Skip to content

Commit

Permalink
refactor: combined ForwardProxy and ReverseProxy into Proxy
Browse files Browse the repository at this point in the history
`ForwardProxy` and `ReverseProxy` has been combined into a single `Proxy`. The core part of this change is that both the proxies now share the same `UTP` socket. This allows us to get information about the reverse proxy's port when handling an incoming connection. This is critical for `NAT` punch-through procedure.

Fixes #360
  • Loading branch information
tegefaulkes committed Mar 23, 2022
1 parent 1436b17 commit 4e45138
Show file tree
Hide file tree
Showing 90 changed files with 2,722 additions and 3,235 deletions.
105 changes: 34 additions & 71 deletions src/PolykeyAgent.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,7 @@ import { Discovery } from './discovery';
import { SessionManager } from './sessions';
import { GRPCServer } from './grpc';
import { IdentitiesManager, providers } from './identities';
import ForwardProxy from './network/ForwardProxy';
import ReverseProxy from './network/ReverseProxy';
import Proxy from './network/Proxy';
import { EventBus, captureRejectionSymbol } from './events';
import { createAgentService, AgentServiceService } from './agent';
import { createClientService, ClientServiceService } from './client';
Expand All @@ -31,13 +30,10 @@ import * as utils from './utils';
import * as errors from './errors';

