source = "git+https://github.com/cyphernet-wg/rust-cyphernet#2284beac543326b79705909b96efdcd2ecb008d3"

 "base32",

 "sha3",

 "sha3",

source = "git+https://github.com/cyphernet-wg/rust-netservices#d8660d8d0697bfd5b3983a5c1ea202ea26294639"

 "log",

 "sha3",

 "value-bag",

source = "git+https://github.com/cyphernet-wg/rust-netservices#d8660d8d0697bfd5b3983a5c1ea202ea26294639"

 "log",

source = "git+https://github.com/Cyphernet-WG/popol?branch=api#0b78f5ef1c39741cfc67157b7d2c7a27064150b1"

 "amplify",

 "hmac",

 "hmac",

 "sha3",

name = "value-bag"

version = "1.0.0-alpha.9"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "2209b78d1249f7e6f3293657c9779fe31ced465df091bbd433a1cf88e916ec55"

dependencies = [

 "ctor",

 "version_check",

]

[[package]]

impl cyphernet::crypto::EcPk for PublicKey {

    // TODO: Change this once NoiseXK is working.

    fn generator() -> Self {

        use amplify::hex::FromHex;

        ed25519::PublicKey::from_slice(

            &Vec::<u8>::from_hex(

                "5866666666666666666666666666666666666666666666666666666666666666",

            )

            .unwrap(),

        )

        .unwrap()

        .into()

    }

}

#[cfg(feature = "cyphernet")]

impl cyphernet::crypto::EcSk for MemorySigner {

    type Pk = PublicKey;

    fn to_pk(&self) -> Self::Pk {

        self.public

    }

}

    /// Generate a new memory signer.

    pub fn gen() -> Self {

        let seed = crate::Seed::generate();

        let keypair = KeyPair::from_seed(seed);

        let sk = keypair.sk;

        Self {

            public: sk.public_key().into(),

            secret: Zeroizing::new(sk.into()),

        }

    }

#[cfg(feature = "cyphernet")]

impl cyphernet::crypto::EcSk for MockSigner {

    type Pk = PublicKey;

    fn to_pk(&self) -> Self::Pk {

        self.pk

    }

}

netservices = { version = "0", features = ["io-reactor", "socket2", "log"] }

io-reactor = { version = "0", features = ["popol", "socket2", "log"] }

use radicle::node::Address;

use radicle::node::Address;

use std::{net, thread, time};

use netservices::resources::NetAccept;

use reactor::poller::popol;

use reactor::Reactor;

use crate::control;

use crate::node::NodeId;

use crate::wire::Transport;

use crate::worker::{WorkerPool, WorkerReq};

use crate::{crypto, profile, service, LocalTime};

use handle::Handle;

    /// A control socket error.

    #[error("control socket error: {0}")]

    Control(#[from] control::Error),

}

/// Holds join handles to the client threads, as well as a client handle.

pub struct Runtime<G: crypto::Signer + crypto::Negotiator> {

    pub id: NodeId,

    pub handle: Handle<Transport<routing::Table, address::Book, radicle::Storage, G>>,

    pub control: thread::JoinHandle<Result<(), control::Error>>,

    pub reactor: Reactor<Transport<service::routing::Table, address::Book, radicle::Storage, G>>,

    pub pool: WorkerPool,

    pub local_addrs: Vec<net::SocketAddr>,

}

impl<G: crypto::Signer + crypto::Negotiator + 'static> Runtime<G> {

    /// Run the client.

