diff options
| author |   Quang Luong <quangio@outlook.com> | 2020-09-18 11:20:06 +0700 |
|---|---|---|
| committer |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2020-10-08 10:19:51 +0200 |
| commit | 9b53a9d1a61115a328ca43955153d09cc2e969ef (patch) | |
| tree | b84d83a431dfdc5777e61d40c60c7b0de088f8fd /src/wireguard | |
| parent | Added MIT license (diff) | |
| download | wireguard-rs-9b53a9d1a61115a328ca43955153d09cc2e969ef.tar.xz wireguard-rs-9b53a9d1a61115a328ca43955153d09cc2e969ef.zip | |
Fix some clippy warnings
Signed-off-by: Quang Luong <quangio@outlook.com>
Diffstat (limited to 'src/wireguard')
| -rw-r--r-- | src/wireguard/handshake/device.rs | 18 | ||||
| -rw-r--r-- | src/wireguard/handshake/noise.rs | 2 | ||||
| -rw-r--r-- | src/wireguard/handshake/peer.rs | 34 | ||||
| -rw-r--r-- | src/wireguard/handshake/ratelimiter.rs | 2 | ||||
| -rw-r--r-- | src/wireguard/handshake/timestamp.rs | 2 | ||||
| -rw-r--r-- | src/wireguard/peer.rs | 2 | ||||
| -rw-r--r-- | src/wireguard/queue.rs | 5 | ||||
| -rw-r--r-- | src/wireguard/router/device.rs | 10 | ||||
| -rw-r--r-- | src/wireguard/router/peer.rs | 41 | ||||
| -rw-r--r-- | src/wireguard/router/queue.rs | 4 | ||||
| -rw-r--r-- | src/wireguard/router/route.rs | 4 | ||||
| -rw-r--r-- | src/wireguard/router/types.rs | 16 | ||||
| -rw-r--r-- | src/wireguard/router/worker.rs | 1 | ||||
| -rw-r--r-- | src/wireguard/timers.rs | 5 | ||||
| -rw-r--r-- | src/wireguard/wireguard.rs | 4 | ||||
| -rw-r--r-- | src/wireguard/workers.rs | 4 |
16 files changed, 66 insertions, 88 deletions
diff --git a/src/wireguard/handshake/device.rs b/src/wireguard/handshake/device.rs index 5e69921..d71f351 100644 --- a/src/wireguard/handshake/device.rs +++ b/src/wireguard/handshake/device.rs @@ -118,7 +118,9 @@ impl<O> Device<O> { } else { peer.ss.clear(); } - peer.reset_state().map(|id| ids.push(id)); + if let Some(id) = peer.reset_state() { + ids.push(id) + } } (ids, same) @@ -212,7 +214,7 @@ impl<O> Device<O> { // remove the peer self.pk_map .remove(pk.as_bytes()) - .ok_or(ConfigError::new("Public key not in device"))?; + .ok_or_else(|| ConfigError::new("Public key not in device"))?; // remove every id entry for the peer in the public key map // O(n) operations, however it is rare: only when removing peers. @@ -389,9 +391,6 @@ impl<O> Device<O> { // address validation & DoS mitigation if let Some(src) = src { - // obtain ref to socket addr - let src = src.into(); - // check mac2 field if !keyst.macs.check_mac2(msg.noise.as_bytes(), &src, &msg.macs) { let mut reply = Default::default(); @@ -471,12 +470,9 @@ impl<O> Device<O> { } // write lock the shard and insert - match self.id_map.entry(id) { - Entry::Vacant(entry) => { - entry.insert(*pk.as_bytes()); - return id; - } - _ => (), + if let Entry::Vacant(entry) = self.id_map.entry(id) { + entry.insert(*pk.as_bytes()); + return id; }; } } diff --git a/src/wireguard/handshake/noise.rs b/src/wireguard/handshake/noise.rs index 4141cb9..475b159 100644 --- a/src/wireguard/handshake/noise.rs +++ b/src/wireguard/handshake/noise.rs @@ -11,8 +11,6 @@ use hmac::Hmac; use aead::{Aead, NewAead, Payload}; use chacha20poly1305::ChaCha20Poly1305; -use log; - use rand::prelude::{CryptoRng, RngCore}; use generic_array::typenum::*; diff --git a/src/wireguard/handshake/peer.rs b/src/wireguard/handshake/peer.rs index 1636e62..f847725 100644 --- a/src/wireguard/handshake/peer.rs +++ b/src/wireguard/handshake/peer.rs @@ -50,13 +50,10 @@ pub enum State { impl Drop for State { fn drop(&mut self) { - match self { - State::InitiationSent { hs, ck, .. } => { - // eph_sk already cleared by dalek-x25519 - hs.clear(); - ck.clear(); - } - _ => (), + if let State::InitiationSent { hs, ck, .. } = self { + // eph_sk already cleared by dalek-x25519 + hs.clear(); + ck.clear(); } } } @@ -97,29 +94,22 @@ impl<O> Peer<O> { let mut last_initiation_consumption = self.last_initiation_consumption.lock(); // check replay attack - match *timestamp { - Some(timestamp_old) => { - if !timestamp::compare(×tamp_old, ×tamp_new) { - return Err(HandshakeError::OldTimestamp); - } + if let Some(timestamp_old) = *timestamp { + if !timestamp::compare(×tamp_old, ×tamp_new) { + return Err(HandshakeError::OldTimestamp); } - _ => (), }; // check flood attack - match *last_initiation_consumption { - Some(last) => { - if last.elapsed() < TIME_BETWEEN_INITIATIONS { - return Err(HandshakeError::InitiationFlood); - } + if let Some(last) = *last_initiation_consumption { + if last.elapsed() < TIME_BETWEEN_INITIATIONS { + return Err(HandshakeError::InitiationFlood); } - _ => (), } // reset state - match *state { - State::InitiationSent { local, .. } => device.release(local), - _ => (), + if let State::InitiationSent { local, .. } = *state { + device.release(local) } // update replay & flood protection diff --git a/src/wireguard/handshake/ratelimiter.rs b/src/wireguard/handshake/ratelimiter.rs index 89109e9..f6210fc 100644 --- a/src/wireguard/handshake/ratelimiter.rs +++ b/src/wireguard/handshake/ratelimiter.rs @@ -5,8 +5,6 @@ use std::sync::{Arc, Condvar, Mutex}; use std::thread; use std::time::{Duration, Instant}; -use spin; - const PACKETS_PER_SECOND: u64 = 20; const PACKETS_BURSTABLE: u64 = 5; const PACKET_COST: u64 = 1_000_000_000 / PACKETS_PER_SECOND; diff --git a/src/wireguard/handshake/timestamp.rs b/src/wireguard/handshake/timestamp.rs index b5bd9f0..485bb8d 100644 --- a/src/wireguard/handshake/timestamp.rs +++ b/src/wireguard/handshake/timestamp.rs @@ -28,5 +28,5 @@ pub fn compare(old: &TAI64N, new: &TAI64N) -> bool { return true; } } - return false; + false } diff --git a/src/wireguard/peer.rs b/src/wireguard/peer.rs index 37b4684..170d2b1 100644 --- a/src/wireguard/peer.rs +++ b/src/wireguard/peer.rs @@ -26,7 +26,7 @@ pub struct PeerInner<T: Tun, B: UDP> { pub pk: PublicKey, // handshake state - pub walltime_last_handshake: Mutex<Option<SystemTime>>, // walltime for last handshake (for UAPI status) + pub walltime_last_handshake: Mutex<Option<SystemTime>>, /* walltime for last handshake (for UAPI status) */ pub last_handshake_sent: Mutex<Instant>, // instant for last handshake pub handshake_queued: AtomicBool, // is a handshake job currently queued? diff --git a/src/wireguard/queue.rs b/src/wireguard/queue.rs index 75b9104..f9e4150 100644 --- a/src/wireguard/queue.rs +++ b/src/wireguard/queue.rs @@ -12,7 +12,6 @@ impl<T> ParallelQueue<T> { /// /// - `queues`: number of readers /// - `capacity`: capacity of each internal queue - /// pub fn new(queues: usize, capacity: usize) -> (Self, Vec<Receiver<T>>) { let mut receivers = Vec::with_capacity(queues); let (tx, rx) = bounded(capacity); @@ -28,9 +27,9 @@ impl<T> ParallelQueue<T> { } pub fn send(&self, v: T) { - self.queue.lock().unwrap().as_ref().map(|s| { + if let Some(s) = self.queue.lock().unwrap().as_ref() { let _ = s.send(v); - }); + } } pub fn close(&self) { diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs index 62ef932..54e5149 100644 --- a/src/wireguard/router/device.rs +++ b/src/wireguard/router/device.rs @@ -4,7 +4,6 @@ use std::sync::atomic::AtomicBool; use std::sync::Arc; use std::thread; -use log; use spin::{Mutex, RwLock}; use zerocopy::LayoutVerified; @@ -31,7 +30,7 @@ pub struct DeviceInner<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer pub(super) outbound: RwLock<(bool, Option<B>)>, // routing - pub(super) recv: RwLock<HashMap<u32, Arc<DecryptionState<E, C, T, B>>>>, // receiver id -> decryption state + pub(super) recv: RwLock<HashMap<u32, Arc<DecryptionState<E, C, T, B>>>>, /* receiver id -> decryption state */ pub(super) table: RoutingTable<Peer<E, C, T, B>>, // work queue @@ -141,7 +140,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle< return bind.write(msg, dst); } } - return Ok(()); + Ok(()) } /// Brings the router down. @@ -178,7 +177,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle< /// # Arguments /// /// - msg: IP packet to crypt-key route - /// pub fn send(&self, msg: Vec<u8>) -> Result<(), RouterError> { debug_assert!(msg.len() > SIZE_MESSAGE_PREFIX); log::trace!( @@ -209,8 +207,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle< /// - msg: Encrypted transport message /// /// # Returns - /// - /// pub fn recv(&self, src: E, msg: Vec<u8>) -> Result<(), RouterError> { log::trace!("receive, src: {}", src.into_address()); @@ -253,8 +249,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle< } /// Set outbound writer - /// - /// pub fn set_outbound_writer(&self, new: B) { self.state.outbound.write().1 = Some(new); } diff --git a/src/wireguard/router/peer.rs b/src/wireguard/router/peer.rs index d960da0..0803b13 100644 --- a/src/wireguard/router/peer.rs +++ b/src/wireguard/router/peer.rs @@ -26,7 +26,6 @@ use std::fmt; use std::net::{IpAddr, SocketAddr}; use arraydeque::{ArrayDeque, Wrapping}; -use log; use spin::Mutex; pub struct KeyWheel { @@ -155,11 +154,17 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Drop for Peer let mut keys = peer.keys.lock(); let mut release = Vec::with_capacity(3); - keys.next.as_ref().map(|k| release.push(k.recv.id)); - keys.current.as_ref().map(|k| release.push(k.recv.id)); - keys.previous.as_ref().map(|k| release.push(k.recv.id)); + if let Some(k) = keys.next.as_ref() { + release.push(k.recv.id) + } + if let Some(k) = keys.current.as_ref() { + release.push(k.recv.id) + } + if let Some(k) = keys.previous.as_ref() { + release.push(k.recv.id) + } - if release.len() > 0 { + if !release.is_empty() { let mut recv = peer.device.recv.write(); for id in &release { recv.remove(id); @@ -185,7 +190,6 @@ pub fn new_peer<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>>( ) -> PeerHandle<E, C, T, B> { // allocate peer object let peer = { - let device = device.clone(); Peer { inner: Arc::new(PeerInner { opaque, @@ -245,7 +249,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Peer<E, C, T, /// /// - `msg` : A padded vector holding the message (allows in-place construction of the transport header) /// - `stage`: Should the message be staged if no key is available - /// pub(super) fn send(&self, msg: Vec<u8>, stage: bool) { // check if key available let (job, need_key) = { @@ -385,9 +388,15 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> PeerHandle<E, // update key-wheel - mem::replace(&mut keys.next, None).map(|k| release.push(k.local_id())); - mem::replace(&mut keys.current, None).map(|k| release.push(k.local_id())); - mem::replace(&mut keys.previous, None).map(|k| release.push(k.local_id())); + if let Some(k) = mem::replace(&mut