rixxc/wireguard-rs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove "list_peers" and "lookup_peer".

Browse Source
This commit is contained in:
Mathias Hall-Andersen
2020-05-13 23:23:17 +02:00
parent ff9b7e3ed2
commit 8d53b0f5c1
6 changed files with 67 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
src/configuration/config.rs
View File

@@ -309,37 +309,56 @@ impl<T: tun::Tun, B: udp::PlatformUDP> Configuration for WireGuardConfig<T, B> {
} }
fn set_endpoint(&self, peer: &PublicKey, addr: SocketAddr) { fn set_endpoint(&self, peer: &PublicKey, addr: SocketAddr) {
if let Some(peer) = self.lock().wireguard.lookup_peer(peer) { if let Some(peer) = self.lock().wireguard.peers.read().get(peer) {
peer.set_endpoint(B::Endpoint::from_address(addr)); peer.set_endpoint(B::Endpoint::from_address(addr));
} }
} }
fn set_persistent_keepalive_interval(&self, peer: &PublicKey, secs: u64) { fn set_persistent_keepalive_interval(&self, peer: &PublicKey, secs: u64) {
if let Some(peer) = self.lock().wireguard.lookup_peer(peer) { if let Some(peer) = self.lock().wireguard.peers.read().get(peer) {
peer.opaque().set_persistent_keepalive_interval(secs); peer.opaque().set_persistent_keepalive_interval(secs);
} }
} }
fn replace_allowed_ips(&self, peer: &PublicKey) { fn replace_allowed_ips(&self, peer: &PublicKey) {
if let Some(peer) = self.lock().wireguard.lookup_peer(peer) { if let Some(peer) = self.lock().wireguard.peers.read().get(peer) {
peer.remove_allowed_ips(); peer.remove_allowed_ips();
} }
} }
fn add_allowed_ip(&self, peer: &PublicKey, ip: IpAddr, masklen: u32) { fn add_allowed_ip(&self, peer: &PublicKey, ip: IpAddr, masklen: u32) {
if let Some(peer) = self.lock().wireguard.lookup_peer(peer) { if let Some(peer) = self.lock().wireguard.peers.read().get(peer) {
peer.add_allowed_ip(ip, masklen); peer.add_allowed_ip(ip, masklen);
} }
} }
/*
pub fn list_peers(
&self,
) -> Vec<(
PublicKey,
router::PeerHandle<B::Endpoint, PeerInner<T, B>, T::Writer, B::Writer>,
)> {
let peers = self.peers.read();
let mut list = Vec::with_capacity(peers.len());
for (k, v) in peers.iter() {
debug_assert!(k.as_bytes() == v.opaque().pk.as_bytes());
list.push((k.clone(), v.clone()));
}
list
}
*/
fn get_peers(&self) -> Vec<PeerState> { fn get_peers(&self) -> Vec<PeerState> {
let cfg = self.lock(); let cfg = self.lock();
let peers = cfg.wireguard.list_peers(); let peers = cfg.wireguard.peers.read();
let mut state = Vec::with_capacity(peers.len()); let mut state = Vec::with_capacity(peers.len());
for (pk, p) in peers { for (pk, p) in peers.iter() {
// convert the system time to (secs, nano) since epoch // convert the system time to (secs, nano) since epoch
let last_handshake_time = (*p.opaque().walltime_last_handshake.lock()).and_then(|t| { let last_handshake_time = (*p.walltime_last_handshake.lock()).and_then(|t| {
let duration = t let duration = t
.duration_since(SystemTime::UNIX_EPOCH) .duration_since(SystemTime::UNIX_EPOCH)
.unwrap_or(Duration::from_secs(0)); .unwrap_or(Duration::from_secs(0));
@@ -351,9 +370,9 @@ impl<T: tun::Tun, B: udp::PlatformUDP> Configuration for WireGuardConfig<T, B> {
state.push(PeerState { state.push(PeerState {
preshared_key: psk, preshared_key: psk,
endpoint: p.get_endpoint(), endpoint: p.get_endpoint(),
rx_bytes: p.opaque().rx_bytes.load(Ordering::Relaxed), rx_bytes: p.rx_bytes.load(Ordering::Relaxed),
tx_bytes: p.opaque().tx_bytes.load(Ordering::Relaxed), tx_bytes: p.tx_bytes.load(Ordering::Relaxed),
persistent_keepalive_interval: p.opaque().get_keepalive_interval(), persistent_keepalive_interval: p.get_keepalive_interval(),
allowed_ips: p.list_allowed_ips(), allowed_ips: p.list_allowed_ips(),
last_handshake_time, last_handshake_time,
public_key: pk, public_key: pk,