    ///

    /// This function spawns threads.

    pub fn with(

        profile: profile::Profile,

        config: service::Config,

        listen: Vec<net::SocketAddr>,

        proxy: net::SocketAddr,

        signer: G,

    ) -> Result<Runtime<G>, Error> {

        let id = *profile.id();

        let node = profile.node();

        let negotiator = signer.clone();

        let network = config.network;

        let rng = fastrand::Rng::new();

        let clock = LocalTime::now();

        let storage = profile.storage;

        let node_dir = profile.home.join(NODE_DIR);

        let address_db = node_dir.join(ADDRESS_DB_FILE);

        let routing_db = node_dir.join(ROUTING_DB_FILE);

        let tracking_db = node_dir.join(TRACKING_DB_FILE);

        log::info!("Opening address book {}..", address_db.display());

        let addresses = address::Book::open(address_db)?;

        log::info!("Opening routing table {}..", routing_db.display());

        let routing = routing::Table::open(routing_db)?;

        log::info!("Opening tracking policy table {}..", tracking_db.display());

        let tracking = tracking::Config::open(tracking_db)?;

        log::info!("Initializing service ({:?})..", network);

        let service = service::Service::new(

            config,

            clock,

            routing,

            storage.clone(),

            addresses,

            tracking,

            signer,

            rng,

        );

        let (worker_send, worker_recv) = crossbeam_channel::unbounded::<WorkerReq<G>>();

        let pool = WorkerPool::with(10, time::Duration::from_secs(9), storage, worker_recv);

        let wire = Transport::new(service, worker_send, negotiator.clone(), proxy, clock);

        let reactor = Reactor::new(wire, popol::Poller::new())?;

        let handle = Handle::from(reactor.controller());

        let control = thread::spawn({

            let handle = handle.clone();

            move || control::listen(node, handle)

        });

        let controller = reactor.controller();

        let mut local_addrs = Vec::new();

        for addr in listen {

            let listener = NetAccept::bind(addr, negotiator.clone())?;

            let local_addr = listener.local_addr();

            local_addrs.push(local_addr);

            controller.register_listener(listener)?;

            log::info!("Listening on {local_addr}..");

        }

        Ok(Runtime {

            id,

            control,

            reactor,

            handle,

            pool,

            local_addrs,

        })

    }

    pub fn run(self) -> Result<(), Error> {

        log::info!("Running node {}..", self.id);

        self.pool.run().unwrap();

        self.control.join().unwrap()?;

        self.reactor.join().unwrap();

        Ok(())

    }

impl<T: reactor::Handler> Clone for Handle<T> {

    fn clone(&self) -> Self {

        Self {

            controller: self.controller.clone(),

        }

    }

}

    fn connect(&mut self, node: NodeId, addr: radicle::node::Address) -> Result<(), Error> {

        self.command(service::Command::Connect(node, addr))?;

        Ok(())

    }

    pub use crate::node::Address;

use std::{env, net, process};

use nakamoto_net::LocalDuration;

use radicle_node::client::Runtime;

use radicle_node::{logger, service};

    let proxy = net::SocketAddr::new(net::Ipv4Addr::LOCALHOST.into(), 9050);

    let runtime = Runtime::with(profile, config, options.listen, proxy, signer)?;

    runtime.run()?;

use std::{fmt, io, net, str};

use radicle::node::{Address, Features};

use crate::service::message::{Announcement, AnnouncementMessage, Ping};

use crate::service::session::Protocol;

    #[error(transparent)]

    Io(#[from] io::Error),

        debug!("Received command {:?}", cmd);

                    if let Some(fetch) = session.fetch(id) {

                        self.reactor.write(session.id, fetch);

                        // TODO: If we can't fetch, it's because we're already fetching from

        // TODO: Downgrade session to gossip protocol.

    pub fn attempted(&mut self, id: NodeId, addr: &Address) {

        debug!("Attempted connection to {id} ({addr})");

        debug!("Received message {:?} from {}", &message, peer.id);

            (session::State::Connected { protocol, .. }, _) if *protocol == Protocol::Fetch => {

                // This should never happen if the service is properly configured, since all

                // incoming data is sent directly to the Git worker.

                log::error!("Received gossip message from {remote} during Git fetch");

                return Err(session::Error::Misbehavior);

            }

                        "Disconnecting peer {} for initializing already initialized session",

            (session::State::Connected { protocol, .. }, Message::Fetch { repo }) => {

                *protocol = Protocol::Fetch;

use radicle::node::Address;

use std::{fmt, io, mem};

use crate::node::Address;

use crate::service::{NodeId, Timestamp};

    /// Upgrade session to Git protocol and fetch the given repository.