type NetworkConfig = {
forwardHost?: Host;
forwardPort?: Port;
proxyHost?: Host;
proxyPort?: Port;
egressHost?: Host;
egressPort?: Port;
// ReverseProxy
ingressHost?: Host;
ingressPort?: Port;
// GRPCServer for agent service
agentHost?: Host;
agentPort?: Port;
Expand All @@ -59,8 +55,7 @@ class PolykeyAgent {
nodePath = config.defaults.nodePath,
keysConfig = {},
networkConfig = {},
forwardProxyConfig = {},
reverseProxyConfig = {},
proxyConfig = {},
nodeConnectionManagerConfig = {},
seedNodes = {},
// Optional dependencies
Expand All @@ -72,8 +67,7 @@ class PolykeyAgent {
sigchain,
acl,
gestaltGraph,
fwdProxy,
revProxy,
proxy,
nodeGraph,
nodeConnectionManager,
nodeManager,
Expand All @@ -95,16 +89,12 @@ class PolykeyAgent {
dbKeyBits?: number;
recoveryCode?: string;
};
forwardProxyConfig?: {
proxyConfig?: {
authToken?: string;
connConnectTime?: number;
connTimeoutTime?: number;
connPingIntervalTime?: number;
};
reverseProxyConfig?: {
connConnectTime?: number;
connTimeoutTime?: number;
};
nodeConnectionManagerConfig?: {
connConnectTime?: number;
connTimeoutTime?: number;
Expand All @@ -120,8 +110,7 @@ class PolykeyAgent {
sigchain?: Sigchain;
acl?: ACL;
gestaltGraph?: GestaltGraph;
fwdProxy?: ForwardProxy;
revProxy?: ReverseProxy;
proxy?: Proxy;
nodeGraph?: NodeGraph;
nodeConnectionManager?: NodeConnectionManager;
nodeManager?: NodeManager;
Expand All @@ -147,14 +136,10 @@ class PolykeyAgent {
...config.defaults.keysConfig,
...utils.filterEmptyObject(keysConfig),
};
const forwardProxyConfig_ = {
const proxyConfig_ = {
authToken: (await keysUtils.getRandomBytes(10)).toString(),
...config.defaults.forwardProxyConfig,
...utils.filterEmptyObject(forwardProxyConfig),
};
const reverseProxyConfig_ = {
...config.defaults.reverseProxyConfig,
...utils.filterEmptyObject(reverseProxyConfig),
...config.defaults.proxyConfig,
...utils.filterEmptyObject(proxyConfig),
};
const nodeConnectionManagerConfig_ = {
...config.defaults.nodeConnectionManagerConfig,
Expand Down Expand Up @@ -256,17 +241,11 @@ class PolykeyAgent {
logger: logger.getChild(GestaltGraph.name),
fresh,
}));
fwdProxy =
fwdProxy ??
new ForwardProxy({
...forwardProxyConfig_,
logger: logger.getChild(ForwardProxy.name),
});
revProxy =
revProxy ??
new ReverseProxy({
...reverseProxyConfig_,
logger: logger.getChild(ReverseProxy.name),
proxy =
proxy ??
new Proxy({
...proxyConfig_,
logger: logger.getChild(Proxy.name),
});
nodeGraph =
nodeGraph ??
Expand All @@ -281,8 +260,7 @@ class PolykeyAgent {
new NodeConnectionManager({
keyManager,
nodeGraph,
fwdProxy,
revProxy,
proxy,
seedNodes,
...nodeConnectionManagerConfig_,
logger: logger.getChild(NodeConnectionManager.name),
Expand Down Expand Up @@ -359,8 +337,7 @@ class PolykeyAgent {
await notificationsManager?.stop();
await vaultManager?.stop();
await discovery?.stop();
await revProxy?.stop();
await fwdProxy?.stop();
await proxy?.stop();
await gestaltGraph?.stop();
await acl?.stop();
await sigchain?.stop();
Expand All @@ -381,8 +358,7 @@ class PolykeyAgent {
sigchain,
acl,
gestaltGraph,
fwdProxy,
revProxy,
proxy,
nodeGraph,
nodeConnectionManager,
nodeManager,
Expand Down Expand Up @@ -414,8 +390,7 @@ class PolykeyAgent {
public readonly sigchain: Sigchain;
public readonly acl: ACL;
public readonly gestaltGraph: GestaltGraph;
public readonly fwdProxy: ForwardProxy;
public readonly revProxy: ReverseProxy;
public readonly proxy: Proxy;
public readonly nodeGraph: NodeGraph;
public readonly nodeConnectionManager: NodeConnectionManager;
public readonly nodeManager: NodeManager;
Expand All @@ -440,8 +415,7 @@ class PolykeyAgent {
sigchain,
acl,
gestaltGraph,
fwdProxy,
revProxy,
proxy,
nodeGraph,
nodeConnectionManager,
nodeManager,
Expand All @@ -464,8 +438,7 @@ class PolykeyAgent {
sigchain: Sigchain;
acl: ACL;
gestaltGraph: GestaltGraph;
fwdProxy: ForwardProxy;
revProxy: ReverseProxy;
proxy: Proxy;
nodeGraph: NodeGraph;
nodeConnectionManager: NodeConnectionManager;
nodeManager: NodeManager;
Expand All @@ -489,8 +462,7 @@ class PolykeyAgent {
this.sigchain = sigchain;
this.acl = acl;
this.gestaltGraph = gestaltGraph;
this.fwdProxy = fwdProxy;
this.revProxy = revProxy;
this.proxy = proxy;
this.discovery = discovery;
this.nodeGraph = nodeGraph;
this.nodeConnectionManager = nodeConnectionManager;
Expand Down Expand Up @@ -541,8 +513,7 @@ class PolykeyAgent {
nodeId: keyChangeData.nodeId,
});
await this.nodeManager.refreshBuckets();
this.fwdProxy.setTLSConfig(keyChangeData.tlsConfig);
this.revProxy.setTLSConfig(keyChangeData.tlsConfig);
this.proxy.setTLSConfig(keyChangeData.tlsConfig);
this.grpcServerClient.setTLSConfig(keyChangeData.tlsConfig);
this.logger.info('Propagated root keypair change');
},
Expand All @@ -563,7 +534,7 @@ class PolykeyAgent {
notificationsManager: this.notificationsManager,
acl: this.acl,
gestaltGraph: this.gestaltGraph,
revProxy: this.revProxy,
proxy: this.proxy,
});
const clientService = createClientService({
pkAgent: this,
Expand All @@ -581,8 +552,7 @@ class PolykeyAgent {
acl: this.acl,
grpcServerClient: this.grpcServerClient,
grpcServerAgent: this.grpcServerAgent,
fwdProxy: this.fwdProxy,
revProxy: this.revProxy,
proxy: this.proxy,
fs: this.fs,
