Bugfix/client registration vol2

common/crypto/src/asymmetric/encryption/mod.rs

@@ -81,6 +81,15 @@ impl KeyPair {
     }
 }
 
+impl From<PrivateKey> for KeyPair {
+    fn from(private_key: PrivateKey) -> Self {
+        KeyPair {
+            public_key: (&private_key).into(),
+            private_key,
+        }
+    }
+}
+
 impl PemStorableKeyPair for KeyPair {
     type PrivatePemKey = PrivateKey;
     type PublicPemKey = PublicKey;

common/crypto/src/asymmetric/identity/mod.rs

@@ -91,6 +91,15 @@ impl KeyPair {
     }
 }
 
+impl From<PrivateKey> for KeyPair {
+    fn from(private_key: PrivateKey) -> Self {
+        KeyPair {
+            public_key: (&private_key).into(),
+            private_key,
+        }
+    }
+}
+
 impl PemStorableKeyPair for KeyPair {
     type PrivatePemKey = PrivateKey;
     type PublicPemKey = PublicKey;

common/gateway-storage/src/shared_keys.rs

@@ -40,9 +40,17 @@ impl SharedKeysManager {
         client_address_bs58: String,
         derived_aes128_ctr_blake3_hmac_keys_bs58: String,
     ) -> Result<i64, sqlx::Error> {
-        sqlx::query!("INSERT OR REPLACE INTO shared_keys(client_address_bs58, derived_aes128_ctr_blake3_hmac_keys_bs58) VALUES (?, ?)",
+        // https://stackoverflow.com/a/20310838
+        // we don't want to be using `INSERT OR REPLACE INTO` due to the foreign key on `available_bandwidth` if the entry already exists
+        sqlx::query!(
+            r#"
+                INSERT OR IGNORE INTO shared_keys(client_address_bs58, derived_aes128_ctr_blake3_hmac_keys_bs58) VALUES (?, ?);
+                UPDATE shared_keys SET derived_aes128_ctr_blake3_hmac_keys_bs58 = ? WHERE client_address_bs58 = ?
+            "#,
             client_address_bs58,
             derived_aes128_ctr_blake3_hmac_keys_bs58,
+            derived_aes128_ctr_blake3_hmac_keys_bs58,
+            client_address_bs58,
         ).execute(&self.connection_pool).await?;
 
         self.client_id(&client_address_bs58).await

common/gateway-storage/src/wireguard_peers.rs

@@ -26,8 +26,17 @@ impl WgPeerManager {
     /// * `peer`: peer information needed by wireguard interface.
     pub(crate) async fn insert_peer(&self, peer: &WireguardPeer) -> Result<(), sqlx::Error> {
         sqlx::query!(
-            "INSERT OR REPLACE INTO wireguard_peer(public_key, preshared_key, protocol_version, endpoint, last_handshake, tx_bytes, rx_bytes, persistent_keepalive_interval, allowed_ips, suspended) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
-            peer.public_key, peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended
+            r#"
+                INSERT OR IGNORE INTO wireguard_peer(public_key, preshared_key, protocol_version, endpoint, last_handshake, tx_bytes, rx_bytes, persistent_keepalive_interval, allowed_ips, suspended)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?);
+
+                UPDATE wireguard_peer 
+                SET preshared_key = ?, protocol_version = ?, endpoint = ?, last_handshake = ?, tx_bytes = ?, rx_bytes = ?, persistent_keepalive_interval = ?, allowed_ips = ?, suspended = ?
+                WHERE public_key = ?
+            "#,
+            peer.public_key, peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended,
+
+            peer.preshared_key, peer.protocol_version, peer.endpoint, peer.last_handshake, peer.tx_bytes, peer.rx_bytes, peer.persistent_keepalive_interval, peer.allowed_ips, peer.suspended,peer.public_key,
         )
         .execute(&self.connection_pool)
         .await?;

gateway/src/node/client_handling/websocket/connection_handler/fresh.rs

@@ -529,6 +529,11 @@ where
     /// * `client_address`: address of the client wishing to authenticate.
     /// * `encrypted_address`: ciphertext of the address of the client wishing to authenticate.
     /// * `iv`: fresh IV received with the request.
+    #[instrument(skip_all
+        fields(
+            address = %address,
+        )
+    )]
     async fn handle_authenticate(
         &mut self,
         client_protocol_version: Option<u8>,
@@ -539,6 +544,8 @@ where
     where
         S: AsyncRead + AsyncWrite + Unpin,
     {
+        debug!("handling client registration");
+
         let negotiated_protocol = self.negotiate_client_protocol(client_protocol_version)?;
         // populate the negotiated protocol for future uses
         self.negotiated_protocol = Some(negotiated_protocol);
@@ -662,13 +669,17 @@ where
         let remote_identity = Self::extract_remote_identity_from_register_init(&init_data)?;
         let remote_address = remote_identity.derive_destination_address();
 
+        debug!(remote_client = %remote_identity);
+
         if self.active_clients_store.is_active(remote_address) {
             return Err(InitialAuthenticationError::DuplicateConnection);
         }
 
         let shared_keys = self.perform_registration_handshake(init_data).await?;
         let client_id = self.register_client(remote_address, &shared_keys).await?;
 
+        debug!(client_id = %client_id, "managed to finalize client registration");
+
         let client_details = ClientDetails::new(client_id, remote_address, shared_keys);
 
         Ok(InitialAuthResult::new(