Introduce node IDs.

This introduces a new type of identifier for nodes, which complements
node names: node IDs. Node IDs are defined as the first 6 bytes of the
SHA-256 hash of the node name. They will be used in future code in lieu
of node names as unique node identifiers in contexts where space is at
a premium (such as VPN packets).

The semantics of node IDs is that they are supposed to be unique in a
tinc graph; i.e. two different nodes that are part of the same graph
should not have the same ID, otherwise things could break. This
solution provides this guarantee based on realistic probabilities:
indeed, according to the birthday problem, with a 48-bit hash, the
probability of at least one collision is 1e-13 with 10 nodes, 1e-11
with 100 nodes, 1e-9 with 1000 nodes and 1e-7 with 10000 nodes. Things
only start getting hairy with more than 1 million nodes, as the
probability gets over 0.2%.

src/info.c

@@ -50,6 +50,7 @@ static int info_node(int fd, const char *item) {
 	char line[4096];
 
 	char node[4096];
+	char id[4096];
 	char from[4096];
 	char to[4096];
 	char subnet[4096];
@@ -68,12 +69,12 @@ static int info_node(int fd, const char *item) {
 	long int last_state_change;
 
 	while(recvline(fd, line, sizeof line)) {
-		int n = sscanf(line, "%d %d %s %s port %s %d %d %d %d %x %"PRIx32" %s %s %d %hd %hd %hd %ld", &code, &req, node, host, port, &cipher, &digest, &maclength, &compression, &options, &status_union.raw, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change);
+		int n = sscanf(line, "%d %d %s %s %s port %s %d %d %d %d %x %"PRIx32" %s %s %d %hd %hd %hd %ld", &code, &req, node, id, host, port, &cipher, &digest, &maclength, &compression, &options, &status_union.raw, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change);
 
 		if(n == 2)
 			break;
 
-		if(n != 18) {
+		if(n != 19) {
 			fprintf(stderr, "Unable to parse node dump from tincd.\n");
 			return 1;
 		}
@@ -95,6 +96,7 @@ static int info_node(int fd, const char *item) {
 	}
 
 	printf("Node:         %s\n", item);
+	printf("Node ID:      %s\n", id);
 	printf("Address:      %s port %s\n", host, port);
 
 	char timestr[32] = "never";

src/net.h

@@ -52,6 +52,10 @@ typedef struct ipv6_t {
 	uint16_t x[8];
 } ipv6_t;
 
+typedef struct node_id_t {
+	uint8_t x[6];
+} node_id_t;
+
 typedef short length_t;
 
 #define AF_UNKNOWN 255

src/node.c

@@ -30,7 +30,10 @@
 #include "utils.h"
 #include "xalloc.h"
 
+static digest_t *sha256;
+
 splay_tree_t *node_tree;
+static splay_tree_t *node_id_tree;
 static hash_t *node_udp_cache;
 
 node_t *myself;
@@ -39,14 +42,24 @@ static int node_compare(const node_t *a, const node_t *b) {
 	return strcmp(a->name, b->name);
 }
 
+static int node_id_compare(const node_t *a, const node_t *b) {
+	return memcmp(&a->id, &b->id, sizeof(node_id_t));
+}
+
 void init_nodes(void) {
+	sha256 = digest_open_by_name("sha256", sizeof(node_id_t));
+
 	node_tree = splay_alloc_tree((splay_compare_t) node_compare, (splay_action_t) free_node);
+	node_id_tree = splay_alloc_tree((splay_compare_t) node_id_compare, NULL);
 	node_udp_cache = hash_alloc(0x100, sizeof(sockaddr_t));
 }
 
 void exit_nodes(void) {
 	hash_free(node_udp_cache);
+	splay_delete_tree(node_id_tree);
 	splay_delete_tree(node_tree);
+
+	digest_close(sha256);
 }
 
 node_t *new_node(void) {
@@ -93,7 +106,10 @@ void free_node(node_t *n) {
 }
 
 void node_add(node_t *n) {
+	digest_create(sha256, n->name, strlen(n->name), &n->id);
+
 	splay_insert(node_tree, n);
+	splay_insert(node_id_tree, n);
 }
 
 void node_del(node_t *n) {
@@ -103,6 +119,7 @@ void node_del(node_t *n) {
 	for splay_each(edge_t, e, n->edge_tree)
 		edge_del(e);
 
