|
|
@@ -6,7 +6,7 @@ use crate::{
|
|
|
positive_report::PositiveReport,
|
|
|
simulation::{
|
|
|
bridge::Bridge,
|
|
|
- censor::{Censor, Hides::*, Speed::*, Totality::*},
|
|
|
+ censor::{Censor, Hides::*, Totality::*},
|
|
|
config::Config,
|
|
|
},
|
|
|
BridgeDistributor,
|
|
|
@@ -16,7 +16,8 @@ use lox_library::{
|
|
|
bridge_table::BridgeLine, cred::Lox, proto::check_blockage::MIN_TRUST_LEVEL, scalar_u32,
|
|
|
};
|
|
|
use rand::Rng;
|
|
|
-use std::collections::HashMap;
|
|
|
+use serde_json::error::Error;
|
|
|
+use std::{cmp::min, collections::HashMap};
|
|
|
use x25519_dalek::PublicKey;
|
|
|
|
|
|
// Helper function to probabilistically return true or false
|
|
|
@@ -28,7 +29,7 @@ pub fn event_happens(probability: f64) -> bool {
|
|
|
|
|
|
pub struct User {
|
|
|
// Does this user cooperate with a censor?
|
|
|
- is_censor: bool,
|
|
|
+ pub is_censor: bool,
|
|
|
|
|
|
// The user always has a primary credential. If this credential's bucket is
|
|
|
// blocked, the user may replace it or temporarily hold two credentials
|
|
|
@@ -44,13 +45,13 @@ pub struct User {
|
|
|
}
|
|
|
|
|
|
impl User {
|
|
|
- pub async fn new(config: &Config) -> Self {
|
|
|
+ pub async fn new(config: &Config) -> Result<Self, Error> {
|
|
|
let cred = get_lox_credential(
|
|
|
&config.la_net,
|
|
|
- &get_open_invitation(&config.la_net).await,
|
|
|
+ &get_open_invitation(&config.la_net).await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
.0;
|
|
|
|
|
|
// Probabilistically decide whether this user cooperates with a censor
|
|
|
@@ -68,35 +69,35 @@ impl User {
|
|
|
let mut rng = rand::thread_rng();
|
|
|
let prob_use_bridges = rng.gen_range(0.0..=1.0);
|
|
|
|
|
|
- Self {
|
|
|
+ Ok(Self {
|
|
|
is_censor,
|
|
|
primary_cred: cred,
|
|
|
secondary_cred: None,
|
|
|
submits_reports: submits_reports,
|
|
|
prob_use_bridges: prob_use_bridges,
|
|
|
- }
|
|
|
+ })
|
|
|
}
|
|
|
|
|
|
- pub async fn trusted_user(config: &Config) -> Self {
|
|
|
+ pub async fn trusted_user(config: &Config) -> Result<Self, Error> {
|
|
|
let cred = get_lox_credential(
|
|
|
&config.la_net,
|
|
|
- &get_open_invitation(&config.la_net).await,
|
|
|
+ &get_open_invitation(&config.la_net).await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
.0;
|
|
|
- Self {
|
|
|
+ Ok(Self {
|
|
|
is_censor: false,
|
|
|
primary_cred: cred,
|
|
|
secondary_cred: None,
|
|
|
submits_reports: true,
|
|
|
prob_use_bridges: 1.0,
|
|
|
- }
|
|
|
+ })
|
|
|
}
|
|
|
|
|
|
// TODO: This should probably return an actual error type
|
|
|
- pub async fn invite(&mut self, config: &Config, censor: &mut Censor) -> Result<Self, String> {
|
|
|
- let etable = get_reachability_credential(&config.la_net).await;
|
|
|
+ pub async fn invite(&mut self, config: &Config, censor: &mut Censor) -> Result<Self, Error> {
|
|
|
+ let etable = get_reachability_credential(&config.la_net).await?;
|
|
|
let (new_cred, invite) = issue_invite(
|
|
|
&config.la_net,
|
|
|
&self.primary_cred,
|
|
|
@@ -105,12 +106,12 @@ impl User {
|
|
|
get_reachability_pub(&config.la_pubkeys),
|
|
|
get_invitation_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await;
|
|
|
+ .await?;
|
|
|
self.primary_cred = new_cred;
|
|
|
if self.is_censor {
|
|
|
// Make sure censor has access to each bridge and each
|
|
|
// credential
|
|
|
- let (bucket, _reachcred) = get_bucket(&config.la_net, &self.primary_cred).await;
|
|
|
+ let (bucket, _reachcred) = get_bucket(&config.la_net, &self.primary_cred).await?;
|
|
|
for bl in bucket {
|
|
|
let fingerprint = bl.get_hashed_fingerprint();
|
|
|
censor.learn_bridge(&fingerprint);
|
|
|
@@ -123,7 +124,7 @@ impl User {
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_invitation_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
.0;
|
|
|
|
|
|
// If the inviting user is a censor, the invitee will also be a
|
|
|
@@ -157,26 +158,21 @@ impl User {
|
|
|
|
|
|
// Attempt to "connect" to the bridge, returns true if successful
|
|
|
pub fn connect(&self, config: &Config, bridge: &mut Bridge, censor: &Censor) -> bool {
|
|
|
- if censor.knows_bridge(&bridge.fingerprint) {
|
|
|
- if config.censor_speed == Fast
|
|
|
- || config.censor_speed == Random && censor.delay_date <= get_date()
|
|
|
- || config.censor_speed == Lox && censor.has_lox_cred(&bridge.fingerprint)
|
|
|
+ if censor.blocks_bridge(config, &bridge.fingerprint) {
|
|
|
+ if config.censor_totality == Full
|
|
|
+ || config.censor_totality == Partial
|
|
|
+ && event_happens(censor.partial_blocking_percent)
|
|
|
+ || config.censor_totality == Throttling
|
|
|
{
|
|
|
- if config.censor_totality == Full
|
|
|
- || config.censor_totality == Partial
|
|
|
- && event_happens(censor.partial_blocking_percent)
|
|
|
- || config.censor_totality == Throttling
|
|
|
- {
|
|
|
- // If censor tries to hide its censorship or
|
|
|
- // throttles rather than actually blocking, record a
|
|
|
- // false connection
|
|
|
- if config.censor_hides == Hiding || config.censor_totality == Throttling {
|
|
|
- bridge.connect_total();
|
|
|
- }
|
|
|
-
|
|
|
- // Return false because the connection failed
|
|
|
- return false;
|
|
|
+ // If censor tries to hide its censorship or
|
|
|
+ // throttles rather than actually blocking, record a
|
|
|
+ // false connection
|
|
|
+ if config.censor_hides == Hiding || config.censor_totality == Throttling {
|
|
|
+ bridge.connect_total();
|
|
|
}
|
|
|
+
|
|
|
+ // Return false because the connection failed
|
|
|
+ return false;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -190,6 +186,15 @@ impl User {
|
|
|
true
|
|
|
}
|
|
|
|
|
|
+ pub async fn get_new_credential(config: &Config) -> Result<(Lox, BridgeLine), Error> {
|
|
|
+ get_lox_credential(
|
|
|
+ &config.la_net,
|
|
|
+ &get_open_invitation(&config.la_net).await?,
|
|
|
+ get_lox_pub(&config.la_pubkeys),
|
|
|
+ )
|
|
|
+ .await
|
|
|
+ }
|
|
|
+
|
|
|
pub async fn send_negative_reports(config: &Config, reports: Vec<NegativeReport>) {
|
|
|
let date = get_date();
|
|
|
let pubkey = serde_json::from_slice::<Option<PublicKey>>(
|
|
|
@@ -226,13 +231,15 @@ impl User {
|
|
|
pub async fn daily_tasks(
|
|
|
&mut self,
|
|
|
config: &Config,
|
|
|
+ num_users_requesting_invites: u32,
|
|
|
bridges: &mut HashMap<[u8; 20], Bridge>,
|
|
|
censor: &mut Censor,
|
|
|
- ) -> Vec<User> {
|
|
|
+ ) -> Result<Vec<User>, Error> {
|
|
|
if self.is_censor {
|
|
|
self.daily_tasks_censor(config, bridges, censor).await
|
|
|
} else {
|
|
|
- self.daily_tasks_non_censor(config, bridges, censor).await
|
|
|
+ self.daily_tasks_non_censor(config, num_users_requesting_invites, bridges, censor)
|
|
|
+ .await
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -243,15 +250,16 @@ impl User {
|
|
|
pub async fn daily_tasks_non_censor(
|
|
|
&mut self,
|
|
|
config: &Config,
|
|
|
+ num_users_requesting_invites: u32,
|
|
|
bridges: &mut HashMap<[u8; 20], Bridge>,
|
|
|
censor: &mut Censor,
|
|
|
- ) -> Vec<User> {
|
|
|
+ ) -> Result<Vec<User>, Error> {
|
|
|
// Probabilistically decide if the user should use bridges today
|
|
|
if event_happens(self.prob_use_bridges) {
|
|
|
// Download bucket to see if bridge is still reachable. (We
|
|
|
// assume that this step can be done even if the user can't
|
|
|
// actually talk to the LA.)
|
|
|
- let (bucket, reachcred) = get_bucket(&config.la_net, &self.primary_cred).await;
|
|
|
+ let (bucket, reachcred) = get_bucket(&config.la_net, &self.primary_cred).await?;
|
|
|
let level = scalar_u32(&self.primary_cred.trust_level).unwrap();
|
|
|
|
|
|
// Make sure each bridge in bucket is in the global bridges set
|
|
|
@@ -304,14 +312,13 @@ impl User {
|
|
|
std::mem::replace(&mut self.secondary_cred, None)
|
|
|
} else {
|
|
|
// Get new credential
|
|
|
- let cred = get_lox_credential(
|
|
|
- &config.la_net,
|
|
|
- &get_open_invitation(&config.la_net).await,
|
|
|
- get_lox_pub(&config.la_pubkeys),
|
|
|
- )
|
|
|
- .await
|
|
|
- .0;
|
|
|
- Some(cred)
|
|
|
+ match Self::get_new_credential(&config).await {
|
|
|
+ Ok((cred, _bl)) => Some(cred),
|
|
|
+ Err(e) => {
|
|
|
+ eprintln!("Failed to get new Lox credential. Error: {}", e);
|
|
|
+ None
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
} else {
|
|
|
// If we're able to connect with the primary credential, don't
|
|
|
@@ -321,7 +328,7 @@ impl User {
|
|
|
if second_cred.is_some() {
|
|
|
let second_cred = second_cred.as_ref().unwrap();
|
|
|
let (second_bucket, second_reachcred) =
|
|
|
- get_bucket(&config.la_net, &second_cred).await;
|
|
|
+ get_bucket(&config.la_net, &second_cred).await?;
|
|
|
for bridgeline in second_bucket {
|
|
|
if bridgeline != BridgeLine::default() {
|
|
|
if !bridges.contains_key(&bridgeline.get_hashed_fingerprint()) {
|
|
|
@@ -364,6 +371,15 @@ impl User {
|
|
|
}
|
|
|
if level >= 3 {
|
|
|
for bridgeline in &succeeded {
|
|
|
+ // If we haven't received a positive report yet,
|
|
|
+ // add a record about it with today's date
|
|
|
+ let bridge = bridges
|
|
|
+ .get_mut(&bridgeline.get_hashed_fingerprint())
|
|
|
+ .unwrap();
|
|
|
+ if bridge.first_positive_report == 0 {
|
|
|
+ bridge.first_positive_report = get_date();
|
|
|
+ }
|
|
|
+
|
|
|
positive_reports.push(
|
|
|
PositiveReport::from_lox_credential(
|
|
|
bridgeline.get_hashed_fingerprint(),
|
|
|
@@ -391,11 +407,11 @@ impl User {
|
|
|
&self.primary_cred,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await,
|
|
|
+ .await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_migration_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
} else {
|
|
|
level_up(
|
|
|
&config.la_net,
|
|
|
@@ -404,7 +420,7 @@ impl User {
