diff --git a/neptun/src/device/mod.rs b/neptun/src/device/mod.rs index e3c4303..46bbf3f 100644 --- a/neptun/src/device/mod.rs +++ b/neptun/src/device/mod.rs @@ -1055,8 +1055,8 @@ impl Device { for _ in 0..MAX_ITR { let element = unsafe { TX_RING_BUFFER.get_next() }; if element.is_element_free.load(Ordering::Relaxed) { - let src = match iface.read(&mut t.src_buf[..mtu]) { - Ok(src) => src, + let len = match iface.read(&mut element.data[16..mtu + 16]) { + Ok(src) => src.len(), Err(Error::IfaceRead(e)) => { let ek = e.kind(); if ek == io::ErrorKind::Interrupted @@ -1077,7 +1077,7 @@ impl Device { } }; - let dst_addr = match Tunn::dst_address(src) { + let dst_addr = match Tunn::dst_address(&element.data[16..len + 16]) { Some(addr) => addr, None => continue, }; @@ -1088,14 +1088,14 @@ impl Device { }; if let Some(callback) = &d.config.firewall_process_outbound_callback { - if !callback(&peer.public_key.0, src) { + if !callback(&peer.public_key.0, &element.data[16..len + 16]) { continue; } } let res = { let mut tun = peer.tunnel.lock(); - tun.encapsulate(src, &mut element.data[..]) + tun.encapsulate_in_place(len, &mut element.data[..]) }; match res { diff --git a/neptun/src/noise/mod.rs b/neptun/src/noise/mod.rs index b414694..75ac9e5 100644 --- a/neptun/src/noise/mod.rs +++ b/neptun/src/noise/mod.rs @@ -294,26 +294,35 @@ impl Tunn { /// Panics if dst buffer is too small. /// Size of dst should be at least src.len() + 32, and no less than 148 bytes. pub fn encapsulate<'a>(&mut self, src: &[u8], dst: &'a mut [u8]) -> TunnResult<'a> { + dst[16..src.len() + 16].copy_from_slice(src); + self.encapsulate_in_place(src.len(), dst) + } + + pub fn encapsulate_in_place<'a>( + &mut self, + src_len: usize, + dst: &'a mut [u8], + ) -> TunnResult<'a> { let current = self.current; if let Some(ref session) = self.sessions[current % N_SESSIONS] { // Send the packet using an established session - let packet = session.format_packet_data(src, dst); + let packet = session.format_packet_data(src_len, dst); // Send the notification on the channel to encrypt the packet self.timer_tick(TimerName::TimeLastPacketSent); // Exclude Keepalive packets from timer update. - if !src.is_empty() { + if src_len.ne(&0) { self.timer_tick(TimerName::TimeLastDataPacketSent); } self.tx_bytes += packet.len(); return TunnResult::WriteToNetwork(packet); } - if !src.is_empty() { + if src_len.ne(&0) { // If there is no session, queue the packet for future retry, // except if it's keepalive packet, new keepalive packets will be sent when session is created. // This prevents double keepalive packets on initiation - self.queue_packet(src); + self.queue_packet(&dst[16..src_len + 16]); } // Initiate a new handshake if none is in progress @@ -417,7 +426,7 @@ impl Tunn { // Increase the rx_bytes accordingly self.rx_bytes += HANDSHAKE_RESP_SZ; - let keepalive_packet = { session.format_packet_data(&[], dst) }; + let keepalive_packet = { session.format_packet_data(0, dst) }; // Store new session in ring buffer let l_idx = session.local_index(); let index = l_idx % N_SESSIONS; diff --git a/neptun/src/noise/session.rs b/neptun/src/noise/session.rs index ab416f8..f824de9 100644 --- a/neptun/src/noise/session.rs +++ b/neptun/src/noise/session.rs @@ -194,8 +194,8 @@ impl Session { /// src - an IP packet from the interface /// dst - pre-allocated space to hold the encapsulating UDP packet to send over the network /// returns the size of the formatted packet - pub(super) fn format_packet_data<'a>(&self, src: &[u8], dst: &'a mut [u8]) -> &'a mut [u8] { - if dst.len() < src.len() + super::DATA_OVERHEAD_SZ { + pub(super) fn format_packet_data<'a>(&self, src_len: usize, dst: &'a mut [u8]) -> &'a mut [u8] { + if dst.len() < src_len + super::DATA_OVERHEAD_SZ { panic!("The destination buffer is too small"); } @@ -213,16 +213,16 @@ impl Session { let n = { let mut nonce = [0u8; 12]; nonce[4..12].copy_from_slice(&sending_key_counter.to_le_bytes()); - data[..src.len()].copy_from_slice(src); + // data[..src.len()].copy_from_slice(src); self.sender .seal_in_place_separate_tag( Nonce::assume_unique_for_key(nonce), Aad::from(&[]), - &mut data[..src.len()], + &mut data[..src_len], ) .map(|tag| { - data[src.len()..src.len() + AEAD_SIZE].copy_from_slice(tag.as_ref()); - src.len() + AEAD_SIZE + data[src_len..src_len + AEAD_SIZE].copy_from_slice(tag.as_ref()); + src_len + AEAD_SIZE }) .unwrap() }; diff --git a/neptun/src/noise/timers.rs b/neptun/src/noise/timers.rs index f5702ed..c51d9e1 100644 --- a/neptun/src/noise/timers.rs +++ b/neptun/src/noise/timers.rs @@ -66,19 +66,6 @@ pub enum TimerName { Top, } -impl TimerName { - pub const VALUES: [Self; TimerName::Top as usize - 1] = [ - Self::TimeSessionEstablished, - Self::TimeLastHandshakeStarted, - Self::TimeLastPacketReceived, - Self::TimeLastPacketSent, - Self::TimeLastDataPacketReceived, - Self::TimeLastDataPacketSent, - Self::TimeCookieReceived, - Self::TimePersistentKeepalive, - ]; -} - use self::TimerName::*; #[derive(Debug)] @@ -96,7 +83,6 @@ pub struct Timers { persistent_keepalive: usize, /// Should this timer call reset rr function (if not a shared rr instance) pub(super) should_reset_rr: bool, - timers_to_update_mask: AtomicU16, } impl Timers { @@ -110,7 +96,6 @@ impl Timers { want_handshake_since: Default::default(), persistent_keepalive: usize::from(persistent_keepalive.unwrap_or(0)), should_reset_rr: reset_rr, - timers_to_update_mask: Default::default(), } }