Implement disable/enable timers

author: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2019-11-06 13:50:38 +0100
committer: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2019-11-06 13:50:38 +0100
commit: 293914e47b046f862608a1af91864b6b38336aa5 (patch)
tree: c6851f4c0e8cd38efdcbc2aa6999395f67f1e555 /src/wireguard/router
parent: Work on Up/Down operation on WireGuard device (diff)
download: wireguard-rs-293914e47b046f862608a1af91864b6b38336aa5.tar.xz
wireguard-rs-293914e47b046f862608a1af91864b6b38336aa5.zip
3 files changed, 29 insertions, 23 deletions
diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs
index a5028e1..b3f1787 100644
--- a/src/wireguard/router/device.rs
+++ b/src/wireguard/router/device.rs
@@ -27,13 +27,11 @@ use super::route::get_route;
 use super::super::{bind, tun, Endpoint, KeyPair};
 
 pub struct DeviceInner<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> {
-    pub enabled: AtomicBool,
-
     // inbound writer (TUN)
     pub inbound: T,
 
     // outbound writer (Bind)
-    pub outbound: RwLock<Option<B>>,
+    pub outbound: RwLock<(bool, Option<B>)>,
 
     // routing
     pub recv: RwLock<HashMap<u32, Arc<DecryptionState<E, C, T, B>>>>, // receiver id -> decryption state
@@ -93,8 +91,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C,
         // allocate shared device state
         let inner = DeviceInner {
             inbound: tun,
-            enabled: AtomicBool::new(true),
-            outbound: RwLock::new(None),
+            outbound: RwLock::new((true, None)),
             queues: Mutex::new(Vec::with_capacity(num_workers)),
             queue_next: AtomicUsize::new(0),
             recv: RwLock::new(HashMap::new()),
@@ -120,12 +117,15 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C,
     /// Brings the router down.
     /// When the router is brought down it:
     /// - Prevents transmission of outbound messages.
-    /// - Erases all key state (key-wheels) of all peers
-    pub fn down(&self) {}
+    pub fn down(&self) {
+        self.state.outbound.write().0 = false;
+    }
 
     /// Brints the router up
     /// When the router is brought up it enables the transmission of outbound messages.
-    pub fn up(&self) {}
+    pub fn up(&self) {
+        self.state.outbound.write().0 = true;
+    }
 
     /// A new secret key has been set for the device.
     /// According to WireGuard semantics, this should cause all "sending" keys to be discarded.
@@ -209,6 +209,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C,
     ///
     ///
     pub fn set_outbound_writer(&self, new: B) {
-        *self.state.outbound.write() = Some(new);
+        self.state.outbound.write().1 = Some(new);
     }
 }
diff --git a/src/wireguard/router/peer.rs b/src/wireguard/router/peer.rs
index 7527a60..0d9b435 100644
--- a/src/wireguard/router/peer.rs
+++ b/src/wireguard/router/peer.rs
@@ -206,7 +206,6 @@ pub fn new_peer<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>>(
     // spawn outbound thread
     let thread_inbound = {
         let peer = peer.clone();
-        let device = device.clone();
         thread::spawn(move || worker_outbound(peer, out_rx))
     };
 
@@ -237,24 +236,25 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> PeerInner<E,
     pub fn send(&self, msg: &[u8]) -> Result<(), RouterError> {
         debug!("peer.send");
 
-        // check if device is enabled
-        if !self.device.enabled.load(Ordering::Acquire) {
-            return Ok(());
-        }
-
         // send to endpoint (if known)
         match self.endpoint.lock().as_ref() {
-            Some(endpoint) => self
-                .device
-                .outbound
-                .read()
-                .as_ref()
-                .ok_or(RouterError::SendError)
-                .and_then(|w| w.write(msg, endpoint).map_err(|_| RouterError::SendError)),
+            Some(endpoint) => {
+                let outbound = self.device.outbound.read();
+                if outbound.0 {
+                    outbound
+                        .1
+                        .as_ref()
+                        .ok_or(RouterError::SendError)
+                        .and_then(|w| w.write(msg, endpoint).map_err(|_| RouterError::SendError))
+                } else {
+                    Ok(())
+                }
+            }
             None => Err(RouterError::NoEndpoint),
         }
     }
 
+    // Transmit all staged packets
     fn send_staged(&self) -> bool {
         debug!("peer.send_staged");
         let mut sent = false;
@@ -451,6 +451,12 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Peer<E, C, T
         *self.state.ekey.lock() = None;
     }
 
+    pub fn down(&self) {
+        self.zero_keys();
+    }
+
+    pub fn up(&self) {}
+
     /// Add a new keypair
     ///
     /// # Arguments
diff --git a/src/wireguard/router/tests.rs b/src/wireguard/router/tests.rs
index d5a1133..d14b438 100644
--- a/src/wireguard/router/tests.rs
+++ b/src/wireguard/router/tests.rs
@@ -3,7 +3,7 @@ use std::sync::atomic::Ordering;
 use std::sync::Arc;
 use std::sync::Mutex;
 use std::thread;
-use std::time::{Duration, Instant};
+use std::time::Duration;
 
 use num_cpus;
author	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2019-11-06 13:50:38 +0100
committer	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2019-11-06 13:50:38 +0100
commit	293914e47b046f862608a1af91864b6b38336aa5 (patch)
tree	c6851f4c0e8cd38efdcbc2aa6999395f67f1e555 /src/wireguard/router
parent	Work on Up/Down operation on WireGuard device (diff)
download	wireguard-rs-293914e47b046f862608a1af91864b6b38336aa5.tar.xz wireguard-rs-293914e47b046f862608a1af91864b6b38336aa5.zip