mirror of https://github.com/dswd/vpncloud.git
Compare commits
No commits in common. "7edb649c3218498dc253bd4fdae97dd1d7365838" and "c062728f73fff8744f13923f8e58b7d582dfb2db" have entirely different histories.
7edb649c32
...
c062728f73
|
@ -2,7 +2,7 @@
|
|||
|
||||
This project follows [semantic versioning](http://semver.org).
|
||||
|
||||
### v1.2.0 (2019-12-20)
|
||||
### Unreleased
|
||||
|
||||
- [added] Added service restrictions to systemd
|
||||
- [changed] Rust version 1.40.0
|
||||
|
@ -10,7 +10,6 @@ This project follows [semantic versioning](http://semver.org).
|
|||
- [changed] Set builders to Ubuntu 16.04 and CentOS 7
|
||||
- [changed] Set keepalive to 120 secs when NAT is detected
|
||||
- [changed] Deleting beacon file at shutdown
|
||||
- [changed] Updated dependencies
|
||||
- [fixed] Added parameter keepalive to manpage
|
||||
- [fixed] Fixed problems on stats file when dropping permissions
|
||||
- [fixed] Deleting files before overwriting them
|
||||
|
|
|
@ -500,8 +500,13 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "time"
|
||||
version = "0.2.0"
|
||||
version = "0.1.42"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "unicode-bidi"
|
||||
|
@ -556,7 +561,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
|
||||
[[package]]
|
||||
name = "vpncloud"
|
||||
version = "1.2.0"
|
||||
version = "1.1.0"
|
||||
dependencies = [
|
||||
"cc 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"daemonize 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
@ -576,7 +581,7 @@ dependencies = [
|
|||
"signal 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"siphasher 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"time 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"yaml-rust 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
@ -778,7 +783,7 @@ dependencies = [
|
|||
"checksum syn 1.0.11 (registry+https://github.com/rust-lang/crates.io-index)" = "dff0acdb207ae2fe6d5976617f887eb1e35a2ba52c13c7234c790960cdad9238"
|
||||
"checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9"
|
||||
"checksum thread_local 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)" = "c6b53e329000edc2b34dbe8545fd20e55a333362d0a321909685a19bd28c3f1b"
|
||||
"checksum time 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fcc26de0a81a07c8352b548977862908fa9863e0e6e4f0eb36b2a9f4f8845585"
|
||||
"checksum time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)" = "db8dcfca086c1143c9270ac42a2bbd8a7ee477b78ac8e45b19abfb0cbede4b6f"
|
||||
"checksum unicode-bidi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "49f2bd0c6468a8230e1db229cff8029217cf623c767ea5d60bfbd42729ea54d5"
|
||||
"checksum unicode-normalization 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b561e267b2326bb4cebfc0ef9e68355c7abe6c6f522aeac2f5bf95d56c59bdcf"
|
||||
"checksum unicode-segmentation 1.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "vpncloud"
|
||||
version = "1.2.0"
|
||||
version = "1.1.0"
|
||||
authors = ["Dennis Schwerdel <schwerdel@googlemail.com>"]
|
||||
build = "build.rs"
|
||||
license = "GPL-3.0"
|
||||
|
@ -12,7 +12,7 @@ readme = "README.md"
|
|||
edition = "2018"
|
||||
|
||||
[dependencies]
|
||||
time = "0.2"
|
||||
time = "0.1"
|
||||
docopt = "^1"
|
||||
serde = "1.0"
|
||||
serde_derive = "1.0"
|
||||
|
|
|
@ -1,19 +1,3 @@
|
|||
vpncloud (1.2.0) stable; urgency=medium
|
||||
|
||||
* [added] Added service restrictions to systemd
|
||||
* [changed] Rust version 1.40.0
|
||||
* [changed] Also drop privileges in foreground mode
|
||||
