Two liveness checks when using decoy registration with sharing over A…

…PI (#59) * updated wrapping struct for clientToStations and added a flag to registrations for presccanned * rust compilation issue fixed
refraction-networking · Dec 11, 2020 · 5c33ad0 · 5c33ad0
1 parent 3cd5cbe
commit 5c33ad0
Show file tree

Hide file tree

Showing 8 changed files with 2,465 additions and 2,145 deletions.
diff --git a/application/lib/registration.go b/application/lib/registration.go
@@ -251,7 +251,6 @@ func (reg *DecoyRegistration) GenerateClientToStation() *pb.ClientToStation {
 		V6Support:           &v6,
 		V4Support:           &v4,
 		Transport:           &reg.Transport,
-		Flags:               reg.Flags,
 	}
 
 	for (proto.Size(initProto)+AES_GCM_TAG_SIZE)%3 != 0 {
@@ -261,15 +260,27 @@ func (reg *DecoyRegistration) GenerateClientToStation() *pb.ClientToStation {
 	return initProto
 }
 
-func (reg *DecoyRegistration) GenerateClientToAPI() *pb.ClientToAPI {
+func (reg *DecoyRegistration) GenerateC2SWrapper() *pb.C2SWrapper {
+	boolHolder := true
 	c2s := reg.GenerateClientToStation()
-	protoPayload := &pb.ClientToAPI{
-		Secret:              reg.Keys.SharedSecret,
+	c2s.Flags.Prescanned = &boolHolder
+	source := pb.RegistrationSource_DetectorPrescan
+
+	protoPayload := &pb.C2SWrapper{
+		SharedSecret:        reg.Keys.SharedSecret,
 		RegistrationPayload: c2s,
+		RegistrationSource:  &source,
 	}
 	return protoPayload
 }
 
+func (reg *DecoyRegistration) PreScanned() bool {
+	if reg == nil || reg.Flags == nil {
+		return false
+	}
+	return reg.Flags.GetPrescanned()
+}
+
 // PhantomIsLive - Test whether the phantom is live using
 // 8 syns which returns syn-acks from 99% of sites within 1 second.
 // see  ZMap: Fast Internet-wide Scanning  and Its Security Applications

diff --git a/application/main.go b/application/main.go
@@ -186,7 +186,7 @@ func get_zmq_updates(connectAddr string, regManager *cj.RegistrationManager, con
 				if reg == nil || reg.RegistrationSource == nil {
 					continue
 				}
-				if *reg.RegistrationSource != pb.RegistrationSource_DetectorPrescan {
+				if !reg.PreScanned() {
 					// New registration received over channel that requires liveness scan for the phantom
 					liveness, response := reg.PhantomIsLive()
 					if liveness == true {
@@ -210,11 +210,11 @@ func get_zmq_updates(connectAddr string, regManager *cj.RegistrationManager, con
 }
 
 func tryShareRegistrationOverAPI(reg *cj.DecoyRegistration, apiEndpoint string) {
-	c2a := reg.GenerateClientToAPI()
+	c2a := reg.GenerateC2SWrapper()
 
 	payload, err := proto.Marshal(c2a)
 	if err != nil {
-		logger.Printf("%v failed to marshal ClientToAPI payload: %v", reg.IDString(), err)
+		logger.Printf("%v failed to marshal C2SWrapper payload: %v", reg.IDString(), err)
 		return
 	}
 
@@ -249,7 +249,7 @@ func recieve_zmq_message(sub *zmq.Socket, regManager *cj.RegistrationManager) ([
 		return nil, err
 	}
 
-	parsed := &pb.ZMQPayload{}
+	parsed := &pb.C2SWrapper{}
 	err = proto.Unmarshal(msg, parsed)
 	if err != nil {
 		logger.Printf("Failed to unmarshall ClientToStation: %v", err)

diff --git a/proto/signalling.proto b/proto/signalling.proto
@@ -133,9 +133,9 @@ enum ErrorReasonS2C {
 }
 
 enum TransportType {
-    NullTransport = 0;
-    MinTransport = 1;   // Send a 32-byte HMAC id to let the station distinguish registrations to same host
-    Obfs4Transport = 2; // Not implemented yet?
+    Null = 0;
+    Min = 1;   // Send a 32-byte HMAC id to let the station distinguish registrations to same host
+    Obfs4 = 2; // Not implemented yet?
 }
 
 message StationToClient {
@@ -167,7 +167,8 @@ message RegistrationFlags {
 	optional bool upload_only = 1;
 	optional bool dark_decoy = 2;
 	optional bool proxy_header = 3;
-	optional bool use_TIL = 4;
+    optional bool use_TIL = 4;
+    optional bool prescanned = 5;
 }
 
 message ClientToStation {
@@ -216,19 +217,23 @@ message ClientToStation {
     optional bytes padding = 100;
 }
 
-// Message type used as the request body when registering via the HTTP API.
-// This message is assumed to be sent via TLS, meaning that sending the secret outright is acceptable.
-message ClientToAPI {
-    // The secret that will be used when forming phantom connections.
-    optional bytes secret = 1;
 
-    // The ClientToStation payload; the same as used in decoy registrations.
-    optional ClientToStation registration_payload = 2;
+enum RegistrationSource {
+	Detector = 0;
+	API = 1;
+    DetectorPrescan = 2;
 }
 
-message ZMQPayload {
+message C2SWrapper {
 	optional bytes shared_secret = 1;
 	optional ClientToStation registration_payload = 3;
+    optional RegistrationSource registration_source = 4;
+
+    // client source address when receiving a registration
+    optional bytes registration_address = 6;
+
+    // Decoy address used when registering over Decoy registrar
+    optional bytes decoy_address = 7;
 }
 
 message SessionStats {