/// <summary>Creates an ApplicationNode and prepares it for connection to
/// the overlay. For historical reasons it is linked to _node, _dht,
/// _rpc_dht, and _bso.</summary>
public virtual ApplicationNode CreateNode(NodeConfig node_config)
{
// Get a Node ID for the new Node
AHAddress address = null;
try {
address = (AHAddress)AddressParser.Parse(node_config.NodeAddress);
} catch {
address = Utils.GenerateAHAddress();
}
// Create the Node state
StructuredNode node = new StructuredNode(address, node_config.BrunetNamespace);
IEnumerable addresses = IPAddresses.GetIPAddresses(node_config.DevicesToBind);
ProtocolSecurityOverlord pso = null;
// Enable Security if requested
if (node_config.Security.Enabled)
{
if (node_config.Security.SelfSignedCertificates)
{
SecurityPolicy.SetDefaultSecurityPolicy(SecurityPolicy.DefaultEncryptor,
SecurityPolicy.DefaultAuthenticator, true);
}
byte[] blob = null;
using (FileStream fs = File.Open(node_config.Security.KeyPath, FileMode.Open)) {
blob = new byte[fs.Length];
fs.Read(blob, 0, blob.Length);
}
RSACryptoServiceProvider rsa_private = new RSACryptoServiceProvider();
rsa_private.ImportCspBlob(blob);
CertificateHandler ch = new CertificateHandler(node_config.Security.CertificatePath);
pso = new ProtocolSecurityOverlord(node, rsa_private, node.Rrm, ch);
pso.Subscribe(node, null);
node.GetTypeSource(SecurityOverlord.Security).Subscribe(pso, null);
node.HeartBeatEvent += pso.Heartbeat;
// A hack to enable a test for security that doesn't require each peer
// to exchange certificates
if (node_config.Security.TestEnable)
{
blob = rsa_private.ExportCspBlob(false);
RSACryptoServiceProvider rsa_pub = new RSACryptoServiceProvider();
rsa_pub.ImportCspBlob(blob);
CertificateMaker cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
"brunet:node:abcdefghijklmnopqrs");
Certificate cacert = cm.Sign(cm, rsa_private);
cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_pub,
address.ToString());
Certificate cert = cm.Sign(cacert, rsa_private);
ch.AddCACertificate(cacert.X509);
ch.AddSignedCertificate(cert.X509);
}
}
// Add Dht
new TableServer(node);
IDht dht = new Dht(node, 3, 20);
RpcDhtProxy dht_proxy = new RpcDhtProxy(dht, node);
// Setup Vivaldi if requested
ITunnelOverlap ito = null;
NCService ncservice = null;
if (node_config.NCService.Enabled)
{
ncservice = new NCService(node, node_config.NCService.Checkpoint);
if (node_config.NCService.OptimizeShortcuts)
{
node.Ssco.TargetSelector = new VivaldiTargetSelector(node, ncservice);
}
ito = new NCTunnelOverlap(ncservice);
}
else
{
ito = new SimpleTunnelOverlap();
}
// Create the ApplicationNode
ApplicationNode app_node = new ApplicationNode(node, dht, dht_proxy, ncservice, pso);
// Add Edge listeners
EdgeListener el = null;
foreach (NodeConfig.EdgeListener item in node_config.EdgeListeners)
{
el = CreateEdgeListener(item, app_node, addresses);
if (node_config.Security.SecureEdgesEnabled)
{
el = new SecureEdgeListener(el, pso);
}
node.AddEdgeListener(el);
}
// Create the tunnel and potentially wrap it in a SecureEL
el = new Tunnel.TunnelEdgeListener(node, ito);
if (node_config.Security.SecureEdgesEnabled)
{
node.EdgeVerifyMethod = EdgeVerify.AddressInSubjectAltName;
el = new SecureEdgeListener(el, pso);
}
node.AddEdgeListener(el);
ArrayList RemoteTAs = null;
if (node_config.RemoteTAs != null)
{
RemoteTAs = new ArrayList();
foreach (String ta in node_config.RemoteTAs)
{
RemoteTAs.Add(TransportAddressFactory.CreateInstance(ta));
}
node.RemoteTAs = RemoteTAs;
}
// Add XmlRpc
if (node_config.XmlRpcManager.Enabled)
{
if (_xrm == null)
{
_xrm = new XmlRpcManagerServer(node_config.XmlRpcManager.Port);
