runar_cli 0.1.0

Runar CLI for node initialization and management
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222

//! Setup server for mobile device communication
//!
//! This module implements a simple TCP server that waits for mobile devices
//! to send certificate messages and network key messages during the node initialization process.

use anyhow::{Context, Result};
use futures_util::StreamExt;
use runar_common::logging::Logger;
use runar_keys::mobile::{NetworkKeyMessage, NodeCertificateMessage};
use runar_macros_common::{log_debug, log_error, log_info};
use std::sync::Arc;
use tokio::net::{TcpListener, TcpStream};
use tokio_stream::wrappers::TcpListenerStream;

/// Complete setup data received from mobile device
#[derive(Debug)]
pub struct SetupData {
    pub certificate_message: NodeCertificateMessage,
    pub network_key_message: NetworkKeyMessage,
}

pub struct SetupServer {
    ip: String,
    port: u16,
    logger: Arc<Logger>,
}

impl SetupServer {
    pub fn new(ip: String, port: u16, logger: Arc<Logger>) -> Self {
        Self { ip, port, logger }
    }

    /// Start the setup server and wait for certificate and network key messages from mobile
    pub async fn wait_for_setup_data(&self) -> Result<SetupData> {
        let address = format!("{}:{}", self.ip, self.port);

        log_info!(self.logger, "Starting setup server on {address}");

        // Create TCP listener
        let listener = TcpListener::bind(&address)
            .await
            .with_context(|| format!("Failed to bind to {address}"))?;

        log_info!(
            self.logger,
            "Setup server started - waiting for mobile device connection..."
        );

        // Convert to stream for easier handling
        let mut stream = TcpListenerStream::new(listener);

        while let Some(stream_result) = stream.next().await {
            match stream_result {
                Ok(socket) => {
                    log_info!(self.logger, "Mobile device connected");

                    // Handle the connection
                    match self.handle_connection(socket).await {
                        Ok(setup_data) => {
                            log_info!(self.logger, "Setup data received successfully");
                            return Ok(setup_data);
                        }
                        Err(e) => {
                            log_error!(self.logger, "Failed to handle connection: {e}");
                            // Continue waiting for another connection
                            continue;
                        }
                    }
                }
                Err(e) => {
                    log_error!(self.logger, "Failed to accept connection: {e}");
                    return Err(anyhow::anyhow!("Failed to accept connection: {}", e));
                }
            }
        }

        Err(anyhow::anyhow!("Setup server stream ended unexpectedly"))
    }

    async fn handle_connection(&self, socket: TcpStream) -> Result<SetupData> {
        log_debug!(self.logger, "Handling mobile device connection");

        // Read both certificate and network key messages from the socket
        let certificate_message = self.read_certificate_message(&socket).await?;
        let network_key_message = self.read_network_key_message(&socket).await?;

        log_info!(
            self.logger,
            "Certificate and network key messages received and parsed successfully"
        );

        Ok(SetupData {
            certificate_message,
            network_key_message,
        })
    }

    async fn read_certificate_message(&self, socket: &TcpStream) -> Result<NodeCertificateMessage> {
        self.read_message(socket).await
    }

    async fn read_network_key_message(&self, socket: &TcpStream) -> Result<NetworkKeyMessage> {
        self.read_message(socket).await
    }

    async fn read_message<T>(&self, socket: &TcpStream) -> Result<T>
    where
        T: serde::de::DeserializeOwned,
    {
        const MAX_MESSAGE_SIZE: usize = 1024 * 1024; // 1MB limit to prevent DoS

        // Read the message length (4 bytes, big endian) - ensure complete read
        let mut length_bytes = [0u8; 4];
        let mut length_bytes_read = 0;

        while length_bytes_read < 4 {
            socket
                .readable()
                .await
                .context("Failed to wait for socket to be readable")?;

            match socket.try_read(&mut length_bytes[length_bytes_read..]) {
                Ok(0) => {
                    return Err(anyhow::anyhow!(
                        "Connection closed while reading message length"
                    ));
                }
                Ok(n) => {
                    length_bytes_read += n;
                }
                Err(ref e) if e.kind() == std::io::ErrorKind::WouldBlock => {
                    // Continue the loop to call readable().await again
                    continue;
                }
                Err(e) => return Err(e.into()),
            }
        }

        let message_length = u32::from_be_bytes(length_bytes) as usize;

        // Bounds checking to prevent DoS via excessive memory allocation
        if message_length > MAX_MESSAGE_SIZE {
            return Err(anyhow::anyhow!(
                "Message size {} exceeds maximum allowed size {}",
                message_length,
                MAX_MESSAGE_SIZE
            ));
        }

        if message_length == 0 {
            return Err(anyhow::anyhow!("Invalid message length: 0"));
        }

        log_debug!(self.logger, "Reading message of {message_length} bytes");

        // Read the actual message - ensure complete read
        let mut message_bytes = vec![0u8; message_length];
        let mut bytes_read = 0;

        while bytes_read < message_length {
            socket
                .readable()
                .await
                .context("Failed to wait for socket to be readable")?;

            match socket.try_read(&mut message_bytes[bytes_read..]) {
                Ok(0) => {
                    return Err(anyhow::anyhow!(
                        "Connection closed prematurely. Expected {} bytes, got {} bytes",
                        message_length,
                        bytes_read
                    ));
                }
                Ok(n) => {
                    bytes_read += n;
                }
                Err(ref e) if e.kind() == std::io::ErrorKind::WouldBlock => {
                    // Continue the loop to call readable().await again
                    continue;
                }
                Err(e) => return Err(e.into()),
            }
        }

        // Verify we read the complete message before deserialization
        if bytes_read != message_length {
            return Err(anyhow::anyhow!(
                "Incomplete message received. Expected {} bytes, got {} bytes",
                message_length,
                bytes_read
            ));
        }

        // Deserialize the message (CBOR)
        let message: T =
            serde_cbor::from_slice(&message_bytes).context("Failed to deserialize CBOR message")?;

        log_debug!(self.logger, "Message deserialized successfully");

        Ok(message)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[tokio::test]
    async fn test_setup_server() {
        // This is a basic test to ensure the server can start
        // In a real test, you would need to mock the mobile device
        let logger = Arc::new(Logger::new_root(
            runar_common::logging::Component::CLI,
            "test",
        ));
        let server = SetupServer::new("127.0.0.1".to_string(), 0, logger);

        // The server should be created successfully
        assert_eq!(server.ip, "127.0.0.1");
        assert_eq!(server.port, 0);
    }
}