diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index dca0157..f9be6a7 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -11,7 +11,7 @@ jobs: - name: Run builder uses: ./.github/actions/build-deb with: - rust: '1.48.0' + rust: '1.49.0' - name: Archive artifacts uses: actions/upload-artifact@v1 with: @@ -31,7 +31,7 @@ jobs: - name: Run builder uses: ./.github/actions/build-rpm with: - rust: '1.48.0' + rust: '1.49.0' - name: Archive artifacts uses: actions/upload-artifact@v1 with: diff --git a/CHANGELOG.md b/CHANGELOG.md index 20c2313..1929536 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,9 +4,11 @@ This project follows [semantic versioning](http://semver.org). ### UNRELEASED +- [added] Support for creating shell completions +- [added] Support for hook scripts to handle certain situations - [removed] Removed dummy device type -- [changed] Updated depdendencies -- [changed] Changed Rust version to 1.48.0 +- [changed] Updated dependencies +- [changed] Changed Rust version to 1.49.0 - [fixed] Added missing peer address propagation ### v2.0.1 (2020-11-07) diff --git a/Cargo.lock b/Cargo.lock index c5ea152..473e8c3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -11,13 +11,14 @@ dependencies = [ [[package]] name = "attohttpc" -version = "0.10.1" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "baf13118df3e3dce4b5ac930641343b91b656e4e72c8f8325838b01a4b1c9d45" +checksum = "ba5b30bf3a0aead269fd5dd69b385a3e90c2b55f4f215d1bdf52c3883f5fa7fa" dependencies = [ "http", "log", "url", + "wildmatch", ] [[package]] @@ -45,9 +46,9 @@ checksum = "a4521f3e3d031370679b3b140beb36dfe4801b09ac77e30c61941f97df3ef28b" [[package]] name = "base64" -version = "0.12.3" +version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" [[package]] name = "bitflags" @@ -71,22 +72,43 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5988cb1d626264ac94100be357308f29ff7cbdd3b36bda27f450a4ee3f713426" [[package]] -name = "bumpalo" -version = "3.4.0" +name = "bstr" +version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e8c087f005730276d1096a652e92a8bacee2e2472bcc9715a74d2bec38b5820" +checksum = "473fc6b38233f9af7baa94fb5852dca389e3d95b8e21c8e3719301462c5d9faf" +dependencies = [ + "lazy_static", + "memchr", + "regex-automata", + "serde", +] + +[[package]] +name = "bumpalo" +version = "3.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "099e596ef14349721d9016f6b80dd3419ea1bf289ab9b44df8e4dfd3a005d5d9" [[package]] name = "byteorder" -version = "1.3.4" +version = "1.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de" +checksum = "ae44d1a3d5a19df61dd0c8beb138458ac2a53a7ac09eba97d55592540004306b" [[package]] name = "bytes" -version = "0.5.6" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e4cec68f03f32e44924783795810fa50a7035d8c8ebe78580ad7e6c703fba38" +checksum = "b700ce4376041dcd0a327fd0097c41095743c4c8af8887265942faf1100bd040" + +[[package]] +name = "cast" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b9434b9a5aa1450faa3f9cb14ea0e8c53bb5d2b3c1bfd1ab4fc03e9f33fbfb0" +dependencies = [ + "rustc_version", +] [[package]] name = "cc" @@ -123,9 +145,9 @@ dependencies = [ [[package]] name = "const_fn" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd51eab21ab4fd6a3bf889e2d0958c0a6e3a61ad04260325e919e652a2a62826" +checksum = "28b9d6de7f49e22cf97ad17fc4036ece69300032f45f78f30b4a4482cdc3f4a6" [[package]] name = "core-foundation" @@ -149,6 +171,110 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8aebca1129a03dc6dc2b127edd729435bbc4a37e1d5f4d7513165089ceb02634" +[[package]] +name = "criterion" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ab327ed7354547cc2ef43cbe20ef68b988e70b4b593cbd66a2a61733123a3d23" +dependencies = [ + "atty", + "cast", + "clap", + "criterion-plot", + "csv", + "itertools 0.10.0", + "lazy_static", + "num-traits", + "oorandom", + "plotters", + "rayon", + "regex", + "serde", + "serde_cbor", + "serde_derive", + "serde_json", + "tinytemplate", + "walkdir", +] + +[[package]] +name = "criterion-plot" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e022feadec601fba1649cfa83586381a4ad31c6bf3a9ab7d408118b05dd9889d" +dependencies = [ + "cast", + "itertools 0.9.0", +] + +[[package]] +name = "crossbeam-channel" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dca26ee1f8d361640700bde38b2c37d8c22b3ce2d360e1fc1c74ea4b0aa7d775" +dependencies = [ + "cfg-if 1.0.0", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-deque" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94af6efb46fef72616855b036a624cf27ba656ffc9be1b9a3c931cfc7749a9a9" +dependencies = [ + "cfg-if 1.0.0", + "crossbeam-epoch", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-epoch" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1aaa739f95311c2c7887a76863f500026092fb1dce0161dab577e559ef3569d" +dependencies = [ + "cfg-if 1.0.0", + "const_fn", + "crossbeam-utils", + "lazy_static", + "memoffset", + "scopeguard", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02d96d1e189ef58269ebe5b97953da3274d83a93af647c2ddd6f9dab28cedb8d" +dependencies = [ + "autocfg", + "cfg-if 1.0.0", + "lazy_static", +] + +[[package]] +name = "csv" +version = "1.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9d58633299b24b515ac72a3f869f8b91306a3cec616a602843a383acd6f9e97" +dependencies = [ + "bstr", + "csv-core", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "csv-core" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" +dependencies = [ + "memchr", +] + [[package]] name = "daemonize" version = "0.4.1" @@ -176,9 +302,15 @@ checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0" [[package]] name = "dtoa" -version = "0.4.6" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "134951f4028bdadb9b84baf4232681efbf277da25144b9b0ad65df75946c422b" +checksum = "88d7ed2934d741c6b37e33e3832298e8850b53fd2d2bea03873375596c7cea4e" + +[[package]] +name = "either" +version = "1.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457" [[package]] name = "fnv" @@ -223,49 +355,44 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.1.15" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc587bc0ec293155d5bfa6b9891ec18a1e330c234f896ea47fbada4cadbe47e6" +checksum = "c9495705279e7140bf035dde1f6e750c162df8b625267cd52cc44e0b156732c8" dependencies = [ - "cfg-if 0.1.10", + "cfg-if 1.0.0", "libc", "wasi", ] [[package]] -name = "getrandom" -version = "0.2.0" +name = "half" +version = "1.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee8025cf36f917e6a52cce185b7c7177689b838b7ec138364e50cc2277a56cf4" -dependencies = [ - "cfg-if 0.1.10", - "libc", - "wasi", -] +checksum = "62aca2aba2d62b4a7f5b33f3712cb1b0692779a56fb510499d5c0aa594daeaf3" [[package]] name = "heck" -version = "0.3.1" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20564e78d53d2bb135c343b3f47714a56af2061f1c928fdb541dc7b9fdd94205" +checksum = "87cbf45460356b7deeb5e3415b5563308c0a9b057c85e12b06ad551f98d0a6ac" dependencies = [ "unicode-segmentation", ] [[package]] name = "hermit-abi" -version = "0.1.17" +version = "0.1.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aca5565f760fb5b220e499d72710ed156fdb74e631659e99377d9ebfbd13ae8" +checksum = "322f4de77956e22ed0e5032c359a0f1273f1f7f0d79bfa3b8ffbc730d7fbcc5c" dependencies = [ "libc", ] [[package]] name = "http" -version = "0.2.2" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84129d298a6d57d246960ff8eb831ca4af3f96d29e2e28848dae275408658e26" +checksum = "7245cd7449cc792608c3c8a9eaf69bd4eabbabf802713748fd739c98b82f0747" dependencies = [ "bytes", "fnv", @@ -274,9 +401,9 @@ dependencies = [ [[package]] name = "httparse" -version = "1.3.4" +version = "1.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd179ae861f0c2e53da70d892f5f3029f9594be0c41dc5269cd371691b1dc2f9" +checksum = "615caabe2c3160b313d52ccc905335f4ed5f10881dd63dc5699d47e90be85691" [[package]] name = "idna" @@ -291,37 +418,55 @@ dependencies = [ [[package]] name = "igd" -version = "0.11.1" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fd32c880165b2f776af0b38d206d1cabaebcf46c166ac6ae004a5d45f7d48ef" +checksum = "4c4e7ee8b51e541486d7040883fe1f00e2a9954bcc24fd155b7e4f03ed4b93dd" dependencies = [ "attohttpc", "log", - "rand 0.7.3", + "rand", "url", "xmltree", ] [[package]] name = "input_buffer" -version = "0.3.1" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19a8a95243d5a0398cae618ec29477c6e3cb631152be5c19481f80bc71559754" +checksum = "f97967975f448f1a7ddb12b0bc41069d09ed6a1c161a92687e057325db35d413" dependencies = [ "bytes", ] [[package]] -name = "itoa" -version = "0.4.6" +name = "itertools" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6" +checksum = "284f18f85651fe11e8a991b2adb42cb078325c996ed026d994719efcfca1d54b" +dependencies = [ + "either", +] + +[[package]] +name = "itertools" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37d572918e350e82412fe766d24b15e6682fb2ed2bbe018280caa810397cb319" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd25036021b0de88a0aff6b850051563c6516d0bf53f8638938edbb9de732736" [[package]] name = "js-sys" -version = "0.3.46" +version = "0.3.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf3d7383929f7c9c7c2d0fa596f325832df98c3704f2c60553080f7127a58175" +checksum = "5cfb73131c35423a367daf8cbd24100af0d077668c8c2943f0e7dd775fef0f65" dependencies = [ "wasm-bindgen", ] @@ -334,23 +479,23 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.81" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1482821306169ec4d07f6aca392a4681f66c75c9918aa49641a2595db64053cb" +checksum = "7ccac4b00700875e6a07c6cde370d44d32fa01c5a65cdd2fca6858c479d28bb3" [[package]] name = "linked-hash-map" -version = "0.5.3" +version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8dd5a6d5999d9907cda8ed67bbd137d3af8085216c2ac62de5be860bd41f304a" +checksum = "7fb9b38af92608140b86b693604b9ffcc5824240a484d1ecd4795bacb2fe88f3" [[package]] name = "log" -version = "0.4.11" +version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fabed175da42fed1fa0746b0ea71f412aa9d35e76e95e59b192c64b9dc2bf8b" +checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" dependencies = [ - "cfg-if 0.1.10", + "cfg-if 1.0.0", ] [[package]] @@ -360,10 +505,25 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7ffc5c5338469d4d3ea17d269fa8ea3512ad247247c30bd2df69e68309ed0a08" [[package]] -name = "native-tls" -version = "0.2.6" +name = "memchr" +version = "2.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6fcc7939b5edc4e4f86b1b4a04bb1498afaaf871b1a6691838ed06fcb48d3a3f" +checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" + +[[package]] +name = "memoffset" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "157b4208e3059a8f9e78d559edc658e13df41410cb3ae03979c83130067fdd87" +dependencies = [ + "autocfg", +] + +[[package]] +name = "native-tls" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8d96b2e1c8da3957d58100b09f102c6d9cfdfced01b7ec5a8974044bb09dbd4" dependencies = [ "lazy_static", "libc", @@ -402,12 +562,37 @@ dependencies = [ "libc", ] +[[package]] +name = "num-traits" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" +dependencies = [ + "hermit-abi", + "libc", +] + [[package]] name = "once_cell" version = "1.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13bd41f508810a131401606d54ac32a467c97172d74ba7662562ebba5ad07fa0" +[[package]] +name = "oorandom" +version = "11.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" + [[package]] name = "opaque-debug" version = "0.3.0" @@ -416,9 +601,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" [[package]] name = "openssl" -version = "0.10.31" +version = "0.10.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d008f51b1acffa0d3450a68606e6a51c123012edaacb0f4e1426bd978869187" +checksum = "038d43985d1ddca7a9900630d8cd031b56e4794eecc2e9ea39dd17aa04399a70" dependencies = [ "bitflags", "cfg-if 1.0.0", @@ -436,9 +621,9 @@ checksum = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de" [[package]] name = "openssl-sys" -version = "0.9.59" +version = "0.9.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de52d8eabd217311538a39bba130d7dea1f1e118010fee7a033d966845e7d5fe" +checksum = "921fc71883267538946025deffb622905ecad223c28efbfdef9bb59a0175f3e6" dependencies = [ "autocfg", "cc", @@ -459,6 +644,34 @@ version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3831453b3449ceb48b6d9c7ad7c96d5ea673e9b470a1dc578c2ce6521230884c" +[[package]] +name = "plotters" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45ca0ae5f169d0917a7c7f5a9c1a3d3d9598f18f529dd2b8373ed988efea307a" +dependencies = [ + "num-traits", + "plotters-backend", + "plotters-svg", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "plotters-backend" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b07fffcddc1cb3a1de753caa4e4df03b79922ba43cf882acc1bdd7e8df9f4590" + +[[package]] +name = "plotters-svg" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b38a02e23bd9604b842a812063aec4ef702b57989c37b655254bb61c471ad211" +dependencies = [ + "plotters-backend", +] + [[package]] name = "ppv-lite86" version = "0.2.10" @@ -516,46 +729,23 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.7" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37" +checksum = "991431c3519a3f36861882da93630ce66b52918dcf1b8e2fd66b397fc96f28df" dependencies = [ "proc-macro2", ] [[package]] name = "rand" -version = "0.7.3" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" -dependencies = [ - "getrandom 0.1.15", - "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", - "rand_hc 0.2.0", -] - -[[package]] -name = "rand" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a76330fb486679b4ace3670f117bbc9e16204005c4bde9c4bd372f45bed34f12" +checksum = "0ef9e7e66b4468674bfcb0c81af8b7fa0bb154fa9f28eb840da5c447baeb8d7e" dependencies = [ "libc", - "rand_chacha 0.3.0", - "rand_core 0.6.0", - "rand_hc 0.3.0", -] - -[[package]] -name = "rand_chacha" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" -dependencies = [ - "ppv-lite86", - "rand_core 0.5.1", + "rand_chacha", + "rand_core", + "rand_hc", ] [[package]] @@ -565,34 +755,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e12735cf05c9e10bf21534da50a147b924d555dc7a547c42e6bb2d5b6017ae0d" dependencies = [ "ppv-lite86", - "rand_core 0.6.0", + "rand_core", ] [[package]] name = "rand_core" -version = "0.5.1" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +checksum = "c026d7df8b298d90ccbbc5190bd04d85e159eaf5576caeacf8741da93ccbd2e5" dependencies = [ - "getrandom 0.1.15", -] - -[[package]] -name = "rand_core" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8b34ba8cfb21243bd8df91854c830ff0d785fff2e82ebd4434c2644cb9ada18" -dependencies = [ - "getrandom 0.2.0", -] - -[[package]] -name = "rand_hc" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" -dependencies = [ - "rand_core 0.5.1", + "getrandom", ] [[package]] @@ -601,14 +773,66 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3190ef7066a446f2e7f42e239d161e905420ccab01eb967c9eb27d21b2322a73" dependencies = [ - "rand_core 0.6.0", + "rand_core", +] + +[[package]] +name = "rayon" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b0d8e0819fadc20c74ea8373106ead0600e3a67ef1fe8da56e39b9ae7275674" +dependencies = [ + "autocfg", + "crossbeam-deque", + "either", + "rayon-core", +] + +[[package]] +name = "rayon-core" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ab346ac5921dc62ffa9f89b7a773907511cdfa5490c572ae9be1be33e8afa4a" +dependencies = [ + "crossbeam-channel", + "crossbeam-deque", + "crossbeam-utils", + "lazy_static", + "num_cpus", ] [[package]] name = "redox_syscall" -version = "0.1.57" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41cc0f7e4d5d4544e8861606a285bb08d3e70712ccc7d2b84d7c0ccfaf4b05ce" +checksum = "05ec8ca9416c5ea37062b502703cd7fcb207736bc294f6e0cf367ac6fc234570" +dependencies = [ + "bitflags", +] + +[[package]] +name = "regex" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9251239e129e16308e70d853559389de218ac275b515068abc96829d05b948a" +dependencies = [ + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae1ded71d66a4a97f5e961fd0cb25a5f366a42a41570d16a763a69c092c26ae4" +dependencies = [ + "byteorder", +] + +[[package]] +name = "regex-syntax" +version = "0.6.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5eb417147ba9860a96cfe72a0b93bf88fee1744b5636ec99ab20c1aa9376581" [[package]] name = "remove_dir_all" @@ -621,9 +845,9 @@ dependencies = [ [[package]] name = "ring" -version = "0.16.19" +version = "0.16.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "024a1e66fea74c66c66624ee5622a7ff0e4b73a13b4f5c326ddb50c708944226" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" dependencies = [ "cc", "libc", @@ -649,6 +873,15 @@ version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + [[package]] name = "schannel" version = "0.1.19" @@ -659,6 +892,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "scopeguard" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" + [[package]] name = "security-framework" version = "2.0.0" @@ -699,15 +938,28 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.118" +version = "1.0.123" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800" +checksum = "92d5161132722baa40d802cc70b15262b98258453e85e5d1d365c757c73869ae" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_cbor" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e18acfa2f90e8b735b2836ab8d538de304cbb6729a7360729ea5a895d15a622" +dependencies = [ + "half", + "serde", +] [[package]] name = "serde_derive" -version = "1.0.118" +version = "1.0.123" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c84d3526699cd55261af4b941e4e725444df67aa4f9e6a3564f18030d12672df" +checksum = "9391c295d64fc0abb2c556bad848f33cb8296276b1ad2677d1ae1ace4f258f31" dependencies = [ "proc-macro2", "quote", @@ -716,9 +968,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.60" +version = "1.0.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1500e84d27fe482ed1dc791a56eddc2f230046a040fa908c08bda1d9fb615779" +checksum = "4fceb2595057b6891a4ee808f70054bd2d12f0e97f1cbb78689b59f676df325a" dependencies = [ "itoa", "ryu", @@ -727,9 +979,9 @@ dependencies = [ [[package]] name = "serde_yaml" -version = "0.8.14" +version = "0.8.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7baae0a99f1a324984bcdc5f0718384c1f69775f1c7eec8b859b71b443e3fd7" +checksum = "bdd2af560da3c1fdc02cb80965289254fc35dff869810061e2d8290ee48848ae" dependencies = [ "dtoa", "linked-hash-map", @@ -739,9 +991,9 @@ dependencies = [ [[package]] name = "sha-1" -version = "0.9.2" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce3cdf1b5e620a498ee6f2a171885ac7e22f0e12089ec4b3d22b84921792507c" +checksum = "f4b312c3731e3fe78a185e6b9b911a7aa715b8e31cce117975219aab2acf285d" dependencies = [ "block-buffer", "cfg-if 1.0.0", @@ -768,9 +1020,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.5.1" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae524f056d7d770e174287294f562e95044c68e88dec909a00d2094805db9d75" +checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" [[package]] name = "spin" @@ -780,9 +1032,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "standback" -version = "0.2.13" +version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf906c8b8fc3f6ecd1046e01da1d8ddec83e48c8b08b84dcc02b585a6bedf5a8" +checksum = "c66a8cff4fa24853fdf6b51f75c6d7f8206d7c75cab4e467bcd7f25c2b1febe0" dependencies = [ "version_check", ] @@ -868,9 +1120,9 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.54" +version = "1.0.60" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a2af957a63d6bd42255c359c93d9bfdb97076bd3b820897ce55ffbfbf107f44" +checksum = "c700597eca8a5a762beb35753ef6b94df201c81cca676604f547495a0d7f0081" dependencies = [ "proc-macro2", "quote", @@ -879,13 +1131,13 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.1.0" +version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9" +checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22" dependencies = [ - "cfg-if 0.1.10", + "cfg-if 1.0.0", "libc", - "rand 0.7.3", + "rand", "redox_syscall", "remove_dir_all", "winapi", @@ -902,18 +1154,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.22" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e9ae34b84616eedaaf1e9dd6026dbe00dcafa92aa0c8077cb69df1fcfe5e53e" +checksum = "76cc616c6abf8c8928e2fdcc0dbfab37175edd8fb49a4641066ad1364fdab146" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.22" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ba20f23e85b10754cd195504aebf6a27e2e6cbe28c17778a0c930724628dd56" +checksum = "9be73a2caec27583d0046ef3796c3794f868a5bc813db689eed00c7631275cd1" dependencies = [ "proc-macro2", "quote", @@ -959,10 +1211,20 @@ dependencies = [ ] [[package]] -name = "tinyvec" -version = "1.1.0" +name = "tinytemplate" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccf8dbc19eb42fba10e8feaaec282fb50e2c14b2726d6301dbfeed0f73306a6f" +checksum = "a2ada8616fad06a2d0c455adc530de4ef57605a8120cc65da9653e0e9623ca74" +dependencies = [ + "serde", + "serde_json", +] + +[[package]] +name = "tinyvec" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "317cca572a0e89c3ce0ca1f1bdc9369547fe318a683418e42ac8f59d14701023" dependencies = [ "tinyvec_macros", ] @@ -975,9 +1237,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tungstenite" -version = "0.11.1" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0308d80d86700c5878b9ef6321f020f29b1bb9d5ff3cab25e75e23f3a492a23" +checksum = "8ada8297e8d70872fa9a551d93250a9f407beb9f37ef86494eb20012a2ff7c24" dependencies = [ "base64", "byteorder", @@ -987,7 +1249,7 @@ dependencies = [ "input_buffer", "log", "native-tls", - "rand 0.7.3", + "rand", "sha-1", "url", "utf-8", @@ -1088,16 +1350,16 @@ name = "vpncloud" version = "2.0.1" dependencies = [ "byteorder", + "criterion", "daemonize", "fnv", "igd", "libc", "log", "privdrop", - "rand 0.8.0", + "rand", "ring", "serde", - "serde_derive", "serde_yaml", "signal", "smallvec", @@ -1111,16 +1373,27 @@ dependencies = [ ] [[package]] -name = "wasi" -version = "0.9.0+wasi-snapshot-preview1" +name = "walkdir" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" +checksum = "777182bc735b6424e1a57516d35ed72cb8019d85c8c9bf536dccb3445c1a2f7d" +dependencies = [ + "same-file", + "winapi", + "winapi-util", +] + +[[package]] +name = "wasi" +version = "0.10.2+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" [[package]] name = "wasm-bindgen" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3cd364751395ca0f68cafb17666eee36b63077fb5ecd972bbcd74c90c4bf736e" +checksum = "55c0f7123de74f0dab9b7d00fd614e7b19349cd1e2f5252bbe9b1754b59433be" dependencies = [ "cfg-if 1.0.0", "wasm-bindgen-macro", @@ -1128,9 +1401,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1114f89ab1f4106e5b55e688b828c0ab0ea593a1ea7c094b141b14cbaaec2d62" +checksum = "7bc45447f0d4573f3d65720f636bbcc3dd6ce920ed704670118650bcd47764c7" dependencies = [ "bumpalo", "lazy_static", @@ -1143,9 +1416,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a6ac8995ead1f084a8dea1e65f194d0973800c7f571f6edd70adf06ecf77084" +checksum = "3b8853882eef39593ad4174dd26fc9865a64e84026d223f63bb2c42affcbba2c" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -1153,9 +1426,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5a48c72f299d80557c7c62e37e7225369ecc0c963964059509fbafe917c7549" +checksum = "4133b5e7f2a531fa413b3a1695e925038a05a71cf67e87dafa295cb645a01385" dependencies = [ "proc-macro2", "quote", @@ -1166,20 +1439,26 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.69" +version = "0.2.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e7811dd7f9398f14cc76efd356f98f03aa30419dea46aa810d71e819fc97158" +checksum = "dd4945e4943ae02d15c13962b38a5b1e81eadd4b71214eee75af64a4d6a4fd64" [[package]] name = "web-sys" -version = "0.3.46" +version = "0.3.47" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "222b1ef9334f92a21d3fb53dc3fd80f30836959a90f9274a626d7e06315ba3c3" +checksum = "c40dc691fc48003eba817c38da7113c15698142da971298003cac3ef175680b3" dependencies = [ "js-sys", "wasm-bindgen", ] +[[package]] +name = "wildmatch" +version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2399814fda0d6999a6bfe9b5c7660d836334deb162a09db8b73d5b38fd8c40a" + [[package]] name = "winapi" version = "0.3.9" @@ -1196,6 +1475,15 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + [[package]] name = "winapi-x86_64-pc-windows-gnu" version = "0.4.0" @@ -1219,9 +1507,9 @@ dependencies = [ [[package]] name = "yaml-rust" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39f0c922f1a334134dc2f7a8b67dc5d25f0735263feec974345ff706bcf20b0d" +checksum = "56c1936c4cc7a1c9ab21a1ebb602eb942ba868cbd44a99cb7cdc5892335e1c85" dependencies = [ "linked-hash-map", ] diff --git a/Cargo.toml b/Cargo.toml index 31fe59f..2eebdcf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,8 +14,7 @@ edition = "2018" [dependencies] time = "=0.2.22" structopt = "0.3" -serde = "1.0" -serde_derive = "1.0" +serde = { version = "1.0", features = ["derive"] } serde_yaml = "0.8" log = { version = "0.4", features = ["std"] } signal = "0.7" @@ -23,24 +22,29 @@ libc = "0.2" rand = "0.8" fnv = "1" yaml-rust = "0.4" -igd = { version = "0.11", optional = true } +igd = { version = "0.12", optional = true } daemonize = "0.4" ring = "0.16" privdrop = "0.5" -byteorder = "1.3" +byteorder = "1.4" thiserror = "1.0" -smallvec = "1.5" -tungstenite = "*" -url = "*" +smallvec = "1.6" +tungstenite = "0.12" +url = "2.2" [dev-dependencies] tempfile = "3" +criterion = "0.3" [features] default = ["nat"] bench = [] nat = ["igd"] +[[bench]] +name = "bench" +harness = false + [profile.release] lto = true diff --git a/benches/bench.rs b/benches/bench.rs new file mode 100644 index 0000000..5c2b676 --- /dev/null +++ b/benches/bench.rs @@ -0,0 +1,149 @@ +#![allow(dead_code, unused_macros, unused_imports)] +#[macro_use] extern crate serde; +#[macro_use] extern crate log; + +use criterion::{criterion_group, criterion_main, Criterion, Throughput}; + +use smallvec::smallvec; +use ring::aead; + +use std::str::FromStr; +use std::net::{SocketAddr, Ipv4Addr, SocketAddrV4, UdpSocket}; + +mod util { + include!("../src/util.rs"); +} +mod error { + include!("../src/error.rs"); +} +mod payload { + include!("../src/payload.rs"); +} +mod types { + include!("../src/types.rs"); +} +mod table { + include!("../src/table.rs"); +} +mod crypto_core { + include!("../src/crypto/core.rs"); +} + +pub use error::Error; +use util::{MockTimeSource, MsgBuffer}; +use types::{Address, Range}; +use table::{ClaimTable}; +use payload::{Packet, Frame, Protocol}; +use crypto_core::{create_dummy_pair, EXTRA_LEN}; + +fn udp_send(c: &mut Criterion) { + let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); + let data = [0; 1400]; + let addr = SocketAddrV4::new(Ipv4Addr::new(127, 0, 0, 1), 1); + let mut g = c.benchmark_group("udp_send"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("udp_send", |b| { + b.iter(|| sock.send_to(&data, &addr).unwrap()); + }); + g.finish(); +} + +fn decode_ipv4(c: &mut Criterion) { + let data = [0x40, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 192, 168, 1, 1, 192, 168, 1, 2]; + let mut g = c.benchmark_group("payload"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("decode_ipv4", |b| { + b.iter(|| Packet::parse(&data).unwrap()); + }); + g.finish(); +} + +fn decode_ipv6(c: &mut Criterion) { + let data = [ + 0x60, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 0, 9, 8, 7, 6, 5, 4, 3, 2, 1, 6, 5, + 4, 3, 2, 1 + ]; + let mut g = c.benchmark_group("payload"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("decode_ipv6", |b| { + b.iter(|| Packet::parse(&data).unwrap()); + }); + g.finish(); +} + +fn decode_ethernet(c: &mut Criterion) { + let data = [6, 5, 4, 3, 2, 1, 1, 2, 3, 4, 5, 6, 1, 2, 3, 4, 5, 6, 7, 8]; + let mut g = c.benchmark_group("payload"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("decode_ethernet", |b| { + b.iter(|| Frame::parse(&data).unwrap()); + }); + g.finish(); +} + +fn decode_ethernet_with_vlan(c: &mut Criterion) { + let data = [6, 5, 4, 3, 2, 1, 1, 2, 3, 4, 5, 6, 0x81, 0, 4, 210, 1, 2, 3, 4, 5, 6, 7, 8]; + let mut g = c.benchmark_group("payload"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("decode_ethernet_with_vlan", |b| { + b.iter(|| Frame::parse(&data).unwrap()); + }); + g.finish(); +} + +fn lookup_warm(c: &mut Criterion) { + let mut table = ClaimTable::::new(60, 60); + let addr = Address::from_str("1.2.3.4").unwrap(); + table.cache(addr, SocketAddr::from_str("1.2.3.4:3210").unwrap()); + let mut g = c.benchmark_group("table"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("lookup_warm", |b| { + b.iter(|| table.lookup(addr)); + }); + g.finish(); +} + +fn lookup_cold(c: &mut Criterion) { + let mut table = ClaimTable::::new(60, 60); + let addr = Address::from_str("1.2.3.4").unwrap(); + table.set_claims(SocketAddr::from_str("1.2.3.4:3210").unwrap(), smallvec![Range::from_str("1.2.3.4/32").unwrap()]); + let mut g = c.benchmark_group("table"); + g.throughput(Throughput::Bytes(1400)); + g.bench_function("lookup_cold", |b| { + b.iter(|| { + table.clear_cache(); + table.lookup(addr) + }); + }); + g.finish(); +} + +fn crypto_bench(c: &mut Criterion, algo: &'static aead::Algorithm) { + let mut buffer = MsgBuffer::new(EXTRA_LEN); + buffer.set_length(1400); + let (mut sender, mut receiver) = create_dummy_pair(algo); + let mut g = c.benchmark_group("crypto"); + g.throughput(Throughput::Bytes(2*1400)); + g.bench_function(format!("{:?}", algo), |b| { + b.iter(|| { + sender.encrypt(&mut buffer); + receiver.decrypt(&mut buffer).unwrap(); + }); + }); + g.finish() +} + +fn crypto_chacha20(c: &mut Criterion) { + crypto_bench(c, &aead::CHACHA20_POLY1305) +} + +fn crypto_aes128(c: &mut Criterion) { + crypto_bench(c, &aead::AES_128_GCM) +} + +fn crypto_aes256(c: &mut Criterion) { + crypto_bench(c, &aead::AES_256_GCM) +} + +criterion_group!(benches, udp_send, decode_ipv4, decode_ipv6, decode_ethernet, decode_ethernet_with_vlan, lookup_cold, lookup_warm, crypto_chacha20, crypto_aes128, crypto_aes256); +criterion_main!(benches); \ No newline at end of file diff --git a/builder/Dockerfile-deb b/builder/Dockerfile-deb index 27a9189..38b22ef 100644 --- a/builder/Dockerfile-deb +++ b/builder/Dockerfile-deb @@ -19,7 +19,7 @@ RUN useradd -ms /bin/bash user USER user WORKDIR /home/user -ENV RUST=1.48.0 +ENV RUST=1.49.0 RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} diff --git a/builder/Dockerfile-rpm b/builder/Dockerfile-rpm index 8210aee..9a90a28 100644 --- a/builder/Dockerfile-rpm +++ b/builder/Dockerfile-rpm @@ -7,7 +7,7 @@ RUN useradd -ms /bin/bash user USER user WORKDIR /home/user -ENV RUST=1.48.0 +ENV RUST=1.49.0 RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST} diff --git a/src/cloud.rs b/src/cloud.rs index 49797d5..9281f4e 100644 --- a/src/cloud.rs +++ b/src/cloud.rs @@ -26,7 +26,8 @@ use crate::{ device::{Device, Type}, error::Error, messages::{ - AddrList, NodeInfo, PeerInfo, MESSAGE_TYPE_CLOSE, MESSAGE_TYPE_DATA, MESSAGE_TYPE_KEEPALIVE, MESSAGE_TYPE_NODE_INFO + AddrList, NodeInfo, PeerInfo, MESSAGE_TYPE_CLOSE, MESSAGE_TYPE_DATA, MESSAGE_TYPE_KEEPALIVE, + MESSAGE_TYPE_NODE_INFO }, net::{mapped_addr, Socket}, payload::Protocol, @@ -35,7 +36,7 @@ use crate::{ table::ClaimTable, traffic::TrafficStats, types::{Address, Mode, NodeId, Range, RangeList}, - util::{addr_nice, resolve, CtrlC, Duration, MsgBuffer, StatsdMsg, Time, TimeSource} + util::{addr_nice, bytes_to_hex, resolve, CtrlC, Duration, MsgBuffer, StatsdMsg, Time, TimeSource} }; pub type Hash = BuildHasherDefault; @@ -121,6 +122,9 @@ impl GenericCloud { + info!("No address set on interface.") + } Err(e) => error!("{}", e) } } @@ -194,6 +198,7 @@ impl GenericCloud Result<(), Error> { + // HOT PATH debug!