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_reachability_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
};
|
|
|
self.primary_cred = cred;
|
|
|
self.secondary_cred = None;
|
|
|
@@ -425,11 +441,11 @@ impl User {
|
|
|
&second_cred,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await,
|
|
|
+ .await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_migration_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await;
|
|
|
+ .await?;
|
|
|
self.primary_cred = cred;
|
|
|
self.secondary_cred = None;
|
|
|
} else if can_migrate {
|
|
|
@@ -441,11 +457,11 @@ impl User {
|
|
|
&self.primary_cred,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await,
|
|
|
+ .await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_migration_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await;
|
|
|
+ .await?;
|
|
|
self.primary_cred = cred;
|
|
|
self.secondary_cred = None;
|
|
|
} else if second_cred.is_some() {
|
|
|
@@ -466,7 +482,7 @@ impl User {
|
|
|
// Invite friends if applicable
|
|
|
let invitations = scalar_u32(&self.primary_cred.invites_remaining).unwrap();
|
|
|
let mut new_friends = Vec::<User>::new();
|
|
|
- for _i in 0..invitations {
|
|
|
+ for _i in 0..min(invitations, num_users_requesting_invites) {
|
|
|
if event_happens(config.prob_user_invites_friend) {
|
|
|
match self.invite(&config, censor).await {
|
|
|
Ok(friend) => {
|
|
|
@@ -482,9 +498,9 @@ impl User {
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- new_friends
|
|
|
+ Ok(new_friends)
|
|
|
} else {
|
|
|
- Vec::<User>::new()
|
|
|
+ Ok(Vec::<User>::new())
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -495,10 +511,10 @@ impl User {
|
|
|
config: &Config,
|
|
|
bridges: &mut HashMap<[u8; 20], Bridge>,
|
|
|
censor: &mut Censor,
|
|
|
- ) -> Vec<User> {
|
|
|
+ ) -> Result<Vec<User>, Error> {
|
|
|
// Download bucket to see if bridge is still reachable and if we
|
|
|
// have any new bridges
|
|
|
- let (bucket, reachcred) = get_bucket(&config.la_net, &self.primary_cred).await;
|
|
|
+ let (bucket, reachcred) = get_bucket(&config.la_net, &self.primary_cred).await?;
|
|
|
let level = scalar_u32(&self.primary_cred.trust_level).unwrap();
|
|
|
|
|
|
// Make sure each bridge is in global bridges set and known by
|
|
|
@@ -527,11 +543,11 @@ impl User {
|
|
|
&self.primary_cred,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await,
|
|
|
+ .await?,
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_migration_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
} else {
|
|
|
level_up(
|
|
|
&config.la_net,
|
|
|
@@ -540,10 +556,10 @@ impl User {
|
|
|
get_lox_pub(&config.la_pubkeys),
|
|
|
get_reachability_pub(&config.la_pubkeys),
|
|
|
)
|
|
|
- .await
|
|
|
+ .await?
|
|
|
};
|
|
|
self.primary_cred = new_cred;
|
|
|
- let (bucket, _reachcred) = get_bucket(&config.la_net, &self.primary_cred).await;
|
|
|
+ let (bucket, _reachcred) = get_bucket(&config.la_net, &self.primary_cred).await?;
|
|
|
// Make sure each bridge is in global bridges set and
|
|
|
// known by censor
|
|
|
for bl in bucket {
|
|
|
@@ -561,39 +577,39 @@ impl User {
|
|
|
// will not be reverted, so replace the primary credential
|
|
|
// with a new level 0 credential and work on gaining trust
|
|
|
// for that one.
