scionproto · scrye · May 3, 2019 · Apr 26, 2019 · Apr 30, 2019 · May 3, 2019
diff --git a/go/integration/cert_req/main.go b/go/integration/cert_req/main.go
@@ -77,6 +77,9 @@ func (c client) run() int {
 				messenger.DefaultAdapter,
 				log.Root(),
 			),
+			AddressRewriter: &messenger.AddressRewriter{
+				Router: &snet.BaseRouter{IA: integration.Local.IA},
+			},
 		},
 	)
 	if err = getRemote(); err != nil {

diff --git a/go/lib/infra/infraenv/BUILD.bazel b/go/lib/infra/infraenv/BUILD.bazel
@@ -19,5 +19,6 @@ go_library(
         "//go/lib/snet:go_default_library",
         "//go/lib/snet/snetproxy:go_default_library",
         "//go/lib/sock/reliable:go_default_library",
+        "//go/lib/svc:go_default_library",
     ],
 )
diff --git a/go/lib/infra/infraenv/infraenv.go b/go/lib/infra/infraenv/infraenv.go
@@ -34,6 +34,7 @@ import (
 	"github.com/scionproto/scion/go/lib/snet"
 	"github.com/scionproto/scion/go/lib/snet/snetproxy"
 	"github.com/scionproto/scion/go/lib/sock/reliable"
+	"github.com/scionproto/scion/go/lib/svc"
 )
 
 const (
@@ -73,10 +74,27 @@ func (nc *NetworkConfig) Messenger() (infra.Messenger, error) {
 	if err != nil {
 		return nil, err
 	}
+
+	router := nc.Router
+	if router == nil {
+		router = &snet.BaseRouter{IA: nc.IA}
+	}
+
 	msgerCfg := &messenger.Config{
 		IA:         nc.IA,
 		TrustStore: nc.TrustStore,
-		Router:     nc.Router,
+		AddressRewriter: &messenger.AddressRewriter{
+			Router: router,
+			Resolver: &svc.Resolver{
+				LocalIA: nc.IA,
+				ConnFactory: snet.NewDefaultPacketDispatcherService(
+					reliable.NewDispatcherService(""),
+				),
+				Machine: buildLocalMachine(nc.Bind, nc.Public),
+			},
+			// XXX(scrye): Disable SVC resolution for the moment.
+			SVCResolutionFraction: 0.00,
+		},
 	}
 	if nc.EnableQUICTest {
 		var err error
@@ -97,6 +115,17 @@ func (nc *NetworkConfig) Messenger() (infra.Messenger, error) {
 
 }
 
+func buildLocalMachine(bind, public *snet.Addr) snet.LocalMachine {
+	var mi snet.LocalMachine
+	mi.PublicIP = public.Host.L3.IP()
+	if bind != nil {
+		mi.InterfaceIP = bind.Host.L3.IP()
+	} else {
+		mi.InterfaceIP = mi.PublicIP
+	}
+	return mi
+}
+
 func (nc *NetworkConfig) initNetworking() (net.PacketConn, error) {
 	var network snet.Network
 	network, err := snet.NewNetwork(nc.IA, "", reliable.NewDispatcherService(""))

diff --git a/go/lib/infra/messenger/BUILD.bazel b/go/lib/infra/messenger/BUILD.bazel
@@ -4,6 +4,7 @@ go_library(
     name = "go_default_library",
     srcs = [
         "adapter.go",
+        "addr.go",
         "counter.go",
         "messenger.go",
         "messenger_with_metrics.go",
@@ -31,6 +32,7 @@ go_library(
         "//go/lib/prom:go_default_library",
         "//go/lib/scrypto:go_default_library",
         "//go/lib/snet:go_default_library",
+        "//go/lib/svc:go_default_library",
         "//go/lib/util:go_default_library",
         "//go/proto:go_default_library",
         "@com_github_lucas_clemente_quic_go//:go_default_library",
@@ -40,18 +42,22 @@ go_library(
 
