From 51179f5433fbc1617d59e25493a22072c0987726 Mon Sep 17 00:00:00 2001
From: Mathias Hall-Andersen <mathias@hall-andersen.dk>
Date: Sat, 31 Aug 2019 15:03:14 +0200
Subject: Better management of key material

---
 src/types/endpoint.rs |  7 ++-----
 src/types/keys.rs     | 12 ++++++++++--
 src/types/tun.rs      |  6 +++---
 3 files changed, 15 insertions(+), 10 deletions(-)

(limited to 'src/types')

diff --git a/src/types/endpoint.rs b/src/types/endpoint.rs
index aa4dfd7..6bc99b9 100644
--- a/src/types/endpoint.rs
+++ b/src/types/endpoint.rs
@@ -1,8 +1,5 @@
 use std::net::SocketAddr;
 
-/* The generic implementation (not supporting "sticky-sockets"),
- * is to simply use SocketAddr directly as the endpoint.
- */
-pub trait Endpoint: Into<SocketAddr> {}
+pub trait Endpoint: Into<SocketAddr> + From<SocketAddr> {}
 
-impl<T> Endpoint for T where T: Into<SocketAddr> {}
+impl<T> Endpoint for T where T: Into<SocketAddr> + From<SocketAddr> {}
diff --git a/src/types/keys.rs b/src/types/keys.rs
index c39816c..d2c4139 100644
--- a/src/types/keys.rs
+++ b/src/types/keys.rs
@@ -1,15 +1,23 @@
+use clear_on_drop::clear::Clear;
 use std::time::Instant;
 
 /* This file holds types passed between components.
  * Whenever a type cannot be held local to a single module.
  */
 
-#[derive(Debug, Clone, Copy)]
+#[derive(Debug, Clone)]
 pub struct Key {
     pub key: [u8; 32],
     pub id: u32,
 }
 
+// zero key on drop
+impl Drop for Key {
+    fn drop(&mut self) {
+        self.key.clear()
+    }
+}
+
 #[cfg(test)]
 impl PartialEq for Key {
     fn eq(&self, other: &Self) -> bool {
@@ -17,7 +25,7 @@ impl PartialEq for Key {
     }
 }
 
-#[derive(Debug, Clone, Copy)]
+#[derive(Debug, Clone)]
 pub struct KeyPair {
     pub birth: Instant,  // when was the key-pair created
     pub initiator: bool, // has the key-pair been confirmed?
diff --git a/src/types/tun.rs b/src/types/tun.rs
index 72caa71..b36089e 100644
--- a/src/types/tun.rs
+++ b/src/types/tun.rs
@@ -1,6 +1,6 @@
 use std::error;
 
-pub trait Tun: Send + Sync {
+pub trait Tun: Send + Sync + 'static {
     type Error: error::Error;
 
     /// Returns the MTU of the device
@@ -22,13 +22,13 @@ pub trait Tun: Send + Sync {
     ///
     /// # Arguments
     ///
-    /// - dst: Destination buffer (enough space for MTU bytes + header)
+    /// - buf: Destination buffer (enough space for MTU bytes + header)
     /// - offset: Offset for the beginning of the IP packet
     ///
     /// # Returns
     ///
     /// The size of the IP packet (ignoring the header) or an std::error::Error instance:
-    fn read(&self, dst: &mut [u8], offset: usize) -> Result<usize, Self::Error>;
+    fn read(&self, buf: &mut [u8], offset: usize) -> Result<usize, Self::Error>;
 
     /// Writes an IP packet to the tunnel device
     ///
-- 
cgit v1.2.3-59-g8ed1b