gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-12 07:40:30 -08:00
Code Issues Packages Projects Releases Wiki Activity
537 Commits 61 Branches 19 Tags
258efe408cba74745dabe41a730e04b5a06b0b2d
Commit Graph

537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Karolin Varner
258efe408c fix: PSK broker integration did not work 
This commit resolves multiple issues with the PSK broker integration.

- The manual testing procedure never actually utilized the brokers
  due to the use of the outfile option, this led to issues with the
  broker being hidden.
- The manual testing procedure omitted checking whether a PSK was
  actually sent to WireGuard entirely. This was fixed by writing an
  entirely new manual integration testing shell-script that can serve
  as a blueprint for future integration tests.
- Many parts of the PSK broker code did not report (log) errors
  accurately; added error logging
- BrokerServer set message.payload.return_code to the msg_type value,
  this led to crashes
- The PSK broker commands all omitted to set the memfd policy, this led
  to immediate crashes once secrets where actually allocated
- The MioBrokerClient IO state machine was broken and the design was
  too obtuse to debug. The state machine returned the length prefix as
  a message instead of actually interpreting it as a state machine.
  Seems the code was integrated but never actually tested. This was
  fixed by rewriting the entire state machine code using the new
  LengthPrefixEncoder/Decoder facilities. A write-buffer that was not
  being flushed is now handled by flushing the buffer in blocking-io
  mode.
 2024-08-15 22:47:20 +02:00
Karolin Varner
fd0f35b279 chore: gen-key subcommand should show canonical paths 2024-08-15 22:12:02 +02:00
Karolin Varner
8808ed5dbc fix: Quiet log level should be warn 2024-08-15 09:43:25 +02:00
Karolin Varner
6fc45cab53 chore: prettier 2024-08-15 08:55:13 +02:00
Katherine Watson
1f7196e473 doc: Add documentation for testing 2024-08-14 19:49:00 -07:00
Katherine Watson
c359b87d0c chore: Convert broker interface setup to use mio's UnixStream where possible 2024-08-14 19:03:45 -07:00
Katherine Watson
355b48169b chore: Make MiobrokerClient import conditional 2024-08-14 19:03:45 -07:00
Katherine Watson
274d245bed chore: Unify enable_wg_broker and enable_broker_api features 2024-08-14 19:03:45 -07:00
Katherine Watson
065b0fcc8a feat: Add enable_wg_broker feature using MioBrokerClient 
doc: Add documentation for new methods and arguments

fix: Require new psk_broker_spawn flag to use broker without extra parameters, to make all-features cargo test pass

fix: Fix MioBrokerClient buffer size to allow room for length prefix

fix: Fix remaining issue with panic
 2024-08-14 19:03:44 -07:00
dependabot[bot]
191fb10663 build(deps): bump mio from 1.0.1 to 1.0.2 
Bumps [mio](https://github.com/tokio-rs/mio) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/tokio-rs/mio/releases)
- [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/mio/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: mio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-14 09:28:27 +02:00
dependabot[bot]
3faa84117f build(deps): bump tokio from 1.39.1 to 1.39.2 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.39.1 to 1.39.2.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.39.1...tokio-1.39.2)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-13 13:14:15 +02:00
dependabot[bot]
fda75a0184 build(deps): bump serde from 1.0.204 to 1.0.207 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.204 to 1.0.207.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.204...v1.0.207)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-13 13:14:03 +02:00
dependabot[bot]
96b1f6c0d3 build(deps): bump procspawn from 1.0.0 to 1.0.1 (#390) 
Bumps [procspawn](https://github.com/mitsuhiko/procspawn) from 1.0.0 to 1.0.1.
- [Changelog](https://github.com/mitsuhiko/procspawn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/procspawn/compare/1.0.0...1.0.1)

---
updated-dependencies:
- dependency-name: procspawn
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-13 08:15:57 +02:00
dependabot[bot]
fb73c68626 build(deps): bump tempfile from 3.10.1 to 3.11.0 (#387) 
Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.10.1 to 3.11.0.
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/compare/v3.10.1...v3.11.0)

---
updated-dependencies:
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-13 08:15:46 +02:00
dependabot[bot]
42b0e23695 build(deps): bump clap from 4.5.13 to 4.5.15 (#397) 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.13 to 4.5.15.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.13...clap_complete-v4.5.15)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-13 08:13:06 +02:00
Karolin Varner
c58f832727 Merge pull request #391 from aparcar/pb 
add test cases for util modules
 2024-08-12 16:26:01 +02:00
Paul Spooren
7b6a9eebc1 ci: test full workspace with codecov 
Previously only the default members were checked for coverage.

Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-08-12 12:10:47 +02:00
Paul Spooren
4554dc4bb3 ci: drop codecov token 
It's not needed to see generate results for pull requests.

Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-08-12 11:44:33 +02:00
Paul Spooren
465c6beaab ci: switch to codecov action v4 branch 
Instead of using a specific version, use branch v4 which stays API
compatible.

Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-08-12 11:43:26 +02:00
Paul Spooren
1853e0a3c0 feat: add test case and check fd value 
Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-08-12 11:37:15 +02:00
Benjamin Lipp
245d4d1a0f feat: add tests for util file.rs 
Co-authored-by: Paul Spooren <mail@aparcar.org>
 2024-08-12 11:37:15 +02:00
Karolin Varner
d5d15cd9bc Merge Rosenpass API infrastructure 
Pull request #388 from rosenpass/dev/karo/api
 2024-08-08 22:02:04 +02:00
Katherine Watson
9fd3df67ed chore: Fix typos and add various comments 2024-08-07 23:11:13 -07:00
Karolin Varner
6d47169a5c feat: Set CLOEXEC flag on claimed fds and mask them 
Masking the file descriptors (by replaying them with a file descriptor pointing towards /dev/null)
mitigates use after free (on file descriptor) attacks. In case some
piece of code still holds a reference to the file descriptor, that
file descriptor now merely holds a reference to /dev/null.

