no hostname option and fixes

Author: simonwicky

common/client-core/src/cli_helpers/client_add_gateway.rs

@@ -87,6 +87,7 @@ where
         user_chosen_gateway_id.map(|id| id.to_base58_string()),
         Some(common_args.latency_based_selection),
         common_args.force_tls_gateway,
+        false,
     );
     tracing::debug!("Gateway selection specification: {selection_spec:?}");
 

common/client-core/src/cli_helpers/client_init.rs

@@ -140,6 +140,7 @@ where
         user_chosen_gateway_id.map(|id| id.to_base58_string()),
         Some(common_args.latency_based_selection),
         common_args.force_tls_gateway,
+        false,
     );
     tracing::debug!("Gateway selection specification: {selection_spec:?}");
 

common/client-core/src/error.rs

@@ -46,6 +46,9 @@ pub enum ClientCoreError {
     #[error("Invalid URL: {0}")]
     InvalidUrl(String),
 
+    #[error("node doesn't advertise ip addresses : {0}")]
+    MissingIpAddress(String),
+
     #[cfg(not(target_arch = "wasm32"))]
     #[error("resolution failed: {0}")]
     ResolutionFailed(#[from] nym_http_api_client::ResolveError),

common/client-core/src/init/mod.rs

@@ -71,21 +71,28 @@ where
     let mut rng = OsRng;
 
     let selected_gateway = match selection_specification {
-        GatewaySelectionSpecification::UniformRemote { must_use_tls } => {
+        GatewaySelectionSpecification::UniformRemote {
+            must_use_tls,
+            no_hostname,
+        } => {
             let gateway = uniformly_random_gateway(&mut rng, &available_gateways, must_use_tls)?;
-            SelectedGateway::from_topology_node(gateway, must_use_tls)?
+            SelectedGateway::from_topology_node(gateway, must_use_tls, no_hostname)?
         }
-        GatewaySelectionSpecification::RemoteByLatency { must_use_tls } => {
+        GatewaySelectionSpecification::RemoteByLatency {
+            must_use_tls,
+            no_hostname,
+        } => {
             let gateway =
                 choose_gateway_by_latency(&mut rng, &available_gateways, must_use_tls).await?;
-            SelectedGateway::from_topology_node(gateway, must_use_tls)?
+            SelectedGateway::from_topology_node(gateway, must_use_tls, no_hostname)?
         }
         GatewaySelectionSpecification::Specified {
             must_use_tls,
+            no_hostname,
             identity,
         } => {
             let gateway = get_specified_gateway(&identity, &available_gateways, must_use_tls)?;
-            SelectedGateway::from_topology_node(gateway, must_use_tls)?
+            SelectedGateway::from_topology_node(gateway, must_use_tls, no_hostname)?
         }
         GatewaySelectionSpecification::Custom {
             gateway_identity,
@@ -150,6 +157,7 @@ pub async fn update_gateway_details<D>(
     mut registration: GatewayRegistration,
     available_gateways: Vec<RoutingNode>,
     must_use_tls: bool,
+    no_hostname: bool,
 ) -> Result<(), ClientCoreError>
 where
     D: GatewaysDetailsStore,
@@ -159,7 +167,7 @@ where
     tracing::trace!("Updating gateway details : {gateway_id}");
 
     let gateway = get_specified_gateway(&gateway_id, &available_gateways, must_use_tls)?;
-    let selected_gateway = SelectedGateway::from_topology_node(gateway, must_use_tls)?;
+    let selected_gateway = SelectedGateway::from_topology_node(gateway, must_use_tls, no_hostname)?;
 
     let new_gateway_listeners = match selected_gateway {
         SelectedGateway::Remote {

common/client-core/src/init/types.rs

@@ -39,34 +39,47 @@ impl SelectedGateway {
     pub fn from_topology_node(
         node: RoutingNode,
         must_use_tls: bool,
+        no_hostname: bool,
     ) -> Result<Self, ClientCoreError> {
         // for now, let's use 'old' behaviour, if you want to change it, you can pass it up the enum stack yourself : )
         let prefer_ipv6 = false;
 