("Sending msg with {} bytes to {}", msg.len(), addr); self.traffic.count_out_traffic(addr, msg.len()); match self.socket.send(msg.message(), addr) { @@ -205,6 +210,7 @@ impl GenericCloud Result<(), Error> { + // HOT PATH debug!("Sending msg with {} bytes to {}", msg.len(), addr); let peer = match self.peers.get_mut(&addr) { Some(peer) => peer, @@ -222,6 +228,7 @@ impl GenericCloud GenericCloud GenericCloud GenericCloud Result<(), Error> { + // HOT PATH let (src, dst) = P::parse(data.message())?; debug!("Read data from interface: src: {}, dst: {}, {} bytes", src, dst, data.len()); self.traffic.count_out_payload(dst, src, data.len()); match self.table.lookup(dst) { Some(addr) => { + // HOT PATH // Peer found for destination debug!("Found destination for {} => {}", dst, addr); self.send_msg(addr, MESSAGE_TYPE_DATA, data)?; if !self.peers.contains_key(&addr) { + // COLD PATH // If the peer is not actually connected, remove the entry in the table and try // to reconnect. warn!("Destination for {} not found in peers: {}", dst, addr_nice(addr)); @@ -611,6 +629,7 @@ impl GenericCloud { + // COLD PATH if self.broadcast { debug!("No destination for {} found, broadcasting", dst); self.broadcast_msg(MESSAGE_TYPE_DATA, data)?; @@ -625,6 +644,16 @@ impl GenericCloud Result<(), Error> { info!("Added peer {}", addr_nice(addr)); + self.config.call_hook( + "peer_connected", + vec![ + ("PEER", format!("{:?}", addr_nice(addr))), + ("IFNAME", self.device.ifname().to_owned()), + ("CLAIMS", info.claims.iter().map(|r| format!("{:?}", r)).collect::>().join(" ")), + ("NODE_ID", bytes_to_hex(&info.node_id)), + ], + true + ); if let Some(init) = self.pending_inits.remove(&addr) { self.peers.insert(addr, PeerData { addrs: info.addrs.clone(), @@ -642,9 +671,18 @@ impl GenericCloud GenericCloud Result<(), Error> { + // HOT PATH let (src, dst) = P::parse(data.message())?; let len = data.len(); debug!("Writing data to device: {} bytes", len); @@ -706,11 +745,17 @@ impl GenericCloud, data: &mut MsgBuffer ) -> Result<(), Error> { + // HOT PATH match msg_result { MessageResult::Message(type_) => { + // HOT PATH match type_ { - MESSAGE_TYPE_DATA => self.handle_payload_from(src, data)?, + MESSAGE_TYPE_DATA => { + // HOT PATH + self.handle_payload_from(src, data)? + } MESSAGE_TYPE_NODE_INFO => { + // COLD PATH let info = match NodeInfo::decode(Cursor::new(data.message())) { Ok(val) => val, Err(err) => { @@ -720,31 +765,50 @@ impl GenericCloud self.update_peer_info(src, None)?, - MESSAGE_TYPE_CLOSE => self.remove_peer(src), + MESSAGE_TYPE_KEEPALIVE => { + // COLD PATH + self.update_peer_info(src, None)? + } + MESSAGE_TYPE_CLOSE => { + // COLD PATH + self.remove_peer(src) + } _ => { + // COLD PATH self.traffic.count_invalid_protocol(data.len()); return Err(Error::Message("Unknown message type")) } } } - MessageResult::Initialized(info) => self.add_new_peer(src, info)?, + MessageResult::Initialized(info) => { + // COLD PATH + self.add_new_peer(src, info)? + } MessageResult::InitializedWithReply(info) => { + // COLD PATH self.add_new_peer(src, info)?; self.send_to(src, data)? } - MessageResult::Reply => self.send_to(src, data)?, - MessageResult::None => () + MessageResult::Reply => { + // COLD PATH + self.send_to(src, data)? + } + MessageResult::None => { + // COLD PATH + } } Ok(()) } pub fn handle_net_message(&mut self, src: SocketAddr, data: &mut MsgBuffer) -> Result<(), Error> { + // HOT PATH let src = mapped_addr(src); debug!("Received {} bytes from {}", data.len(), src); let msg_result = if let Some(init) = self.pending_inits.get_mut(&src) { + // COLD PATH init.handle_message(data) } else if is_init_message(data.message()) { + // COLD PATH let mut result = None; if let Some(peer) = self.peers.get_mut(&src) { if peer.crypto.has_init() { @@ -758,6 +822,14 @@ impl GenericCloud { + self.config.call_hook( + "peer_connecting", + vec![ + ("PEER", format!("{:?}", addr_nice(src))), + ("IFNAME", self.device.ifname().to_owned()), + ], + true + ); self.pending_inits.insert(src, init); Ok(res) } @@ -768,15 +840,22 @@ impl GenericCloud self.handle_message(src, val, data), + Ok(val) => { + // HOT PATH + self.handle_message(src, val, data) + }, Err(err) => { + // COLD PATH self.traffic.count_invalid_protocol(data.len()); Err(err) } @@ -790,26 +869,36 @@ impl GenericCloud { + // COLD PATH debug!("Fatal crypto init error from {}: {}", src, e); info!("Closing pending connection to {} due to error in crypto init", addr_nice(src)); self.pending_inits.remove(&src); + self.config.call_hook( + "peer_disconnected", + vec![("PEER", format!("{:?}", addr_nice(src))), ("IFNAME", self.device.ifname().to_owned())], + true + ); } Err(e @ Error::CryptoInit(_)) => { + // COLD PATH debug!("Recoverable init error from {}: {}", src, e); info!("Ignoring invalid init message from peer {}", addr_nice(src)); } Err(e) => { + // COLD PATH error!("{}", e); } - Ok(_) => {} + Ok(_) => {} // HOT PATH } } fn handle_device_event(&mut self, buffer: &mut MsgBuffer) { + // HOT PATH try_fail!(self.device.read(buffer), "Failed to read from device: {}"); if let Err(e) = self.handle_interface_data(buffer) { error!("{}", e); @@ -828,9 +917,12 @@ impl GenericCloud { + // COLD PATH if poll_error { fail!("Poll wait failed again: {}", err); } @@ -842,6 +934,7 @@ impl GenericCloud self.handle_device_event(&mut buffer) } if self.next_housekeep < TS::now() { + // COLD PATH poll_error = false; if ctrlc.was_pressed() { break @@ -853,6 +946,7 @@ impl GenericCloud, pub user: Option, pub group: Option, + pub hook: Option, + pub hooks: HashMap } impl Default for Config { @@ -57,7 +67,7 @@ impl Default for Config { ifup: None, ifdown: None, crypto: CryptoConfig::default(), - listen: "[::]:3210".to_string(), + listen: "3210".to_string(), peers: vec![], peer_timeout: DEFAULT_PEER_TIMEOUT as Duration, keepalive: None, @@ -77,6 +87,8 @@ impl Default for Config { statsd_prefix: None, user: None, group: None, + hook: None, + hooks: HashMap::new() } } } @@ -181,6 +193,12 @@ impl Config { if !file.crypto.algorithms.is_empty() { self.crypto.algorithms = file.crypto.algorithms.clone(); } + if let Some(val) = file.hook { + self.hook = Some(val) + } + for (k, v) in file.hooks { + self.hooks.insert(k, v); + } } pub fn merge_args(&mut self, mut args: Args) { @@ -274,6 +292,16 @@ impl Config { if !args.algorithms.is_empty() { self.crypto.algorithms = args.algorithms.clone(); } + for s in args.hook { + if s.contains(':') { + let pos = s.find(':').unwrap(); + let name = &s[..pos]; + let hook = &s[pos+1..]; + self.hooks.insert(name.to_string(), hook.to_string()); + } else { + self.hook = Some(s); + } + } } pub fn get_keepalive(&self) -> Duration { @@ -282,6 +310,30 @@ impl Config { None => max(self.peer_timeout / 2 - 60, 1), } } + + pub fn call_hook( + &self, event: &'static str, envs: impl IntoIterator)>, detach: bool + ) { + let mut script = None; + if let Some(ref s) = self.hook { + script = Some(s); + } + if let Some(ref s) = self.hooks.get(event) { + script = Some(s); + } + if script.is_none() { + return + } + let script = script.unwrap(); + let mut cmd = process::Command::new("sh"); + cmd.arg("-c").arg(script).envs(envs).env("EVENT", event); + debug!("Running event script: {:?}", cmd); + if detach { + thread::spawn(move || run_cmd(cmd)); + } else { + run_cmd(cmd) + } + } } #[derive(StructOpt, Debug, Default)] @@ -307,7 +359,7 @@ pub struct Args { pub mode: Option, /// The shared password to encrypt all traffic - #[structopt(short, long, env, global = true)] + #[structopt(short, long, required_unless_one = &["private-key", "config", "genkey", "version", "completion"], env)] pub password: Option, /// The private key to use @@ -434,6 +486,10 @@ pub struct Args { #[structopt(long)] pub log_file: Option, + /// Call script on event + #[structopt(long)] + pub hook: Vec, + #[structopt(subcommand)] pub cmd: Option, } @@ -446,12 +502,20 @@ pub enum Command { WsProxy, + /// Migrate an old config file #[structopt(alias = "migrate")] MigrateConfig { /// Config file #[structopt(long)] config_file: String, }, + + /// Generate shell completions + Completion { + /// Shell to create completions for + #[structopt(long)] + shell: Shell + } } #[derive(Serialize, Deserialize, Debug, PartialEq, Default)] @@ -506,6 +570,8 @@ pub struct ConfigFile { pub statsd: Option, pub user: Option, pub group: Option, + pub hook: Option, + pub hooks: HashMap } #[test] @@ -576,7 +642,9 @@ statsd: statsd: Some(ConfigFileStatsd { server: Some("example.com:1234".to_string()), prefix: Some("prefix".to_string()) - }) + }), + hook: None, + hooks: HashMap::new() } ) } @@ -612,6 +680,8 @@ fn default_config_as_default() { statsd_prefix: None, user: None, group: None, + hook: None, + hooks: HashMap::new() }; let default_config_file = serde_yaml::from_str::(include_str!("../assets/example.net.disabled")).unwrap(); @@ -656,37 +726,36 @@ fn config_merge() { server: Some("example.com:1234".to_string()), prefix: Some("prefix".to_string()), }), + hook: None, + hooks: HashMap::new() + }); + assert_eq!(config, Config { + device_type: Type::Tun, + device_name: "vpncloud%d".to_string(), + device_path: None, + ip: None, + ifup: Some("ifconfig $IFNAME 10.0.1.1/16 mtu 1400 up".to_string()), + ifdown: Some("true".to_string()), + listen: "3210".to_string(), + peers: vec!["remote.machine.foo:3210".to_string(), "remote.machine.bar:3210".to_string()], + peer_timeout: 600, + keepalive: Some(840), + switch_timeout: 300, + beacon_store: Some("/run/vpncloud.beacon.out".to_string()), + beacon_load: Some("/run/vpncloud.beacon.in".to_string()), + beacon_interval: 7200, + beacon_password: Some("test123".to_string()), + mode: Mode::Normal, + port_forwarding: true, + claims: vec!["10.0.1.0/24".to_string()], + user: Some("nobody".to_string()), + group: Some("nogroup".to_string()), + pid_file: Some("/run/vpncloud.run".to_string()), + stats_file: Some("/var/log/vpncloud.stats".to_string()), + statsd_server: Some("example.com:1234".to_string()), + statsd_prefix: Some("prefix".to_string()), + ..Default::default() }); - assert_eq!( - config, - Config { - device_type: Type::Tun, - device_name: "vpncloud%d".to_string(), - device_path: None, - ip: None, - ifup: Some("ifconfig $IFNAME 10.0.1.1/16 mtu 1400 up".to_string()), - ifdown: Some("true".to_string()), - listen: "[::]:3210".to_string(), - peers: vec!["remote.machine.foo:3210".to_string(), "remote.machine.bar:3210".to_string()], - peer_timeout: 600, - keepalive: Some(840), - switch_timeout: 300, - beacon_store: Some("/run/vpncloud.beacon.out".to_string()), - beacon_load: Some("/run/vpncloud.beacon.in".to_string()), - beacon_interval: 7200, - beacon_password: Some("test123".to_string()), - mode: Mode::Normal, - port_forwarding: true, - claims: vec!