Release 1.2.0

CHANGELOG.md

@@ -2,7 +2,7 @@
 
 This project follows [semantic versioning](http://semver.org).
 
-### Unreleased
+### v1.2.0 (2019-12-20)
 
 - [added] Added service restrictions to systemd
 - [changed] Rust version 1.40.0
@@ -10,6 +10,7 @@ This project follows [semantic versioning](http://semver.org).
 - [changed] Set builders to Ubuntu 16.04 and CentOS 7
 - [changed] Set keepalive to 120 secs when NAT is detected
 - [changed] Deleting beacon file at shutdown
+- [changed] Updated dependencies
 - [fixed] Added parameter keepalive to manpage
 - [fixed] Fixed problems on stats file when dropping permissions
 - [fixed] Deleting files before overwriting them

Cargo.lock

@@ -500,13 +500,8 @@ dependencies = [
 
 [[package]]
 name = "time"
-version = "0.1.42"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-dependencies = [
- "libc 0.2.66 (registry+https://github.com/rust-lang/crates.io-index)",
- "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)",
- "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)",
-]
 
 [[package]]
 name = "unicode-bidi"
@@ -561,7 +556,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 [[package]]
 name = "vpncloud"
-version = "1.1.0"
+version = "1.2.0"
 dependencies = [
  "cc 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)",
  "daemonize 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -581,7 +576,7 @@ dependencies = [
  "signal 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "siphasher 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
- "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)",
+ "time 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "yaml-rust 0.4.3 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
@@ -783,7 +778,7 @@ dependencies = [
 "checksum syn 1.0.11 (registry+https://github.com/rust-lang/crates.io-index)" = "dff0acdb207ae2fe6d5976617f887eb1e35a2ba52c13c7234c790960cdad9238"
 "checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9"
 "checksum thread_local 0.3.6 (registry+https://github.com/rust-lang/crates.io-index)" = "c6b53e329000edc2b34dbe8545fd20e55a333362d0a321909685a19bd28c3f1b"
-"checksum time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)" = "db8dcfca086c1143c9270ac42a2bbd8a7ee477b78ac8e45b19abfb0cbede4b6f"
+"checksum time 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fcc26de0a81a07c8352b548977862908fa9863e0e6e4f0eb36b2a9f4f8845585"
 "checksum unicode-bidi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "49f2bd0c6468a8230e1db229cff8029217cf623c767ea5d60bfbd42729ea54d5"
 "checksum unicode-normalization 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b561e267b2326bb4cebfc0ef9e68355c7abe6c6f522aeac2f5bf95d56c59bdcf"
 "checksum unicode-segmentation 1.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0"

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "vpncloud"
-version = "1.1.0"
+version = "1.2.0"
 authors = ["Dennis Schwerdel <schwerdel@googlemail.com>"]
 build = "build.rs"
 license = "GPL-3.0"
@@ -12,7 +12,7 @@ readme = "README.md"
 edition = "2018"
 
 [dependencies]
-time = "0.1"
+time = "0.2"
 docopt = "^1"
 serde = "1.0"
 serde_derive = "1.0"

assets/changelog.txt

@@ -1,3 +1,19 @@
+vpncloud (1.2.0) stable; urgency=medium
+
+  * [added] Added service restrictions to systemd
+  * [changed] Rust version 1.40.0
+  * [changed] Also drop privileges in foreground mode
+  * [changed] Set builders to Ubuntu 16.04 and CentOS 7
+  * [changed] Set keepalive to 120 secs when NAT is detected
+  * [changed] Deleting beacon file at shutdown
+  * [changed] Updated dependencies
+  * [fixed] Added parameter keepalive to manpage
+  * [fixed] Fixed problems on stats file when dropping permissions
+  * [fixed] Deleting files before overwriting them
+  * [fixed] Fixed duplicate port bindings
+
+ -- Dennis Schwerdel <schwerdel@googlemail.com>  Fri, 20 Dec 2019 16:31:07 +0100
+
 vpncloud (1.1.0) stable; urgency=medium
   
   * [added] Exchange peer timeout and adapt keepalive accordingly

src/benches.rs

@@ -149,6 +149,7 @@ fn create_test_node() -> TestNode {
         true,
         vec![],
         Crypto::None,
+        None,
         None
     )
 }

src/cloud.rs

@@ -445,7 +445,7 @@ impl<D: Device, P: Protocol, T: Table, S: Socket, TS: TimeSource> GenericCloud<D
         debug!("Connecting to {:?}", addr);
         let subnets = self.addresses.clone();
         let node_id = self.node_id;
-        let mut msg = Message::Init(0, node_id, subnets.clone(), self.peer_timeout_publish);
+        let mut msg = Message::Init(0, node_id, subnets, self.peer_timeout_publish);
         self.send_msg(addr, &mut msg)
     }
 

src/config.rs

@@ -447,7 +447,6 @@ fn config_merge() {
         group: Some("root".to_string()),
         pid_file: Some("/run/vpncloud-mynet.run".to_string()),
         stats_file: Some("/var/log/vpncloud-mynet.stats".to_string()),
-        daemonize: true,
+        daemonize: true
-        ..Default::default()
     });
 }