* [changed] Set builders to Ubuntu 16.04 and CentOS 7
|
||||
* [changed] Set keepalive to 120 secs when NAT is detected
|
||||
* [changed] Deleting beacon file at shutdown
|
||||
* [changed] Updated dependencies
|
||||
* [fixed] Added parameter keepalive to manpage
|
||||
* [fixed] Fixed problems on stats file when dropping permissions
|
||||
* [fixed] Deleting files before overwriting them
|
||||
* [fixed] Fixed duplicate port bindings
|
||||
|
||||
-- Dennis Schwerdel <schwerdel@googlemail.com> Fri, 20 Dec 2019 16:31:07 +0100
|
||||
|
||||
vpncloud (1.1.0) stable; urgency=medium
|
||||
|
||||
* [added] Exchange peer timeout and adapt keepalive accordingly
|
||||
|
|
|
@ -149,7 +149,6 @@ fn create_test_node() -> TestNode {
|
|||
true,
|
||||
vec![],
|
||||
Crypto::None,
|
||||
None,
|
||||
None
|
||||
)
|
||||
}
|
||||
|
|
|
@ -445,7 +445,7 @@ impl<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSource> GenericCloud<D
|
|||
debug!("Connecting to {:?}", addr);
|
||||
let subnets = self.addresses.clone();
|
||||
let node_id = self.node_id;
|
||||
let mut msg = Message::Init(0, node_id, subnets, self.peer_timeout_publish);
|
||||
let mut msg = Message::Init(0, node_id, subnets.clone(), self.peer_timeout_publish);
|
||||
self.send_msg(addr, &mut msg)
|
||||
}
|
||||
|
||||
|
|
|
@ -447,6 +447,7 @@ fn config_merge() {
|
|||
group: Some("root".to_string()),
|
||||
pid_file: Some("/run/vpncloud-mynet.run".to_string()),
|
||||
stats_file: Some("/var/log/vpncloud-mynet.stats".to_string()),
|
||||
daemonize: true
|
||||
daemonize: true,
|
||||
..Default::default()
|
||||
});
|
||||
}
|
||||
|
|
|
@ -171,7 +171,9 @@ fn encrypt_decrypt_chacha20poly1305() {
|
|||
let msg_bytes = msg.as_bytes();
|
||||
let mut buffer = [0u8; 1024];
|
||||
let header = [0u8; 8];
|
||||
buffer[..msg_bytes.len()].clone_from_slice(&msg_bytes);
|
||||
for i in 0..msg_bytes.len() {
|
||||
buffer[i] = msg_bytes[i];
|
||||
}
|
||||
let mut nonce1 = [0u8; 12];
|
||||
let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce1, &header);
|
||||
assert_eq!(size, msg_bytes.len() + sender.additional_bytes());
|
||||
|
@ -193,7 +195,9 @@ fn encrypt_decrypt_aes256() {
|
|||
let msg_bytes = msg.as_bytes();
|
||||
let mut buffer = [0u8; 1024];
|
||||
let header = [0u8; 8];
|
||||
buffer[..msg_bytes.len()].clone_from_slice(&msg_bytes);
|
||||
for i in 0..msg_bytes.len() {
|
||||
buffer[i] = msg_bytes[i];
|
||||
}
|
||||
let mut nonce1 = [0u8; 12];
|
||||
let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce1, &header);
|
||||
assert_eq!(size, msg_bytes.len() + sender.additional_bytes());
|
||||
|
|
|
@ -59,7 +59,7 @@ use crate::{
|
|||
const VERSION: u8 = 1;
|
||||
const MAGIC: HeaderMagic = *b"vpn\x01";
|
||||
|
||||
static USAGE: &str = include_str!("usage.txt");
|
||||
static USAGE: &'static str = include_str!("usage.txt");
|
||||
|
||||
|
||||
#[derive(Deserialize, Debug, Default)]
|
||||
|
@ -127,7 +127,7 @@ impl log::Log for DualLogger {
|
|||
println!("{} - {}", record.level(), record.args());
|
||||
let mut file = self.file.lock().expect("Lock poisoned");
|
||||
if let Some(ref mut file) = *file {
|
||||
let time = time::PrimitiveDateTime::now().format("%F %T");
|
||||
let time = time::strftime("%F %T", &time::now()).expect("Failed to format timestamp");
|
||||
writeln!(file, "{} - {} - {}", time, record.level(), record.args())
|
||||
.expect("Failed to write to logfile");
|
||||
}
|
||||
|
@ -240,7 +240,6 @@ impl<P: Protocol> AnyCloud<P> {
|
|||
}
|
||||
|
||||
|
||||
#[allow(clippy::cognitive_complexity)]
|
||||
fn run<P: Protocol>(config: Config) {
|
||||
let device = try_fail!(
|
||||
TunTapDevice::new(&config.device_name, config.device_type, config.device_path.as_ref().map(|s| s as &str)),
|
||||
|
|
|
@ -60,7 +60,6 @@ fn connect_nat_3_peers() {
|
|||
}
|
||||
|
||||
#[test]
|
||||
#[allow(clippy::cognitive_complexity)]
|
||||
fn nat_keepalive() {
|
||||
init_debug_logger();
|
||||
MockTimeSource::set_time(0);
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
use super::*;
|
||||
|
||||
#[test]
|
||||
#[allow(clippy::cognitive_complexity)]
|
||||
fn connect_v4() {
|
||||
let mut node1 = create_tap_node(false);
|
||||
let node1_addr = addr!("1.2.3.4:5678");
|
||||
|
@ -57,7 +56,6 @@ fn connect_v6() {
|
|||
}
|
||||
|
||||
#[test]
|
||||
#[allow(clippy::cognitive_complexity)]
|
||||
fn cross_connect() {
|
||||
let mut node1 = create_tap_node(false);
|
||||
let node1_addr = addr!("1.1.1.1:1111");
|
||||
|
|
|
@ -190,7 +190,11 @@ pub fn decode<'a>(data: &'a mut [u8], magic: HeaderMagic, crypto: &Crypto) -> Re
|
|||
pos += read;
|
||||
addrs.push(range);
|
||||
}
|
||||
let peer_timeout = if data.len() >= pos + 2 { Encoder::read_u16(&data[pos..]) } else { 1800 };
|
||||
let mut peer_timeout = 1800;
|
||||
if data.len() >= pos + 2 {
|
||||
peer_timeout = Encoder::read_u16(&data[pos..]);
|
||||
// pos += 2; never read
|
||||
}
|
||||
Message::Init(stage, node_id, addrs, peer_timeout)
|
||||
}
|
||||
3 => Message::Close,
|
||||
|
@ -349,10 +353,12 @@ fn udpmessage_packet() {
|
|||
let res = encode(&mut msg, &mut [], MAGIC, &mut crypto);
|
||||
assert_eq!(res.len(), 13);
|
||||
assert_eq!(&res[..8], &[118, 112, 110, 1, 0, 0, 0, 0]);
|
||||
buf[..res.len()].clone_from_slice(&res);
|
||||
for i in 0..res.len() {
|
||||
buf[i] = res[i];
|
||||
}
|
||||
len = res.len();
|
||||
}
|
||||
let msg2 = decode(&mut buf[..len], MAGIC, &crypto).unwrap();
|
||||
let msg2 = decode(&mut buf[..len], MAGIC, &mut crypto).unwrap();
|
||||
assert_eq!(msg, msg2);
|
||||
}
|
||||
|
||||
|
@ -367,7 +373,9 @@ fn udpmessage_encrypted() {
|
|||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
];
|
||||
let mut orig_payload = [0; 133];
|
||||
orig_payload[..payload.len()].clone_from_slice(&payload);
|
||||
for i in 0..payload.len() {
|
||||
orig_payload[i] = payload[i];
|
||||
}
|
||||
let orig_msg = Message::Data(&mut orig_payload, 64, 69);
|
||||
let mut msg = Message::Data(&mut payload, 64, 69);
|
||||
let mut buf = [0; 1024];
|
||||
|
@ -376,10 +384,12 @@ fn udpmessage_encrypted() {
|
|||
let res = encode(&mut msg, &mut [], MAGIC, &mut crypto);
|
||||
assert_eq!(res.len(), 41);
|
||||
assert_eq!(&res[..8], &[118, 112, 110, 1, 1, 0, 0, 0]);
|
||||
buf[..res.len()].clone_from_slice(&res);
|
||||
for i in 0..res.len() {
|
||||
buf[i] = res[i];
|
||||
}
|
||||
len = res.len();
|
||||
}
|
||||
let msg2 = decode(&mut buf[..len], MAGIC, &crypto).unwrap();
|
||||
let msg2 = decode(&mut buf[..len], MAGIC, &mut crypto).unwrap();
|
||||
assert_eq!(orig_msg, msg2);
|
||||
}
|
||||
|
||||
|
@ -404,16 +414,16 @@ fn udpmessage_peers() {
|
|||
assert_eq!(res[i], should[i]);
|
||||
}
|
||||
}
|
||||
let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
|
||||
let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
|
||||
assert_eq!(msg, msg2);
|
||||
// Missing IPv4 count
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1], MAGIC, &mut crypto).is_err());
|
||||
// Truncated IPv4
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1], MAGIC, &mut crypto).is_err());
|
||||
// Missing IPv6 count
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0], MAGIC, &mut crypto).is_err());
