ouroboros/src/irmd/reg, branch 0.22.0

build: Include tests in 'all' target

2025-11-07T07:36:20+00:00

When BUILD_TESTING=ON, then the default 'all' target will now build also the tests. This behaviour could be controlled by an extra variable (see https://stackoverflow.com/a/42235335), but this increases complexity without many benefits. Signed-off-by: Thijs Paelman Signed-off-by: Sander Vrijders

build: Only add tests when BUILD_TESTING is ON

2025-11-07T07:35:48+00:00

By default, BUILD_TESTING = ON due to the inclusion of the CTest module. Signed-off-by: Thijs Paelman Signed-off-by: Sander Vrijders

lib: Move encryption control from QoS to name

2025-09-10T06:21:58+00:00

This removes the flow encryption option (cypher_s) from the qosspec. The configuration file is configured in the security options (default /etc/ouroboros/security/). For this poc, encryption can be disabled client or server side by putting an enc.cfg file. If that file is present in the client folder, the client will require encryption. If that file is present on the server side, the server will require encryption and reject non-encrypted flows. Encryption is now configured outside of any application control. Example: /etc/ouroboros/security/client/oping/enc.cfg exists: irmd(II): Encryption enabled for oping. irmd(DB): File /etc/ouroboros/security/client/oping/crt.pem does not exist. irmd(II): No security info for oping. irmd(DB): Generated ephemeral keys for 87474. irmd/oap(PP): OAP_HDR [caf203681d997941 @ 2025-09-02 17:08:05 (UTC) ] --> irmd/oap(PP): Certificate: irmd/oap(PP): Ephemeral Public Key: [91 bytes] irmd/oap(PP): Data: irmd/oap(PP): Signature: Example: /etc/ouroboros/security/client/oping/enc.cfg does not exist: irmd(II): Allocating flow for 87506 to oping. irmd(DB): File /etc/ouroboros/security/client/oping/enc.cfg does not exist. irmd(DB): File /etc/ouroboros/security/client/oping/crt.pem does not exist. irmd(II): No security info for oping. irmd/oap(PP): OAP_HDR [e84bb9d7c3d9c002 @ 2025-09-02 17:08:30 (UTC) ] --> irmd/oap(PP): Certificate: irmd/oap(PP): Ephemeral Public Key: irmd/oap(PP): Data: irmd/oap(PP): Signature: Example: /etc/ouroboros/security/server/oping/enc.cfg exists: irmd(II): Flow request arrived for oping. irmd(DB): IPCP 88112 accepting flow 7 for oping. irmd(II): Encryption enabled for oping. irmd(DB): File /etc/ouroboros/security/server/oping/crt.pem does not exist. irmd(II): No security info for oping. irmd/oap(PP): OAP_HDR [3c717b3f31dff8df @ 2025-09-02 17:13:06 (UTC) ] <-- irmd/oap(PP): Certificate: irmd/oap(PP): Ephemeral Public Key: irmd/oap(PP): Data: irmd/oap(PP): Signature: irmd(WW): Encryption required but no key provided. The server side will pass the ECRYPT to the client: $ oping -l Ouroboros ping server started. Failed to accept flow: -1008 $ oping -n oping -c 1 Failed to allocate flow: -1008. Encryption on flows can now be changed at runtime without needing to touch/reconfigure/restart the process. Note: The ECRYPT result is passed on via the flow allocator responses through the IPCP (discovered/fixed some endianness issues), but the reason for rejecting the flow can be considered N+1 information... We may move that information up into the OAP header at some point. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Fix printf formatting in tests on raspbian

2025-08-23T08:13:36+00:00

Fixes some printf formatting, which was failing the build on raspbian. Signed-off-by: Dimitri Staessens

ipcpd: Fix request handling at shutdown

2025-08-23T08:13:33+00:00

The IPCP states were not entirely correct causing some operations to be serviced during shutdown. This caused some use-after-free in the pff. States in the IPCP are now correctly set. IRMd states updated to the same strategy. The IRMd registry tracks if the IPCP was ENROLLED or BOOTSTRAPPED, the IPCP just goes to OPERATIONAL. IPCP state diagram:: NULL -> init() -> INIT -> start() -> BOOT -> bootstrap/enroll() -> OPERATIONAL -> shutdown() -> SHUTDOWN -> stop_components() -> BOOT -> stop() -> INIT -> fini() -> NULL Signed-off-by: Dimitri Staessens

