We need hush-seeder to support TLS to work correctly with our current p2p network. Work is being done on the dev branch
Download WolfSSL 4.6.0
Only download wolfssl if it hasn't been already
Only compile wolfssl if necessary
Currently it only checks if the dir exists, it could be smarter
Verify sha256 of binary
Compile WolfSSL with correct compiler flags
Include wolfssl header file to required source code
Link against wolfssl during compile of seeder
Port ConnectNode() from net.cpp in hush3.git to hush-seeder
Port TLSManager in hush/tlsmanager.cpp to hush-seeder
Copy tlsmanager.cpp, tlsmanager.h, utiltls.h from hush3.git to seeder repo
Modify above files to compile/run
Add LogPrintf() to seeder
Declare global variables tls_ctx_client/tls_ctx_server
Remove LOCK() macros in seeder code, since it doesn't exist there
Declare SOCKET in seeder code (copy from hush3.git)
Deal with GetTimeMillis()
Declare CNode
Declare it correctly and early enough for all headers
Add missing members to CNode
Declare CNetMessage
Copy GetRand() from hush3
Protips
The modified contents of net.cpp in hush3.git is called netbase.cpp in hush-seeder
The hush3.git networking code is a heavily modified newer version of the networking code in the seeder, they are long lost cousins. Some stuff can be copied but the seeder lacks many functions/etc
Instead of ConnectSocketByName()/ConnectSocketDirectly() which seeder currently uses, we need to use TLSManager::connect() to make a new TLS connection
We need hush-seeder to support TLS to work correctly with our current p2p network. Work is being done on the `dev` branch
* [x] Download WolfSSL 4.6.0
* [ ] Only download wolfssl if it hasn't been already
* [x] Only compile wolfssl if necessary
* [ ] Currently it only checks if the dir exists, it could be smarter
* [ ] Verify sha256 of binary
* [x] Compile WolfSSL with correct compiler flags
* [ ] Include wolfssl header file to required source code
* [x] Link against wolfssl during compile of seeder
* [ ] Port ConnectNode() from net.cpp in hush3.git to hush-seeder
* [ ] Port TLSManager in hush/tlsmanager.cpp to hush-seeder
* [x] Copy tlsmanager.cpp, tlsmanager.h, utiltls.h from hush3.git to seeder repo
* [ ] Modify above files to compile/run
* [x] Add LogPrintf() to seeder
* [x] Declare global variables tls_ctx_client/tls_ctx_server
* [x] Remove LOCK() macros in seeder code, since it doesn't exist there
* [x] Declare SOCKET in seeder code (copy from hush3.git)
* [x] Deal with GetTimeMillis()
* [x] Declare CNode
* [ ] Declare it correctly and early enough for all headers
* [ ] Add missing members to CNode
* [ ] Declare CNetMessage
* [ ] Copy GetRand() from hush3
# Protips
* The modified contents of net.cpp in hush3.git is called netbase.cpp in hush-seeder
* The hush3.git networking code is a heavily modified newer version of the networking code in the seeder, they are long lost cousins. Some stuff can be copied but the seeder lacks many functions/etc
* Instead of ConnectSocketByName()/ConnectSocketDirectly() which seeder currently uses, we need to use TLSManager::connect() to make a new TLS connection
To explain the last point more: we can take the WolfSSL code from hushd and use it in hush-seeder. Most likely some things will need to be deleted, because hush-seeder is simpler and doesn't care about as much, and some variable names have likely changed since hush-seeder borrowed the original code long ago.
We can't easily use the download/compile/install parts of the hushd build system, so that is the new code we need to write.
Once this is complete, hush-seeder will be able to actually make connections to recent Hush full nodes.
To explain the last point more: we can take the WolfSSL code from hushd and use it in hush-seeder. Most likely some things will need to be deleted, because hush-seeder is simpler and doesn't care about as much, and some variable names have likely changed since hush-seeder borrowed the original code long ago.
We can't easily use the download/compile/install parts of the hushd build system, so that is the new code we need to write.
Once this is complete, hush-seeder will be able to actually make connections to recent Hush full nodes.
Dealing with the LOCK and related macros turns out to be really annoying, so my next step is to comment all locking and see what happens. The seeder is a small subset of the full node complexity and the existing seeder code doesn't use locks or CriticalSections
Dealing with the LOCK and related macros turns out to be really annoying, so my next step is to comment all locking and see what happens. The seeder is a small subset of the full node complexity and the existing seeder code doesn't use locks or CriticalSections
@jahway603 I am happy to help mentor anybody that wants to work on this.
One wrinkle is that our networking/p2p layer has completely changed implementations (still compatible, but different code) since this was last worked on, because we merged BIP155
@jahway603 I am happy to help mentor anybody that wants to work on this.
One wrinkle is that our networking/p2p layer has completely changed implementations (still compatible, but different code) since this was last worked on, because we merged BIP155
We need hush-seeder to support TLS to work correctly with our current p2p network. Work is being done on the
dev
branchProtips
This should be done on the
dev
branch and merged tomaster
when complete.@jahway603 do you want to work on this?
To explain the last point more: we can take the WolfSSL code from hushd and use it in hush-seeder. Most likely some things will need to be deleted, because hush-seeder is simpler and doesn't care about as much, and some variable names have likely changed since hush-seeder borrowed the original code long ago.
We can't easily use the download/compile/install parts of the hushd build system, so that is the new code we need to write.
Once this is complete, hush-seeder will be able to actually make connections to recent Hush full nodes.
@onryo this might interest you as well
The
dev
branch now downloads and compiles wolfssl, but does not yet include the header file or linker flags when compilingdev
branch now has sha256 checking of dnsseed binary & of "wolfssl.source.tar.gz"Dealing with the LOCK and related macros turns out to be really annoying, so my next step is to comment all locking and see what happens. The seeder is a small subset of the full node complexity and the existing seeder code doesn't use locks or CriticalSections
Should we revisit getting this going so we can get some cheaper VPS to run Hush DNS seeders?
@jahway603 I am happy to help mentor anybody that wants to work on this.
One wrinkle is that our networking/p2p layer has completely changed implementations (still compatible, but different code) since this was last worked on, because we merged BIP155