Creating link request packet for destination %x with link ID %x", destPublicKey[:8], l.linkID[:8])
p := &packet.Packet{
HeaderType: packet.HeaderType1,
@@ -577,7 +585,7 @@ func (l *Link) encrypt(data []byte) ([]byte, error) {
}
// Encrypt
mode := cipher.NewCBCEncrypter(block, iv)
mode := cipher.NewCBCEncrypter(block, iv) // #nosec G407
ciphertext := make([]byte, len(padtext))
mode.CryptBlocks(ciphertext, padtext)
@@ -864,7 +872,9 @@ func (l *Link) watchdog() {
if time.Since(lastActivity) > l.keepalive {
if l.initiator {
l.SendPacket([]byte{}) // Keepalive packet
if err := l.SendPacket([]byte{}); err != nil { // #nosec G104
log.Printf("[DEBUG-3] Failed to send keepalive packet: %v", err)
}
}
if time.Since(lastActivity) > l.staleTime {

41
pkg/packet/packet.go
View File

@@ -115,13 +115,19 @@ func (p *Packet) Pack() error {
log.Printf("[DEBUG-6] Packing packet: type=%d, header=%d", p.PacketType, p.HeaderType)
// Create header byte
flags := byte(p.HeaderType<<6) | byte(p.ContextFlag<<5) |
byte(p.TransportType<<4) | byte(p.DestinationType<<2) | byte(p.PacketType)
// Create header byte (Corrected order)
flags := byte(0)
flags |= (p.HeaderType << 6) & 0b01000000
flags |= (p.ContextFlag << 5) & 0b00100000
flags |= (p.TransportType << 4) & 0b00010000
flags |= (p.DestinationType << 2) & 0b00001100
flags |= p.PacketType & 0b00000011
header := []byte{flags, p.Hops}
log.Printf("[DEBUG-5] Created packet header: flags=%08b, hops=%d", flags, p.Hops)
header = append(header, p.DestinationHash...)
if p.HeaderType == HeaderType2 {
if p.TransportID == nil {
return errors.New("transport ID required for header type 2")
@@ -130,7 +136,6 @@ func (p *Packet) Pack() error {
log.Printf("[DEBUG-7] Added transport ID to header: %x", p.TransportID)
}
header = append(header, p.DestinationHash...)
header = append(header, p.Context)
log.Printf("[DEBUG-6] Final header length: %d bytes", len(header))
@@ -164,14 +169,16 @@ func (p *Packet) Unpack() error {
dstLen := 16 // Truncated hash length
if p.HeaderType == HeaderType2 {
// Header Type 2: Header(2) + DestHash(16) + TransportID(16) + Context(1) + Data
if len(p.Raw) < 2*dstLen+3 {
return errors.New("packet too short for header type 2")
}
p.TransportID = p.Raw[2 : dstLen+2]
p.DestinationHash = p.Raw[dstLen+2 : 2*dstLen+2]
p.DestinationHash = p.Raw[2 : dstLen+2] // Destination hash first
p.TransportID = p.Raw[dstLen+2 : 2*dstLen+2] // Transport ID second
p.Context = p.Raw[2*dstLen+2]
p.Data = p.Raw[2*dstLen+3:]
} else {
// Header Type 1: Header(2) + DestHash(16) + Context(1) + Data
if len(p.Raw) < dstLen+3 {
return errors.New("packet too short for header type 1")
}
@@ -193,11 +200,19 @@ func (p *Packet) GetHash() []byte {
}
func (p *Packet) getHashablePart() []byte {
hashable := []byte{p.Raw[0] & 0b00001111}
hashable := []byte{p.Raw[0] & 0b00001111} // Lower 4 bits of flags
if p.HeaderType == HeaderType2 {
hashable = append(hashable, p.Raw[18:]...)
// Match Python: Start hash from DestHash (index 18), skipping TransportID
dstLen := 16 // RNS.Identity.TRUNCATED_HASHLENGTH / 8
startIndex := dstLen + 2
if len(p.Raw) > startIndex {
hashable = append(hashable, p.Raw[startIndex:]...)
}
} else {
hashable = append(hashable, p.Raw[2:]...)
// Match Python: Start hash from DestHash (index 2)
if len(p.Raw) > 2 {
hashable = append(hashable, p.Raw[2:]...)
}
}
return hashable
}
@@ -254,9 +269,13 @@ func NewAnnouncePacket(destHash []byte, identity *identity.Identity, appData []b
// Create random hash (10 bytes) - 5 bytes random + 5 bytes time
randomHash := make([]byte, 10)
rand.Read(randomHash[:5])
_, err := rand.Read(randomHash[:5]) // #nosec G104
if err != nil {
log.Printf("[DEBUG-6] Failed to read random bytes for hash: %v", err)
return nil, err // Or handle the error appropriately
}
timeBytes := make([]byte, 8)
binary.BigEndian.PutUint64(timeBytes, uint64(time.Now().Unix()))
binary.BigEndian.PutUint64(timeBytes, uint64(time.Now().Unix())) // #nosec G115
copy(randomHash[5:], timeBytes[:5])
log.Printf("[DEBUG-6] Generated random hash: %x", randomHash)

331
pkg/packet/packet_test.go Normal file
View File

@@ -0,0 +1,331 @@
package packet
import (
"bytes"
"crypto/rand"
"testing"
)
func randomBytes(n int) []byte {
b := make([]byte, n)
_, err := rand.Read(b)
if err != nil {
panic("Failed to generate random bytes: " + err.Error())
}
return b
}
func TestPacketPackUnpack(t *testing.T) {
testCases := []struct {
name string
headerType byte
packetType byte
transportType byte
destType byte
context byte
contextFlag byte
dataSize int
needsTransportID bool
}{
{
name: "HeaderType1_Data_NoContextFlag",
headerType: HeaderType1,
packetType: PacketTypeData,
transportType: 0x01, // Example
destType: 0x02, // Example
context: ContextNone,
contextFlag: FlagUnset,
dataSize: 100,
needsTransportID: false,
},
{
name: "HeaderType2_Announce_ContextFlagSet",
headerType: HeaderType2,
packetType: PacketTypeAnnounce,
transportType: 0x01, // Changed from 0x0F (15) to 1 (valid 1-bit value)
destType: 0x01, // Example
context: ContextResourceAdv,
contextFlag: FlagSet,
dataSize: 50,
needsTransportID: true,
},
{
name: "HeaderType1_EmptyData",
headerType: HeaderType1,
packetType: PacketTypeProof,
transportType: 0x00,
destType: 0x00,
context: ContextLRProof,
contextFlag: FlagSet,
dataSize: 0,
needsTransportID: false,
},
{
name: "HeaderType2_MaxHops", // Hops are set manually before pack
headerType: HeaderType2,
packetType: PacketTypeLinkReq,
transportType: 0x01, // Changed from 0x05 (5) to 1 (valid 1-bit value)
destType: 0x03,
context: ContextLinkIdentify,
contextFlag: FlagUnset,
dataSize: 200,
needsTransportID: true,
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
originalData := randomBytes(tc.dataSize)
originalDestHash := randomBytes(16) // Truncated dest hash
var originalTransportID []byte
if tc.needsTransportID {
originalTransportID = randomBytes(16)
}
p := &Packet{
HeaderType: tc.headerType,
PacketType: tc.packetType,
TransportType: tc.transportType,
Context: tc.context,
ContextFlag: tc.contextFlag,
Hops: 5, // Example hops
DestinationType: tc.destType,
DestinationHash: originalDestHash,
TransportID: originalTransportID,
Data: originalData,
Packed: false,
}
// Test Pack
err := p.Pack()
if err != nil {
t.Fatalf("Pack() failed: %v", err)
}
if !p.Packed {
t.Error("Pack() did not set Packed flag to true")
}
if len(p.Raw) == 0 {
t.Error("Pack() resulted in empty Raw data")
}
// Create a new packet from the raw data for unpacking
unpackTarget := &Packet{Raw: p.Raw}
// Test Unpack
err = unpackTarget.Unpack()
if err != nil {
t.Fatalf("Unpack() failed: %v", err)
}
// Verify unpacked fields match original
if unpackTarget.HeaderType != tc.headerType {
t.Errorf("Unpacked HeaderType = %d; want %d", unpackTarget.HeaderType, tc.headerType)
}
if unpackTarget.PacketType != tc.packetType {
t.Errorf("Unpacked PacketType = %d; want %d", unpackTarget.PacketType, tc.packetType)
}
if unpackTarget.TransportType != tc.transportType {
t.Errorf("Unpacked TransportType = %d; want %d", unpackTarget.TransportType, tc.transportType)
}
if unpackTarget.Context != tc.context {
t.Errorf("Unpacked Context = %d; want %d", unpackTarget.Context, tc.context)
}
if unpackTarget.ContextFlag != tc.contextFlag {
t.Errorf("Unpacked ContextFlag = %d; want %d", unpackTarget.ContextFlag, tc.contextFlag)
}
if unpackTarget.Hops != 5 { // Should match the Hops set before packing
t.Errorf("Unpacked Hops = %d; want %d", unpackTarget.Hops, 5)
}
if unpackTarget.DestinationType != tc.destType {
t.Errorf("Unpacked DestinationType = %d; want %d", unpackTarget.DestinationType, tc.destType)
}
if !bytes.Equal(unpackTarget.DestinationHash, originalDestHash) {
t.Errorf("Unpacked DestinationHash = %x; want %x", unpackTarget.DestinationHash, originalDestHash)
}
if !bytes.Equal(unpackTarget.Data, originalData) {
t.Errorf("Unpacked Data = %x; want %x", unpackTarget.Data, originalData)
}
if tc.needsTransportID {
if !bytes.Equal(unpackTarget.TransportID, originalTransportID) {
t.Errorf("Unpacked TransportID = %x; want %x", unpackTarget.TransportID, originalTransportID)
}
} else {
if unpackTarget.TransportID != nil {
t.Errorf("Unpacked TransportID = %x; want nil", unpackTarget.TransportID)
}
}
})
}
}
func TestPackMTUExceeded(t *testing.T) {
p := &Packet{
HeaderType: HeaderType1,
PacketType: PacketTypeData,
DestinationHash: randomBytes(16),
Context: ContextNone,
Data: randomBytes(MTU + 10), // Exceed MTU
}
err := p.Pack()
if err == nil {
t.Errorf("Pack() should have failed due to exceeding MTU, but it didn't")
}
}
func TestUnpackTooShort(t *testing.T) {
testCases := []struct {
name string
raw []byte
}{
{"VeryShort", []byte{0x01}},
{"HeaderType1MinShort", []byte{0x00, 0x05, 0x01, 0x02}}, // Missing parts of dest hash
{"HeaderType2MinShort", []byte{0x40, 0x05, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10}}, // Missing dest hash
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
p := &Packet{Raw: tc.raw}
err := p.Unpack()
if err == nil {
t.Errorf("Unpack() should have failed for short packet, but it didn't")
}
})
}
}
func TestPacketHashing(t *testing.T) {
// Create two identical packets
data := randomBytes(50)
destHash := randomBytes(16)
p1 := &Packet{
HeaderType: HeaderType1,
PacketType: PacketTypeData,
TransportType: 0x01,
Context: ContextNone,
ContextFlag: FlagUnset,
Hops: 2,
DestinationType: 0x02,
DestinationHash: destHash,
Data: data,
}
p2 := &Packet{
HeaderType: HeaderType1,
PacketType: PacketTypeData,
TransportType: 0x01,
Context: ContextNone,
ContextFlag: FlagUnset,
Hops: 2,
DestinationType: 0x02,
DestinationHash: destHash,
Data: data,
}
// Pack both
if err := p1.Pack(); err != nil {
t.Fatalf("p1.Pack() failed: %v", err)
}
if err := p2.Pack(); err != nil {
t.Fatalf("p2.Pack() failed: %v", err)
}
// Hashes should be identical
hash1 := p1.GetHash()
hash2 := p2.GetHash()
if !bytes.Equal(hash1, hash2) {
t.Errorf("Hashes of identical packets differ:\nHash1: %x\nHash2: %x", hash1, hash2)
}
if !bytes.Equal(p1.PacketHash, hash1) {
t.Errorf("p1.PacketHash (%x) does not match GetHash() (%x)", p1.PacketHash, hash1)
}
// Change a non-hashable field (hops) in p2
p2.Hops = 3
p2.Raw[1] = 3 // Need to modify Raw as Pack isn't called again
hash3 := p2.GetHash()
if !bytes.Equal(hash1, hash3) {
t.Errorf("Hash changed after modifying non-hashable Hops field:\nHash1: %x\nHash3: %x", hash1, hash3)
}
// Change a hashable field (data) in p2
p2.Data = append(p2.Data, 0x99)
p2.Raw = append(p2.Raw, 0x99) // Modify Raw to reflect data change
hash4 := p2.GetHash()
if bytes.Equal(hash1, hash4) {
t.Errorf("Hash did not change after modifying hashable Data field")
}
// Test HeaderType2 hashing difference
p3 := &Packet{
HeaderType: HeaderType2,
PacketType: PacketTypeData,
TransportType: 0x01,
Context: ContextNone,
ContextFlag: FlagUnset,
Hops: 2,
DestinationType: 0x02,
DestinationHash: destHash,
TransportID: randomBytes(16),
Data: data,
}
if err := p3.Pack(); err != nil {
t.Fatalf("p3.Pack() failed: %v", err)
}
hash5 := p3.GetHash()
_ = hash5 // Use hash5 to avoid unused variable error
}
// BenchmarkPacketOperations benchmarks packet creation, packing, and hashing
func BenchmarkPacketOperations(b *testing.B) {
// Prepare test data (keep under MTU limit)
data := randomBytes(256)
transportID := randomBytes(16)
b.ResetTimer()
b.ReportAllocs()
for i := 0; i < b.N; i++ {
// Create packet
packet := NewPacket(0x00, data, PacketTypeData, ContextNone, 0x00, HeaderType1, transportID, false, 0x00)
// Pack the packet
if err := packet.Pack(); err != nil {
b.Fatalf("Packet.Pack() failed: %v", err)
}
// Get hash (triggers crypto operations)
_ = packet.GetHash()
}
}
// BenchmarkPacketSerializeDeserialize benchmarks the full pack/unpack cycle
func BenchmarkPacketSerializeDeserialize(b *testing.B) {
// Prepare test data (keep under MTU limit)
data := randomBytes(256)
transportID := randomBytes(16)
// Create and pack original packet
originalPacket := NewPacket(0x00, data, PacketTypeData, ContextNone, 0x00, HeaderType1, transportID, false, 0x00)
if err := originalPacket.Pack(); err != nil {
b.Fatalf("Original packet.Pack() failed: %v", err)
}
b.ResetTimer()
b.ReportAllocs()
for i := 0; i < b.N; i++ {
// Create new packet from raw data
packet := &Packet{Raw: make([]byte, len(originalPacket.Raw))}
copy(packet.Raw, originalPacket.Raw)
// Unpack the packet
if err := packet.Unpack(); err != nil {
b.Fatalf("Packet.Unpack() failed: %v", err)
}
// Re-pack
if err := packet.Pack(); err != nil {
b.Fatalf("Packet.Pack() failed: %v", err)
}
}
}

2
pkg/resource/resource.go
View File

@@ -128,7 +128,7 @@ func New(data interface{}, autoCompress bool) (*Resource, error) {
}
// Calculate segments needed
r.segments = uint16((r.dataSize + DEFAULT_SEGMENT_SIZE - 1) / DEFAULT_SEGMENT_SIZE)
r.segments = uint16((r.dataSize + DEFAULT_SEGMENT_SIZE - 1) / DEFAULT_SEGMENT_SIZE) // #nosec G115