src/crypto.rs

@@ -171,9 +171,7 @@ fn encrypt_decrypt_chacha20poly1305() {
     let msg_bytes = msg.as_bytes();
     let mut buffer = [0u8; 1024];
     let header = [0u8; 8];
-    for i in 0..msg_bytes.len() {
+    buffer[..msg_bytes.len()].clone_from_slice(&msg_bytes);
-        buffer[i] = msg_bytes[i];
-    }
     let mut nonce1 = [0u8; 12];
     let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce1, &header);
     assert_eq!(size, msg_bytes.len() + sender.additional_bytes());
@@ -195,9 +193,7 @@ fn encrypt_decrypt_aes256() {
     let msg_bytes = msg.as_bytes();
     let mut buffer = [0u8; 1024];
     let header = [0u8; 8];
-    for i in 0..msg_bytes.len() {
+    buffer[..msg_bytes.len()].clone_from_slice(&msg_bytes);
-        buffer[i] = msg_bytes[i];
-    }
     let mut nonce1 = [0u8; 12];
     let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce1, &header);
     assert_eq!(size, msg_bytes.len() + sender.additional_bytes());

src/main.rs

@@ -59,7 +59,7 @@ use crate::{
 const VERSION: u8 = 1;
 const MAGIC: HeaderMagic = *b"vpn\x01";
 
-static USAGE: &'static str = include_str!("usage.txt");
+static USAGE: &str = include_str!("usage.txt");
 
 
 #[derive(Deserialize, Debug, Default)]
@@ -127,7 +127,7 @@ impl log::Log for DualLogger {
             println!("{} - {}", record.level(), record.args());
             let mut file = self.file.lock().expect("Lock poisoned");
             if let Some(ref mut file) = *file {
-                let time = time::strftime("%F %T", &time::now()).expect("Failed to format timestamp");
+                let time = time::PrimitiveDateTime::now().format("%F %T");
                 writeln!(file, "{} - {} - {}", time, record.level(), record.args())
                     .expect("Failed to write to logfile");
             }
@@ -240,6 +240,7 @@ impl<P: Protocol> AnyCloud<P> {
 }
 
 
+#[allow(clippy::cognitive_complexity)]
 fn run<P: Protocol>(config: Config) {
     let device = try_fail!(
         TunTapDevice::new(&config.device_name, config.device_type, config.device_path.as_ref().map(|s| s as &str)),

src/tests/nat.rs

@@ -60,6 +60,7 @@ fn connect_nat_3_peers() {
 }
 
 #[test]
+#[allow(clippy::cognitive_complexity)]
 fn nat_keepalive() {
     init_debug_logger();
     MockTimeSource::set_time(0);

src/tests/peers.rs

@@ -5,6 +5,7 @@
 use super::*;
 
 #[test]
+#[allow(clippy::cognitive_complexity)]
 fn connect_v4() {
     let mut node1 = create_tap_node(false);
     let node1_addr = addr!("1.2.3.4:5678");
@@ -56,6 +57,7 @@ fn connect_v6() {
 }
 
 #[test]
+#[allow(clippy::cognitive_complexity)]
 fn cross_connect() {
     let mut node1 = create_tap_node(false);
     let node1_addr = addr!("1.1.1.1:1111");

src/udpmessage.rs

@@ -190,11 +190,7 @@ pub fn decode<'a>(data: &'a mut [u8], magic: HeaderMagic, crypto: &Crypto) -> Re
                 pos += read;
                 addrs.push(range);
             }
-            let mut peer_timeout = 1800;
+            let peer_timeout = if data.len() >= pos + 2 { Encoder::read_u16(&data[pos..]) } else { 1800 };
-            if data.len() >= pos + 2 {
-                peer_timeout = Encoder::read_u16(&data[pos..]);
-                // pos += 2; never read
-            }
             Message::Init(stage, node_id, addrs, peer_timeout)
         }
         3 => Message::Close,
@@ -353,12 +349,10 @@ fn udpmessage_packet() {
         let res = encode(&mut msg, &mut [], MAGIC, &mut crypto);
         assert_eq!(res.len(), 13);
         assert_eq!(&res[..8], &[118, 112, 110, 1, 0, 0, 0, 0]);
-        for i in 0..res.len() {
+        buf[..res.len()].clone_from_slice(&res);
-            buf[i] = res[i];
-        }
         len = res.len();
     }
-    let msg2 = decode(&mut buf[..len], MAGIC, &mut crypto).unwrap();
+    let msg2 = decode(&mut buf[..len], MAGIC, &crypto).unwrap();
     assert_eq!(msg, msg2);
 }
 