+	splay_delete(node_id_tree, n);
 	splay_delete(node_tree, n);
 }
 
@@ -114,6 +131,14 @@ node_t *lookup_node(char *name) {
 	return splay_search(node_tree, &n);
 }
 
+node_t *lookup_node_id(const node_id_t *id) {
+	node_t n = {NULL};
+
+	n.id = *id;
+
+	return splay_search(node_id_tree, &n);
+}
+
 node_t *lookup_node_udp(const sockaddr_t *sa) {
 	return hash_search(node_udp_cache, sa);
 }
@@ -150,12 +175,17 @@ void update_node_udp(node_t *n, const sockaddr_t *sa) {
 }
 
 bool dump_nodes(connection_t *c) {
-	for splay_each(node_t, n, node_tree)
-		send_request(c, "%d %d %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES,
-			   n->name, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher),
+	for splay_each(node_t, n, node_tree) {
+		char id[2 * sizeof n->id + 1];
+		for (size_t c = 0; c < sizeof n->id; ++c)
+			sprintf(id + 2 * c, "%02hhx", n->id.x[c]);
+		id[sizeof id - 1] = 0;
+		send_request(c, "%d %d %s %s %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", CONTROL, REQ_DUMP_NODES,
+			   n->name, id, n->hostname ?: "unknown port unknown", cipher_get_nid(n->outcipher),
 			   digest_get_nid(n->outdigest), (int)digest_length(n->outdigest), n->outcompression,
 			   n->options, bitfield_to_int(&n->status, sizeof n->status), n->nexthop ? n->nexthop->name : "-",
 			   n->via ? n->via->name ?: "-" : "-", n->distance, n->mtu, n->minmtu, n->maxmtu, (long)n->last_state_change);
+	}
 
 	return send_request(c, "%d %d", CONTROL, REQ_DUMP_NODES);
 }

src/node.h

@@ -43,6 +43,7 @@ typedef struct node_status_t {
 
 typedef struct node_t {
 	char *name;                             /* name of this node */
+	node_id_t id;                           /* unique node ID (name hash) */
 	uint32_t options;                       /* options turned on for this node */
 
 	int sock;                               /* Socket to use for outgoing UDP packets */
@@ -111,6 +112,7 @@ extern void free_node(node_t *);
 extern void node_add(node_t *);
 extern void node_del(node_t *);
 extern node_t *lookup_node(char *);
+extern node_t *lookup_node_id(const node_id_t *);
 extern node_t *lookup_node_udp(const sockaddr_t *);
 extern bool dump_nodes(struct connection_t *);
 extern bool dump_traffic(struct connection_t *);

src/tincctl.c

@@ -1002,6 +1002,7 @@ static int cmd_dump(int argc, char *argv[]) {
 			break;
 
 		char node[4096];
+		char id[4096];
 		char from[4096];
 		char to[4096];
 		char subnet[4096];
@@ -1019,8 +1020,8 @@ static int cmd_dump(int argc, char *argv[]) {
 
 		switch(req) {
 			case REQ_DUMP_NODES: {
-				int n = sscanf(line, "%*d %*d %s %s port %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", node, host, port, &cipher, &digest, &maclength, &compression, &options, &status_int, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change);
-				if(n != 16) {
+				int n = sscanf(line, "%*d %*d %s %s %s port %s %d %d %d %d %x %x %s %s %d %hd %hd %hd %ld", node, id, host, port, &cipher, &digest, &maclength, &compression, &options, &status_int, nexthop, via, &distance, &pmtu, &minmtu, &maxmtu, &last_state_change);
+				if(n != 17) {
 					fprintf(stderr, "Unable to parse node dump from tincd: %s\n", line);
 					return 1;
 				}
@@ -1043,8 +1044,8 @@ static int cmd_dump(int argc, char *argv[]) {
 				} else {
 					if(only_reachable && !status.reachable)
 						continue;
-					printf("%s at %s port %s cipher %d digest %d maclength %d compression %d options %x status %04x nexthop %s via %s distance %d pmtu %hd (min %hd max %hd)\n",
-							node, host, port, cipher, digest, maclength, compression, options, status_int, nexthop, via, distance, pmtu, minmtu, maxmtu);
+					printf("%s id %s at %s port %s cipher %d digest %d maclength %d compression %d options %x status %04x nexthop %s via %s distance %d pmtu %hd (min %hd max %hd)\n",
+							node, id, host, port, cipher, digest, maclength, compression, options, status_int, nexthop, via, distance, pmtu, minmtu, maxmtu);
 				}
 			} break;