keys.next, None) { + release.push(k.local_id()) + } + if let Some(k) = mem::replace(&mut keys.current, None) { + release.push(k.local_id()) + } + if let Some(k) = mem::replace(&mut keys.previous, None) { + release.push(k.local_id()) + } keys.retired.extend(&release[..]); // update inbound "recv" map @@ -439,11 +448,11 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> PeerHandle<E, *self.peer.enc_key.lock() = Some(EncryptionState::new(&new)); // move current into previous - keys.previous = keys.current.as_ref().map(|v| v.clone()); + keys.previous = keys.current.as_ref().cloned(); keys.current = Some(new.clone()); } else { // store the key and await confirmation - keys.previous = keys.next.as_ref().map(|v| v.clone()); + keys.previous = keys.next.as_ref().cloned(); keys.next = Some(new.clone()); }; @@ -453,10 +462,10 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> PeerHandle<E, let mut recv = self.peer.device.recv.write(); // purge recv map of previous id - keys.previous.as_ref().map(|k| { + if let Some(k) = &keys.previous { recv.remove(&k.local_id()); release.push(k.local_id()); - }); + } // map new id to decryption state debug_assert!(!recv.contains_key(&new.recv.id)); @@ -531,7 +540,9 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> PeerHandle<E, } pub fn clear_src(&self) { - (*self.peer.endpoint.lock()).as_mut().map(|e| e.clear_src()); + if let Some(e) = (*self.peer.endpoint.lock()).as_mut() { + e.clear_src() + } } pub fn purge_staged_packets(&self) { diff --git a/src/wireguard/router/queue.rs b/src/wireguard/router/queue.rs index d5d657a..b266a57 100644 --- a/src/wireguard/router/queue.rs +++ b/src/wireguard/router/queue.rs @@ -67,9 +67,7 @@ impl<J: SequentialJob> Queue<J> { match queue.front() { None => break, Some(job) => { - if job.is_ready() { - () - } else { + if !job.is_ready() { break; } } diff --git a/src/wireguard/router/route.rs b/src/wireguard/router/route.rs index a556010..7e50153 100644 --- a/src/wireguard/router/route.rs +++ b/src/wireguard/router/route.rs @@ -88,7 +88,7 @@ impl<T: Eq + Clone> RoutingTable<T> { self.ipv4 .read() .longest_match(Ipv4Addr::from(header.f_destination)) - .and_then(|(_, _, p)| Some(p.clone())) + .map(|(_, _, p)| p.clone()) } VERSION_IP6 => { // check length and cast to IPv6 header @@ -104,7 +104,7 @@ impl<T: Eq + Clone> RoutingTable<T> { self.ipv6 .read() .longest_match(Ipv6Addr::from(header.f_destination)) - .and_then(|(_, _, p)| Some(p.clone())) + .map(|(_, _, p)| p.clone()) } v => { log::trace!("router, invalid IP version {}", v); diff --git a/src/wireguard/router/types.rs b/src/wireguard/router/types.rs index e0cd459..e44963f 100644 --- a/src/wireguard/router/types.rs +++ b/src/wireguard/router/types.rs @@ -15,16 +15,16 @@ impl<T> Opaque for T where T: Send + Sync + 'static {} /// * `0`, a reference to the opaque value assigned to the peer /// * `1`, a bool indicating whether the message contained data (not just keepalive) /// * `2`, a bool indicating whether the message was transmitted (i.e. did the peer have an associated endpoint?) -pub trait Callback<T>: Fn(&T, usize, bool) -> () + Sync + Send + 'static {} +pub trait Callback<T>: Fn(&T, usize, bool) + Sync + Send + 'static {} -impl<T, F> Callback<T> for F where F: Fn(&T, usize, bool) -> () + Sync + Send + 'static {} +impl<T, F> Callback<T> for F where F: Fn(&T, usize, bool) + Sync + Send + 'static {} /// A key callback takes 1 argument /// /// * `0`, a reference to the opaque value assigned to the