oxen-io / lokinet Goto Github PK

Please ask questions in writing to Jeff about the design to punch up documentation

The configuration is poorly typed, with all values being strings, despite several being URLs, booleans, integers, IP addresses, etc.

The configuration struct is defined as a sectioned KV map, with all values stored as strings, creating a need to later cast them to their actual types, and removing compile-time type safety.

The fact that a map is used over defined struct members makes it unnecessarily difficult to ascertain what configuration is used/required.

Is there a reason this approach was chosen over using a configuration library, or even just a YAML (my preference) or INI parsing library, with the full configuration structure defined in code?

To summarise some Discord discussion, there's a few points

• configuration is a map and not explicitly defined; hurts reasoning and readability, removes compile-time safety
• configuration values are weakly typed; creates a need to cast and removes compile-time safety
• appropriateness of using a library over custom, internally maintained, code

See llarp/config.hpp and llarp/config.cpp for reference.

Relevant libraries:

• hyperrealm/libconfig
• jbeder/yaml-cpp

looking for suggestions to how to reorganize the code

ip ranges leak at exit via broadcast address, this can be remedied via dropping it client side so it is never sent. this should also be done with multicast ranges and other bogons.

Binaries are compiled but not installed. This is the case using ninja and Unix Makefile build systems.

may be better optimized by compilers.
compiler support should be fine too.
also looks cleaner.

Allow lokinet install from homebrew

probably for version 2 of the protocol however.

ubuntu 18.04 gcc version 7.3.0 single core 4gb ram
commit 1f96584

testAll: /home/phaverkamp/loki-network/llarp/queue_manager.cpp:338: llarp::thread::QueueReturn llarp::thread::QueueManager::reservePopIndex(uint32_t&, uint32_t&): Assertion 1 == (circularDifference(currGen, elemGen, m_maxGeneration) + 1)' failed. testAll: /home/phaverkamp/loki-network/llarp/queue_manager.cpp:338: llarp::thread::QueueReturn llarp::thread::QueueManager::reservePopIndex(uint32_t&, uint32_t&): Assertion 1 == (circularDifference(currGen, elemGen, m_maxGeneration) + 1)' failed.
Makefile:149: recipe for target 'test' failed
make: *** [test] Aborted (core dumped)

Not crashing any more but not getting any further:

Running as root

[NFO] unnamed (166) Tue Dec  4 02:38:04 2018 UTC llarp/context.cpp:130	lokinet-0.3.1-3d0f28b (dev build)
[NFO] unnamed (166) Tue Dec  4 02:38:04 2018 UTC llarp/context.cpp:131	starting up
[NFO] unnamed (166) Tue Dec  4 02:38:04 2018 UTC llarp/context.cpp:95	nodedb_dir loaded 0 RCs from [/root/.lokinet/netdb]
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:1304	add upstream resolver 128.52.130.209
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:1304	add upstream resolver 85.208.208.141
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:1304	add upstream resolver 103.236.162.119
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:1309	set local dns to 127.3.2.1:53
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:998	outbound link ready
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:771	Bound RPC server to 127.0.0.1:1190
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:786	You have 1 inbound links
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:799	Loading Addr: 206.81.100.174:1090 into our RC
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:838	Your Encryption pubkey 8458adaa29c5220003b9f80f872379dbcd6008d04ad8b7d257bcbec357454524
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:841	Your Identity pubkey 608df917988b25a0b1b36365053363328d765a53f1cf48cbf64b1c19f537cdd3
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:852	Signing rc...
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:864	have 0 routers
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:934	accepting transit traffic
[WRN] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC vendor/libtuntap-master/tuntap-unix.c:354	Can't unset debug
[NFO] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC vendor/libtuntap-master/tuntap-unix-linux.c:197	IPv6 is not implemented on your system
[WRN] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/ev.cpp:269	failed to set ip
[ERR] llarpdev-main (166) Tue Dec  4 02:38:04 2018 UTC llarp/router.cpp:892	Failed to initialize service node

lokinet.ini

# this configuration was auto generated with 'sane' defaults
# change these values as desired


# router settings block
[router]
# uncomment these to manually set public address and port
# this is required on providers like AWS because of their firewall rules
# public-address=your.ip.goes.here
# public-port=1090

