vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-01 18:19:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
safing-portmaster/spn/crew/op_ping.go

149 lines
3.7 KiB
Go
Raw Blame History

package crew
import (
"crypto/subtle"
"time"
"github.com/safing/portbase/container"
"github.com/safing/portbase/formats/dsd"
"github.com/safing/portbase/rng"
"github.com/safing/portmaster/spn/terminal"
)
const (
// PingOpType is the type ID of the latency test operation.
PingOpType = "ping"
pingOpNonceSize = 16
pingOpTimeout = 3 * time.Second
)
// PingOp is used to measure latency.
type PingOp struct {
terminal.OneOffOperationBase
started time.Time
nonce []byte
}
// PingOpRequest is a ping request.
type PingOpRequest struct {
Nonce []byte `json:"n,omitempty"`
}
// PingOpResponse is a ping response.
type PingOpResponse struct {
Nonce []byte `json:"n,omitempty"`
Time time.Time `json:"t,omitempty"`
}
// Type returns the type ID.
func (op *PingOp) Type() string {
return PingOpType
}
func init() {
terminal.RegisterOpType(terminal.OperationFactory{
Type: PingOpType,
Start: startPingOp,
})
}
// NewPingOp runs a latency test.
func NewPingOp(t terminal.Terminal) (*PingOp, *terminal.Error) {
// Generate nonce.
nonce, err := rng.Bytes(pingOpNonceSize)
if err != nil {
return nil, terminal.ErrInternalError.With("failed to generate ping nonce: %w", err)
}
// Create operation and init.
op := &PingOp{
started: time.Now().UTC(),
nonce: nonce,
}
op.OneOffOperationBase.Init()
// Create request.
pingRequest, err := dsd.Dump(&PingOpRequest{
Nonce: op.nonce,
}, dsd.CBOR)
if err != nil {
return nil, terminal.ErrInternalError.With("failed to create ping request: %w", err)
}
// Send ping.
tErr := t.StartOperation(op, container.New(pingRequest), pingOpTimeout)
if tErr != nil {
return nil, tErr
}
return op, nil
}
// Deliver delivers a message to the operation.
func (op *PingOp) Deliver(msg *terminal.Msg) *terminal.Error {
defer msg.Finish()
// Parse response.
response := &PingOpResponse{}
_, err := dsd.Load(msg.Data.CompileData(), response)
if err != nil {
return terminal.ErrMalformedData.With("failed to parse ping response: %w", err)
}
// Check if the nonce matches.
if subtle.ConstantTimeCompare(op.nonce, response.Nonce) != 1 {
return terminal.ErrIntegrity.With("ping nonce mismatched")
}
return terminal.ErrExplicitAck
}
func startPingOp(t terminal.Terminal, opID uint32, data *container.Container) (terminal.Operation, *terminal.Error) {
// Parse request.
request := &PingOpRequest{}
_, err := dsd.Load(data.CompileData(), request)
if err != nil {
return nil, terminal.ErrMalformedData.With("failed to parse ping request: %w", err)
}
// Create response.
response, err := dsd.Dump(&PingOpResponse{
Nonce: request.Nonce,
Time: time.Now().UTC(),
}, dsd.CBOR)
if err != nil {
return nil, terminal.ErrInternalError.With("failed to create ping response: %w", err)
}
// Send response.
msg := terminal.NewMsg(response)
msg.FlowID = opID
msg.Unit.MakeHighPriority()
if terminal.UsePriorityDataMsgs {
msg.Type = terminal.MsgTypePriorityData
}
tErr := t.Send(msg, pingOpTimeout)
if tErr != nil {
// Finish message unit on failure.
msg.Finish()
return nil, tErr.With("failed to send ping response")
}
// Operation is just one response and finished successfully.
return nil, nil
}
// HandleStop gives the operation the ability to cleanly shut down.
// The returned error is the error to send to the other side.
// Should never be called directly. Call Stop() instead.
func (op *PingOp) HandleStop(err *terminal.Error) (errorToSend *terminal.Error) {
// Prevent remote from sending explicit ack, as we use it as a success signal internally.
if err.Is(terminal.ErrExplicitAck) && err.IsExternal() {
err = terminal.ErrStopping.AsExternal()
}
// Continue with usual handling of inherited base.
return op.OneOffOperationBase.HandleStop(err)
}
Reference in a new issue View git blame Copy permalink