diff options
| author |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-11-21 11:43:16 +0100 |
|---|---|---|
| committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-11-21 11:43:16 +0100 |
| commit | 92dbb4c46a5651afb8f92375e0ed154673929eeb (patch) | |
| tree | f274dbaa58256e1fb412ae3934e02e2b19cb47f5 | |
| parent | Better compartmentalization of cryptokey router (diff) | |
| download | wireguard-rs-92dbb4c46a5651afb8f92375e0ed154673929eeb.tar.xz wireguard-rs-92dbb4c46a5651afb8f92375e0ed154673929eeb.zip | |
Clean dependencies and imports
| -rw-r--r-- | Cargo.lock | 28 | ||||
| -rw-r--r-- | Cargo.toml | 1 | ||||
| -rw-r--r-- | src/configuration/config.rs | 4 | ||||
| -rw-r--r-- | src/configuration/uapi/get.rs | 12 | ||||
| -rw-r--r-- | src/configuration/uapi/mod.rs | 13 | ||||
| -rw-r--r-- | src/configuration/uapi/set.rs | 12 | ||||
| -rw-r--r-- | src/main.rs | 14 | ||||
| -rw-r--r-- | src/wireguard/router/device.rs | 3 | ||||
| -rw-r--r-- | src/wireguard/router/route.rs | 18 | ||||
| -rw-r--r-- | src/wireguard/timers.rs | 8 | ||||
| -rw-r--r-- | src/wireguard/wireguard.rs | 7 |
11 files changed, 57 insertions, 63 deletions
@@ -244,11 +244,6 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] -name = "fs_extra" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] name = "fuchsia-cprng" version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -353,25 +348,6 @@ dependencies = [ ] [[package]] -name = "jemalloc-sys" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "cc 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", - "fs_extra 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "jemallocator" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "jemalloc-sys 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] name = "js-sys" version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1227,7 +1203,6 @@ dependencies = [ "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "hjul 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "hmac 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", - "jemallocator 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "num_cpus 1.10.1 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1319,7 +1294,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" "checksum failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "795bd83d3abeb9220f257e597aa0080a508b27533824adf336529648f6abf7e2" "checksum failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "ea1063915fd7ef4309e222a5a07cf9c319fb9c7836b1f89b85458672dbb127e1" "checksum fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3" -"checksum fs_extra 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5f2a4a2034423744d2cc7ca2068453168dcdb82c438419e639a26bd87839c674" "checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" "checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" "checksum fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" @@ -1334,8 +1308,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" "checksum humantime 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3ca7e5f2e110db35f93b837c81797f3714500b81d517bf20c431b16d3ca4f114" "checksum iovec 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "dbe6e417e7d0975db6512b90796e8ce223145ac4e33c377e4a42882a0e88bb08" "checksum ipnetwork 0.14.