# number of crypto worker threads 
threads=4
# path to store signed RC
contact-file=/root/.lokinet/self.signed
# path to store transport private key
transport-privkey=/root/.lokinet/transport.private
# path to store identity signing key
identity-privkey=/root/.lokinet/identity.private
# path to store signed RC
contact-file=/root/.lokinet/self.signed

# uncomment following line to set router nickname to 'lokinet'
nickname=llarpdev-main


# system settings for priviledges and such
[system]
#user=lokinet
#group=lokinet
user=root
group=root

# dns provider configuration section
[dns]
# opennic us resolver
upstream=128.52.130.209
# opennic eu resolver
upstream=85.208.208.141
# opennic au resolver
upstream=103.236.162.119
bind=127.3.2.1:53


# network database settings block 
[netdb]
# directory for network database skiplist storage
dir=/root/.lokinet/netdb


# publish network interfaces for handling inbound traffic
[bind]
eth0=1090

I can provide SSH if you'd like.

libabyss can use the server portions
and secure DNSc can use the client portion (and is blocking)

Maybe obsoleted if we include a stripped libmbed

We need watchers, stars and forks!

Goal
30 forks, 30 watchers and 75 stars (to be added to homebrew)

Post any ideas for making this happen.

Jonathan and Mikunj both reported DNS working and then it just stop responding, and/or gave bad packets or no response.

Mikunj:
working:

Server:        127.0.0.1
Address:    127.0.0.1#53

Non-authoritative answer:
Name:    7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki
Address: 172.16.10.2

not working:

Mikunjs-iMac:loki-network maka$ nslookup 7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki 127.0.0.1
;; Warning: Message parser reports malformed message packet.
Server:        127.0.0.1
Address:    127.0.0.1#53

** server can't find 7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki: NXRRSET

Mikunj's lokinet logs when querying:

[NFO] unnamed (510) Tue Dec 11 16:22:28 2018 AEDT llarp/service/endpoint.cpp:923	default:tewkj3fnou1i7p9ndu4f69dc69ganwauuuwe7xjhekwtqdrmhcho.loki Ensure Path to 7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki
[NFO] unnamed (510) Tue Dec 11 16:22:30 2018 AEDT llarp/dht/decode.cpp:39	Handle DHT message G relayed=1
[NFO] unnamed (510) Tue Dec 11 16:22:30 2018 AEDT llarp/service/endpoint.cpp:614	found 0 for 7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki
[ERR] unnamed (510) Tue Dec 11 16:22:30 2018 AEDT llarp/service/endpoint.cpp:891	default:tewkj3fnou1i7p9ndu4f69dc69ganwauuuwe7xjhekwtqdrmhcho.loki failed to lookup 7okic5x5do3uh3usttnqz9ek3uuoemdrwzto1hciwim9f947or6y.loki from 6nfi7fd6j84kxya6r6r5ph6jjdsjgeg84x7cxsrkm4q7bbei4uxo.snode
[NFO] unnamed (510) Tue Dec 11 16:22:31 2018 AEDT llarp/link/server.cpp:131	Try establish to msc4uiucc3qit14w58yk76i8768eoe7fwdfc9n5hpzohgaaxfn9o.snode
[ERR] unnamed (510) Tue Dec 11 16:22:31 2018 AEDT llarp/link/utp.cpp:422	UTP_ETIMEDOUT via 35.211.83.50:1090
[NFO] unnamed (510) Tue Dec 11 16:22:32 2018 AEDT llarp/pathset.cpp:282	path TX=bae3f935f0702e481e248b895fcd4ab6 RX=b14a4f196b247f71a31f1b71f84aae51 has timed out
[NFO] unnamed (510) Tue Dec 11 16:22:33 2018 AEDT llarp/link/server.cpp:64	session to ??D?Tz?b??R??b?Vm?s5?^???(g? timed out
[NFO] unnamed (510) Tue Dec 11 16:22:33 2018 AEDT llarp/router.cpp:729	Session to saq91tfakt7xkaoba5difdsackric5qxqc4aazzahq4qckd8nqco.snode fully closed
[NFO] unnamed (510) Tue Dec 11 16:22:34 2018 AEDT llarp/path.cpp:414	path TX=b6c4b0a8c4378ffa9a07bc182ae35880 RX=9069d27fb02b172c1eed5b22bd82af98 is building
[NFO] unnamed (510) Tue Dec 11 16:22:34 2018 AEDT llarp/link/server.cpp:131	Try establish to saq91tfakt7xkaoba5difdsackric5qxqc4aazzahq4qckd8nqco.snode
[NFO] unnamed (510) Tue Dec 11 16:22:35 2018 AEDT llarp/path.cpp:630	path is confirmed tx=b6c4b0a8c4378ffa9a07bc182ae35880 rx=9069d27fb02b172c1eed5b22bd82af98 took 1549 ms
[NFO] unnamed (510) Tue Dec 11 16:22:35 2018 AEDT llarp/pathset.cpp:235	Path build took 1549ms for tx=b6c4b0a8c4378ffa9a07bc182ae35880 rx=9069d27fb02b172c1eed5b22bd82af98

