dswd
/
vpncloud
mirror of https://github.com/dswd/vpncloud.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Compare commits

base: dswd:16da58b8df5fdb6be42ed6e2491191ac3e6405f5
Branches Tags
dswd:master
dswd:dependabot/cargo/serde-1.0.194
dswd:dependabot/cargo/serde_yaml-0.9.30
dswd:dependabot/cargo/thiserror-1.0.56
dswd:dependabot/cargo/unsafe-libyaml-0.2.10
dswd:dependabot/cargo/libc-0.2.151
dswd:dependabot/cargo/rustix-0.38.19
dswd:threading
dswd:snap
dswd:windows
dswd:v1
dswd:v2.3.0
dswd:v2.2.0
dswd:v2.1.0
dswd:v2.0.1
dswd:v2.0.0
dswd:v1.4.0
dswd:v1.3.0
dswd:v1.2.1
dswd:v1.2.0
dswd:v1.1.0
dswd:v1.0.0
dswd:v0.9.1
dswd:v0.9.0
dswd:v0.8.2
dswd:v0.8.1
dswd:v0.8.0
dswd:v0.7.0
dswd:v0.6.0
dswd:v0.5.0
dswd:v0.4.3
dswd:v0.4.2
dswd:v0.4.1
dswd:v0.4.0
dswd:v0.3.1
dswd:v0.3.0
dswd:v0.2.0
dswd:v0.1.0
..
compare: dswd:800e28440893db53dd26cfd542c0c3ad35af4669
Branches Tags
dswd:master
dswd:dependabot/cargo/serde-1.0.194
dswd:dependabot/cargo/serde_yaml-0.9.30
dswd:dependabot/cargo/thiserror-1.0.56
dswd:dependabot/cargo/unsafe-libyaml-0.2.10
dswd:dependabot/cargo/libc-0.2.151
dswd:dependabot/cargo/rustix-0.38.19
dswd:threading
dswd:snap
dswd:windows
dswd:v1
dswd:v2.3.0
dswd:v2.2.0
dswd:v2.1.0
dswd:v2.0.1
dswd:v2.0.0
dswd:v1.4.0
dswd:v1.3.0
dswd:v1.2.1
dswd:v1.2.0
dswd:v1.1.0
dswd:v1.0.0
dswd:v0.9.1
dswd:v0.9.0
dswd:v0.8.2
dswd:v0.8.1
dswd:v0.8.0
dswd:v0.7.0
dswd:v0.6.0
dswd:v0.5.0
dswd:v0.4.3
dswd:v0.4.2
dswd:v0.4.1
dswd:v0.4.0
dswd:v0.3.1
dswd:v0.3.0
dswd:v0.2.0
dswd:v0.1.0

No commits in common. "16da58b8df5fdb6be42ed6e2491191ac3e6405f5" and "800e28440893db53dd26cfd542c0c3ad35af4669" have entirely different histories.
16da58b8df ... 800e284408

10 changed files with 234 additions and 279 deletions
Show Stats Expand all files Collapse all files