7
src/configuration/uapi/set.rs
View File

@@ -53,6 +53,13 @@ impl<'a, C: Configuration> LineParser<'a, C> {
} }
pub fn parse_line(&mut self, key: &str, value: &str) -> Result<(), ConfigError> { pub fn parse_line(&mut self, key: &str, value: &str) -> Result<(), ConfigError> {
#[cfg(debug)]
{
if key.len() > 0 {
log::debug!("UAPI: {}={}", key, value);
}
}
// flush peer updates to configuration // flush peer updates to configuration
fn flush_peer<C: Configuration>(config: &C, peer: &ParsedPeer) -> Option<ConfigError> { fn flush_peer<C: Configuration>(config: &C, peer: &ParsedPeer) -> Option<ConfigError> {
if peer.remove { if peer.remove {

2
src/wireguard/router/peer.rs
View File

@@ -96,6 +96,7 @@ pub struct PeerHandle<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<
peer: Peer<E, C, T, B>, peer: Peer<E, C, T, B>,
} }
/*
impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone
for PeerHandle<E, C, T, B> for PeerHandle<E, C, T, B>
{ {
@@ -105,6 +106,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Clone
} }
} }
} }
*/
impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: udp::Writer<E>> Deref
for PeerHandle<E, C, T, B> for PeerHandle<E, C, T, B>

17
src/wireguard/tests.rs
View File

@@ -120,16 +120,21 @@ fn test_pure_wireguard() {
// configure crypto-key router // configure crypto-key router
let peer2 = wg1.lookup_peer(&pk2).unwrap(); {
let peer1 = wg2.lookup_peer(&pk1).unwrap(); let peers1 = wg1.peers.read();
let peers2 = wg2.peers.read();
peer1.add_allowed_ip("192.168.1.0".parse().unwrap(), 24); let peer2 = peers1.get(&pk2).unwrap();
let peer1 = peers2.get(&pk1).unwrap();
peer2.add_allowed_ip("192.168.2.0".parse().unwrap(), 24); peer1.add_allowed_ip("192.168.1.0".parse().unwrap(), 24);
// set endpoint (the other should be learned dynamically) peer2.add_allowed_ip("192.168.2.0".parse().unwrap(), 24);
peer2.set_endpoint(dummy::UnitEndpoint::new()); // set endpoint (the other should be learned dynamically)
peer2.set_endpoint(dummy::UnitEndpoint::new());
}
let num_packets = 20; let num_packets = 20;