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b3d862c86f7867f19b693ec86765e0252d82e53d4240b9b629815675a0714ad1" -"checksum jemalloc-sys 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "0d3b9f3f5c9b31aa0f5ed3260385ac205db665baa41d49bb8338008ae94ede45" -"checksum jemallocator 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "43ae63fcfc45e99ab3d1b29a46782ad679e98436c3169d15a167a1108a724b69" "checksum js-sys 0.3.27 (registry+https://github.com/rust-lang/crates.io-index)" = "1efc4f2a556c58e79c5500912e221dd826bec64ff4aabd8ce71ccef6da02d7d4" "checksum kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d" "checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" @@ -27,7 +27,6 @@ aead = "^0.1.1" clear_on_drop = "0.2.3" env_logger = "0.6" num_cpus = "^1.10" -jemallocator = "0.3.0" [target.'cfg(unix)'.dependencies] libc = "0.2" diff --git a/src/configuration/config.rs b/src/configuration/config.rs index e50aeb6..f11d90d 100644 --- a/src/configuration/config.rs +++ b/src/configuration/config.rs @@ -22,6 +22,8 @@ pub struct PeerState { pub last_handshake_time_nsec: u64, pub public_key: PublicKey, pub allowed_ips: Vec<(IpAddr, u32)>, + pub endpoint: Option<SocketAddr>, + pub persistent_keepalive_interval: u64, pub preshared_key: [u8; 32], // 0^32 is the "default value" } @@ -295,8 +297,10 @@ impl<T: tun::Tun, B: bind::PlatformBind> Configuration for WireguardConfig<T, B> // extract state into PeerState state.push(PeerState { preshared_key: psk, + endpoint: p.router.get_endpoint(), rx_bytes: p.rx_bytes.load(Ordering::Relaxed), tx_bytes: p.tx_bytes.load(Ordering::Relaxed), + persistent_keepalive_interval: p.get_keepalive_interval(), allowed_ips: p.router.list_allowed_ips(), last_handshake_time_nsec: last_handshake.subsec_nanos() as u64, last_handshake_time_sec: last_handshake.as_secs(), diff --git a/src/configuration/uapi/get.rs b/src/configuration/uapi/get.rs index 43d4735..f0746b3 100644 --- a/src/configuration/uapi/get.rs +++ b/src/configuration/uapi/get.rs @@ -2,12 +2,13 @@ use log; use std::io; use super::Configuration; +use super::Endpoint; pub fn serialize<C: Configuration, W: io::Write>(writer: &mut W, config: &C) -> io::Result<()> { let mut write = |key: &'static str, value: String| { debug_assert!(value.is_ascii()); debug_assert!(key.is_ascii()); - log::trace!("UAPI: return : {} = {}", key, value); + log::trace!("UAPI: return : {}={}", key, value); writer.write(key.as_ref())?; writer.write(b"=")?; writer.write(value.as_ref())?; @@ -30,6 +31,7 @@ pub fn serialize<C: Configuration, W: io::Write>(writer: &mut W, config: &C) -> // serialize all peers let mut peers = config.get_peers(); while let Some(p) = peers.pop() { + write("public_key", hex::encode(p.public_key.as_bytes()))?; write("rx_bytes", p.rx_bytes.to_string())?; write("tx_bytes", p.tx_bytes.to_string())?; write( @@ -40,7 +42,13 @@ pub fn serialize<C: Configuration, W: io::Write>(writer: &mut W, config: &C) -> "last_handshake_time_nsec", p.last_handshake_time_nsec.to_string(), )?; - write("public_key", hex::encode(p.public_key.as_bytes()))?; + write( + "persistent_keepalive_interval", + p.persistent_keepalive_interval.to_string(), + )?; + if let Some(endpoint) = p.endpoint { + write("endpoint", endpoint.into_address().to_string())?; + } write("preshared_key", hex::encode(p.preshared_key))?; for (ip, cidr) in p.allowed_ips { write("allowed_ip", ip.to_string() + "/" + &cidr.to_string())?; diff --git a/src/configuration/uapi/mod.rs b/src/configuration/uapi/mod.rs index 3cb88c0..4f0b741 100644 --- a/src/configuration/uapi/mod.rs +++ b/src/configuration/uapi/mod.rs @@ -4,6 +4,7 @@ mod set; use log; use