From 3770fcdc830a8de3c5c002f766db4fd38f9acb51 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 2 Sep 2022 16:21:08 -0400 Subject: [PATCH] build fixes --- network-hypervisor/src/util/buffer.rs | 6 ++- network-hypervisor/src/util/mod.rs | 8 ---- network-hypervisor/src/vl1/address.rs | 6 ++- network-hypervisor/src/vl1/careof.rs | 2 +- network-hypervisor/src/vl1/dictionary.rs | 14 ++++-- network-hypervisor/src/vl1/identity.rs | 38 ++++++++++++---- network-hypervisor/src/vl1/mac.rs | 4 +- network-hypervisor/src/vl1/node.rs | 56 +++++++++++++++++++----- network-hypervisor/src/vl2/networkid.rs | 6 ++- 9 files changed, 102 insertions(+), 38 deletions(-) diff --git a/network-hypervisor/src/util/buffer.rs b/network-hypervisor/src/util/buffer.rs index df8f30af8..3d5d1eba1 100644 --- a/network-hypervisor/src/util/buffer.rs +++ b/network-hypervisor/src/util/buffer.rs @@ -5,6 +5,8 @@ use std::mem::{size_of, MaybeUninit}; use crate::util::pool::PoolFactory; +use zerotier_utils::varint; + /// An I/O buffer with extensions for efficiently reading and writing various objects. /// /// WARNING: Structures can only be handled through raw read/write here if they are @@ -280,7 +282,7 @@ impl Buffer { #[inline(always)] pub fn append_varint(&mut self, i: u64) -> std::io::Result<()> { - crate::util::varint::write(self, i) + varint::write(self, i) } #[inline(always)] @@ -469,7 +471,7 @@ impl Buffer { let c = *cursor; if c < self.0 { let mut a = &self.1[c..]; - crate::util::varint::read(&mut a).map(|r| { + varint::read(&mut a).map(|r| { *cursor = c + r.1; debug_assert!(*cursor <= self.0); r.0 diff --git a/network-hypervisor/src/util/mod.rs b/network-hypervisor/src/util/mod.rs index 08ce8e66c..fc7009496 100644 --- a/network-hypervisor/src/util/mod.rs +++ b/network-hypervisor/src/util/mod.rs @@ -6,9 +6,6 @@ pub(crate) mod gate; pub mod marshalable; pub(crate) mod pool; -pub use zerotier_core_crypto::hex; -pub use zerotier_core_crypto::varint; - /// A value for ticks that indicates that something never happened, and is thus very long before zero ticks. pub(crate) const NEVER_HAPPENED_TICKS: i64 = -2147483648; @@ -55,8 +52,3 @@ pub(crate) fn bytes_as_flat_object(b: &[u8]) -> &T { assert!(b.len() >= std::mem::size_of::()); unsafe { &*b.as_ptr().cast() } } - -/// Include this in a branch to hint the compiler that it's unlikely. -#[inline(never)] -#[cold] -pub(crate) extern "C" fn unlikely_branch() {} diff --git a/network-hypervisor/src/vl1/address.rs b/network-hypervisor/src/vl1/address.rs index d28f00328..a5826413e 100644 --- a/network-hypervisor/src/vl1/address.rs +++ b/network-hypervisor/src/vl1/address.rs @@ -8,10 +8,12 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer}; use crate::error::InvalidFormatError; use crate::util::buffer::Buffer; -use crate::util::hex::HEX_CHARS; use crate::util::marshalable::Marshalable; use crate::vl1::protocol::{ADDRESS_RESERVED_PREFIX, ADDRESS_SIZE}; +use zerotier_utils::hex; +use zerotier_utils::hex::HEX_CHARS; + /// A unique address on the global ZeroTier VL1 network. #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord)] #[repr(transparent)] @@ -96,7 +98,7 @@ impl FromStr for Address { type Err = InvalidFormatError; fn from_str(s: &str) -> Result { - Address::from_bytes(crate::util::hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |a| Ok(a)) + Address::from_bytes(hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |a| Ok(a)) } } diff --git a/network-hypervisor/src/vl1/careof.rs b/network-hypervisor/src/vl1/careof.rs index 27855ce5a..166f454ac 100644 --- a/network-hypervisor/src/vl1/careof.rs +++ b/network-hypervisor/src/vl1/careof.rs @@ -5,7 +5,7 @@ use std::io::{Read, Write}; use crate::vl1::identity::Identity; use crate::vl1::protocol::IDENTITY_FINGERPRINT_SIZE; -use zerotier_core_crypto::varint; +use zerotier_utils::varint; /// A signed bundle of identity fingerprints of nodes through which a node might be reached (e.g. roots). /// diff --git a/network-hypervisor/src/vl1/dictionary.rs b/network-hypervisor/src/vl1/dictionary.rs index 4ecb7ff69..8a656a4d3 100644 --- a/network-hypervisor/src/vl1/dictionary.rs +++ b/network-hypervisor/src/vl1/dictionary.rs @@ -3,7 +3,8 @@ use std::collections::BTreeMap; use std::io::Write; -use crate::util::hex::HEX_CHARS; +use zerotier_utils::hex; +use zerotier_utils::hex::HEX_CHARS; const BOOL_TRUTH: &str = "1tTyY"; @@ -104,7 +105,7 @@ impl Dictionary { } pub fn set_u64(&mut self, k: &str, v: u64) { - let _ = self.0.insert(String::from(k), crate::util::hex::to_vec_u64(v, true)); + let _ = self.0.insert(String::from(k), hex::to_vec_u64(v, true)); } pub fn set_bytes(&mut self, k: &str, v: Vec) { @@ -112,7 +113,14 @@ impl Dictionary { } pub fn set_bool(&mut self, k: &str, v: bool) { - let _ = self.0.insert(String::from(k), vec![if v { b'1' } else { b'0' }]); + let _ = self.0.insert( + String::from(k), + vec![if v { + b'1' + } else { + b'0' + }], + ); } /// Write a dictionary in transport format to a writer. diff --git a/network-hypervisor/src/vl1/identity.rs b/network-hypervisor/src/vl1/identity.rs index 567c8625a..a0f7b30cc 100644 --- a/network-hypervisor/src/vl1/identity.rs +++ b/network-hypervisor/src/vl1/identity.rs @@ -9,12 +9,13 @@ use std::str::FromStr; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use zerotier_core_crypto::hash::*; -use zerotier_core_crypto::hex; use zerotier_core_crypto::p384::*; use zerotier_core_crypto::salsa::Salsa; use zerotier_core_crypto::secret::Secret; use zerotier_core_crypto::x25519::*; +use zerotier_utils::hex; + use crate::error::{InvalidFormatError, InvalidParameterError}; use crate::util::{bytes_as_flat_object, flat_object_as_bytes, AlignmentNeutral}; use crate::vl1::protocol::{ADDRESS_SIZE, ADDRESS_SIZE_STRING, IDENTITY_FINGERPRINT_SIZE, IDENTITY_POW_THRESHOLD}; @@ -208,7 +209,8 @@ impl Identity { let p384_ecdh = P384KeyPair::generate(); let p384_ecdsa = P384KeyPair::generate(); - let mut self_sign_buf: Vec = Vec::with_capacity(ADDRESS_SIZE + C25519_PUBLIC_KEY_SIZE + ED25519_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_ECDSA_SIGNATURE_SIZE + 4); + let mut self_sign_buf: Vec = + Vec::with_capacity(ADDRESS_SIZE + C25519_PUBLIC_KEY_SIZE + ED25519_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_ECDSA_SIGNATURE_SIZE + 4); let _ = self_sign_buf.write_all(&self.address.to_bytes()); let _ = self_sign_buf.write_all(&self.x25519); let _ = self_sign_buf.write_all(&self.ed25519); @@ -302,7 +304,13 @@ impl Identity { // for the final result to be technically FIPS compliant. Non-FIPS algorithm secrets are considered // a salt in the HMAC(salt, key) HKDF construction. if secret.p384.is_some() && other.p384.is_some() { - secret.p384.as_ref().unwrap().ecdh.agree(&other.p384.as_ref().unwrap().ecdh).map(|p384_secret| Secret(hmac_sha512(&c25519_secret.0, &p384_secret.0))) + secret + .p384 + .as_ref() + .unwrap() + .ecdh + .agree(&other.p384.as_ref().unwrap().ecdh) + .map(|p384_secret| Secret(hmac_sha512(&c25519_secret.0, &p384_secret.0))) } else { Some(c25519_secret) } @@ -493,7 +501,12 @@ impl Identity { } IdentityBytes::X25519P384Public(b) => { let b: &packed::V1 = bytes_as_flat_object(b); - if b.v0.key_type == 0 && b.v0.secret_length == 0 && b.v0.reserved == 0x03 && u16::from_be_bytes(b.v0.ext_len) == (Self::BYTE_LENGTH_X25519P384_PUBLIC - Self::BYTE_LENGTH_X25519_PUBLIC) as u16 && b.key_type_flags == Self::ALGORITHM_EC_NIST_P384 { + if b.v0.key_type == 0 + && b.v0.secret_length == 0 + && b.v0.reserved == 0x03 + && u16::from_be_bytes(b.v0.ext_len) == (Self::BYTE_LENGTH_X25519P384_PUBLIC - Self::BYTE_LENGTH_X25519_PUBLIC) as u16 + && b.key_type_flags == Self::ALGORITHM_EC_NIST_P384 + { Some(Self { address: Address::from_bytes_fixed(&b.v0.address)?, x25519: b.v0.x25519, @@ -608,13 +621,15 @@ impl Identity { s.push(':'); } s.push_str(":2:"); // 2 == IDENTITY_ALGORITHM_EC_NIST_P384 - let p384_joined: [u8; P384_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_ECDSA_SIGNATURE_SIZE + ED25519_SIGNATURE_SIZE] = concat_arrays_4(p384.ecdh.as_bytes(), p384.ecdsa.as_bytes(), &p384.ecdsa_self_signature, &p384.ed25519_self_signature); + let p384_joined: [u8; P384_PUBLIC_KEY_SIZE + P384_PUBLIC_KEY_SIZE + P384_ECDSA_SIGNATURE_SIZE + ED25519_SIGNATURE_SIZE] = + concat_arrays_4(p384.ecdh.as_bytes(), p384.ecdsa.as_bytes(), &p384.ecdsa_self_signature, &p384.ed25519_self_signature); s.push_str(base64::encode_config(p384_joined, base64::URL_SAFE_NO_PAD).as_str()); if self.secret.is_some() && include_private { let secret = self.secret.as_ref().unwrap(); if secret.p384.is_some() { let p384_secret = secret.p384.as_ref().unwrap(); - let p384_secret_joined: [u8; P384_SECRET_KEY_SIZE + P384_SECRET_KEY_SIZE] = concat_arrays_2(p384_secret.ecdh.secret_key_bytes().as_bytes(), p384_secret.ecdsa.secret_key_bytes().as_bytes()); + let p384_secret_joined: [u8; P384_SECRET_KEY_SIZE + P384_SECRET_KEY_SIZE] = + concat_arrays_2(p384_secret.ecdh.secret_key_bytes().as_bytes(), p384_secret.ecdsa.secret_key_bytes().as_bytes()); s.push(':'); s.push_str(base64::encode_config(p384_secret_joined, base64::URL_SAFE_NO_PAD).as_str()); } @@ -723,7 +738,9 @@ impl FromStr for Identity { Some(IdentityP384Public { ecdh: ecdh.unwrap(), ecdsa: ecdsa.unwrap(), - ecdsa_self_signature: keys[2].as_slice()[(P384_PUBLIC_KEY_SIZE * 2)..((P384_PUBLIC_KEY_SIZE * 2) + P384_ECDSA_SIGNATURE_SIZE)].try_into().unwrap(), + ecdsa_self_signature: keys[2].as_slice()[(P384_PUBLIC_KEY_SIZE * 2)..((P384_PUBLIC_KEY_SIZE * 2) + P384_ECDSA_SIGNATURE_SIZE)] + .try_into() + .unwrap(), ed25519_self_signature: keys[2].as_slice()[((P384_PUBLIC_KEY_SIZE * 2) + P384_ECDSA_SIGNATURE_SIZE)..].try_into().unwrap(), }) }, @@ -937,7 +954,10 @@ impl<'de> serde::de::Visitor<'de> for IdentityVisitor { where E: serde::de::Error, { - IdentityBytes::try_from(v).map_or_else(|e| Err(E::custom(e.to_string())), |b| Identity::from_bytes(&b).map_or_else(|| Err(E::custom("invalid identity")), |id| Ok(id))) + IdentityBytes::try_from(v).map_or_else( + |e| Err(E::custom(e.to_string())), + |b| Identity::from_bytes(&b).map_or_else(|| Err(E::custom("invalid identity")), |id| Ok(id)), + ) } fn visit_str(self, v: &str) -> Result @@ -965,7 +985,7 @@ impl<'de> Deserialize<'de> for Identity { mod tests { use crate::vl1::identity::*; use std::str::FromStr; - use zerotier_core_crypto::hex; + use zerotier_utils::hex; #[test] fn v0_identity() { diff --git a/network-hypervisor/src/vl1/mac.rs b/network-hypervisor/src/vl1/mac.rs index 3ff4c6d2b..86c56d4c9 100644 --- a/network-hypervisor/src/vl1/mac.rs +++ b/network-hypervisor/src/vl1/mac.rs @@ -11,6 +11,8 @@ use crate::error::InvalidFormatError; use crate::util::buffer::Buffer; use crate::util::marshalable::Marshalable; +use zerotier_utils::hex; + /// An Ethernet MAC