Changes to be committed:
modified: src/client.rs modified: src/config.rs modified: src/main.rs modified: src/server.rs
This commit is contained in:
parent
d004af8413
commit
694d90a3ea
@ -1,13 +1,10 @@
|
||||
use crossbeam_channel::{unbounded};
|
||||
use tokio::{net::UdpSocket, sync::{Mutex}};
|
||||
|
||||
|
||||
use crossbeam_channel::unbounded;
|
||||
use tokio::{net::UdpSocket, sync::Mutex};
|
||||
use std::io::{Read, Write};
|
||||
|
||||
use base64::prelude::*;
|
||||
use log::{error, info, warn};
|
||||
use std::sync::Arc;
|
||||
use std::net::{ Ipv4Addr };
|
||||
|
||||
use std::net::Ipv4Addr;
|
||||
use std::process::Command;
|
||||
use x25519_dalek::{PublicKey, StaticSecret};
|
||||
use aes_gcm::{
|
||||
@ -108,7 +105,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
|
||||
}
|
||||
});
|
||||
|
||||
let priv_key = base64::decode(client_config.client.private_key).unwrap();
|
||||
let priv_key = BASE64_STANDARD.decode(client_config.client.private_key).unwrap();
|
||||
|
||||
let cipher_shared_clone = cipher_shared.clone();
|
||||
tokio::spawn(async move {
|
||||
@ -140,7 +137,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
|
||||
let aes = Aes256Gcm::new(s_cipher.as_ref().unwrap().as_bytes().into());
|
||||
let nonce = Nonce::clone_from_slice(&wrapped_packet.nonce);
|
||||
match aes.decrypt(&nonce, &wrapped_packet.data[..]) {
|
||||
Ok(decrypted) => { tx.send(decrypted); },
|
||||
Ok(decrypted) => { let _ = tx.send(decrypted); },
|
||||
Err(error) => error!("Decryption error! {:?}", error)
|
||||
}
|
||||
} else {
|
||||
@ -157,7 +154,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
|
||||
}
|
||||
});
|
||||
|
||||
let pkey = base64::decode(client_config.client.public_key).unwrap();
|
||||
let pkey = BASE64_STANDARD.decode(client_config.client.public_key).unwrap();
|
||||
let handshake = UDPVpnHandshake{ public_key: pkey, request_ip: client_config.client.address.parse::<Ipv4Addr>().unwrap() };
|
||||
sock_snd.send(&handshake.serialize()).await.unwrap();
|
||||
|
||||
|
||||
@ -4,6 +4,7 @@ use serde_derive::Deserialize;
|
||||
use std::str::FromStr;
|
||||
use x25519_dalek::{StaticSecret, PublicKey};
|
||||
use rand::{rngs::StdRng, SeedableRng};
|
||||
use base64::prelude::*;
|
||||
|
||||
#[derive(Serialize, Deserialize, PartialEq, Debug)]
|
||||
pub struct ServerInterface {
|
||||
@ -44,12 +45,12 @@ pub struct ServerConfiguration {
|
||||
impl ServerConfiguration {
|
||||
pub fn default(bind_address: &str, internal_address: &str, broadcast_mode: bool, keepalive: u8, obfs_type: ObfsProtocol) -> Self {
|
||||
let mut csprng = StdRng::from_entropy();
|
||||
let secret = StaticSecret::new(&mut csprng);
|
||||
let secret = StaticSecret::random_from_rng(&mut csprng);
|
||||
ServerConfiguration { interface: ServerInterface {
|
||||
bind_address: String::from_str(bind_address).unwrap(),
|
||||
internal_address: String::from_str(internal_address).unwrap(),
|
||||
private_key: base64::encode(secret.as_bytes()),
|
||||
public_key: base64::encode(PublicKey::from(&secret).as_bytes()),
|
||||
private_key: BASE64_STANDARD.encode(secret.as_bytes()),
|
||||
public_key: BASE64_STANDARD.encode(PublicKey::from(&secret).as_bytes()),
|
||||
broadcast_mode,
|
||||
keepalive
|
||||
},
|
||||
@ -96,11 +97,11 @@ pub struct ClientConfiguration {
|
||||
impl ClientConfiguration {
|
||||
pub fn default(endpoint: &str, keepalive: u8, public_key: &str, internal_address: &str) -> Self {
|
||||
let mut csprng = StdRng::from_entropy();
|
||||
let secret = StaticSecret::new(&mut csprng);
|
||||
let secret = StaticSecret::random_from_rng(&mut csprng);
|
||||
ClientConfiguration {
|
||||
client: ClientInterface {
|
||||
private_key: base64::encode(secret.as_bytes()),
|
||||
public_key: base64::encode(PublicKey::from(&secret).as_bytes()),
|
||||
private_key: BASE64_STANDARD.encode(secret.as_bytes()),
|
||||
public_key: BASE64_STANDARD.encode(PublicKey::from(&secret).as_bytes()),
|
||||
address: String::from_str(internal_address).unwrap()
|
||||
},
|
||||
server: EndpointInterface {
|
||||
|
||||
@ -29,7 +29,7 @@ fn generate_server_config(matches: &ArgMatches, config_path: &str) {
|
||||
_ => ObfsProtocol::XOR
|
||||
};
|
||||
|
||||
fs::write(config_path, serde_yaml::to_string(&ServerConfiguration::default(bind_address, internal_address, broadcast_mode, keepalive, obfs_type)).unwrap());
|
||||
let _ = fs::write(config_path, serde_yaml::to_string(&ServerConfiguration::default(bind_address, internal_address, broadcast_mode, keepalive, obfs_type)).unwrap());
|
||||
}
|
||||
|
||||
fn generate_peer_config(matches: &ArgMatches, config_path: &str, cfg_raw: &String) {