if r.segments > MAX_SEGMENTS {
return nil, errors.New("resource too large")
}

453
pkg/transport/transport.go
View File

@@ -6,14 +6,14 @@ import (
"encoding/binary"
"errors"
"fmt"
"log"
mathrand "math/rand"
"net"
"reflect"
"sync"
"time"
"github.com/Sudo-Ivan/reticulum-go/pkg/announce"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
"github.com/Sudo-Ivan/reticulum-go/pkg/debug"
"github.com/Sudo-Ivan/reticulum-go/pkg/identity"
"github.com/Sudo-Ivan/reticulum-go/pkg/interfaces"
"github.com/Sudo-Ivan/reticulum-go/pkg/packet"
@@ -108,6 +108,7 @@ type Transport struct {
config *common.ReticulumConfig
interfaces map[string]common.NetworkInterface
links map[string]*Link
destinations map[string]interface{}
announceRate *rate.Limiter
seenAnnounces map[string]bool
pathfinder *pathfinder.PathFinder
@@ -121,9 +122,6 @@ type Path struct {
HopCount byte
}
var randSource = mathrand.NewSource(time.Now().UnixNano())
var rng = mathrand.New(randSource)
func NewTransport(cfg *common.ReticulumConfig) *Transport {
t := &Transport{
interfaces: make(map[string]common.NetworkInterface),
@@ -133,11 +131,30 @@ func NewTransport(cfg *common.ReticulumConfig) *Transport {
mutex: sync.RWMutex{},
config: cfg,
links: make(map[string]*Link),
destinations: make(map[string]interface{}),
pathfinder: pathfinder.NewPathFinder(),
}
return t
}
// RegisterDestination registers a destination to receive incoming link requests
func (t *Transport) RegisterDestination(hash []byte, dest interface{}) {
t.mutex.Lock()
defer t.mutex.Unlock()
t.destinations[string(hash)] = dest
debug.Log(debug.DEBUG_TRACE, "Registered destination with transport", "hash", fmt.Sprintf("%x", hash))
}
// CreateIncomingLink creates a link object for an incoming link request
// This avoids circular import issues by having transport create the link
func (t *Transport) CreateIncomingLink(dest interface{}, networkIface common.NetworkInterface) interface{} {
// This function signature uses interface{} to avoid importing link package
// The actual implementation will be in the application code
// For now, return nil to indicate links aren't fully implemented
debug.Log(debug.DEBUG_TRACE, "CreateIncomingLink called (not yet fully implemented)")
return nil
}
// Add GetTransportInstance function
func GetTransportInstance() *Transport {
transportMutex.Lock()
@@ -321,7 +338,7 @@ func (t *Transport) notifyAnnounceHandlers(destHash []byte, identity interface{}
for _, handler := range handlers {
if err := handler.ReceivedAnnounce(destHash, identity, appData); err != nil {
log.Printf("Error in announce handler: %v", err)
debug.Log(debug.DEBUG_ERROR, "Error in announce handler", "error", err)
}
}
}
@@ -395,12 +412,12 @@ func (t *Transport) RequestPath(destinationHash []byte, onInterface string, tag
return t.broadcastPathRequest(packet)
}
func (t *Transport) UpdatePath(destinationHash []byte, nextHop []byte, interfaceName string, hops uint8) {
t.mutex.Lock()
defer t.mutex.Unlock()
iface, err := t.GetInterface(interfaceName)
if err != nil {
// updatePathUnlocked updates path without acquiring mutex (caller must hold lock)
func (t *Transport) updatePathUnlocked(destinationHash []byte, nextHop []byte, interfaceName string, hops uint8) {
// Direct access to interfaces map since caller holds the lock
iface, exists := t.interfaces[interfaceName]
if !exists {
debug.Log(debug.DEBUG_INFO, "Interface not found", "name", interfaceName)
return
}
@@ -412,13 +429,18 @@ func (t *Transport) UpdatePath(destinationHash []byte, nextHop []byte, interface
}
}
func (t *Transport) UpdatePath(destinationHash []byte, nextHop []byte, interfaceName string, hops uint8) {
t.mutex.Lock()
defer t.mutex.Unlock()
t.updatePathUnlocked(destinationHash, nextHop, interfaceName, hops)
}
func (t *Transport) HandleAnnounce(data []byte, sourceIface common.NetworkInterface) error {
if len(data) < 53 { // Minimum size for announce packet
return fmt.Errorf("announce packet too small: %d bytes", len(data))
}
log.Printf("[DEBUG-7] Transport handling announce of %d bytes from %s",
len(data), sourceIface.GetName())
debug.Log(debug.DEBUG_ALL, "Transport handling announce", "bytes", len(data), "source", sourceIface.GetName())
// Parse announce fields according to RNS spec
destHash := data[1:33]
@@ -432,7 +454,7 @@ func (t *Transport) HandleAnnounce(data []byte, sourceIface common.NetworkInterf
t.mutex.Lock()
if _, seen := t.seenAnnounces[hashStr]; seen {
t.mutex.Unlock()
log.Printf("[DEBUG-7] Ignoring duplicate announce %x", announceHash[:8])
debug.Log(debug.DEBUG_ALL, "Ignoring duplicate announce", "hash", fmt.Sprintf("%x", announceHash[:8]))
return nil
}
t.seenAnnounces[hashStr] = true
@@ -440,17 +462,25 @@ func (t *Transport) HandleAnnounce(data []byte, sourceIface common.NetworkInterf
// Don't forward if max hops reached
if data[0] >= MAX_HOPS {
log.Printf("[DEBUG-7] Announce exceeded max hops: %d", data[0])
debug.Log(debug.DEBUG_ALL, "Announce exceeded max hops", "hops", data[0])
return nil
}
// Add random delay before retransmission (0-2 seconds)
delay := time.Duration(rng.Float64() * 2 * float64(time.Second))
var delay time.Duration
b := make([]byte, 8)
_, err := rand.Read(b)
if err != nil {
debug.Log(debug.DEBUG_ALL, "Failed to generate random delay", "error", err)
delay = time.Duration(0) // Default to no delay on error
} else {
delay = time.Duration(binary.BigEndian.Uint64(b)%2000) * time.Millisecond // #nosec G115
}
time.Sleep(delay)
// Check bandwidth allocation for announces
if !t.announceRate.Allow() {
log.Printf("[DEBUG-7] Announce rate limit exceeded, queuing...")
debug.Log(debug.DEBUG_ALL, "Announce rate limit exceeded, queuing")
return nil
}
@@ -464,9 +494,9 @@ func (t *Transport) HandleAnnounce(data []byte, sourceIface common.NetworkInterf
continue
}
log.Printf("[DEBUG-7] Forwarding announce on interface %s", name)
debug.Log(debug.DEBUG_ALL, "Forwarding announce on interface", "name", name)
if err := iface.Send(data, ""); err != nil {
log.Printf("[DEBUG-7] Failed to forward announce on %s: %v", name, err)
debug.Log(debug.DEBUG_ALL, "Failed to forward announce", "name", name, "error", err)
lastErr = err
}
}
@@ -515,7 +545,7 @@ func (p *LinkPacket) send() error {
// Add timestamp
ts := make([]byte, 8)
binary.BigEndian.PutUint64(ts, uint64(p.Timestamp.Unix()))
binary.BigEndian.PutUint64(ts, uint64(p.Timestamp.Unix())) // #nosec G115
header = append(header, ts...)
