aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/configuration/config.rs97
-rw-r--r--src/main.rs16
-rw-r--r--src/platform/linux/udp.rs237
-rw-r--r--src/platform/udp.rs2
-rw-r--r--src/wireguard/handshake/device.rs37
-rw-r--r--src/wireguard/handshake/tests.rs2
-rw-r--r--src/wireguard/router/device.rs13
-rw-r--r--src/wireguard/router/tests.rs2
-rw-r--r--src/wireguard/wireguard.rs10
-rw-r--r--src/wireguard/workers.rs17
10 files changed, 240 insertions, 193 deletions
diff --git a/src/configuration/config.rs b/src/configuration/config.rs
index 59cef4a..3f3c2c5 100644
--- a/src/configuration/config.rs
+++ b/src/configuration/config.rs
@@ -62,14 +62,10 @@ impl<T: tun::Tun, B: udp::PlatformUDP> Clone for WireGuardConfig<T, B> {
/// Exposed configuration interface
pub trait Configuration {
- fn up(&self, mtu: usize);
+ fn up(&self, mtu: usize) -> Result<(), ConfigError>;
fn down(&self);
- fn start_listener(&self) -> Result<(), ConfigError>;
-
- fn stop_listener(&self) -> Result<(), ConfigError>;
-
/// Updates the private key of the device
///
/// # Arguments
@@ -196,13 +192,48 @@ pub trait Configuration {
fn get_fwmark(&self) -> Option<u32>;
}
+fn start_listener<T: tun::Tun, B: udp::PlatformUDP>(
+ mut cfg: MutexGuard<Inner<T, B>>,
+) -> Result<(), ConfigError> {
+ cfg.bind = None;
+
+ // create new listener
+ let (mut readers, writer, mut owner) = match B::bind(cfg.port) {
+ Ok(r) => r,
+ Err(_) => {
+ return Err(ConfigError::FailedToBind);
+ }
+ };
+
+ // set fwmark
+ let _ = owner.set_fwmark(cfg.fwmark); // TODO: handle
+
+ // set writer on WireGuard
+ cfg.wireguard.set_writer(writer);
+
+ // add readers
+ while let Some(reader) = readers.pop() {
+ cfg.wireguard.add_udp_reader(reader);
+ }
+
+ // create new UDP state
+ cfg.bind = Some(owner);
+ Ok(())
+}
+
impl<T: tun::Tun, B: udp::PlatformUDP> Configuration for WireGuardConfig<T, B> {
- fn up(&self, mtu: usize) {
- self.lock().wireguard.up(mtu);
+ fn up(&self, mtu: usize) -> Result<(), ConfigError> {
+ log::info!("configuration, set device up");
+ let cfg = self.lock();
+ cfg.wireguard.up(mtu);
+ start_listener(cfg)
}
fn down(&self) {
- self.lock().wireguard.down();
+ log::info!("configuration, set device down");
+ let mut cfg = self.lock();
+ cfg.wireguard.down();
+ cfg.bind = None;
}
fn get_fwmark(&self) -> Option<u32> {
@@ -210,6 +241,7 @@ impl<T: tun::Tun, B: udp::PlatformUDP> Configuration for WireGuardConfig<T, B> {
}
fn set_private_key(&self, sk: Option<StaticSecret>) {
+ log::info!("configuration, set private key");
self.lock().wireguard.set_key(sk)
}
@@ -227,62 +259,23 @@ impl<T: tun::Tun, B: udp::PlatformUDP> Configuration for WireGuardConfig<T, B> {
st.bind.as_ref().map(|bind| bind.get_port())
}
- fn stop_listener(&self) -> Result<(), ConfigError> {
- self.lock().bind = None;
- Ok(())
- }
-
- fn start_listener(&self) -> Result<(), ConfigError> {
- let mut cfg = self.lock();