Jonathan

sonofotis@sonofotis:~$ nslookup giyhbaxa4s776hpmdp7iwu56gjtps8xompbokdt5qz5ry1du9pdo.loki
;; Got recursion not available from 127.3.2.1, trying next server
Server:        127.0.0.53
Address:    127.0.0.53#53

** server can't find giyhbaxa4s776hpmdp7iwu56gjtps8xompbokdt5qz5ry1du9pdo.loki: NXDOMAIN

Just creating this issue, so we can continue to track additional reports.

How can we easily test the built binaries to make sure they run a default config file without problems?

Integration tests?

most of the dns code currently doesn't use llarp_buffer_t functions

just putting this here so i don't forget.

Some non-overridable flags are set in CMakeLists.txt:

https://github.com/loki-project/loki-network/blob/3bf934782057ed2038b038d2fc114af2d88780b2/CMakeLists.txt#L115-L127

Is this really necessary? I might want to build with -march=native on a system without AVX2. For example on my system there are quite a few differences: https://pst.moe/paste/njcmem

Would be cool to have an apt repo people could shove into their sources.list to get the latest releases

[ERR] unnamed (870) Tue Dec 4 15:22:11 2018 AEDT llarp/link/utp.cpp:421 UTP_ETIMEDOUT via 206.81.100.174:1091
should be an warning

[NFO] unnamed (870) Tue Dec 4 15:30:59 2018 AEDT llarp/handlers/tun.cpp:583 Failed to parse ipv4 packet buffer of size 48 .....:..........b3t..k...................i.....
If those dots are non-printable characters, we should output them in hex.

See #17

A related issue here is using Mandatory Access Control to protect these and other sensitive files.

macOS and Linux have strong support for this, and offer far more than what file permissions could provide. The situation is more dubious with BSDs as e.g. TrustedBSD is a thing, but there isn't much in the way of actual use of it; it'd be something users enable specifically for Loki.

If MAC support is of interest, I'm quite comfortable writing and testing policies.

@KeeJef thoughts?

