diff --git a/CHANGELOG.md b/CHANGELOG.md index ecab01e..1929536 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,8 +5,9 @@ This project follows [semantic versioning](http://semver.org). ### UNRELEASED - [added] Support for creating shell completions +- [added] Support for hook scripts to handle certain situations - [removed] Removed dummy device type -- [changed] Updated depdendencies +- [changed] Updated dependencies - [changed] Changed Rust version to 1.49.0 - [fixed] Added missing peer address propagation diff --git a/Cargo.lock b/Cargo.lock index fc38701..56c1e2e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -147,9 +147,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4060f4657be78b8e766215b02b18a2e862d83745545de804638e2b545e81aee6" +checksum = "c9495705279e7140bf035dde1f6e750c162df8b625267cd52cc44e0b156732c8" dependencies = [ "cfg-if 1.0.0", "libc", @@ -167,9 +167,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.1.17" +version = "0.1.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aca5565f760fb5b220e499d72710ed156fdb74e631659e99377d9ebfbd13ae8" +checksum = "322f4de77956e22ed0e5032c359a0f1273f1f7f0d79bfa3b8ffbc730d7fbcc5c" dependencies = [ "libc", ] diff --git a/src/cloud.rs b/src/cloud.rs index 1a3533a..e93fe31 100644 --- a/src/cloud.rs +++ b/src/cloud.rs @@ -26,7 +26,8 @@ use crate::{ device::{Device, Type}, error::Error, messages::{ - AddrList, NodeInfo, PeerInfo, MESSAGE_TYPE_CLOSE, MESSAGE_TYPE_DATA, MESSAGE_TYPE_KEEPALIVE, MESSAGE_TYPE_NODE_INFO + AddrList, NodeInfo, PeerInfo, MESSAGE_TYPE_CLOSE, MESSAGE_TYPE_DATA, MESSAGE_TYPE_KEEPALIVE, + MESSAGE_TYPE_NODE_INFO }, net::{mapped_addr, Socket}, payload::Protocol, @@ -35,7 +36,7 @@ use crate::{ table::ClaimTable, traffic::TrafficStats, types::{Address, Mode, NodeId, Range, RangeList}, - util::{addr_nice, resolve, CtrlC, Duration, MsgBuffer, StatsdMsg, Time, TimeSource} + util::{addr_nice, bytes_to_hex, resolve, CtrlC, Duration, MsgBuffer, StatsdMsg, Time, TimeSource} }; pub type Hash = BuildHasherDefault; @@ -125,6 +126,9 @@ impl GenericCloud { + info!("No address set on interface.") + } Err(e) => error!("{}", e) } } @@ -225,6 +229,7 @@ impl GenericCloud GenericCloud GenericCloud GenericCloud Result<(), Error> { info!("Added peer {}", addr_nice(addr)); + self.config.call_hook( + "peer_connected", + vec![ + ("PEER", format!("{:?}", addr_nice(addr))), + ("IFNAME", self.device.ifname().to_owned()), + ("CLAIMS", info.claims.iter().map(|r| format!("{:?}", r)).collect::>().join(" ")), + ("NODE_ID", bytes_to_hex(&info.node_id)), + ], + true + ); if let Some(init) = self.pending_inits.remove(&addr) { self.peers.insert(addr, PeerData { addrs: info.addrs.clone(), @@ -645,9 +668,18 @@ impl GenericCloud GenericCloud { + self.config.call_hook( + "peer_connecting", + vec![ + ("PEER", format!("{:?}", addr_nice(src))), + ("IFNAME", self.device.ifname().to_owned()), + ], + true + ); self.pending_inits.insert(src, init); Ok(res) } @@ -800,6 +840,11 @@ impl GenericCloud { debug!("Recoverable init error from {}: {}", src, e); @@ -831,6 +876,7 @@ impl GenericCloud { @@ -856,6 +902,7 @@ impl GenericCloud SocketAddr { if let Some(addr) = addr.strip_prefix("*:") { let port = try_fail!