Merge remote-tracking branch 'purple/openssl'

BloomFilter.cpp

@@ -0,0 +1,69 @@
+#include "BloomFilter.h"
+#include "I2PEndian.h"
+#include <array>
+#include <openssl/sha.h>
+
+namespace i2p
+{
+namespace util
+{
+
+	/** @brief decaying bloom filter implementation */
+	class DecayingBloomFilter : public IBloomFilter
+	{
+	public:
+
+		DecayingBloomFilter(const std::size_t size)
+		{
+			m_Size = size;
+			m_Data = new uint8_t[size];
+		}
+
+		/** @brief implements IBloomFilter::~IBloomFilter */
+		~DecayingBloomFilter()
+		{
+			delete [] m_Data;
+		}
+
+		/** @brief implements IBloomFilter::Add */
+		bool Add(const uint8_t * data, std::size_t len)
+		{
+			std::size_t idx;
+			uint8_t mask;
+			Get(data, len, idx, mask);
+			if(m_Data[idx] & mask) return false; // filter hit
+			m_Data[idx] |= mask;
+			return true;
+		}
+
+		/** @brief implements IBloomFilter::Decay */
+		void Decay()
+		{
+			// reset bloom filter buffer
+			memset(m_Data, 0, m_Size);
+		}
+
+	private:
+		/** @brief get bit index for for data */
+		void Get(const uint8_t * data, std::size_t len, std::size_t & idx, uint8_t & bm)
+		{
+			bm = 1;
+			uint8_t digest[32];
+			// TODO: use blake2 because it's faster
+			SHA256(data, len, digest);
+			uint64_t i = buf64toh(digest);
+			idx = i % m_Size;
+			bm <<= (i % 8);
+		}
+
+		uint8_t * m_Data;
+		std::size_t m_Size;
+	};
+
+
+	BloomFilterPtr BloomFilter(std::size_t capacity)
+	{
+		return std::make_shared<DecayingBloomFilter>(capacity);
+	}
+}
+}

BloomFilter.h

@@ -0,0 +1,31 @@
+#ifndef BLOOM_FILTER_H_
+#define BLOOM_FILTER_H_
+#include <memory>
+#include <cstdint>
+
+namespace i2p
+{
+namespace util
+{
+
+	/** @brief interface for bloom filter */
+	struct IBloomFilter
+	{
+
+		/** @brief destructor */
+		virtual ~IBloomFilter();
+		/** @brief add entry to bloom filter, return false if filter hit otherwise return true */
+		virtual bool Add(const uint8_t * data, std::size_t len) = 0;
+		/** @brief optionally decay old entries */
+		virtual void Decay();
+	};
+
+	typedef std::shared_ptr<IBloomFilter> BloomFilterPtr;
+
+	/** @brief create bloom filter */
+	BloomFilterPtr BloomFilter(std::size_t capacity = 1024 * 8);
+
+}
+}
+
+#endif

HTTPServer.cpp

@@ -709,11 +709,15 @@ namespace http {
 			char b64_creds[64];
 			std::size_t len = 0;
 			len = i2p::data::ByteStreamToBase64((unsigned char *)expected.c_str(), expected.length(), b64_creds, sizeof(b64_creds));
-			b64_creds[len] = '\0';
-			expected = "Basic ";
-			expected += b64_creds;
-			if (provided == expected)
-				return true;
+			/* if we decoded properly then check credentials */
+			if(len) {
+				b64_creds[len] = '\0';
+				expected = "Basic ";
+				expected += b64_creds;
+				return expected == provided;
+			}
+			/** we decoded wrong so it's not a correct login credential */
+			return false;
 		}
 
 		LogPrint(eLogWarning, "HTTPServer: auth failure from ", m_Socket->remote_endpoint().address ());