165
contrib/measurements/2020-09-24_2.0-pre_perf.json Normal file
View File

@ -0,0 +1,165 @@
{
"meta": {
"region": "eu-central-1",
"instance_type": "m5.large",
"ami": "ami-00a205cb8e06c3c4e",
"version": "2.0-pre",
"duration": 621.4215319156647
},
"native": {
"iperf": {
"throughput": 9680424000.0,
"cpu_sender": 12.878548,
"cpu_receiver": 66.330665
},
"ping_100": {
"rtt_min": 0.045,
"rtt_max": 0.204,
"rtt_avg": 0.052,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.047,
"rtt_max": 0.213,
"rtt_avg": 0.054,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.048,
"rtt_max": 0.629,
"rtt_avg": 0.055,
"pkt_loss": 0.0
}
},
"plain": {
"iperf": {
"throughput": 5733394000.0,
"cpu_sender": 11.835632,
"cpu_receiver": 67.865656
},
"ping_100": {
"rtt_min": 0.074,
"rtt_max": 3.375,
"rtt_avg": 0.093,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.076,
"rtt_max": 1.886,
"rtt_avg": 0.095,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.076,
"rtt_max": 1.873,
"rtt_avg": 0.094,
"pkt_loss": 0.0
}
},
"aes256": {
"iperf": {
"throughput": 3917323000.0,
"cpu_sender": 7.746875,
"cpu_receiver": 65.508621
},
"ping_100": {
"rtt_min": 0.076,
"rtt_max": 1.527,
"rtt_avg": 0.093,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.075,
"rtt_max": 1.969,
"rtt_avg": 0.094,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.079,
"rtt_max": 1.973,
"rtt_avg": 0.096,
"pkt_loss": 0.0
}
},
"aes128": {
"iperf": {
"throughput": 3899771000.0,
"cpu_sender": 6.73498,
"cpu_receiver": 64.197019
},
"ping_100": {
"rtt_min": 0.073,
"rtt_max": 1.522,
"rtt_avg": 0.094,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.08,
"rtt_max": 1.979,
"rtt_avg": 0.098,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.082,
"rtt_max": 2.162,
"rtt_avg": 0.099,
"pkt_loss": 0.0
}
},
"chacha20": {
"iperf": {
"throughput": 2888735000.0,
"cpu_sender": 6.548527,
"cpu_receiver": 63.424257
},
"ping_100": {
"rtt_min": 0.078,
"rtt_max": 0.276,
"rtt_avg": 0.095,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.084,
"rtt_max": 0.241,
"rtt_avg": 0.1,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.087,
"rtt_max": 0.424,
"rtt_avg": 0.106,
"pkt_loss": 0.0
}
},
"results": {
"throughput_mbits": {
"native": 9680.424,
"plain": 5733.394,
"aes256": 3917.323,
"aes128": 3899.771,
"chacha20": 2888.735
},
"latency_us": {
"plain": {
"100": 20.5,
"500": 20.5,
"1000": 19.5
},
"aes256": {
"100": 20.5,
"500": 20.0,
"1000": 20.5
},
"aes128": {
"100": 21.0,
"500": 22.000000000000004,
"1000": 22.000000000000004
},
"chacha20": {
"100": 21.5,
"500": 23.000000000000004,
"1000": 25.5
}
}
}
}

