add support for preshared keys
This commit is contained in:
Jett Chen
parent
614e17d2d5
commit
5174fdd238
4 changed files with 33 additions and 21 deletions
|
|
@ -21,18 +21,22 @@ pub use net::start_srv;
|
||||||
pub use response::{DaemonResponseData, DaemonResponse, ServerInfo};
|
pub use response::{DaemonResponseData, DaemonResponse, ServerInfo};
|
||||||
|
|
||||||
#[throws]
|
#[throws]
|
||||||
fn parse_secret_key(string: &str) -> StaticSecret {
|
fn parse_key(string: &str) -> [u8; 32] {
|
||||||
let value = general_purpose::STANDARD.decode(string)?;
|
let value = general_purpose::STANDARD.decode(string)?;
|
||||||
let mut key = [0u8; 32];
|
let mut key = [0u8; 32];
|
||||||
key.copy_from_slice(&value[..]);
|
key.copy_from_slice(&value[..]);
|
||||||
|
key
|
||||||
|
}
|
||||||
|
|
||||||
|
#[throws]
|
||||||
|
fn parse_secret_key(string: &str) -> StaticSecret {
|
||||||
|
let key = parse_key(string)?;
|
||||||
StaticSecret::from(key)
|
StaticSecret::from(key)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[throws]
|
#[throws]
|
||||||
fn parse_public_key(string: &str) -> PublicKey {
|
fn parse_public_key(string: &str) -> PublicKey {
|
||||||
let value = general_purpose::STANDARD.decode(string)?;
|
let key = parse_key(string)?;
|
||||||
let mut key = [0u8; 32];
|
|
||||||
key.copy_from_slice(&value[..]);
|
|
||||||
PublicKey::from(key)
|
PublicKey::from(key)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -47,11 +51,13 @@ pub async fn daemon_main() -> Result<()> {
|
||||||
|
|
||||||
let private_key = parse_secret_key("GNqIAOCRxjl/cicZyvkvpTklgQuUmGUIEkH7IXF/sEE=")?;
|
let private_key = parse_secret_key("GNqIAOCRxjl/cicZyvkvpTklgQuUmGUIEkH7IXF/sEE=")?;
|
||||||
let public_key = parse_public_key("uy75leriJay0+oHLhRMpV+A5xAQ0hCJ+q7Ww81AOvT4=")?;
|
let public_key = parse_public_key("uy75leriJay0+oHLhRMpV+A5xAQ0hCJ+q7Ww81AOvT4=")?;
|
||||||
|
let preshared_key = Some(parse_key("s7lx/mg+reVEMnGnqeyYOQkzD86n2+gYnx1M9ygi08k=")?);
|
||||||
let endpoint = "wg.burrow.rs:51820".to_socket_addrs()?.next().unwrap();
|
let endpoint = "wg.burrow.rs:51820".to_socket_addrs()?.next().unwrap();
|
||||||
let iface = Interface::new(tun, vec![Peer {
|
let iface = Interface::new(tun, vec![Peer {
|
||||||
endpoint,
|
endpoint,
|
||||||
private_key,
|
private_key,
|
||||||
public_key,
|
public_key,
|
||||||
|
preshared_key,
|
||||||
allowed_ips: vec![IpNetwork::V4(Ipv4Network::DEFAULT_ROUTE)],
|
allowed_ips: vec![IpNetwork::V4(Ipv4Network::DEFAULT_ROUTE)],
|
||||||
}])?;
|
}])?;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -142,10 +142,6 @@ impl Interface {
|
||||||
Ok(siz) => {
|
Ok(siz) => {
|
||||||
log::info!("received {} bytes from peer",siz);
|
log::info!("received {} bytes from peer",siz);
|
||||||
log::debug!("bytes: {:?}", &recv_buf[..siz]);
|
log::debug!("bytes: {:?}", &recv_buf[..siz]);
|
||||||
match tun.send(&recv_buf[..siz]).await{
|
|
||||||
Ok(..) => log::debug!("sent packet to interface"),
|
|
||||||
Err(e) => log::error!("failed to send packet {}", e),
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