address. #[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord)] #[repr(transparent)] @@ -88,7 +90,7 @@ impl FromStr for MAC { type Err = InvalidFormatError; fn from_str(s: &str) -> Result { - MAC::from_bytes(crate::util::hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |m| Ok(m)) + MAC::from_bytes(hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |m| Ok(m)) } } diff --git a/network-hypervisor/src/vl1/node.rs b/network-hypervisor/src/vl1/node.rs index 0f4f81b38..cb2240252 100644 --- a/network-hypervisor/src/vl1/node.rs +++ b/network-hypervisor/src/vl1/node.rs @@ -22,6 +22,8 @@ use crate::vl1::whoisqueue::{QueuedPacket, WhoisQueue}; use crate::vl1::{Address, Endpoint, Identity, RootSet}; use crate::Event; +use zerotier_utils::hex; + /// Trait implemented by external code to handle events and provide an interface to the system or application. /// /// These methods are basically callbacks that the core calls to request or transmit things. They are called @@ -97,7 +99,16 @@ pub trait InnerProtocolInterface: Sync + Send + 'static { async fn handle_packet(&self, source: &Peer, source_path: &Path, verb: u8, payload: &PacketBuffer) -> bool; /// Handle errors, returning true if the error was recognized. - async fn handle_error(&self, source: &Peer, source_path: &Path, in_re_verb: u8, in_re_message_id: u64, error_code: u8, payload: &PacketBuffer, cursor: &mut usize) -> bool; + async fn handle_error( + &self, + source: &Peer, + source_path: &Path, + in_re_verb: u8, + in_re_message_id: u64, + error_code: u8, + payload: &PacketBuffer, + cursor: &mut usize, + ) -> bool; /// Handle an OK, returing true if the OK was recognized. async fn handle_ok(&self, source: &Peer, source_path: &Path, in_re_verb: u8, in_re_message_id: u64, payload: &PacketBuffer, cursor: &mut usize) -> bool; @@ -400,7 +411,9 @@ impl Node { for m in rs.members.iter() { if m.identity.eq(&self.identity) { let _ = my_root_sets.get_or_insert_with(|| Vec::new()).write_all(rs.to_bytes().as_slice()); - } else if self.peers.read().get(&m.identity.address).map_or(false, |p| !p.identity.eq(&m.identity)) || address_collision_check.insert(m.identity.address, &m.identity).map_or(false, |old_id| !old_id.eq(&m.identity)) { + } else if self.peers.read().get(&m.identity.address).map_or(false, |p| !p.identity.eq(&m.identity)) + || address_collision_check.insert(m.identity.address, &m.identity).map_or(false, |old_id| !old_id.eq(&m.identity)) + { address_collisions.push(m.identity.address); } } @@ -410,14 +423,22 @@ impl Node { for (_, rs) in roots.sets.iter() { for m in rs.members.iter() { if m.endpoints.is_some() && !address_collisions.contains(&m.identity.address) && !m.identity.eq(&self.identity) { - debug_event!(si, "[vl1] examining root {} with {} endpoints", m.identity.address.to_string(), m.endpoints.as_ref().map_or(0, |e| e.len())); + debug_event!( + si, + "[vl1] examining root {} with {} endpoints", + m.identity.address.to_string(), + m.endpoints.as_ref().map_or(0, |e| e.len()) + ); let peers = self.peers.upgradable_read(); if let Some(peer) = peers.get(&m.identity.address) { new_roots.insert(peer.clone(), m.endpoints.as_ref().unwrap().iter().cloned().collect()); } else { if let Some(peer) = Peer::::new(&self.identity, m.identity.clone(), tt) { new_roots.insert( - parking_lot::RwLockUpgradableReadGuard::upgrade(peers).entry(m.identity.address).or_insert_with(|| Arc::new(peer)).clone(), + parking_lot::RwLockUpgradableReadGuard::upgrade(peers) + .entry(m.identity.address) + .or_insert_with(|| Arc::new(peer)) + .clone(), m.endpoints.as_ref().unwrap().iter().cloned().collect(), ); } else { @@ -542,14 +563,22 @@ impl Node { Duration::from_millis(1000) } - pub async fn handle_incoming_physical_packet(&self, si: &SI, ph: &PH, source_endpoint: &Endpoint, source_local_socket: &SI::LocalSocket, source_local_interface: &SI::LocalInterface, mut data: PooledPacketBuffer) { + pub async fn handle_incoming_physical_packet( + &self, + si: &SI, + ph: &PH, + source_endpoint: &Endpoint, + source_local_socket: &SI::LocalSocket, + source_local_interface: &SI::LocalInterface, + mut data: PooledPacketBuffer, + ) { debug_event!( si, "[vl1] {} -> #{} {}->{} length {} (on socket {}@{})", source_endpoint.to_string(), - data.bytes_fixed_at::<8>(0).map_or("????????????????".into(), |pid| zerotier_core_crypto::hex::to_string(pid)), - data.bytes_fixed_at::<5>(13).map_or("??????????".into(), |src| zerotier_core_crypto::hex::to_string(src)), - data.bytes_fixed_at::<5>(8).map_or("??????????".into(), |dest| zerotier_core_crypto::hex::to_string(dest)), + data.bytes_fixed_at::<8>(0).map_or("????????????????".into(), |pid| hex::to_string(pid)), + data.bytes_fixed_at::<5>(13).map_or("??????????".into(), |src| hex::to_string(src)), + data.bytes_fixed_at::<5>(8).map_or("??????????".into(), |dest| hex::to_string(dest)), data.len(), source_local_socket.to_string(), source_local_interface.to_string() @@ -565,7 +594,13 @@ impl Node { if fragment_header.is_fragment() { #[cfg(debug_assertions)] let fragment_header_id = u64::from_be_bytes(fragment_header.id); - debug_event!(si, "[vl1] #{:0>16x} fragment {} of {} received", u64::from_be_bytes(fragment_header.id), fragment_header.fragment_no(), fragment_header.total_fragments()); + debug_event!( + si, + "[vl1] #{:0>16x} fragment {} of {} received", + u64::from_be_bytes(fragment_header.id), + fragment_header.fragment_no(), + fragment_header.total_fragments() + ); if let Some(assembled_packet) = path.receive_fragment(fragment_header.packet_id(), fragment_header.fragment_no(), fragment_header.total_fragments(), data, time_ticks) { if let Some(frag0) = assembled_packet.frags[0].as_ref() { @@ -575,7 +610,8 @@ impl Node { if let Ok(packet_header) = frag0.struct_at::(0) { if let Some(source) = Address::from_bytes(&packet_header.src) { if let Some(peer) = self.peer(source) { - peer.receive(self, si, ph, time_ticks, &path, &packet_header, frag0, &assembled_packet.frags[1..(assembled_packet.have as usize)]).await; + peer.receive(self, si, ph, time_ticks, &path, &packet_header, frag0, &assembled_packet.frags[1..(assembled_packet.have as usize)]) + .await; } else { self.whois.query(self, si, source, Some(QueuedPacket::Fragmented(assembled_packet))); } diff --git a/network-hypervisor/src/vl2/networkid.rs b/network-hypervisor/src/vl2/networkid.rs index e8060ca30..c59c72340 100644 --- a/network-hypervisor/src/vl2/networkid.rs +++ b/network-hypervisor/src/vl2/networkid.rs @@ -8,9 +8,11 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer}; use crate::error::InvalidFormatError; use crate::util::buffer::Buffer; -use crate::util::hex::HEX_CHARS; use crate::util::marshalable::Marshalable; +use zerotier_utils::hex; +use zerotier_utils::hex::HEX_CHARS; + #[derive(Clone, Copy, PartialEq, Eq, PartialOrd, Ord)] #[repr(transparent)] pub struct NetworkId(NonZeroU64); @@ -85,7 +87,7 @@ impl FromStr for NetworkId { type Err = InvalidFormatError; fn from_str(s: &str) -> Result { - NetworkId::from_bytes(crate::util::hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |a| Ok(a)) + NetworkId::from_bytes(hex::from_string(s).as_slice()).map_or_else(|| Err(InvalidFormatError), |a| Ok(a)) } }