fosrl.pangolin/server/routers/olm/handleOlmRegisterMessage.ts

import db from "@server/db";
import { MessageHandler } from "../ws";
import { clients, exitNodes, Olm, olms, sites } from "@server/db/schema";
import { eq } from "drizzle-orm";
import { addPeer, deletePeer } from "../newt/peers";
import logger from "@server/logger";

export const handleOlmRegisterMessage: MessageHandler = async (context) => {
    const { message, client: c, sendToClient } = context;
    const olm = c as Olm;

    logger.info("Handling register olm message!");

    if (!olm) {
        logger.warn("Olm not found");
        return;
    }

    if (!olm.clientId) {
        logger.warn("Olm has no site!"); // TODO: Maybe we create the site here?
        return;
    }

    const clientId = olm.clientId;

    const { publicKey } = message.data;
    if (!publicKey) {
        logger.warn("Public key not provided");
        return;
    }

    const [client] = await db
        .select()
        .from(clients)
        .where(eq(clients.clientId, clientId))
        .limit(1);

    if (!client || !client.siteId) {
        logger.warn("Site not found or does not have exit node");
        return;
    }

    const [site] = await db
        .select()
        .from(sites)
        .where(eq(sites.siteId, client.siteId))
        .limit(1);

    if (!site) {
        logger.warn("Site not found or does not have exit node");
        return;
    }

    if (!site.exitNodeId) {
        logger.warn("Site does not have exit node");
        return;
    }

    const [exitNode] = await db
        .select()
        .from(exitNodes)
        .where(eq(exitNodes.exitNodeId, site.exitNodeId))
        .limit(1);

    sendToClient(olm.olmId, {
        type: "olm/wg/holepunch",
        data: {
            serverPubKey: exitNode.publicKey,
        }
    });

    // make sure we hand endpoints for both the site and the client and the lastHolePunch is not too old
    if (!site.endpoint || !client.endpoint) {
        logger.warn("Site or client has no endpoint or listen port");
        return;
    }

    const now = new Date().getTime() / 1000;
    if (site.lastHolePunch && now - site.lastHolePunch > 6) {
        logger.warn("Site last hole punch is too old");
        return;
    }

    if (client.lastHolePunch && now - client.lastHolePunch > 6) {
        logger.warn("Client last hole punch is too old");
        return;
    }

    await db
        .update(clients)
        .set({
            pubKey: publicKey
        })
        .where(eq(clients.clientId, olm.clientId))
        .returning();

    if (client.pubKey && client.pubKey !== publicKey) {
        logger.info("Public key mismatch. Deleting old peer...");
        await deletePeer(site.siteId, client.pubKey);
    }

    if (!site.subnet) {
        logger.warn("Site has no subnet");
        return;
    }

    // add the peer to the exit node
    await addPeer(site.siteId, {
        publicKey: publicKey,
        allowedIps: [client.subnet],
        endpoint: client.endpoint
    });

    return {
        message: {
            type: "olm/wg/connect",
            data: {
                endpoint: site.endpoint,
                publicKey: site.publicKey,
                serverIP: site.address!.split("/")[0],
                tunnelIP: `${client.subnet.split("/")[0]}/${site.address!.split("/")[1]}` // put the client ip in the same subnet as the site. TODO: Is this right? Maybe we need th make .subnet work properly!
            }
        },
        broadcast: false, // Send to all olms
        excludeSender: false // Include sender in broadcast
    };
};
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`import db from "@server/db";`
			`import { MessageHandler } from "../ws";`
Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`import { clients, exitNodes, Olm, olms, sites } from "@server/db/schema";`
Send down gerbil pub so it can encrypt 2025-03-14 09:18:13 -04:00			`import { eq } from "drizzle-orm";`
Working on handlers 2025-02-21 10:55:38 -05:00			`import { addPeer, deletePeer } from "../newt/peers";`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`import logger from "@server/logger";`

			`export const handleOlmRegisterMessage: MessageHandler = async (context) => {`
Handle types in handlers 2025-02-21 12:17:56 -05:00			`const { message, client: c, sendToClient } = context;`
			`const olm = c as Olm;`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00
Working on handlers 2025-02-21 10:55:38 -05:00			`logger.info("Handling register olm message!");`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00
			`if (!olm) {`
			`logger.warn("Olm not found");`
			`return;`
			`}`

Handle types in handlers 2025-02-21 12:17:56 -05:00			`if (!olm.clientId) {`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`logger.warn("Olm has no site!"); // TODO: Maybe we create the site here?`
			`return;`
			`}`

