Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Improvement in social network display |
---|---|
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
d9332e3ec15ab13da8d6c26cc172995d |
User & Date: | bernd 2019-03-18 22:54:08.157 |
Context
2019-03-19
| ||
22:48 | Added avatar display check-in: c50e5d02db user: bernd tags: trunk | |
2019-03-18
| ||
22:54 | Improvement in social network display check-in: d9332e3ec1 user: bernd tags: trunk | |
2019-03-14
| ||
22:14 | Improvement on g+ import, limiter for chat text check-in: 79711085be user: bernd tags: trunk | |
Changes
Changes to connected.fs.
︙ | ︙ | |||
551 552 553 554 555 556 557 | data-rmap with mapc dest-head hex. dest-tail hex. dest-back hex. data-ackbits @ dest-size addr>bytes dump endwith forth:cr ; : transfer-keepalive? ( -- flag ) o to connection timeout( .keepalive ) | > | | 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 | data-rmap with mapc dest-head hex. dest-tail hex. dest-back hex. data-ackbits @ dest-size addr>bytes dump endwith forth:cr ; : transfer-keepalive? ( -- flag ) o to connection timeout( .keepalive ) data-rmap dup 0= ?EXIT with mapc dest-req dup ack-advance? or to ack-advance? endwith dup IF !ticks ticker 64@ resend-all-to 64! [ ack-toggle# resend-toggle# or ]L net2o:do-ack-rest THEN ; previous : cmd-timeout ( -- ) cmd-resend? IF >next-timeout push-timeout ELSE ack@ .timeouts off THEN ; |
︙ | ︙ |
Changes to dht.fs.
︙ | ︙ | |||
429 430 431 432 433 434 435 | : revoke-me ( addr u -- ) \G give it your revocation secret +addme net2o-code expect-reply replace-me, cookie+request end-code| -setip net2o:send-revoke ; | | > | 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 | : revoke-me ( addr u -- ) \G give it your revocation secret +addme net2o-code expect-reply replace-me, cookie+request end-code| -setip net2o:send-revoke ; : disconnect-me ( -- ) connection >o data-rmap 0= IF o> EXIT THEN max-timeouts 4 umin to max-timeouts \ be impatient with disconnects +resend -flow-control net2o-code expect-reply connect( log .time s" Disconnect" $, type cr end-with ) close-all ack rewind end-with disconnect end-code| msg( ." disconnected" forth:cr ) net2o:dispose-context msg( ." Disposed context" forth:cr ) o> ; |
︙ | ︙ |
Changes to dvcs.fs.
︙ | ︙ | |||
931 932 933 934 935 936 937 | previous : dvcs-greet ( -- ) net2o-code expect-msg log !time end-with dvcs-join, get-ip end-code ; : dvcs-connect ( addr u -- ) | | | | | | 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 | previous : dvcs-greet ( -- ) net2o-code expect-msg log !time end-with dvcs-join, get-ip end-code ; : dvcs-connect ( addr u -- ) dvcs-bufs# chat#-connect? IF 2 dvcs-request# ! dvcs-greet THEN ; : dvcs-connect-key ( addr u -- ) key>group ?load-msgn dup 0= IF 2drop "" msg-group$ $@ msg-groups #! THEN 2dup search-connect ?dup-IF >o +group rdrop 2drop EXIT THEN 2dup pk-peek? IF dvcs-connect ELSE 2drop THEN ; : dvcs-connects? ( -- flag ) chat-keys ['] dvcs-connect-key $[]map dvcs-request# @ 0> ; : wait-dvcs-request ( -- ) BEGIN dvcs-request# @ WHILE stop REPEAT ; : +needed ( addr u -- ) 2dup enchash>filename file-status nip no-file# = IF dvcs( ." need: " 2dup 85type cr ) sync-file-list[] $ins[] drop ELSE dvcs( ." don't need: " 2dup 85type cr ) 2drop THEN ; |
︙ | ︙ | |||
995 996 997 998 999 1000 1001 | ." ref: " I dvcs:refs[] $[]@ 85type cr LOOP dvcs:refs[] connection .get-needed-files dvcs:dispose-dvcs-refs o> ; : handle-fetch ( -- ) ?.net2o/objects dvcs:new-dvcs >o pull-readin msg( ." === syncing metadata ===" forth:cr ) | | < | | 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 | ." ref: " I dvcs:refs[] $[]@ 85type cr LOOP dvcs:refs[] connection .get-needed-files dvcs:dispose-dvcs-refs o> ; : handle-fetch ( -- ) ?.net2o/objects dvcs:new-dvcs >o pull-readin msg( ." === syncing metadata ===" forth:cr ) 0 >o dvcs-connects? IF +dvcs-sync-done wait-dvcs-request THEN o> msg( ." === syncing data ===" forth:cr ) dvcs-data-sync msg( ." === data sync done ===" forth:cr ) dvcs-ref-sync msg( ." === ref sync done ===" forth:cr ) connection .data-rmap IF msg-group$ $@ >group last# silent-leave-chat THEN dvcs:dispose-dvcs o> ; : handle-clone ( -- ) chat-keys [: >dir 0 chat-keys !@ >r 2dup chat-keys $+[]! [: @/ 2swap '#' $split dup 0= IF 2drop ELSE 2nip THEN 2dup $1FF init-dir drop 2dup set-dir throw |
︙ | ︙ |
Changes to gui.fs.