    Fetch { repo: Id },

            Self::Fetch { repo } => write!(f, "Upgrade({repo})"),

    /// Remote peer we are interacting with.

    /// Indicates whether the fetch request was initiated by us.

    pub initiated: bool,

    pub fn fetch(&mut self, remote: NodeId, repo: Id, namespaces: Namespaces, initiated: bool) {

        if initiated {

            debug!("Fetch initiated for {} from {}..", repo, remote);

        } else {

            debug!("Fetch requested for {} from {}..", repo, remote);

        }

            initiated,

    /// [`Message::Fetch`] message.

    Fetch,

    pub fn fetch(&mut self, repo: Id) -> Option<Message> {

                *protocol = Protocol::Fetch;

                return Some(Message::Fetch { repo });

    Announcement, InventoryAnnouncement, Message, NodeAnnouncement, Ping, RefsAnnouncement,

    Subscribe, ZeroBytes,

    fn connect(&mut self, _node: NodeId, _addr: radicle::node::Address) -> Result<(), Error> {

        unimplemented!();

    }

                addresses: Some(net::SocketAddr::from((self.ip, node::DEFAULT_PORT)).into()).into(),

mod e2e;

use std::path::{Path, PathBuf};

use std::{

    collections::{BTreeMap, BTreeSet},

    net, thread,

};

use radicle::crypto::ssh::keystore::MemorySigner;

use radicle::git::refname;

use radicle::identity::Id;

use radicle::node::Handle;

use radicle::rad;

use radicle::test::fixtures;

use radicle::Profile;

use radicle::Storage;

use crate::address;

use crate::node::NodeId;

use crate::service::routing;

use crate::storage::git::transport;

use crate::wire::Transport;

use crate::{client, client::Runtime, service};

type TestHandle = (

    client::handle::Handle<Transport<routing::Table, address::Book, Storage, MemorySigner>>,

    thread::JoinHandle<Result<(), client::Error>>,

);

/// Populate a storage instance with a project.

fn populate(storage: &Storage, signer: &MemorySigner) {

    transport::local::register(storage.clone());

    let tmp = tempfile::tempdir().unwrap();

    let (repo, _) = fixtures::repository(tmp.path().join("acme"));

    rad::init(

        &repo,

        "acme",

        "Acme's Repo",

        refname!("master"),

        signer,

        storage,

    )

    .unwrap();

}

/// Create a node runtime.

fn runtime(home: &Path, config: service::Config) -> Runtime<MemorySigner> {

    let profile = Profile::init(home, "pasphrase".to_owned()).unwrap();

    let signer = MemorySigner::gen();

    let listen = vec![([0, 0, 0, 0], 0).into()];

    let proxy = net::SocketAddr::new(net::Ipv4Addr::LOCALHOST.into(), 9050);

    populate(&profile.storage, &signer);

    Runtime::with(profile, config, listen, proxy, signer).unwrap()

}

/// Create a network of nodes connected to each other.

fn network(

    configs: impl IntoIterator<Item = (service::Config, PathBuf)>,

) -> BTreeMap<(NodeId, net::SocketAddr), TestHandle> {

    let mut runtimes = BTreeMap::new();

    for (config, home) in configs.into_iter() {

        let rt = runtime(home.as_ref(), config);

        let id = rt.id;

        let addr = *rt.local_addrs.first().unwrap();

        let handle = rt.handle.clone();

        let join = thread::spawn(|| rt.run());

        runtimes.insert((id, addr), (handle, join));

    }

    let mut connect = Vec::new();

    for (i, (from, _)) in runtimes.iter().enumerate() {

        let peers = runtimes

            .iter()

            .skip(i + 1)

            .map(|(p, _)| *p)

            .collect::<Vec<(NodeId, net::SocketAddr)>>();

        for to in peers {

            connect.push((*from, to));

        }

    }

    for (from, (to_id, to_addr)) in connect {

        let (handle, _) = runtimes.get_mut(&from).unwrap();

        handle.connect(to_id, to_addr.into()).unwrap();

    }

    runtimes

}

/// Checks whether the nodes have converged in their routing tables.