-
- // check if already listening
- if cfg.bind.is_some() {
- return Ok(());
- }
-
- // create new listener
- let (mut readers, writer, mut owner) = match B::bind(cfg.port) {
- Ok(r) => r,
- Err(_) => {
- return Err(ConfigError::FailedToBind);
- }
- };
-
- // set fwmark
- let _ = owner.set_fwmark(cfg.fwmark); // TODO: handle
-
- // set writer on wireguard
- cfg.wireguard.set_writer(writer);
-
- // add readers
- while let Some(reader) = readers.pop() {
- cfg.wireguard.add_udp_reader(reader);
- }
-
- // create new UDP state
- cfg.bind = Some(owner);
- Ok(())
- }
-
fn set_listen_port(&self, port: u16) -> Result<(), ConfigError> {
log::trace!("Config, Set listen port: {:?}", port);
// update port and take old bind
- let old: Option<B::Owner> = {
- let mut cfg = self.lock();
+ let mut cfg = self.lock();
+ let bound: bool = {
let old = mem::replace(&mut cfg.bind, None);
cfg.port = port;
- old
+ old.is_some()
};
// restart listener if bound
- if old.is_some() {
- self.start_listener()
+ if bound {
+ start_listener(cfg)
} else {
Ok(())
}
-
- // old bind is dropped, causing the file-descriptors to be released
}
fn set_fwmark(&self, mark: Option<u32>) -> Result<(), ConfigError> {
diff --git a/src/main.rs b/src/main.rs
index a8e4ad2..d8e4667 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -145,25 +145,11 @@ fn main() {
}
Ok(tun::TunEvent::Up(mtu)) => {
log::info!("Tun up (mtu = {})", mtu);
-
- // bring the wireguard device up
- cfg.up(mtu);
-
- // start listening on UDP
- let _ = cfg
- .start_listener()
- .map_err(|e| log::info!("Failed to start UDP listener: {}", e));
+ let _ = cfg.up(mtu); // TODO: handle
}
Ok(tun::TunEvent::Down) => {
log::info!("Tun down");
-
- // set wireguard device down
cfg.down();
-
- // close UDP listener
- let _ = cfg
- .stop_listener()
- .map_err(|e| log::info!("Failed to stop UDP listener {}", e));
}
}
});
diff --git a/src/platform/linux/udp.rs b/src/platform/linux/udp.rs
index 9815ab1..2d77df5 100644
--- a/src/platform/linux/udp.rs
+++ b/src/platform/linux/udp.rs
@@ -9,14 +9,17 @@ use std::mem;
use std::net::{SocketAddr, SocketAddrV4, SocketAddrV6};
use std::os::unix::io::RawFd;
use std::ptr;
+use std::sync::Arc;
-fn errno() -> libc::c_int {
- unsafe {
- let ptr = libc::__errno_location();
- if ptr.is_null() {
- 0
- } else {
- *ptr
+pub struct FD(RawFd);
+
+impl Drop for FD {
+ fn drop(&mut self) {
+ if self.0 != -1 {
+ log::debug!("linux udp, release fd (fd = {})", self.0);
+ unsafe {
+ libc::close(self.0);
+ };
}
}
}
@@ -47,19 +50,19 @@ pub struct LinuxUDP();
pub struct LinuxOwner {
port: u16,
- sock4: Option<RawFd>,
- sock6: Option<RawFd>,
+ sock4: Option<Arc<FD>>,
+ sock6: Option<Arc<FD>>,
}
pub enum LinuxUDPReader {
- V4(RawFd),
- V6(RawFd),
+ V4(Arc<FD>),
+ V6(Arc<FD>),
}
#[derive(Clone)]
pub struct LinuxUDPWriter {
- sock4: RawFd,
- sock6: RawFd,
+ sock4: Arc<FD>,
+ sock6: Arc<FD>,