@@ -373,9 +367,7 @@ fn udpmessage_encrypted() {
         0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
     ];
     let mut orig_payload = [0; 133];
-    for i in 0..payload.len() {
+    orig_payload[..payload.len()].clone_from_slice(&payload);
-        orig_payload[i] = payload[i];
-    }
     let orig_msg = Message::Data(&mut orig_payload, 64, 69);
     let mut msg = Message::Data(&mut payload, 64, 69);
     let mut buf = [0; 1024];
@@ -384,12 +376,10 @@ fn udpmessage_encrypted() {
         let res = encode(&mut msg, &mut [], MAGIC, &mut crypto);
         assert_eq!(res.len(), 41);
         assert_eq!(&res[..8], &[118, 112, 110, 1, 1, 0, 0, 0]);
-        for i in 0..res.len() {
+        buf[..res.len()].clone_from_slice(&res);
-            buf[i] = res[i];
-        }
         len = res.len();
     }
-    let msg2 = decode(&mut buf[..len], MAGIC, &mut crypto).unwrap();
+    let msg2 = decode(&mut buf[..len], MAGIC, &crypto).unwrap();
     assert_eq!(orig_msg, msg2);
 }
 
@@ -414,16 +404,16 @@ fn udpmessage_peers() {
             assert_eq!(res[i], should[i]);
         }
     }
-    let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
+    let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
     assert_eq!(msg, msg2);
     // Missing IPv4 count
-    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1], MAGIC, &crypto).is_err());
     // Truncated IPv4
-    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1], MAGIC, &crypto).is_err());
     // Missing IPv6 count
-    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0], MAGIC, &crypto).is_err());
     // Truncated IPv6
-    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0, 1], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [118, 112, 110, 1, 0, 0, 0, 1, 1, 1, 2, 3, 4, 0, 0, 1], MAGIC, &crypto).is_err());
 }
 
 #[test]
@@ -448,7 +438,7 @@ fn udpmessage_init() {
             assert_eq!(res[i], should[i]);
         }
     }
-    let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
+    let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
     assert_eq!(msg, msg2);
 }
 
@@ -463,31 +453,31 @@ fn udpmessage_close() {
         assert_eq!(res.len(), 8);
         assert_eq!(&res, &should);
     }
-    let msg2 = decode(&mut should, MAGIC, &mut crypto).unwrap();
+    let msg2 = decode(&mut should, MAGIC, &crypto).unwrap();
     assert_eq!(msg, msg2);
 }
 
 #[test]
 fn udpmessage_invalid() {
-    let mut crypto = Crypto::None;
+    let crypto = Crypto::None;
-    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0], MAGIC, &mut crypto).is_ok());
+    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0], MAGIC, &crypto).is_ok());
     // too short
-    assert!(decode(&mut [], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [], MAGIC, &crypto).is_err());
     // invalid protocol
-    assert!(decode(&mut [0, 1, 2, 0, 0, 0, 0, 0], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [0, 1, 2, 0, 0, 0, 0, 0], MAGIC, &crypto).is_err());
     // invalid version
-    assert!(decode(&mut [0x76, 0x70, 0x6e, 0xaa, 0, 0, 0, 0], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [0x76, 0x70, 0x6e, 0xaa, 0, 0, 0, 0], MAGIC, &crypto).is_err());
     // invalid crypto
-    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0xaa, 0, 0, 0], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0xaa, 0, 0, 0], MAGIC, &crypto).is_err());
     // invalid msg type
-    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0xaa], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 0, 0, 0, 0xaa], MAGIC, &crypto).is_err());
 }
 
 #[test]
 fn udpmessage_invalid_crypto() {
-    let mut crypto = Crypto::from_shared_key(CryptoMethod::ChaCha20, "test");
+    let crypto = Crypto::from_shared_key(CryptoMethod::ChaCha20, "test");
     // truncated crypto
-    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 1, 0, 0, 0], MAGIC, &mut crypto).is_err());
+    assert!(decode(&mut [0x76, 0x70, 0x6e, 1, 1, 0, 0, 0], MAGIC, &crypto).is_err());
 }
 
 #[test]

src/util.rs

@@ -254,9 +254,9 @@ impl TimeSource for MockTimeSource {
 /// Helper function that multiplies the base62 data in buf[0..buflen] by 16 and adds m to it
 fn base62_add_mult_16(buf: &mut [u8], mut buflen: usize, m: u8) -> usize {
     let mut d: usize = m as usize;
-    for i in 0..buflen {
+    for item in buf.iter_mut().take(buflen) {
-        d += buf[i] as usize * 16;
+        d += *item as usize * 16;
-        buf[i] = (d % 62) as u8;
+        *item = (d % 62) as u8;
         d /= 62;
     }
     assert!(d < 62);
@@ -298,9 +298,9 @@ pub fn from_base62(data: &str) -> Result<Vec<u8>, char> {
             'a'..='z' => ((c as usize) % ('a' as usize)) + 36,
             _ => return Err(c)
         };
-        for i in 0..buf.len() {
+        for item in &mut buf {
-            val += buf[i] as usize * 62;
+            val += *item as usize * 62;
-            buf[i] = (val % 256) as u8;
+            *item = (val % 256) as u8;
             val /= 256;
         }
         if val > 0 {