implemented ServerPublicInfoResponse and ProgramMode::RandomBytes

.vscode/launch.json

@@ -7,7 +7,7 @@
             "request": "launch",
             "program": "${workspaceFolder}/bin/tcp-chat",
             "windows": { "program": "${workspaceFolder}/bin/tcp-chat.exe" },
-            "args": [ "-l", "127.0.0.1:9988" ],
+            "args": [ "-l" ],
             "preLaunchTask": "build_exec_dbg",
             "stopAtEntry": false,
             "cwd": "${workspaceFolder}/bin",

dependencies/bearssl.config

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
-DEP_WORKING_DIR="dependencies/BearSSL"
+DEP_WORKING_DIR="$DEPENDENCIES_DIR"
 
-projconfig_path="../bearssl.project.config"
+projconfig_path="bearssl.project.config"
 if [[ "$TASK" = *_dbg ]]; then
     dep_build_target="build_static_lib_dbg"
 else
@@ -10,10 +10,10 @@ fi
 
 DEP_PRE_BUILD_COMMAND=""
 DEP_BUILD_COMMAND="cbuild -c $projconfig_path $dep_build_target"
-DEP_POST_BUILD_COMMAND="mv -v cbuild.log ../bin/cbuild_bearssl.log"
+DEP_POST_BUILD_COMMAND=""
 DEP_CLEAN_COMMAND="cbuild -c $projconfig_path clean"
 
 DEP_DYNAMIC_OUT_FILES=""
-DEP_STATIC_OUT_FILES="../bin/libbearssl.a"
+DEP_STATIC_OUT_FILES="bin/libbearssl.a"
 DEP_OTHER_OUT_FILES=""
 PRESERVE_OUT_DIRECTORY_STRUCTURE=false

dependencies/bearssl.project.config

@@ -1,20 +1,20 @@
 #!/usr/bin/env bash
-CBUILD_VERSION=2.2.3
+CBUILD_VERSION=2.3.1
 
 PROJECT="bearssl"
 CMP_C="gcc"
 CMP_CPP="g++"
-STD_C="c11"
+STD_C="c99"
 STD_CPP="c++11"
 WARN_C="-Wno-unknown-pragmas"
-# WARN_CPP="-Wall -Wextra"
+WARN_CPP="$WARN_C"
 
-SRC_C="$(find src -name '*.c')"
+SRC_C="$(find BearSSL/src -name '*.c')"
-#SRC_CPP="$(find src -name '*.cpp')"
+SRC_CPP="$(find BearSSL/src -name '*.cpp')"
 
 # Directory with dependency configs.
 # See cbuild/example_dependency_configs
-DEPENDENCY_CONFIGS_DIR='..'
+DEPENDENCY_CONFIGS_DIR='.'
 # List of dependency config files in DEPENDENCY_CONFIGS_DIR separated by space.
 ENABLED_DEPENDENCIES=''
 
@@ -23,11 +23,11 @@ ENABLED_DEPENDENCIES=''
 #  ├── static_libs/  - Symbolic links to static libraries used by linker. Cleans on each call of build task.
 #  ├── static_libs/  - Symbolic links to dynamic libraries used by linker. Cleans on each call of build task.
 #  └── profile/      - gcc *.gcda profiling info files
-OBJDIR="obj"
+OBJDIR="BearSSL/obj"
-OUTDIR="../bin"
+OUTDIR="bin"
 STATIC_LIB_FILE="lib$PROJECT.a"
 
-INCLUDE="-I./src -I./inc"
+INCLUDE="-IBearSSL/src -IBearSSL/inc"
 
 # OS-specific options
 case "$OS" in
@@ -35,13 +35,32 @@ case "$OS" in
         EXEC_FILE="$PROJECT.exe"
         SHARED_LIB_FILE="$PROJECT.dll"
         LINKER_LIBS=""
-        DEFINE=""
+        INCLUDE="$INCLUDE "
         ;;
     LINUX)
         EXEC_FILE="$PROJECT"
         SHARED_LIB_FILE="$PROJECT.so"
         LINKER_LIBS=""
-        DEFINE="-DBR_USE_GETENTROPY=0"
+        INCLUDE="$INCLUDE -DBR_USE_GETENTROPY=0"
+        ;;
+    *)
+        error "operating system $OS has no configuration variants"
+        ;;
+esac
+
+# OS-specific options
+case "$OS" in
+    WINDOWS)
+        EXEC_FILE="$PROJECT.exe"
+        SHARED_LIB_FILE="$PROJECT.dll"
+        INCLUDE="$INCLUDE "
+        LINKER_LIBS=""
+        ;;
+    LINUX)
+        EXEC_FILE="$PROJECT"
+        SHARED_LIB_FILE="$PROJECT.so"
+        INCLUDE="$INCLUDE "
+        LINKER_LIBS=""
         ;;
     *)
         error "operating system $OS has no configuration variants"
@@ -58,64 +77,64 @@ case "$TASK" in
         # -fprofile-use enables compiler to use profiling info files to optimize executable
         # -fprofile-prefix-path sets path where profiling info about objects are be saved
         # -fdata-sections -ffunction-sections -Wl,--gc-sections  removes unused code
-        C_ARGS="$DEFINE -O2 -flto=auto -fuse-linker-plugin -fprofile-use -fprofile-prefix-path=$(realpath $OBJDIR)/objects -fdata-sections -ffunction-sections -Wl,--gc-sections"
+        C_ARGS="-O2 -flto=auto -fuse-linker-plugin -fprofile-use -fprofile-prefix-path=$(realpath $OBJDIR)/objects -fdata-sections -ffunction-sections -Wl,--gc-sections"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # creates executable with debug info and no optimizations
     build_exec_dbg)
-        C_ARGS="$DEFINE -O0 -g3"
+        C_ARGS="-O0 -g3"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # creates shared library
     build_shared_lib)
-        C_ARGS="$DEFINE -O2 -fpic -flto -shared"
+        C_ARGS="-O2 -fpic -flto -shared"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS -Wl,-soname,$SHARED_LIB_FILE"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_shared_lib.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_shared_lib.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # creates shared library with debug symbols and no optimizations
     build_shared_lib_dbg)
-        C_ARGS="$DEFINE -O0 -g3 -fpic -shared"
+        C_ARGS="-O0 -g3 -fpic -shared"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS -Wl,-soname,$SHARED_LIB_FILE"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_shared_lib.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_shared_lib.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # creates static library
     build_static_lib)
-        C_ARGS="$DEFINE -O2 -fpic -fdata-sections -ffunction-sections"
+        C_ARGS="-O2 -fpic -fdata-sections -ffunction-sections"
         CPP_ARGS="$C_ARGS"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_static_lib.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_static_lib.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # creates static library with debug symbols and no optimizations
     build_static_lib_dbg)
-        C_ARGS="$DEFINE -O0 -g3"
+        C_ARGS="-O0 -g3"
         CPP_ARGS="$C_ARGS"
-        PRE_TASK_SCRIPT=
+        PRE_TASK_SCRIPT=""
-        TASK_SCRIPT=cbuild/default_tasks/build_static_lib.sh
+        TASK_SCRIPT="@cbuild/default_tasks/build_static_lib.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # executes $EXEC_FILE
     exec)
-        TASK_SCRIPT=cbuild/default_tasks/exec.sh
+        TASK_SCRIPT="@cbuild/default_tasks/exec.sh"
         ;;
     # executes $EXEC_FILE with valgrind memory checker
     valgrind)  
         VALGRIND_ARGS="-s --read-var-info=yes --track-origins=yes --fullpath-after=$(pwd)/ --leak-check=full --show-leak-kinds=all" 
-        TASK_SCRIPT=cbuild/default_tasks/valgrind.sh
+        TASK_SCRIPT="@cbuild/default_tasks/valgrind.sh"
         ;;
     # generates profiling info
     profile)
@@ -126,25 +145,28 @@ case "$TASK" in
         # -pg adds code to executable, that generates file containing function call info (gmon.out)
         # -fprofile-generate generates executable with profiling code
         # -fprofile-prefix-path sets path where profiling info about objects will be saved
-        C_ARGS="$DEFINE -O2 -flto=auto -fuse-linker-plugin -fprofile-generate -fprofile-prefix-path=$(realpath $OBJDIR)/objects"
+        C_ARGS="-O2 -flto=auto -fuse-linker-plugin -fprofile-generate -fprofile-prefix-path=$(realpath $OBJDIR)/objects"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        PRE_TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        TASK_SCRIPT=cbuild/default_tasks/profile.sh
+        TASK_SCRIPT="@cbuild/default_tasks/profile.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # compiles program with -pg and runs it with gprof
     # uses gprof2dot python script to generate function call tree (pip install gprof2dot)
     # requires graphviz (https://www.graphviz.org/download/source/)
     gprof)
         OUTDIR="$OUTDIR/gprof"
-        # -pg adds code to executable, that generates file containing function call info (gmon.out)
+        # arguments that emit some call counter code and disable optimizations to see function names
-        C_ARGS="$DEFINE -O2 -flto=auto -fuse-linker-plugin -pg"
+        # https://github.com/msys2/MINGW-packages/issues/8503#issuecomment-1365475205
+        C_ARGS="-O0 -g -pg -no-pie -fno-omit-frame-pointer
+            -fno-inline-functions -fno-inline-functions-called-once 
+            -fno-optimize-sibling-calls -fopenmp"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        PRE_TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        TASK_SCRIPT=cbuild/default_tasks/gprof.sh
+        TASK_SCRIPT="@cbuild/default_tasks/gprof.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # compiles program and runs it with callgrind (part of valgrind)
     # uses gprof2dot python script to generate function call tree (pip install gprof2dot)
@@ -153,32 +175,32 @@ case "$TASK" in
     callgrind)
         OUTDIR="$OUTDIR/callgrind"
         # -pg adds code to executable, that generates file containing function call info (gmon.out)
-        C_ARGS="$DEFINE -O2 -flto=auto -fuse-linker-plugin"
+        C_ARGS="-O2 -flto=auto -fuse-linker-plugin"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        PRE_TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        TASK_SCRIPT=cbuild/default_tasks/callgrind.sh
+        TASK_SCRIPT="@cbuild/default_tasks/callgrind.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # compiles executable with sanitizers and executes it to find errors and warnings
     sanitize)
         OUTDIR="$OUTDIR/sanitize"
-        C_ARGS="$DEFINE -O0 -g3 -fsanitize=undefined,address"
+        C_ARGS="-O0 -g3 -fsanitize=undefined,address"
         CPP_ARGS="$C_ARGS"
         LINKER_ARGS="$CPP_ARGS $LINKER_LIBS"
-        PRE_TASK_SCRIPT=cbuild/default_tasks/build_exec.sh
+        PRE_TASK_SCRIPT="@cbuild/default_tasks/build_exec.sh"
-        TASK_SCRIPT=cbuild/default_tasks/exec.sh
+        TASK_SCRIPT="@cbuild/default_tasks/exec.sh"
-        POST_TASK_SCRIPT=
+        POST_TASK_SCRIPT=""
         ;;
     # rebuilds specified dependencies
     # EXAMPLE: `cbuild rebuild_dependencies=libexample1,fonts`
     # 'all' can be specified to rebuild all dependencies
     rebuild_dependencies)
-        TASK_SCRIPT=cbuild/default_tasks/rebuild_dependencies.sh
+        TASK_SCRIPT="@cbuild/default_tasks/rebuild_dependencies.sh"
         ;;
     # deletes generated files
     clean)
-        TASK_SCRIPT=cbuild/default_tasks/clean.sh
+        TASK_SCRIPT="@cbuild/default_tasks/clean.sh"
         ;;
     # nothing to do
     "" | no_task)

dependencies/bearssl.project.config.user.default

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+# Project user config is ignored by git.
+# Here you can add variables that users might want to change
+# on their local machine, without commiting to the repository.
+
+# Directory where you install dependencies.
+# Do not confuse with DEPENDENCY_CONFIGS_DIR
+# Example:
+#    libexample source code is at `../libexample`, and dependency config
+#    that specifies how to build this lib is at `dependencies/libexample.config`
+DEPENDENCIES_DIR="."

dependencies/tlibc

@@ -1 +1 @@
-Subproject commit bb3b096262106fcc503c03b1555ca196d5b780e9
+Subproject commit 1775b27980d550dd9a50a81b11d797c51253ab22

dependencies/tlibc.config

@@ -1,13 +1,14 @@
 #!/usr/bin/env bash
-DEP_WORKING_DIR="dependencies/tlibc"
+
-DEP_PRE_BUILD_COMMAND=""
+DEP_WORKING_DIR="$DEPENDENCIES_DIR/tlibc"
-DEP_POST_BUILD_COMMAND=""
 if [[ "$TASK" = *_dbg ]]; then
     dep_build_target="build_static_lib_dbg"
 else
     dep_build_target="build_static_lib"
 fi
+DEP_PRE_BUILD_COMMAND=""
 DEP_BUILD_COMMAND="cbuild $dep_build_target"
+DEP_POST_BUILD_COMMAND=""
 DEP_CLEAN_COMMAND="cbuild clean"
 DEP_DYNAMIC_OUT_FILES=""
 DEP_STATIC_OUT_FILES="bin/tlibc.a"

project.config

@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-CBUILD_VERSION=2.3.0
+CBUILD_VERSION=2.3.1
 