165
contrib/measurements/2020-10-28_2.0.0-alpha1_perf.json
View File

@ -1,165 +0,0 @@
{
"meta": {
"region": "eu-central-1",
"instance_type": "m5.large",
"ami": "ami-00a205cb8e06c3c4e",
"version": "2.0.0-alpha1",
"duration": 621.3780446052551
},
"native": {
"iperf": {
"throughput": 9681224000.0,
"cpu_sender": 13.679709,
"cpu_receiver": 71.69651
},
"ping_100": {
"rtt_min": 0.045,
"rtt_max": 0.18,
"rtt_avg": 0.051,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.047,
"rtt_max": 0.184,
"rtt_avg": 0.054,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.049,
"rtt_max": 0.175,
"rtt_avg": 0.056,
"pkt_loss": 0.0
}
},
"plain": {
"iperf": {
"throughput": 5472962000.0,
"cpu_sender": 15.087884,
"cpu_receiver": 67.570992
},
"ping_100": {
"rtt_min": 0.078,
"rtt_max": 0.257,
"rtt_avg": 0.093,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.08,
"rtt_max": 0.243,
"rtt_avg": 0.097,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.08,
"rtt_max": 0.591,
"rtt_avg": 0.096,
"pkt_loss": 0.0
}
},
"aes256": {
"iperf": {
"throughput": 3947676000.0,
"cpu_sender": 6.859741,
"cpu_receiver": 62.826154
},
"ping_100": {
"rtt_min": 0.081,
"rtt_max": 1.653,
"rtt_avg": 0.096,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.081,
"rtt_max": 1.259,
"rtt_avg": 0.098,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.082,
"rtt_max": 0.257,
"rtt_avg": 0.099,
"pkt_loss": 0.0
}
},
"aes128": {
"iperf": {
"throughput": 4200596000.0,
"cpu_sender": 10.291266,
"cpu_receiver": 64.395908
},
"ping_100": {
"rtt_min": 0.081,
"rtt_max": 0.294,
"rtt_avg": 0.097,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.084,
"rtt_max": 0.238,
"rtt_avg": 0.099,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.086,
"rtt_max": 0.291,
"rtt_avg": 0.101,
"pkt_loss": 0.0
}
},
"chacha20": {
"iperf": {
"throughput": 2854407000.0,
"cpu_sender": 5.648368,
"cpu_receiver": 58.473016
},
"ping_100": {
"rtt_min": 0.082,
"rtt_max": 0.515,
"rtt_avg": 0.098,
"pkt_loss": 0.0
},
"ping_500": {
"rtt_min": 0.089,
"rtt_max": 3.457,
"rtt_avg": 0.105,
"pkt_loss": 0.0
},
"ping_1000": {
"rtt_min": 0.092,
"rtt_max": 0.366,
"rtt_avg": 0.108,
"pkt_loss": 0.0
}
},
"results": {
"throughput_mbits": {
"native": 9681.224,
"plain": 5472.962,
"aes256": 3947.676,
"aes128": 4200.596,
"chacha20": 2854.407
},
"latency_us": {
"plain": {
"100": 21.0,
"500": 21.5,
"1000": 20.0
},
"aes256": {
"100": 22.500000000000004,
"500": 22.000000000000004,
"1000": 21.5
},
"aes128": {
"100": 23.000000000000004,
"500": 22.500000000000004,
"1000": 22.500000000000004
},
"chacha20": {
"100": 23.500000000000004,
"500": 25.5,
"1000": 26.0
}
}
}
}

2
contrib/performance.py
View File

@ -8,7 +8,7 @@ from datetime import date
# Note: this script will run for ~8 minutes and incur costs of about $ 0.02
FILE = "../target/release/vpncloud"
VERSION = "2.0.0-alpha1"
VERSION = "2.0-pre"
REGION = "eu-central-1"
env = EC2Environment(

34
src/cloud.rs
View File

@ -492,13 +492,7 @@ impl<D: Device, P: Protocol, S: Socket, TS: TimeSource> GenericCloud<D, P, S, TS
writeln!(f, "peers:")?;
let now = TS::now();
for (addr, data) in &self.peers {
writeln!(
f,
" - \"{}\": {{ ttl_secs: {}, crypto: {} }}",
addr_nice(*addr),
data.timeout - now,
data.crypto.algorithm_name()
)?;
writeln!(f, " - \"{}\": {{ ttl_secs: {} }}", addr_nice(*addr), data.timeout - now)?;
}
writeln!(f)?;
self.table.write_out(f)?;
@ -723,7 +717,11 @@ impl<D: Device, P: Protocol, S: Socket, TS: TimeSource> GenericCloud<D, P, S, TS
self.pending_inits.insert(src, init);
Ok(res)
}
Err(err) => return Err(err)
Err(err) => {
debug!("Init error from {}: {}", src, err);
info!("Ignoring invalid init message from peer {}", addr_nice(src));
return Ok(())
}
}
} else if let Some(peer) = self.peers.get_mut(&src) {
peer.crypto.handle_message(data)
@ -750,27 +748,21 @@ impl<D: Device, P: Protocol, S: Socket, TS: TimeSource> GenericCloud<D, P, S, TS
fn handle_socket_event(&mut self, buffer: &mut MsgBuffer) {
let src = try_fail!(self.socket.receive(buffer), "Failed to read from network socket: {}");
self.traffic.count_in_traffic(src, buffer.len());
match self.handle_net_message(src, buffer) {
Err(e @ Error::CryptoInitFatal(_)) => {
debug!("Fatal crypto init error from {}: {}", src, e);
if let Err(e) = self.handle_net_message(src, buffer) {
if let Error::CryptoInit(_) = e {
debug!("Crypto init error: {}", e);
info!("Closing pending connection to {} due to error in crypto init", addr_nice(src));
self.pending_inits.remove(&src);
} else {
error!("Error: {}", e);
}
Err(e @ Error::CryptoInit(_)) => {
debug!("Recoverable init error from {}: {}", src, e);
info!("Ignoring invalid init message from peer {}", addr_nice(src));
}
Err(e) => {
error!("{}", e);
}
Ok(_) => {}
}
}
fn handle_device_event(&mut self, buffer: &mut MsgBuffer) {
try_fail!(self.device.read(buffer), "Failed to read from device: {}");
if let Err(e) = self.handle_interface_data(buffer) {
error!("{}", e);
error!("Error: {}", e);
}
}
@ -805,7 +797,7 @@ impl<D: Device, P: Protocol, S: Socket, TS: TimeSource> GenericCloud<D, P, S, TS
break
}
if let Err(e) = self.housekeep() {
error!("{}", e)
error!("Error: {}", e)
}
self.next_housekeep = TS::now() + 1
}