std::io::{Read, Write}; +use super::Endpoint; use super::{ConfigError, Configuration}; use get::serialize; @@ -55,14 +56,12 @@ pub fn handle<S: Read + Write, C: Configuration>(stream: &mut S, config: &C) { loop { let ln = readline(stream)?; if ln == "" { - // end of transcript - parser.parse_line("", "")?; // flush final peer - break Ok(()); - } else { - let (k, v) = keypair(ln.as_str())?; - parser.parse_line(k, v)?; - }; + break; + } + let (k, v) = keypair(ln.as_str())?; + parser.parse_line(k, v)?; } + parser.parse_line("", "") } _ => Err(ConfigError::InvalidOperation), } diff --git a/src/configuration/uapi/set.rs b/src/configuration/uapi/set.rs index 882e4a7..b44ee1c 100644 --- a/src/configuration/uapi/set.rs +++ b/src/configuration/uapi/set.rs @@ -56,33 +56,40 @@ impl<'a, C: Configuration> LineParser<'a, C> { // flush peer updates to configuration fn flush_peer<C: Configuration>(config: &C, peer: &ParsedPeer) -> Option<ConfigError> { if peer.remove { + log::trace!("flush peer, remove peer"); config.remove_peer(&peer.public_key); return None; } if !peer.update_only { + log::trace!("flush peer, add peer"); config.add_peer(&peer.public_key); } - for (ip, masklen) in &peer.allowed_ips { - config.add_allowed_ip(&peer.public_key, *ip, *masklen); + for (ip, cidr) in &peer.allowed_ips { + log::trace!("flush peer, add allowed_ips : {}/{}", ip.to_string(), cidr); + config.add_allowed_ip(&peer.public_key, *ip, *cidr); } if let Some(psk) = peer.preshared_key { + log::trace!("flush peer, set preshared_key {}", hex::encode(psk)); config.set_preshared_key(&peer.public_key, psk); } if let Some(secs) = peer.persistent_keepalive_interval { + log::trace!("flush peer, set persistent_keepalive_interval {}", secs); config.set_persistent_keepalive_interval(&peer.public_key, secs); } if let Some(version) = peer.protocol_version { + log::trace!("flush peer, set protocol_version {}", version); if version == 0 || version > config.get_protocol_version() { return Some(ConfigError::UnsupportedProtocolVersion); } } if let Some(endpoint) = peer.endpoint { + log::trace!("flush peer, set endpoint {}", endpoint.to_string()); config.set_endpoint(&peer.public_key, endpoint); }; @@ -232,6 +239,7 @@ impl<'a, C: Configuration> LineParser<'a, C> { // flush (used at end of transcipt) "" => { + log::trace!("UAPI, Set, processes end of transaction"); flush_peer(self.config, &peer); Ok(()) } diff --git a/src/main.rs b/src/main.rs index b1762cb..89c6bdb 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,19 +1,14 @@ #![feature(test)] #![allow(dead_code)] -extern crate jemallocator; +use log; -#[global_allocator] -static ALLOC: jemallocator::Jemalloc = jemallocator::Jemalloc; +use std::env; mod configuration; mod platform; mod wireguard; -use log; - -use std::env; - use platform::tun::PlatformTun; use platform::uapi::{BindUAPI, PlatformUAPI}; use platform::*; @@ -34,7 +29,10 @@ fn main() { return; } - let _ = env_logger::builder().is_test(true).try_init(); + // start logging + env_logger::builder() + .try_init() + .expect("Failed to initialize event logger"); // create UAPI socket let uapi = plt::UAPI::bind(name.as_str()).unwrap(); diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs index 7adcf8a..34273d5 100644 --- a/src/wireguard/router/device.rs +++ b/src/wireguard/router/device.rs @@ -1,6 +1,4 @@ use std::collections::HashMap; - -use std::net::{Ipv4Addr, Ipv6Addr}; use std::sync::atomic::{AtomicBool, AtomicUsize, Ordering}; use