 PROJECT="tcp-chat"
 CMP_C="gcc"
@@ -35,7 +35,7 @@ OBJDIR="obj"
 OUTDIR="bin"
 STATIC_LIB_FILE="$PROJECT.a"
 
-INCLUDE="-Isrc -Idependencies/BearSSL/inc -Idependencies/tlibc/include"
+INCLUDE="-Isrc -I$DEPENDENCIES_DIR/BearSSL/inc -I$DEPENDENCIES_DIR/tlibc/include"
 
 # OS-specific options
 case "$OS" in

project.config.user.default

@@ -8,4 +8,4 @@
 # Example:
 #    libexample source code is at `../libexample`, and dependency config
 #    that specifies how to build this lib is at `dependencies/libexample.config`
-DEPENDENCIES_DIR=".."
+DEPENDENCIES_DIR="dependencies"

src/config.c

@@ -28,7 +28,7 @@ Result(void) config_findValue(str config_str, str key, str* value, bool throwNot
 
     if(throwNotFoundError){
         char* key_cstr = str_copy(key).data;
-        char* err_msg = sprintf_malloc(key.size + 64, "can't find key '%s'", key_cstr);
+        char* err_msg = sprintf_malloc("can't find key '%s'", key_cstr);
         free(key_cstr);
         return RESULT_ERROR(err_msg, true);
     }

src/db/idb.c

@@ -2,12 +2,14 @@
 #include "magic.h"
 #include "tlibc/filesystem.h"
 #include "tlibc/collections/HashMap.h"
+#include "cryptography/AES.h"
 #include <pthread.h>
 
 typedef struct TableFileHeader {
     Magic32 magic;
     u16 version;
     bool _dirty_bit;
+    bool encrypted;
     u32 row_size;
 } ATTRIBUTE_ALIGNED(256) TableFileHeader;
 
@@ -21,10 +23,14 @@ typedef struct Table {
     FILE* changes_file;
     pthread_mutex_t mutex;
     u64 row_count;
+    AESBlockEncryptor enc;
+    AESBlockDecryptor dec;
+    Array(u8) enc_buf;
 } Table;
 
 typedef struct IncrementalDB {
     str db_dir;
+    Array(u8) aes_key;
     HashMap(Table**) tables_map;
     pthread_mutex_t mutex;
 } IncrementalDB;
@@ -39,16 +45,17 @@ void Table_close(Table* t){
     free(t->table_file_path.data);
     free(t->changes_file_path.data);
     pthread_mutex_destroy(&t->mutex);
+    free(t->enc_buf.data);
     free(t);
 }
 
 // element destructor for HashMap(Table*)
-void TablePtr_destroy(void* t_ptr_ptr){
+static void TablePtr_free(void* t_ptr_ptr){
     Table_close(*(Table**)t_ptr_ptr);
 }
 
 /// @param name must be null-terminated
-Result(void) validateTableName(str name){
+static Result(void) validateTableName(str name){
     char forbidden_characters[] = { '/', '\\', ':', ';', '?', '"', '\'', '\n', '\r', '\t'};
     for(u32 i = 0; i < ARRAY_LEN(forbidden_characters); i++) {
         char c = forbidden_characters[i];
@@ -62,7 +69,7 @@ Result(void) validateTableName(str name){
     return RESULT_VOID;
 }
 
-Result(void) Table_readHeader(Table* t){
+static Result(void) Table_readHeader(Table* t){
     Deferral(4);
     // seek for start of the file
     try_void(file_seek(t->table_file, 0, SeekOrigin_Start));
@@ -71,7 +78,7 @@ Result(void) Table_readHeader(Table* t){
     Return RESULT_VOID;
 }
 
-Result(void) Table_writeHeader(Table* t){
+static Result(void) Table_writeHeader(Table* t){
     Deferral(4);
     // seek for start of the file
     try_void(file_seek(t->table_file, 0, SeekOrigin_Start));
@@ -80,35 +87,42 @@ Result(void) Table_writeHeader(Table* t){
     Return RESULT_VOID;
 }
 
-Result(void) Table_setDirtyBit(Table* t, bool val){
+static Result(void) Table_setDirtyBit(Table* t, bool val){
     Deferral(4);
     t->header._dirty_bit = val;
     try_void(Table_writeHeader(t));
     Return RESULT_VOID;
 }
 
-Result(bool) Table_getDirtyBit(Table* t){
+static Result(bool) Table_getDirtyBit(Table* t){
     Deferral(4);
     try_void(Table_readHeader(t));
     Return RESULT_VALUE(i, t->header._dirty_bit);
 }
 
-Result(void) Table_calculateRowCount(Table* t){
+static u32 Table_calcEncryptedRowSize(Table* t){
+        return AESBlockEncryptor_calcDstSize(t->header.row_size);
+}
+
+static Result(void) Table_calculateRowCount(Table* t){
     Deferral(4);
     try(i64 file_size, i, file_getSize(t->table_file));
     i64 data_size = file_size - sizeof(t->header);
-    if(data_size % t->header.row_size != 0){
+    i64 row_size_in_file = t->header.encrypted 
+        ? Table_calcEncryptedRowSize(t) 
+        : t->header.row_size;
+    if(data_size % row_size_in_file != 0){
         //TODO: fix table instead of trowing error
         Return RESULT_ERROR_FMT(
-            "Table '%s' has invalid size. Last row is incomplete", 
+            "Table '%s' has invalid size. Last row is incomplete.", 
             t->name.data);
     }
 
-    t->row_count = data_size / t->header.row_size;
+    t->row_count = data_size / row_size_in_file;
     Return RESULT_VOID;
 }
 
-Result(void) Table_validateHeader(Table* t){
+static Result(void) Table_validateHeader(Table* t){
     Deferral(4);
     if(t->header.magic.n != TABLE_FILE_MAGIC.n
             || t->header.row_size == 0)
@@ -131,7 +145,24 @@ Result(void) Table_validateHeader(Table* t){
     Return RESULT_VOID;
 }
 