["10.0.1.0/24".to_string()], - user: Some("nobody".to_string()), - group: Some("nogroup".to_string()), - pid_file: Some("/run/vpncloud.run".to_string()), - stats_file: Some("/var/log/vpncloud.stats".to_string()), - statsd_server: Some("example.com:1234".to_string()), - statsd_prefix: Some("prefix".to_string()), - ..Default::default() - } - ); config.merge_args(Args { type_: Some(Type::Tap), device: Some("vpncloud0".to_string()), @@ -694,7 +763,7 @@ fn config_merge() { ifup: Some("ifconfig $IFNAME 10.0.1.2/16 mtu 1400 up".to_string()), ifdown: Some("ifconfig $IFNAME down".to_string()), password: Some("anothersecret".to_string()), - listen: Some("3211".to_string()), + listen: Some("[::]:3211".to_string()), peer_timeout: Some(1801), keepalive: Some(850), switch_timeout: Some(301), @@ -715,41 +784,40 @@ fn config_merge() { group: Some("root".to_string()), ..Default::default() }); - assert_eq!( - config, - Config { - device_type: Type::Tap, - device_name: "vpncloud0".to_string(), - device_path: Some("/dev/null".to_string()), - fix_rp_filter: false, - ip: None, - ifup: Some("ifconfig $IFNAME 10.0.1.2/16 mtu 1400 up".to_string()), - ifdown: Some("ifconfig $IFNAME down".to_string()), - crypto: CryptoConfig { password: Some("anothersecret".to_string()), ..CryptoConfig::default() }, - listen: "[::]:3211".to_string(), - peers: vec![ - "remote.machine.foo:3210".to_string(), - "remote.machine.bar:3210".to_string(), - "another:3210".to_string() - ], - peer_timeout: 1801, - keepalive: Some(850), - switch_timeout: 301, - beacon_store: Some("/run/vpncloud.beacon.out2".to_string()), - beacon_load: Some("/run/vpncloud.beacon.in2".to_string()), - beacon_interval: 3600, - beacon_password: Some("test1234".to_string()), - mode: Mode::Switch, - port_forwarding: false, - claims: vec!["10.0.1.0/24".to_string()], - auto_claim: true, - user: Some("root".to_string()), - group: Some("root".to_string()), - pid_file: Some("/run/vpncloud-mynet.run".to_string()), - stats_file: Some("/var/log/vpncloud-mynet.stats".to_string()), - statsd_server: Some("example.com:2345".to_string()), - statsd_prefix: Some("prefix2".to_string()), - daemonize: true - } - ); + assert_eq!(config, Config { + device_type: Type::Tap, + device_name: "vpncloud0".to_string(), + device_path: Some("/dev/null".to_string()), + fix_rp_filter: false, + ip: None, + ifup: Some("ifconfig $IFNAME 10.0.1.2/16 mtu 1400 up".to_string()), + ifdown: Some("ifconfig $IFNAME down".to_string()), + crypto: CryptoConfig { password: Some("anothersecret".to_string()), ..CryptoConfig::default() }, + listen: "[::]:3211".to_string(), + peers: vec![ + "remote.machine.foo:3210".to_string(), + "remote.machine.bar:3210".to_string(), + "another:3210".to_string() + ], + peer_timeout: 1801, + keepalive: Some(850), + switch_timeout: 301, + beacon_store: Some("/run/vpncloud.beacon.out2".to_string()), + beacon_load: Some("/run/vpncloud.beacon.in2".to_string()), + beacon_interval: 3600, + beacon_password: Some("test1234".to_string()), + mode: Mode::Switch, + port_forwarding: false, + claims: vec!["10.0.1.0/24".to_string()], + auto_claim: true, + user: Some("root".to_string()), + group: Some("root".to_string()), + pid_file: Some("/run/vpncloud-mynet.run".to_string()), + stats_file: Some("/var/log/vpncloud-mynet.stats".to_string()), + statsd_server: Some("example.com:2345".to_string()), + statsd_prefix: Some("prefix2".to_string()), + daemonize: true, + hook: None, + hooks: HashMap::new() + }); } diff --git a/src/crypto/core.rs b/src/crypto/core.rs index 9afad84..da0ad01 100644 --- a/src/crypto/core.rs +++ b/src/crypto/core.rs @@ -1,41 +1,41 @@ -//! This module implements a crypto core for encrypting and decrypting message streams -//! -//! The crypto core only encrypts and decrypts messages, using given keys. Negotiating and rotating the keys is out of -//! scope of the crypto core. The crypto core assumes that the remote node will always have the necessary key to decrypt -//! the message. -//! -//! The crypto core encrypts messages in place, writes some extra data (key id and nonce) into a given space and -//! includes the given header data in the authentication tag. When decrypting messages, the crypto core reads the extra -//! data, uses the key id to find the right key to decrypting the message and then decrypts the message, using the given -//! nonce and including the given header data in the verification of the authentication tag. -//! -//! While the core only uses a single key at a time for encrypting messages, it is ready to decrypt messages based on -//! one of 4 stored keys (the encryption key being one of them). An external key rotation is responsible for adding the -//! key to the remote peer before switching to the key on the local peer for encryption. -//! -//! As mentioned, the encryption and decryption works in place. Therefore the parameter payload_and_tag contains (when -//! decrypting) or provides space for (when encrypting) the payload and the authentication tag. When encrypting, that -//! means, that the last TAG_LEN bytes of payload_and_tag must be reserved for the tag and must not contain payload -//! bytes. -//! -//! The nonce is a value of 12 bytes (192 bits). Since both nodes can use the same key for encryption, the most -//! significant byte (msb) of the nonce is initialized differently on both peers: one peer uses the value 0x00 and the -//! other one 0x80. That means that the nonce space is essentially divided in two halves, one for each node. -//! -//! To save space and keep the encrypted data aligned to 64 bits, not all bytes of the nonce are transferred. Instead, -//! only 7 bytes are included in messages (another byte is used for the key id, hence 64 bit alignment). The rest of the -//! nonce is deduced by the nodes: All other bytes are assumed to be 0x00, except for the most significant byte, which -//! is assumed to be the opposite ones own msb. This has two nice effects: -//! 1) Long before the nonce could theoretically repeat, the messages can no longer be decrypted by the peer as the -//! higher bytes are no longer zero as assumed. -//! 2) By deducing the msb to be the opposite of ones own msb, it is no longer possible for an attacker to redirect a -//! message back to the sender because then the assumed nonce will be wrong and the message fails to decrypt. Otherwise, -//! this could lead to problems as nodes would be able to accidentally decrypt their own messages. -//! -//! In order to be resistent against replay attacks but allow for reordering of messages, the crypto core uses nonce -//! pinning. For every active key, the biggest nonce seen so far is being tracked. Every second, the biggest nonce seen -//! one second ago plus 1 becomes the minimum nonce that is accepted for that key. That means, that reordering can -//! happen within one second but after a second, old messages will not be accepted anymore. +// This module implements a crypto core for encrypting and decrypting message streams +// +// The crypto core only encrypts and decrypts messages, using given keys. Negotiating and rotating the keys is out of +// scope of the crypto core. The crypto core assumes that the remote node will always have the necessary key to decrypt +// the message. +// +// The crypto core encrypts messages in place, writes some extra data (key id and nonce) into a given space and +// includes the given header data in the authentication tag. When decrypting messages, the crypto core reads the extra +// data, uses the key id to find the right key to decrypting the message and then decrypts the message, using the given +// nonce and including the given header data in the verification of the authentication tag. +// +// While the core only uses a single key at a time for encrypting messages, it is ready to decrypt messages based on +// one of 4 stored keys (the encryption key being one of them). An external key rotation is responsible for adding the +// key to the remote peer before switching to the key on the local peer for encryption. +// +// As mentioned, the encryption and decryption works in place. Therefore the parameter payload_and_tag contains (when +// decrypting) or provides space for (when encrypting) the payload and the authentication tag. When encrypting, that +// means, that the last TAG_LEN bytes of payload_and_tag must be reserved for the tag and must not contain payload +// bytes. +// +// The nonce is a value of 12 bytes (192 bits). Since both nodes can use the same key for encryption, the most +// significant byte (msb) of the nonce is initialized differently on both peers: one peer uses the value 0x00 and the +// other one 0x80. That means that the nonce space is essentially divided in two halves, one for each node. +// +// To save space and keep the encrypted data aligned to 64 bits, not all bytes of the nonce are transferred. Instead, +// only 7 bytes are included in messages (another byte is used for the key id, hence 64 bit alignment). The rest of the +// nonce is deduced by the nodes: All other bytes are assumed to be 0x00, except for the most significant byte, which +// is assumed to be the opposite ones own msb. This has two nice effects: +// 1) Long before the nonce could theoretically repeat, the messages can no longer be decrypted by the peer as the +// higher bytes are no longer zero as assumed. +// 2) By deducing the msb to be the opposite of ones own msb, it is no longer possible for an attacker to redirect a +// message back to the sender because then the assumed nonce will be wrong and the message fails to decrypt. Otherwise, +// this could lead to problems as nodes would be able to accidentally decrypt their own messages. +// +// In order to be resistent against replay attacks but allow for reordering of messages, the crypto core uses nonce +// pinning. For every active key, the biggest nonce seen so far is being tracked. Every second, the biggest nonce seen +// one second ago plus 1 becomes the minimum nonce that is accepted for that key. That means, that reordering can +// happen within one second but after a second, old messages will not be accepted anymore. use byteorder::{ReadBytesExt, WriteBytesExt}; use ring::{ @@ -454,37 +454,3 @@ mod tests { assert!