1
src/crypto/core.rs
View File

@ -210,7 +210,6 @@ impl CryptoCore {
}
pub fn rotate_key(&mut self, key: LessSafeKey, id: u64, use_for_sending: bool) {
debug!("Rotated key {} (use for sending: {})", id, use_for_sending);
let id = (id % 4) as usize;
self.keys[id] = CryptoKey::new(&self.rand, key, self.nonce_half);
if use_for_sending {

12
src/crypto/init.rs
View File

@ -453,7 +453,7 @@ impl<P: Payload> InitState<P> {
Ok(())
} else {
self.next_stage = CLOSING;
Err(Error::CryptoInitFatal("Initialization timeout"))
Err(Error::CryptoInit("Initialization timeout"))
}
}
@ -565,7 +565,7 @@ impl<P: Payload> InitState<P> {
debug!("Init: best algorithm is {:?} with speed {}", algo.0, algo.1);
Ok(Some(algo))
} else {
Err(Error::CryptoInitFatal("No common algorithms"))
Err(Error::CryptoInit("No common algorithms"))
}
}
@ -578,7 +578,7 @@ impl<P: Payload> InitState<P> {
if self.salted_node_id_hash == salted_node_id_hash
|| self.check_salted_node_id_hash(&salted_node_id_hash, self.node_id)
{
return Err(Error::CryptoInitFatal("Connected to self"))
return Err(Error::CryptoInit("Connected to self"))
}
if stage != self.next_stage {
if self.next_stage == STAGE_PONG && stage == STAGE_PING {
@ -598,7 +598,7 @@ impl<P: Payload> InitState<P> {
self.repeat_last_message(out);
return Ok(InitResult::Continue)
} else {
return Err(Error::CryptoInitFatal("Received invalid stage as first message"))
return Err(Error::CryptoInit("Received invalid stage as first message"))
}
}
self.failed_retries = 0;
@ -633,7 +633,7 @@ impl<P: Payload> InitState<P> {
// decrypt the payload
let peer_payload =
self.decrypt(&mut encrypted_payload).map_err(|_| Error::CryptoInitFatal("Failed to decrypt payload"))?;
self.decrypt(&mut encrypted_payload).map_err(|_| Error::CryptoInit("Failed to decrypt payload"))?;
// create and send stage 3 reply
self.send_message(STAGE_PENG, None, out);
@ -645,7 +645,7 @@ impl<P: Payload> InitState<P> {
InitMsg::Peng { mut encrypted_payload, .. } => {
// decrypt the payload
let peer_payload =
self.decrypt(&mut encrypted_payload).map_err(|_| Error::CryptoInitFatal("Failed to decrypt payload"))?;
self.decrypt(&mut encrypted_payload).map_err(|_| Error::CryptoInit("Failed to decrypt payload"))?;
self.next_stage = CLOSING; // force resend when receiving any message
Ok(InitResult::Success { peer_payload, is_initiator: false })