 go_test(
     name = "go_default_test",
-    srcs = ["messenger_test.go"],
+    srcs = [
+        "addr_test.go",
+        "messenger_test.go",
+    ],
     embed = [":go_default_library"],
     deps = [
         "//go/lib/addr:go_default_library",
-        "//go/lib/common:go_default_library",
-        "//go/lib/ctrl/cert_mgmt:go_default_library",
-        "//go/lib/infra:go_default_library",
-        "//go/lib/infra/disp:go_default_library",
-        "//go/lib/infra/transport:go_default_library",
+        "//go/lib/infra/messenger/mock_messenger:go_default_library",
         "//go/lib/log:go_default_library",
+        "//go/lib/overlay:go_default_library",
+        "//go/lib/snet:go_default_library",
+        "//go/lib/snet/mock_snet:go_default_library",
+        "//go/lib/spath:go_default_library",
+        "//go/lib/svc:go_default_library",
         "//go/lib/xtest:go_default_library",
-        "//go/lib/xtest/p2p:go_default_library",
+        "@com_github_golang_mock//gomock:go_default_library",
         "@com_github_smartystreets_goconvey//convey:go_default_library",
     ],
 )
diff --git a/go/lib/infra/messenger/addr.go b/go/lib/infra/messenger/addr.go
@@ -0,0 +1,191 @@
+// Copyright 2019 ETH Zurich
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package messenger
+
+import (
+	"context"
+	"net"
+	"time"
+
+	"github.com/scionproto/scion/go/lib/addr"
+	"github.com/scionproto/scion/go/lib/common"
+	"github.com/scionproto/scion/go/lib/log"
+	"github.com/scionproto/scion/go/lib/snet"
+	"github.com/scionproto/scion/go/lib/svc"
+)
+
+// Resolver performs SVC resolution for a remote AS, thus converting an anycast
+// SVC address to a unicast IP/UDP one.
+type Resolver interface {
+	// LookupSVC resolves the SVC address for the AS terminating the path.
+	LookupSVC(ctx context.Context, path snet.Path, svc addr.HostSVC) (*svc.Reply, error)
+}
+
+// AddressRewriter is used to compute paths and replace SVC destinations with
+// unicast addresses.
+type AddressRewriter struct {
+	// Router obtains path information to fill in address paths, if they are
+	// required and missing.
+	Router snet.Router
+	// Resolver performs SVC resolution if enabled.
+	Resolver Resolver
+	// SVCResolutionFraction enables SVC resolution for traffic to SVC
+	// destinations in a way that is also compatible with control plane servers
+	// that do not implement the SVC Resolution Mechanism. The value represents
+	// the percentage of time, out of the total available context timeout,
+	// spent attempting to perform SVC resolution. If SVCResolutionFraction is
+	// 0 or less, SVC resolution is never attempted. If it is between 0 and 1,
+	// the remaining context timeout is multiplied by the value, and that
+	// amount of time is spent waiting for an SVC resolution reply from the
+	// server. If this times out, the data packet is sent with an SVC
+	// destination. If the value is 1 or more, then legacy behavior is
+	// disabled, and data packets are never sent to SVC destinations unless the
+	// resolution step is successful.
+	SVCResolutionFraction float64
+}
+
+// Rewrite takes an address and adds a path (if one does not already exist but
+// is required), and replaces SVC destinations with unicast ones, if desired.
+func (r AddressRewriter) Rewrite(ctx context.Context, a net.Addr) (net.Addr, error) {
+	// FIXME(scrye): This is not legitimate use. It's only included for
+	// compatibility with older unit tests. See
+	// https://github.com/scionproto/scion/issues/2611.
+	if a == nil {
+		return nil, nil
+	}
+	address, err := r.buildFullAddress(ctx, a)
+	if err != nil {
+		return nil, err
+	}
+	path, err := address.GetPath()
+	if err != nil {
+		return nil, common.NewBasicError("bad path", err)
+	}
+	address.Host, err = r.resolveIfSVC(ctx, path, address.Host)
+	return address, err
+
+}
+
+// buildFullAddress checks that a is a well-formed address (all fields set,
+// non-nil, only supported protocols). If the path is missing, the path and
+// next-hop are added by performing a routing lookup. The returned address is
+// always a copy, and the input address is guaranteed to not change.
+func (r AddressRewriter) buildFullAddress(ctx context.Context, a net.Addr) (*snet.Addr, error) {
+	snetAddr, ok := a.(*snet.Addr)
+	if !ok {
+		return nil, common.NewBasicError("address type not supported", nil, "addr", a)
+	}
+	if snetAddr.Host == nil {
+		return nil, common.NewBasicError("host address not specified", nil, "addr", snetAddr)
+	}
+	if snetAddr.Host.L3 == nil {
+		return nil, common.NewBasicError("host address missing L3 address", nil, "addr", snetAddr)
+	}
+	if snetAddr.Host.L4 == nil {
+		return nil, common.NewBasicError("host address missing L4 address", nil, "addr", snetAddr)
+	}
+	if t := snetAddr.Host.L3.Type(); !addr.HostTypeCheck(t) {
+		return nil, common.NewBasicError("host address L3 address not supported", nil, "type", t)
+	}
+	if t := snetAddr.Host.L4.Type(); t != common.L4UDP {
+		return nil, common.NewBasicError("host address L4 address not supported", nil, "type", t)
+	}
+	newAddr := snetAddr.Copy()
+
+	if newAddr.Path == nil {
+		p, err := r.Router.Route(ctx, newAddr.IA)
+		if err != nil {
+			return nil, err
+		}
+		newAddr.Path = p.Path()
+		newAddr.NextHop = p.OverlayNextHop()
+	}
+	return newAddr, nil
+}
+
+// resolveIfSvc performs SVC resolution and returns an UDP/IP address if the
+// input address is an SVC destination. If the address does not have an SVC
+// destination, it is returned unchanged. If address is not a well-formed
+// application address (all fields set, non-nil, supported protocols), the
+// function's behavior is undefined. The returned address is always a copy.
+func (r AddressRewriter) resolveIfSVC(ctx context.Context, p snet.Path,
+	address *addr.AppAddr) (*addr.AppAddr, error) {
+
+	svcAddress, ok := address.L3.(addr.HostSVC)
+	if !ok {
+		return address.Copy(), nil
+	}
+	if r.SVCResolutionFraction <= 0.0 {
+		return address.Copy(), nil
+	}
+
+	if r.SVCResolutionFraction < 1.0 {
+		var cancelF context.CancelFunc
+		ctx, cancelF = r.resolutionCtx(ctx)
+		defer cancelF()
+	}
+	logger := log.FromCtx(ctx)
+	logger.Trace("Sending SVC resolution request", "ia", p.Destination(), "svc", svcAddress,
+		"svcResFraction", r.SVCResolutionFraction)
+	reply, err := r.Resolver.LookupSVC(ctx, p, svcAddress)
+	if err != nil {
+		if r.SVCResolutionFraction < 1.0 {
+			// SVC resolution failed but we allow legacy behavior and have some
+			// fraction of the timeout left for data transfers, so return
+			// address with SVC destination still set
+			logger.Trace("SVC resolution failed, falling back to legacy mode", "err", err)
+			return address.Copy(), nil
+		}
+		// Legacy behavior is disallowed, so propagate a hard failure back to the app.
+		logger.Trace("SVC resolution failed and legacy mode disabled", "err", err)
+		return nil, err
+	}
+	logger.Trace("SVC resolution successful", "reply", reply)
+	return parseReply(reply)
+}
+
+func (r AddressRewriter) resolutionCtx(ctx context.Context) (context.Context, context.CancelFunc) {
+	deadline, ok := ctx.Deadline()
+	if !ok {
+		return context.WithCancel(ctx)
+	}
+
+	timeout := deadline.Sub(time.Now())
+	timeout = time.Duration(float64(timeout) * r.SVCResolutionFraction)
+	return context.WithTimeout(ctx, timeout)
+}
+
+// parseReply searches for a UDP server on the remote address. If one is not
+// found, an error is returned.
+func parseReply(reply *svc.Reply) (*addr.AppAddr, error) {
+	if reply == nil {
+		return nil, common.NewBasicError("nil reply", nil)
+	}
+	if reply.Transports == nil {
+		return nil, common.NewBasicError("empty reply", nil)
+	}
+	addressStr, ok := reply.Transports[svc.UDP]
+	if !ok {
+		return nil, common.NewBasicError("UDP server address not found", nil)
+	}
+	udpAddr, err := net.ResolveUDPAddr("udp", addressStr)
+	if err != nil {
+		return nil, common.NewBasicError("Unable to parse address", err)
+	}
+	return &addr.AppAddr{
+		L3: addr.HostFromIP(udpAddr.IP),
+		L4: addr.NewL4UDPInfo(uint16(udpAddr.Port)),
+	}, nil
+}