}
pub enum LinuxEndpoint {
@@ -67,6 +70,67 @@ pub enum LinuxEndpoint {
V6(EndpointV6),
}
+fn errno() -> libc::c_int {
+ unsafe {
+ let ptr = libc::__errno_location();
+ if ptr.is_null() {
+ 0
+ } else {
+ *ptr
+ }
+ }
+}
+
+fn setsockopt<V: Sized>(
+ fd: RawFd,
+ level: libc::c_int,
+ name: libc::c_int,
+ value: &V,
+) -> Result<(), io::Error> {
+ let res = unsafe {
+ libc::setsockopt(
+ fd,
+ level,
+ name,
+ mem::transmute(value),
+ mem::size_of_val(value).try_into().unwrap(),
+ )
+ };
+ if res == 0 {
+ Ok(())
+ } else {
+ Err(io::Error::new(
+ io::ErrorKind::Other,
+ format!("Failed to set sockopt (res = {}, errno = {})", res, errno()),
+ ))
+ }
+}
+
+#[inline(always)]
+fn setsockopt_int(
+ fd: RawFd,
+ level: libc::c_int,
+ name: libc::c_int,
+ value: libc::c_int,
+) -> Result<(), io::Error> {
+ setsockopt(fd, level, name, &value)
+}
+
+#[allow(non_snake_case)]
+const fn CMSG_ALIGN(len: usize) -> usize {
+ (((len) + mem::size_of::<u32>() - 1) & !(mem::size_of::<u32>() - 1))
+}
+
+#[allow(non_snake_case)]
+const fn CMSG_LEN(len: usize) -> usize {
+ CMSG_ALIGN(len + mem::size_of::<libc::cmsghdr>())
+}
+
+#[inline(always)]
+fn safe_cast<T, D>(v: &mut T) -> *mut D {
+ (v as *mut T) as *mut D
+}
+
impl Endpoint for LinuxEndpoint {
fn clear_src(&mut self) {
match self {
@@ -134,56 +198,6 @@ impl Endpoint for LinuxEndpoint {
}
}
-fn setsockopt<V: Sized>(
- fd: RawFd,
- level: libc::c_int,
- name: libc::c_int,
- value: &V,
-) -> Result<(), io::Error> {
- let res = unsafe {
- libc::setsockopt(
- fd,
- level,
- name,
- mem::transmute(value),
- mem::size_of_val(value).try_into().unwrap(),
- )
- };
- if res == 0 {
- Ok(())
- } else {
- Err(io::Error::new(
- io::ErrorKind::Other,
- format!("Failed to set sockopt (res = {}, errno = {})", res, errno()),
- ))
- }
-}
-
-#[inline(always)]
-fn setsockopt_int(
- fd: RawFd,
- level: libc::c_int,
- name: libc::c_int,
- value: libc::c_int,
-) -> Result<(), io::Error> {
- setsockopt(fd, level, name, &value)
-}
-
-#[allow(non_snake_case)]
-const fn CMSG_ALIGN(len: usize) -> usize {
- (((len) + mem::size_of::<u32>() - 1) & !(mem::size_of::<u32>() - 1))
-}
-
-#[allow(non_snake_case)]
-const fn CMSG_LEN(len: usize) -> usize {
- CMSG_ALIGN(len + mem::size_of::<libc::cmsghdr>())
-}
-
-#[inline(always)]
-fn safe_cast<T, D>(v: &mut T) -> *mut D {
- (v as *mut T) as *mut D
-}
-
impl LinuxUDPReader {
fn read6(fd: RawFd, buf: &mut [u8]) -> Result<(usize, LinuxEndpoint), io::Error> {
log::trace!(
@@ -192,6 +206,8 @@ impl LinuxUDPReader {
buf.len()
);
+ debug_assert!(buf.len() > 0, "reading into empty buffer (will fail)");
+
let mut iovs: [libc::iovec; 1] = [libc::iovec {
iov_base: buf.as_mut_ptr() as *mut core::ffi::c_void,
iov_len: buf.len(),
@@ -215,10 +231,16 @@ impl LinuxUDPReader {
let len = unsafe { libc::recvmsg(fd, &mut hdr as *mut libc::msghdr, 0) };
- if len < 0 {
+ if len <= 0 {
+ // TODO: FIX!
return Err(io::Error::new(
io::ErrorKind::NotConnected,
- "failed to receive",
+ format!(
+ "Failed to receive (len = {}, fd = {}, errno = {})",
+ len,
+ fd,
+ errno()
+ ),
));
}
@@ -238,6 +260,8 @@ impl LinuxUDPReader {
buf.len()
);
+ debug_assert!(buf.len() > 0, "reading into empty buffer (will fail)");
+
let mut iovs: [libc::iovec; 1] = [libc::iovec {
iov_base: buf.as_mut_ptr() as *mut core::ffi::c_void,
iov_len: buf.len(),
@@ -261,10 +285,15 @@ impl LinuxUDPReader {
let len = unsafe { libc::recvmsg(fd, &mut hdr as *mut libc::msghdr, 0) };
- if len < 0 {
+ if len <= 0 {
return Err(io::Error::new(
io::ErrorKind::NotConnected,
- "failed to receive",
+ format!(
+ "failed to receive (len = {}, fd = {}, errno = {})",
+ len,
+ fd,
+ errno()
+ ),
));
}
@@ -283,8 +312,8 @@ impl Reader<LinuxEndpoint> for LinuxUDPReader {
fn read(&self, buf: &mut [u8]) -> Result<(usize, LinuxEndpoint), Self::Error> {
match self {
- Self::V4(fd) => Self::read4(*fd, buf),
- Self::V6(fd) => Self::read6(*fd, buf),
+ Self::V4(fd) => Self::read4(fd.0, buf),
+ Self::V6(fd) => Self::read6(fd.0, buf),
}
}
}
@@ -426,8 +455,8 @@ impl Writer<LinuxEndpoint> for LinuxUDPWriter {
fn write(&self, buf: &[u8], dst: &mut LinuxEndpoint) -> Result<(), Self::Error> {
match dst {
- LinuxEndpoint::V4(ref mut end) => Self::write4(self.sock4, buf, end),
- LinuxEndpoint::V6(ref mut end) => Self::write6(self.sock6, buf, end),
+ LinuxEndpoint::V4(ref mut end) => Self::write4(self.sock4.0, buf, end),
+ LinuxEndpoint::V6(ref mut end) => Self::write6(self.sock6.0, buf, end),
}
}
}
@@ -448,21 +477,21 @@ impl Owner for LinuxOwner {
}
}
let value = value.unwrap_or(0);
- set_mark(self.sock6, value)?;
- set_mark(self.sock4, value)
+ set_mark(self.sock6.as_ref().map(|fd| fd.0), value)?;
+ set_mark(self.sock4.as_ref().map(|fd| fd.0), value)
}
}
impl Drop for LinuxOwner {
fn drop(&mut self) {
- log::trace!("closing the bind (port {})", self.port);
- self.sock4.map(|fd| unsafe {
- libc::shutdown(fd, libc::SHUT_RDWR);
- libc::close(fd)
+ log::debug!("closing the bind (port = {})", self.port);
+ self.sock4.as_ref().map(|fd| unsafe {
+ log::debug!("shutdown IPv4 (fd = {})", fd.0);
+ libc::shutdown(fd.0, libc::SHUT_RDWR);
});
- self.sock6.map(|fd| unsafe {
- libc::shutdown(fd, libc::SHUT_RDWR);
- libc::close(fd)
+ self.sock6.as_ref().map(|fd| unsafe {
+ log::debug!("shutdown IPv6 (fd = {})", fd.0);
+ libc::shutdown(fd.0, libc::SHUT_RDWR);
});
}
}
@@ -491,7 +520,7 @@ impl LinuxUDP {
// create socket fd
let fd: RawFd = unsafe { libc::socket(libc::AF_INET6, libc::SOCK_DGRAM, 0) };
if fd < 0 {
- log::debug!("failed to create IPv6 socket");
+ log::debug!("failed to create IPv6 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -502,11 +531,13 @@ impl LinuxUDP {
setsockopt_int(fd, libc::IPPROTO_IPV6, libc::IPV6_RECVPKTINFO, 1)?;
setsockopt_int(fd, libc::IPPROTO_IPV6, libc::IPV6_V6ONLY, 1)?;