-Result(void) Table_validateRowSize(Table* t, u32 row_size){
+static Result(void) Table_validateEncryption(Table* t){
+    bool db_encrypted = t->db->aes_key.size != 0;
+    if(t->header.encrypted && !db_encrypted){
+        return RESULT_ERROR_FMT("Table '%s' is encrypted, but db->aes_key is not set."
+            "Database '%s' is encrypted and must have not-null encryption key.",
+            t->name.data, t->db->db_dir.data);
+    }
+    
+    if(!t->header.encrypted && db_encrypted){
+        return RESULT_ERROR_FMT("table '%s' is not encrypted, but db->aes_key is set."
+            "Do not set encryption key for not encrypted database '%s'.",
+            t->name.data, t->db->db_dir.data);
+    }
+
+    return RESULT_VOID;
+}
+
+static Result(void) Table_validateRowSize(Table* t, u32 row_size){
     if(row_size != t->header.row_size){
         ResultVar(void) error_result = RESULT_ERROR_FMT(
             "Requested row size (%u) doesn't match saved row size (%u)",
@@ -142,18 +173,24 @@ Result(void) Table_validateRowSize(Table* t, u32 row_size){
     return RESULT_VOID;
 }
 
-Result(IncrementalDB*) idb_open(str db_dir){
+Result(IncrementalDB*) idb_open(str db_dir, NULLABLE(Array(u8) aes_key)){
     Deferral(16);
+    try_assert(aes_key.size == 0 || aes_key.size == 16 || aes_key.size == 24 || aes_key.size == 32);
+
     IncrementalDB* db = (IncrementalDB*)malloc(sizeof(IncrementalDB));
+    // value of *db must be set to zero or behavior of idb_close will be undefined
+    memset(db, 0, sizeof(IncrementalDB));
     // if object construction fails, destroy incomplete object
     bool success = false;
     Defer(if(!success) idb_close(db));
     
-    // value of *db must be set to zero or behavior of idb_close will be undefined
+    if(aes_key.size != 0){
-    memset(db, 0, sizeof(IncrementalDB));
+        db->aes_key = Array_copy(aes_key);
+    }
+    
     db->db_dir = str_copy(db_dir);
     try_void(dir_create(db->db_dir.data));
-    HashMap_construct(&db->tables_map, Table*, TablePtr_destroy);
+    HashMap_construct(&db->tables_map, Table*, TablePtr_free);
     try_stderrcode(pthread_mutex_init(&db->mutex, NULL));
 
     success = true;
@@ -162,36 +199,37 @@ Result(IncrementalDB*) idb_open(str db_dir){
 
 void idb_close(IncrementalDB* db){
     free(db->db_dir.data);
+    free(db->aes_key.data);
     HashMap_destroy(&db->tables_map);
     pthread_mutex_destroy(&db->mutex);
     free(db);
 }
 
-Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str _table_name, u32 row_size){
+Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str table_name, u32 row_size){
     Deferral(16);
     // db lock
     try_stderrcode(pthread_mutex_lock(&db->mutex));
     Defer(pthread_mutex_unlock(&db->mutex));
 
-    Table** tpp = HashMap_tryGetPtr(&db->tables_map, _table_name);
+    Table** tpp = HashMap_tryGetPtr(&db->tables_map, table_name);
     if(tpp != NULL){
         Table* existing_table = *tpp;
         try_void(Table_validateRowSize(existing_table, row_size));
         Return RESULT_VALUE(p, existing_table);
     }
 
-    try_void(validateTableName(_table_name));
+    try_void(validateTableName(table_name));
 
     Table* t = (Table*)malloc(sizeof(Table));
+    // value of *t must be set to zero or behavior of Table_close will be undefined
+    memset(t, 0, sizeof(Table));
     // if object construction fails, destroy incomplete object
     bool success = false;
     Defer(if(!success) Table_close(t));
 
-    // value of *t must be set to zero or behavior of Table_close will be undefined
-    memset(t, 0, sizeof(Table));
     t->db = db;
     try_stderrcode(pthread_mutex_init(&t->mutex, NULL));
-    t->name = str_copy(_table_name);
+    t->name = str_copy(table_name);
     t->table_file_path = str_from_cstr(
         strcat_malloc(db->db_dir.data, path_seps, t->name.data, ".idb-table"));
     t->changes_file_path = str_from_cstr(
@@ -208,6 +246,7 @@ Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str _table_name, u32 row_
         // read table file
         try_void(Table_readHeader(t));
         try_void(Table_validateHeader(t));
+        try_void(Table_validateEncryption(t));
         try_void(Table_validateRowSize(t, row_size));
         try_void(Table_calculateRowCount(t));
     }
@@ -216,9 +255,18 @@ Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str _table_name, u32 row_
         t->header.magic.n = TABLE_FILE_MAGIC.n;
         t->header.row_size = row_size;
         t->header.version = IDB_VERSION;
+        t->header.encrypted = db->aes_key.size != 0;
+        t->header._dirty_bit = false;
         try_void(Table_writeHeader(t));
     }
 
+    if(t->header.encrypted){
+        AESBlockEncryptor_construct(&t->enc, db->aes_key, AESBlockEncryptor_DEFAULT_CLASS);
+        AESBlockDecryptor_construct(&t->dec, db->aes_key, AESBlockDecryptor_DEFAULT_CLASS);
+        u32 row_size_in_file = Table_calcEncryptedRowSize(t);
+        t->enc_buf = Array_alloc_size(row_size_in_file);
+    }
+
     if(!HashMap_tryPush(&db->tables_map, t->name, &t)){
         ResultVar(void) error_result = RESULT_ERROR_FMT(
             "Table '%s' is already open", 
@@ -243,12 +291,28 @@ Result(void) idb_getRows(Table* t, u64 id, void* dst, u64 count){
             count, id, t->name.data, t->row_count);
     }
 
-    i64 file_pos = sizeof(t->header) + id * t->header.row_size;
+    u32 row_size = t->header.row_size;
+    u32 row_size_in_file = t->header.encrypted ? t->enc_buf.size : row_size;
+    i64 file_pos = sizeof(t->header) + id * row_size_in_file;
 
     // seek for the row position in file
     try_void(file_seek(t->table_file, file_pos, SeekOrigin_Start));
+    
     // read rows from file
-    try_void(file_readStructsExactly(t->table_file, dst, t->header.row_size, count));
+    for(u64 i = 0; i < count; i++){
+        void* row_ptr = (u8*)dst + row_size * i;
+        void* read_dst = t->header.encrypted ? t->enc_buf.data : row_ptr;
+        try_void(file_readStructsExactly(t->table_file, read_dst, row_size_in_file, 1));
+        if(t->header.encrypted) {
+            try_void(
+                AESBlockDecryptor_decrypt(
+                    &t->dec,
+                    t->enc_buf,
+                    Array_construct_size(row_ptr, row_size)
+                )
+            );
+        }
+    }
 