(speed > 10.0); } } - -#[cfg(feature = "bench")] -mod benches { - - use super::*; - use test::Bencher; - - fn crypto_bench(b: &mut Bencher, algo: &'static aead::Algorithm) { - let mut buffer = MsgBuffer::new(EXTRA_LEN); - buffer.set_length(1400); - let (mut sender, mut receiver) = create_dummy_pair(algo); - b.iter(|| { - sender.encrypt(&mut buffer); - receiver.decrypt(&mut buffer).unwrap(); - }); - b.bytes = 1400; - } - - - #[bench] - fn crypto_chacha20(b: &mut Bencher) { - crypto_bench(b, &aead::CHACHA20_POLY1305) - } - - #[bench] - fn crypto_aes128(b: &mut Bencher) { - crypto_bench(b, &aead::AES_128_GCM) - } - - #[bench] - fn crypto_aes256(b: &mut Bencher) { - crypto_bench(b, &aead::AES_256_GCM) - } -} diff --git a/src/crypto/init.rs b/src/crypto/init.rs index 2895294..77688a5 100644 --- a/src/crypto/init.rs +++ b/src/crypto/init.rs @@ -1,54 +1,54 @@ -//! This module implements a 3-way handshake to initialize an authenticated and encrypted connection. -//! -//! The handshake assumes that each node has a asymmetric Curve 25519 key pair as well as a list of trusted public keys -//! and a set of supported crypto algorithms as well as the expected speed when using them. If successful, the handshake -//! will negotiate a crypto algorithm to use and a common ephemeral symmetric key and exchange a given payload between -//! the nodes. -//! -//! The handshake consists of 3 stages, "ping", "pong" and "peng". In the following description, the node that initiates -//! the connection is named "A" and the other node is named "B". Since a lot of things are going on in parallel in the -//! handshake, those aspects are described separately in the following paragraphs. -//! -//! Every message contains the node id of the sender. If a node receives a message with its own node id, it just ignores -//! it and closes the connection. This is the way nodes avoid to connect to themselves as it is not trivial for a node -//! to know its own addresses (especially in the case of NAT). -//! -//! All initialization messages are signed by the asymmetric key of the sender. Also the messages indicate the public -//! key being used, so the receiver can use the correct public key to verify the signature. The public key itself is not -//! attached to the message for privacy reasons (the public key is stable over multiple restarts while the node id is -//! only valid for a single run). Instead, a 2 byte salt value as well as the last 2 bytes of the salted sha 2 hash of -//! the public key are used to identify the public key. This way, a receiver that trusts this public key can identify -//! it but a random observer can't. If the public key is unknown or the signature can't be verified, the message is -//! ignored. -//! -//! Every message contains a byte that specifies the stage (ping = 1, pong = 2, peng = 3). If a message with an -//! unexpected stage is received, it is ignored and the last message that has been sent is repeated. There is only one -//! exception to this rule: if a "pong" message is expected, but a "ping" message is received instead AND the node id of -//! the sender is greater than the node id of the receiver, the receiving node will reset its state and assume the role -//! of a receiver of the initialization (i.e. "B"). This is used to "negotiate" the roles A and B when both nodes -//! initiate the connection in parallel and think they are A. -//! -//! Upon connection creation, both nodes create a random ephemeral ECDH key pair and exchange the public keys in the -//! ping and pong messages. A sends the ping message to B containing A's public key and B replies with a pong message -//! containing B's public key. That means, that after receiving the ping message B can calculate the shared key material -//! and after receiving the pong message A can calculate the shared key material. -//! -//! The ping message and the pong message contain a set of supported crypto algorithms together with the estimated -//! speeds of the algorithms. When B receives a ping message, or A receives a pong message, it can combine this -//! information with its own algorithm list and select the algorithm with the best expected speed for the crypto core. -//! -//! The pong and peng message contain the payload that the nodes want to exchange in the initialization phase apart from -//! the cryptographic initialization. This payload is encoded according to the application and encrypted using the key -//! material and the crypto algorithm that have been negotiated via the ping and pong messages. The pong message, -//! therefore contains information to set up symmetric encryption as well as a part that is already encrypted. -//! -//! The handshake ends for A after sending the peng message and for B after receiving this message. At this time both -//! nodes initialize the connection using the payload and enter normal operation. The negotiated crypto core is used for -//! future communication and the key rotation is started. Since the peng message can be lost, A needs to keep the -//! initialization state in order to repeat a lost peng message. After one second, A removes that state. -//! -//! Once every second, both nodes check whether they have already finished the initialization. If not, they repeat their -//! last message. After 5 seconds, the initialization is aborted as failed. +// This module implements a 3-way handshake to initialize an authenticated and encrypted connection. +// +// The handshake assumes that each node has a asymmetric Curve 25519 key pair as well as a list of trusted public keys +// and a set of supported crypto algorithms as well as the expected speed when using them. If successful, the handshake +// will negotiate a crypto algorithm to use and a common ephemeral symmetric key and exchange a given payload between +// the nodes. +// +// The handshake consists of 3 stages, "ping", "pong" and "peng". In the following description, the node that initiates +// the connection is named "A" and the other node is named "B". Since a lot of things are going on in parallel in the +// handshake, those aspects are described separately in the following paragraphs. +// +// Every message contains the node id of the sender. If a node receives a message with its own node id, it just ignores +// it and closes the connection. This is the way nodes avoid to connect to themselves as it is not trivial for a node +// to know its own addresses (especially in the case of NAT). +// +// All initialization messages are signed by the asymmetric key of the sender. Also the messages indicate the public +// key being used, so the receiver can use the correct public key to verify the signature. The public key itself is not +// attached to the message for privacy reasons (the public key is stable over multiple restarts while the node id is +// only valid for a single run). Instead, a 2 byte salt value as well as the last 2 bytes of the salted sha 2 hash of +// the public key are used to identify the public key. This way, a receiver that trusts this public key can identify +// it but a random observer can't. If the public key is unknown or the signature can't be verified, the message is +// ignored. +// +// Every message contains a byte that specifies the stage (ping = 1, pong = 2, peng = 3). If a message with an +// unexpected stage is received, it is ignored and the last message that has been sent is repeated. There is only one +// exception to this rule: if a "pong" message is expected, but a "ping" message is received instead AND the node id of +// the sender is greater than the node id of the receiver, the receiving node will reset its state and assume the role +// of a receiver of the initialization (i.e. "B"). This is used to "negotiate" the roles A and B when both nodes +// initiate the connection in parallel and think they are A. +// +// Upon connection creation, both nodes create a random ephemeral ECDH key pair and exchange the public keys in the +// ping and pong messages. A sends the ping message to B containing A's public key and B replies with a pong message +// containing B's public key. That means, that after receiving the ping message B can calculate the shared key material +// and after receiving the pong message A can calculate the shared key material. +// +// The ping message and the pong message contain a set of supported crypto algorithms together with the estimated +// speeds of the algorithms. When B receives a ping message, or A receives a pong message, it can combine this +// information with its own algorithm list and select the algorithm with the best expected speed for the crypto core. +// +// The pong and peng message contain the payload that the nodes want to exchange in the initialization phase apart from +// the cryptographic initialization. This payload is encoded according to the application and encrypted using the key +// material and the crypto algorithm that have been negotiated via the ping and pong messages. The pong message, +// therefore contains information to set up symmetric encryption as well as a part that is already encrypted. +// +// The handshake ends for A after sending the peng message and for B after receiving this message. At this time both +// nodes initialize the connection using the payload and enter normal operation. The negotiated crypto core is used for +// future communication and the key rotation is started. Since the peng message can be lost, A needs to keep the +// initialization state in order to repeat a lost peng message. After one second, A removes that state. +// +// Once every second, both nodes check whether they have already finished the initialization. If not, they repeat their +// last message. After 5 seconds, the initialization is aborted as failed. use super::{ diff --git a/src/crypto/mod.rs b/src/crypto/mod.rs index 75d6bda..5b47644 100644 --- a/src/crypto/mod.rs +++ b/src/crypto/mod.rs @@ -347,6 +347,7 @@ impl PeerCrypto

{ } fn decrypt_message(&mut self, buffer: &mut MsgBuffer) -> Result<(), Error> { + // HOT PATH if self.unencrypted { return Ok(()) } @@ -354,18 +355,22 @@ impl PeerCrypto

{ } pub fn handle_message(&mut self, buffer: &mut MsgBuffer) -> Result, Error> { + // HOT PATH if buffer.is_empty() { return Err(Error::InvalidCryptoState("No message in buffer")) } if is_init_message(buffer.buffer()) { + // COLD PATH debug!("Received init message"); buffer.take_prefix(); self.handle_init_message(buffer) } else { + // HOT PATH debug!("Received encrypted message"); self.decrypt_message(buffer)?; let msg_type = buffer.take_prefix(); if msg_type == MESSAGE_TYPE_ROTATION { + // COLD PATH debug!("Received rotation message"); self.handle_rotate_message(buffer.buffer())?; buffer.clear(); @@ -377,6 +382,7 @@ impl PeerCrypto