Identity.cpp

@@ -593,11 +593,25 @@ namespace data
 	XORMetric operator^(const IdentHash& key1, const IdentHash& key2)
 	{
 		XORMetric m;
+#if defined(__AVX__) // for AVX
+		__asm__
+		(
+			"vmovups %1, %%ymm0 \n"	
+			"vmovups %2, %%ymm1 \n"	
+			"vxorps %%ymm0, %%ymm1, %%ymm1 \n"
+			"vmovups %%ymm1, %0 \n"
+			: "=m"(*m.metric) 
+			: "m"(*key1), "m"(*key2)
+			: "memory", "%xmm0", "%xmm1" // should be replaced by %ymm0/1 once supported by compiler
+		);			
+#else
 		const uint64_t * hash1 = key1.GetLL (), * hash2 = key2.GetLL ();
 		m.metric_ll[0] = hash1[0] ^ hash2[0];
 		m.metric_ll[1] = hash1[1] ^ hash2[1];
 		m.metric_ll[2] = hash1[2] ^ hash2[2];
 		m.metric_ll[3] = hash1[3] ^ hash2[3];
+#endif
+
 		return m;
 	}	
 }

Makefile.linux

@@ -60,7 +60,12 @@ ifeq ($(USE_AESNI),yes)
 ifeq ($(IS_64),1)
 #check if AES-NI is supported by CPU
 ifneq ($(shell $(GREP) -c aes /proc/cpuinfo),0)
-	CPU_FLAGS = -maes -DAESNI
+	CPU_FLAGS += -maes -DAESNI
 endif
 endif
 endif
+
+#check if AVX supported by CPU
+ifneq ($(shell $(GREP) -c avx /proc/cpuinfo),0)
+	CPU_FLAGS += -mavx
+endif

android/jni/Android.mk

@@ -59,6 +59,7 @@ LOCAL_SRC_FILES := DaemonAndroid.cpp i2pd_android.cpp \
     ../../TunnelPool.cpp \
 	../../Timestamp.cpp \
 	../../Event.cpp \
+	../../BloomFiler.cpp \
     ../../util.cpp \
      ../../i2pd.cpp ../../UPnP.cpp
 

build/CMakeLists.txt

@@ -26,6 +26,7 @@ set ( CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules" )
 set ( CMAKE_SOURCE_DIR ".." )
 
 set (LIBI2PD_SRC
+  "${CMAKE_SOURCE_DIR}/BloomFilter.cpp"
   "${CMAKE_SOURCE_DIR}/Config.cpp"
   "${CMAKE_SOURCE_DIR}/Crypto.cpp"
   "${CMAKE_SOURCE_DIR}/Garlic.cpp"

filelist.mk

@@ -1,5 +1,5 @@
 LIB_SRC = \
-  Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
+  BloomFilter.cpp Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
   Log.cpp NTCPSession.cpp NetDb.cpp NetDbRequests.cpp Profiling.cpp \
   Reseed.cpp RouterContext.cpp RouterInfo.cpp Signature.cpp SSU.cpp \
   SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \

qt/i2pd_qt/i2pd_qt.pro

@@ -36,7 +36,7 @@ SOURCES += DaemonQT.cpp mainwindow.cpp \
 	../../SSUData.cpp ../../SSUSession.cpp ../../Streaming.cpp ../../TransitTunnel.cpp \
 	../../Transports.cpp ../../Tunnel.cpp ../../TunnelEndpoint.cpp ../../TunnelGateway.cpp \
 	../../TunnelPool.cpp ../../UPnP.cpp ../../Gzip.cpp ../../Timestamp.cpp ../../util.cpp \
-	../../Event.cpp ../../i2pd.cpp
+	../../Event.cpp ../../BloomFiler.cpp ../../i2pd.cpp
 
 HEADERS  += DaemonQT.h mainwindow.h \
 	../../HTTPServer.h ../../I2PControl.h ../../UPnP.h ../../Daemon.h ../../Config.h \
@@ -50,7 +50,8 @@ HEADERS  += DaemonQT.h mainwindow.h \
 	../../Streaming.h ../../Timestamp.h ../../TransitTunnel.h ../../Transports.h \
 	../../TransportSession.h ../../Tunnel.h ../../TunnelBase.h ../../TunnelConfig.h \
 	../../TunnelEndpoint.h ../../TunnelGateway.h ../../TunnelPool.h ../../UPnP.h \
-	../../util.h ../../version.h ../../Gzip.h ../../Tag.h ../../Event.h
+	../../util.h ../../version.h ../../Gzip.h ../../Tag.h \
+	../../BloomFiler.h ../../Event.h
 
 FORMS += mainwindow.ui