#[track_caller]

fn check(

    nodes: impl IntoIterator<Item = ((NodeId, net::SocketAddr), TestHandle)>,

) -> BTreeSet<(Id, NodeId)> {

    let mut by_node = BTreeMap::<NodeId, BTreeSet<(Id, NodeId)>>::new();

    let mut all = BTreeSet::<(Id, NodeId)>::new();

    for ((id, _), (handle, _)) in nodes {

        let routing = handle.routing().unwrap();

        for (rid, node) in routing.try_iter() {

            all.insert((rid, node));

            by_node

                .entry(id)

                .or_insert_with(BTreeSet::new)

                .insert((rid, node));

        }

    }

    for (node, routes) in by_node {

        assert_eq!(routes, all, "{node} failed to converge");

    }

    all

}

#[test]

fn test_e2e() {

    let tmp = tempfile::tempdir().unwrap();

    let base = tmp.path();

    let nodes = network(vec![

        (service::Config::default(), base.join("alice")),

        (service::Config::default(), base.join("bob")),

    ]);

    // TODO: Find a better way to wait for synchronization, eg. using events, or using a loop.

    thread::sleep(std::time::Duration::from_secs(3));

    let routes = check(nodes);

    assert_eq!(routes.len(), 2);

}

use radicle::node::Address;

    Fetch = 14,

            14 => Ok(MessageType::Fetch),

            Self::Fetch { .. } => MessageType::Fetch,

            Self::Fetch { repo } => {

            Ok(MessageType::Fetch) => {

                Ok(Self::Fetch { repo })

use std::time::{Instant, SystemTime};

use netservices::resources::{ListenerEvent, NetAccept, NetResource, SessionEvent};

type Action<G> = reactor::Action<NetAccept<NoiseXk<G>>, NetResource<NoiseXk<G>>>;

    fn upgraded(&mut self, session: NetResource<NoiseXk<G>>) {

    type Transport = NetResource<NoiseXk<G>>;

    fn tick(&mut self, _time: Instant) {

        // FIXME: Change this once a proper timestamp is passed into the function.

        self.service.tick(LocalTime::from(SystemTime::now()));

                    session.transient_addr()

                let transport = match NetResource::<NoiseXk<G>>::new(session) {

                if let Some(Peer::Connected { id, .. }) = self.peers.get(&fd) {

                            Ok(msg) => self.service.received_message(*id, msg),

    fn handle_error(

        &mut self,

        err: reactor::Error<NetAccept<NoiseXk<G>>, NetResource<NoiseXk<G>>>,

    ) {

        match &err {

                // TODO: What are we supposed to do here? Remove this error.

            reactor::Error::TransportUnknown(id) => {

                // TODO: What are we supposed to do here? Remove this error.

                // TODO: This should be a fatal error, there's nothing we can do here.

            reactor::Error::ListenerPollError(id, err) => {

                // TODO: This should be a fatal error, there's nothing we can do here.

                log::error!(target: "transport", "Received error: listener {} disconnected: {}", id, err);

                self.actions.push_back(Action::UnregisterListener(*id));

            }

            reactor::Error::ListenerDisconnect(id, _, err) => {

                // TODO: This should be a fatal error, there's nothing we can do here.

                log::error!(target: "transport", "Received error: listener {} disconnected: {}", id, err);

            }

            reactor::Error::TransportPollError(id, err) => {

                log::error!(target: "transport", "Received error: peer {} disconnected: {}", id, err);

                self.actions.push_back(Action::UnregisterTransport(*id));

            }

            reactor::Error::TransportDisconnect(id, _, err) => {

                log::error!(target: "transport", "Received error: peer {} disconnected: {}", id, err);

            }

            reactor::Error::WriteFailure(id, err) => {

                // TODO: Disconnect peer?

                log::error!(target: "transport", "Error during writing to peer {id}: {err}")

            }

            reactor::Error::WriteLogicError(id, _) => {

                // TODO: We shouldn't be receiving this error. There's nothing we can do.

                log::error!(target: "transport", "Write logic error for peer {id}: {err}")

            }

    type Item = reactor::Action<NetAccept<NoiseXk<G>>, NetResource<NoiseXk<G>>>;

                    match NetResource::<NoiseXk<G>>::connect(

                        // TODO: Improve API to not require a boolean.