     Return RESULT_VOID;
 }
@@ -269,15 +333,31 @@ Result(void) idb_updateRows(Table* t, u64 id, const void* src, u64 count){
     try_void(Table_setDirtyBit(t, true));
     Defer(IGNORE_RESULT Table_setDirtyBit(t, false));
 
-    i64 file_pos = sizeof(t->header) + id * t->header.row_size;
+    u32 row_size = t->header.row_size;
+    u32 row_size_in_file = t->header.encrypted ? t->enc_buf.size : row_size;
+    i64 file_pos = sizeof(t->header) + id * row_size_in_file;
 
     // TODO: set dirty bit in backup file too
     // TODO: save old values to the backup file 
     
     // seek for the row position in file
     try_void(file_seek(t->table_file, file_pos, SeekOrigin_Start));
+
     // replace rows in file
-    try_void(file_writeStructs(t->table_file, src, t->header.row_size, count));
+    for(u64 i = 0; i < count; i++){
+        void* row_ptr = (u8*)src + row_size * i;
+        if(t->header.encrypted){
+            try_void(
+                AESBlockEncryptor_encrypt(
+                    &t->enc, 
+                    Array_construct_size(row_ptr, row_size), 
+                    t->enc_buf
+                )
+            );
+            row_ptr = t->enc_buf.data;
+        }
+        try_void(file_writeStructs(t->table_file, row_ptr, row_size_in_file, 1));
+    }
     
     Return RESULT_VOID;
 }
@@ -291,14 +371,30 @@ Result(u64) idb_pushRows(Table* t, const void* src, u64 count){
     try_void(Table_setDirtyBit(t, true));
     Defer(IGNORE_RESULT Table_setDirtyBit(t, false));
 
+    u32 row_size = t->header.row_size;
+    u32 row_size_in_file = t->header.encrypted ? t->enc_buf.size : row_size;
     const u64 new_row_index = t->row_count;
 
     // seek for end of the file
     try_void(file_seek(t->table_file, 0, SeekOrigin_End));
-    // write new rows to the file
-    try_void(file_writeStructs(t->table_file, src, t->header.row_size, count));
 
-    t->row_count += count;
+    // write new rows to the file
+    for(u64 i = 0; i < count; i++){
+        void* row_ptr = (u8*)src + row_size * i;
+        if(t->header.encrypted){
+            try_void(
+                AESBlockEncryptor_encrypt(
+                    &t->enc, 
+                    Array_construct_size(row_ptr, row_size), 
+                    t->enc_buf
+                )
+            );
+            row_ptr = t->enc_buf.data;
+        }
+        try_void(file_writeStructs(t->table_file, row_ptr, row_size_in_file, 1));
+        t->row_count++;
+    }
+
     Return RESULT_VALUE(u, new_row_index);
 }
 

src/db/idb.h

@@ -9,11 +9,10 @@ typedef struct IncrementalDB IncrementalDB;
 typedef struct Table Table;
 
 
-Result(IncrementalDB*) idb_open(str db_dir);
+Result(IncrementalDB*) idb_open(str db_dir, NULLABLE(Array(u8) aes_key));
 void idb_close(IncrementalDB* db);
 
-
+Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str table_name, u32 row_size);
-Result(Table*) idb_getOrCreateTable(IncrementalDB* db, str _table_name, u32 row_size);
 
 Result(void) idb_getRows(Table* t, u64 id, void* dst, u64 count);
 #define idb_getRow(T, ID, DST) idb_getRows(T, ID, DST, 1)

src/main.c

@@ -1,6 +1,8 @@
 #include "network/network.h"
 #include "client/client.h"
 #include "server/server.h"
+#include "tlibc/tlibc.h"
+#include "tlibc/base64.h"
 
 #define _DEFAULT_CONFIG_PATH_CLIENT "tcp-chat-client.config"
 #define _DEFAULT_CONFIG_PATH_SERVER "tcp-chat-server.config"
@@ -10,6 +12,8 @@ typedef enum ProgramMode {
     ServerMode,
     RsaGenStdin,
     RsaGenRandom,
+    RandomBytes,
+    RandomBytesBase64,
 } ProgramMode;
 
 #define arg_is(LITERAL) str_equals(arg_str, STR(LITERAL))
@@ -17,15 +21,19 @@ typedef enum ProgramMode {
 int main(const int argc, cstr const* argv){
     Deferral(32);
 
+    try_fatal_void(tlibc_init());
+    Defer(tlibc_deinit());
+    try_fatal_void(network_init());
+    Defer(network_deinit());
+
     if(br_prng_seeder_system(NULL) == NULL){
         printfe("Can't get system random seeder. Bearssl is compiled incorrectly.");
         return 1;
     }
 
     ProgramMode mode = ClientMode;
-    cstr server_endpoint_cstr = NULL;
     cstr config_path = NULL;
-    u32 key_size = 0;
+    u32 size_arg = 0;
 
     for(int argi = 1; argi < argc; argi++){
         str arg_str = str_from_cstr(argv[argi]);
@@ -34,7 +42,7 @@ int main(const int argc, cstr const* argv){
                 "USAGE:\n"
                 "no arguments                   Interactive client mode.\n"
                 "-h, --help                     Show this message.\n"
-                "-l, --listen [addr:port]       Start server.\n"
+                "-l, --listen                   Start server.\n"
                 "--config [path]                Load config from specified path.\n"
                 "    Default path for config is '" _DEFAULT_CONFIG_PATH_CLIENT "' or '" _DEFAULT_CONFIG_PATH_SERVER "'\n"
                 "--rsa-gen-stdin [size]         Generate RSA private and public keys based on stdin data (64Kb max).\n"
@@ -42,6 +50,10 @@ int main(const int argc, cstr const* argv){
                 "    Usage: `cat somefile | tcp-chat --gen-rsa-stdin`\n"
                 "--rsa-gen-random [size]        Generate random RSA private and public keys.\n"
                 "    size: 2048 / 3072 (default) / 4096\n"
+                "--random-bytes [size]          Generate random bytes.\n"
+                "    size: any number (default=32)\n"
+                "--random-bytes-base64 [size]   Generate random bytes and print them in base64 encoding.\n"
+                "    size: any number (default=32)\n"
             );
             Return 0;
         }
@@ -50,13 +62,7 @@ int main(const int argc, cstr const* argv){
                 printf("program mode is set already\n");
                 Return 1;
             }
-
             mode = ServerMode;
-            if(++argi >= argc){
-                printfe("ERROR: no endpoint specified\n");
-                Return 1;
-            }
-            server_endpoint_cstr = argv[argi];
         }
         else if(arg_is("--config")){
             if(++argi >= argc){
@@ -73,9 +79,9 @@ int main(const int argc, cstr const* argv){
 