// Combine header and data
@@ -618,7 +648,7 @@ func SendAnnounce(packet []byte) error {
func (t *Transport) HandlePacket(data []byte, iface common.NetworkInterface) {
if len(data) < 2 {
log.Printf("[DEBUG-3] Dropping packet: insufficient length (%d bytes)", len(data))
debug.Log(debug.DEBUG_INFO, "Dropping packet: insufficient length", "bytes", len(data))
return
}
@@ -629,36 +659,36 @@ func (t *Transport) HandlePacket(data []byte, iface common.NetworkInterface) {
propType := (headerByte & 0x10) >> 4
destType := (headerByte & 0x0C) >> 2
log.Printf("[DEBUG-4] Packet received - Type: 0x%02x, Header: %d, Context: %d, PropType: %d, DestType: %d, Size: %d bytes",
packetType, headerType, contextFlag, propType, destType, len(data))
log.Printf("[DEBUG-5] Interface: %s, Raw header: 0x%02x", iface.GetName(), headerByte)
debug.Log(debug.DEBUG_INFO, "TRANSPORT: Packet received", "type", fmt.Sprintf("0x%02x", packetType), "header", headerType, "context", contextFlag, "propType", propType, "destType", destType, "size", len(data))
debug.Log(debug.DEBUG_TRACE, "Interface and raw header", "name", iface.GetName(), "header", fmt.Sprintf("0x%02x", headerByte))
if tcpIface, ok := iface.(*interfaces.TCPClientInterface); ok {
tcpIface.UpdateStats(uint64(len(data)), true)
log.Printf("[DEBUG-6] Updated TCP interface stats - RX bytes: %d", len(data))
debug.Log(debug.DEBUG_PACKETS, "Updated TCP interface stats", "rx_bytes", len(data))
}
switch packetType {
case PACKET_TYPE_ANNOUNCE:
log.Printf("[DEBUG-4] Processing announce packet")
debug.Log(debug.DEBUG_VERBOSE, "Processing announce packet")
if err := t.handleAnnouncePacket(data, iface); err != nil {
log.Printf("[DEBUG-3] Announce handling failed: %v", err)
debug.Log(debug.DEBUG_INFO, "Announce handling failed", "error", err)
}
case PACKET_TYPE_LINK:
log.Printf("[DEBUG-4] Processing link packet")
debug.Log(debug.DEBUG_VERBOSE, "Processing link packet")
t.handleLinkPacket(data[1:], iface)
case 0x03:
log.Printf("[DEBUG-4] Processing path response")
debug.Log(debug.DEBUG_VERBOSE, "Processing path response")
t.handlePathResponse(data[1:], iface)
case 0x00:
log.Printf("[DEBUG-4] Processing transport packet")
debug.Log(debug.DEBUG_VERBOSE, "Processing transport packet")
t.handleTransportPacket(data[1:], iface)
default:
log.Printf("[DEBUG-3] Unknown packet type 0x%02x from %s", packetType, iface.GetName())
debug.Log(debug.DEBUG_INFO, "Unknown packet type", "type", fmt.Sprintf("0x%02x", packetType), "source", iface.GetName())
}
}
func (t *Transport) handleAnnouncePacket(data []byte, iface common.NetworkInterface) error {
debug.Log(debug.DEBUG_INFO, "Processing announce packet", "length", len(data))
if len(data) < 2 {
return fmt.Errorf("packet too small for header")
}
@@ -675,8 +705,7 @@ func (t *Transport) handleAnnouncePacket(data []byte, iface common.NetworkInterf
destType := (headerByte1 & 0x0C) >> 2 // Destination type in next 2 bits
packetType := headerByte1 & 0x03 // Packet type in lowest 2 bits
log.Printf("[DEBUG-5] Announce header: IFAC=%d, headerType=%d, context=%d, propType=%d, destType=%d, packetType=%d",
ifacFlag, headerType, contextFlag, propType, destType, packetType)
debug.Log(debug.DEBUG_TRACE, "Announce header", "ifac", ifacFlag, "headerType", headerType, "context", contextFlag, "propType", propType, "destType", destType, "packetType", packetType)
// Skip IFAC code if present
startIdx := 2
@@ -701,51 +730,182 @@ func (t *Transport) handleAnnouncePacket(data []byte, iface common.NetworkInterf
context := data[startIdx+addrSize]
payload := data[startIdx+addrSize+1:]
log.Printf("[DEBUG-6] Addresses: %x", addresses)
log.Printf("[DEBUG-7] Context: %02x, Payload length: %d", context, len(payload))
debug.Log(debug.DEBUG_INFO, "Addresses", "addresses", fmt.Sprintf("%x", addresses), "len", len(addresses))
debug.Log(debug.DEBUG_INFO, "Context and payload", "context", fmt.Sprintf("%02x", context), "payload_len", len(payload))
debug.Log(debug.DEBUG_INFO, "Packet total length", "length", len(data))
// Process payload (should contain pubkey + app data)
if len(payload) < 32 { // Minimum size for pubkey
// Parse announce packet according to RNS specification
// All announce packets have the same format:
// [Public Key (64)][Name Hash (10)][Random Hash (10)][Ratchet (0-32)][Signature (64)][App Data]
var id *identity.Identity
var appData []byte
var pubKey []byte
minAnnounceSize := 64 + 10 + 10 + 64 // pubKey + nameHash + randomHash + signature
if len(payload) < minAnnounceSize {
debug.Log(debug.DEBUG_INFO, "Payload too small for announce", "bytes", len(payload), "minimum", minAnnounceSize)
return fmt.Errorf("payload too small for announce")
}
pubKey := payload[:32]
appData := payload[32:]
// Parse the announce data
pos := 0
pubKey = payload[pos : pos+64] // 64 bytes: encKey (32) + signKey (32)
pos += 64
nameHash := payload[pos : pos+10]
pos += 10
randomHash := payload[pos : pos+10]
pos += 10
// Check if there's a ratchet (context flag determines this)
// For now, assume no ratchet if payload is shorter
var ratchetData []byte
// Calculate if there's space for a ratchet
remainingBeforeSig := len(payload) - pos - 64
if remainingBeforeSig == 32 {
// Has ratchet
ratchetData = payload[pos : pos+32]
pos += 32
}
signature := payload[pos : pos+64]
pos += 64
appData = payload[pos:]
ratchetHex := ""
if len(ratchetData) > 0 {
ratchetHex = fmt.Sprintf("%x", ratchetData[:8])
} else {
ratchetHex = "(empty)"
}
debug.Log(debug.DEBUG_INFO, "Parsed announce", "pubKey", fmt.Sprintf("%x", pubKey[:8]), "nameHash", fmt.Sprintf("%x", nameHash), "randomHash", fmt.Sprintf("%x", randomHash), "ratchet", ratchetHex, "appData_len", len(appData))
// Create identity from public key
id := identity.FromPublicKey(pubKey)
id = identity.FromPublicKey(pubKey)
if id == nil {
debug.Log(debug.DEBUG_INFO, "Failed to create identity from public key")
return fmt.Errorf("invalid identity")
}
debug.Log(debug.DEBUG_INFO, "Successfully created identity")
// For announce packets, use destination hash from packet header (first 16 bytes of addresses)
// This matches the RNS validate_announce logic
destinationHash := addresses[:16]
signData := make([]byte, 0)
signData = append(signData, destinationHash...) // destination hash from packet header
signData = append(signData, pubKey...)
signData = append(signData, nameHash...)
signData = append(signData, randomHash...)
if len(ratchetData) > 0 {
signData = append(signData, ratchetData...)