Handle types in handlers 2025-02-21 12:17:56 -05:00			`const clientId = olm.clientId;`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00
			`const { publicKey } = message.data;`
			`if (!publicKey) {`
			`logger.warn("Public key not provided");`
			`return;`
			`}`

Handle types in handlers 2025-02-21 12:17:56 -05:00			`const [client] = await db`
			`.select()`
			`.from(clients)`
			`.where(eq(clients.clientId, clientId))`
			`.limit(1);`

			`if (!client \|\| !client.siteId) {`
			`logger.warn("Site not found or does not have exit node");`
			`return;`
			`}`

Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`const [site] = await db`
			`.select()`
			`.from(sites)`
Handle types in handlers 2025-02-21 12:17:56 -05:00			`.where(eq(sites.siteId, client.siteId))`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`.limit(1);`

Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`if (!site) {`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`logger.warn("Site not found or does not have exit node");`
			`return;`
			`}`

Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`if (!site.exitNodeId) {`
			`logger.warn("Site does not have exit node");`
Initial hp working? 2025-02-22 11:20:56 -05:00			`return;`
			`}`

Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`const [exitNode] = await db`
			`.select()`
			`.from(exitNodes)`
			`.where(eq(exitNodes.exitNodeId, site.exitNodeId))`
			`.limit(1);`

Send down gerbil pub so it can encrypt 2025-03-14 09:18:13 -04:00			`sendToClient(olm.olmId, {`
			`type: "olm/wg/holepunch",`
			`data: {`
Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`serverPubKey: exitNode.publicKey,`
Send down gerbil pub so it can encrypt 2025-03-14 09:18:13 -04:00			`}`
			`});`

Verify holepunch token and send gerbil pub key 2025-03-15 21:45:53 -04:00			`// make sure we hand endpoints for both the site and the client and the lastHolePunch is not too old`
			`if (!site.endpoint \|\| !client.endpoint) {`
			`logger.warn("Site or client has no endpoint or listen port");`
			`return;`
			`}`

Initial hp working? 2025-02-22 11:20:56 -05:00			`const now = new Date().getTime() / 1000;`
			`if (site.lastHolePunch && now - site.lastHolePunch > 6) {`
			`logger.warn("Site last hole punch is too old");`
			`return;`
			`}`

			`if (client.lastHolePunch && now - client.lastHolePunch > 6) {`
			`logger.warn("Client last hole punch is too old");`
			`return;`
			`}`

Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`await db`
Handle types in handlers 2025-02-21 12:17:56 -05:00			`.update(clients)`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`.set({`
			`pubKey: publicKey`
			`})`
Handle types in handlers 2025-02-21 12:17:56 -05:00			`.where(eq(clients.clientId, olm.clientId))`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`.returning();`

Handle types in handlers 2025-02-21 12:17:56 -05:00			`if (client.pubKey && client.pubKey !== publicKey) {`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`logger.info("Public key mismatch. Deleting old peer...");`
Handle types in handlers 2025-02-21 12:17:56 -05:00			`await deletePeer(site.siteId, client.pubKey);`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`}`

			`if (!site.subnet) {`
			`logger.warn("Site has no subnet");`
			`return;`
			`}`
Send down gerbil pub so it can encrypt 2025-03-14 09:18:13 -04:00
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`// add the peer to the exit node`
Working on handlers 2025-02-21 10:55:38 -05:00			`await addPeer(site.siteId, {`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`publicKey: publicKey,`
Initial hp working? 2025-02-22 11:20:56 -05:00			`allowedIps: [client.subnet],`
			`endpoint: client.endpoint`
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`});`

			`return {`
			`message: {`
			`type: "olm/wg/connect",`
			`data: {`
Initial hp working? 2025-02-22 11:20:56 -05:00			`endpoint: site.endpoint,`
Working on handlers 2025-02-21 10:55:38 -05:00			`publicKey: site.publicKey,`
			`serverIP: site.address!.split("/")[0],`
Send down gerbil pub so it can encrypt 2025-03-14 09:18:13 -04:00			tunnelIP: `${client.subnet.split("/")[0]}/${site.address!.split("/")[1]}` // put the client ip in the same subnet as the site. TODO: Is this right? Maybe we need th make .subnet work properly!
Move things around; rename to olm 2025-02-21 10:13:41 -05:00			`}`
			`},`
			`broadcast: false, // Send to all olms`
			`excludeSender: false // Include sender in broadcast`
			`};`
			`};`