{ } pub fn send_message(&mut self, type_: u8, buffer: &mut MsgBuffer) -> Result<(), Error> { + // HOT PATH assert_ne!(type_, MESSAGE_TYPE_ROTATION); buffer.prepend_byte(type_); self.encrypt_message(buffer) @@ -419,6 +425,7 @@ impl PeerCrypto

{ } pub fn is_init_message(msg: &[u8]) -> bool { + // HOT PATH !msg.is_empty() && msg[0] == INIT_MESSAGE_FIRST_BYTE } diff --git a/src/crypto/rotate.rs b/src/crypto/rotate.rs index e11f0ff..e9dc138 100644 --- a/src/crypto/rotate.rs +++ b/src/crypto/rotate.rs @@ -1,29 +1,29 @@ -//! This module implements a turn based key rotation. -//! -//! The main idea is that both peers periodically create ecdh key pairs and exchange their public keys to create -//! common key material. There are always two separate ecdh handshakes going on: one initiated by each peer. -//! However, one handshake is always one step ahead of the other. That means that every message being sent contains a -//! public key from step 1 of the handshake "proposed key" and a public key from step 2 of the handshake "confirmed -//! key" (all messages except first message). -//! -//! When receiving a message from the peer, the node will create a new ecdh key pair and perform the key -//! calculation for the proposed key. The peer will store the public key for the confirmation as pending to be -//! confirmed in the next cycle. Also, if the message contains a confirmation (all but the very first message do), -//! the node will use the stored private key to perform the ecdh key calculation and emit that key to be used in -//! the crypto stream. -//! -//! Upon each cycle, a node first checks if it still has a proposed key that has not been confirmed by the remote -//! peer. If so, a message must have been lost and the whole last message including the proposed key as well as the -//! last confirmed key is being resent. If no proposed key is stored, the node will create a new ecdh key pair, and -//! store the private key as proposed key. It then sends out a message containing the public key as proposal, as -//! well as confirming the pending key. This key is also emitted to be added to the crypto stream but not to be -//! used for encrypting. -//! -//! Monotonically increasing message ids guard the communication from message duplication and also serve as -//! identifiers for the keys to be used in the crypto stream. Since the keys are rotating, the last 2 bits of the -//! id are enough to identify the key. -//! -//! The whole communication is sent via the crypto stream and is therefore encrypted and protected against tampering. +// This module implements a turn based key rotation. +// +// The main idea is that both peers periodically create ecdh key pairs and exchange their public keys to create +// common key material. There are always two separate ecdh handshakes going on: one initiated by each peer. +// However, one handshake is always one step ahead of the other. That means that every message being sent contains a +// public key from step 1 of the handshake "proposed key" and a public key from step 2 of the handshake "confirmed +// key" (all messages except first message). +// +// When receiving a message from the peer, the node will create a new ecdh key pair and perform the key +// calculation for the proposed key. The peer will store the public key for the confirmation as pending to be +// confirmed in the next cycle. Also, if the message contains a confirmation (all but the very first message do), +// the node will use the stored private key to perform the ecdh key calculation and emit that key to be used in +// the crypto stream. +// +// Upon each cycle, a node first checks if it still has a proposed key that has not been confirmed by the remote +// peer. If so, a message must have been lost and the whole last message including the proposed key as well as the +// last confirmed key is being resent. If no proposed key is stored, the node will create a new ecdh key pair, and +// store the private key as proposed key. It then sends out a message containing the public key as proposal, as +// well as confirming the pending key. This key is also emitted to be added to the crypto stream but not to be +// used for encrypting. +// +// Monotonically increasing message ids guard the communication from message duplication and also serve as +// identifiers for the keys to be used in the crypto stream. Since the keys are rotating, the last 2 bits of the +// id are enough to identify the key. +// +// The whole communication is sent via the crypto stream and is therefore encrypted and protected against tampering. use super::{Error, Key, MsgBuffer}; use byteorder::{NetworkEndian, ReadBytesExt, WriteBytesExt}; diff --git a/src/device.rs b/src/device.rs index 34c7b18..290539b 100644 --- a/src/device.rs +++ b/src/device.rs @@ -5,12 +5,12 @@ use std::{ cmp, collections::VecDeque, + convert::TryInto, fmt, fs::{self, File}, io::{self, BufRead, BufReader, Cursor, Error as IoError, Read, Write}, net::{Ipv4Addr, UdpSocket}, os::unix::io::{AsRawFd, RawFd}, - convert::TryInto, str, str::FromStr }; @@ -36,7 +36,7 @@ struct IfReq { impl IfReq { fn new(name: &str) -> Self { assert!(name.len() < libc::IF_NAMESIZE); - let mut ifr_name = [0 as u8; libc::IF_NAMESIZE]; + let mut ifr_name = [0; libc::IF_NAMESIZE]; ifr_name[..name.len()].clone_from_slice(name.as_bytes()); Self { ifr_name, data: IfReqData { _dummy: [0; 24] } } } @@ -329,7 +329,7 @@ impl Device for MockDevice { } fn ifname(&self) -> &str { - unimplemented!() + "mock0" } fn read(&mut self, buffer: &mut MsgBuffer) -> Result<(), Error> { diff --git a/src/main.rs b/src/main.rs index a7d9a9e..cb39a4e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -2,17 +2,10 @@ // Copyright (C) 2015-2020 Dennis Schwerdel // This software is licensed under GPL-3 or newer (see LICENSE.md) -#![cfg_attr(feature = "bench", feature(test))] +#[macro_use] extern crate log; +#[macro_use] extern crate serde; -#[macro_use] -extern crate log; -#[macro_use] -extern crate serde_derive; - -#[cfg(test)] -extern crate tempfile; -#[cfg(feature = "bench")] -extern crate test; +#[cfg(test)] extern crate tempfile; #[macro_use] pub mod util; @@ -47,7 +40,7 @@ use std::{ process, str::FromStr, sync::Mutex, - thread, + thread }; use crate::{ @@ -59,11 +52,11 @@ use crate::{ oldconfig::OldConfigFile, payload::Protocol, util::SystemTimeSource, - wsproxy::ProxyConnection, + wsproxy::ProxyConnection }; struct DualLogger { - file: Option>, + file: Option> } impl DualLogger { @@ -119,18 +112,18 @@ fn run_script(script: &str, ifname: &str) { error!("Script returned with error: {:?}", status.code()) } } - Err(e) => error!("Failed to execute script {:?}: {}", script, e), + Err(e) => error!("Failed to execute script {:?}: {}", script, e) } } fn parse_ip_netmask(addr: &str) -> Result<(Ipv4Addr, Ipv4Addr), String> { let (ip_str, len_str) = match addr.find('/') { Some(pos) => (&addr[..pos], &addr[pos + 1..]), - None => (addr, "24"), + None => (addr, "24") }; let prefix_len = u8::from_str(len_str).map_err(|_| format!("Invalid prefix length: {}", len_str))?; if prefix_len > 32 { - return Err(format!("Invalid prefix length: {}", prefix_len)); + return Err(format!("Invalid prefix length: {}", prefix_len)) } let ip = Ipv4Addr::from_str(ip_str).map_err(|_| format!("Invalid ip address: {}", ip_str))?; let netmask = Ipv4Addr::from(u32::max_value().checked_shl(32 - prefix_len as u32).unwrap()); @@ -145,6 +138,7 @@ fn setup_device(config: &Config) -> TunTapDevice { config.device_name ); info!("Opened device {}", device.ifname()); + config.call_hook("device_setup", vec![("IFNAME", device.ifname())], true); if let Err(err) = device.set_mtu(None) { error!("Error setting optimal MTU on {}: {}", device.ifname(), err); } @@ -164,6 +158,7 @@ fn setup_device(config: &Config) -> TunTapDevice { warn!("Your networking configuration might be affected by a vulnerability (https://vpncloud.ddswd.de/docs/security/cve-2019-14899/), please change your rp_filter setting to 1 (currently {}).", val); } } + config.call_hook("device_configured", vec![("IFNAME", device.ifname())], true); device } @@ -228,7 +223,7 @@ fn main() { let args: Args = Args::from_args(); if args.version { println!("VpnCloud v{}", env!("CARGO_PKG_VERSION")); - return; + return } let logger = try_fail!(DualLogger::new(args.log_file.as_ref()), "Failed to open logfile: {}"); log::set_boxed_logger(Box::new(logger)).unwrap(); @@ -269,11 +264,15 @@ fn main() { ); try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}"); } + Command::Completion { shell } => { + Args::clap().gen_completions_to(env!("CARGO_PKG_NAME"), shell, &mut io::stdout()); + return + } Command::WsProxy => { wsproxy::run_proxy(); } } - return; + return } let mut config = Config::default(); if let Some(ref file) = args.config { @@ -298,19 +297,19 @@ fn main() { debug!("Config: {:?}", config); if config.crypto.password.is_none() && config.crypto.private_key.is_none() { error!("Either password or private key must be set in config or given as parameter"); - return; + return } if config.listen.starts_with("ws://") { let socket = try_fail!(ProxyConnection::listen(&config.listen), "Failed to open socket {}: {}", config.listen); match config.device_type { Type::Tap => run::(config, socket), - Type::Tun => run::(config, socket), + Type::Tun => run::(config, socket) } } else { let socket = try_fail!(UdpSocket::listen(&config.listen), "Failed to open socket {}: {}", config.listen); match config.device_type { Type::Tap => run::(config, socket), - Type::Tun => run::(config, socket), + Type::Tun => run::(config, socket) } } } diff --git a/src/net.rs b/src/net.rs index 6ea964a..c2ac39f 100644 --- a/src/net.rs +++ b/src/net.rs @@ -14,6 +14,7 @@ use super::util::{MockTimeSource, MsgBuffer, Time, TimeSource}; use crate::port_forwarding::PortForwarding; pub fn mapped_addr(addr: SocketAddr) -> SocketAddr { + // HOT PATH match addr { SocketAddr::V4(addr4) => SocketAddr::new(IpAddr::V6(addr4.ip().to_ipv6_mapped()), addr4.port()), _ => addr @@ -177,4 +178,4 @@ mod bench { b.iter(|| sock.send_to(&data, &addr).unwrap()); b.bytes = 1400; } -} +} \ No newline at end of file diff --git a/src/oldconfig.rs b/src/oldconfig.rs index 0a717a0..330336f 100644 --- a/src/oldconfig.rs +++ b/src/oldconfig.rs @@ -1,5 +1,6 @@ use super::{device::Type, types::Mode, util::Duration}; use crate::config::{ConfigFile, ConfigFileBeacon, ConfigFileDevice, ConfigFileStatsd, CryptoConfig}; +use std::collections::HashMap; #[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Copy)] pub enum OldCryptoMethod { @@ -112,12 +113,11 @@ impl OldConfigFile { pid_file: self.pid_file, port_forwarding: self.port_forwarding, stats_file: self.stats_file, - statsd: Some(ConfigFileStatsd { - prefix: self.statsd_prefix, - server: self.statsd_server - }), + statsd: Some(ConfigFileStatsd { prefix: self.statsd_prefix, server: self.statsd_server }), switch_timeout: self.dst_timeout, - user: self.user + user: self.user, + hook: None, + hooks: HashMap::new() } } -} \ No newline at end of file +} diff --git a/src/payload.rs b/src/payload.rs index 25d7e05..92919fe 100644 --- a/src/payload.rs +++ b/src/payload.rs @@ -23,6 +23,7 @@ impl Protocol for Frame { /// # Errors /// This method will fail when the given data is not a valid ethernet frame. fn parse(data: &[u8]) -> Result<(Address, Address), Error> { + // HOT PATH let mut cursor = Cursor::new(data); let mut src = [0; 16]; let mut dst = [0; 16]; @@ -77,26 +78,6 @@ fn decode_invalid_frame() { assert!