Compare commits

...

1 Commits

Author SHA1 Message Date
Simon Wicky 9f60564ab9 tentative vpn sessions 2025-03-11 14:39:20 +01:00
5 changed files with 40 additions and 2 deletions
Generated
+1
View File
@@ -4937,6 +4937,7 @@ dependencies = [
"nym-gateway-storage",
"nym-id",
"nym-network-defaults",
"nym-node-metrics",
"nym-sdk",
"nym-service-provider-requests-common",
"nym-service-providers-common",
+1
View File
@@ -434,6 +434,7 @@ impl GatewayTasksBuilder {
used_private_network_ips,
)
.with_ecash_verifier(ecash_manager)
.with_metrics_event_sender(self.metrics_sender.clone())
.with_custom_gateway_transceiver(transceiver)
.with_shutdown(self.shutdown.fork("authenticator_sp"))
.with_wait_for_gateway(true)
@@ -42,6 +42,7 @@ nym-gateway-requests = { path = "../../common/gateway-requests" }
nym-gateway-storage = { path = "../../common/gateway-storage" }
nym-id = { path = "../../common/nym-id" }
nym-network-defaults = { path = "../../common/network-defaults" }
nym-node-metrics = { path = "../../nym-node/nym-node-metrics" } #TODO SW this is fugly
nym-sdk = { path = "../../sdk/rust/nym-sdk" }
nym-service-providers-common = { path = "../common" }
nym-service-provider-requests-common = { path = "../../common/service-provider-requests-common" }
@@ -7,6 +7,7 @@ use futures::channel::oneshot;
use ipnetwork::IpNetwork;
use nym_client_core::{HardcodedTopologyProvider, TopologyProvider};
use nym_credential_verification::ecash::EcashManager;
use nym_node_metrics::events::MetricEventsSender;
use nym_sdk::{mixnet::Recipient, GatewayTransceiver};
use nym_task::{TaskClient, TaskHandle};
use nym_wireguard::WireguardGatewayData;
@@ -32,6 +33,7 @@ pub struct Authenticator {
custom_gateway_transceiver: Option<Box<dyn GatewayTransceiver + Send + Sync>>,
wireguard_gateway_data: WireguardGatewayData,
ecash_verifier: Option<Arc<EcashManager>>,
metrics_sender: Option<MetricEventsSender>,
used_private_network_ips: Vec<IpAddr>,
shutdown: Option<TaskClient>,
on_start: Option<oneshot::Sender<OnStartData>>,
@@ -49,6 +51,7 @@ impl Authenticator {
custom_topology_provider: None,
custom_gateway_transceiver: None,
ecash_verifier: None,
metrics_sender: None,
wireguard_gateway_data,
used_private_network_ips,
shutdown: None,
@@ -63,6 +66,13 @@ impl Authenticator {
self
}
#[must_use]
#[allow(unused)]
pub fn with_metrics_event_sender(mut self, metrics_sender: MetricEventsSender) -> Self {
self.metrics_sender = Some(metrics_sender);
self
}
#[must_use]
#[allow(unused)]
pub fn with_shutdown(mut self, shutdown: TaskClient) -> Self {
@@ -163,6 +173,7 @@ impl Authenticator {
mixnet_client,
task_handle,
self.ecash_verifier,
self.metrics_sender,
);
log::info!("The address of this client is: {self_address}");
@@ -27,9 +27,10 @@ use nym_credential_verification::{
bandwidth_storage_manager::BandwidthStorageManager, ecash::EcashManager,
BandwidthFlushingBehaviourConfig, ClientBandwidth, CredentialVerifier,
};
use nym_credentials_interface::CredentialSpendingData;
use nym_credentials_interface::{CredentialSpendingData, TicketType};
use nym_crypto::asymmetric::x25519::KeyPair;
use nym_gateway_requests::models::CredentialSpendingRequest;
use nym_node_metrics::events::{GatewaySessionEvent, MetricEventsSender};
use nym_sdk::mixnet::{
AnonymousSenderTag, InputMessage, MixnetMessageSender, Recipient, TransmissionLane,
};
@@ -76,6 +77,8 @@ pub(crate) struct MixnetListener {
pub(crate) ecash_verifier: Option<Arc<EcashManager>>,
pub(crate) metrics_events_sender: Option<MetricEventsSender>,
pub(crate) timeout_check_interval: IntervalStream,
}
@@ -87,6 +90,7 @@ impl MixnetListener {
mixnet_client: nym_sdk::mixnet::MixnetClient,
task_handle: TaskHandle,
ecash_verifier: Option<Arc<EcashManager>>,
metrics_event_sender: Option<MetricEventsSender>,
) -> Self {
let timeout_check_interval =
IntervalStream::new(tokio::time::interval(DEFAULT_REGISTRATION_TIMEOUT_CHECK));
@@ -97,6 +101,7 @@ impl MixnetListener {
registred_and_free: RwLock::new(RegistredAndFree::new(free_private_network_ips)),
peer_manager: PeerManager::new(wireguard_gateway_data),
ecash_verifier,
metrics_events_sender: metrics_event_sender,
timeout_check_interval,
}
}
@@ -510,7 +515,8 @@ impl MixnetListener {
"peer with ticket shouldn't have been used before without a ticket".to_string(),
))?;
if let Err(e) =
Self::credential_verification(ecash_verifier.clone(), credential, client_id).await
Self::credential_verification(ecash_verifier.clone(), credential.clone(), client_id)
.await
{
ecash_verifier
.storage()
@@ -518,6 +524,7 @@ impl MixnetListener {
.await?;
return Err(e);
}
self.send_ecash_metrics_event(credential);
let public_key = peer.public_key.to_string();
if let Err(e) = self.peer_manager.add_peer(peer, Some(client_id)).await {
ecash_verifier
@@ -624,6 +631,22 @@ impl MixnetListener {
Ok(verifier.verify().await?)
}
fn send_ecash_metrics_event(&self, credential: CredentialSpendingData) {
if let Some(metrics_events_sender) = &self.metrics_events_sender {
if let Ok(ticket_type) = TicketType::try_from_encoded(credential.payment.t_type) {
metrics_events_sender.report_unchecked(GatewaySessionEvent::new_ecash_ticket(
self.mixnet_client
.nym_address()
.as_sphinx_destination()
.address,
ticket_type,
));
} else {
log::error!("Somehow trying to send a ticket event with an unknown ticket type");
}
}
}
async fn on_query_bandwidth_request(
&mut self,
msg: Box<dyn QueryBandwidthMessage + Send + Sync + 'static>,
@@ -741,6 +764,7 @@ impl MixnetListener {
),
);
let available_bandwidth = verifier.verify().await?;
self.send_ecash_metrics_event(msg.credential());
let bytes = match AuthenticatorVersion::from(protocol) {
AuthenticatorVersion::V5 => v5::response::AuthenticatorResponse::new_topup_bandwidth(