Remove bespoke socket implementation (#336)

boringtun-cli/Cargo.toml

@@ -17,4 +17,5 @@ tracing-appender = "0.2.1"
 
 [dependencies.boringtun]
 version = "0.5.2"
-path = "../boringtun"
+path = "../boringtun"
+features = ["device"]

boringtun/Cargo.toml

@@ -9,6 +9,8 @@ documentation = "https://docs.rs/boringtun/0.5.2/boringtun/"
 edition = "2018"
 
 [features]
+default = []
+device = ["socket2", "thiserror"]
 jni-bindings = ["ffi-bindings", "jni"]
 ffi-bindings = ["tracing-subscriber"]
 # mocks std::time::Instant with mock_instant
@@ -33,9 +35,14 @@ blake2 = "0.10"
 hmac = "0.12"
 jni = { version = "0.19.0", optional = true }
 mock_instant = { version = "0.2", optional = true }
+socket2 = { version = "0.4.7", features = ["all"], optional = true }
+thiserror = { version = "1", optional = true }
 
 [target.'cfg(unix)'.dependencies]
-nix = { version = "0.25", default-features = false, features = ["time", "user"] }
+nix = { version = "0.25", default-features = false, features = [
+    "time",
+    "user",
+] }
 
 [dev-dependencies]
 etherparse = "0.12"

boringtun/src/device/api.rs

@@ -236,6 +236,11 @@ fn api_set(reader: &mut BufReader<&UnixStream>, d: &mut LockReadGuard<Device>) -
                             },
                             Err(_) => return EINVAL,
                         },
+                        #[cfg(any(
+                            target_os = "android",
+                            target_os = "fuchsia",
+                            target_os = "linux"
+                        ))]
                         "fwmark" => match val.parse::<u32>() {
                             Ok(mark) => match device.set_fwmark(mark) {
                                 Ok(()) => {}

boringtun/src/device/drop_privileges.rs

@@ -1,9 +1,9 @@
 // Copyright (c) 2019 Cloudflare, Inc. All rights reserved.
 // SPDX-License-Identifier: BSD-3-Clause
 
-use crate::device::errno_str;
 use crate::device::Error;
-use libc::*;
+use libc::{gid_t, setgid, setuid, uid_t};
+use std::io;
 
 #[cfg(target_os = "macos")]
 use nix::unistd::User;
@@ -27,6 +27,8 @@ pub fn get_saved_ids() -> Result<(uid_t, gid_t), Error> {
     }
     #[cfg(not(target_os = "macos"))]
     {
+        use libc::{getlogin, getpwnam};
+
         let uname = unsafe { getlogin() };
         if uname.is_null() {
             return Err(Error::DropPrivileges("NULL from getlogin".to_owned()));
@@ -50,12 +52,16 @@ pub fn drop_privileges() -> Result<(), Error> {
 
     if -1 == unsafe { setgid(saved_gid) } {
         // Set real and effective group ID
-        return Err(Error::DropPrivileges(errno_str()));
+        return Err(Error::DropPrivileges(
+            io::Error::last_os_error().to_string(),
+        ));
     }
 
     if -1 == unsafe { setuid(saved_uid) } {
         // Set  real and effective user ID
-        return Err(Error::DropPrivileges(errno_str()));
+        return Err(Error::DropPrivileges(
+            io::Error::last_os_error().to_string(),
+        ));
     }
 
     // Validated we can't get sudo back again

boringtun/src/device/epoll.rs

@@ -1,9 +1,10 @@
 // Copyright (c) 2019 Cloudflare, Inc. All rights reserved.
 // SPDX-License-Identifier: BSD-3-Clause
 
-use super::{errno_str, Error};
+use super::Error;
 use libc::*;
 use parking_lot::Mutex;
+use std::io;
 use std::ops::Deref;
 use std::os::unix::io::RawFd;
 use std::ptr::null_mut;
@@ -57,7 +58,7 @@ impl<H: Sync + Send> EventPoll<H> {
     /// Create a new event registry
     pub fn new() -> Result<EventPoll<H>, Error> {
         let epoll = match unsafe { epoll_create(1) } {
-            -1 => return Err(Error::EventQueue(errno_str())),
+            -1 => return Err(Error::EventQueue(io::Error::last_os_error())),
             epoll => epoll,
         };
 