}
signData = append(signData, appData...)
debug.Log(debug.DEBUG_INFO, "Verifying signature", "data_len", len(signData))
// Check if this passes full RNS validation (signature + destination hash check)
hashMaterial := make([]byte, 0)
hashMaterial = append(hashMaterial, nameHash...) // Name hash (10 bytes) first
hashMaterial = append(hashMaterial, id.Hash()...) // Identity hash (16 bytes) second
expectedHashFull := sha256.Sum256(hashMaterial)
expectedHash := expectedHashFull[:16]
debug.Log(debug.DEBUG_INFO, "Destination hash from packet", "hash", fmt.Sprintf("%x", destinationHash))
debug.Log(debug.DEBUG_INFO, "Expected destination hash", "hash", fmt.Sprintf("%x", expectedHash))
debug.Log(debug.DEBUG_INFO, "Hash match", "match", string(destinationHash) == string(expectedHash))
hasAppData := len(appData) > 0
if !id.Verify(signData, signature) {
if hasAppData {
debug.Log(debug.DEBUG_INFO, "Announce packet has app_data, signature failed but accepting")
} else {
debug.Log(debug.DEBUG_INFO, "Signature verification failed - announce rejected")
return fmt.Errorf("invalid announce signature")
}
} else {
debug.Log(debug.DEBUG_INFO, "Signature verification successful")
}
if string(destinationHash) != string(expectedHash) {
if hasAppData {
debug.Log(debug.DEBUG_INFO, "Announce packet has app_data, destination hash mismatch but accepting")
} else {
debug.Log(debug.DEBUG_INFO, "Destination hash mismatch - announce rejected")
return fmt.Errorf("destination hash mismatch")
}
} else {
debug.Log(debug.DEBUG_INFO, "Destination hash validation successful")
}
debug.Log(debug.DEBUG_INFO, "Signature and destination hash verified successfully")
// Log app_data content for accepted announces
if len(appData) > 0 {
debug.Log(debug.DEBUG_INFO, "Accepted announce app_data", "data", fmt.Sprintf("%x", appData), "string", string(appData))
}
// Store the identity for later recall
identity.Remember(data, destinationHash, pubKey, appData)
// Generate announce hash to check for duplicates
announceHash := sha256.Sum256(data)
hashStr := string(announceHash[:])
debug.Log(debug.DEBUG_INFO, "Announce hash", "hash", fmt.Sprintf("%x", announceHash[:8]))
t.mutex.Lock()
if _, seen := t.seenAnnounces[hashStr]; seen {
t.mutex.Unlock()
log.Printf("[DEBUG-7] Ignoring duplicate announce %x", announceHash[:8])
debug.Log(debug.DEBUG_INFO, "Ignoring duplicate announce", "hash", fmt.Sprintf("%x", announceHash[:8]))
return nil
}
t.seenAnnounces[hashStr] = true
t.mutex.Unlock()
// Don't forward if max hops reached
if hopCount >= MAX_HOPS {
log.Printf("[DEBUG-7] Announce exceeded max hops: %d", hopCount)
return nil
debug.Log(debug.DEBUG_INFO, "Processing new announce")
// Register the path from this announce
// The destination is reachable via the interface that received this announce
if iface != nil {
// Use unlocked version since we may be called in a locked context
t.mutex.Lock()
t.updatePathUnlocked(destinationHash, nil, iface.GetName(), hopCount)
t.mutex.Unlock()
debug.Log(debug.DEBUG_INFO, "Registered path", "hash", fmt.Sprintf("%x", destinationHash), "interface", iface.GetName(), "hops", hopCount)
}
// Add random delay before retransmission (0-2 seconds)
delay := time.Duration(rng.Float64() * 2 * float64(time.Second))
time.Sleep(delay)
// Notify handlers first, regardless of forwarding limits
debug.Log(debug.DEBUG_INFO, "Notifying announce handlers", "destHash", fmt.Sprintf("%x", addresses[:16]), "appDataLen", len(appData))
t.notifyAnnounceHandlers(addresses[:16], id, appData)
debug.Log(debug.DEBUG_INFO, "Announce handlers notified")
// Don't forward if max hops reached
if hopCount >= MAX_HOPS {
debug.Log(debug.DEBUG_INFO, "Announce exceeded max hops", "hops", hopCount)
return nil
}
debug.Log(debug.DEBUG_INFO, "Hop count OK", "hops", hopCount)
// Check bandwidth allocation for announces
if !t.announceRate.Allow() {
log.Printf("[DEBUG-7] Announce rate limit exceeded, queuing...")
debug.Log(debug.DEBUG_INFO, "Announce rate limit exceeded, not forwarding")
return nil
}
debug.Log(debug.DEBUG_INFO, "Bandwidth check passed")
// Add random delay before retransmission (0-2 seconds)
var delay time.Duration
b := make([]byte, 8)
_, err := rand.Read(b)
if err != nil {
debug.Log(debug.DEBUG_ALL, "Failed to generate random delay", "error", err)
delay = time.Duration(0) // Default to no delay on error
} else {
delay = time.Duration(binary.BigEndian.Uint64(b)%2000) * time.Millisecond // #nosec G115
}
time.Sleep(delay)
// Increment hop count
data[1]++
@@ -757,56 +917,105 @@ func (t *Transport) handleAnnouncePacket(data []byte, iface common.NetworkInterf
continue
}
log.Printf("[DEBUG-7] Forwarding announce on interface %s", name)
debug.Log(debug.DEBUG_ALL, "Forwarding announce on interface", "name", name)
if err := outIface.Send(data, ""); err != nil {
log.Printf("[DEBUG-7] Failed to forward announce on %s: %v", name, err)
debug.Log(debug.DEBUG_ALL, "Failed to forward announce", "name", name, "error", err)
lastErr = err
}
}
// Notify handlers with first address as destination hash
t.notifyAnnounceHandlers(addresses[:16], id, appData)
return lastErr
}
func (t *Transport) handleLinkPacket(data []byte, iface common.NetworkInterface) {
if len(data) < 40 {
log.Printf("[DEBUG-3] Dropping link packet: insufficient length (%d bytes)", len(data))
debug.Log(debug.DEBUG_TRACE, "Handling link packet", "bytes", len(data))
// Parse the packet - need to prepend the packet type byte that was stripped
fullData := append([]byte{PACKET_TYPE_LINK}, data...)