Will edit issue later to expand upon solutions

Normal user does not have enough privileges to run Lokinet

[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/context.cpp:130 lokinet-0.3.1-3d0f28bb (dev build)
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/context.cpp:131 starting up
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/context.cpp:95 nodedb_dir loaded 10 RCs from [/home/dev/.lokinet/netdb]
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:1304 add upstream resolver 128.52.130.209
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:1304 add upstream resolver 85.208.208.141
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:1304 add upstream resolver 103.236.162.119
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:1309 set local dns to 127.3.2.1:53
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router_contact.cpp:232 Failed to open i2procks.signed
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:1324 malformed rc file: i2procks.signed
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:998 outbound link ready
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:771 Bound RPC server to 127.0.0.1:1190
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:786 You have 0 inbound links
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:838 Your Encryption pubkey 26a15bef27de37f4cac50f5bfd434fb7d62f15ace09bfd28b152ae52b492fd04
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:841 Your Identity pubkey 3a93cea823d25519c86839dee1f276e733e5187a6922b567c089fa757ffab74c
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:852 Signing rc...
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:864 have 10 routers
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:910 setting up default network endpoint
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:124 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki setting ifname to lokitun0
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:157 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki set ifaddr to 192.168.10.1 with netmask 24
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:80 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki local dns set to 127.3.2.1:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:93 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 103.236.162.119:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:93 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 85.208.208.141:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:93 default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 128.52.130.209:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/service/context.cpp:286 added hidden service endpoint default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:918 starting hidden service context...
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:219 Setting up global DNS IP tracker
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:328 Set Up networking for default:pyepzmi4s61987gwkg7iyw4gfg6brccwzugdqby1wa89e9dnfn7o.loki
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT vendor/libtuntap-master/tuntap-unix-linux.c:117 Can't set interface name
[WRN] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/ev.cpp:257 failed to start interface
[WRN] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT vendor/libtuntap-master/tuntap-unix-linux.c:151 Can't destroy the interface
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:263 default:pyepzmi4s61987gwkg7iyw4gfg6brccwzugdqby1wa89e9dnfn7o.loki failed to set up tun interface
[WRN] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:340 Only utilizing first hidden service for .loki look ups
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:349 TunDNS set up 127.3.2.1:53 to 128.52.130.209:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/dnsc.cpp:810 DNSc adding relay 128.52.130.209:53
[NFO] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/dnsd.cpp:602 DNSd binding to 127.3.2.1:53
bind(): Permission denied
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/handlers/tun.cpp:353 Couldnt init dns daemon
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/service/context.cpp:200 default failed to start
[ERR] unnamed (559) Tue Dec 4 13:04:48 2018 AEDT llarp/router.cpp:921 Failed to start hidden service context

Run under root or with sudo Lokinet runs fine, will need to work on privileges to fix this

Missing keys should be FATAL

Extra keys (possible old format that's now deprecated) should be a WARN

this cannot be done via jsonrpc because not everyone will have that enabled on thier setup, i.e. clients.

Seems like the Exit command is being ignored in the lokinet console

This was on Ubuntu 18.04 latest head 387d052

Kee says should be something like

Usage: ./lokid [options|settings] [daemon_command...]

Options:
  --help                                Produce help message
  --version                             Output version information
  --os-version                          OS for which this executable was 
                                        compiled

currently working on a .NET-based UI for windows lokinet

• .net CLR v2 or v4.x
• some recent version of C# (probably v6+ so long as csc doesn't yell at me when emitting the CLR v2 IL)
• may make it resemble the qt5 ui once someone mocks something up for that
• side benefit: it is projected to be a single-file binary, might break up certain common functionality in class libs if warranted
• can also be installed (and built, even!) on linux, mac, or unix if so desired (requires mono or .NET core v3+)

current plans for the ui make it look similar to the openvpn UI due to the preponderance of log data on file descriptor 1

-rick

a clean room implementation of the protocol in golang to correct for correctness

The GNU Makefile's install target has a dependency on install-setcap, which fails when unable to successfully set linux-specific capabilities on the file

From PR #70:

Building fails with clang with CMAKE_CXX_STANDARD 11: lokinet/test/test_llarp_queue_manager.cpp:142:56: error: static_assert with no message is a C++17 extension [-Werror,-Wc++17-extensions]

Tickle the nonce until you get the prefix you've always want

NOTE: This is being worked on by me already as part of my iOS work.

At present, root access is required to run lokinet on Darwin platforms including macOS. There are unprivileged APIs which can be used to avoid this, which further provide deep platform integration and other benefits.

See NetworkExtension API docs for reference.

There are other ways to do this without requiring root, but IMO NE API is by far the best choice. It's also required for iOS support (see #62), so I'll be implementing it regardless.