});
// Starting modules
Expand Down Expand Up @@ -613,18 +583,13 @@ class PolykeyAgent {
host: networkConfig_.agentHost,
port: networkConfig_.agentPort,
});
await this.fwdProxy.start({
proxyHost: networkConfig_.proxyHost,
proxyPort: networkConfig_.proxyPort,
egressHost: networkConfig_.egressHost,
egressPort: networkConfig_.egressPort,
tlsConfig,
});
await this.revProxy.start({
await this.proxy.start({
forwardHost: networkConfig_.forwardHost,
forwardPort: networkConfig_.forwardPort,
serverHost: this.grpcServerAgent.getHost(),
serverPort: this.grpcServerAgent.getPort(),
ingressHost: networkConfig_.ingressHost,
ingressPort: networkConfig_.ingressPort,
proxyHost: networkConfig_.proxyHost,
proxyPort: networkConfig_.proxyPort,
tlsConfig,
});
await this.nodeConnectionManager.start();
Expand All @@ -639,8 +604,8 @@ class PolykeyAgent {
nodeId: this.keyManager.getNodeId(),
clientHost: this.grpcServerClient.getHost(),
clientPort: this.grpcServerClient.getPort(),
ingressHost: this.revProxy.getIngressHost(),
ingressPort: this.revProxy.getIngressPort(),
proxyHost: this.proxy.getProxyHost(),
proxyPort: this.proxy.getProxyPort(),
});
this.logger.info(`Started ${this.constructor.name}`);
} catch (e) {
Expand All @@ -650,8 +615,7 @@ class PolykeyAgent {
await this.notificationsManager?.stop();
await this.vaultManager?.stop();
await this.discovery?.stop();
await this.revProxy?.stop();
await this.fwdProxy?.stop();
await this.proxy?.stop();
await this.grpcServerAgent?.stop();
await this.grpcServerClient?.stop();
await this.gestaltGraph?.stop();
Expand Down Expand Up @@ -679,8 +643,7 @@ class PolykeyAgent {
await this.discovery.stop();
await this.nodeConnectionManager.stop();
await this.nodeGraph.stop();
await this.revProxy.stop();
await this.fwdProxy.stop();
await this.proxy.stop();
await this.grpcServerAgent.stop();
await this.grpcServerClient.stop();
await this.gestaltGraph.stop();
Expand Down
6 changes: 3 additions & 3 deletions src/agent/service/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import type { Sigchain } from '../../sigchain';
import type { ACL } from '../../acl';
import type { GestaltGraph } from '../../gestalts';
import type { IAgentServiceServer } from '../../proto/js/polykey/v1/agent_service_grpc_pb';
import type ReverseProxy from '../../network/ReverseProxy';
import type Proxy from '../../network/Proxy';
import echo from './echo';
import nodesChainDataGet from './nodesChainDataGet';
import nodesClaimsGet from './nodesClaimsGet';
Expand All @@ -34,9 +34,9 @@ function createService(container: {
sigchain: Sigchain;
acl: ACL;
gestaltGraph: GestaltGraph;
revProxy: ReverseProxy;
proxy: Proxy;
}): IAgentServiceServer {
const connectionInfoGet = agentUtils.connectionInfoGetter(container.revProxy);
const connectionInfoGet = agentUtils.connectionInfoGetter(container.proxy);
const container_ = {
...container,
connectionInfoGet: connectionInfoGet,
Expand Down
2 changes: 1 addition & 1 deletion src/agent/service/nodesHolePunchMessageSend.ts
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ function nodesHolePunchMessageSend({
// back to the source node.
if (keyManager.getNodeId().equals(targetId)) {
const [host, port] = networkUtils.parseAddress(
call.request.getEgressAddress(),
call.request.getProxyAddress(),
);
await nodeConnectionManager.holePunchReverse(host, port);
// Otherwise, find if node in table
Expand Down
2 changes: 1 addition & 1 deletion src/agent/service/vaultsGitInfoGet.ts
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ function vaultsGitInfoGet({
if (connectionInfo == null) {
throw new agentErrors.ErrorConnectionInfoMissing();
}
const nodeId = connectionInfo.nodeId;
const nodeId = connectionInfo.remoteNodeId;
const nodeIdEncoded = nodesUtils.encodeNodeId(nodeId);
const actionType = validationUtils.parseVaultAction(request.getAction());
const permissions = await acl.getNodePerm(nodeId);
Expand Down
2 changes: 1 addition & 1 deletion src/agent/service/vaultsGitPackGet.ts
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ function vaultsGitPackGet({
if (connectionInfo == null) {
throw new agentErrors.ErrorConnectionInfoMissing();
}
const nodeId = connectionInfo.nodeId;
const nodeId = connectionInfo.remoteNodeId;
const nodeIdEncoded = nodesUtils.encodeNodeId(nodeId);
// Getting vaultId
const vaultNameOrId = meta.get('vaultNameOrId').pop()!.toString();
Expand Down
2 changes: 1 addition & 1 deletion src/agent/service/vaultsScan.ts
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ function vaultsScan({
if (connectionInfo == null) {
throw new agentErrors.ErrorConnectionInfoMissing();
}
const nodeId = connectionInfo.nodeId;
const nodeId = connectionInfo.remoteNodeId;
try {
const listResponse = vaultManager.handleScanVaults(nodeId);
for await (const {
Expand Down
6 changes: 3 additions & 3 deletions src/agent/utils.ts
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
import type { Host, Port } from 'network/types';
import type ReverseProxy from 'network/ReverseProxy';
import type Proxy from 'network/Proxy';
import type { ConnectionInfoGet } from './types';
import type { ServerSurfaceCall } from '@grpc/grpc-js/build/src/server-call';