28
src/crypto/mod.rs
View File

@ -124,12 +124,7 @@ impl Crypto {
speeds.into_iter().map(|(a, s)| format!("{}: {:.1} MiB/s", a, s)).collect::<Vec<_>>().join(", ")
);
}
Ok(Self {
node_id,
key_pair: Arc::new(key_pair),
trusted_keys: trusted_keys.into_boxed_slice().into(),
algorithms: algos
})
Ok(Self { node_id, key_pair: Arc::new(key_pair), trusted_keys: trusted_keys.into_boxed_slice().into(), algorithms: algos })
}
pub fn generate_keypair(password: Option<&str>) -> (String, String) {
@ -273,23 +268,6 @@ impl<P: Payload> PeerCrypto<P> {
self.core.is_some()
}
pub fn algorithm_name(&self) -> &'static str {
if let Some(ref core) = self.core {
let algo = core.algorithm();
if algo == &aead::CHACHA20_POLY1305 {
"chacha20"
} else if algo == &aead::AES_128_GCM {
"aes128"
} else if algo == &aead::AES_256_GCM {
"aes256"
} else {
unreachable!()
}
} else {
"plain"
}
}
fn handle_init_message(&mut self, buffer: &mut MsgBuffer) -> Result<MessageResult<P>, Error> {
let result = self.get_init()?.handle_init(buffer)?;
if !buffer.is_empty() {
@ -306,7 +284,7 @@ impl<P: Payload> PeerCrypto<P> {
self.init = None
}
if self.core.is_some() {
self.rotation = Some(RotationState::new(!is_initiator, buffer));
self.rotation = Some(RotationState::new(!is_initiator, buffer)?);
}
if !is_initiator {
if self.unencrypted {
@ -397,7 +375,7 @@ impl<P: Payload> PeerCrypto<P> {
self.rotate_counter += 1;
if self.rotate_counter >= ROTATE_INTERVAL {
self.rotate_counter = 0;
if let Some(rot) = rotate.cycle(out) {
if let Some(rot) = rotate.cycle(out)? {
let core = self.get_core()?;
let algo = core.algorithm();
let key = LessSafeKey::new(UnboundKey::new(algo, &rot.key[..algo.key_len()]).unwrap());

