diff --git a/althea_types/src/exits/encryption.rs b/althea_types/src/exits/encryption.rs index 2120a8cdd..7d4c35d03 100644 --- a/althea_types/src/exits/encryption.rs +++ b/althea_types/src/exits/encryption.rs @@ -1,6 +1,5 @@ //! this file contains utility functions for the exit communcaiton which requires encrypting/decrypting requests //! to secure them as the pass over the babel network -use crate::SignedExitServerList; use crate::WgKey; use crypto_box::aead::Aead; use crypto_box::aead::AeadCore; @@ -13,7 +12,6 @@ use std::fmt::Display; use std::fmt::Formatter; use super::EncryptedExitClientIdentity; -use super::EncryptedExitServerList; use super::EncryptedExitState; use super::ExitClientIdentity; use super::ExitState; @@ -154,59 +152,6 @@ pub fn encrypt_setup_return( } } -impl EncryptedExitServerList { - pub fn decrypt( - &self, - our_secretkey: &SecretKey, - ) -> Result { - let ciphertext = self.encrypted_exit_server_list.clone(); - let nonce = self.nonce; - - let b = SalsaBox::new(&self.pubkey.into(), our_secretkey); - - let ret: SignedExitServerList = match b.decrypt(nonce.as_ref().into(), ciphertext.as_ref()) - { - Ok(decrypted_bytes) => match String::from_utf8(decrypted_bytes) { - Ok(json_string) => match serde_json::from_str(&json_string) { - Ok(exit_list) => exit_list, - Err(e) => { - return Err(ExitEncryptionError::SerdeError { e: e.to_string() }); - } - }, - Err(e) => { - return Err(ExitEncryptionError::Utf8Error { e: e.to_string() }); - } - }, - Err(_) => { - return Err(ExitEncryptionError::ExitListDecryptionError { - e: "Could not decrypt exit list".to_string(), - }); - } - }; - Ok(ret) - } -} - -impl SignedExitServerList { - pub fn encrypt( - &self, - our_secretkey: &SecretKey, - their_pubkey: &PublicKey, - ) -> EncryptedExitServerList { - let plaintext = serde_json::to_string(&self) - .expect("Failed to serialize ExitServerList!") - .into_bytes(); - let nonce = SalsaBox::generate_nonce(&mut OsRng); - let b = SalsaBox::new(their_pubkey, our_secretkey); - let ciphertext = b.encrypt(&nonce, plaintext.as_ref()).unwrap(); - EncryptedExitServerList { - pubkey: WgKey::from(*their_pubkey.as_bytes()), - nonce: nonce.into(), - encrypted_exit_server_list: ciphertext, - } - } -} - #[cfg(test)] mod tests { use super::*; diff --git a/althea_types/src/exits/mod.rs b/althea_types/src/exits/mod.rs index 0dd124b02..3b1f2cd24 100644 --- a/althea_types/src/exits/mod.rs +++ b/althea_types/src/exits/mod.rs @@ -137,11 +137,3 @@ pub struct ExitClientDetails { pub client_internal_ip: IpAddr, pub internet_ipv6_subnet: Option, } - -/// Wrapper for secure box containing a Signed Exit Server List -#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, Hash, Clone)] -pub struct EncryptedExitServerList { - pub pubkey: WgKey, - pub nonce: [u8; 24], - pub encrypted_exit_server_list: Vec, -} diff --git a/althea_types/src/exits/server_list_signatures.rs b/althea_types/src/exits/server_list_signatures.rs index cca940e52..cf1a00006 100644 --- a/althea_types/src/exits/server_list_signatures.rs +++ b/althea_types/src/exits/server_list_signatures.rs @@ -20,6 +20,16 @@ pub struct ExitServerList { pub created: SystemTime, } +impl Default for ExitServerList { + fn default() -> Self { + ExitServerList { + contract: Address::default(), + exit_list: Vec::new(), + created: SystemTime::now(), + } + } +} + impl ExitServerList { /// Returns the ExitServerList as an Ethereum ABI token pub fn encode_to_eth_abi_token(&self) -> AbiToken { diff --git a/exit_trust_root/src/bin.rs b/exit_trust_root/src/bin.rs index b4fc7270a..a3a989b47 100644 --- a/exit_trust_root/src/bin.rs +++ b/exit_trust_root/src/bin.rs @@ -1,10 +1,8 @@ use actix_web::rt::System; use actix_web::{get, web, App, HttpResponse, HttpServer, Responder}; -use althea_types::{EncryptedExitServerList, ExitServerList, SignedExitServerList}; +use althea_types::{ExitServerList, SignedExitServerList}; use clarity::Address; use config::{load_config, CONFIG}; -use crypto_box::aead::{Aead, AeadCore, OsRng}; -use crypto_box::{PublicKey, SalsaBox, SecretKey}; use env_logger::Env; use log::info; use rita_client_registration::client_db::get_exits_list; @@ -20,8 +18,6 @@ use web30::jsonrpc::error::Web3Error; pub mod config; pub mod tls; -const RPC_SERVER: &str = "https://althea.gravitychain.io"; - pub const DEVELOPMENT: bool = cfg!(feature = "development"); const SSL: bool = !DEVELOPMENT; pub const DOMAIN: &str = if cfg!(test) || DEVELOPMENT { @@ -37,37 +33,35 @@ const SERVER_PORT: u16 = 9000; #[get("/{exit_contract}")] async fn return_exit_contract_data( exit_contract: web::Path
, - pubkey: web::Data<[u8; 32]>, - cache: web::Data>>>, + cache: web::Data>>>, ) -> impl Responder { let contract = exit_contract.into_inner(); - match cache.read().unwrap().get(&contract) { - Some(cache) => { - // return an encrypted exit server list based on the given key - HttpResponse::Ok().json(cache.to_encrypted_exit_server_list((*pubkey.get_ref()).into())) + let cached_list = { + let cache_read = cache.read().unwrap(); + cache_read.get(&contract).cloned() + }; + + match cached_list { + Some(list) => { + // return a signed exit server list based on the given key + HttpResponse::Ok().json(list) } - None => { - match retrieve_exit_server_list(contract, cache.get_ref().clone()).await { - Ok(cache_value) => { - // encrypt and return - return HttpResponse::Ok().json( - cache_value.to_encrypted_exit_server_list((*pubkey.get_ref()).into()), - ); - } - Err(e) => { - info!("Failed to get exit list from contract {:?}", e); - HttpResponse::InternalServerError() - .json("Failed to get exit list from contract") - } + None => match retrieve_exit_server_list(contract, cache.get_ref().clone()).await { + Ok(list) => { + HttpResponse::Ok().json(list) } - } + Err(e) => { + info!("Failed to get exit list from contract {:?}", e); + HttpResponse::InternalServerError().json("Failed to get exit list from contract") + } + }, } } async fn retrieve_exit_server_list( exit_contract: Address, - cache: Arc>>, -) -> Result { + cache: Arc>>, +) -> Result { const WEB3_TIMEOUT: Duration = Duration::from_secs(10); let exits = get_exits_list( &Web3::new("https://dai.althea.net", WEB3_TIMEOUT), @@ -83,12 +77,9 @@ async fn retrieve_exit_server_list( exit_list: exits, created: std::time::SystemTime::now(), }; - let nonce = SalsaBox::generate_nonce(&mut OsRng); - let cache_value = ExitContractSignatureCacheValue { - exit_list: exit_list.sign(CONFIG.clarity_private_key), - nonce: nonce.into(), - }; - // add this new exit to the cache + let cache_value = exit_list.sign(CONFIG.clarity_private_key); + + // add this new exit list to the cache cache .write() .unwrap() @@ -102,38 +93,13 @@ async fn retrieve_exit_server_list( } } -/// Cache struct for the exit contract signature data -#[derive(Debug, PartialEq, Eq, Hash, Clone)] -struct ExitContractSignatureCacheValue { - exit_list: SignedExitServerList, - nonce: [u8; 24], -} - -impl ExitContractSignatureCacheValue { - fn to_encrypted_exit_server_list(&self, their_pubkey: PublicKey) -> EncryptedExitServerList { - // we already have a signed list- now to encrypt it given the nonce & our... keys... - let plaintext = serde_json::to_string(&self.exit_list.data) - .expect("Failed to serialize ExitServerList") - .into_bytes(); - // using the clarity private key as the Crypto_box SecretKey - let our_secretkey = SecretKey::from(CONFIG.clarity_private_key.to_bytes()); - let b = SalsaBox::new(&their_pubkey, &our_secretkey); - let ciphertext = b.encrypt((&self.nonce).into(), plaintext.as_ref()).unwrap(); - EncryptedExitServerList { - pubkey: CONFIG.wg_private_key, - nonce: self.nonce, - encrypted_exit_server_list: ciphertext, - } - } -} - // five minutes const SIGNATURE_UPDATE_SLEEP: Duration = Duration::from_secs(300); /// In order to improve scalability this loop grabs and signs an updated list of exits from each exit contract /// that has previously been requested from this server every 5 minutes. This allows the server to return instantly /// on the next request from the client without having to perform rpc query 1-1 with requests. -fn signature_update_loop(cache: Arc>>) { +fn signature_update_loop(cache: Arc>>) { thread::spawn(move || loop { let runner = System::new(); runner.block_on(async { @@ -165,7 +131,7 @@ async fn main() -> std::io::Result<()> { // lazy static variable after this load_config(); - let exit_contract_data_cache: Arc>> = + let exit_contract_data_cache: Arc>> = Arc::new(RwLock::new(HashMap::new())); signature_update_loop(exit_contract_data_cache.clone()); let web_data = web::Data::new(exit_contract_data_cache.clone()); diff --git a/rita_client/src/exit_manager/exit_loop.rs b/rita_client/src/exit_manager/exit_loop.rs index 7eb8cc0cf..a5ee89819 100644 --- a/rita_client/src/exit_manager/exit_loop.rs +++ b/rita_client/src/exit_manager/exit_loop.rs @@ -15,7 +15,8 @@ use actix_async::System as AsyncSystem; use althea_kernel_interface::ip_addr::setup_ipv6_slaac as setup_ipv6_slaac_ki; use althea_kernel_interface::ip_route::get_default_route; use althea_kernel_interface::run_command; -use althea_types::{ExitDetails, ExitListV2}; +use althea_types::ExitDetails; +use althea_types::ExitServerList; use althea_types::{ExitIdentity, ExitState}; use rita_common::blockchain_oracle::low_balance; use std::net::IpAddr; @@ -138,14 +139,11 @@ async fn handle_exit_switching( let exit_list = match get_exit_list(current_exit_id).await { Ok(a) => { info!("Received an exit list: {:?}", a); - a + a.data } Err(e) => { error!("Exit_Switcher: Unable to get exit list: {:?}", e); - - ExitListV2 { - exit_list: Vec::new(), - } + ExitServerList::default() } }; diff --git a/rita_client/src/exit_manager/exit_selector.rs b/rita_client/src/exit_manager/exit_selector.rs index 95022019d..47a436c10 100644 --- a/rita_client/src/exit_manager/exit_selector.rs +++ b/rita_client/src/exit_manager/exit_selector.rs @@ -5,7 +5,7 @@ use super::exit_loop::EXIT_LOOP_SPEED; use super::utils::get_babel_routes; use crate::RitaClientError; -use althea_types::{ExitIdentity, ExitListV2}; +use althea_types::{ExitIdentity, ExitServerList}; use std::cmp::{max, min}; use std::time::Instant; use std::{collections::HashMap, net::IpAddr, time::Duration}; @@ -15,7 +15,7 @@ use std::{collections::HashMap, net::IpAddr, time::Duration}; /// quality and sets it as the currently selected exit in the exit manager pub fn select_best_exit( switcher_state: &mut ExitSwitcherState, - exit_list: ExitListV2, + exit_list: ExitServerList, babel_port: u16, ) { let current_exit = switcher_state.currently_selected.clone(); @@ -205,7 +205,7 @@ pub const MAX_QUALITY_SAMPLE_AGE: Duration = Duration::from_secs(900); /// we can't reach that exit / it is down pub fn get_and_merge_routes_for_exit_list( quality_history: &mut HashMap>, - exit_list: ExitListV2, + exit_list: ExitServerList, babel_port: u16, ) -> Result<(), RitaClientError> { let routes = get_babel_routes(babel_port)?; @@ -272,9 +272,10 @@ fn exit_is_valid_for_us(exit: ExitIdentity) -> bool { #[cfg(test)] mod tests { use super::*; - use althea_types::{ExitIdentity, ExitListV2}; + use althea_types::{ExitIdentity, ExitServerList}; + use clarity::Address; use std::collections::HashSet; - use std::time::{Duration, Instant}; + use std::time::{Duration, Instant, SystemTime}; /// generates a random identity, never use in production, your money will be stolen pub fn random_exit_identity() -> ExitIdentity { @@ -311,8 +312,10 @@ mod tests { quality_history: HashMap::new(), }; - let exit_list = ExitListV2 { + let exit_list = ExitServerList { exit_list: vec![random_exit_identity(), random_exit_identity()], + contract: Address::default(), + created: SystemTime::now(), }; // Simulate route qualities @@ -408,8 +411,10 @@ mod tests { quality_history: HashMap::new(), }; - let exit_list = ExitListV2 { + let exit_list = ExitServerList { exit_list: vec![random_exit_identity(), random_exit_identity()], + contract: Address::default(), + created: SystemTime::now(), }; // Simulate route qualities diff --git a/rita_client/src/exit_manager/mod.rs b/rita_client/src/exit_manager/mod.rs index 50b816eb6..ad9e3d3b9 100644 --- a/rita_client/src/exit_manager/mod.rs +++ b/rita_client/src/exit_manager/mod.rs @@ -23,7 +23,7 @@ pub mod time_sync; pub mod utils; use althea_types::ExitIdentity; -use althea_types::ExitListV2; +use althea_types::ExitServerList; use althea_types::ExitState; use exit_selector::ExitSwitcherState; use std::collections::HashMap; @@ -46,7 +46,7 @@ pub struct LastExitStates { pub struct ExitManager { pub nat_setup: bool, /// Every tick we query an exit endpoint to get a list of exits in that cluster. We use this list for exit switching - pub exit_list: ExitListV2, + pub exit_list: ExitServerList, /// Store last exit here, when we see an exit change, we reset wg tunnels pub last_exit_state: Option, pub last_status_request: Option, @@ -57,7 +57,7 @@ impl ExitManager { pub fn new(currently_selected: ExitIdentity) -> ExitManager { ExitManager { nat_setup: false, - exit_list: ExitListV2::default(), + exit_list: ExitServerList::default(), last_exit_state: None, last_status_request: None, exit_switcher_state: ExitSwitcherState { diff --git a/rita_client/src/exit_manager/requests.rs b/rita_client/src/exit_manager/requests.rs index e226ebf92..92d39b61b 100644 --- a/rita_client/src/exit_manager/requests.rs +++ b/rita_client/src/exit_manager/requests.rs @@ -3,12 +3,13 @@ use super::DEFAULT_WG_LISTEN_PORT; use crate::rita_loop::CLIENT_LOOP_TIMEOUT; use crate::RitaClientError; use actix_web_async::Result; -use althea_types::decrypt_exit_list; use althea_types::decrypt_exit_state; use althea_types::encrypt_exit_client_id; -use althea_types::ExitListV2; +use althea_types::SignedExitServerList; use althea_types::WgKey; use