@@ -125,7 +126,7 @@ impl<H: Sync + Send> EventPoll<H> {
         let tfd = match unsafe { timerfd_create(CLOCK_BOOTTIME, TFD_NONBLOCK) } {
             -1 => match unsafe { timerfd_create(CLOCK_MONOTONIC, TFD_NONBLOCK) } {
                 // A fallback for kernels < 3.15
-                -1 => return Err(Error::Timer(errno_str())),
+                -1 => return Err(Error::Timer(io::Error::last_os_error())),
                 efd => efd,
             },
             efd => efd,
@@ -143,7 +144,7 @@ impl<H: Sync + Send> EventPoll<H> {
 
         if unsafe { timerfd_settime(tfd, 0, &spec, std::ptr::null_mut()) } == -1 {
             unsafe { close(tfd) };
-            return Err(Error::Timer(errno_str()));
+            return Err(Error::Timer(io::Error::last_os_error()));
         }
 
         let ev = Event {
@@ -171,7 +172,7 @@ impl<H: Sync + Send> EventPoll<H> {
         // canceled.
         // When we want to stop the event, we read something once from the file descriptor.
         let efd = match unsafe { eventfd(0, EFD_NONBLOCK) } {
-            -1 => return Err(Error::EventQueue(errno_str())),
+            -1 => return Err(Error::EventQueue(io::Error::last_os_error())),
             efd => efd,
         };
 
@@ -198,7 +199,7 @@ impl<H: Sync + Send> EventPoll<H> {
             sigprocmask(SIG_BLOCK, &sigset, null_mut());
             signalfd(-1, &sigset, SFD_NONBLOCK)
         } {
-            -1 => return Err(Error::EventQueue(errno_str())),
+            -1 => return Err(Error::EventQueue(io::Error::last_os_error())),
             sfd => sfd,
         };
 
@@ -223,7 +224,7 @@ impl<H: Sync + Send> EventPoll<H> {
     pub fn wait(&self) -> WaitResult<'_, H> {
         let mut event = epoll_event { events: 0, u64: 0 };
         match unsafe { epoll_wait(self.epoll, &mut event, 1, -1) } {
-            -1 => return WaitResult::Error(errno_str()),
+            -1 => return WaitResult::Error(io::Error::last_os_error().to_string()),
             1 => {}
             _ => return WaitResult::Error("unexpected number of events returned".to_string()),
         }
@@ -260,7 +261,7 @@ impl<H: Sync + Send> EventPoll<H> {
         self.insert_at(trigger as _, ev);
         // Add the event to epoll
         if unsafe { epoll_ctl(self.epoll, EPOLL_CTL_ADD, trigger, &mut event_desc) } == -1 {
-            return Err(Error::EventQueue(errno_str()));
+            return Err(Error::EventQueue(io::Error::last_os_error()));
         }
 
         Ok(EventRef { trigger })
@@ -405,10 +406,10 @@ pub fn block_signal(signal: c_int) -> Result<sigset_t, String> {
         let mut sigset = std::mem::zeroed();
         sigemptyset(&mut sigset);
         if sigaddset(&mut sigset, signal) == -1 {
-            return Err(errno_str());
+            return Err(io::Error::last_os_error().to_string());
         }
         if sigprocmask(SIG_BLOCK, &sigset, null_mut()) == -1 {
-            return Err(errno_str());
+            return Err(io::Error::last_os_error().to_string());
         }
         Ok(sigset)
     }

boringtun/src/device/kqueue.rs

@@ -1,9 +1,10 @@
 // Copyright (c) 2019 Cloudflare, Inc. All rights reserved.
 // SPDX-License-Identifier: BSD-3-Clause
 
-use super::{errno_str, Error};
+use super::Error;
 use libc::*;
 use parking_lot::Mutex;
+use std::io;
 use std::ops::Deref;
 use std::os::unix::io::RawFd;
 use std::ptr::{null, null_mut};
@@ -69,7 +70,7 @@ impl<H: Send + Sync> EventPoll<H> {
     /// Create a new event registry
     pub fn new() -> Result<EventPoll<H>, Error> {
         let kqueue = match unsafe { kqueue() } {
-            -1 => return Err(Error::EventQueue(errno_str())),
+            -1 => return Err(Error::EventQueue(io::Error::last_os_error())),
             kqueue => kqueue,
         };
 
@@ -187,7 +188,7 @@ impl<H: Send + Sync> EventPoll<H> {
         };
 
         if unsafe { kevent(self.kqueue, null(), 0, &mut event, 1, null()) } == -1 {
-            return WaitResult::Error(errno_str());
+            return WaitResult::Error(io::Error::last_os_error().to_string());
         }
 
         let event_data = unsafe { (event.udata as *mut Event<H>).as_ref().unwrap() };
@@ -234,7 +235,7 @@ impl<H: Send + Sync> EventPoll<H> {
         kev.flags |= EV_ADD;
 
         if unsafe { kevent(self.kqueue, &kev, 1, null_mut(), 0, null()) } == -1 {
-            return Err(Error::EventQueue(errno_str()));
+            return Err(Error::EventQueue(io::Error::last_os_error()));
         }
 
         if let Some(mut event) = events[index].take() {