}
_xrm.Add(node, GetXmlRpcUri(app_node));
new RpcDht(dht, node);
}
return(app_node);
}
protected virtual StructuredNode PrepareNode(int id, AHAddress address)
{
if (TakenIDs.Contains(id))
{
throw new Exception("ID already taken");
}
StructuredNode node = new StructuredNode(address, BrunetNamespace);
NodeMapping nm = new NodeMapping();
TakenIDs[id] = nm.ID = id;
nm.Node = node;
Nodes.Add((Address)address, nm);
EdgeListener el = CreateEdgeListener(nm.ID);
if (_secure_edges || _secure_senders)
{
byte[] blob = _se_key.ExportCspBlob(true);
RSACryptoServiceProvider rsa_copy = new RSACryptoServiceProvider();
rsa_copy.ImportCspBlob(blob);
CertificateMaker cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_copy,
address.ToString());
Certificate cert = cm.Sign(_ca_cert, _se_key);
CertificateHandler ch = new CertificateHandler();
ch.AddCACertificate(_ca_cert.X509);
ch.AddSignedCertificate(cert.X509);
ProtocolSecurityOverlord so = new ProtocolSecurityOverlord(node, rsa_copy, node.Rrm, ch);
so.Subscribe(node, null);
node.GetTypeSource(SecurityOverlord.Security).Subscribe(so, null);
nm.BSO = so;
node.HeartBeatEvent += so.Heartbeat;
}
if (_secure_edges)
{
node.EdgeVerifyMethod = EdgeVerify.AddressInSubjectAltName;
el = new SecureEdgeListener(el, nm.BSO);
}
node.AddEdgeListener(el);
node.RemoteTAs = GetRemoteTAs();
ITunnelOverlap ito = null;
if (NCEnable)
{
nm.NCService = new NCService(node, new Point());
// My evaluations show that when this is enabled the system sucks
// (node as StructuredNode).Sco.TargetSelector = new VivaldiTargetSelector(node, ncservice);
ito = new NCTunnelOverlap(nm.NCService);
}
else
{
ito = new SimpleTunnelOverlap();
}
if (_broken != 0)
{
el = new Tunnel.TunnelEdgeListener(node, ito);
node.AddEdgeListener(el);
}
// Enables Dht data store
new TableServer(node);
return(node);
}
protected virtual StructuredNode PrepareNode(int id, AHAddress address)
{
if(TakenIDs.Contains(id)) {
throw new Exception("ID already taken");
}
StructuredNode node = new StructuredNode(address, BrunetNamespace);
NodeMapping nm = new NodeMapping();
TakenIDs[id] = nm.ID = id;
nm.Node = node;
Nodes.Add((Address) address, nm);
EdgeListener el = CreateEdgeListener(nm.ID);
if(SecureEdges || SecureSenders) {
byte[] blob = SEKey.ExportCspBlob(true);
RSACryptoServiceProvider rsa_copy = new RSACryptoServiceProvider();
rsa_copy.ImportCspBlob(blob);
CertificateMaker cm = new CertificateMaker("United States", "UFL",
"ACIS", "David Wolinsky", "*****@*****.**", rsa_copy,
address.ToString());
Certificate cert = cm.Sign(CACert, SEKey);
CertificateHandler ch = new CertificateHandler();
ch.AddCACertificate(CACert.X509);
ch.AddSignedCertificate(cert.X509);
ProtocolSecurityOverlord so = new ProtocolSecurityOverlord(node, rsa_copy, node.Rrm, ch);
so.Subscribe(node, null);
node.GetTypeSource(SecurityOverlord.Security).Subscribe(so, null);
nm.BSO = so;
node.HeartBeatEvent += so.Heartbeat;
}
if(SecureEdges) {
node.EdgeVerifyMethod = EdgeVerify.AddressInSubjectAltName;
el = new SecureEdgeListener(el, nm.BSO);
}
node.AddEdgeListener(el);
node.RemoteTAs = GetRemoteTAs();
ITunnelOverlap ito = null;
if(NCEnable) {
nm.NCService = new NCService(node, new Point());
// My evaluations show that when this is enabled the system sucks
// (node as StructuredNode).Sco.TargetSelector = new VivaldiTargetSelector(node, ncservice);
ito = new NCTunnelOverlap(nm.NCService);
} else {
ito = new SimpleTunnelOverlap();
}
if(Broken != 0) {
el = new Tunnel.TunnelEdgeListener(node, ito);
node.AddEdgeListener(el);
}
// Enables Dht data store
new TableServer(node);
return node;
}