log::error!("failed to receive packet {}", e);
|
log::error!("failed to receive packet {}", e);
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ pub struct PeerPcb {
|
||||||
impl PeerPcb {
|
impl PeerPcb {
|
||||||
#[throws]
|
#[throws]
|
||||||
pub fn new(peer: Peer) -> Self {
|
pub fn new(peer: Peer) -> Self {
|
||||||
let tunnel = Tunnel::new(peer.private_key, peer.public_key, None, None, 1, None)
|
let tunnel = Tunnel::new(peer.private_key, peer.public_key, peer.preshared_key, None, 1, None)
|
||||||
.map_err(|s| anyhow::anyhow!("{}", s))?;
|
.map_err(|s| anyhow::anyhow!("{}", s))?;
|
||||||
|
|
||||||
Self {
|
Self {
|
||||||
|
|
@ -72,22 +72,31 @@ impl PeerPcb {
|
||||||
};
|
};
|
||||||
let mut res_buf = [0;1500];
|
let mut res_buf = [0;1500];
|
||||||
let (len, addr) = socket.recv_from(&mut res_buf).await?;
|
let (len, addr) = socket.recv_from(&mut res_buf).await?;
|
||||||
let res_dat = &res_buf[..len];
|
let mut res_dat = &res_buf[..len];
|
||||||
tracing::debug!("Decapsulating {} bytes from {}", len, addr);
|
tracing::debug!("Decapsulating {} bytes from {}", len, addr);
|
||||||
tracing::debug!("{:?}", &res_dat);
|
tracing::debug!("{:?}", &res_dat);
|
||||||
match self.tunnel.decapsulate(None, res_dat, &mut buf[..]) {
|
loop {
|
||||||
TunnResult::Done => {tracing::debug!("Decapsulate done")}
|
match self.tunnel.decapsulate(None, res_dat, &mut buf[..]) {
|
||||||
TunnResult::Err(e) => {
|
TunnResult::Done => {
|
||||||
tracing::error!(message = "Decapsulate error", error = ?e)
|
tracing::debug!("Decapsulate done");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
TunnResult::Err(e) => {
|
||||||
|
tracing::error!(message = "Decapsulate error", error = ?e);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
TunnResult::WriteToNetwork(packet) => {
|
||||||
|
tracing::debug!("WriteToNetwork: {:?}", packet);
|
||||||
|
res_dat = &[];
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
TunnResult::WriteToTunnelV4(packet, addr) => {
|
||||||
|
tracing::debug!("WriteToTunnelV4: {:?}, {:?}", packet, addr);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
e => panic!("Unexpected result from decapsulate: {:?}", e),
|
||||||
}
|
}
|
||||||
TunnResult::WriteToNetwork(packet) => {
|
|
||||||
tracing::debug!("sending {} bytes to {}", packet.len(), addr);
|
|
||||||
let socket = self.socket().await?;
|
|
||||||
socket.send(packet).await?;
|
|
||||||
}
|
|
||||||
_ => panic!("Unexpected result from decapsulate"),
|
|
||||||
}
|
}
|
||||||
tracing::debug!("received {} bytes from {}", len, addr);
|
|
||||||
return Ok(len)
|
return Ok(len)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ pub struct Peer {
|
||||||
pub private_key: StaticSecret,
|
pub private_key: StaticSecret,
|
||||||
pub public_key: PublicKey,
|
pub public_key: PublicKey,
|
||||||
pub allowed_ips: Vec<IpNetwork>,
|
pub allowed_ips: Vec<IpNetwork>,
|
||||||
|
pub preshared_key: Option<[u8; 32]>
|
||||||
}
|
}
|
||||||
|
|
||||||
impl fmt::Debug for Peer {
|
impl fmt::Debug for Peer {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue