diff options
Diffstat (limited to 'src/handshake')
-rw-r--r-- | src/handshake/macs.rs | 13 | ||||
-rw-r--r-- | src/handshake/peer.rs | 7 | ||||
-rw-r--r-- | src/handshake/ratelimiter.rs | 10 |
3 files changed, 10 insertions, 20 deletions
diff --git a/src/handshake/macs.rs b/src/handshake/macs.rs index 516b9dc..689826b 100644 --- a/src/handshake/macs.rs +++ b/src/handshake/macs.rs @@ -1,5 +1,4 @@ use generic_array::GenericArray; -use lazy_static::lazy_static; use rand::{CryptoRng, RngCore}; use spin::RwLock; use std::time::{Duration, Instant}; @@ -27,9 +26,7 @@ const SIZE_SECRET: usize = 32; const SIZE_MAC: usize = 16; // blake2s-mac128 const SIZE_TAG: usize = 16; // xchacha20poly1305 tag -lazy_static! { - pub static ref COOKIE_UPDATE_INTERVAL: Duration = Duration::new(120, 0); -} +const COOKIE_UPDATE_INTERVAL: Duration = Duration::from_secs(120); macro_rules! HASH { ( $($input:expr),* ) => {{ @@ -168,7 +165,7 @@ impl Generator { macs.f_mac1 = MAC!(&self.mac1_key, inner); macs.f_mac2 = match &self.cookie { Some(cookie) => { - if cookie.birth.elapsed() > *COOKIE_UPDATE_INTERVAL { + if cookie.birth.elapsed() > COOKIE_UPDATE_INTERVAL { self.cookie = None; [0u8; SIZE_MAC] } else { @@ -206,7 +203,7 @@ impl Validator { fn get_tau(&self, src: &[u8]) -> Option<[u8; SIZE_COOKIE]> { let secret = self.secret.read(); - if secret.birth.elapsed() < *COOKIE_UPDATE_INTERVAL { + if secret.birth.elapsed() < COOKIE_UPDATE_INTERVAL { Some(MAC!(&secret.value, src)) } else { None @@ -217,7 +214,7 @@ impl Validator { // check if current value is still valid { let secret = self.secret.read(); - if secret.birth.elapsed() < *COOKIE_UPDATE_INTERVAL { + if secret.birth.elapsed() < COOKIE_UPDATE_INTERVAL { return MAC!(&secret.value, src); }; } @@ -225,7 +222,7 @@ impl Validator { // take write lock, check again { let mut secret = self.secret.write(); - if secret.birth.elapsed() < *COOKIE_UPDATE_INTERVAL { + if secret.birth.elapsed() < COOKIE_UPDATE_INTERVAL { return MAC!(&secret.value, src); }; diff --git a/src/handshake/peer.rs b/src/handshake/peer.rs index 6a85cee..c9e1c40 100644 --- a/src/handshake/peer.rs +++ b/src/handshake/peer.rs @@ -1,4 +1,3 @@ -use lazy_static::lazy_static; use spin::Mutex; use std::mem; @@ -18,9 +17,7 @@ use super::macs; use super::timestamp; use super::types::*; -lazy_static! { - pub static ref TIME_BETWEEN_INITIATIONS: Duration = Duration::from_millis(20); -} +const TIME_BETWEEN_INITIATIONS: Duration = Duration::from_millis(20); /* Represents the recomputation and state of a peer. * @@ -123,7 +120,7 @@ impl Peer { // check flood attack match *last_initiation_consumption { Some(last) => { - if last.elapsed() < *TIME_BETWEEN_INITIATIONS { + if last.elapsed() < TIME_BETWEEN_INITIATIONS { return Err(HandshakeError::InitiationFlood); } } diff --git a/src/handshake/ratelimiter.rs b/src/handshake/ratelimiter.rs index 6568b32..63d728c 100644 --- a/src/handshake/ratelimiter.rs +++ b/src/handshake/ratelimiter.rs @@ -6,16 +6,12 @@ use std::sync::{Arc, Condvar, Mutex}; use std::thread; use std::time::{Duration, Instant}; -use lazy_static::lazy_static; - const PACKETS_PER_SECOND: u64 = 20; const PACKETS_BURSTABLE: u64 = 5; const PACKET_COST: u64 = 1_000_000_000 / PACKETS_PER_SECOND; const MAX_TOKENS: u64 = PACKET_COST * PACKETS_BURSTABLE; -lazy_static! { - pub static ref GC_INTERVAL: Duration = Duration::new(1, 0); -} +const GC_INTERVAL: Duration = Duration::from_secs(1); struct Entry { pub last_time: Instant, @@ -93,7 +89,7 @@ impl RateLimiter { { let mut tw = limiter.table.write(); tw.retain(|_, ref mut entry| { - entry.lock().last_time.elapsed() <= *GC_INTERVAL + entry.lock().last_time.elapsed() <= GC_INTERVAL }); if tw.len() == 0 { limiter.gc_running.store(false, Ordering::Relaxed); @@ -102,7 +98,7 @@ impl RateLimiter { } // wait until stopped or new GC (~1 every sec) - let res = cvar.wait_timeout(dropped, *GC_INTERVAL).unwrap(); + let res = cvar.wait_timeout(dropped, GC_INTERVAL).unwrap(); dropped = res.0; } }); |