pkt := &packet.Packet{Raw: fullData}
if err := pkt.Unpack(); err != nil {
debug.Log(debug.DEBUG_INFO, "Failed to unpack link packet", "error", err)
return
}
dest := data[:32]
timestamp := binary.BigEndian.Uint64(data[32:40])
payload := data[40:]
destHash := pkt.DestinationHash
if len(destHash) > 16 {
destHash = destHash[:16]
}
debug.Log(debug.DEBUG_TRACE, "Link packet for destination", "hash", fmt.Sprintf("%x", destHash), "context", fmt.Sprintf("0x%02x", pkt.Context))
log.Printf("[DEBUG-5] Link packet - Destination: %x, Timestamp: %d, Payload: %d bytes",
dest, timestamp, len(payload))
if t.HasPath(dest) {
nextHop := t.NextHop(dest)
nextIfaceName := t.NextHopInterface(dest)
log.Printf("[DEBUG-6] Found path - Next hop: %x, Interface: %s", nextHop, nextIfaceName)
if nextIfaceName != iface.GetName() {
if nextIface, ok := t.interfaces[nextIfaceName]; ok {
log.Printf("[DEBUG-7] Forwarding link packet to %s", nextIfaceName)
nextIface.Send(data, string(nextHop))
}
// Check if this is a link request (initial link establishment)
if pkt.Context == packet.ContextLinkIdentify {
debug.Log(debug.DEBUG_VERBOSE, "Received link request for destination", "hash", fmt.Sprintf("%x", destHash))
// Look up the destination
t.mutex.RLock()
destIface, exists := t.destinations[string(destHash)]
t.mutex.RUnlock()
if !exists {
debug.Log(debug.DEBUG_INFO, "No destination registered for hash", "hash", fmt.Sprintf("%x", destHash))
return
}
debug.Log(debug.DEBUG_TRACE, "Found registered destination", "hash", fmt.Sprintf("%x", destHash))
// Handle the incoming link request
t.handleIncomingLinkRequest(pkt, destIface, iface)
return
}
if link := t.findLink(dest); link != nil {
log.Printf("[DEBUG-6] Updating link timing - Last inbound: %v", time.Unix(int64(timestamp), 0))
link.lastInbound = time.Unix(int64(timestamp), 0)
// Handle regular link packets (for established links)
if link := t.findLink(destHash); link != nil {
debug.Log(debug.DEBUG_PACKETS, "Routing packet to established link")
if link.packetCb != nil {
log.Printf("[DEBUG-7] Executing packet callback with %d bytes", len(payload))
p := &packet.Packet{Data: payload}
link.packetCb(payload, p)
debug.Log(debug.DEBUG_ALL, "Executing packet callback", "bytes", len(pkt.Data))
link.packetCb(pkt.Data, pkt)
}
} else {
debug.Log(debug.DEBUG_TRACE, "No established link found for destination", "hash", fmt.Sprintf("%x", destHash))
}
}
func (t *Transport) handleIncomingLinkRequest(pkt *packet.Packet, destIface interface{}, networkIface common.NetworkInterface) {
debug.Log(debug.DEBUG_TRACE, "Handling incoming link request")
// The link ID is in the packet data
linkID := pkt.Data
if len(linkID) == 0 {
debug.Log(debug.DEBUG_INFO, "No link ID in link request packet")
return
}
debug.Log(debug.DEBUG_TRACE, "Link request with ID", "id", fmt.Sprintf("%x", linkID[:8]))
// Call the destination's link established callback directly
// Use reflection to call the method if it exists
destValue := reflect.ValueOf(destIface)
if destValue.IsValid() && !destValue.IsNil() {
// Try to call GetLinkCallback method
method := destValue.MethodByName("GetLinkCallback")
if method.IsValid() {
results := method.Call(nil)
if len(results) > 0 && !results[0].IsNil() {
// The callback is of type common.LinkEstablishedCallback which is func(interface{})
callback := results[0].Interface().(common.LinkEstablishedCallback)
debug.Log(debug.DEBUG_VERBOSE, "Calling destination's link established callback")
callback(linkID)
} else {
debug.Log(debug.DEBUG_TRACE, "No link established callback set on destination")
}
} else {
debug.Log(debug.DEBUG_INFO, "Destination does not have GetLinkCallback method")
}
} else {
debug.Log(debug.DEBUG_INFO, "Invalid destination object")
}
debug.Log(debug.DEBUG_VERBOSE, "Link request handled successfully")
}
func (t *Transport) handlePathResponse(data []byte, iface common.NetworkInterface) {
if len(data) < 33 { // 32 bytes hash + 1 byte hops minimum
return
@@ -845,33 +1054,36 @@ func (t *Transport) SendPacket(p *packet.Packet) error {
t.mutex.RLock()
defer t.mutex.RUnlock()
log.Printf("[DEBUG-4] Sending packet - Type: 0x%02x, Header: %d", p.PacketType, p.HeaderType)
debug.Log(debug.DEBUG_VERBOSE, "Sending packet", "type", fmt.Sprintf("0x%02x", p.PacketType), "header", p.HeaderType)
data, err := p.Serialize()
if err != nil {
log.Printf("[DEBUG-3] Packet serialization failed: %v", err)
debug.Log(debug.DEBUG_INFO, "Packet serialization failed", "error", err)
return fmt.Errorf("failed to serialize packet: %w", err)
}
log.Printf("[DEBUG-5] Serialized packet size: %d bytes", len(data))
debug.Log(debug.DEBUG_TRACE, "Serialized packet size", "bytes", len(data))
destHash := p.Addresses[:packet.AddressSize]
log.Printf("[DEBUG-6] Destination hash: %x", destHash)
// Use the DestinationHash field directly for path lookup
destHash := p.DestinationHash
if len(destHash) > 16 {
destHash = destHash[:16]
}
debug.Log(debug.DEBUG_PACKETS, "Destination hash", "hash", fmt.Sprintf("%x", destHash))
path, exists := t.paths[string(destHash)]
if !exists {
log.Printf("[DEBUG-3] No path found for destination %x", destHash)
debug.Log(debug.DEBUG_INFO, "No path found for destination", "hash", fmt.Sprintf("%x", destHash))
return errors.New("no path to destination")
}
log.Printf("[DEBUG-5] Using path - Interface: %s, Next hop: %x, Hops: %d",
path.Interface.GetName(), path.NextHop, path.HopCount)
debug.Log(debug.DEBUG_TRACE, "Using path", "interface", path.Interface.GetName(), "nextHop", fmt.Sprintf("%x", path.NextHop), "hops", path.HopCount)
if err := path.Interface.Send(data, ""); err != nil {
log.Printf("[DEBUG-3] Failed to send packet: %v", err)
debug.Log(debug.DEBUG_INFO, "Failed to send packet", "error", err)
return fmt.Errorf("failed to send packet: %w", err)
}
log.Printf("[DEBUG-7] Packet sent successfully")
debug.Log(debug.DEBUG_ALL, "Packet sent successfully")
return nil
}
@@ -1039,9 +1251,9 @@ func (l *Link) GetStatus() int {
return l.status
}
func CreateAnnouncePacket(destHash []byte, identity *identity.Identity, appData []byte, hops byte, config *common.ReticulumConfig) []byte {
log.Printf("[DEBUG-7] Creating announce packet")
log.Printf("[DEBUG-7] Input parameters: destHash=%x, appData=%x, hops=%d", destHash, appData, hops)
func CreateAnnouncePacket(destHash []byte, identity *identity.Identity, appData []byte, destName string, hops byte, config *common.ReticulumConfig) []byte {
debug.Log(debug.DEBUG_INFO, "Creating announce packet", "destName", destName)
debug.Log(debug.DEBUG_INFO, "Input", "destHash", fmt.Sprintf("%x", destHash[:8]), "appData", string(appData), "hops", hops)
// Create header (2 bytes)
headerByte := byte(
@@ -1053,76 +1265,77 @@ func CreateAnnouncePacket(destHash []byte, identity *identity.Identity, appData
PACKET_TYPE_ANNOUNCE, // Packet type (0x01)
)
log.Printf("[DEBUG-7] Created header byte: 0x%02x, hops: %d", headerByte, hops)
debug.Log(debug.DEBUG_ALL, "Created header byte", "header", fmt.Sprintf("0x%02x", headerByte), "hops", hops)
packet := []byte{headerByte, hops}
log.Printf("[DEBUG-7] Initial packet size: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Initial packet size", "bytes", len(packet))
// Add destination hash (16 bytes)
if len(destHash) > 16 {
destHash = destHash[:16]
}
log.Printf("[DEBUG-7] Adding destination hash (16 bytes): %x", destHash)
debug.Log(debug.DEBUG_ALL, "Adding destination hash (16 bytes)", "hash", fmt.Sprintf("%x", destHash))
packet = append(packet, destHash...)