|
||||
@ -60,9 +60,9 @@ fn generate_peer_config(matches: &ArgMatches, config_path: &str, cfg_raw: &Strin
|
||||
|
||||
config.peers.push(ServerPeer { public_key: cl_cfg.client.public_key.clone(), ip: internal_address.clone() });
|
||||
|
||||
fs::write(peer_cfg, serde_yaml::to_string(cl_cfg).unwrap());
|
||||
let _ = fs::write(peer_cfg, serde_yaml::to_string(cl_cfg).unwrap());
|
||||
|
||||
fs::write(config_path, serde_yaml::to_string(&config).unwrap());
|
||||
let _ = fs::write(config_path, serde_yaml::to_string(&config).unwrap());
|
||||
}
|
||||
|
||||
async fn init_server(cfg_raw: &str ) {
|
||||
|
||||
@ -1,20 +1,16 @@
|
||||
use crossbeam_channel::{unbounded};
|
||||
use tokio::{net::{UdpSocket}, sync::{Mutex}};
|
||||
|
||||
|
||||
use crossbeam_channel::unbounded;
|
||||
use tokio::{net::UdpSocket, sync::Mutex};
|
||||
use x25519_dalek::{PublicKey, StaticSecret};
|
||||
use std::io::{Read, Write};
|
||||
|
||||
use base64::prelude::*;
|
||||
use log::{error, info};
|
||||
use std::sync::Arc;
|
||||
use std::net::{ SocketAddr, Ipv4Addr, IpAddr };
|
||||
use std::collections::HashMap;
|
||||
|
||||
use aes_gcm::{ aead::{Aead, AeadCore, KeyInit, OsRng},
|
||||
Aes256Gcm, Nonce };
|
||||
|
||||
use crate::config::{ ServerConfiguration, ServerPeer};
|
||||
|
||||
use crate::udp::{UDPSerializable, UDPVpnHandshake, UDPVpnPacket};
|
||||
|
||||
pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
@ -56,7 +52,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
tokio::spawn(async move {
|
||||
loop {
|
||||
if let Ok((handshake, addr)) = recv2hnd.recv() {
|
||||
sock_hnd.send_to(&handshake.serialize(), addr).await;
|
||||
let _ = sock_hnd.send_to(&handshake.serialize(), addr).await;
|
||||
}
|
||||
}
|
||||
});
|
||||
@ -78,7 +74,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
|
||||
if let Ok(ciphered_d) = ciphered_data {
|
||||
let vpn_packet = UDPVpnPacket{ data: ciphered_d, nonce: nonce.to_vec()};
|
||||
sock_snd.send_to(&vpn_packet.serialize(), peer.addr).await;
|
||||
let _ = sock_snd.send_to(&vpn_packet.serialize(), peer.addr).await;
|
||||
} else {
|
||||
error!("Traffic encryption failed.");
|
||||
}
|
||||
@ -108,8 +104,8 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
0 => {
|
||||
// (&buf[1..len]).to_vec()
|
||||
let handshake = UDPVpnHandshake::deserialize(&buf);
|
||||
info!("Got handshake! ip: {:?}; key: {:?}", handshake.request_ip, base64::encode(&handshake.public_key));
|
||||
let skey = base64::encode(&handshake.public_key);
|
||||
info!("Got handshake! ip: {:?}; key: {:?}", handshake.request_ip, BASE64_STANDARD.encode(&handshake.public_key));
|
||||
let skey = BASE64_STANDARD.encode(&handshake.public_key);
|
||||
if plp.iter().any(|c| c.ip == handshake.request_ip && c.public_key == skey) {
|
||||
let internal_ip = IpAddr::V4(handshake.request_ip);
|
||||
info!("Accepted client");
|
||||
@ -117,7 +113,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
for (&x, p) in handshake.public_key.iter().zip(k.iter_mut()) {
|
||||
*p = x;
|
||||
}
|
||||
let static_secret = base64::decode(&server_config.interface.private_key).unwrap();
|
||||
let static_secret = BASE64_STANDARD.decode(&server_config.interface.private_key).unwrap();
|
||||
let mut k1 = [0u8; 32];
|
||||
for (&x, p) in static_secret.iter().zip(k1.iter_mut()) {
|
||||
*p = x;
|
||||
@ -126,9 +122,9 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
.diffie_hellman(&PublicKey::from(k));
|
||||
mp.insert(internal_ip, UDPeer { addr, shared_secret: *shared_secret.as_bytes() });
|
||||
|
||||
let handshake_response = UDPVpnHandshake{ public_key: base64::decode(&server_config.interface.public_key).unwrap(), request_ip: handshake.request_ip };
|
||||
let handshake_response = UDPVpnHandshake{ public_key: BASE64_STANDARD.decode(&server_config.interface.public_key).unwrap(), request_ip: handshake.request_ip };
|
||||
|
||||
send2hnd.send((handshake_response, addr));
|
||||
let _ = send2hnd.send((handshake_response, addr));
|
||||
} else {
|
||||
info!("Bad handshake");
|
||||
plp.iter().for_each(|c| info!("ip: {:?}; pkey: {:?}", c.ip, c.public_key));
|
||||
@ -141,7 +137,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
|
||||
let aes = Aes256Gcm::new(&p.shared_secret.into());
|
||||
let nonce = Nonce::clone_from_slice(&packet.nonce[..]);
|
||||
match aes.decrypt(&nonce, &packet.data[..]) {
|
||||
Ok(decrypted) => { send2tun.send(decrypted); },
|
||||
Ok(decrypted) => { let _ = send2tun.send(decrypted); },
|
||||
Err(error) => error!("Decryption error! {:?}", error)
|
||||
}
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user