diff options
author | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2020-02-16 13:24:23 +0100 |
---|---|---|
committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2020-02-16 13:24:23 +0100 |
commit | 1ebbc51126bfe7709c24a6e28a54081985a693e6 (patch) | |
tree | e661595bccd5da4df4cf4e5cfe525c055d03856d | |
parent | Bumped crate versions. (diff) | |
download | wireguard-rs-1ebbc51126bfe7709c24a6e28a54081985a693e6.tar.xz wireguard-rs-1ebbc51126bfe7709c24a6e28a54081985a693e6.zip |
Fixed EINVAL on read4/6 from invalid namelen
-rw-r--r-- | src/platform/linux/udp.rs | 6 | ||||
-rw-r--r-- | src/wireguard/handshake/device.rs | 2 | ||||
-rw-r--r-- | src/wireguard/handshake/noise.rs | 16 | ||||
-rw-r--r-- | src/wireguard/handshake/ratelimiter.rs | 3 | ||||
-rw-r--r-- | src/wireguard/handshake/tests.rs | 6 |
5 files changed, 18 insertions, 15 deletions
diff --git a/src/platform/linux/udp.rs b/src/platform/linux/udp.rs index 2d77df5..8930266 100644 --- a/src/platform/linux/udp.rs +++ b/src/platform/linux/udp.rs @@ -216,7 +216,7 @@ impl LinuxUDPReader { let mut control: ControlHeaderV6 = unsafe { mem::MaybeUninit::uninit().assume_init() }; let mut hdr = libc::msghdr { msg_name: safe_cast(&mut src), - msg_namelen: mem::size_of::<libc::sockaddr_in6> as u32, + msg_namelen: mem::size_of::<libc::sockaddr_in6>() as u32, msg_iov: iovs.as_mut_ptr(), msg_iovlen: iovs.len(), msg_control: safe_cast(&mut control), @@ -236,7 +236,7 @@ impl LinuxUDPReader { return Err(io::Error::new( io::ErrorKind::NotConnected, format!( - "Failed to receive (len = {}, fd = {}, errno = {})", + "failed to receive (len = {}, fd = {}, errno = {})", len, fd, errno() @@ -270,7 +270,7 @@ impl LinuxUDPReader { let mut control: ControlHeaderV4 = unsafe { mem::MaybeUninit::uninit().assume_init() }; let mut hdr = libc::msghdr { msg_name: safe_cast(&mut src), - msg_namelen: mem::size_of::<libc::sockaddr_in> as u32, + msg_namelen: mem::size_of::<libc::sockaddr_in>() as u32, msg_iov: iovs.as_mut_ptr(), msg_iovlen: iovs.len(), msg_control: safe_cast(&mut control), diff --git a/src/wireguard/handshake/device.rs b/src/wireguard/handshake/device.rs index 91f2b80..3a3d023 100644 --- a/src/wireguard/handshake/device.rs +++ b/src/wireguard/handshake/device.rs @@ -7,8 +7,8 @@ use zerocopy::AsBytes; use byteorder::{ByteOrder, LittleEndian}; +use rand::prelude::{CryptoRng, RngCore}; use rand::Rng; -use rand_core::{CryptoRng, RngCore}; use clear_on_drop::clear::Clear; diff --git a/src/wireguard/handshake/noise.rs b/src/wireguard/handshake/noise.rs index 9e431cf..fb673eb 100644 --- a/src/wireguard/handshake/noise.rs +++ b/src/wireguard/handshake/noise.rs @@ -1,3 +1,5 @@ +use std::time::Instant; + // DH use x25519_dalek::PublicKey; use x25519_dalek::StaticSecret; @@ -10,9 +12,9 @@ use hmac::Hmac; use aead::{Aead, NewAead, Payload}; use chacha20poly1305::ChaCha20Poly1305; -use rand_core::{CryptoRng, RngCore}; +use log; -use log::debug; +use rand::prelude::{CryptoRng, RngCore}; use generic_array::typenum::*; use generic_array::*; @@ -31,8 +33,6 @@ use super::types::*; use super::super::types::{Key, KeyPair}; -use std::time::Instant; - // HMAC hasher (generic construction) type HMACBlake2s = Hmac<Blake2s>; @@ -223,7 +223,7 @@ pub(super) fn create_initiation<R: RngCore + CryptoRng, O>( local: u32, msg: &mut NoiseInitiation, ) -> Result<(), HandshakeError> { - debug!("create initiation"); + log::debug!("create initiation"); clear_stack_on_return(CLEAR_PAGES, || { // initialize state @@ -303,7 +303,7 @@ pub(super) fn consume_initiation<'a, O>( keyst: &KeyState, msg: &NoiseInitiation, ) -> Result<(&'a Peer<O>, PublicKey, TemporaryState), HandshakeError> { - debug!("consume initiation"); + log::debug!("consume initiation"); clear_stack_on_return(CLEAR_PAGES, || { // initialize new state @@ -386,7 +386,7 @@ pub(super) fn create_response<R: RngCore + CryptoRng, O>( state: TemporaryState, // state from "consume_initiation" msg: &mut NoiseResponse, // resulting response ) -> Result<KeyPair, HandshakeError> { - debug!("create response"); + log::debug!("create response"); clear_stack_on_return(CLEAR_PAGES, || { // unpack state @@ -471,7 +471,7 @@ pub(super) fn consume_response<'a, O>( keyst: &KeyState, msg: &NoiseResponse, ) -> Result<Output<'a, O>, HandshakeError> { - debug!("consume response"); + log::debug!("consume response"); clear_stack_on_return(CLEAR_PAGES, || { // retrieve peer and copy initiation state let (peer, _) = device.lookup_id(msg.f_receiver.get())?; diff --git a/src/wireguard/handshake/ratelimiter.rs b/src/wireguard/handshake/ratelimiter.rs index 63d728c..89109e9 100644 --- a/src/wireguard/handshake/ratelimiter.rs +++ b/src/wireguard/handshake/ratelimiter.rs @@ -1,4 +1,3 @@ -use spin; use std::collections::HashMap; use std::net::IpAddr; use std::sync::atomic::{AtomicBool, Ordering}; @@ -6,6 +5,8 @@ use std::sync::{Arc, Condvar, Mutex}; use std::thread; use std::time::{Duration, Instant}; +use spin; + const PACKETS_PER_SECOND: u64 = 20; const PACKETS_BURSTABLE: u64 = 5; const PACKET_COST: u64 = 1_000_000_000 / PACKETS_PER_SECOND; diff --git a/src/wireguard/handshake/tests.rs b/src/wireguard/handshake/tests.rs index fca8751..5174d2e 100644 --- a/src/wireguard/handshake/tests.rs +++ b/src/wireguard/handshake/tests.rs @@ -1,11 +1,13 @@ use super::*; -use hex; -use rand::rngs::OsRng; + use std::net::SocketAddr; use std::thread; use std::time::Duration; +use hex; + use rand::prelude::{CryptoRng, RngCore}; +use rand::rngs::OsRng; use x25519_dalek::PublicKey; use x25519_dalek::StaticSecret; |