Merge pull request #2645 from csoler/v0.6-TorControl3

added some documentation to the friend server
2025-04-06 14:03:54 -04:00 · 2022-11-09 19:55:16 +01:00 · 2022-11-09 19:55:16 +01:00 · 3e4fed59bc
commit 3e4fed59bc
parent f22671dda9 03a576589e
3 changed files with 90 additions and 20 deletions
--- a/retroshare-friendserver/src/friendserver.h
+++ b/retroshare-friendserver/src/friendserver.h
@ -31,12 +31,81 @@
 class RsFriendServerClientRemoveItem;
 class RsFriendServerClientPublishItem;

-// Storage for peer-related information as known by the friend server.
-// Peers send to the friend server the list of peers they already have, with their own friendship level with that peer.
-// The FS needs to send back a list of peers, with the friendship level to the current peer.
-// In the list of closest peers, the reverse friendship levels are stored: for a peer A the reverse friendship level to peer B is whether B has
-// added A as friend or not.
-// In the list of friends for a peer, the forward FL is stored. The forward FL of a peer A to a peer B is whether A has added B as friend or not.
+// +================================================================+
+// |     o---o                                             o        |
+// |      \ /         - Retroshare Friend Server -        / \       |
+// |       o                                             o---o      |
+// +================================================================+
+//
+// The friend server facilitates a group of RS Tor-nodes to make friends. It maintains a pool of
+// participants (RS nodes currently susbscribing to the friend server) and advertise them to each other
+// as possible friends. Its goal is to allow new RS users to quickly experiment with the software without
+// compromising their anonymity.
+//
+// Implementation
+// ==============
+//
+//   The implementation is entirely client-based: clients make a request, and get a response. No connection is maintained
+// beyond this interaction. Consequently, the friend server returns a random ID to each client that the client can use to
+// e.g. signal its departure from the friend server and the release of its data.
+//
+// Both client and server use a binary interface linked to a proxy-connected socket to stream RS items, everything
+// happenning on top of Tor connections.
+//
+// Algorithms
+// ==========
+//
+//   * Protocol
+//
+//               Retroshare Client                                              Server (Friend Server)
+//
+//                                      ------------ Tor connection -------->   no action
+//               Server online MSG      <-------------- Tor ACK ------------
+//
+//
+//               Friend Req. loop       ------------ Friend Request -------->   Friend list calculation / update
+//                                      <---------- Friend list + ID --------
+//
+//
+//                  FS disabled         ------------ FS Close + ID --------->   Data cleaning, peer removal.
+//
+//
+//   * Friend selection
+//
+//      In order to reduce the ease to retrieve the list of all participants to a friend server, the
+//      friend server always returns the same list of friends to a given peer. To do so, participants are sorted
+//		for each peer, using a XOR distance such as:
+//
+//                   d(P1,P2) = P1 (XOR) P2 (XOR) R
+//
+//      ...where R is a random bias.
+//
+//      Since being in the n closest peers is not a reflexive relationship (P1 may be within the n closest peers
+//      to P2 but P2 may not be in the n closest peers to P1), selected friends for peer A are picked from both
+//      the closest peers of A, and the peers that received the RS certificate of A.
+//
+//      Another important effect of the stability of retrieved friends is to maintain a network that is not
+//      fully connected and stable over time, which corresponds to the mesh model of the RS network.
+//
+//   * Peer friendship level
+//
+//      For display purposes, the friend server also stores the "friendship level" for each pair of peers,
+//      that means whether the peer has added the other peer as friend, or only reveived his key, etc.
+//
+// 		Peers send to the friend server the list of peers they already have, with their own friendship
+//      level with that peer. The FS needs to send back a list of peers, with the friendship level to the current peer.
+// 		In the list of closest peers, the reverse friendship levels are stored: for a peer A the reverse friendship
+//      level to peer B is whether B has added A as friend or not.In the list of friends for a peer, the forward FL
+//      is stored. The forward FL of a peer A to a peer B is whether A has added B as friend or not.
+//
+//   * Security
+//
+//      Obviously the friend server knows who is possibly connected to whom. Since the connections to the
+//      friend server are anonymous, this information is difficult to protect, although the implementation
+//      currently makes it difficult to retrieve.
+//
+//      The friend server is only available to Tor nodes, since it allows RS nodes to connect to random peers.
+//      This allows trying the software without compromizing one's privacy.

 struct PeerInfo
 {
--- a/retroshare-gui/src/main.cpp
+++ b/retroshare-gui/src/main.cpp
@ -239,7 +239,8 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);
 	        >> parameter('d',"debug-level"   ,conf.debugLevel     ,"level"     ,"Set debug level."                                            ,false)
 	        >> parameter('i',"ip-address"    ,conf.forcedInetAddress,"nnn.nnn.nnn.nnn", "Force IP address to use (if cannot be detected)."    ,false)
 	        >> parameter('p',"port"          ,conf.forcedPort     ,"port"      ,"Set listenning port to use."                                 ,false)
-	        >> parameter('o',"opmode"        ,conf.opModeStr      ,"opmode"    ,"Set Operating mode (Full, NoTurtle, Gaming, Minimal)."       ,false);
+            >> parameter('o',"opmode"        ,conf.opModeStr      ,"opmode"    ,"Set Operating mode (Full, NoTurtle, Gaming, Minimal)."       ,false)
+            >> parameter('t',"opmode"        ,conf.userSuppliedTorExecutable,"tor"    ,"supply full tor eecutable path."       ,false);
 #ifdef RS_JSONAPI
 	as      >> parameter('J', "jsonApiPort", conf.jsonApiPort, "jsonApiPort", "Enable JSON API on the specified port", false )
 	        >> parameter('P', "jsonApiBindAddress", conf.jsonApiBindAddress, "jsonApiBindAddress", "JSON API Bind Address.", false);
@ -393,6 +394,9 @@ feenableexcept(FE_INVALID | FE_DIVBYZERO);

    if(is_auto_tor)
 	{
+        if(!conf.userSuppliedTorExecutable.empty())
+            RsTor::setTorExecutablePath(conf.userSuppliedTorExecutable);
+
 		// Now that we know the Tor service running, and we know the SSL id, we can make sure it provides a viable hidden service

        std::string tor_hidden_service_dir = RsAccounts::AccountDirectory() + "/hidden_service/" ;
--- a/retroshare-service/src/retroshare-service.cc
+++ b/retroshare-service/src/retroshare-service.cc
@ -126,19 +126,13 @@ int main(int argc, char* argv[])
 	              "output to stderr instead of log file." )
 	   >> option( 'u',"udp", conf.udpListenerOnly,
 	              "Only listen to UDP." )
-	   >> parameter( 'c',"base-dir", conf.optBaseDir, "directory",
-	                 "Set base directory.", false )
-	   >> parameter( 'l', "log-file", conf.logfname, "logfile",
-	                 "Set Log filename.", false )
-	   >> parameter( 'd', "debug-level", conf.debugLevel, "level",
-	                 "Set debug level.", false )
-	   >> parameter( 'i', "ip-address", conf.forcedInetAddress, "IP",
-	                 "Force IP address to use (if cannot be detected).", false )
-	   >> parameter( 'o', "opmode", conf.opModeStr, "opmode",
-	                 "Set Operating mode (Full, NoTurtle, Gaming, Minimal).",
-	                 false )
-	   >> parameter( 'p', "port", conf.forcedPort, "port",
-	                 "Set listenning port to use.", false );
+       >> parameter( 'c',"base-dir", conf.optBaseDir, "directory", "Set base directory.", false )
+       >> parameter( 'l', "log-file", conf.logfname, "logfile", "Set Log filename.", false )
+       >> parameter( 'd', "debug-level", conf.debugLevel, "level", "Set debug level.", false )
+       >> parameter( 'i', "ip-address", conf.forcedInetAddress, "IP", "Force IP address to use (if cannot be detected).", false )
+       >> parameter( 'o', "opmode", conf.opModeStr, "opmode", "Set Operating mode (Full, NoTurtle, Gaming, Minimal).", false )
+       >> parameter( 'p', "port", conf.forcedPort, "port", "Set listenning port to use.", false )
+       >> parameter( 't', "tor", conf.userSuppliedTorExecutable, "tor", "Set Tor executable full path.", false );

 #ifdef RS_SERVICE_TERMINAL_LOGIN
 	as >> parameter( 'U', "user-id", prefUserString, "ID",
@ -176,6 +170,9 @@ int main(int argc, char* argv[])
 	as >> help( 'h', "help", "Display this Help" );
 	as.defaultErrorHandling(true, true);

+    if(!conf.userSuppliedTorExecutable.empty())
+        RsTor::setTorExecutablePath(conf.userSuppliedTorExecutable);
+
 #if (defined(RS_JSONAPI) && defined(RS_WEBUI)) && defined(RS_SERVICE_TERMINAL_WEBUI_PASSWORD)
 	std::string webui_pass1;
 	if(askWebUiPassword)