diff options
Diffstat (limited to '')
| -rw-r--r-- | README.md | 24 | ||||
| -rw-r--r-- | architecture.svg | 3 | ||||
| -rw-r--r-- | src/wireguard/router/device.rs | 24 | ||||
| -rw-r--r-- | src/wireguard/router/peer.rs | 55 |
4 files changed, 58 insertions, 48 deletions
@@ -32,11 +32,25 @@ Coming soon. Coming soon. -# Building +## Building -The wireguard-rs project is targeting the current nightly. -To build this project obtain nightly `cargo` and `rustc` through [rustup](https://rustup.rs/), then simply run: +The wireguard-rs project is targeting the current nightly (although it should also build with stable Rust). - cargo build --release +To build wireguard-rs (on supported platforms): -To compile wireguard-rs to your current platform. +1. Obtain nightly `cargo` and `rustc` through [rustup](https://rustup.rs/) +2. Clone the repository: `git clone https://git.zx2c4.com/wireguard-rs`. +3. Run `cargo build --release` from inside the `wireguard-rs` directory. + +## Architecture + +This section is intended for those wishing to read/contribute to the code. + +WireGuard Rust has a similar separation of concerns as many other implementations of various cryptographic transports: +separating the handshake code from the packet protector. +The handshake module implements an authenticated key-exchange (NoiseIK), +which provides key-material, which is then consumed by the router module (packet protector) +responsible for the actual encapsulation of transport messages (IP packets). +This is illustrated below: + + diff --git a/architecture.svg b/architecture.svg new file mode 100644 index 0000000..f62ca07 --- /dev/null +++ b/architecture.svg @@ -0,0 +1,3 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<svg xmlns="http://www.w3.org/2000/svg" style="background-color: rgb(255, 255, 255);" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="471px" height="641px" viewBox="-0.5 -0.5 471 641" content="<mxfile host="app.diagrams.net" modified="2020-06-14T19:56:22.800Z" agent="5.0 (Windows)" etag="UgKCr4tiDCqFxxiLh2i1" version="13.2.4" type="device"><diagram id="6hGFLwfOUW9BJ-s0fimq" name="Page-1">5VrLcqM4FP0ab1MIgcDLvLtrprtSSXdlrcA1ZoKRWwjbma8fyQjbSCRh0uCZGC/8uAgZnaOrc65ggi8Xm1tOl/NvLIZs4jrxZoKvJq6LPBfJDxV5qSLBFFeBhKexbrQPPKR/gw46OlqmMRSNhoKxTKTLZjBieQ6RaMQo52zdbDZjWfNflzQBK/AQ0cyOPqaxmFfR0A328S+QJvP6nxGZVkcWtG6sR1LMaczWByF8PcGXnDFRfVtsLiFT4NW4VOfdvHJ0d2EcctHpBA38imalHpy+MPFSj5azMo9BneBM8MV6ngp4WNJIHV1LfmVsLhaZ/IXk11maZZcsY3x7LiZeQMJAxgvB2TMcHMHIw76nzmC5OIjPti8Zt4eiR7cCLmBzENJDuwW2AMFfZBN9NNQo62mG6sGt96R5vm4zPyDMI+6Zr6eLnirJrvM9mvKLBrQdXGJBCbGcR/on42LOEpbT7HofvWiCvW/zJ2NLDfFfIMSLTgpaCtYkoAK6npbuW0Cqq3kTRg4ZFemqOevbENGn3rFU/sUOfhf5DfyxZ4BasJJHoM86nKVGR3j6TkeC8gSE1dGWoN14OnHmWvnwheaxTNNnkGG5lJWSpl4zJA4D4rVmyLnvYTRwhhjAOo6VIchtyZCp8/vpYS8996wUwE8RZ8/5D4H2LKB/pAvgRa/4xj6EcSu+ofuECekHR9dr4ugFHXEMe8AxsHD8A9S1faNy1qY0s/CUgxJtq3MNTs5yMJDUIZqlSS5/RhIqmRH4QkGUSgdyrg8s0jjeCkYbS00e+4CdNJUUuzbs0xbU3R5QD993KJDH58rWKcAyWhRpNJwmHoy4zTrUsd+VzsCY58RAsqt0mhrsOUZH/Unn1F7P4VcJhbqa77CW7wdSeqqZgvxmpnjYzpRadPvOFIQsBkaQKqY5tGZ4Z5eJ38m5/lIF2TbzQTIzUbPgRr7fQ7SSH9cribkt0yeTLNgPzgzMW9IFOQMpC7KN0cQlmdBWcKI2EGoXQ36VqiaXo8Y329dhiCTq8zHlcFtSHh8Y2Ko3eSFVh1XDDoT+z4gyCmmftLCEh2KJWCzd0egZFD9XsCjVtk8GG1U3fHo7u1OPY9hZZPvZEciF6aykXnxMLna7kXVHZqnWo1zY1moETJl6/GGmTIcwIFN1rjb3j3bbR1AUNIETVnRkFIo7zo5gf13b/v7gEvwl42IU4GPySsIcA3zb0Y5hiTK29UxZ7rxCGf0gc6nrcYXqcMfn9IjyzLL8o0Wi2RExk6dHplr2bX9+37reVRq9tTuO/rXdfUJxPHPa7C5yAjyFYXbBSVu112Z3zXT40Apl292vatnOQfQK5SyMIIraoHwKfTV9BqkcjoqkvSV7D1SVvT+v7tT8pIImnC5OV2l3DlKjP21BH7Wg34vS2sXAI5djlqGvCv26OD5V7HHgGptGpOVmWjAQ+tg2+GOQT+KdEX+6fwUNAqyCqrOakrf9U39iike5N468Jm/hO4VwV96QdzTe7LriE6u29bjF8UQb277/EwNpP09xRCRtX14L8Fj8z+6xi9f9z2ACbN8OGBv65j3mY6I/ynsGnnH/yyr6O/sdo6MBn8bArxZpo6gSLMqGqxHkz/0D2xVT+8fe8fU/</diagram></mxfile>"><defs/><g><rect x="0" y="92" width="450" height="462.5" fill="#647687" stroke="#314354" pointer-events="all"/><path d="M 135 315 L 306.76 315" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 312.76 315 L 304.76 319 L 306.76 315 L 304.76 311 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="5" y="270" width="120" height="90" fill="#6d8764" stroke="#3a5431" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 315px; margin-left: 6px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #ffffff; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Handshake Module</div></div></div></foreignObject><text x="65" y="319" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Handshake Module</text></switch></g><rect x="325" y="270" width="120" height="90" fill="#6d8764" stroke="#3a5431" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 315px; margin-left: 