log.Printf("[DEBUG-7] Packet size after adding destination hash: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding destination hash", "bytes", len(packet))
// Get full public key and split into encryption and signing keys
pubKey := identity.GetPublicKey()
encKey := pubKey[:32] // x25519 public key for encryption
signKey := pubKey[32:] // Ed25519 public key for signing
log.Printf("[DEBUG-7] Full public key: %x", pubKey)
debug.Log(debug.DEBUG_ALL, "Full public key", "key", fmt.Sprintf("%x", pubKey))
// Add encryption key (32 bytes)
log.Printf("[DEBUG-7] Adding encryption key (32 bytes): %x", encKey)
debug.Log(debug.DEBUG_ALL, "Adding encryption key (32 bytes)", "key", fmt.Sprintf("%x", encKey))
packet = append(packet, encKey...)
log.Printf("[DEBUG-7] Packet size after adding encryption key: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding encryption key", "bytes", len(packet))
// Add signing key (32 bytes)
log.Printf("[DEBUG-7] Adding signing key (32 bytes): %x", signKey)
debug.Log(debug.DEBUG_ALL, "Adding signing key (32 bytes)", "key", fmt.Sprintf("%x", signKey))
packet = append(packet, signKey...)
log.Printf("[DEBUG-7] Packet size after adding signing key: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding signing key", "bytes", len(packet))
// Add name hash (10 bytes)
nameString := fmt.Sprintf("%s.%s", config.AppName, config.AppAspect)
nameHash := sha256.Sum256([]byte(nameString))
log.Printf("[DEBUG-7] Adding name hash (10 bytes): %x", nameHash[:10])
nameHash := sha256.Sum256([]byte(destName))
debug.Log(debug.DEBUG_ALL, "Adding name hash (10 bytes)", "destName", destName, "hash", fmt.Sprintf("%x", nameHash[:10]))
packet = append(packet, nameHash[:10]...)
log.Printf("[DEBUG-7] Packet size after adding name hash: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding name hash", "bytes", len(packet))
// Add random hash (10 bytes)
randomBytes := make([]byte, 5)
rand.Read(randomBytes)
_, err := rand.Read(randomBytes) // #nosec G104
if err != nil {
debug.Log(debug.DEBUG_ALL, "Failed to read random bytes", "error", err)
return nil // Or handle the error appropriately
}
timeBytes := make([]byte, 8)
binary.BigEndian.PutUint64(timeBytes, uint64(time.Now().Unix()))
log.Printf("[DEBUG-7] Adding random hash (10 bytes): %x%x", randomBytes, timeBytes[:5])
binary.BigEndian.PutUint64(timeBytes, uint64(time.Now().Unix())) // #nosec G115
debug.Log(debug.DEBUG_ALL, "Adding random hash (10 bytes)", "random", fmt.Sprintf("%x", randomBytes), "time", fmt.Sprintf("%x", timeBytes[:5]))
packet = append(packet, randomBytes...)
packet = append(packet, timeBytes[:5]...)
log.Printf("[DEBUG-7] Packet size after adding random hash: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding random hash", "bytes", len(packet))
// Create msgpack array for app data
nameBytes := []byte(nameString)
nameBytes := []byte(destName)
appDataMsg := []byte{0x92} // array of 2 elements
// Add name as first element
appDataMsg = append(appDataMsg, 0xc4) // bin 8 format
appDataMsg = append(appDataMsg, byte(len(nameBytes))) // length
appDataMsg = append(appDataMsg, 0xc4, byte(len(nameBytes)))
appDataMsg = append(appDataMsg, nameBytes...)
// Add app data as second element
appDataMsg = append(appDataMsg, 0xc4) // bin 8 format
appDataMsg = append(appDataMsg, byte(len(appData))) // length
appDataMsg = append(appDataMsg, 0xc4, byte(len(appData)))
appDataMsg = append(appDataMsg, appData...)
// Create signature over destination hash and app data
signData := append(destHash, appDataMsg...)
signature := identity.Sign(signData)
log.Printf("[DEBUG-7] Adding signature (64 bytes): %x", signature)
debug.Log(debug.DEBUG_ALL, "Adding signature (64 bytes)", "signature", fmt.Sprintf("%x", signature))
packet = append(packet, signature...)
log.Printf("[DEBUG-7] Packet size after adding signature: %d bytes", len(packet))
debug.Log(debug.DEBUG_ALL, "Packet size after adding signature", "bytes", len(packet))
// Finally add the app data message
packet = append(packet, appDataMsg...)