(addr.parse::(), "Invalid port: {}"); @@ -61,7 +62,9 @@ pub struct Config { pub statsd_server: Option, pub statsd_prefix: Option, pub user: Option, - pub group: Option + pub group: Option, + pub hook: Option, + pub hooks: HashMap } impl Default for Config { @@ -94,7 +97,9 @@ impl Default for Config { statsd_server: None, statsd_prefix: None, user: None, - group: None + group: None, + hook: None, + hooks: HashMap::new() } } } @@ -199,6 +204,12 @@ impl Config { if !file.crypto.algorithms.is_empty() { self.crypto.algorithms = file.crypto.algorithms.clone(); } + if let Some(val) = file.hook { + self.hook = Some(val) + } + for (k, v) in file.hooks { + self.hooks.insert(k, v); + } } pub fn merge_args(&mut self, mut args: Args) { @@ -292,6 +303,16 @@ impl Config { if !args.algorithms.is_empty() { self.crypto.algorithms = args.algorithms.clone(); } + for s in args.hook { + if s.contains(':') { + let pos = s.find(':').unwrap(); + let name = &s[..pos]; + let hook = &s[pos+1..]; + self.hooks.insert(name.to_string(), hook.to_string()); + } else { + self.hook = Some(s); + } + } } pub fn get_keepalive(&self) -> Duration { @@ -300,8 +321,31 @@ impl Config { None => max(self.peer_timeout / 2 - 60, 1) } } -} + pub fn call_hook( + &self, event: &'static str, envs: impl IntoIterator)>, detach: bool + ) { + let mut script = None; + if let Some(ref s) = self.hook { + script = Some(s); + } + if let Some(ref s) = self.hooks.get(event) { + script = Some(s); + } + if script.is_none() { + return + } + let script = script.unwrap(); + let mut cmd = Command::new("sh"); + cmd.arg("-c").arg(script).envs(envs).env("EVENT", event); + debug!("Running event script: {:?}", cmd); + if detach { + thread::spawn(move || run_cmd(cmd)); + } else { + run_cmd(cmd) + } + } +} #[derive(StructOpt, Debug, Default)] pub struct Args { @@ -463,7 +507,11 @@ pub struct Args { /// Generate shell completions #[structopt(long)] - pub completion: Option + pub completion: Option, + + /// Call script on event + #[structopt(long)] + pub hook: Vec } #[derive(Serialize, Deserialize, Debug, PartialEq, Default)] @@ -517,10 +565,11 @@ pub struct ConfigFile { pub stats_file: Option, pub statsd: Option, pub user: Option, - pub group: Option + pub group: Option, + pub hook: Option, + pub hooks: HashMap } - #[test] fn config_file() { let config_file = " @@ -587,7 +636,9 @@ statsd: statsd: Some(ConfigFileStatsd { server: Some("example.com:1234".to_string()), prefix: Some("prefix".to_string()) - }) + }), + hook: None, + hooks: HashMap::new() }) } @@ -621,9 +672,12 @@ fn default_config_as_default() { statsd_server: None, statsd_prefix: None, user: None, - group: None + group: None, + hook: None, + hooks: HashMap::new() }; - let default_config_file = serde_yaml::from_str::(include_str!("../assets/example.net.disabled")).unwrap(); + let default_config_file = + serde_yaml::from_str::(include_str!("../assets/example.net.disabled")).unwrap(); default_config.merge_file(default_config_file); assert_eq!(default_config, Config::default()); } @@ -664,7 +718,9 @@ fn config_merge() { statsd: Some(ConfigFileStatsd { server: Some("example.com:1234".to_string()), prefix: Some("prefix".to_string()) - }) + }), + hook: None, + hooks: HashMap::new() }); assert_eq!