(Frame::parse(&[6, 5, 4, 3, 2, 1, 1, 2, 3, 4, 5, 6, 0x81, 0x00]).is_err()); } -#[cfg(feature = "bench")] -mod bench_ethernet { - use super::*; - use test::Bencher; - - #[bench] - fn decode_ethernet(b: &mut Bencher) { - let data = [6, 5, 4, 3, 2, 1, 1, 2, 3, 4, 5, 6, 1, 2, 3, 4, 5, 6, 7, 8]; - b.iter(|| Frame::parse(&data).unwrap()); - b.bytes = 1400; - } - - #[bench] - fn decode_ethernet_with_vlan(b: &mut Bencher) { - let data = [6, 5, 4, 3, 2, 1, 1, 2, 3, 4, 5, 6, 0x81, 0, 4, 210, 1, 2, 3, 4, 5, 6, 7, 8]; - b.iter(|| Frame::parse(&data).unwrap()); - b.bytes = 1400; - } -} - /// An IP packet dissector /// /// This dissector is able to extract the source and destination ip addresses of ipv4 packets and @@ -110,6 +91,7 @@ impl Protocol for Packet { /// # Errors /// This method will fail when the given data is not a valid ipv4 and ipv6 packet. fn parse(data: &[u8]) -> Result<(Address, Address), Error> { + // HOT PATH if data.is_empty() { return Err(Error::Parse("Empty header")) } @@ -176,28 +158,4 @@ fn decode_invalid_packet() { 4, 3, 2 ]) .is_err()); -} - - -#[cfg(feature = "bench")] -mod bench_ip { - use super::*; - use test::Bencher; - - #[bench] - fn decode_ipv4(b: &mut Bencher) { - let data = [0x40, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 192, 168, 1, 1, 192, 168, 1, 2]; - b.iter(|| Packet::parse(&data).unwrap()); - b.bytes = 1400; - } - - #[bench] - fn decode_ipv6(b: &mut Bencher) { - let data = [ - 0x60, 0, 0, 0, 0, 0, 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 0, 9, 8, 7, 6, 5, 4, 3, 2, 1, 6, - 5, 4, 3, 2, 1 - ]; - b.iter(|| Packet::parse(&data).unwrap()); - b.bytes = 1400; - } -} +} \ No newline at end of file diff --git a/src/table.rs b/src/table.rs index cefa194..a74e4cd 100644 --- a/src/table.rs +++ b/src/table.rs @@ -41,9 +41,14 @@ impl ClaimTable { } pub fn cache(&mut self, addr: Address, peer: SocketAddr) { + // HOT PATH self.cache.insert(addr, CacheValue { peer, timeout: TS::now() + self.cache_timeout as Time }); } + pub fn clear_cache(&mut self) { + self.cache.clear() + } + pub fn set_claims(&mut self, peer: SocketAddr, mut claims: RangeList) { for entry in &mut self.claims { if entry.peer == peer { @@ -85,9 +90,11 @@ impl ClaimTable { } pub fn lookup(&mut self, addr: Address) -> Option { + // HOT PATH if let Some(entry) = self.cache.get(&addr) { return Some(entry.peer) } + // COLD PATH let mut found = None; let mut prefix_len = -1; for entry in &self.claims { @@ -148,37 +155,4 @@ impl ClaimTable { } } -// TODO: test - -#[cfg(feature = "bench")] -mod bench { - use super::*; - use crate::util::MockTimeSource; - - use smallvec::smallvec; - use std::str::FromStr; - use test::Bencher; - - #[bench] - fn lookup_warm(b: &mut Bencher) { - let mut table = ClaimTable::::new(60, 60); - let addr = Address::from_str("1.2.3.4").unwrap(); - table.cache(addr, SocketAddr::from_str("1.2.3.4:3210").unwrap()); - b.iter(|| table.lookup(addr)); - b.bytes = 1400; - } - - #[bench] - fn lookup_cold(b: &mut Bencher) { - let mut table = ClaimTable::::new(60, 60); - let addr = Address::from_str("1.2.3.4").unwrap(); - table.set_claims(SocketAddr::from_str("1.2.3.4:3210").unwrap(), smallvec![ - Range::from_str("1.2.3.4/32").unwrap() - ]); - b.iter(|| { - table.cache.clear(); - table.lookup(addr) - }); - b.bytes = 1400; - } -} +// TODO: test \ No newline at end of file diff --git a/src/tests/mod.rs b/src/tests/mod.rs index c9e7f6a..6632bc6 100644 --- a/src/tests/mod.rs +++ b/src/tests/mod.rs @@ -9,7 +9,8 @@ mod peers; use std::{ collections::{HashMap, VecDeque}, io::Write, - net::{IpAddr, Ipv6Addr, SocketAddr}, + net::SocketAddr, + str::FromStr, sync::{ atomic::{AtomicUsize, Ordering}, Once @@ -89,16 +90,17 @@ impl Simulator

{ pub fn add_node(&mut self, nat: bool, config: &Config) -> SocketAddr { let mut config = config.clone(); MockSocket::set_nat(nat); - config.listen = SocketAddr::new(IpAddr::V6(Ipv6Addr::UNSPECIFIED), self.next_port); + config.listen = format!("[::]:{}", self.next_port); if config.crypto.password.is_none() && config.crypto.private_key.is_none() { config.crypto.password = Some("test123".to_string()) } DebugLogger::set_node(self.next_port as usize); self.next_port += 1; - let node = TestNode::new(&config, MockDevice::new(), None, None); + let addr = SocketAddr::from_str(&config.listen).unwrap(); + let node = TestNode::new(&config, MockSocket::new(addr), MockDevice::new(), None, None); DebugLogger::set_node(0); - self.nodes.insert(config.listen, node); - config.listen + self.nodes.insert(addr, node); + addr } #[allow(dead_code)] diff --git a/src/traffic.rs b/src/traffic.rs index ad868fd..656c312 100644 --- a/src/traffic.rs +++ b/src/traffic.rs @@ -83,21 +83,25 @@ pub struct TrafficStats { impl TrafficStats { #[inline] pub fn count_out_traffic(&mut self, peer: SocketAddr, bytes: usize) { + // HOT PATH self.peers.entry(peer).or_insert_with(TrafficEntry::default).count_out(bytes); } #[inline] pub fn count_in_traffic(&mut self, peer: SocketAddr, bytes: usize) { + // HOT PATH self.peers.entry(peer).or_insert_with(TrafficEntry::default).count_in(bytes); } #[inline] pub fn count_out_payload(&mut self, remote: Address, local: Address, bytes: usize) { + // HOT PATH self.payload.entry((remote, local)).or_insert_with(TrafficEntry::default).count_out(bytes); } #[inline] pub fn count_in_payload(&mut self, remote: Address, local: Address, bytes: usize) { + // HOT PATH self.payload.entry((remote, local)).or_insert_with(TrafficEntry::default).count_in(bytes); } diff --git a/src/util.rs b/src/util.rs index 42a53b1..e1c4ae5 100644 --- a/src/util.rs +++ b/src/util.rs @@ -2,31 +2,31 @@ // Copyright (C) 2015-2020 Dennis Schwerdel // This software is licensed under GPL-3 or newer (see LICENSE.md) +use std::process::Command; use std::{ fmt, net::{Ipv4Addr, SocketAddr, ToSocketAddrs, UdpSocket}, - sync::atomic::{AtomicIsize, Ordering} + sync::atomic::{AtomicIsize, Ordering}, }; use crate::error::Error; -#[cfg(not(target_os = "linux"))] use time; +#[cfg(not(target_os = "linux"))] +use time; use signal::{trap::Trap, Signal}; use smallvec::SmallVec; use std::time::Instant; - pub type Duration = u32; pub type Time = i64; - #[derive(Clone)] pub struct MsgBuffer { space_before: usize, buffer: [u8; 65535], start: usize, - end: usize + end: usize, } impl MsgBuffer { @@ -98,7 +98,6 @@ impl MsgBuffer { } } - const HEX_CHARS: &[u8] = b"0123456789abcdef"; pub fn bytes_to_hex(bytes: &[u8]) -> String { @@ -113,13 +112,12 @@ pub fn bytes_to_hex(bytes: &[u8]) -> String { pub fn addr_nice(addr: SocketAddr) -> SocketAddr { if let SocketAddr::V6(v6addr) = addr { if let Some(ip) = v6addr.ip().to_ipv4() { - return (ip, addr.port()).into() + return (ip, addr.port()).into(); } } addr } - pub struct Encoder; impl Encoder { @@ -172,7 +170,6 @@ impl Encoder { } } - macro_rules! fail { ($format:expr) => ( { use std::process; @@ -215,17 +212,14 @@ pub fn get_internal_ip() -> Ipv4Addr { } } - #[allow(unknown_lints, clippy::needless_pass_by_value)] pub fn resolve(addr: Addr) -> Result, Error> { let mut addrs = addr.to_socket_addrs().map_err(|_| Error::NameUnresolvable(format!("{:?}", addr)))?.collect::>(); // Try IPv4 first as it usually is faster - addrs.sort_by_key(|addr| { - match *addr { - SocketAddr::V4(_) => 4, - SocketAddr::V6(_) => 6 - } + addrs.sort_by_key(|addr| match *addr { + SocketAddr::V4(_) => 4, + SocketAddr::V6(_) => 6, }); // Remove duplicates in addrs (why are there duplicates???) addrs.dedup(); @@ -239,7 +233,6 @@ macro_rules! addr { }}; } - pub struct Bytes(pub u64); impl fmt::Display for Bytes { @@ -248,31 +241,30 @@ impl fmt::Display for Bytes { if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.0} B", size) + return write!(formatter, "{:.0} B", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} KiB", size) + return write!(formatter, "{:.1} KiB", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} MiB", size) + return write!(formatter, "{:.1} MiB", size); } if size >= 512.0 { size /= 1024.0; } else { - return write!(formatter, "{:.1} GiB", size) + return write!(formatter, "{:.1} GiB", size); } write!(formatter, "{:.1} TiB", size) } } - pub struct CtrlC { dummy_time: Instant, - trap: Trap + trap: Trap, } impl CtrlC { @@ -293,7 +285,6 @@ impl Default for CtrlC { } } - pub trait TimeSource: Sync + Copy + Send + 'static { fn now() -> Time; } @@ -336,7 +327,6 @@ impl TimeSource for MockTimeSource { } } - /// Helper function that multiplies the base62 data in buf[0..buflen] by 16 and adds m to it fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize { let mut d: usize = m as usize; @@ -356,7 +346,7 @@ fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize { const BASE62: [char; 62] = [ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', - 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' + 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', ]; pub fn to_base62(data: &[u8]) -> String { @@ -382,7 +372,7 @@ pub fn from_base62(data: &str) -> Result, char> { '0'..='9' => ((c as usize) % ('0' as usize)), 'A'..='Z' => ((c as usize) % ('A' as usize)) + 10, 'a'..='z' => ((c as usize) % ('a' as usize)) + 36, - _ => return Err(c) + _ => return Err(c), }; for item in &mut buf { val += *item as usize * 62; @@ -397,11 +387,10 @@ pub fn from_base62(data: &str) -> Result, char> { Ok(buf) } - #[derive(Default)] pub struct StatsdMsg { entries: Vec, - key: Vec + key: Vec, } impl StatsdMsg { @@ -426,6 +415,16 @@ impl StatsdMsg { } } +pub fn run_cmd(mut cmd: Command) { + match cmd.status() { + Ok(status) => { + if !status.success() { + error!("Command returned error: {:?}", status.code()) + } + } + Err(e) => error!("Failed to execute command {:?}: {}", cmd, e), + } +} #[test] fn base62() {