-        let gateway_listener = if must_use_tls {
-            node.ws_entry_address_tls()
-                .ok_or(ClientCoreError::UnsupportedWssProtocol {
-                    gateway: node.identity_key.to_base58_string(),
-                })?
+        let (gateway_listener, fallback_listener) = if must_use_tls {
+            // WSS main, no fallback
+            let primary =
+                node.ws_entry_address_tls()
+                    .ok_or(ClientCoreError::UnsupportedWssProtocol {
+                        gateway: node.identity_key.to_base58_string(),
+                    })?;
+            (primary, None)
+        } else if no_hostname {
+            // First IP address for main, second if it exists for fallback
+            let primary = node.ws_entry_address_no_hostname(prefer_ipv6, 0).ok_or(
+                ClientCoreError::MissingIpAddress(node.identity_key.to_base58_string()),
+            )?;
+            let fallback = node.ws_entry_address_no_hostname(prefer_ipv6, 1);
+            (primary, fallback)
         } else {
-            node.ws_entry_address(prefer_ipv6)
-                .ok_or(ClientCoreError::UnsupportedEntry {
-                    id: node.node_id,
-                    identity: node.identity_key.to_base58_string(),
-                })?
+            // WS hostname main, IP address fallback
+            let primary =
+                node.ws_entry_address(prefer_ipv6)
+                    .ok_or(ClientCoreError::UnsupportedEntry {
+                        id: node.node_id,
+                        identity: node.identity_key.to_base58_string(),
+                    })?;
+            let fallback = node.ws_entry_address_no_hostname(prefer_ipv6, 0);
+            (primary, fallback)
         };
 
-        let fallback_listener =
-            node.ws_entry_address_no_hostname(prefer_ipv6)
-                .and_then(|address| {
-                    Url::parse(&address)
-                        .inspect_err(|err| {
-                            tracing::warn!("Malformed fallback listener, none will be used : {err}")
-                        })
-                        .ok()
-                });
-
-        let gateway_listener =
+        let fallback_listener_url = fallback_listener.and_then(|address| {
+            Url::parse(&address)
+                .inspect_err(|err| {
+                    tracing::warn!("Malformed fallback listener, none will be used : {err}")
+                })
+                .ok()
+        });
+
+        let gateway_listener_url =
             Url::parse(&gateway_listener).map_err(|source| ClientCoreError::MalformedListener {
                 gateway_id: node.identity_key.to_base58_string(),
                 raw_listener: gateway_listener,
@@ -76,8 +89,8 @@ impl SelectedGateway {
         Ok(SelectedGateway::Remote {
             gateway_id: node.identity_key,
             gateway_listeners: GatewayListeners {
-                primary: gateway_listener,
-                fallback: fallback_listener,
+                primary: gateway_listener_url,
+                fallback: fallback_listener_url,
             },
         })
     }
@@ -168,15 +181,22 @@ impl InitialisationResult {
 #[derive(Clone, Debug)]
 pub enum GatewaySelectionSpecification {
     /// Uniformly choose a random remote gateway.
-    UniformRemote { must_use_tls: bool },
+    UniformRemote {
+        must_use_tls: bool,
+        no_hostname: bool,
+    },
 
     /// Should the new, remote, gateway be selected based on latency.
-    RemoteByLatency { must_use_tls: bool },
+    RemoteByLatency {
+        must_use_tls: bool,
+        no_hostname: bool,
+    },
 
     /// Gateway with this specific identity should be chosen.
     // JS: I don't really like the name of this enum variant but couldn't think of anything better at the time
     Specified {
         must_use_tls: bool,
+        no_hostname: bool,
         identity: IdentityKey,
     },
 
@@ -192,6 +212,7 @@ impl Default for GatewaySelectionSpecification {
     fn default() -> Self {
         GatewaySelectionSpecification::UniformRemote {
             must_use_tls: false,
+            no_hostname: false,
         }
     }
 }
@@ -201,16 +222,24 @@ impl GatewaySelectionSpecification {
         gateway_identity: Option<String>,
         latency_based_selection: Option<bool>,
         must_use_tls: bool,
+        no_hostname: bool,
     ) -> Self {
         if let Some(identity) = gateway_identity {
             GatewaySelectionSpecification::Specified {
                 identity,
                 must_use_tls,
+                no_hostname,
             }
         } else if let Some(true) = latency_based_selection {
-            GatewaySelectionSpecification::RemoteByLatency { must_use_tls }
+            GatewaySelectionSpecification::RemoteByLatency {
+                must_use_tls,
+                no_hostname,
+            }
         } else {
-            GatewaySelectionSpecification::UniformRemote { must_use_tls }
+            GatewaySelectionSpecification::UniformRemote {
+                must_use_tls,
+                no_hostname,
+            }
         }
     }
 }

common/client-libs/gateway-client/src/client/websockets.rs

@@ -15,8 +15,6 @@ use url::{Host, Url};
 
 use std::{net::SocketAddr, time::Duration};
 