89
src/crypto/rotate.rs
View File

@ -97,19 +97,18 @@ pub struct RotatedKey {
impl RotationState {
#[allow(dead_code)]
pub fn new(initiator: bool, out: &mut MsgBuffer) -> Self {
pub fn new(initiator: bool, out: &mut MsgBuffer) -> Result<Self, Error> {
if initiator {
let (private_key, public_key) = Self::create_key();
Self::send(&RotationMessage { message_id: 1, confirm: None, propose: public_key }, out);
Self { confirmed: None, pending: None, proposed: Some(private_key), message_id: 1, timeout: false }
Self::send(&RotationMessage { message_id: 1, confirm: None, propose: public_key }, out)?;
Ok(Self { confirmed: None, pending: None, proposed: Some(private_key), message_id: 1, timeout: false })
} else {
Self { confirmed: None, pending: None, proposed: None, message_id: 0, timeout: false }
Ok(Self { confirmed: None, pending: None, proposed: None, message_id: 0, timeout: false })
}
}
fn send(msg: &RotationMessage, out: &mut MsgBuffer) {
fn send(msg: &RotationMessage, out: &mut MsgBuffer) -> Result<(), Error> {
assert!(out.is_empty());
debug!("Rotation sending message with id {}", msg.message_id);
let len;
{
let mut cursor = Cursor::new(out.buffer());
@ -117,6 +116,7 @@ impl RotationState {
len = cursor.position() as usize;
}
out.set_length(len);
Ok(())
}
fn create_key() -> (EcdhPrivateKey, EcdhPublicKey) {
@ -152,7 +152,6 @@ impl RotationState {
if msg.message_id <= self.message_id {
return None
}
debug!("Received rotation message with id {}", msg.message_id);
self.timeout = false;
// Create key from proposal and store reply as pending
let (private_key, public_key) = Self::create_key();
@ -169,7 +168,7 @@ impl RotationState {
}
#[allow(dead_code)]
pub fn cycle(&mut self, out: &mut MsgBuffer) -> Option<RotatedKey> {
pub fn cycle(&mut self, out: &mut MsgBuffer) -> Result<Option<RotatedKey>, Error> {
if let Some(ref private_key) = self.proposed {
// Still a proposed key that has not been confirmed, proposal must have been lost
if self.timeout {
@ -179,10 +178,10 @@ impl RotationState {
Self::send(
&RotationMessage { confirm: Some(confirmed_key.clone()), propose: proposed_key, message_id },
out
);
)?;
} else {
// First message has been lost
Self::send(&RotationMessage { confirm: None, propose: proposed_key, message_id: 1 }, out);
Self::send(&RotationMessage { confirm: None, propose: proposed_key, message_id: 1 }, out)?;
}
} else {
self.timeout = true;
@ -196,14 +195,14 @@ impl RotationState {
let (private_key, propose_key) = Self::create_key();
self.proposed = Some(private_key);
self.confirmed = Some((confirm_key.clone(), message_id));
Self::send(&RotationMessage { confirm: Some(confirm_key), propose: propose_key, message_id }, out);
return Some(RotatedKey { key, id: message_id, use_for_sending: false })
Self::send(&RotationMessage { confirm: Some(confirm_key), propose: propose_key, message_id }, out)?;
return Ok(Some(RotatedKey { key, id: message_id, use_for_sending: false }))
} else {
// Nothing pending nor proposed, still waiting to receive message 1
// Do nothing, peer will retry
}
}
None
Ok(None)
}
}
@ -251,8 +250,8 @@ mod tests {
let mut out2 = MsgBuffer::new(8);
// Initialization
let mut node1 = RotationState::new(true, &mut out1);
let mut node2 = RotationState::new(false, &mut out2);
let mut node1 = RotationState::new(true, &mut out1).unwrap();
let mut node2 = RotationState::new(false, &mut out2).unwrap();
assert!(!out1.is_empty());
let msg1 = out1.msg().unwrap();
assert_eq!(msg1.message_id, 1);
@ -261,8 +260,8 @@ mod tests {
let key = node2.process_message(msg1);
assert!(key.is_none());
// Cycle 1
let key1 = node1.cycle(&mut out1);
let key2 = node2.cycle(&mut out2);
let key1 = node1.cycle(&mut out1).unwrap();
let key2 = node2.cycle(&mut out2).unwrap();
assert!(key1.is_none());
assert!(out1.is_empty());
assert!(key2.is_some());
@ -280,8 +279,8 @@ mod tests {
assert_eq!(key.id, 2);
assert_eq!(key.use_for_sending, true);
// Cycle 2
let key1 = node1.cycle(&mut out1);
let key2 = node2.cycle(&mut out2);
let key1 = node1.cycle(&mut out1).unwrap();
let key2 = node2.cycle(&mut out2).unwrap();
assert!(key1.is_some());
let key1 = key1.unwrap();
assert_eq!(key1.id, 3);
@ -299,8 +298,8 @@ mod tests {
assert_eq!(key.id, 3);
assert_eq!(key.use_for_sending, true);
// Cycle 3
let key1 = node1.cycle(&mut out1);
let key2 = node2.cycle(&mut out2);
let key1 = node1.cycle(&mut out1).unwrap();
let key2 = node2.cycle(&mut out2).unwrap();
assert!(key1.is_none());
assert!(out1.is_empty());
assert!(key2.is_some());
@ -324,30 +323,30 @@ mod tests {
let mut out1 = MsgBuffer::new(8);
let mut out2 = MsgBuffer::new(8);
let mut node1 = RotationState::new(true, &mut out1);
let mut node2 = RotationState::new(false, &mut out2);
let mut node1 = RotationState::new(true, &mut out1).unwrap();
let mut node2 = RotationState::new(false, &mut out2).unwrap();
let msg1 = out1.clone().msg().unwrap();
let msg1_copy = out1.msg().unwrap();
node2.process_message(msg1);
assert!(node2.process_message(msg1_copy).is_none());
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg2 = out2.clone().msg().unwrap();
let msg2_copy = out2.msg().unwrap();
// Message 2
assert!(node1.process_message(msg2).is_some());
assert!(node1.process_message(msg2_copy).is_none());
// Cycle 2
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg1 = out1.clone().msg().unwrap();
let msg1_copy = out1.msg().unwrap();
// Message 3
assert!(node2.process_message(msg1).is_some());
assert!(node2.process_message(msg1_copy).is_none());
// Cycle 3
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg2 = out2.clone().msg().unwrap();
let msg2_copy = out2.msg().unwrap();
// Message 4
@ -360,22 +359,22 @@ mod tests {
let mut out1 = MsgBuffer::new(8);
let mut out2 = MsgBuffer::new(8);
let mut node1 = RotationState::new(true, &mut out1);
let mut node2 = RotationState::new(false, &mut out2);
let mut node1 = RotationState::new(true, &mut out1).unwrap();
let mut node2 = RotationState::new(false, &mut out2).unwrap();
let _msg1 = out1.msg().unwrap();
// drop msg1
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
assert!(out2.msg().is_none());
// Cycle 2
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg1 = out1.msg().unwrap();
// Message 3
assert!(node2.process_message(msg1).is_none());
// Cycle 3
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg2 = out2.msg().unwrap();
// Message 4
assert!(node1.process_message(msg2).is_some());
@ -386,22 +385,22 @@ mod tests {
let mut out1 = MsgBuffer::new(8);
let mut out2 = MsgBuffer::new(8);
let mut node1 = RotationState::new(true, &mut out1);
let mut node2 = RotationState::new(false, &mut out2);
let mut node1 = RotationState::new(true, &mut out1).unwrap();
let mut node2 = RotationState::new(false, &mut out2).unwrap();
let msg1 = out1.msg().unwrap();
assert!(node1.process_message(msg1).is_none());
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
assert!(out2.msg().is_none());
// Cycle 2
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg1 = out1.msg().unwrap();
// Message 3
assert!(node2.process_message(msg1).is_none());
// Cycle 3
node1.cycle(&mut out1);
node2.cycle(&mut out2);
node1.cycle(&mut out1).unwrap();
node2.cycle(&mut out2).unwrap();
let msg2 = out2.msg().unwrap();
// Message 4
assert!(node1.process_message(msg2).is_some());