︙ | ︙ | |||
647 648 649 650 651 652 653 | glue*l }}glue }}h box[] }}z box[] {{ {{ glue*ll }}glue tex: vp-md | | | > | > | | > > > | | 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 | glue*l }}glue }}h box[] }}z box[] {{ {{ glue*ll }}glue tex: vp-md glue*l ' vp-md }}vp dup to project-vp >o "project" to name$ font-size# dpy-w @ s>f 25% f* fdup fnegate to borderv f+ to border o o> dup font-size# 66% f* fdup vslider }}h box[] >o "project-slider" to name$ o o> }}v box[] >o "project-vbox" to name$ o o> }}z box[] >o "project-zbox" to name$ o o> to post-frame : display-title { d: prj | ki -- } prj key>o ?dup-IF .ke-imports @ >im-color# sfloats to ki THEN {{ glue*l imports#rgb-bg ki + sf@ slide-frame dup .button1 {{ \large imports#rgb-fg ki + sf@ to x-color prj key| ['] .key-id? $tmp }}text 40%b glue*ll }}glue \small prj drop keysize + le-64@ ['] .ticks $tmp }}text 40%b \normal blackish }}h box[] }}z box[] project-vp .child+ ; : display-file { d: prj -- } prj display-title prj [ keysize $10 + ]L safe/string 2dup "file:" string-prefix? IF 0 to v-box 5 /string [: ." ~+/" type ;] $tmp markdown-parse v-box project-vp .child+ dpy-w @ s>f font-size# fover 25% f* f+ f2* f- p-format ELSE 2drop THEN ; : display-project ( addr u -- ) project-vp >o dispose-childs 0 to active-w o> project:branch$ $@ { d: branch } dvcs:new-project-log >o ?msg-log last# msg-log@ 2dup { log u } bounds ?DO I $@ msg:display \ this will only set the URLs cell +LOOP glue*lll }}glue project-vp dup .act 0= IF vp[] THEN .child+ log free dvcs-log:urls[] ['] display-file $[]map dvcs:dispose-dvcs-log o> throw ; : .project-log ( -- ) dvcs:new-dvcs >o config>dvcs project:project$ $@ @/ 2drop 2dup load-msg display-project |
︙ | ︙ | |||
905 906 907 908 909 910 911 | [IFDEF] android also android [THEN] : chat-edit-enter ( o:edit-w -- ) text$ dup IF do-chat-cmd? 0= IF avalanche-text THEN ELSE 2drop THEN 64#-1 line-date 64! $lastline $free ; | | | 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 | [IFDEF] android also android [THEN] : chat-edit-enter ( o:edit-w -- ) text$ dup IF do-chat-cmd? 0= IF avalanche-text THEN ELSE 2drop THEN 64#-1 line-date 64! $lastline $free ; +db click( \ ) \ +db gui( \ ) {{ $80FFFFFF color, pres-frame {{ {{ glue*l $000000FF color, slide-frame dup .button1 {{ |
︙ | ︙ |
Changes to helper.fs.