                        true,

use core::time;

use std::io::prelude::*;

use std::process;

use std::{io, net};

use crossbeam_channel as chan;

use netservices::noise::NoiseXk;

use netservices::resources::{NetReader, NetResource, NetWriter, SplitIo};

use netservices::tunnel::Tunnel;

use radicle::storage::{ReadRepository, RefUpdate, WriteStorage};

use reactor::poller::popol;

use crate::service::{FetchError, FetchResult};

type Session<G> = NetResource<NoiseXk<G>>;

    pub session: NetResource<NoiseXk<G>>,

    pub session: Session<G>,

/// A worker that replicates git objects.

struct Worker<G: Negotiator> {

    timeout: time::Duration,

impl<G: Negotiator + 'static> Worker<G> {

    /// Waits for tasks and runs them. Blocks indefinitely unless there is an error receiving

    /// the next task.

    fn run(self) -> Result<(), chan::RecvError> {

    fn process(&self, task: WorkerReq<G>) {

            drain,

        let (session, result) = self._process(&fetch, drain, session);

        let result = match result {

            Ok(updated) => FetchResult::Fetched {

                updated,

            },

            Err(error) => FetchResult::Error {

                from: fetch.remote,

                error,

    fn _process(

        &self,

        fetch: &Fetch,

        drain: Vec<u8>,

        session: Session<G>,

    ) -> (Session<G>, Result<Vec<RefUpdate>, FetchError>) {

        if fetch.initiated {

            let mut tunnel = match Tunnel::with(session, net::SocketAddr::from(([0, 0, 0, 0], 0))) {

                Ok(tunnel) => tunnel,

                Err((session, err)) => return (session, Err(err.into())),

            };

            let result = self.fetch(fetch, &mut tunnel);

            let session = tunnel.into_session();

            (session, result)

        } else {

            let (mut stream_r, mut stream_w) = match session.split_io() {

                Ok((r, w)) => (r, w),

                Err(err) => {

                    return (err.original, Err(err.error.into()));

                }

            };

            let result = self.upload_pack(fetch, drain, &mut stream_r, &mut stream_w);

            let session = NetResource::from_split_io(stream_r, stream_w);

            (session, result)

        }

    }

    fn fetch(

        &self,

        fetch: &Fetch,

        tunnel: &mut Tunnel<Session<G>>,

    ) -> Result<Vec<RefUpdate>, FetchError> {

        let tunnel_addr = tunnel.local_addr()?;

        let repo = self.storage.repository(fetch.repo)?;

        let child = process::Command::new("git")

            .current_dir(repo.path())

            .arg("fetch")

            .arg("--atomic") // The path to the git repo must be exact.

            .arg(format!("git://{tunnel_addr}"))

            .arg(fetch.namespaces.as_fetchspec())

            .arg(".")

            .stdout(process::Stdio::piped())

            .stdin(process::Stdio::piped())

            .spawn()?;

        let _ = tunnel.tunnel_once(popol::Poller::new(), self.timeout)?;

        let output = child.wait_with_output()?;

        // TODO: Parse fetch output to return updates.

        log::debug!(target: "worker", "Fetch output for {}: {:?}", fetch.repo, output);

        Ok(vec![])

    }

    fn upload_pack(

        &self,

        fetch: &Fetch,

        drain: Vec<u8>,

        stream_r: &mut NetReader<NoiseXk<G>>,

        stream_w: &mut NetWriter<NoiseXk<G>>,

    ) -> Result<Vec<RefUpdate>, FetchError> {