|
||||
// Truncated IPv6
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0, 1], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0, 1], MAGIC, &mut crypto).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -438,7 +448,7 @@ fn udpmessage_init() {
|
|||
assert_eq!(res[i], should[i]);
|
||||
}
|
||||
}
|
||||
let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
|
||||
let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
|
||||
assert_eq!(msg, msg2);
|
||||
}
|
||||
|
||||
|
@ -453,31 +463,31 @@ fn udpmessage_close() {
|
|||
assert_eq!(res.len(), 8);
|
||||
assert_eq!(&res, &should);
|
||||
}
|
||||
let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
|
||||
let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
|
||||
assert_eq!(msg, msg2);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn udpmessage_invalid() {
|
||||
let crypto = Crypto::None;
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0], MAGIC, &crypto).is_ok());
|
||||
let mut crypto = Crypto::None;
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0], MAGIC, &mut crypto).is_ok());
|
||||
// too short
|
||||
assert!(decode(&mut [], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [], MAGIC, &mut crypto).is_err());
|
||||
// invalid protocol
|
||||
assert!(decode(&mut [0, 1, 2, 0, 0, 0, 0, 0], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [0, 1, 2, 0, 0, 0, 0, 0], MAGIC, &mut crypto).is_err());
|
||||
// invalid version
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 0xaa, 0, 0, 0, 0], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 0xaa, 0, 0, 0, 0], MAGIC, &mut crypto).is_err());
|
||||
// invalid crypto
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0xaa, 0, 0, 0], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0xaa, 0, 0, 0], MAGIC, &mut crypto).is_err());
|
||||
// invalid msg type
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0xaa], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0xaa], MAGIC, &mut crypto).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn udpmessage_invalid_crypto() {
|
||||
let crypto = Crypto::from_shared_key(CryptoMethod::ChaCha20, "test");
|
||||
let mut crypto = Crypto::from_shared_key(CryptoMethod::ChaCha20, "test");
|
||||
// truncated crypto
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 1, 0, 0, 0], MAGIC, &crypto).is_err());
|
||||
assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 1, 0, 0, 0], MAGIC, &mut crypto).is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
12
src/util.rs
12
src/util.rs
|
@ -254,9 +254,9 @@ impl TimeSource for MockTimeSource {
|
|||
/// Helper function that multiplies the base62 data in buf[0..buflen] by 16 and adds m to it
|
||||
fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize {
|
||||
let mut d: usize = m as usize;
|
||||
for item in buf.iter_mut().take(buflen) {
|
||||
d += *item as usize * 16;
|
||||
*item = (d % 62) as u8;
|
||||
for i in 0..buflen {
|
||||
d += buf[i] as usize * 16;
|
||||
buf[i] = (d % 62) as u8;
|
||||
d /= 62;
|
||||
}
|
||||
assert!(d < 62);
|
||||
|
@ -298,9 +298,9 @@ pub fn from_base62(data: &str) -> Result<Vec<u8>, char> {
|
|||
'a'..='z' => ((c as usize) % ('a' as usize)) + 36,
|
||||
_ => return Err(c)
|
||||
};
|
||||
for item in &mut buf {
|
||||
val += *item as usize * 62;
|
||||
*item = (val % 256) as u8;
|
||||
for i in 0..buf.len() {
|
||||
val += buf[i] as usize * 62;
|
||||
buf[i] = (val % 256) as u8;
|
||||
val /= 256;
|
||||
}
|
||||
if val > 0 {
|
||||
|
|
Loading…
Reference in New Issue