Merge pull request #2645 from csoler/v0.6-TorControl3

added some documentation to the friend server
This commit is contained in:
csoler 2022-11-09 19:55:16 +01:00 committed by GitHub
commit 3e4fed59bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 90 additions and 20 deletions

View File

@ -31,12 +31,81 @@
class RsFriendServerClientRemoveItem;
class RsFriendServerClientPublishItem;
// Storage for peer-related information as known by the friend server.
// Peers send to the friend server the list of peers they already have, with their own friendship level with that peer.
// The FS needs to send back a list of peers, with the friendship level to the current peer.
// In the list of closest peers, the reverse friendship levels are stored: for a peer A the reverse friendship level to peer B is whether B has
// added A as friend or not.
// In the list of friends for a peer, the forward FL is stored. The forward FL of a peer A to a peer B is whether A has added B as friend or not.
// +================================================================+
// | o---o o |
// | \ / - Retroshare Friend Server - / \ |
// | o o---o |
// +================================================================+
//
// The friend server facilitates a group of RS Tor-nodes to make friends. It maintains a pool of
// participants (RS nodes currently susbscribing to the friend server) and advertise them to each other
// as possible friends. Its goal is to allow new RS users to quickly experiment with the software without
// compromising their anonymity.
//
// Implementation
// ==============
//
// The implementation is entirely client-based: clients make a request, and get a response. No connection is maintained
// beyond this interaction. Consequently, the friend server returns a random ID to each client that the client can use to
// e.g. signal its departure from the friend server and the release of its data.
//
// Both client and server use a binary interface linked to a proxy-connected socket to stream RS items, everything
// happenning on top of Tor connections.
//
// Algorithms
// ==========
//
// * Protocol
//
// Retroshare Client Server (Friend Server)
//
// ------------ Tor connection --------> no action
// Server online MSG <-------------- Tor ACK ------------
//
//
// Friend Req. loop ------------ Friend Request --------> Friend list calculation / update
// <---------- Friend list + ID --------
//
//
// FS disabled ------------ FS Close + ID ---------> Data cleaning, peer removal.
//
//
// * Friend selection
//
// In order to reduce the ease to retrieve the list of all participants to a friend server, the
// friend server always returns the same list of friends to a given peer. To do so, participants are sorted
// for each peer, using a XOR distance such as:
//
// d(P1,P2) = P1 (XOR) P2 (XOR) R
//
// ...where R is a random bias.
//
// Since being in the n closest peers is not a reflexive relationship (P1 may be within the n closest peers
// to P2 but P2 may not be in the n closest peers to P1), selected friends for peer A are picked from both
// the closest peers of A, and the peers that received the RS certificate of A.
//
// Another important effect of the stability of retrieved friends is to maintain a network that is not
// fully connected and stable over time, which corresponds to the mesh model of the RS network.
//
// * Peer friendship level
//
// For display purposes, the friend server also stores the "friendship level" for each pair of peers,
// that means whether the peer has added the other peer as friend, or only reveived his key, etc.
//
// Peers send to the friend server the list of peers they already have, with their own friendship
// level with that peer. The FS needs to send back a list of peers, with the friendship level to the current peer.
// In the list of closest peers, the reverse friendship levels are stored: for a peer A the reverse friendship
// level to peer B is whether B has added A as friend or not.In the list of friends for a peer, the forward FL
// is stored. The forward FL of a peer A to a peer B is whether A has added B as friend or not.
//
// * Security
//
// Obviously the friend server knows who is possibly connected to whom. Since the connections to the
// friend server are anonymous, this information is difficult to protect, although the implementation
// currently makes it difficult to retrieve.
//
// The friend server is only available to Tor nodes, since it allows RS nodes to connect to random peers.
// This allows trying the software without compromizing one's privacy.
struct PeerInfo
{