326px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #ffffff; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Router Module</div></div></div></foreignObject><text x="385" y="319" fill="#ffffff" font-family="Helvetica" font-size="12px" text-anchor="middle">Router Module</text></switch></g><rect x="165" y="440" width="120" height="80" fill="#d5e8d4" stroke="#82b366" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 480px; margin-left: 166px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Timers</div></div></div></foreignObject><text x="225" y="484" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Timers</text></switch></g><rect x="180" y="290" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 300px; margin-left: 181px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Key Material</div></div></div></foreignObject><text x="225" y="304" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Key Material</text></switch></g><path d="M 195 430 L 140.82 375.82" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 136.58 371.58 L 145.07 374.41 L 140.82 375.82 L 139.41 380.07 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="70" y="400" width="85" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 83px; height: 1px; padding-top: 410px; margin-left: 71px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Request New Handshake</div></div></div></foreignObject><text x="113" y="414" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Request New Ha...</text></switch></g><path d="M 315 370 L 260.82 424.18" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 256.58 428.42 L 259.41 419.93 L 260.82 424.18 L 265.07 425.59 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="277.5" y="400" width="100" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 98px; height: 1px; padding-top: 410px; margin-left: 279px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Send / Recv Events</div></div></div></foreignObject><text x="328" y="414" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Send / Recv Even...</text></switch></g><rect x="0" y="530" width="130" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 128px; height: 1px; padding-top: 540px; margin-left: 1px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; "><font color="#FFFFFF">WireGuard Module</font></div></div></div></foreignObject><text x="65" y="544" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">WireGuard Module</text></switch></g><rect x="165" y="120" width="120" height="80" fill="#d5e8d4" stroke="#82b366" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 160px; margin-left: 166px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Packet Demultiplexer</div></div></div></foreignObject><text x="225" y="164" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Packet Demultiplexer</text></switch></g><path d="M 195 210 L 136.53 254.98" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 131.77 258.64 L 135.67 250.59 L 136.53 254.98 L 140.55 256.93 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><path d="M 255 210 L 308.67 254.73" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 313.28 258.57 L 304.58 256.52 L 308.67 254.73 L 309.7 250.37 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="80" y="210" width="85" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 83px; height: 1px; padding-top: 220px; margin-left: 81px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Hanshake Messages</div></div></div></foreignObject><text x="123" y="224" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Hanshake Messa...</text></switch></g><rect x="285" y="210" width="85" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 83px; height: 1px; padding-top: 220px; margin-left: 286px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Transport Messages</div></div></div></foreignObject><text x="328" y="224" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Transport Mess...</text></switch></g><path d="M 225 50 L 225 101.76" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 225 107.76 L 221 99.76 L 225 101.76 L 229 99.76 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><path d="M 370 370 L 370 581.76" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 370 587.76 L 366 579.76 L 370 581.76 L 374 579.76 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="325" y="600" width="120" height="40" rx="6" ry="6" fill="#b1ddf0" stroke="#10739e" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 620px; margin-left: 326px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">TUN Device</div></div></div></foreignObject><text x="385" y="624" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">TUN