function connectionInfoGetter(revProxy: ReverseProxy): ConnectionInfoGet {
function connectionInfoGetter(proxy: Proxy): ConnectionInfoGet {
return (call: ServerSurfaceCall) => {
let urlString = call.getPeer();
if (!/^.*:\/\//.test(urlString)) urlString = 'pk://' + urlString;
const url = new URL(urlString);
return revProxy.getConnectionInfoByProxy(
return proxy.getConnectionInfoByReverse(
url.hostname as Host,
parseInt(url.port) as Port,
);
Expand Down
13 changes: 5 additions & 8 deletions src/bin/agent/CommandStart.ts
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ class CommandStart extends CommandPolykey {
this.addOption(binOptions.rootKeyPairBits);
this.addOption(binOptions.clientHost);
this.addOption(binOptions.clientPort);
this.addOption(binOptions.ingressHost);
this.addOption(binOptions.ingressPort);
this.addOption(binOptions.proxyHost);
this.addOption(binOptions.proxyPort);
this.addOption(binOptions.connTimeoutTime);
this.addOption(binOptions.seedNodes);
this.addOption(binOptions.network);
Expand Down Expand Up @@ -83,17 +83,14 @@ class CommandStart extends CommandPolykey {
rootKeyPairBits: options.rootKeyPairBits,
recoveryCode: recoveryCodeIn,
},
forwardProxyConfig: {
connTimeoutTime: options.connTimeoutTime,
},
reverseProxyConfig: {
proxyConfig: {
connTimeoutTime: options.connTimeoutTime,
},
networkConfig: {
clientHost: options.clientHost,
clientPort: options.clientPort,
ingressHost: options.ingressHost,
ingressPort: options.ingressPort,
proxyHost: options.proxyHost,
proxyPort: options.proxyPort,
},
seedNodes,
fresh: options.fresh,
Expand Down
Loading

0 comments on commit 4e45138

Please sign in to comment.