View File

@ -239,7 +239,8 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);
>> parameter('d',"debug-level" ,conf.debugLevel ,"level" ,"Set debug level." ,false)
>> parameter('i',"ip-address" ,conf.forcedInetAddress,"nnn.nnn.nnn.nnn", "Force IP address to use (if cannot be detected)." ,false)
>> parameter('p',"port" ,conf.forcedPort ,"port" ,"Set listenning port to use." ,false)
>> parameter('o',"opmode" ,conf.opModeStr ,"opmode" ,"Set Operating mode (Full, NoTurtle, Gaming, Minimal)." ,false);
>> parameter('o',"opmode" ,conf.opModeStr ,"opmode" ,"Set Operating mode (Full, NoTurtle, Gaming, Minimal)." ,false)
>> parameter('t',"opmode" ,conf.userSuppliedTorExecutable,"tor" ,"supply full tor eecutable path." ,false);
#ifdef RS_JSONAPI
as >> parameter('J', "jsonApiPort", conf.jsonApiPort, "jsonApiPort", "Enable JSON API on the specified port", false )
>> parameter('P', "jsonApiBindAddress", conf.jsonApiBindAddress, "jsonApiBindAddress", "JSON API Bind Address.", false);
@ -393,6 +394,9 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);
if(is_auto_tor)
{
if(!conf.userSuppliedTorExecutable.empty())
RsTor::setTorExecutablePath(conf.userSuppliedTorExecutable);
// Now that we know the Tor service running, and we know the SSL id, we can make sure it provides a viable hidden service
std::string tor_hidden_service_dir = RsAccounts::AccountDirectory() + "/hidden_service/" ;

View File

@ -126,19 +126,13 @@ int main(int argc, char* argv[])
"output to stderr instead of log file." )
>> option( 'u',"udp", conf.udpListenerOnly,
"Only listen to UDP." )
>> parameter( 'c',"base-dir", conf.optBaseDir, "directory",
"Set base directory.", false )
>> parameter( 'l', "log-file", conf.logfname, "logfile",
"Set Log filename.", false )
>> parameter( 'd', "debug-level", conf.debugLevel, "level",
"Set debug level.", false )
>> parameter( 'i', "ip-address", conf.forcedInetAddress, "IP",
"Force IP address to use (if cannot be detected).", false )
>> parameter( 'o', "opmode", conf.opModeStr, "opmode",
"Set Operating mode (Full, NoTurtle, Gaming, Minimal).",
false )
>> parameter( 'p', "port", conf.forcedPort, "port",
"Set listenning port to use.", false );
>> parameter( 'c',"base-dir", conf.optBaseDir, "directory", "Set base directory.", false )
>> parameter( 'l', "log-file", conf.logfname, "logfile", "Set Log filename.", false )
>> parameter( 'd', "debug-level", conf.debugLevel, "level", "Set debug level.", false )
>> parameter( 'i', "ip-address", conf.forcedInetAddress, "IP", "Force IP address to use (if cannot be detected).", false )
>> parameter( 'o', "opmode", conf.opModeStr, "opmode", "Set Operating mode (Full, NoTurtle, Gaming, Minimal).", false )
>> parameter( 'p', "port", conf.forcedPort, "port", "Set listenning port to use.", false )
>> parameter( 't', "tor", conf.userSuppliedTorExecutable, "tor", "Set Tor executable full path.", false );
#ifdef RS_SERVICE_TERMINAL_LOGIN
as >> parameter( 'U', "user-id", prefUserString, "ID",
@ -176,6 +170,9 @@ int main(int argc, char* argv[])
as >> help( 'h', "help", "Display this Help" );
as.defaultErrorHandling(true, true);
if(!conf.userSuppliedTorExecutable.empty())
RsTor::setTorExecutablePath(conf.userSuppliedTorExecutable);
#if (defined(RS_JSONAPI) && defined(RS_WEBUI)) && defined(RS_SERVICE_TERMINAL_WEBUI_PASSWORD)
std::string webui_pass1;
if(askWebUiPassword)