-const INITIAL_CONNECTION_TIMEOUT: Duration = Duration::from_secs(5);
-
 #[cfg(not(target_arch = "wasm32"))]
 pub(crate) async fn connect_async(
     endpoint: &str,
@@ -40,6 +38,8 @@ pub(crate) async fn connect_async(
         Host::Ipv6(addr) => vec![SocketAddr::new(addr.into(), port)],
         Host::Domain(domain) => {
             // Do a DNS lookup for the domain using our custom DNS resolver
+            println!("I'M TIRED BOSS");
+            tokio::time::sleep(Duration::from_secs(20)).await;
             resolver
                 .resolve_str(domain)
                 .await?
@@ -95,33 +95,29 @@ pub(crate) async fn connect_async_with_fallback(
     endpoints: &GatewayListeners,
     #[cfg(unix)] connection_fd_callback: Option<Arc<dyn Fn(RawFd) + Send + Sync>>,
 ) -> Result<(WebSocketStream<MaybeTlsStream<TcpStream>>, Response), GatewayClientError> {
-    // Hickory DNS has a non cofigurable 2 * 10 seconds timeout so we have to add one here as well
-    match tokio::time::timeout(
-        INITIAL_CONNECTION_TIMEOUT,
-        connect_async(
-            endpoints.primary.as_ref(),
-            #[cfg(unix)]
-            connection_fd_callback.clone(),
-        ),
+    match connect_async(
+        endpoints.primary.as_ref(),
+        #[cfg(unix)]
+        connection_fd_callback.clone(),
     )
     .await
     {
-        Ok(inner) => inner,
-        Err(_) if endpoints.fallback.is_some() => {
-            // SAFTEY: We know there is a fallback here
-            #[allow(clippy::unwrap_used)]
-            let fallback = endpoints.fallback.as_ref().unwrap().to_string();
-            tracing::warn!(
-                "Timeout trying to connect to endpoint {}, trying fallback : {fallback}",
-                endpoints.primary
-            );
-            connect_async(
-                &fallback,
-                #[cfg(unix)]
-                connection_fd_callback,
-            )
-            .await
+        Ok(inner) => Ok(inner),
+        Err(e) => {
+            if let Some(fallback) = &endpoints.fallback {
+                tracing::warn!(
+                    "Main endpoint failed {} : {e}, trying fallback : {fallback}",
+                    endpoints.primary
+                );
+                connect_async(
+                    fallback.as_ref(),
+                    #[cfg(unix)]
+                    connection_fd_callback,
+                )
+                .await
+            } else {
+                Err(e)
+            }
         }
-        Err(_) => Err(GatewayClientError::Timeout),
     }
 }

common/gateway-storage/migrations/20251126120000_remove_aes128ctr_key.sql

@@ -9,11 +9,12 @@ CREATE TABLE shared_keys_tmp
 (
     client_id                  INTEGER NOT NULL PRIMARY KEY REFERENCES clients (id),
     client_address_bs58        TEXT    NOT NULL UNIQUE,
-    derived_aes256_gcm_siv_key BLOB    NOT NULL
+    derived_aes256_gcm_siv_key BLOB    NOT NULL,
+    last_used_authentication TIMESTAMP WITHOUT TIME ZONE
 );
 
-INSERT INTO shared_keys_tmp (client_id, client_address_bs58, derived_aes256_gcm_siv_key)
-SELECT client_id, client_address_bs58, derived_aes256_gcm_siv_key
+INSERT INTO shared_keys_tmp (client_id, client_address_bs58, derived_aes256_gcm_siv_key, last_used_authentication)
+SELECT client_id, client_address_bs58, derived_aes256_gcm_siv_key, last_used_authentication
 FROM shared_keys
 WHERE derived_aes256_gcm_siv_key IS NOT NULL;
 

common/topology/src/node.rs

@@ -89,14 +89,20 @@ impl RoutingNode {
         self.ws_entry_address_no_tls(prefer_ipv6)
     }
 
-    pub fn ws_entry_address_no_hostname(&self, prefer_ipv6: bool) -> Option<String> {
+    pub fn ws_entry_address_no_hostname(&self, prefer_ipv6: bool, index: usize) -> Option<String> {
         let entry = self.entry.as_ref()?;
 
-        if prefer_ipv6 && let Some(ipv6) = entry.ip_addresses.iter().find(|ip| ip.is_ipv6()) {
+        if prefer_ipv6
+            && let Some(ipv6) = entry
+                .ip_addresses
+                .iter()
+                .filter(|ip| ip.is_ipv6())
+                .nth(index)
+        {
             return Some(format!("ws://{ipv6}:{}", entry.clients_ws_port));
         }
 
-        let any_ip = entry.ip_addresses.first()?;
+        let any_ip = entry.ip_addresses.get(index)?;
         Some(format!("ws://{any_ip}:{}", entry.clients_ws_port))
     }
 

nym-registration-client/src/builder/config.rs

@@ -119,6 +119,7 @@ impl BuilderConfig {
             .network_details(self.network_env)
             .debug_config(debug_config)
             .credentials_mode(true)
+            .no_hostname(true)
             .with_remember_me(remember_me)
             .custom_topology_provider(self.custom_topology_provider);