Not sure whether plain Darwin (i.e. not macOS) includes the NetworkExtension APIs at present, will have to check. Is this a platform we plan to support?

I have not the foggiest idea what you are attempting to do with this project, but I happened to see commit 3dbe3f8 go by which fiddled with codel's parameters hugely. My assumption (having issues with parsing your C++ code generally) is that the typical RTT in your overlay network is in the 200ms? range?, in which case your codel target should be in the 10ms range, and interval 200ms.

Also, if at all possible at these crypto layers, fq_codel tends to work a lot better than pure codel. Interleaving different flows over an RTT really helps.

Hey guys,

Building on fresh ubuntu 18.04 install using standard packages and make -j 8

[ 16%] Building C object CMakeFiles/lokinet-cryptography.dir/crypto/libntrup/src/avx/mult.c.o
In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/immintrin.h:85:0,
                 from /home/newdev/loki-network/crypto/libntrup/src/avx/mult.c:3:
/home/newdev/loki-network/crypto/libntrup/src/avx/mult.c: In function ‘fastadd’:
/usr/lib/gcc/x86_64-linux-gnu/7/include/fmaintrin.h:63:1: error: inlining failed in call to always_inline ‘_mm256_fmadd_ps’: target specific option mismatch
 _mm256_fmadd_ps (__m256 __A, __m256 __B, __m256 __C)
 ^~~~~~~~~~~~~~~
/home/newdev/loki-network/crypto/libntrup/src/avx/mult.c:128:10: note: called from here
   return _mm256_fmadd_ps(y, v1_float, x);
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/immintrin.h:85:0,
                 from /home/newdev/loki-network/crypto/libntrup/src/avx/mult.c:3:
/usr/lib/gcc/x86_64-linux-gnu/7/include/fmaintrin.h:63:1: error: inlining failed in call to always_inline ‘_mm256_fmadd_ps’: target specific option mismatch
 _mm256_fmadd_ps (__m256 __A, __m256 __B, __m256 __C)
 ^~~~~~~~~~~~~~~
/home/newdev/loki-network/crypto/libntrup/src/avx/mult.c:128:10: note: called from here
   return _mm256_fmadd_ps(y, v1_float, x);
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/newdev/loki-network/crypto/libntrup/src/avx/mult.c: At top level:
cc1: error: unrecognized command line option ‘-Wno-unknown-warning-option’ [-Werror]
cc1: all warnings being treated as errors
CMakeFiles/lokinet-cryptography.dir/build.make:1390: recipe for target 'CMakeFiles/lokinet-cryptography.dir/crypto/libntrup/src/avx/mult.c.o' failed
make[3]: *** [CMakeFiles/lokinet-cryptography.dir/crypto/libntrup/src/avx/mult.c.o] Error 1
make[3]: Leaving directory '/home/newdev/loki-network/build'
CMakeFiles/Makefile2:259: recipe for target 'CMakeFiles/lokinet-cryptography.dir/all' failed
make[2]: *** [CMakeFiles/lokinet-cryptography.dir/all] Error 2
make[2]: Leaving directory '/home/newdev/loki-network/build'
Makefile:129: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory '/home/newdev/loki-network/build'
Makefile:95: recipe for target 'debug' failed
make: *** [debug] Error 2

we need to filter bogon addresses from being advertised
i.e.

• 0.0.0.0/8
• 127.0.0.1/8
• 10.0.0.0/8
• 192.168.0.0/16
• 21.0.0.0/8

probably more

So I was thinking about our discussion about using a VM and fingerprinting last week and just realized if we do all use the same VM, then it's VERY easy for ISPs to filter traffic from our fingerprint out. Maybe having different OS fingerprints is best (at least for the routers/relays).

Please discuss in this ticket.

Install the lokinet command line tools and maybe the qt app when we have it

Build an objective-c glue for connecting libllarp to iOS' VPN API

Currently we only support IPv4 inside tunnels.
IPv4 should stay.
IPv6 to IPv6 communication could be added without too much trouble.
But IPv6 to IPv4 (and back) translation could be very tricky.
How we could approach this? How would DNS resolving relate to this?
Or we should not add IPv6 support at all?
IPv6 would work better for mapping large amount of peers.