Otherwise, the file descriptor might be reused and the reference
could now mistakenly point to all sorts of – potentially more harmful – files, such as memfd_secret
file descriptors, storing our secret keys.
 2024-08-05 16:16:09 +02:00
Karolin Varner
4bcd38a4ea feat: Infrastructure for the Rosenpass API 2024-08-03 16:51:18 +02:00
Karolin Varner
730a03957a feat: A variety of utilities in preparation for implementing the API 2024-08-03 16:50:21 +02:00
Karolin Varner
ea071f5363 feat: Convenience functions and traits to automatically handle ErrorKind::{Interrupt, WouldBlock} 2024-08-03 16:49:02 +02:00
Karolin Varner
3063d3e4c2 feat: Convenience traits to get the ErrorKind of an io error for match clauses 2024-08-03 16:48:25 +02:00
Karolin Varner
1bf0eed90a feat: Convenience function to just call a function 2024-08-03 16:46:48 +02:00
Karolin Varner
138e6b6553 chore: to crate documentation indendation (purely cosmetic) 2024-08-03 16:32:02 +02:00
Karolin Varner
2dde0a2b47 chore: Refactor integration_tests (purely cosmetic) 2024-08-03 16:31:19 +02:00
Karolin Varner
3cc3b6009f chore: Move CliCommand::run -> CliArgs::run; do not mutate the configuration 
This way CliArgs::run has access to all command line parameters.
Avoided mutating the CliArgs (or rather CliCommand) structure here,
because doing so is simply bad style. There is no good reasoning for
why this function should mutate CliCommand, except for a bit of
convenience.
 2024-08-03 16:29:19 +02:00
Karolin Varner
1ab457ed37 fix: Print stack trace to errors propagated to main function 2024-08-03 15:50:14 +02:00
Karolin Varner
c9c266fe7c fix: Flush stdout after printing key update notification 
Otherwise, the notification might not be delivered due to buffering.
 2024-08-03 15:50:14 +02:00
Karolin Varner
8d3c8790fe chore: Reorganize memfd secret policy 
- Policy is now set in main.rs, not cli.rs.
- Feature is called experiment_memfd_secret, not enable_memfd_alloc

This also fixes the last remaining warnings.
 2024-08-03 15:17:09 +02:00
Karolin Varner
648a94ead8 chore: Clippy fixes on wireguard-broker 2024-08-03 15:02:49 +02:00
Karolin Varner
54ac5eecdb chore: Warnings & clippy hints 2024-08-03 14:13:03 +02:00
Karolin Varner
40c5bbd167 chore: Ensure that rustAnalyzer is installed in dev environment 2024-08-03 14:06:19 +02:00
Karolin Varner
a4b8fc2226 chore: Move memcmp test API doc to test memcmp test module 2024-08-03 14:05:22 +02:00
Karolin Varner
37f7b3e4e9 fix: Consistently use feature flag experiment_libcrux 
Before this, some parts of the code used an incorrect feature flag
name, preventing libcrux from being used.
 2024-08-03 14:03:31 +02:00
Karolin Varner
deafc1c1af chore: Style adjustments – Cargo.toml 2024-08-03 14:03:31 +02:00
Karolin Varner
6bbe85a57b chore: Remove unnecessary imports 2024-08-03 13:59:55 +02:00
Karolin Varner
e70c5b33a8 chore: Ignore vscode directory 2024-08-03 13:35:31 +02:00
dependabot[bot]
25fdfef4d0 build(deps): bump clap from 4.5.11 to 4.5.13 (#384) 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.11 to 4.5.13.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.11...v4.5.13)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-01 09:47:20 +02:00
dependabot[bot]
6ab8fafe59 build(deps): bump clap from 4.5.9 to 4.5.11 
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.9 to 4.5.11.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.9...v4.5.11)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-29 14:28:22 +02:00
dependabot[bot]
c1aacf76b8 build(deps): bump mio from 0.8.11 to 1.0.1 (#380) 
Bumps [mio](https://github.com/tokio-rs/mio) from 0.8.11 to 1.0.1.
- [Release notes](https://github.com/tokio-rs/mio/releases)
- [Changelog](https://github.com/tokio-rs/mio/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/mio/commits)

---
updated-dependencies:
- dependency-name: mio
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-27 15:59:48 +02:00
dependabot[bot]
1bcaf5781f build(deps): bump tokio from 1.38.1 to 1.39.1 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.38.1 to 1.39.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.38.1...tokio-1.39.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-25 19:05:30 +02:00
Paul Spooren
de60e5f8f0 Docs: run prettier over CONTRIBUTING.md 
... or else the CI fails on all PRs

Signed-off-by: Paul Spooren <mail@aparcar.org>
 2024-07-25 15:56:54 +02:00
Alice Bowman
b50ddda151 Documentation: pointed to website documentation in readme 2024-07-23 10:46:52 +02:00
Alice Bowman
7282fba3b3 Docs: migrated cooking recipe from wiki 2024-07-23 10:41:44 +02:00