irmd: Add flow authentication

2025-08-18T18:57:23+00:00

This adds initial implementation of peer authentication as part of flow allocation. If credentials are not provided, this will be accepted and logged as info that the flow is not authenticated. Certificates and keys are passed as .pem files. The key file should not be encrypted, else the IRMd will open a prompt for the password. The default location for these .pem files is in /etc/ouroboros/security. It is strongly recommended to make this directory only accessible to root. ├── security │ ├── cacert │ │ └── ca.root.o7s.crt.pem │ ├── client │ │ ├── │ │ | ├── crt.pem │ │ | └── key.pem │ │ └── | | ├──... | | │ ├── server │ │ ├── │ │ | ├── crt.pem │ │ | └── key.pem │ │ └── | | ├── ... | | │ └── untrusted │ └── sign.root.o7s.crt.pem Trusted root CA certificates go in the /cacert directory, untrusted certificates for signature verification go in the /untrusted directory. The IRMd will load these certificates at boot. The IRMd will look for certificates in the /client and /server directories. For each name a subdirectory can be added and the credentials in that directory are used to sign the OAP header for flows at flow_alloc() on the client side and flow_accept() on the server side. These defaults can be changed at build time using the following variables (in alphabetical order): OUROBOROS_CA_CRT_DIR /etc/ouroboros/security/cacert OUROBOROS_CLI_CRT_DIR /etc/ouroboros/security/client OUROBOROS_SECURITY_DIR /etc/ouroboros/security OUROBOROS_SRV_CRT_DIR /etc/ouroboros/security/server OUROBOROS_UNTRUSTED_DIR /etc/ouroboros/security/untrusted The directories for the names can also be configured at IRMd boot using the configuraton file and at runtime when a name is created using the "irm name create" CLI tool. The user needs to have permissions to access the keyfile and certificate when specifying the paths with the "irm name create" CLI tool. Signed-off-by: Dimitri Staessens

irmd: Fix bad assertion in registry

2025-08-15T09:47:59+00:00

The registry wait_flow_accepted asserts the flow state to be pending, but this is not always true as the thread that accepts can be faster in execution than the one waiting for it. Signed-off-by: Dimitri Staessens

irmd: Resolve name when flow request arrives

2025-08-15T09:47:58+00:00

This makes the IRMd a bit simpler, and we only need to do the lookup to resolve the name for a hash on the server side only once. The logging is also symmetric now: irmd(II): Allocating flow for 93317 to unicast.1. irmd(II): Flow request arrived for unicast.1. Signed-off-by: Dimitri Staessens

irmd: Fix IPCP order in registry and query timeout

2025-08-11T08:06:59+00:00

Until we have a more elaborate strategy for figuring out in which Layer a service is reachable, the IRMd queries the IPCPs for names. It currently does this in the order they are stored in the registry, and the idea was to do this ordered by IPCP type. That order got messed up when the registry was rewritten. This is now fixed, with a test. The default query timeout is also lowered from 20s to 200ms. It's better to let the IRMd fail and retry the flow allocation than spend 20s waiting for the link-state routing to converge on a layer that doesn't hold the name. This does wonders for tests using Rumba... Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders

ipcpd: Update DHT for unicast layer

2025-08-06T10:34:15+00:00

This is a rewrite of the DHT for name-to-address resolution in the unicast layer. It is now integrated as a proper directory policy. The dir_wait_running function is removed, instead the a DHT peer is passed on during IPCP enrolment. Each DHT request/response gets a random 64-bit ID ('cookie'). DHT messages to the same peer are deduped, except in the case when the DHT is low on contacts. In that case, it will contact the per it received at enrolment for more contacts. To combat packet loss, these messages are not deduped by means of a 'magic cookie', chosen at random when the DHT starts. The DHT parameters (Kademlia) can be set using the configfile or the IRM command line tools: if DIRECTORY_POLICY == DHT [dht_alpha (default: 3)] [dht_k (default: 8)] [dht_t_expire (default: 86400)] [dht_t_refresh (default: 900)] [dht_t_replicate (default: 900)] This commit also adds support for a protocol debug level (PP). Protocol debugging for the DHT can be enabled using the DEBUG_PROTO_DHT build flag. The DHT has the following message types: DHT_STORE, sent to k peers. Not acknowledged. DHT_STORE --> [2861814146dbf9b5|ed:d9:e2:c4]. key: bcc236ab6ec69e65 [32 bytes] val: 00000000c4e2d9ed [8 bytes] exp: 2025-08-03 17:29:44 (UTC). DHT_FIND_NODE_REQ, sent to 'alpha' peers, with a corresponding response. This is used to update the peer routing table to iteratively look for the nodes with IDs closest to the requested key. DHT_FIND_NODE_REQ --> [a62f92abffb451c4|ed:d9:e2:c4]. cookie: 2d4b7acef8308210 key: a62f92abffb451c4 [32 bytes] DHT_FIND_NODE_RSP <-- [2861814146dbf9b5|ed:d9:e2:c4]. cookie: 2d4b7acef8308210 key: a62f92abffb451c4 [32 bytes] contacts: [1] [a62f92abffb451c4|9f:0d:c1:fb] DHT_FIND_VALUE_REQ, sent to 'k' peers, with a corresponding response. Used to find a value for a key. Will also send its closest known peers in the response. DHT_FIND_VALUE_REQ --> [2861814146dbf9b5|ed:d9:e2:c4]. cookie: 80a1adcb09a2ff0a key: 42dee3b0415b4f69 [32 bytes] DHT_FIND_VALUE_RSP <-- [2861814146dbf9b5|ed:d9:e2:c4]. cookie: 80a1adcb09a2ff0a key: 42dee3b0415b4f69 [32 bytes] values: [1] 00000000c4e2d9ed [8 bytes] contacts: [1] [a62f92abffb451c4|9f:0d:c1:fb] Also removes ubuntu 20 from appveyor config as it is not supported anymore. Signed-off-by: Dimitri Staessens Signed-off-by: Sander Vrijders