Device</text></switch></g><rect x="165" y="0" width="120" height="40" rx="6" ry="6" fill="#f8cecc" stroke="#b85450" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 20px; margin-left: 166px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Internet</div></div></div></foreignObject><text x="225" y="24" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Internet</text></switch></g><rect x="210" y="60" width="110" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 108px; height: 1px; padding-top: 70px; margin-left: 211px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Read UDP Datagram</div></div></div></foreignObject><text x="265" y="74" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Read UDP Datagram</text></switch></g><rect x="292.5" y="570" width="70" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 580px; margin-left: 294px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Write IP Packet</div></div></div></foreignObject><text x="328" y="584" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Write IP Pa...</text></switch></g><path d="M 384.66 260 L 384.99 58.24" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 385 52.24 L 388.98 60.24 L 384.99 58.24 L 380.98 60.23 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><path d="M 64.66 260 L 64.99 58.24" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 65 52.24 L 68.98 60.24 L 64.99 58.24 L 60.98 60.23 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="5" y="0" width="120" height="40" rx="6" ry="6" fill="#f8cecc" stroke="#b85450" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 20px; margin-left: 6px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Internet</div></div></div></foreignObject><text x="65" y="24" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Internet</text></switch></g><rect x="325" y="0" width="120" height="40" rx="6" ry="6" fill="#f8cecc" stroke="#b85450" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 118px; height: 1px; padding-top: 20px; margin-left: 326px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Internet</div></div></div></foreignObject><text x="385" y="24" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Internet</text></switch></g><rect x="390" y="60" width="70" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 70px; margin-left: 391px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Write UDP Datagram</div></div></div></foreignObject><text x="425" y="74" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Write UDP D...</text></switch></g><rect x="70" y="60" width="70" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 70px; margin-left: 71px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Write UDP Datagram</div></div></div></foreignObject><text x="105" y="74" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Write UDP D...</text></switch></g><path d="M 400 590 L 400 378.24" fill="none" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 400 372.24 L 404 380.24 L 400 378.24 L 396 380.24 Z" fill="#000000" stroke="#000000" stroke-width="2" stroke-miterlimit="10" pointer-events="all"/><rect x="400" y="570" width="70" height="20" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 68px; height: 1px; padding-top: 580px; margin-left: 401px;"><div style="box-sizing: border-box; font-size: 0; text-align: center; "><div style="display: inline-block; font-size: 12px; font-family: sans serif,serif,monospace,auto; color: #000000; line-height: 1.2; pointer-events: all; white-space: normal; word-wrap: normal; ">Read IP Packet</div></div></div></foreignObject><text x="435" y="584" fill="#000000" font-family="Helvetica" font-size="12px" text-anchor="middle">Read IP Pac...</text></switch></g></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://desk.draw.io/support/solutions/articles/16000042487" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Viewer does not support full SVG 1.1</text></a></switch></svg>
\ No newline at end of file diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs index 7c90f22..1a12abb 100644 --- a/src/wireguard/router/device.rs +++ b/src/wireguard/router/device.rs @@ -26,31 +26,29 @@ use super::ParallelQueue; pub struct DeviceInner<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { // inbound writer (TUN) - pub inbound: T, + pub(super) inbound: T, // outbound writer (Bind) - pub outbound: RwLock<(bool, Option<B>)>, + pub(super) outbound: RwLock<(bool, Option<B>)>, // routing - pub recv: RwLock<HashMap<u32, Arc<DecryptionState<E, C, T, B>>>>, // receiver id -> decryption state - pub table: RoutingTable<Peer<E, C, T, B>>, + pub(super) recv: RwLock<HashMap<u32, Arc<DecryptionState<E, C, T, B>>>>, // receiver id -> decryption state + pub(super) table: RoutingTable<Peer<E, C, T, B>>, // work queue - pub work: ParallelQueue<JobUnion<E, C, T, B>>, + pub(super) work: ParallelQueue<JobUnion<E, C, T, B>>, } pub struct EncryptionState { - pub keypair: Arc<KeyPair>, // keypair - pub nonce: u64, // next available nonce - pub death: Instant, // (birth + reject-after-time - keepalive-timeout - rekey-timeout) + pub(super) keypair: Arc<KeyPair>, // keypair + pub(super) nonce: u64, // next available nonce } pub struct DecryptionState<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { - pub keypair: Arc<KeyPair>, - pub confirmed: AtomicBool, - pub protector: Mutex<AntiReplay>, - pub peer: Peer<E, C, T, B>, - pub death: Instant, // time when the key can no longer be used for decryption + pub(super) keypair: Arc<KeyPair>, + pub(super) confirmed: AtomicBool, + pub(super) protector: Mutex<AntiReplay>, + pub(super) peer: Peer<E, C, T, B>, } pub struct Device<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { diff --git a/src/wireguard/router/peer.rs b/src/wireguard/router/peer.rs index 8248a55..d960da0 100644 --- a/src/wireguard/router/peer.rs +++ b/src/wireguard/router/peer.rs @@ -37,16 +37,22 @@ pub struct KeyWheel { } pub struct PeerInner<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { - pub device: Device<E, C, T, B>, - pub opaque: C::Opaque, - pub outbound: Queue<SendJob<E, C, T, B>>, - pub inbound: Queue<ReceiveJob<E, C, T, B>>, - pub staged_packets: Mutex<ArrayDeque<[Vec<u8>; MAX_QUEUED_PACKETS], Wrapping>>, - pub keys: Mutex<KeyWheel>, - pub enc_key: Mutex<Option<EncryptionState>>, - pub endpoint: Mutex<Option<E>>, + pub(super) device: Device<E, C, T, B>, + pub(super) opaque: C::Opaque, + pub(super) outbound: Queue<SendJob<E, C, T, B>>, + pub(super) inbound: Queue<ReceiveJob<E, C, T, B>>, + pub(super) staged_packets: Mutex<ArrayDeque<[Vec<u8>; MAX_QUEUED_PACKETS], Wrapping>>, + pub(super) keys: Mutex<KeyWheel>, + pub(super) enc_key: Mutex<Option<EncryptionState>>, + pub(super) endpoint: Mutex<Option<E>>, } +/// A Peer dereferences to its opaque type: +/// This allows the router code to take ownership of the opaque type +/// used for callback events, while still enabling the rest of the code to access the opaque type +/// (which might expose other functionality in their scope) from a Peer pointer. +/// +/// e.g. it can take ownership of the timer state of a peer. impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref for PeerInner<E, C, T, B> { type Target = C::Opaque; @@ -55,10 +61,20 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref for Pee } } +/// A Peer represents a reference to the router state associated with a peer pub struct Peer<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { inner: Arc<PeerInner<E, C, T, B>>, } +/// A PeerHandle is a specially designated reference to the peer +/// which removes the peer from the device when dropped. +/// +/// A PeerHandle cannot be cloned (unlike the wrapped type). +/// A PeerHandle dereferences to a Peer (meaning you can use it like a Peer struct) +pub struct PeerHandle<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { + peer: Peer<E, C, T, B>, +} + impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone for Peer<E, C, T, B> { fn clone(&self) -> Self { Peer { @@ -67,7 +83,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone for Pee } } -/* Equality of peers is defined as pointer equality +/* Equality of peers is defined as pointer equality of * the atomic reference counted pointer. */ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> PartialEq for Peer<E, C, T, B> { @@ -89,25 +105,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref for Pee } } -/* A peer handle is a specially designated peer pointer - * which removes the peer from the device when dropped. - */ -pub struct PeerHandle<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> { - peer: Peer<E, C, T, B>, -} - -/* -impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone - for PeerHandle<E, C, T, B> -{ - fn clone(&self) -> Self { - PeerHandle { - peer: self.peer.clone(), - } - } -} -*/ - impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref for PeerHandle<E, C, T, B> { @@ -130,7 +127,6 @@ impl EncryptionState { EncryptionState { nonce: 0, keypair: keypair.clone(), - death: keypair.birth + REJECT_AFTER_TIME, } } } @@ -141,7 +137,6 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DecryptionSta confirmed: AtomicBool::new(keypair.initiator), keypair: keypair.clone(), protector: spin::Mutex::new(AntiReplay::new()), - death: keypair.birth + REJECT_AFTER_TIME, peer, } } |