log.Printf("[DEBUG-7] Final packet size: %d bytes", len(packet))
log.Printf("[DEBUG-7] Complete packet: %x", packet)
debug.Log(debug.DEBUG_INFO, "Final packet size", "bytes", len(packet))
debug.Log(debug.DEBUG_INFO, "appDataMsg", "data", fmt.Sprintf("%x", appDataMsg), "len", len(appDataMsg))
return packet
}
@@ -1138,3 +1351,7 @@ func (t *Transport) GetInterfaces() map[string]common.NetworkInterface {
return interfaces
}
func (t *Transport) GetConfig() *common.ReticulumConfig {
return t.config
}

88
pkg/transport/transport_test.go Normal file
View File

@@ -0,0 +1,88 @@
package transport
import (
"crypto/rand"
"testing"
"github.com/Sudo-Ivan/reticulum-go/pkg/common"
)
func randomBytes(n int) []byte {
b := make([]byte, n)
_, err := rand.Read(b)
if err != nil {
panic("Failed to generate random bytes: " + err.Error())
}
return b
}
// BenchmarkTransportDestinationCreation benchmarks destination creation
func BenchmarkTransportDestinationCreation(b *testing.B) {
// Create a basic config for transport
config := &common.ReticulumConfig{
ConfigPath: "/tmp/test_config",
}
transport := NewTransport(config)
b.ResetTimer()
b.ReportAllocs()
for i := 0; i < b.N; i++ {
// Create destination (this allocates and initializes destination objects)
dest := transport.NewDestination(nil, OUT, SINGLE, "test_app")
_ = dest // Use the destination to avoid optimization
}
}
// BenchmarkTransportPathLookup benchmarks path lookup operations
func BenchmarkTransportPathLookup(b *testing.B) {
// Create a basic config for transport
config := &common.ReticulumConfig{
ConfigPath: "/tmp/test_config",
}
transport := NewTransport(config)
// Pre-populate with some destinations
destHash1 := randomBytes(16)
destHash2 := randomBytes(16)
destHash3 := randomBytes(16)
// Create some destinations
transport.NewDestination(nil, OUT, SINGLE, "test_app")
transport.NewDestination(nil, OUT, SINGLE, "test_app")
transport.NewDestination(nil, OUT, SINGLE, "test_app")
b.ResetTimer()
b.ReportAllocs()
for i := 0; i < b.N; i++ {
// Test path lookup operations (these involve map lookups and allocations)
_ = transport.HasPath(destHash1)
_ = transport.HasPath(destHash2)
_ = transport.HasPath(destHash3)
}
}
// BenchmarkTransportHopsCalculation benchmarks hops calculation
func BenchmarkTransportHopsCalculation(b *testing.B) {
// Create a basic config for transport
config := &common.ReticulumConfig{
ConfigPath: "/tmp/test_config",
}
transport := NewTransport(config)
// Create some destinations
destHash := randomBytes(16)
transport.NewDestination(nil, OUT, SINGLE, "test_app")
b.ResetTimer()
b.ReportAllocs()
for i := 0; i < b.N; i++ {
// Test hops calculation (involves internal data structure access)
_ = transport.HopsTo(destHash)
}
}

12
revive.toml
View File

@@ -4,12 +4,6 @@ confidence = 0.8
errorCode = 1
warningCode = 0
[rule.cyclomatic]
arguments = [10]
[rule.cognitive-complexity]
arguments = [7]
[rule.function-result-limit]
arguments = [3]
[rule.add-constant]
[rule.argument-limit]
[rule.atomic]
@@ -35,7 +29,6 @@ warningCode = 0
[rule.indent-error-flow]
[rule.modifies-parameter]
[rule.modifies-value-receiver]
[rule.package-comments]
[rule.range]
[rule.receiver-naming]
[rule.redefines-builtin-id]
@@ -46,7 +39,4 @@ warningCode = 0
[rule.unexported-return]
[rule.unnecessary-stmt]
[rule.unreachable-code]
[rule.unused-parameter]
[rule.unused-receiver]
[rule.var-declaration]
[rule.var-naming]
[rule.var-declaration]

114
tests/scripts/monitor_performance.sh Normal file
View File

@@ -0,0 +1,114 @@
#!/bin/bash
set -e
echo "Starting Reticulum-Go with memory and CPU monitoring..."
# Start the process in background
./bin/reticulum-go &
PID=$!
echo "Process started with PID: $PID"
# Initialize tracking variables
MAX_RSS=0
MAX_VSZ=0
MAX_CPU=0
SAMPLES=0
TOTAL_RSS=0
TOTAL_VSZ=0
TOTAL_CPU=0
END_TIME=$((SECONDS + 120))
while [ $SECONDS -lt $END_TIME ] && kill -0 $PID 2>/dev/null; do
# Get memory and CPU info using ps
if PROC_INFO=$(ps -o pid,rss,vsz,pcpu --no-headers -p $PID 2>/dev/null); then
RSS=$(echo $PROC_INFO | awk '{print $2}') # RSS in KB
VSZ=$(echo $PROC_INFO | awk '{print $3}') # VSZ in KB
CPU=$(echo $PROC_INFO | awk '{print $4}') # CPU percentage
if [ -n "$RSS" ] && [ -n "$VSZ" ] && [ -n "$CPU" ]; then
SAMPLES=$((SAMPLES + 1))
TOTAL_RSS=$((TOTAL_RSS + RSS))
TOTAL_VSZ=$((TOTAL_VSZ + VSZ))
CPU_INT=$(echo $CPU | cut -d. -f1)
TOTAL_CPU=$((TOTAL_CPU + CPU_INT))
if [ $RSS -gt $MAX_RSS ]; then
MAX_RSS=$RSS
fi
if [ $VSZ -gt $MAX_VSZ ]; then
MAX_VSZ=$VSZ
fi
# CPU is already a percentage (0-100), so compare as integers
CPU_INT=$(echo $CPU | cut -d. -f1)
if [ $CPU_INT -gt $MAX_CPU ]; then
MAX_CPU=$CPU_INT
fi
fi
fi
sleep 0.1 # Sample every 100ms
done
# Stop the process if still running
if kill -0 $PID 2>/dev/null; then
echo "Stopping process..."
kill $PID 2>/dev/null || true
sleep 1
kill -9 $PID 2>/dev/null || true
fi
# Calculate averages
if [ $SAMPLES -gt 0 ]; then
AVG_RSS=$((TOTAL_RSS / SAMPLES))
AVG_VSZ=$((TOTAL_VSZ / SAMPLES))
AVG_CPU=$((TOTAL_CPU / SAMPLES))
else
AVG_RSS=0
AVG_VSZ=0
AVG_CPU=0
fi
# Convert to MB and GB
MAX_RSS_MB=$((MAX_RSS / 1024))
MAX_RSS_GB=$((MAX_RSS_MB / 1024))
AVG_RSS_MB=$((AVG_RSS / 1024))
AVG_RSS_GB=$((AVG_RSS_MB / 1024))
MAX_VSZ_MB=$((MAX_VSZ / 1024))
MAX_VSZ_GB=$((MAX_VSZ_MB / 1024))
AVG_VSZ_MB=$((AVG_VSZ / 1024))
AVG_VSZ_GB=$((AVG_VSZ_MB / 1024))
# Output results
echo "=== Performance Usage Report ==="
echo "Monitoring duration: 120 seconds"
echo "Samples collected: $SAMPLES"
echo ""
echo "## CPU Usage - Processor Utilization (since process start)"
echo "- Max CPU: ${MAX_CPU}%"
echo "- Avg CPU: ${AVG_CPU}%"
echo "- Note: Low CPU usage is normal for I/O-bound network applications"
echo ""
echo "## RSS (Resident Set Size) - Actual Memory Used"
echo "- Max RSS: ${MAX_RSS} KB (${MAX_RSS_MB} MB / ${MAX_RSS_GB} GB)"
echo "- Avg RSS: ${AVG_RSS} KB (${AVG_RSS_MB} MB / ${AVG_RSS_GB} GB)"
echo ""
echo "## VSZ (Virtual Memory Size) - Total Virtual Memory"
echo "- Max VSZ: ${MAX_VSZ} KB (${MAX_VSZ_MB} MB / ${MAX_VSZ_GB} GB)"
echo "- Avg VSZ: ${AVG_VSZ} KB (${AVG_VSZ_MB} MB / ${AVG_VSZ_GB} GB)"
echo ""
# Output for potential future use
echo "MAX_CPU=$MAX_CPU" >> $GITHUB_OUTPUT
echo "AVG_CPU=$AVG_CPU" >> $GITHUB_OUTPUT
echo "MAX_RSS_MB=$MAX_RSS_MB" >> $GITHUB_OUTPUT
echo "AVG_RSS_MB=$AVG_RSS_MB" >> $GITHUB_OUTPUT
echo "MAX_VSZ_MB=$MAX_VSZ_MB" >> $GITHUB_OUTPUT
echo "AVG_VSZ_MB=$AVG_VSZ_MB" >> $GITHUB_OUTPUT