Compare commits

..

1 Commits

Author SHA1 Message Date
Bogdan-Ștefan Neacşu 658ac4034a Test wg crate 2023-11-28 19:14:19 +01:00
5 changed files with 25 additions and 57 deletions
Generated
+1 -36
View File
@@ -2340,7 +2340,6 @@ dependencies = [
[[package]]
name = "defguard_wireguard_rs"
version = "0.3.0"
source = "git+https://github.com/DefGuard/wireguard-rs?rev=d40df5c4e598918253682c42c4aa189d0ec2499a#d40df5c4e598918253682c42c4aa189d0ec2499a"
dependencies = [
"base64 0.21.4",
"libc",
@@ -5805,19 +5804,6 @@ dependencies = [
"tokio",
]
[[package]]
name = "netlink-request"
version = "1.6.0"
dependencies = [
"netlink-packet-core 0.7.0",
"netlink-packet-generic",
"netlink-packet-route 0.17.1",
"netlink-packet-utils",
"netlink-sys",
"nix 0.25.1",
"once_cell",
]
[[package]]
name = "netlink-sys"
version = "0.8.5"
@@ -5853,8 +5839,6 @@ dependencies = [
"bitflags 1.3.2",
"cfg-if",
"libc",
"memoffset 0.6.5",
"pin-utils",
]
[[package]]
@@ -7644,6 +7628,7 @@ dependencies = [
"boringtun",
"bytes",
"dashmap",
"defguard_wireguard_rs",
"etherparse",
"futures",
"ip_network",
@@ -7660,7 +7645,6 @@ dependencies = [
"thiserror",
"tokio",
"tokio-tun",
"wireguard-control",
]
[[package]]
@@ -12573,25 +12557,6 @@ dependencies = [
"windows-sys 0.48.0",
]
[[package]]
name = "wireguard-control"
version = "1.6.0"
dependencies = [
"base64 0.13.1",
"hex",
"libc",
"log",
"netlink-packet-core 0.7.0",
"netlink-packet-generic",
"netlink-packet-route 0.17.1",
"netlink-packet-utils",
"netlink-packet-wireguard",
"netlink-request",
"netlink-sys",
"rand_core 0.6.4",
"x25519-dalek 2.0.0",
]
[[package]]
name = "with_builtin_macros"
version = "0.0.3"
+1 -2
View File
@@ -20,8 +20,7 @@ bincode = "1.3.3"
#boringtun = "0.6.0"
boringtun = { workspace = true }
bytes = "1.5.0"
#defguard_wireguard_rs = { git = "https://github.com/DefGuard/wireguard-rs", rev = "d40df5c4e598918253682c42c4aa189d0ec2499a" }
wireguard-control = { path = "../../../innernet/wireguard-control" }
defguard_wireguard_rs = { path = "../../../wireguard-rs" }
dashmap = "5.5.3"
etherparse = "0.13.0"
futures = "0.3.28"
+18 -14
View File
@@ -17,30 +17,34 @@ use std::sync::Arc;
#[cfg(target_os = "linux")]
use nym_tun::tun_device;
use defguard_wireguard_rs::{host::Peer, InterfaceConfiguration, WGApi, WireguardInterfaceApi};
use nym_network_defaults::{WG_PORT, WG_TUN_DEVICE_ADDRESS};
use nym_tun::tun_task_channel;
use setup::PRIVATE_KEY;
use wireguard_control::{Backend, Device, DeviceUpdate, Key, KeyPair, PeerConfigBuilder};
#[cfg(target_os = "linux")]
/// Start wireguard device
pub async fn start_wireguard(
mut task_client: nym_task::TaskClient,
_gateway_client_registry: Arc<GatewayClientRegistry>,
) -> Result<(), Box<dyn std::error::Error + Send + Sync + 'static>> {
) -> Result<WGApi, Box<dyn std::error::Error + Send + Sync + 'static>> {
let ifname = String::from("wg0");
let wgapi = WGApi::new(ifname.clone(), false)?;
wgapi.create_interface()?;
let interface_config = InterfaceConfiguration {
name: ifname.clone(),
prvkey: PRIVATE_KEY.to_string(),
address: WG_TUN_DEVICE_ADDRESS.to_string(),
port: WG_PORT as u32,
peers: vec![],
};
wgapi.configure_interface(&interface_config)?;
let peer = std::env::var("NYM_PEER_PUBLIC_KEY").expect("NYM_PEER_PUBLIC_KEY must be set");
let peer = PeerConfigBuilder::new(&Key::from_base64(&peer).unwrap())
.add_allowed_ip("10.1.0.2".parse()?, 32);
DeviceUpdate::new()
.set_keypair(KeyPair::from_private(
Key::from_base64(PRIVATE_KEY).unwrap(),
))
.set_listen_port(WG_PORT)
.add_peer(peer)
.apply(&"wg0".parse().unwrap(), Backend::Kernel)
.unwrap();
let mut peer = Peer::new(peer.as_str().try_into().unwrap());
peer.set_allowed_ips(vec!["10.1.0.2".parse().unwrap()]);
wgapi.configure_peer(&peer)?;
wgapi.configure_peer_routing(&vec![peer.clone()])?;
tokio::spawn(async move { task_client.recv().await });
Ok(())
Ok(wgapi)
}
+1 -1
View File
@@ -80,7 +80,7 @@ nym-validator-client = { path = "../common/client-libs/validator-client" }
nym-ip-packet-router = { path = "../service-providers/ip-packet-router" }
nym-wireguard = { path = "../common/wireguard", optional = true }
defguard_wireguard_rs = { git = "https://github.com/DefGuard/wireguard-rs", rev = "d40df5c4e598918253682c42c4aa189d0ec2499a", optional = true }
defguard_wireguard_rs = { path = "../../wireguard-rs", optional = true }
[dev-dependencies]
tower = "0.4.13"
+4 -4
View File
@@ -201,11 +201,10 @@ impl<St> Gateway<St> {
mixnet_handling::Listener::new(listening_address, shutdown).start(connection_handler);
}
#[cfg(target_os = "linux")]
async fn start_wireguard(
&self,
shutdown: TaskClient,
) -> Result<(), Box<dyn Error + Send + Sync>> {
) -> Result<WGApi, Box<dyn Error + Send + Sync>> {
// TODO: possibly we should start the UDP listener and TUN device explicitly here
nym_wireguard::start_wireguard(shutdown, Arc::clone(&self.client_registry)).await
}
@@ -521,8 +520,8 @@ impl<St> Gateway<St> {
Arc::new(coconut_verifier),
);
#[cfg(target_os = "linux")]
self.start_wireguard(shutdown.subscribe().named("wireguard"))
let wg_api = self
.start_wireguard(shutdown.subscribe().named("wireguard"))
.await
.expect("Could not start wireguard");
@@ -532,6 +531,7 @@ impl<St> Gateway<St> {
// that's a nasty workaround, but anyhow errors are generally nicer, especially on exit
bail!("{err}")
}
wg_api.remove_interface()?;
Ok(())
}
}