+ const INADDR_ANY: libc::in6_addr = libc::in6_addr { s6_addr: [0; 16] };
+
// bind
let mut sockaddr = libc::sockaddr_in6 {
- sin6_addr: libc::in6_addr { s6_addr: [0; 16] },
+ sin6_addr: INADDR_ANY,
sin6_family: libc::AF_INET6 as libc::sa_family_t,
- sin6_port: port.to_be(), // convert to network (big-endian) byteorder
+ sin6_port: port.to_be(), // convert to network (big-endian) byte-order
sin6_scope_id: 0,
sin6_flowinfo: 0,
};
@@ -514,13 +545,12 @@ impl LinuxUDP {
let err = unsafe {
libc::bind(
fd,
- mem::transmute(&sockaddr as *const libc::sockaddr_in6),
+ safe_cast(&mut sockaddr),
mem::size_of_val(&sockaddr).try_into().unwrap(),
)
};
-
if err != 0 {
- log::debug!("failed to bind IPv6 socket");
+ log::debug!("failed to bind IPv6 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -532,12 +562,12 @@ impl LinuxUDP {
let err = unsafe {
libc::getsockname(
fd,
- mem::transmute(&mut sockaddr as *mut libc::sockaddr_in6),
+ safe_cast(&mut sockaddr),
&mut socklen as *mut libc::socklen_t,
)
};
if err != 0 {
- log::debug!("failed to get port of IPv6 socket");
+ log::debug!("failed to get port of IPv6 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -569,7 +599,7 @@ impl LinuxUDP {
// create socket fd
let fd: RawFd = unsafe { libc::socket(libc::AF_INET, libc::SOCK_DGRAM, 0) };
if fd < 0 {
- log::trace!("failed to create IPv4 socket (errno = {})", errno());
+ log::debug!("failed to create IPv4 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -592,13 +622,12 @@ impl LinuxUDP {
let err = unsafe {
libc::bind(
fd,
- mem::transmute(&sockaddr as *const libc::sockaddr_in),
+ safe_cast(&mut sockaddr),
mem::size_of_val(&sockaddr).try_into().unwrap(),
)
};
-
if err != 0 {
- log::trace!("failed to bind IPv4 socket (errno = {})", errno());
+ log::debug!("failed to bind IPv4 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -610,12 +639,12 @@ impl LinuxUDP {
let err = unsafe {
libc::getsockname(
fd,
- mem::transmute(&mut sockaddr as *mut libc::sockaddr_in),
+ safe_cast(&mut sockaddr),
&mut socklen as *mut libc::socklen_t,
)
};
if err != 0 {
- log::trace!("failed to get port of IPv4 socket (errno = {})", errno());
+ log::debug!("failed to get port of IPv4 socket (errno = {})", errno());
return Err(io::Error::new(
io::ErrorKind::Other,
"failed to create socket",
@@ -656,26 +685,30 @@ impl PlatformUDP for LinuxUDP {
return Err(bind6.unwrap_err());
}
- let sock6 = bind6.ok().map(|(_, fd)| fd);
- let sock4 = bind4.ok().map(|(_, fd)| fd);
+ let sock6 = bind6.ok().map(|(_, fd)| Arc::new(FD(fd)));
+ let sock4 = bind4.ok().map(|(_, fd)| Arc::new(FD(fd)));
// create owner
let owner = LinuxOwner {
port,
- sock6: sock6,
- sock4: sock4,
+ sock6: sock6.clone(),
+ sock4: sock4.clone(),
};
// create readers
let mut readers: Vec<Self::Reader> = Vec::with_capacity(2);
- sock6.map(|sock| readers.push(LinuxUDPReader::V6(sock)));
- sock4.map(|sock| readers.push(LinuxUDPReader::V4(sock)));
+ sock6
+ .clone()