6
src/error.rs
View File

@ -5,14 +5,10 @@ use std::io;
#[derive(Error, Debug)]
pub enum Error {
/// Crypto init error, this is recoverable
/// Crypto init error, this is fatal and the init needs to be aborted
#[error("Crypto initialization error: {0}")]
CryptoInit(&'static str),
/// Crypto init error, this is fatal and the init needs to be aborted
#[error("Fatal crypto initialization error: {0}")]
CryptoInitFatal(&'static str),
/// Crypto error with this one message, no permanent error
#[error("Crypto error: {0}")]
Crypto(&'static str),

11
src/table.rs
View File

@ -62,11 +62,6 @@ impl<TS: TimeSource> ClaimTable<TS> {
for claim in claims {
self.claims.push(ClaimEntry { peer, claim, timeout: TS::now() + self.claim_timeout as Time })
}
for entry in self.cache.values_mut() {
if entry.peer == peer {
entry.timeout = 0
}
}
self.housekeep()
}
@ -76,11 +71,6 @@ impl<TS: TimeSource> ClaimTable<TS> {
entry.timeout = 0
}
}
for entry in self.cache.values_mut() {
if entry.peer == peer {
entry.timeout = 0
}
}
self.housekeep()
}
@ -102,6 +92,7 @@ impl<TS: TimeSource> ClaimTable<TS> {
pub fn housekeep(&mut self) {
let now = TS::now();
// TODO: also remove cache when removing claims
self.cache.retain(|_, v| v.timeout >= now);
self.claims.retain(|e| e.timeout >= now);
}