             mode = RsaGenStdin;
             if(++argi >= argc){
-                key_size = RSA_DEFAULT_KEY_SIZE;
+                size_arg = RSA_DEFAULT_KEY_SIZE;
             }
-            else if(sscanf(argv[argi], "%u", &key_size) != 1){
+            else if(sscanf(argv[argi], "%u", &size_arg) != 1){
                 printfe("ERROR: no key size specified\n");
             }
         }
@@ -88,12 +94,40 @@ int main(const int argc, cstr const* argv){
 
             mode = RsaGenRandom;
             if(++argi >= argc){
-                key_size = RSA_DEFAULT_KEY_SIZE;
+                size_arg = RSA_DEFAULT_KEY_SIZE;
             }
-            else if(sscanf(argv[argi], "%u", &key_size) != 1){
+            else if(sscanf(argv[argi], "%u", &size_arg) != 1){
                 printfe("ERROR: no key size specified\n");
             }
         }
+        else if(arg_is("--random-bytes")){
+            if(mode != ClientMode){
+                printf("program mode is set already\n");
+                Return 1;
+            }
+
+            mode = RandomBytes;
+            if(++argi >= argc){
+                size_arg = 32;
+            }
+            else if(sscanf(argv[argi], "%u", &size_arg) != 1){
+                printfe("ERROR: no size specified\n");
+            }
+        }
+        else if(arg_is("--random-bytes-base64")){
+            if(mode != ClientMode){
+                printf("program mode is set already\n");
+                Return 1;
+            }
+
+            mode = RandomBytesBase64;
+            if(++argi >= argc){
+                size_arg = 32;
+            }
+            else if(sscanf(argv[argi], "%u", &size_arg) != 1){
+                printfe("ERROR: no size specified\n");
+            }
+        }
         else {
             printfe("ERROR: unknown argument '%s'\n"
                 "Use '-h' to see list of avaliable arguments\n",
@@ -102,9 +136,6 @@ int main(const int argc, cstr const* argv){
         }
     }
     
-    try_fatal_void(network_init());
-    Defer(network_deinit());
-    
     switch(mode){
         case ClientMode: {
             if(!config_path)
@@ -122,24 +153,30 @@ int main(const int argc, cstr const* argv){
             
             try_fatal(Server* server, p, Server_createFromConfig(config_path));
             Defer(Server_free(server));
-            try_fatal_void(Server_run(server, server_endpoint_cstr));
+            try_fatal_void(Server_run(server));
             break;
         }
 
         case RsaGenStdin: {
-                size_t input_max_size = 64*1024;
+            printfe("reading stdin...\n");
-                char* input_buf = malloc(input_max_size);
+            Array(u8) input_buf = Array_alloc_size(64*1024);
-                Defer(free(input_buf));
+            Defer(free(input_buf.data));
-                size_t read_n = fread(input_buf, 1, input_max_size, stdin);
+            br_hmac_drbg_context rng = { .vtable = &br_hmac_drbg_vtable };
-                if(read_n == 0){
+            br_hmac_drbg_init(&rng, &br_sha256_vtable, NULL, 0);
+            i64 read_n = 0;
+            do {
+                read_n = fread(input_buf.data, 1, input_buf.size, stdin);
+                if(read_n < 0){
                     printfe("ERROR: no input\n");
                     Return 1;
                 }
-                str input_str = str_construct(input_buf, read_n, false);
+                // put bytes to rng as seed
+                br_hmac_drbg_update(&rng, input_buf.data, read_n);
+            } while(read_n == input_buf.size);
             printfe("generating RSA key pair based on stdin...\n");
             br_rsa_private_key sk;
             br_rsa_public_key pk;
-                try_fatal_void(RSA_generateKeyPairFromPassword(key_size, &sk, &pk, input_str));
+            try_fatal_void(RSA_generateKeyPair(size_arg, &sk, &pk, &rng.vtable));
             Defer(
                 RSA_destroyPrivateKey(&sk);
                 RSA_destroyPublicKey(&pk);
@@ -152,14 +189,14 @@ int main(const int argc, cstr const* argv){
             str pk_str = RSA_serializePublicKey_base64(&pk);
             printf("\nrsa_public_key = %s\n", pk_str.data);
             free(pk_str.data);
-            }
             break;
+        }
         
         case RsaGenRandom: {
             printfe("generating random RSA key pair...\n");
             br_rsa_private_key sk;
             br_rsa_public_key pk;
-                try_fatal_void(RSA_generateKeyPairFromSystemRandom(key_size, &sk, &pk));
+            try_fatal_void(RSA_generateKeyPairFromSystemRandom(size_arg, &sk, &pk));
             Defer(
                 RSA_destroyPrivateKey(&sk);
                 RSA_destroyPublicKey(&pk);
@@ -172,8 +209,48 @@ int main(const int argc, cstr const* argv){
             str pk_str = RSA_serializePublicKey_base64(&pk);
             printf("\nrsa_public_key = %s\n", pk_str.data);
             free(pk_str.data);
-            }
             break;
+        }
+        
+        case RandomBytes: {
+            printfe("generating random bytes...\n");
+            br_hmac_drbg_context rng = { .vtable = &br_hmac_drbg_vtable };
+            rng_init_sha256_seedFromSystem(&rng.vtable);
+            Array(u8) random_buf = Array_alloc_size(1024);
+            u32 full_buffers_n = size_arg / random_buf.size;
+            u32 remaining_n = size_arg % random_buf.size;
+            while(full_buffers_n > 0){
+                full_buffers_n--;
+                br_hmac_drbg_generate(&rng, random_buf.data, random_buf.size);
+                fwrite(random_buf.data, 1, random_buf.size, stdout);
+            }
+            
+            br_hmac_drbg_generate(&rng, random_buf.data, remaining_n);
+            fwrite(random_buf.data, 1, remaining_n, stdout);
+            break;
+        }
+
+        case RandomBytesBase64: {
+            printfe("generating random bytes...\n");
+            br_hmac_drbg_context rng = { .vtable = &br_hmac_drbg_vtable };
+            rng_init_sha256_seedFromSystem(&rng.vtable);
+            Array(u8) random_buf = Array_alloc_size(1024);
+            Array(u8) base64_buf = Array_alloc_size(base64_encodedSize(random_buf.size));
+            u32 full_buffers_n = size_arg / random_buf.size;
+            u32 remaining_n = size_arg % random_buf.size;
+            u32 enc_size = 0;
+            while(full_buffers_n > 0){
+                full_buffers_n--;
+                br_hmac_drbg_generate(&rng, random_buf.data, random_buf.size);
+                enc_size = base64_encode(random_buf.data, random_buf.size, base64_buf.data);
+                fwrite(base64_buf.data, 1, enc_size, stdout);
+            }
+            
+            br_hmac_drbg_generate(&rng, random_buf.data, remaining_n);
+            enc_size = base64_encode(random_buf.data, remaining_n, base64_buf.data);
+            fwrite(base64_buf.data, 1, enc_size, stdout);
+            break;
+        }
         