+ .map(|sock| readers.push(LinuxUDPReader::V6(sock)));
+ sock4
+ .clone()
+ .map(|sock| readers.push(LinuxUDPReader::V4(sock)));
debug_assert!(readers.len() > 0);
// create writer
let writer = LinuxUDPWriter {
- sock4: sock4.unwrap_or(-1),
- sock6: sock6.unwrap_or(-1),
+ sock4: sock4.unwrap_or(Arc::new(FD(-1))),
+ sock6: sock6.unwrap_or(Arc::new(FD(-1))),
};
Ok((readers, writer, owner))
diff --git a/src/platform/udp.rs b/src/platform/udp.rs
index e1180fb..4098b10 100644
--- a/src/platform/udp.rs
+++ b/src/platform/udp.rs
@@ -7,7 +7,7 @@ pub trait Reader<E: Endpoint>: Send + Sync {
fn read(&self, buf: &mut [u8]) -> Result<(usize, E), Self::Error>;
}
-pub trait Writer<E: Endpoint>: Send + Sync + Clone + 'static {
+pub trait Writer<E: Endpoint>: Send + Sync + 'static {
type Error: Error;
fn write(&self, buf: &[u8], dst: &mut E) -> Result<(), Self::Error>;
diff --git a/src/wireguard/handshake/device.rs b/src/wireguard/handshake/device.rs
index 4b5d8f6..91f2b80 100644
--- a/src/wireguard/handshake/device.rs
+++ b/src/wireguard/handshake/device.rs
@@ -193,6 +193,7 @@ impl<O> Device<O> {
opaque,
),
);
+
Ok(())
}
@@ -474,3 +475,39 @@ impl<O> Device<O> {
}
}
}
+
+#[cfg(test)]
+mod tests {
+ use super::*;
+ use proptest::prelude::*;
+ use std::collections::HashSet;
+
+ proptest! {
+ #[test]
+ fn unique_shared_secrets(sk_bs: [u8; 32], pk1_bs: [u8; 32], pk2_bs: [u8; 32]) {
+ let sk = StaticSecret::from(sk_bs);
+ let pk1 = PublicKey::from(pk1_bs);
+ let pk2 = PublicKey::from(pk2_bs);
+
+ assert_eq!(pk1.as_bytes(), &pk1_bs);
+ assert_eq!(pk2.as_bytes(), &pk2_bs);
+
+ let mut dev : Device<u32> = Device::new();
+ dev.set_sk(Some(sk));
+
+ dev.add(pk1, 1).unwrap();
+ if dev.add(pk2, 0).is_err() {
+ assert_eq!(pk1_bs, pk2_bs);
+ assert_eq!(*dev.get(&pk1).unwrap(), 1);
+ }
+
+
+ // every shared secret is unique
+ let mut ss: HashSet<[u8; 32]> = HashSet::new();
+ for peer in dev.pk_map.values() {
+ ss.insert(peer.ss);
+ }
+ assert_eq!(ss.len(), dev.len());
+ }
+ }
+}
diff --git a/src/wireguard/handshake/tests.rs b/src/wireguard/handshake/tests.rs
index bfdc5ab..fca8751 100644
--- a/src/wireguard/handshake/tests.rs
+++ b/src/wireguard/handshake/tests.rs
@@ -5,7 +5,7 @@ use std::net::SocketAddr;
use std::thread;
use std::time::Duration;
-use rand::prelude::*;
+use rand::prelude::{CryptoRng, RngCore};
use x25519_dalek::PublicKey;
use x25519_dalek::StaticSecret;
diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs
index 6c59491..96b7d82 100644
--- a/src/wireguard/router/device.rs
+++ b/src/wireguard/router/device.rs
@@ -311,4 +311,17 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> DeviceHandle<
pub fn set_outbound_writer(&self, new: B) {
self.state.outbound.write().1 = Some(new);
}
+
+ pub fn write(&self, msg: &[u8], endpoint: &mut E) -> Result<(), RouterError> {
+ let outbound = self.state.outbound.read();
+ if outbound.0 {
+ outbound
+ .1
+ .as_ref()
+ .ok_or(RouterError::SendError)
