Clean dead code

5 files changed, 30 insertions, 32 deletions

diff --git a/src/wireguard/router/constants.rs b/src/wireguard/router/constants.rs
index 6129fd7..82360bb 100644
--- a/src/wireguard/router/constants.rs
+++ b/src/wireguard/router/constants.rs
@@ -4,6 +4,6 @@ pub const MAX_STAGED_PACKETS: usize = 128;
 
 // performance constants
 
-pub const PARALLEL_QUEUE_SIZE: usize = MAX_STAGED_PACKETS;
+pub const PARALLEL_QUEUE_SIZE: usize = 256;
 pub const INORDER_QUEUE_SIZE: usize = PARALLEL_QUEUE_SIZE;
 pub const MAX_INORDER_CONSUME: usize = INORDER_QUEUE_SIZE;
diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs
index 1d3b743..a12a657 100644
--- a/src/wireguard/router/device.rs
+++ b/src/wireguard/router/device.rs
@@ -211,7 +211,10 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle<
 
     /// A new secret key has been set for the device.
     /// According to WireGuard semantics, this should cause all "sending" keys to be discarded.
-    pub fn new_sk(&self) {}
+    pub fn clear_sending_keys(&self) {
+        log::debug!("Clear sending keys");
+        // TODO: Implement. Consider: The device does not have an explicit list of peers
+    }
 
     /// Adds a new peer to the device
     ///
diff --git a/src/wireguard/router/inbound.rs b/src/wireguard/router/inbound.rs
index 96c2e33..dc2c44e 100644
--- a/src/wireguard/router/inbound.rs
+++ b/src/wireguard/router/inbound.rs
@@ -1,22 +1,20 @@
+use std::mem;
+use std::sync::atomic::Ordering;
+use std::sync::Arc;
+
+use crossbeam_channel::Receiver;
+use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305};
+use zerocopy::{AsBytes, LayoutVerified};
+
 use super::constants::MAX_INORDER_CONSUME;
 use super::device::DecryptionState;
 use super::device::Device;
 use super::messages::TransportHeader;
 use super::peer::Peer;
 use super::pool::*;
-use super::runq::RunQueue;
 use super::types::Callbacks;
 use super::{tun, udp, Endpoint};
-
-use crossbeam_channel::Receiver;
-use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305};
-use zerocopy::{AsBytes, LayoutVerified};
-
-use std::mem;
-use std::sync::atomic::Ordering;
-use std::sync::Arc;
-
-pub const SIZE_TAG: usize = 16;
+use super::{REJECT_AFTER_MESSAGES, SIZE_TAG};
 
 pub struct Inbound<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> {
     msg: Vec<u8>,
@@ -45,14 +43,8 @@ pub fn parallel<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
     device: Device<E, C, T, B>,
     receiver: Receiver<Job<Peer<E, C, T, B>, Inbound<E, C, T, B>>>,
 ) {
-    // run queue to schedule
-    fn queue<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
-        device: &Device<E, C, T, B>,
-    ) -> &RunQueue<Peer<E, C, T, B>> {
-        &device.run_inbound
-    }
-
     // parallel work to apply
+    #[inline(always)]
     fn work<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
         peer: &Peer<E, C, T, B>,
         body: &mut Inbound<E, C, T, B>,
@@ -94,6 +86,12 @@ pub fn parallel<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
             }
         }
 
+        // check that counter not after reject
+        if header.f_counter.get() >= REJECT_AFTER_MESSAGES {
+            body.failed = true;
+            return;
+        }
+
         // cryptokey route and strip padding
         let inner_len = {
             let length = packet.len() - SIZE_TAG;
diff --git a/src/wireguard/router/outbound.rs b/src/wireguard/router/outbound.rs
index a0a1c72..1edb2fb 100644
--- a/src/wireguard/router/outbound.rs
+++ b/src/wireguard/router/outbound.rs
@@ -1,3 +1,9 @@
+use std::sync::Arc;
+
+use crossbeam_channel::Receiver;
+use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305};
+use zerocopy::{AsBytes, LayoutVerified};
+
 use super::constants::MAX_INORDER_CONSUME;
 use super::device::Device;
 use super::messages::{TransportHeader, TYPE_TRANSPORT};
@@ -5,16 +11,8 @@ use super::peer::Peer;
 use super::pool::*;
 use super::types::Callbacks;
 use super::KeyPair;
-use super::REJECT_AFTER_MESSAGES;
 use super::{tun, udp, Endpoint};
-
-use std::sync::Arc;
-
-use crossbeam_channel::Receiver;
-use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, CHACHA20_POLY1305};
-use zerocopy::{AsBytes, LayoutVerified};
-
-pub const SIZE_TAG: usize = 16;
+use super::{REJECT_AFTER_MESSAGES, SIZE_TAG};
 
 pub struct Outbound {
     msg: Vec<u8>,
@@ -37,6 +35,7 @@ pub fn parallel<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
     device: Device<E, C, T, B>,
     receiver: Receiver<Job<Peer<E, C, T, B>, Outbound>>,
 ) {
+    #[inline(always)]
     fn work<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>(
         _peer: &Peer<E, C, T, B>,
         body: &mut Outbound,
diff --git a/src/wireguard/router/types.rs b/src/wireguard/router/types.rs
index 194f0d4..ae37a6b 100644
--- a/src/wireguard/router/types.rs
+++ b/src/wireguard/router/types.rs
@@ -35,7 +35,6 @@ pub trait Callbacks: Send + Sync + 'static {
 #[derive(Debug)]
 pub enum RouterError {
     NoCryptoKeyRoute,
-    MalformedIPHeader,
     MalformedTransportMessage,
     UnknownReceiverId,
     NoEndpoint,
@@ -46,8 +45,7 @@ impl fmt::Display for RouterError {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         match self {
             RouterError::NoCryptoKeyRoute => write!(f, "No cryptokey route configured for subnet"),
-            RouterError::MalformedIPHeader => write!(f, "IP header is malformed"),
-            RouterError::MalformedTransportMessage => write!(f, "IP header is malformed"),
+            RouterError::MalformedTransportMessage => write!(f, "Transport header is malformed"),
             RouterError::UnknownReceiverId => {
                 write!(f, "No decryption state associated with receiver id")
             }