(config, Config { device_type: Type::Tun, @@ -753,6 +809,8 @@ fn config_merge() { stats_file: Some("/var/log/vpncloud-mynet.stats".to_string()), statsd_server: Some("example.com:2345".to_string()), statsd_prefix: Some("prefix2".to_string()), - daemonize: true + daemonize: true, + hook: None, + hooks: HashMap::new() }); } diff --git a/src/device.rs b/src/device.rs index 34c7b18..290539b 100644 --- a/src/device.rs +++ b/src/device.rs @@ -5,12 +5,12 @@ use std::{ cmp, collections::VecDeque, + convert::TryInto, fmt, fs::{self, File}, io::{self, BufRead, BufReader, Cursor, Error as IoError, Read, Write}, net::{Ipv4Addr, UdpSocket}, os::unix::io::{AsRawFd, RawFd}, - convert::TryInto, str, str::FromStr }; @@ -36,7 +36,7 @@ struct IfReq { impl IfReq { fn new(name: &str) -> Self { assert!(name.len() < libc::IF_NAMESIZE); - let mut ifr_name = [0 as u8; libc::IF_NAMESIZE]; + let mut ifr_name = [0; libc::IF_NAMESIZE]; ifr_name[..name.len()].clone_from_slice(name.as_bytes()); Self { ifr_name, data: IfReqData { _dummy: [0; 24] } } } @@ -329,7 +329,7 @@ impl Device for MockDevice { } fn ifname(&self) -> &str { - unimplemented!() + "mock0" } fn read(&mut self, buffer: &mut MsgBuffer) -> Result<(), Error> { diff --git a/src/main.rs b/src/main.rs index dd73dcc..4e39f3c 100644 --- a/src/main.rs +++ b/src/main.rs @@ -140,6 +140,7 @@ fn setup_device(config: &Config) -> TunTapDevice { config.device_name ); info!("Opened device {}", device.ifname()); + config.call_hook("device_setup", vec![("IFNAME", device.ifname())], true); if let Err(err) = device.set_mtu(None) { error!("Error setting optimal MTU on {}: {}", device.ifname(), err); } @@ -159,6 +160,7 @@ fn setup_device(config: &Config) -> TunTapDevice { warn!("Your networking configuration might be affected by a vulnerability (https://vpncloud.ddswd.de/docs/security/cve-2019-14899/), please change your rp_filter setting to 1 (currently {}).", val); } } + config.call_hook("device_configured", vec![("IFNAME", device.ifname())], true); device } diff --git a/src/oldconfig.rs b/src/oldconfig.rs index 0a717a0..330336f 100644 --- a/src/oldconfig.rs +++ b/src/oldconfig.rs @@ -1,5 +1,6 @@ use super::{device::Type, types::Mode, util::Duration}; use crate::config::{ConfigFile, ConfigFileBeacon, ConfigFileDevice, ConfigFileStatsd, CryptoConfig}; +use std::collections::HashMap; #[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Copy)] pub enum OldCryptoMethod { @@ -112,12 +113,11 @@ impl OldConfigFile { pid_file: self.pid_file, port_forwarding: self.port_forwarding, stats_file: self.stats_file, - statsd: Some(ConfigFileStatsd { - prefix: self.statsd_prefix, - server: self.statsd_server - }), + statsd: Some(ConfigFileStatsd { prefix: self.statsd_prefix, server: self.statsd_server }), switch_timeout: self.dst_timeout, - user: self.user + user: self.user, + hook: None, + hooks: HashMap::new() } } -} \ No newline at end of file +} diff --git a/src/util.rs b/src/util.rs index 42a53b1..e1c4ae5 100644 --- a/src/util.rs +++ b/src/util.rs @@ -2,31 +2,31 @@ // Copyright (C) 2015-2020 Dennis Schwerdel // This software is licensed under GPL-3 or newer (see LICENSE.md) +use std::process::Command; use std::{ fmt, net::{Ipv4Addr, SocketAddr, ToSocketAddrs, UdpSocket}, - sync::atomic::{AtomicIsize, Ordering} + sync::atomic::{AtomicIsize, Ordering}, }; use crate::error::Error; -#[cfg(not(target_os = "linux"))] use time; +#[cfg(not(target_os = "linux"))] +use time; use signal::{trap::Trap, Signal}; use smallvec::SmallVec; use std::time::Instant; - pub type Duration = u32; pub type Time = i64; - #[derive(Clone)] pub struct MsgBuffer { space_before: usize, buffer: [u8; 65535], start: usize, - end: usize + end: usize, } impl