︙ | ︙ | |||
284 285 286 287 288 289 290 | 3 pick IF 2drop EXIT THEN check-host? IF insert-host ELSE 2drop false THEN rot or swap ; : make-context ( pk u -- ) ret0 net2o:new-context >o rdrop dest-pk ; | | > > | > > | 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 | 3 pick IF 2drop EXIT THEN check-host? IF insert-host ELSE 2drop false THEN rot or swap ; : make-context ( pk u -- ) ret0 net2o:new-context >o rdrop dest-pk ; in net2o : pklookup? ( pkaddr u -- flag ) 2dup keysize2 safe/string hostc$ $! key2| 2dup pkc over str= to ?myself 2dup >d#id { id } id .dht-host $[]# 0= IF 2dup pk-lookup 2dup >d#id to id THEN 2dup make-context false id dup .dht-host ['] insert-host? $[]map drop nip nip ; in net2o : pklookup ( pkaddr u -- ) net2o:pklookup? 0= !!no-address!! ; : ?nat-done ( n -- ) nat( ." req done, issue nat request" forth:cr ) connect-rest +flow-control +resend ?nat ; : no-nat-done ( n -- ) nat( ." req done, finished" forth:cr ) connect-rest +flow-control +resend ; : direct-connect ( cmdlen datalen -- ) cmd0( ." attempt to connect to: " return-addr .addr-path cr ) ['] ?nat-done ['] no-nat-done ind-addr @ select rqd? net2o:connect nat( ." connected" forth:cr ) ; : pk-connect ( addr u cmdlen datalen -- ) 2>r net2o:pklookup 2r> direct-connect ; : pk-connect? ( addr u cmdlen datalen -- flag ) 2>r net2o:pklookup? dup IF 2r> direct-connect ELSE 2rdrop THEN ; : addr-connect ( addr+key u cmdlen datalen xt -- ) -rot 2>r >r over + 1- dup c@ dup >r - 2dup u>= !!keysize!! dup r> make-context over - insert-addr$ 0= !!no-address!! r> execute 2r> net2o:connect ; |
︙ | ︙ |
Changes to json/g+-import.fs.
︙ | ︙ | |||
177 178 179 180 181 182 183 | comments:link{} ?dup-IF cr >o '[' emit link:title$ type-esc'd ." ](" link:url$ type ')' emit cr o> THEN ; 0 Value img-req-fid : .mfile { d: fn -- } | | | | 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 | comments:link{} ?dup-IF cr >o '[' emit link:title$ type-esc'd ." ](" link:url$ type ')' emit cr o> THEN ; 0 Value img-req-fid : .mfile { d: fn -- } fn basedir+name pics# #@ 2dup d0= IF 2drop fn .url fn [: .url cr ;] img-req-fid outfile-execute ELSE ." file:" picbase# #@ type THEN ; : .csv-link { d: fn -- } ." " cr ; : .media-file ( -- ) media:url$ basename nip $100 > IF ." file:" media:localFilePath$ basename type ELSE |
︙ | ︙ |
Changes to msg.fs.
︙ | ︙ | |||
13 14 15 16 17 18 19 20 21 22 23 24 25 26 | \ GNU Affero General Public License for more details. \ You should have received a copy of the GNU Affero General Public License \ along with this program. If not, see <http://www.gnu.org/licenses/>. Forward avalanche-to ( addr u o:context -- ) Forward pk-connect ( key u cmdlen datalen -- ) Forward addr-connect ( key+addr u cmdlen datalen xt -- ) Forward pk-peek? ( addr u0 -- flag ) : ?hash ( addr u hash -- ) >r 2dup r@ #@ d0= IF "" 2swap r> #! ELSE 2drop rdrop THEN ; : >group ( addr u -- ) msg-groups ?hash ; | > | 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | \ GNU Affero General Public License for more details. \ You should have received a copy of the GNU Affero General Public License \ along with this program. If not, see <http://www.gnu.org/licenses/>. Forward avalanche-to ( addr u o:context -- ) Forward pk-connect ( key u cmdlen datalen -- ) Forward pk-connect? ( key u cmdlen datalen -- flag ) Forward addr-connect ( key+addr u cmdlen datalen xt -- ) Forward pk-peek? ( addr u0 -- flag ) : ?hash ( addr u hash -- ) >r 2dup r@ #@ d0= IF "" 2swap r> #! ELSE 2drop rdrop THEN ; : >group ( addr u -- ) msg-groups ?hash ; |
︙ | ︙ | |||
918 919 920 921 922 923 924 | ( cookie+request ) end-code| ; : silent-join ( -- ) net2o-code expect-msg silent-join, end-code ; : send-leave ( -- ) | | | | 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 | ( cookie+request ) end-code| ; : silent-join ( -- ) net2o-code expect-msg silent-join, end-code ; : send-leave ( -- ) connection .data-rmap IF net2o-code expect-msg leave, end-code| THEN ; : send-silent-leave ( -- ) connection .data-rmap IF net2o-code expect-msg silent-leave, end-code| THEN ; : [group] ( xt -- flag ) msg-group$ $@ msg-groups #@ IF @ >o ?msg-context .execute o> true ELSE drop "" msg-group$ $@ msg-groups #! 0 .execute false |
︙ | ︙ | |||