         default:
             printfe("ERROR: invalid program mode %i\n", mode);

src/network/internal.h

@@ -1,6 +1,7 @@
 #pragma once
 #include "tlibc/errors.h"
 #include "endpoint.h"
+#include "network.h"
 
 #if !defined(KN_USE_WINSOCK)
     #if defined(_WIN64) || defined(_WIN32)
@@ -30,10 +31,10 @@
 
 #if KN_USE_WINSOCK
     #define RESULT_ERROR_SOCKET()\
-        RESULT_ERROR(sprintf_malloc(64, "Winsock error %i (look in <winerror.h>)", WSAGetLastError()), true);
+        RESULT_ERROR_CODE_FMT(WINSOCK2, WSAGetLastError(), "Winsock error %i (look in <winerror.h>)", WSAGetLastError());
 #else
     #define RESULT_ERROR_SOCKET()\
-        RESULT_ERROR(strerror(errno), false);
+        RESULT_ERROR_ERRNO();
 #endif
 
 struct sockaddr_in EndpointIPv4_toSockaddr(EndpointIPv4 end);

src/network/network.c

@@ -1,8 +1,10 @@
-#include "network.h"
 #include "internal.h"
 
+ErrorCodePage_define(WINSOCK2);
+
 Result(void) network_init(){
 #if _WIN32
+    ErrorCodePage_register(WINSOCK2);
     // Initialize Winsock
     WSADATA wsaData = {0};
     int result = WSAStartup(MAKEWORD(2,2), &wsaData);

src/network/network.h

@@ -1,5 +1,7 @@
 #pragma once
 #include "tlibc/errors.h"
 
+ErrorCodePage_declare(WINSOCK2);
+
 Result(void) network_init();
 void network_deinit();

src/server/ClientConnection.c

@@ -24,8 +24,8 @@ Result(ClientConnection*) ClientConnection_accept(ConnectionHandlerArgs* args)
     conn->session_key = Array_alloc_size(AES_SESSION_KEY_SIZE);
     // correct session key will be received from client later
     Array_memset(conn->session_key, 0);
-    EncryptedSocketTCP_construct(&conn->sock, args->accepted_socket, NETWORK_BUFFER_SIZE, conn->session_key);
+    EncryptedSocketTCP_construct(&conn->sock, args->accepted_socket_tcp, NETWORK_BUFFER_SIZE, conn->session_key);
-    try_void(socket_TCP_enableAliveChecks_default(args->accepted_socket));
+    try_void(socket_TCP_enableAliveChecks_default(args->accepted_socket_tcp));
     
     // decrypt the rsa messages using server private key
     RSADecryptor rsa_dec;

src/server/request_handlers/ServerPublicInfo.c

@@ -11,6 +11,20 @@ declare_RequestHandler(ServerPublicInfo)
 
     //TODO: try find requested info
     Array(u8) content;
+    switch(req.property){
+        default:
+            try(char* err_msg, p, sendErrorMessage(conn, res_head, 
+                "unknown ServerPublicInfo property %u", req.property));
+            logWarn(log_ctx, "%s", err_msg);
+            Return RESULT_VOID;
+            break;
+        case ServerPublicInfo_Name:
+            content = str_castTo_Array(server->name);
+            break;
+        case ServerPublicInfo_Description:
+            content = str_castTo_Array(server->name);
+            break;
+    }
 
     PacketHeader_construct(res_head,
         PROTOCOL_VERSION, PacketType_ServerPublicInfoResponse, content.size);

src/server/request_handlers/request_handlers.h

@@ -4,20 +4,20 @@
 #include "log.h"
 
 
-Result(char*) __sendErrorMessage(ClientConnection* conn, PacketHeader* req_head, PacketHeader* res_head, 
+Result(char*) __sendErrorMessage_va(ClientConnection* conn, PacketHeader* res_head, 
-    u32 msg_buf_size, cstr format, va_list argv);
+    cstr format, va_list argv);
-Result(char*) sendErrorMessage(ClientConnection* conn, PacketHeader* req_head, PacketHeader* res_head, 
+Result(char*) sendErrorMessage(ClientConnection* conn, PacketHeader* res_head, 
-    u32 msg_buf_size, cstr format, ...) ATTRIBUTE_CHECK_FORMAT_PRINTF(5, 6);
+    cstr format, ...) ATTRIBUTE_CHECK_FORMAT_PRINTF(3, 4);
 
 
 #define declare_RequestHandler(TYPE) \
     Result(void) handleRequest_##TYPE( \
-        cstr log_ctx, cstr req_type_name, \
+        Server* server, cstr log_ctx, cstr req_type_name, \
         ClientConnection* conn, PacketHeader* req_head, PacketHeader* res_head)
 
 #define case_handleRequest(TYPE) \
     case PacketType_##TYPE##Request:\
-        try_void(handleRequest_##TYPE(log_ctx, #TYPE, conn, &req_head, &res_head));\
+        try_void(handleRequest_##TYPE(args->server, log_ctx, #TYPE, conn, &req_head, &res_head));\
         break;
 
 declare_RequestHandler(ServerPublicInfo);

src/server/request_handlers/send_error.c

@@ -1,17 +1,18 @@
 #include "request_handlers.h"
 
-Result(char*) __sendErrorMessage(ClientConnection* conn, PacketHeader* req_head, PacketHeader* res_head, 
+Result(char*) __sendErrorMessage_va(ClientConnection* conn, PacketHeader* res_head,
-    u32 msg_buf_size, cstr format, va_list argv)
+    cstr format, va_list argv)
 {
     Deferral(4);
-    (void)req_head;
     
-    //TODO: limit ErrorMessage size to fit into EncryptedSocketTCP.internal_buffer_size
+    Array(u8) err_buf;
-    Array(u8) err_buf = Array_alloc(u8, msg_buf_size);
+    err_buf.data = vsprintf_malloc(format, argv);
+    err_buf.size = strlen(err_buf.data);
+    //limit ErrorMessage size to fit into EncryptedSocketTCP.internal_buffer_size
+    if(err_buf.size > NETWORK_BUFFER_SIZE)
+        err_buf.size = NETWORK_BUFFER_SIZE;
     bool err_complete = false;
     Defer(if(!err_complete) free(err_buf.data));
-    vsprintf(err_buf.data, format, argv);
-    err_buf.size = strlen(err_buf.data);
 
     PacketHeader_construct(res_head, 
         PROTOCOL_VERSION, PacketType_ErrorMessage, err_buf.size);
@@ -22,12 +23,12 @@ Result(char*) __sendErrorMessage(ClientConnection* conn, PacketHeader* req_head,
     Return RESULT_VALUE(p, err_buf.data);
 }
 
-Result(char*) sendErrorMessage(ClientConnection* conn, PacketHeader* req_head, PacketHeader* res_head, 
+Result(char*) sendErrorMessage(ClientConnection* conn, PacketHeader* res_head, 
-    u32 msg_buf_size, cstr format, ...)
+    cstr format, ...)
 {
     va_list argv;
     va_start(argv, format);
-    ResultVar(char*) err_msg = __sendErrorMessage(conn, req_head, res_head, msg_buf_size, format, argv);
+    ResultVar(char*) err_msg = __sendErrorMessage_va(conn, res_head, format, argv);
     va_end(argv);
     return err_msg;
 }

src/server/server.c

@@ -1,7 +1,7 @@
 #include <pthread.h>
 #include "tlibc/filesystem.h"
 #include "tlibc/time.h"
-#include "db/idb.h"
+#include "tlibc/base64.h"
 #include "server.h"
 #include "config.h"
 #include "log.h"
@@ -17,6 +17,7 @@ void Server_free(Server* server){
     free(server->name.data);
     free(server->description.data);
     ServerCredentials_destroy(&server->cred);
+    idb_close(server->db);
 }
 
 Result(Server*) Server_createFromConfig(cstr config_path){
@@ -48,6 +49,12 @@ Result(Server*) Server_createFromConfig(cstr config_path){
     try_void(config_findValue(config_str, STR("description"), &tmp_str, true));
     server->description = str_copy(tmp_str);
     
+    // parse local_address
+    try_void(config_findValue(config_str, STR("local_address"), &tmp_str, true));
+    char* local_end_cstr = str_copy(tmp_str).data;
+    Defer(free(local_end_cstr));
+    try_void(EndpointIPv4_parse(local_end_cstr, &server->local_end));
+
     // parse rsa_private_key
     try_void(config_findValue(config_str, STR("rsa_private_key"), &tmp_str, true));
     char* sk_base64_cstr = str_copy(tmp_str).data;
@@ -60,29 +67,37 @@ Result(Server*) Server_createFromConfig(cstr config_path){
     
     try_void(ServerCredentials_tryConstruct(&server->cred, sk_base64_cstr, pk_base64_cstr));
     
+    // parse db_key
+    try_void(config_findValue(config_str, STR("db_aes_key"), &tmp_str, true));
+    Array(u8) db_aes_key = Array_alloc_size(base64_decodedSize(tmp_str.data, tmp_str.size));
+    base64_decode(tmp_str.data, tmp_str.size, db_aes_key.data);
+
+    // parse db_dir and open db
+    try_void(config_findValue(config_str, STR("db_dir"), &tmp_str, true));
+    try(server->db, p, idb_open(tmp_str, db_aes_key));
+
     success = true;
     Return RESULT_VALUE(p, server);
 }
 
-Result(void) Server_run(Server* server, cstr server_endpoint_cstr){
+Result(void) Server_run(Server* server){
     Deferral(16);
     cstr log_ctx = "ListenerThread";
     logInfo(log_ctx, "starting server");
 
-    EndpointIPv4 server_end;
-    try_void(EndpointIPv4_parse(server_endpoint_cstr, &server_end));
-
     logDebug(log_ctx, "initializing main socket");
     try(Socket main_socket, i, socket_open_TCP());
-    try_void(socket_bind(main_socket, server_end));
+    try_void(socket_bind(main_socket, server->local_end));
     try_void(socket_listen(main_socket, 512));
-    logInfo(log_ctx, "server is listening at %s", server_endpoint_cstr);
+    str local_end_str = EndpointIPv4_toStr(server->local_end);
+    Defer(free(local_end_str.data));
+    logInfo(log_ctx, "server is listening at %s", local_end_str.data);
 
     u64 session_id = 1;
     while(true){
         ConnectionHandlerArgs* args = (ConnectionHandlerArgs*)malloc(sizeof(ConnectionHandlerArgs));
         args->server = server;
-        try(args->accepted_socket, i, 
+        try(args->accepted_socket_tcp, i, 
             socket_accept(main_socket, &args->client_end));
         args->session_id = session_id++;
         pthread_t conn_thread = {0};
@@ -137,9 +152,8 @@ static Result(void) try_handleConnection(ConnectionHandlerArgs* args, cstr log_c
             // send error message and close connection
             default:
                 try(char* err_msg, p,
-                    sendErrorMessage(
+                    sendErrorMessage(conn, &res_head,
-                        conn, &req_head, &res_head,
+                        "Received unexpected packet of type %u",
-                        128, "Received unexpected packet of type %u",
                         req_head.type
                     )
                 );

src/server/server.h

@@ -2,6 +2,7 @@
 #include "cryptography/AES.h"
 #include "cryptography/RSA.h"
 #include "network/encrypted_sockets.h"
+#include "db/idb.h"
 
 typedef struct Server Server;
 
@@ -27,7 +28,7 @@ typedef struct ClientConnection {
 
 typedef struct ConnectionHandlerArgs {
     Server* server;
-    Socket accepted_socket;
+    Socket accepted_socket_tcp;
     EndpointIPv4 client_end;
     u64 session_id;
 } ConnectionHandlerArgs;
@@ -40,9 +41,11 @@ void ClientConnection_close(ClientConnection* conn);
 typedef struct Server {
     str name;
     str description;
+    EndpointIPv4 local_end;
     ServerCredentials cred;
+    IncrementalDB* db;
 } Server;
 
 Result(Server*) Server_createFromConfig(cstr config_path);
 void Server_free(Server* server);
-Result(void) Server_run(Server* server, cstr server_endpoint_cstr);
+Result(void) Server_run(Server* server);