MsgBuffer { @@ -98,7 +98,6 @@ impl MsgBuffer { } } - const HEX_CHARS: &[u8] = b"0123456789abcdef"; pub fn bytes_to_hex(bytes: &[u8]) -> String { @@ -113,13 +112,12 @@ pub fn bytes_to_hex(bytes: &[u8]) -> String { pub fn addr_nice(addr: SocketAddr) -> SocketAddr { if let SocketAddr::V6(v6addr) = addr { if let Some(ip) = v6addr.ip().to_ipv4() { - return (ip, addr.port()).into() + return (ip, addr.port()).into(); } } addr } - pub struct Encoder; impl Encoder { @@ -172,7 +170,6 @@ impl Encoder { } } - macro_rules! fail { ($format:expr) => ( { use std::process; @@ -215,17 +212,14 @@ pub fn get_internal_ip() -> Ipv4Addr { } } - #[allow(unknown_lints, clippy::needless_pass_by_value)] pub fn resolve(addr: Addr) -> Result, Error> { let mut addrs = addr.to_socket_addrs().map_err(|_| Error::NameUnresolvable(format!("{:?}", addr)))?.collect::>(); // Try IPv4 first as it usually is faster - addrs.sort_by_key(|addr| { - match *addr { - SocketAddr::V4(_) => 4, - SocketAddr::V6(_) => 6 - } + addrs.sort_by_key(|addr| match *addr { + SocketAddr::V4(_) => 4, + SocketAddr::V6(_) => 6, }); // Remove duplicates in addrs (why are there duplicates???) addrs.dedup(); @@ -239,7 +233,6 @@ macro_rules! addr { }}; } - pub struct Bytes(pub u64); impl fmt::Display for Bytes { @@ -248,31 +241,30 @@ impl fmt::Display for Bytes { if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.0} B", size) + return write!(formatter, "{:.0} B", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} KiB", size) + return write!(formatter, "{:.1} KiB", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} MiB", size) + return write!(formatter, "{:.1} MiB", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} GiB", size) + return write!(formatter, "{:.1} GiB", size); } write!(formatter, "{:.1} TiB", size) } } - pub struct CtrlC { dummy_time: Instant, - trap: Trap + trap: Trap, } impl CtrlC { @@ -293,7 +285,6 @@ impl Default for CtrlC { } } - pub trait TimeSource: Sync + Copy + Send + 'static { fn now() -> Time; } @@ -336,7 +327,6 @@ impl TimeSource for MockTimeSource { } } - /// Helper function that multiplies the base62 data in buf[0..buflen] by 16 and adds m to it fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize { let mut d: usize = m as usize; @@ -356,7 +346,7 @@ fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize { const BASE62: [char; 62] = [ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', - 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' + 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', ]; pub fn to_base62(data: &[u8]) -> String { @@ -382,7 +372,7 @@ pub fn from_base62(data: &str) -> Result, char> { '0'..='9' => ((c as usize) % ('0' as usize)), 'A'..='Z' => ((c as usize) % ('A' as usize)) + 10, 'a'..='z' => ((c as usize) % ('a' as usize)) + 36, - _ => return Err(c) + _ => return Err(c), }; for item in &mut buf { val += *item as usize * 62; @@ -397,11 +387,10 @@ pub fn from_base62(data: &str) -> Result, char> { Ok(buf) } - #[derive(Default)] pub struct StatsdMsg { entries: Vec, - key: Vec + key: Vec, } impl StatsdMsg { @@ -426,6 +415,16 @@ impl StatsdMsg { } } +pub fn run_cmd(mut cmd: Command) { + match cmd.status() { + Ok(status) => { + if !status.success() { + error!("Command returned error: {:?}", status.code()) + } + } + Err(e) => error!("Failed to execute command {:?}: {}", cmd, e), + } +} #[test] fn base62() {