41
src/wireguard/timers.rs
View File

@@ -237,25 +237,24 @@ impl Timers {
running: bool, // timers started running: bool, // timers started
) -> Timers { ) -> Timers {
macro_rules! fetch_peer { macro_rules! fetch_peer {
( $wg:expr, $pk:expr ) => { ( $wg:expr, $pk:expr, $peer:ident) => {
match $wg.lookup_peer(&$pk) { let peers = $wg.peers.read();
let $peer = match peers.get(&$pk) {
None => { None => {
return; return;
} }
Some(peer) => peer, Some(peer) => peer,
} };
}; };
} }
macro_rules! fetch_timer { macro_rules! fetch_timers {
( $peer:expr ) => {{ ( $peer:ident, $timers:ident) => {
let timers = $peer.timers(); let $timers = $peer.timers();
if timers.enabled { if !$timers.enabled {
timers
} else {
return; return;
} }
}}; };
} }
let runner = wg.runner.lock(); let runner = wg.runner.lock();
@@ -272,9 +271,8 @@ impl Timers {
let pk = pk.clone(); let pk = pk.clone();
runner.timer(move || { runner.timer(move || {
// fetch peer by public key // fetch peer by public key
let peer = fetch_peer!(wg, pk); fetch_peer!(wg, pk, peer);
let timers = fetch_timer!(peer); fetch_timers!(peer, timers);
log::trace!("{} : timer fired (retransmit_handshake)", peer);
// check if handshake attempts remaining // check if handshake attempts remaining
let attempts = timers.handshake_attempts.fetch_add(1, Ordering::SeqCst); let attempts = timers.handshake_attempts.fetch_add(1, Ordering::SeqCst);
@@ -305,9 +303,8 @@ impl Timers {
let pk = pk.clone(); let pk = pk.clone();
runner.timer(move || { runner.timer(move || {
// fetch peer by public key // fetch peer by public key
let peer = fetch_peer!(wg, pk); fetch_peer!(wg, pk, peer);
let timers = fetch_timer!(peer); fetch_timers!(peer, timers);
log::trace!("{} : timer fired (send_keepalive)", peer);
// send keepalive and schedule next keepalive // send keepalive and schedule next keepalive
peer.send_keepalive(); peer.send_keepalive();
@@ -321,9 +318,8 @@ impl Timers {
let pk = pk.clone(); let pk = pk.clone();
runner.timer(move || { runner.timer(move || {
// fetch peer by public key // fetch peer by public key
let peer = fetch_peer!(wg, pk); fetch_peer!(wg, pk, peer);
let _timers = fetch_timer!(peer); fetch_timers!(peer, timers);
log::trace!("{} : timer fired (new_handshake)", peer);
// clear source and retry // clear source and retry
log::debug!( log::debug!(
@@ -340,8 +336,7 @@ impl Timers {
let pk = pk.clone(); let pk = pk.clone();
runner.timer(move || { runner.timer(move || {
// fetch peer by public key // fetch peer by public key
let peer = fetch_peer!(wg, pk); fetch_peer!(wg, pk, peer);
let _timers = fetch_timer!(peer);
log::trace!("{} : timer fired (zero_key_material)", peer); log::trace!("{} : timer fired (zero_key_material)", peer);
// null all key-material // null all key-material
@@ -353,8 +348,8 @@ impl Timers {
let pk = pk.clone(); let pk = pk.clone();
runner.timer(move || { runner.timer(move || {
// fetch peer by public key // fetch peer by public key
let peer = fetch_peer!(wg, pk); fetch_peer!(wg, pk, peer);
let timers = fetch_timer!(peer); fetch_timers!(peer, timers);
log::trace!("{} : timer fired (send_persistent_keepalive)", peer); log::trace!("{} : timer fired (send_persistent_keepalive)", peer);
// send and schedule persistent keepalive // send and schedule persistent keepalive

22
src/wireguard/wireguard.rs
View File

@@ -179,28 +179,6 @@ impl<T: Tun, B: UDP> WireGuard<T, B> {
let _ = self.peers.write().remove(pk); let _ = self.peers.write().remove(pk);
} }
pub fn lookup_peer(
&self,
pk: &PublicKey,
) -> Option<router::PeerHandle<B::Endpoint, PeerInner<T, B>, T::Writer, B::Writer>> {
self.peers.read().get(pk).map(|handle| handle.clone())
}
pub fn list_peers(
&self,
) -> Vec<(
PublicKey,
router::PeerHandle<B::Endpoint, PeerInner<T, B>, T::Writer, B::Writer>,
)> {
let peers = self.peers.read();
let mut list = Vec::with_capacity(peers.len());
for (k, v) in peers.iter() {
debug_assert!(k.as_bytes() == v.opaque().pk.as_bytes());
list.push((k.clone(), v.clone()));
}
list
}
pub fn set_key(&self, sk: Option<StaticSecret>) { pub fn set_key(&self, sk: Option<StaticSecret>) {
let mut peers = self.peers.write(); let mut peers = self.peers.write();
peers.set_sk(sk); peers.set_sk(sk);