diff options
| author |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-10-28 14:48:24 +0100 |
|---|---|---|
| committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-10-28 14:48:24 +0100 |
| commit | 4ff328b7da876fb3305fefd83865553af9c8ab2c (patch) | |
| tree | bd1680d9f7316415e3044fd152ef503729d97239 /src/wireguard/router | |
| parent | Fixed Ordering::Acquire -> Ordering::SeqCst typo (diff) | |
| download | wireguard-rs-4ff328b7da876fb3305fefd83865553af9c8ab2c.tar.xz wireguard-rs-4ff328b7da876fb3305fefd83865553af9c8ab2c.zip | |
First full test of pure WireGuard
Diffstat (limited to 'src/wireguard/router')
| -rw-r--r-- | src/wireguard/router/device.rs | 10 | ||||
| -rw-r--r-- | src/wireguard/router/peer.rs | 12 | ||||
| -rw-r--r-- | src/wireguard/router/tests.rs | 8 | ||||
| -rw-r--r-- | src/wireguard/router/types.rs | 4 |
4 files changed, 14 insertions, 20 deletions
diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs index b122bf4..254b3de 100644 --- a/src/wireguard/router/device.rs +++ b/src/wireguard/router/device.rs @@ -89,13 +89,7 @@ fn get_route<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>>( device: &Arc<DeviceInner<E, C, T, B>>, packet: &[u8], ) -> Option<Arc<PeerInner<E, C, T, B>>> { - // ensure version access within bounds - if packet.len() < 1 { - return None; - }; - - // cast to correct IP header - match packet[0] >> 4 { + match packet.get(0)? >> 4 { VERSION_IP4 => { // check length and cast to IPv4 header let (header, _): (LayoutVerified<&[u8], IPv4Header>, _) = @@ -176,7 +170,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C, let packet = &msg[SIZE_MESSAGE_PREFIX..]; // lookup peer based on IP packet destination address - let peer = get_route(&self.state, packet).ok_or(RouterError::NoCryptKeyRoute)?; + let peer = get_route(&self.state, packet).ok_or(RouterError::NoCryptoKeyRoute)?; // schedule for encryption and transmission to peer if let Some(job) = peer.send_job(msg, true) { diff --git a/src/wireguard/router/peer.rs b/src/wireguard/router/peer.rs index 0b193a4..66a6e9f 100644 --- a/src/wireguard/router/peer.rs +++ b/src/wireguard/router/peer.rs @@ -531,8 +531,8 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Peer<E, C, T /// /// If an identical value already exists as part of a prior peer, /// the allowed IP entry will be removed from that peer and added to this peer. - pub fn add_subnet(&self, ip: IpAddr, masklen: u32) { - debug!("peer.add_subnet"); + pub fn add_allowed_ips(&self, ip: IpAddr, masklen: u32) { + debug!("peer.add_allowed_ips"); match ip { IpAddr::V4(v4) => { self.state @@ -556,8 +556,8 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Peer<E, C, T /// # Returns /// /// A vector of subnets, represented by as mask/size - pub fn list_subnets(&self) -> Vec<(IpAddr, u32)> { - debug!("peer.list_subnets"); + pub fn list_allowed_ips(&self) -> Vec<(IpAddr, u32)> { + debug!("peer.list_allowed_ips"); let mut res = Vec::new(); res.append(&mut treebit_list( &self.state, @@ -575,8 +575,8 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Peer<E, C, T /// Clear subnets mapped to the peer. /// After the call, no subnets will be cryptkey routed to the peer. /// Used for the UAPI command "replace_allowed_ips=true" - pub fn remove_subnets(&self) { - debug!("peer.remove_subnets"); + pub fn remove_allowed_ips(&self) { + debug!("peer.remove_allowed_ips"); treebit_remove(self, &self.state.device.ipv4); treebit_remove(self, &self.state.device.ipv6); } diff --git a/src/wireguard/router/tests.rs b/src/wireguard/router/tests.rs index d44a612..6184993 100644 --- a/src/wireguard/router/tests.rs +++ b/src/wireguard/router/tests.rs @@ -157,7 +157,7 @@ mod tests { let (mask, len, ip) = ("192.168.1.0", 24, "192.168.1.20"); let mask: IpAddr = mask.parse().unwrap(); let ip1: IpAddr = ip.parse().unwrap(); - peer.add_subnet(mask, len); + peer.add_allowed_ips(mask, len); // every iteration sends 10 GB b.iter(|| { @@ -215,7 +215,7 @@ mod tests { } // map subnet to peer - peer.add_subnet(mask, *len); + peer.add_allowed_ips(mask, *len); // create "IP packet" let msg = make_packet(1024, ip.parse().unwrap()); @@ -339,13 +339,13 @@ mod tests { let (mask, len, _ip, _okay) = p1; let peer1 = router1.new_peer(opaq1.clone()); let mask: IpAddr = mask.parse().unwrap(); - peer1.add_subnet(mask, *len); + peer1.add_allowed_ips(mask, *len); peer1.add_keypair(dummy_keypair(false)); let (mask, len, _ip, _okay) = p2; let peer2 = router2.new_peer(opaq2.clone()); let mask: IpAddr = mask.parse().unwrap(); - peer2.add_subnet(mask, *len); + peer2.add_allowed_ips(mask, *len); peer2.set_endpoint(dummy::UnitEndpoint::new()); if *stage { diff --git a/src/wireguard/router/types.rs b/src/wireguard/router/types.rs index 52ee4f1..9f769fe 100644 --- a/src/wireguard/router/types.rs +++ b/src/wireguard/router/types.rs @@ -31,7 +31,7 @@ pub trait Callbacks: Send + Sync + 'static { #[derive(Debug)] pub enum RouterError { - NoCryptKeyRoute, + NoCryptoKeyRoute, MalformedIPHeader, MalformedTransportMessage, UnknownReceiverId, @@ -42,7 +42,7 @@ pub enum RouterError { impl fmt::Display for RouterError { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match self { - RouterError::NoCryptKeyRoute => write!(f, "No cryptkey route configured for subnet"), + RouterError::NoCryptoKeyRoute => write!(f, "No cryptokey route configured for subnet"), RouterError::MalformedIPHeader => write!(f, "IP header is malformed"), RouterError::MalformedTransportMessage => write!(f, "IP header is malformed"), RouterError::UnknownReceiverId => { |