std::sync::mpsc::sync_channel; use std::sync::mpsc::SyncSender; @@ -10,7 +8,6 @@ use std::time::Instant; use log::debug; use spin::{Mutex, RwLock}; -use treebitmap::IpLookupTable; use zerocopy::LayoutVerified; use super::anti_replay::AntiReplay; diff --git a/src/wireguard/router/route.rs b/src/wireguard/router/route.rs index e5f5955..1c93009 100644 --- a/src/wireguard/router/route.rs +++ b/src/wireguard/router/route.rs @@ -25,6 +25,7 @@ impl<T> RoutingTable<T> { } } + // collect keys mapping to the given value fn collect<A>(table: &IpLookupTable<A, Arc<T>>, value: &Arc<T>) -> Vec<(A, u32)> where A: Address, @@ -38,6 +39,13 @@ impl<T> RoutingTable<T> { res } + pub fn insert(&self, ip: IpAddr, cidr: u32, value: Arc<T>) { + match ip { + IpAddr::V4(v4) => self.ipv4.write().insert(v4.mask(cidr), cidr, value), + IpAddr::V6(v6) => self.ipv6.write().insert(v6.mask(cidr), cidr, value), + }; + } + pub fn list(&self, value: &Arc<T>) -> Vec<(IpAddr, u32)> { let mut res = vec![]; res.extend( @@ -55,10 +63,11 @@ impl<T> RoutingTable<T> { pub fn remove(&self, value: &Arc<T>) { let mut v4 = self.ipv4.write(); - let mut v6 = self.ipv6.write(); for (ip, cidr) in Self::collect(&*v4, value) { v4.remove(ip, cidr); } + + let mut v6 = self.ipv6.write(); for (ip, cidr) in Self::collect(&*v6, value) { v6.remove(ip, cidr); } @@ -153,11 +162,4 @@ impl<T> RoutingTable<T> { _ => None, } } - - pub fn insert(&self, ip: IpAddr, cidr: u32, value: Arc<T>) { - match ip { - IpAddr::V4(v4) => self.ipv4.write().insert(v4.mask(cidr), cidr, value), - IpAddr::V6(v6) => self.ipv6.write().insert(v6.mask(cidr), cidr, value), - }; - } } diff --git a/src/wireguard/timers.rs b/src/wireguard/timers.rs index 8f6b3ee..bfd2583 100644 --- a/src/wireguard/timers.rs +++ b/src/wireguard/timers.rs @@ -36,6 +36,11 @@ impl Timers { } impl<T: tun::Tun, B: bind::Bind> PeerInner<T, B> { + + pub fn get_keepalive_interval(&self) -> u64 { + self.timers().keepalive_interval + } + pub fn stop_timers(&self) { // take a write lock preventing simultaneous timer events or "start_timers" call let mut timers = self.timers_mut(); @@ -191,7 +196,6 @@ impl<T: tun::Tun, B: bind::Bind> PeerInner<T, B> { self.timers_any_authenticated_packet_sent(); } - pub fn set_persistent_keepalive_interval(&self, secs: u64) { let mut timers = self.timers_mut(); @@ -405,6 +409,6 @@ impl<T: tun::Tun, B: bind::Bind> Callbacks for Events<T, B> { #[inline(always)] fn key_confirmed(peer: &Self::Opaque) { - peer.timers().retransmit_handshake.stop(); + peer.timers_handshake_complete(); } } diff --git a/src/wireguard/wireguard.rs b/src/wireguard/wireguard.rs index 00ee053..e548c8a 100644 --- a/src/wireguard/wireguard.rs +++ b/src/wireguard/wireguard.rs @@ -368,7 +368,6 @@ impl<T: Tun, B: Bind> Wireguard<T, B> { wg.pending.fetch_sub(1, Ordering::SeqCst); let device = wg.handshake.read(); - match job { HandshakeJob::Message(msg, src) => { // feed message to handshake device @@ -418,10 +417,14 @@ impl<T: Tun, B: Bind> Wireguard<T, B> { // update endpoint peer.router.set_endpoint(src); - // update timers after sending handshake response if resp_len > 0 { + // update timers after sending handshake response debug!("{} : handshake worker, handshake response sent", wg); peer.state.sent_handshake_response(); + } else { + // update timers after receiving handshake response + debug!("{} : handshake worker, handshake response was received", wg); + peer.state.timers_handshake_complete(); } // add any new keypair to peer |