systemquery/src/lib/transport/Connection.mjs

"use strict";

import net from 'net';
import { EventEmitter, once } from 'events';

import l from 'log';

import settings from '../../settings.mjs';
import rekey from './rekey.mjs';
import FramedTransport from './FramedTransport.mjs';
import { write_safe } from '../io/StreamHelpers.mjs';
import { encrypt_bytes, decrypt_bytes } from '../crypto/secretbox.mjs';

/**
 * Represents a connection to a single endpoint.
 */
class Connection extends EventEmitter {
	constructor(secret_join, socket) {
		super();
		
		this.socket = socket;
		
		this.rekey_last = null;
		this.rekey_interval = 30 * 60 * 1000; // 30 minutes
		this.session_key = Buffer.from(secret_join, "base64");
	}
	
	/**
	 * Connects to a peer and initialises a secure TCP connection thereto.
	 * @param	{string}		address	The address to connect to.
	 * @param	{string}		port	The TCP port to connect to.
	 * @return	{net.Socket}	A socket setup for secure communication.
	 */
	async connect(address, port) {
		this.address = address; this.port = port;
		this.socket = new new.Socket();
		this.socket.connect({
			address, port
		});
		await once(this.socket, "connect");
		
		await this.init();
	}
	
	async init() {
		this.socket.setKeepAlive(true);
		
		await this.rekey();
		
		this.framer = new FramedTransport(this.socket);
		this.framer.on("frame", this.handle_frame);
		
		this.read_task = read_loop();
	}
	
	async rekey() {
		this.rekey_last = new Date();
		this.session_key = await rekey(this.socket, this.session_key);
	}
	
	async destroy() {
		await this.framer.destroy();
		this.emit("destroy");
	}
	
	async handle_frame(bytes) {
		try {
			let decrypted = decrypt_bytes(this.session_key, bytes);
			if(decrypted === null) return;
			await handle_message(decrypted.toString("utf-8"));
		}
		catch(error) {
			l.warn(`Warning: Killing connection to ${this.address}:${this.port} after error: ${settings.cli.verbose ? error : error.message}`);
		}
		finally {
			this.destroy();
		}
	}
	
	async handle_message(msg_text) {
		const msg = JSON.parse(msg_text);
		this.emit("message", msg);
	}
	
	async send(message) {
		if(new Date() - this.rekey_last > this.rekey_interval)
			await this.rekey();
		
		// TODO: Consider https://devdocs.io/node/crypto#crypto.createCipheriv() - which lets us use any openssl ciphers we like - e.g. ChaCha20-Poly1305
		let payload = JSON.stringify(message);
		payload = encrypt_bytes(this.session_key, payload);
		
		
		await this.framer.write(payload);
	}
}

Connection.Wrap = async function(secret_join, socket) {
	const socket = new Connection(secret_join, socket);
	await socket.init();
	
	return socket;
}

Connection.Create = async function(secret_join, address, port) {
	const socket = new Connection(secret_join);
	socket.connect(address, port);
}

export default Connection;
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`"use strict";`

			`import net from 'net';`
			`import { EventEmitter, once } from 'events';`

			`import l from 'log';`

			`import settings from '../../settings.mjs';`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`import rekey from './rekey.mjs';`
Implement FramedTransport to increase efficiency of transmitted encrypted messages 2021-10-02 14:56:34 +00:00			`import FramedTransport from './FramedTransport.mjs';`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`import { write_safe } from '../io/StreamHelpers.mjs';`
			`import { encrypt_bytes, decrypt_bytes } from '../crypto/secretbox.mjs';`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00
			`/**`
			`* Represents a connection to a single endpoint.`
			`*/`
			`class Connection extends EventEmitter {`
connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`constructor(secret_join, socket) {`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`super();`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00
connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`this.socket = socket;`

			`this.rekey_last = null;`
			`this.rekey_interval = 30 * 60 * 1000; // 30 minutes`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`this.session_key = Buffer.from(secret_join, "base64");`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`}`

			`/**`
			`* Connects to a peer and initialises a secure TCP connection thereto.`
			`* @param {string} address The address to connect to.`
			`* @param {string} port The TCP port to connect to.`
			`* @return {net.Socket} A socket setup for secure communication.`
			`*/`
			`async connect(address, port) {`
			`this.address = address; this.port = port;`
			`this.socket = new new.Socket();`
			`this.socket.connect({`
			`address, port`
			`});`
			`await once(this.socket, "connect");`
connection: fix some edge cases 2021-10-02 16:00:24 +00:00
			`await this.init();`
			`}`

			`async init() {`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`this.socket.setKeepAlive(true);`

connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`await this.rekey();`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00
Implement FramedTransport to increase efficiency of transmitted encrypted messages 2021-10-02 14:56:34 +00:00			`this.framer = new FramedTransport(this.socket);`
			`this.framer.on("frame", this.handle_frame);`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`this.read_task = read_loop();`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`}`

connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`async rekey() {`
			`this.rekey_last = new Date();`
			`this.session_key = await rekey(this.socket, this.session_key);`
			`}`

			`async destroy() {`
			`await this.framer.destroy();`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`this.emit("destroy");`
			`}`

Implement FramedTransport to increase efficiency of transmitted encrypted messages 2021-10-02 14:56:34 +00:00			`async handle_frame(bytes) {`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`try {`
Implement FramedTransport to increase efficiency of transmitted encrypted messages 2021-10-02 14:56:34 +00:00			`let decrypted = decrypt_bytes(this.session_key, bytes);`
			`if(decrypted === null) return;`
			`await handle_message(decrypted.toString("utf-8"));`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`}`
			`catch(error) {`
			l.warn(`Warning: Killing connection to ${this.address}:${this.port} after error: ${settings.cli.verbose ? error : error.message}`);
			`}`
			`finally {`
			`this.destroy();`
			`}`
			`}`

Implement FramedTransport to increase efficiency of transmitted encrypted messages 2021-10-02 14:56:34 +00:00			`async handle_message(msg_text) {`
			`const msg = JSON.parse(msg_text);`
			`this.emit("message", msg);`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`}`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00
			`async send(message) {`
connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`if(new Date() - this.rekey_last > this.rekey_interval)`
			`await this.rekey();`

add todo 2021-10-02 02:03:49 +00:00			`// TODO: Consider https://devdocs.io/node/crypto#crypto.createCipheriv() - which lets us use any openssl ciphers we like - e.g. ChaCha20-Poly1305`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`let payload = JSON.stringify(message);`
			`payload = encrypt_bytes(this.session_key, payload);`

connection: fix some edge cases 2021-10-02 16:00:24 +00:00
			`await this.framer.write(payload);`
Looks like upgrading to TLS isn't going to work, so we're going to implement it ourselves. ....this is a bad idea. 2021-10-02 02:02:49 +00:00			`}`
hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`}`

connection: fix some edge cases 2021-10-02 16:00:24 +00:00			`Connection.Wrap = async function(secret_join, socket) {`
			`const socket = new Connection(secret_join, socket);`
			`await socket.init();`

			`return socket;`
			`}`

			`Connection.Create = async function(secret_join, address, port) {`
			`const socket = new Connection(secret_join);`
			`socket.connect(address, port);`
			`}`

hey, we have basic starttls! Though it's not wired up yet. 2021-10-02 00:16:34 +00:00			`export default Connection;`