1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 | : g?join ( -- ) msg-group$ $@len IF send-join -timeout THEN ; : g?leave ( -- ) msg-group$ $@len IF send-leave -timeout THEN ; : greet ( -- ) net2o-code expect-msg log !time end-with join, get-ip end-code ; : chat-entry ( -- ) ?.net2o/chats word-args <warn> ." Type ctrl-D or '/bye' as single item to quit" <default> cr ; : wait-2s-key ( -- ) | > | 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 | : g?join ( -- ) msg-group$ $@len IF send-join -timeout THEN ; : g?leave ( -- ) msg-group$ $@len IF send-leave -timeout THEN ; : greet ( -- ) connection .data-rmap 0= ?EXIT net2o-code expect-msg log !time end-with join, get-ip end-code ; : chat-entry ( -- ) ?.net2o/chats word-args <warn> ." Type ctrl-D or '/bye' as single item to quit" <default> cr ; : wait-2s-key ( -- ) |
︙ | ︙ | |||
1459 1460 1461 1462 1463 1464 1465 | : load-msgn ( addr u n -- ) >r 2dup load-msg ?msg-log r> display-lastn ; : +group ( -- ) msg-group$ $@ dup IF 2dup msg-groups #@ d0<> IF | | | 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 | : load-msgn ( addr u n -- ) >r 2dup load-msg ?msg-log r> display-lastn ; : +group ( -- ) msg-group$ $@ dup IF 2dup msg-groups #@ d0<> IF +unique-con 2drop ELSE o { w^ group } group cell 2swap msg-groups #! THEN ELSE 2drop THEN ; : msg-timeout ( -- ) packets2 @ connected-timeout packets2 @ <> IF reply( ." Resend to " pubkey $@ key>nick type cr ) timeout-expired? IF |
︙ | ︙ | |||
1487 1488 1489 1490 1491 1492 1493 | ['] msg-timeout is timeout-xt o+timeout ; $B $E 2Value chat-bufs# : +chat-control ( -- ) +resend-msg +flow-control ; | | | | | 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 | ['] msg-timeout is timeout-xt o+timeout ; $B $E 2Value chat-bufs# : +chat-control ( -- ) +resend-msg +flow-control ; : chat#-connect? ( addr u buf1 buf2 --- flag ) pk-connect? dup IF connection >o rdrop +chat-control +group THEN ; : chat-connect ( addr u -- ) chat-bufs# chat#-connect? IF greet THEN ; : key-ctrlbit ( -- n ) \G return a bit mask for the control key pressed 1 key dup bl < >r lshift r> and ; : wait-key ( -- ) BEGIN key-ctrlbit [ 1 ctrl L lshift 1 ctrl Z lshift or ]L |
︙ | ︙ |
Changes to wiki/rng.md.
1 2 3 4 5 6 7 8 | # Random Number Seat Belts Random number generators are a known attack vector to weaken cryptography. I use all techniques I know to make sure net2o uses a cryptographically strong random number (CSPRNG). ## What do you need for a CSPRNG? | | | | | | | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | # Random Number Seat Belts Random number generators are a known attack vector to weaken cryptography. I use all techniques I know to make sure net2o uses a cryptographically strong random number (CSPRNG). ## What do you need for a CSPRNG? * An entropy source — I use the OS for that, `/dev/urandom` is known good. * A secure, non-reversible expansion algorithm — I use keccak, which encrypts again and again the same output buffer using an ever-changing secret state (key erasure). An attacker should not be able to guess past random numbers from the current state, and should have difficulties to guess future ones after re-injection of entropy. These two things are good enough, but here's about the seat belts, the additional level of security to make sure even if one of these two fails suddenly, it's not a debacle. ## Detection of low-entropy PRNG |
︙ | ︙ | |||
31 32 33 34 35 36 37 | ## Key erasure and rolling tag I store an initializing state for the PRNG, first generated together with your sekret key. This is the time when a low-entropy system can ask the user to add more entropy by e.g. moving the mouse or walking over the keyboard. That initial state then has enough randomness. | | | | 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | ## Key erasure and rolling tag I store an initializing state for the PRNG, first generated together with your sekret key. This is the time when a low-entropy system can ask the user to add more entropy by e.g. moving the mouse or walking over the keyboard. That initial state then has enough randomness. On every start of net2o, I mix it together with entropy from `/dev/random` and replace the previous saved content. This is to prevent a forward secrecy attack. To make sure the initial state can't be used to recover forward secrecy, it's just a part of the overall state, and overwritten by generating more random numbers afterwards; generating more random numbers will replace the secret state with a new one. This technique is called _“key erasing PRNG”_. This is important. Note that a revision controlling file system can know the save time and all |
︙ | ︙ |