Adding this largely to track verbal discussions. I'll make a point of editing this later to include more specific details.

Consider the use case of energy sensitive mobile devices with a lot of background network activity, where radio and processor wakes are a big deal.

Consider both use cases where lokinet is used for system-wide anonymity, with associated challenges in making it efficient enough for real-world use, and where it is used per-app, in which case it is important to not make the impact of lokinet disproportionate with e.g. background network traffic independent of the actual tunnelled application.

Builds still failing with fastadd errors if make is not passed

CFLAGS='-march=haswell -mfma' CXXFLAGS='-march=haswell -mfma'

We should include some kind of fix for this since AMD architecture is very common and we don't want people to have to go searching for the flags just to build Lokinet

In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/immintrin.h:85:0, from /home/dev/loki-network/crypto/libntrup/src/avx/mult.c:3: /home/dev/loki-network/crypto/libntrup/src/avx/mult.c: In function ‘fastadd’: /usr/lib/gcc/x86_64-linux-gnu/7/include/fmaintrin.h:63:1: error: inlining failed in call to always_inline ‘_mm256_fmadd_ps’: target specific option mismatch _mm256_fmadd_ps (__m256 __A, __m256 __B, __m256 __C) ^~~~~~~~~~~~~~~ /home/dev/loki-network/crypto/libntrup/src/avx/mult.c:128:10: note: called from here return _mm256_fmadd_ps(y, v1_float, x); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from /usr/lib/gcc/x86_64-linux-gnu/7/include/immintrin.h:85:0, from /home/dev/loki-network/crypto/libntrup/src/avx/mult.c:3: /usr/lib/gcc/x86_64-linux-gnu/7/include/fmaintrin.h:63:1: error: inlining failed in call to always_inline ‘_mm256_fmadd_ps’: target specific option mismatch _mm256_fmadd_ps (__m256 __A, __m256 __B, __m256 __C) ^~~~~~~~~~~~~~~ /home/dev/loki-network/crypto/libntrup/src/avx/mult.c:128:10: note: called from here return _mm256_fmadd_ps(y, v1_float, x); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This issue is a replication of #92

we should upgrade ev* to use llarp_buffer_t too

possible criteria for path building algorithm improvements:

• use unique /16s for each hop in the path

• provide api callback (jsonrpc?) endpoint for user defined behavior (?)

After building with 33a4ac8 on OSX 10.13, I get the following while running lokinet as a client (I did run sudo ./lokinet -g and sudo ./lokinet-bootstrap before) :