althea_types::{ExitClientIdentity, ExitRegistrationDetails, ExitState}; +use settings::exit::EXIT_LIST_IP; +use settings::exit::EXIT_LIST_PORT; use settings::set_rita_client; use std::net::{IpAddr, SocketAddr}; @@ -208,8 +209,7 @@ pub async fn exit_status_request(exit: IpAddr) -> Result<(), RitaClientError> { } /// Hits the exit_list endpoint for a given exit. -/// todo this is where we ask the exit for a new list (and do we have to decrypt it?) -pub async fn get_exit_list(exit: IpAddr) -> Result { +pub async fn get_exit_list(exit: IpAddr) -> Result { let current_exit = match settings::get_rita_client() .exit_client .bootstrapping_exits @@ -243,12 +243,8 @@ pub async fn get_exit_list(exit: IpAddr) -> Result reg_details, }; - let exit_server = current_exit.wg_key; - - let endpoint = format!( - "http://[{}]:{}/exit_list_v2", - exit_server, current_exit.registration_port - ); + // todo formatting for the exit list endpoint + let endpoint = format!("http://{}:{}/exit_list", EXIT_LIST_IP, EXIT_LIST_PORT); let settings = settings::get_rita_client(); let our_pubkey = settings.network.wg_public_key.unwrap(); let our_privkey = settings.network.wg_private_key.unwrap(); @@ -261,8 +257,8 @@ pub async fn get_exit_list(exit: IpAddr) -> Result .timeout(CLIENT_LOOP_TIMEOUT) .send_json(&ident) .await; - let mut response = match response { - Ok(a) => a, + let response = match response { + Ok(mut response) => response.json().await, Err(awc::error::SendRequestError::Timeout) => { // Did not get a response, is it a rogue exit or some netork error? return Err(RitaClientError::SendRequestError( @@ -272,10 +268,23 @@ pub async fn get_exit_list(exit: IpAddr) -> Result Err(e) => return Err(RitaClientError::SendRequestError(e.to_string())), }; - let value = response.json().await?; + let list: SignedExitServerList = match response { + Ok(a) => a, + Err(e) => { + return Err(RitaClientError::MiscStringError(format!( + "Failed to get exit list from exit {:?}", + e + ))); + } + }; - match decrypt_exit_list(&our_privkey.into(), value, &exit_pubkey.into()) { - Err(e) => Err(e.into()), - Ok(a) => Ok(a), + //verify the signature on the list + let key = list.data.contract; + let sig = list.clone().signature; + match list.data.verify(key, sig) { + true => Ok(list), + false => Err(RitaClientError::MiscStringError( + "Failed to verify exit list signature!".to_owned(), + )), } } diff --git a/rita_client/src/exit_manager/utils.rs b/rita_client/src/exit_manager/utils.rs index 3f27535bb..38a2bc07c 100644 --- a/rita_client/src/exit_manager/utils.rs +++ b/rita_client/src/exit_manager/utils.rs @@ -16,7 +16,7 @@ use althea_kernel_interface::{ use althea_types::ExitClientDetails; use althea_types::ExitDetails; use althea_types::ExitIdentity; -use althea_types::ExitListV2; +use althea_types::ExitServerList; use althea_types::ExitState; use babel_monitor::open_babel_stream; use babel_monitor::parse_routes; @@ -83,7 +83,7 @@ pub fn remove_nat() { /// TODO this is a temporary solution, instead we need to move to the new universal endpoint /// design where each exit hosts a multihomed ip endpoint returning a signed list of bootstrapping /// exits rather than each exit hosting a list of exits -pub fn merge_exit_lists(mut list: ExitListV2) -> ExitListV2 { +pub fn merge_exit_lists(mut list: ExitServerList) -> ExitServerList { let mut rita_client = settings::get_rita_client(); let mut exits = rita_client.exit_client.bootstrapping_exits; diff --git a/rita_exit/src/network_endpoints/mod.rs b/rita_exit/src/network_endpoints/mod.rs index 6418ffd16..545e0ba15 100644 --- a/rita_exit/src/network_endpoints/mod.rs +++ b/rita_exit/src/network_endpoints/mod.rs @@ -5,7 +5,6 @@ use crate::database::{client_status, signup_client}; use crate::RitaExitError; use actix_web_async::{http::StatusCode, web::Json, HttpRequest, HttpResponse, Result}; -use althea_types::EncryptedExitServerList; use althea_types::Identity; use althea_types::SignedExitServerList; use althea_types::WgKey; @@ -14,13 +13,13 @@ use althea_types::{ EncryptedExitClientIdentity, EncryptedExitState, ExitClientIdentity, ExitState, ExitSystemTime, }; use clarity::Address; -use crypto_box::{PublicKey, SecretKey}; +use crypto_box::SecretKey; use num256::Int256; use reqwest::ClientBuilder; use rita_common::blockchain_oracle::potential_payment_issues_detected; use rita_common::debt_keeper::get_debts_list; use rita_common::rita_loop::get_web3_server; -use serde_json::json; +use settings::exit::EXIT_LIST_IP; use settings::get_rita_exit; use std::net::SocketAddr; use std::time::Duration; @@ -30,9 +29,6 @@ use web30::client::Web3; // Timeout to contact Althea contract and query info about a user pub const CLIENT_STATUS_TIMEOUT: Duration = Duration::from_secs(20); -// IP serving exit lists from the root server -pub const EXIT_LIST_IP: &str = "10.10.10.10"; - /// helper function for returning from secure_setup_request() enum DecryptResult { @@ -190,60 +186,35 @@ pub async fn get_exit_timestamp_http(_req: HttpRequest) -> HttpResponse { }) } -// todo somewhere between get exit list and get list v2 is where we get the new hard coded exit list..... -// exits must have a hardcoded ip server to host calls for the exit list endpoint! this cant go on the old server /// This function takes a list of exit ips in the cluster from the exit registration smart /// contract, and returns a list of exit ips that are in the same region and currency as the client -/// if this exit fits the region and currenty requirements it will always return a list containing itself -/// even if this exit is not in the smart contract. If a client is speaking with this exit then the exit -/// data is in the config and this is considered to be a key exchange in and of itself. -pub async fn get_exit_list(request: Json) -> HttpResponse { - let exit_settings = get_rita_exit(); - let our_secretkey: WgKey = exit_settings.network.wg_private_key.unwrap(); - let our_secretkey: SecretKey = our_secretkey.into(); - let our_pubkey: PublicKey = our_secretkey.public_key(); - - let their_nacl_pubkey = &request.pubkey.into(); - +/// This exit may not be included in the list returned by the smart contract! If this is the case it must +/// first be added to the root of trust server, and clients will know to choose a different exit. +pub async fn get_exit_list() -> HttpResponse { let rita_exit = get_rita_exit(); let contract_addr = rita_exit.exit_network.registered_users_contract_addr; - // we are receiving an EncryptedExitServerList from the root server- we need to a. decrypt it and b. reencrypt it - // with the client's key so that they can verify it came from the root server. - let ret: SignedExitServerList = match get_exit_list_from_root(contract_addr, our_pubkey).await { - Some(a) => match a.decrypt(&our_secretkey.clone()) { - Ok(a) => a, - Err(e) => { - let e = format!( - "Failed to decrypt signed exit list from root server with {:?