+ .and_then(|w| w.write(msg, endpoint).map_err(|_| RouterError::SendError))
+ } else {
+ Ok(())
+ }
+ }
}
diff --git a/src/wireguard/router/tests.rs b/src/wireguard/router/tests.rs
index bad657c..15db368 100644
--- a/src/wireguard/router/tests.rs
+++ b/src/wireguard/router/tests.rs
@@ -162,7 +162,7 @@ mod tests {
};
let msg = make_packet_padded(1024, src, dst, 0);
- // every iteration sends 10 GB
+ // every iteration sends 10 MB
b.iter(|| {
opaque.store(0, Ordering::SeqCst);
while opaque.load(Ordering::Acquire) < 10 * 1024 * 1024 {
diff --git a/src/wireguard/wireguard.rs b/src/wireguard/wireguard.rs
index ecbb9c1..b878adc 100644
--- a/src/wireguard/wireguard.rs
+++ b/src/wireguard/wireguard.rs
@@ -44,9 +44,6 @@ pub struct WireguardInner<T: Tun, B: UDP> {
// current MTU
pub mtu: AtomicUsize,
- // outbound writer
- pub send: RwLock<Option<B::Writer>>,
-
// peer map
pub peers: RwLock<handshake::Device<Peer<T, B>>>,
@@ -134,7 +131,7 @@ impl<T: Tun, B: UDP> WireGuard<T, B> {
// set mtu
self.mtu.store(0, Ordering::Relaxed);
- // avoid tranmission from router
+ // avoid transmission from router
self.router.down();
// set all peers down (stops timers)
@@ -264,8 +261,6 @@ impl<T: Tun, B: UDP> WireGuard<T, B> {
}
pub fn set_writer(&self, writer: B::Writer) {
- // TODO: Consider unifying these and avoid Clone requirement on writer
- *self.send.write() = Some(writer.clone());
self.router.set_outbound_writer(writer);
}
@@ -301,8 +296,7 @@ impl<T: Tun, B: UDP> WireGuard<T, B> {
id: OsRng.gen(),
mtu: AtomicUsize::new(0),
last_under_load: Mutex::new(Instant::now() - TIME_HORIZON),
- send: RwLock::new(None),
- router: router::Device::new(num_cpus::get(), writer), // router owns the writing half
+ router: router::Device::new(num_cpus::get(), writer),
pending: AtomicUsize::new(0),
peers: RwLock::new(handshake::Device::new()),
runner: Mutex::new(Runner::new(TIMERS_TICK, TIMERS_SLOTS, TIMERS_CAPACITY)),
diff --git a/src/wireguard/workers.rs b/src/wireguard/workers.rs
index c1a2af7..02db160 100644
--- a/src/wireguard/workers.rs
+++ b/src/wireguard/workers.rs
@@ -14,7 +14,6 @@ use super::tun::Reader as TunReader;
use super::tun::Tun;
use super::udp::Reader as UDPReader;
-use super::udp::Writer as UDPWriter;
use super::udp::UDP;
// constants
@@ -195,20 +194,12 @@ pub fn handshake_worker<T: Tun, B: UDP>(
let mut resp_len: u64 = 0;
if let Some(msg) = resp {
resp_len = msg.len() as u64;
- let send: &Option<B::Writer> = &*wg.send.read();
- if let Some(writer) = send.as_ref() {
+ let _ = wg.router.write(&msg[..], &mut src).map_err(|e| {
debug!(
- "{} : handshake worker, send response ({} bytes)",
- wg, resp_len
+ "{} : handshake worker, failed to send response, error = {}",
+ wg, e
);
- let _ = writer.write(&msg[..], &mut src).map_err(|e| {
- debug!(
- "{} : handshake worker, failed to send response, error = {}",
- wg,
- e
- )
- });
- }
+ });
}
// update peer state