Sachas-MacBook-Pro:loki-network sachav$ sudo ./lokinet
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/context.cpp:130 lokinet-0.3.1-33a4ac8b (dev build)
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/context.cpp:131 starting up
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/context.cpp:95  nodedb_dir loaded 0 RCs from [/Users/sachav/.lokinet/netdb]
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:1304 add upstream resolver 1.1.1.1
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:1304 add upstream resolver 85.208.208.141
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:1304 add upstream resolver 103.236.162.119
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:1309 set local dns to 127.0.0.1:53
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:1238 setting profiles to /Users/sachav/.lokinet/profiles.dat
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:998  outbound link ready
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:786  You have 0 inbound links
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:838  Your Encryption pubkey d0553b0b5caaf494ee30d51a91dcd81b35e5d30f83987a6271148bd73ca73854
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:841  Your Identity pubkey 8f27ca5f102b5f34987455c65f7bfc0a280f616ee3e1bf22ed923f5d89898dec
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:852  Signing rc...
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:864  have 0 routers
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:910  setting up default network endpoint
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:157    default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki set ifaddr to 10.200.0.1 with netmask 24
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:80     default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki local dns set to 127.0.0.1:53
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:93     default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 1.1.1.1:53
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:93     default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 85.208.208.141:53
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:93     default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki upstream dns set to 103.236.162.119:53
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/handlers/tun.cpp:124    default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki setting ifname tolokitun0
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/service/context.cpp:286 added hidden service endpoint default:k89rfz5to3ige3f9yymy7inm63pitehmf4sumqgnfdcew9ihtomy.loki
[NFO] unnamed (572) Thu Dec  6 17:29:54 2018 AEDT llarp/router.cpp:918  starting hidden service context...
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:219    Setting up global DNS IP tracker
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:328    Set Up networking for default:38387ft8gufg99thgt5hnxumoaamg4e6ygmny5angbbcb56kon8y.loki
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT vendor/libtuntap-master/tuntap-unix.c:368     Your system does not support tuntap_set_debug()
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/ev.cpp:288      set utun1 to use address 10.200.0.1
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT vendor/libtuntap-master/tuntap-unix-darwin.c:145      ifconfig utun1 10.200.0.1 10.200.0.1 mtu 1380 netmask 255.255.255.0 up
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT vendor/libtuntap-master/tuntap-unix-darwin.c:150      route add -cloning -net 10.200.0.1 -netmask 255.255.255.0 -interface utun1
add net 10.200.0.1: gateway utun1
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:318    default:38387ft8gufg99thgt5hnxumoaamg4e6ygmny5angbbcb56kon8y.loki set lokitun0 to have address 10.200.0.1:0
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:320    default:38387ft8gufg99thgt5hnxumoaamg4e6ygmny5angbbcb56kon8y.loki allocated up to 10.200.0.254
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:199    default:38387ft8gufg99thgt5hnxumoaamg4e6ygmny5angbbcb56kon8y.loki map 38387ft8gufg99thgt5hnxumoaamg4e6ygmny5angbbcb56kon8y.loki to 10.200.0.1
[WRN] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:340    Only utilizing first hidden service for .loki look ups
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:349    TunDNS set up 127.0.0.1:53 to 103.236.162.119:53
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/dnsc.cpp:810    DNSc adding relay 103.236.162.119:53
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/dnsd.cpp:602    DNSd binding to 127.0.0.1:53
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/handlers/tun.cpp:246    waiting for tun interface...
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/service/context.cpp:203 default started
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/router.cpp:925  starting dht context as a41ea87a3e48a39c746cca928a819606dd3ef947d124e6eabe2c9b266f40ea8a
[NFO] unnamed (572) Thu Dec  6 17:29:55 2018 AEDT llarp/context.cpp:175 running mainloop
[NFO] unnamed (572) Thu Dec  6 17:29:56 2018 AEDT llarp/router.cpp:567  We need at least 4 service nodes to build paths but we have 0
[ERR] unnamed (572) Thu Dec  6 17:29:56 2018 AEDT llarp/router.cpp:578  we have no bootstrap nodes specified
[ERR] unnamed (572) Thu Dec  6 17:29:56 2018 AEDT llarp/pathbuilder.cpp:229     failed to select first hop

ubuntu 18.04 gcc version 7.3.0 32core 96gb ram
git commit 3bf9347

Makefile:149: recipe for target 'test' failed
make: *** [test] Illegal instruction (core dumped)

i'd love to get someone to get the vpn for android working
Jeff already has an JNI lib for it

[ERR] unnamed (728) Mon Dec 10 09:40:36 2018 EST llarp/service.cpp:207 bdecode buffer size missmatch 3200!=2818
[WRN] unnamed (728) Mon Dec 10 09:40:36 2018 EST llarp/BEncode.hpp:66 failed to decode key q for entry in dict
[ERR] unnamed (728) Mon Dec 10 09:40:36 2018 EST llarp/dht.cpp:263 unhandled key 'q'
[ERR] unnamed (728) Mon Dec 10 09:40:36 2018 EST llarp/service/context.cpp:200 derp failed to start
[ERR] unnamed (728) Mon Dec 10 09:40:36 2018 EST llarp/router.cpp:921 Failed to start hidden service context

Let RC be signed with a custom IP Address

This log message
session to ??ݤyY9??XU??

is outputting binary, pls fix (my computer won't stop beeping)