}", - e - ); - return HttpResponse::InternalServerError().json(e); + // we are receiving a SignedExitServerList from the root server. + let signed_list: SignedExitServerList = + match get_exit_list_from_root(contract_addr).await { + Some(a) => a, + None => { + return HttpResponse::InternalServerError() + .json("Failed to get exit list from root server"); } - }, - None => { - return HttpResponse::InternalServerError() - .json("Failed to get exit list from root server"); - } - }; + }; - let exit_list = ret.encrypt(&our_secretkey, their_nacl_pubkey); - HttpResponse::Ok().json(exit_list) + HttpResponse::Ok().json(signed_list) } async fn get_exit_list_from_root( contract_addr: Address, - pubkey: PublicKey, -) -> Option { +) -> Option { let request_url = format!("https://{}/{}", EXIT_LIST_IP, contract_addr); - let json_body = json!({ - "pubkey": pubkey.to_bytes(), - }); let timeout = Duration::new(15, 0); let client = ClientBuilder::new().timeout(timeout).build().unwrap(); let response = client .head(request_url) - .json(&json_body) .send() .await .expect("Could not receive data from exit root server"); diff --git a/rita_exit/src/rita_loop/mod.rs b/rita_exit/src/rita_loop/mod.rs index ec96ff142..57b1b7f4f 100644 --- a/rita_exit/src/rita_loop/mod.rs +++ b/rita_exit/src/rita_loop/mod.rs @@ -26,6 +26,7 @@ use babel_monitor::{open_babel_stream, parse_routes}; use rita_client_registration::client_db::get_all_regsitered_clients; use rita_common::debt_keeper::DebtAction; use rita_common::rita_loop::get_web3_server; +use settings::exit::{EXIT_LIST_IP, EXIT_LIST_PORT}; use std::collections::{HashMap, HashSet}; use std::sync::{Arc, RwLock}; use std::thread; @@ -359,20 +360,14 @@ pub fn start_rita_exit_list_endpoint(workers: usize) { thread::spawn(move || { let runner = AsyncSystem::new(); runner.block_on(async move { - let _res = HttpServer::new(|| { - App::new() - .route("/exit_list", web::post().to(get_exit_list)) - }) - .workers(workers) - .bind(format!( - "{}:{}", - EXIT_LIST_IP, - settings::get_rita_exit().exit_network.exit_list_port - )) - .unwrap() - .shutdown_timeout(0) - .run() - .await; + let _res = + HttpServer::new(|| App::new().route("/exit_list", web::post().to(get_exit_list))) + .workers(workers) + .bind(format!("{}:{}", EXIT_LIST_IP, EXIT_LIST_PORT,)) + .unwrap() + .shutdown_timeout(0) + .run() + .await; }); }); -} \ No newline at end of file +} diff --git a/settings/src/exit.rs b/settings/src/exit.rs index 0c1dfd11d..8bc5a2a35 100644 --- a/settings/src/exit.rs +++ b/settings/src/exit.rs @@ -13,14 +13,16 @@ use std::path::{Path, PathBuf}; pub const APP_NAME: &str = "rita_exit"; +// IP serving exit lists from the root server +pub const EXIT_LIST_IP: &str = "10.10.10.10"; +/// This is the port which exit lists are served over +pub const EXIT_LIST_PORT: u16 = 5566; /// This is the network settings specific to rita_exit #[derive(Debug, Serialize, Deserialize, Clone, Eq, PartialEq)] pub struct ExitNetworkSettings { /// This is the port which the exit registration happens over, and should only be accessible /// over the mesh pub exit_hello_port: u16, - /// This is the port which exit lists are served over - pub exit_list_port: u16, /// This is the port which the exit tunnel listens on pub wg_tunnel_port: u16, pub wg_v2_tunnel_port: u16, @@ -79,7 +81,6 @@ impl ExitNetworkSettings { .parse() .unwrap(), allowed_countries: HashSet::new(), - exit_list_port: 5555, } } }