X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=src%2Fyggdrasil%2Fyggdrasil.go;h=010e4159ba2f2609540e0cc7c2c31fcd5fa0d088;hb=cb21152163bdf2bb1bfb5881bf6962ed584d83e9;hp=6fec636cd727a77db39d85ef1c561c7c819792ef;hpb=63e74b14bd682547ed9801827c905a31526b2db5;p=nncp.git

diff --git a/src/yggdrasil/yggdrasil.go b/src/yggdrasil/yggdrasil.go
index 6fec636..010e415 100644
--- a/src/yggdrasil/yggdrasil.go
+++ b/src/yggdrasil/yggdrasil.go
@@ -3,7 +3,7 @@
 
 /*
 NNCP -- Node to Node copy, utilities for store-and-forward data exchange
-Copyright (C) 2016-2022 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2016-2023 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -42,14 +42,6 @@ import (
 
 const DefaultPort = 5400
 
-// Copy-pasted from yggdrasil-go/src/ipv6rwc/ipv6rwc.go,
-// because they are non-exportable.
-const (
-	typeKeyDummy = iota
-	typeKeyLookup
-	typeKeyResponse
-)
-
 var (
 	glog *gologme.Logger
 
@@ -87,10 +79,6 @@ func ycoreStart(cfg *ycfg.NodeConfig, port int, mcasts []string) (*ycore.Core, e
 		)
 	}
 
-	sk, err := hex.DecodeString(cfg.PrivateKey)
-	if err != nil {
-		panic(err)
-	}
 	options := []ycore.SetupOption{
 		ycore.NodeInfo(cfg.NodeInfo),
 		ycore.NodeInfoPrivacy(cfg.NodeInfoPrivacy),
@@ -114,7 +102,11 @@ func ycoreStart(cfg *ycfg.NodeConfig, port int, mcasts []string) (*ycore.Core, e
 		options = append(options, ycore.AllowedPublicKey(k[:]))
 	}
 
-	core, err := ycore.New(sk[:], glog, options...)
+	err = cfg.GenerateSelfSignedCertificate()
+	if err != nil {
+		return nil, err
+	}
+	core, err := ycore.New(cfg.Certificate, glog, options...)
 	if err != nil {
 		return nil, err
 	}
@@ -215,7 +207,7 @@ func NewConn(aliases map[string]string, in string) (net.Conn, error) {
 		return e.DialTCP(&net.TCPAddr{IP: ipTheir, Port: port})
 	}
 	cfg := ycfg.NodeConfig{
-		PrivateKey:      prvHex,
+		PrivateKey:      prvRaw,
 		Peers:           peers,
 		NodeInfo:        map[string]interface{}{"name": "NNCP"},
 		NodeInfoPrivacy: true,
@@ -233,27 +225,6 @@ func NewConn(aliases map[string]string, in string) (net.Conn, error) {
 	return e.DialTCP(&net.TCPAddr{IP: ipTheir, Port: port})
 }
 
-type OOBState struct {
-	c      *ycore.Core
-	subnet yaddr.Subnet
-}
-
-func (state *OOBState) Handler(fromKey, toKey ed25519.PublicKey, data []byte) {
-	if len(data) != 1+ed25519.SignatureSize {
-		return
-	}
-	if data[0] == typeKeyLookup {
-		snet := *yaddr.SubnetForKey(toKey)
-		sig := data[1:]
-		if snet == state.subnet && ed25519.Verify(fromKey, toKey[:], sig) {
-			state.c.SendOutOfBand(fromKey, append(
-				[]byte{typeKeyResponse},
-				ed25519.Sign(state.c.PrivateKey(), fromKey[:])...,
-			))
-		}
-	}
-}
-
 func NewListener(aliases map[string]string, in string) (net.Listener, error) {
 	// yggdrasils://PRV[:PORT]?[bind=BIND][&pub=PUB][&peer=PEER][&mcast=REGEX[:PORT]]
 	u, err := url.Parse(in)
@@ -326,7 +297,7 @@ func NewListener(aliases map[string]string, in string) (net.Listener, error) {
 		return e.ListenTCP(&net.TCPAddr{IP: ipOur, Port: port})
 	}
 	cfg := ycfg.NodeConfig{
-		PrivateKey:        prvHex,
+		PrivateKey:        ycfg.KeyBytes(prvRaw),
 		Listen:            binds,
 		AllowedPublicKeys: pubs,
 		Peers:             peers,
@@ -337,11 +308,6 @@ func NewListener(aliases map[string]string, in string) (net.Listener, error) {
 	if err != nil {
 		return nil, err
 	}
-	oobState := OOBState{core, *yaddr.SubnetForKey(core.PublicKey())}
-	if err := core.SetOutOfBandHandler(oobState.Handler); err != nil {
-		core.Stop()
-		return nil, err
-	}
 	e, err = NewTCPIPEndpoint(core, ipOur, uint32(core.MTU()))
 	if err != nil {
 		core.Stop()