|
|
|
- let (new_cred, bl) = get_lox_credential(
|
|
|
- &config.la_net,
|
|
|
- &get_open_invitation(&config.la_net).await,
|
|
|
- get_lox_pub(&config.la_pubkeys),
|
|
|
- )
|
|
|
- .await;
|
|
|
- let fingerprint = bl.get_hashed_fingerprint();
|
|
|
- if !bridges.contains_key(&fingerprint) {
|
|
|
- let bridge = Bridge::from_bridge_line(&bl);
|
|
|
- bridges.insert(fingerprint, bridge);
|
|
|
+ let res = Self::get_new_credential(&config).await;
|
|
|
+ if res.is_ok() {
|
|
|
+ let (new_cred, bl) = res.unwrap();
|
|
|
+ let fingerprint = bl.get_hashed_fingerprint();
|
|
|
+ if !bridges.contains_key(&fingerprint) {
|
|
|
+ let bridge = Bridge::from_bridge_line(&bl);
|
|
|
+ bridges.insert(fingerprint, bridge);
|
|
|
+ }
|
|
|
+ censor.learn_bridge(&fingerprint);
|
|
|
+ // Censor doesn't want new_cred yet
|
|
|
+ self.primary_cred = new_cred;
|
|
|
+ } else {
|
|
|
+ eprintln!("Censor failed to get new credential");
|
|
|
}
|
|
|
- censor.learn_bridge(&fingerprint);
|
|
|
- // Censor doesn't want new_cred yet
|
|
|
- self.primary_cred = new_cred;
|
|
|
}
|
|
|
|
|
|
// Separately from primary credential, censor user requests a
|
|
|
// new secondary credential each day just to block the
|
|
|
// open-entry bridges. This is stored but not reused.
|
|
|
- let (_new_cred, bl) = get_lox_credential(
|
|
|
- &config.la_net,
|
|
|
- &get_open_invitation(&config.la_net).await,
|
|
|
- get_lox_pub(&config.la_pubkeys),
|
|
|
- )
|
|
|
- .await;
|
|
|
- let fingerprint = bl.get_hashed_fingerprint();
|
|
|
- if !bridges.contains_key(&fingerprint) {
|
|
|
- let bridge = Bridge::from_bridge_line(&bl);
|
|
|
- bridges.insert(fingerprint, bridge);
|
|
|
+ let res = Self::get_new_credential(&config).await;
|
|
|
+ if res.is_ok() {
|
|
|
+ let (_new_cred, bl) = res.unwrap();
|
|
|
+ let fingerprint = bl.get_hashed_fingerprint();
|
|
|
+ if !bridges.contains_key(&fingerprint) {
|
|
|
+ let bridge = Bridge::from_bridge_line(&bl);
|
|
|
+ bridges.insert(fingerprint, bridge);
|
|
|
+ }
|
|
|
+ censor.learn_bridge(&fingerprint);
|
|
|
+ // Censor doesn't want new_cred. User doesn't actually use
|
|
|
+ // secondary_cred, so don't store it.
|
|
|
+ } else {
|
|
|
+ eprintln!("Censor failed to get new credential");
|
|
|
}
|
|
|
- censor.learn_bridge(&fingerprint);
|
|
|
- // Censor doesn't want new_cred. User doesn't actually use
|
|
|
- // secondary_cred, so don't store it.
|
|
|
|
|
|
// Censor user invites as many censor friends as possible
|
|
|
let invitations = scalar_u32(&self.primary_cred.invites_remaining).unwrap();
|
|
|
@@ -608,6 +624,6 @@ impl User {
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- new_friends
|
|
|
+ Ok(new_friends)
|
|
|
}
|
|
|
}
|