peer -pub trait KeyCallback<T>: Fn(&T) -> () + Sync + Send + 'static {} +pub trait KeyCallback<T>: Fn(&T) + Sync + Send + 'static {} -impl<T, F> KeyCallback<T> for F where F: Fn(&T) -> () + Sync + Send + 'static {} +impl<T, F> KeyCallback<T> for F where F: Fn(&T) + Sync + Send + 'static {} pub trait Callbacks: Send + Sync + 'static { type Opaque: Opaque; @@ -58,11 +58,11 @@ impl fmt::Display for RouterError { } impl Error for RouterError { - fn description(&self) -> &str { - "Generic Handshake Error" - } - fn source(&self) -> Option<&(dyn Error + 'static)> { None } + + fn description(&self) -> &str { + "Generic Handshake Error" + } } diff --git a/src/wireguard/router/worker.rs b/src/wireguard/router/worker.rs index 4913a21..99c2a1d 100644 --- a/src/wireguard/router/worker.rs +++ b/src/wireguard/router/worker.rs @@ -6,7 +6,6 @@ use super::super::{tun, udp, Endpoint}; use super::types::Callbacks; use crossbeam_channel::Receiver; -use log; pub enum JobUnion<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { Outbound(SendJob<E, C, T, B>), diff --git a/src/wireguard/timers.rs b/src/wireguard/timers.rs index 94a95ab..be0f5f9 100644 --- a/src/wireguard/timers.rs +++ b/src/wireguard/timers.rs @@ -268,7 +268,6 @@ impl Timers { handshake_attempts: AtomicUsize::new(0), retransmit_handshake: { let wg = wg.clone(); - let pk = pk.clone(); runner.timer(move || { // fetch peer by public key fetch_peer!(wg, pk, peer); @@ -300,7 +299,6 @@ impl Timers { }, send_keepalive: { let wg = wg.clone(); - let pk = pk.clone(); runner.timer(move || { // fetch peer by public key fetch_peer!(wg, pk, peer); @@ -315,7 +313,6 @@ impl Timers { }, new_handshake: { let wg = wg.clone(); - let pk = pk.clone(); runner.timer(move || { // fetch peer by public key fetch_peer!(wg, pk, peer); @@ -333,7 +330,6 @@ impl Timers { }, zero_key_material: { let wg = wg.clone(); - let pk = pk.clone(); runner.timer(move || { // fetch peer by public key fetch_peer!(wg, pk, peer); @@ -345,7 +341,6 @@ impl Timers { }, send_persistent_keepalive: { let wg = wg.clone(); - let pk = pk.clone(); runner.timer(move || { // fetch peer by public key fetch_peer!(wg, pk, peer); diff --git a/src/wireguard/wireguard.rs b/src/wireguard/wireguard.rs index 9ec7d44..35bd342 100644 --- a/src/wireguard/wireguard.rs +++ b/src/wireguard/wireguard.rs @@ -126,7 +126,7 @@ impl<T: Tun, B: UDP> WireGuard<T, B> { let mut enabled = self.enabled.write(); // check if already down - if *enabled == false { + if !(*enabled) { return; } @@ -209,7 +209,7 @@ impl<T: Tun, B: UDP> WireGuard<T, B> { let enabled = self.enabled.read(); // create timers (lookup by public key) - let timers = Timers::new::<T, B>(self.clone(), pk.clone(), *enabled); + let timers = Timers::new::<T, B>(self.clone(), pk, *enabled); // create new router peer let peer: router::PeerHandle<B::Endpoint, PeerInner<T, B>, T::Writer, B::Writer> = diff --git a/src/wireguard/workers.rs b/src/wireguard/workers.rs index b4673cd..27acf2f 100644 --- a/src/wireguard/workers.rs +++ b/src/wireguard/workers.rs @@ -231,7 +231,7 @@ pub fn handshake_worker<T: Tun, B: UDP>( } // add any new keypair to peer - keypair.map(|kp| { + if let Some(kp) = keypair { debug!("{} : handshake worker, new keypair for {}", wg, peer); // this means that a handshake response was processed or sent @@ -241,7 +241,7 @@ pub fn handshake_worker<T: Tun, B: UDP>( for id in peer.add_keypair(kp) { device.release(id); } - }); + }; } } Err(e) => debug!("{} : handshake worker, error = {:?}", wg, e), |