hush
/
hush-seeder
8
1
Fork 2
Code Issues 2 Pull Requests Projects Releases Wiki Activity
Labels Milestones
New Issue

Add wolfssl support #1

Open
opened 3 years ago by duke · 8 comments
duke commented 3 years ago
Owner

We need hush-seeder to support TLS to work correctly with our current p2p network. Work is being done on the dev branch

  • Download WolfSSL 4.6.0
    • Only download wolfssl if it hasn't been already
    • Only compile wolfssl if necessary
      • Currently it only checks if the dir exists, it could be smarter
  • Verify sha256 of binary
  • Compile WolfSSL with correct compiler flags
  • Include wolfssl header file to required source code
  • Link against wolfssl during compile of seeder
  • Port ConnectNode() from net.cpp in hush3.git to hush-seeder
    • Port TLSManager in hush/tlsmanager.cpp to hush-seeder
    • Copy tlsmanager.cpp, tlsmanager.h, utiltls.h from hush3.git to seeder repo
    • Modify above files to compile/run
      • Add LogPrintf() to seeder
      • Declare global variables tls_ctx_client/tls_ctx_server
      • Remove LOCK() macros in seeder code, since it doesn't exist there
      • Declare SOCKET in seeder code (copy from hush3.git)
      • Deal with GetTimeMillis()
      • Declare CNode
        • Declare it correctly and early enough for all headers
        • Add missing members to CNode
      • Declare CNetMessage
      • Copy GetRand() from hush3

Protips

  • The modified contents of net.cpp in hush3.git is called netbase.cpp in hush-seeder
  • The hush3.git networking code is a heavily modified newer version of the networking code in the seeder, they are long lost cousins. Some stuff can be copied but the seeder lacks many functions/etc
  • Instead of ConnectSocketByName()/ConnectSocketDirectly() which seeder currently uses, we need to use TLSManager::connect() to make a new TLS connection
We need hush-seeder to support TLS to work correctly with our current p2p network. Work is being done on the `dev` branch * [x] Download WolfSSL 4.6.0 * [ ] Only download wolfssl if it hasn't been already * [x] Only compile wolfssl if necessary * [ ] Currently it only checks if the dir exists, it could be smarter * [ ] Verify sha256 of binary * [x] Compile WolfSSL with correct compiler flags * [ ] Include wolfssl header file to required source code * [x] Link against wolfssl during compile of seeder * [ ] Port ConnectNode() from net.cpp in hush3.git to hush-seeder * [ ] Port TLSManager in hush/tlsmanager.cpp to hush-seeder * [x] Copy tlsmanager.cpp, tlsmanager.h, utiltls.h from hush3.git to seeder repo * [ ] Modify above files to compile/run * [x] Add LogPrintf() to seeder * [x] Declare global variables tls_ctx_client/tls_ctx_server * [x] Remove LOCK() macros in seeder code, since it doesn't exist there * [x] Declare SOCKET in seeder code (copy from hush3.git) * [x] Deal with GetTimeMillis() * [x] Declare CNode * [ ] Declare it correctly and early enough for all headers * [ ] Add missing members to CNode * [ ] Declare CNetMessage * [ ] Copy GetRand() from hush3 # Protips * The modified contents of net.cpp in hush3.git is called netbase.cpp in hush-seeder * The hush3.git networking code is a heavily modified newer version of the networking code in the seeder, they are long lost cousins. Some stuff can be copied but the seeder lacks many functions/etc * Instead of ConnectSocketByName()/ConnectSocketDirectly() which seeder currently uses, we need to use TLSManager::connect() to make a new TLS connection
👀 1
duke commented 3 years ago
Poster
Owner

This should be done on the dev branch and merged to master when complete.
@jahway603 do you want to work on this?

This should be done on the `dev` branch and merged to `master` when complete. @jahway603 do you want to work on this?
duke commented 3 years ago
Poster
Owner

To explain the last point more: we can take the WolfSSL code from hushd and use it in hush-seeder. Most likely some things will need to be deleted, because hush-seeder is simpler and doesn't care about as much, and some variable names have likely changed since hush-seeder borrowed the original code long ago.

We can't easily use the download/compile/install parts of the hushd build system, so that is the new code we need to write.

Once this is complete, hush-seeder will be able to actually make connections to recent Hush full nodes.

To explain the last point more: we can take the WolfSSL code from hushd and use it in hush-seeder. Most likely some things will need to be deleted, because hush-seeder is simpler and doesn't care about as much, and some variable names have likely changed since hush-seeder borrowed the original code long ago. We can't easily use the download/compile/install parts of the hushd build system, so that is the new code we need to write. Once this is complete, hush-seeder will be able to actually make connections to recent Hush full nodes.
duke commented 3 years ago
Poster
Owner

@onryo this might interest you as well

@onryo this might interest you as well
duke commented 3 years ago
Poster
Owner

The dev branch now downloads and compiles wolfssl, but does not yet include the header file or linker flags when compiling

The `dev` branch now downloads and compiles wolfssl, but does not yet include the header file or linker flags when compiling
jahway603 commented 3 years ago
Collaborator

dev branch now has sha256 checking of dnsseed binary & of "wolfssl.source.tar.gz"

`dev` branch now has sha256 checking of dnsseed binary & of "wolfssl.source.tar.gz"
👀 1 ❤️ 1
duke commented 3 years ago
Poster
Owner

Dealing with the LOCK and related macros turns out to be really annoying, so my next step is to comment all locking and see what happens. The seeder is a small subset of the full node complexity and the existing seeder code doesn't use locks or CriticalSections

Dealing with the LOCK and related macros turns out to be really annoying, so my next step is to comment all locking and see what happens. The seeder is a small subset of the full node complexity and the existing seeder code doesn't use locks or CriticalSections
jahway603 commented 1 year ago
Collaborator

Should we revisit getting this going so we can get some cheaper VPS to run Hush DNS seeders?

Should we revisit getting this going so we can get some cheaper VPS to run Hush DNS seeders?
duke commented 1 year ago
Poster
Owner

@jahway603 I am happy to help mentor anybody that wants to work on this.

One wrinkle is that our networking/p2p layer has completely changed implementations (still compatible, but different code) since this was last worked on, because we merged BIP155

@jahway603 I am happy to help mentor anybody that wants to work on this. One wrinkle is that our networking/p2p layer has completely changed implementations (still compatible, but different code) since this was last worked on, because we merged BIP155
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
dev
master
Labels
Apply labels
Clear labels
No items
No Label
Milestone
Set milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes