Use an interface for udp conns (#901)

nbrownus · web-flow · commit 3bbf5f4e6746 · 2023-06-14T10:48:52.000-05:00
diff --git a/connection_manager_test.go b/connection_manager_test.go
@@ -54,10 +54,10 @@ func Test_NewConnectionManagerTest(t *testing.T) {
 	ifce := &Interface{
 		hostMap:          hostMap,
 		inside:           &test.NoopTun{},
-		outside:          &udp.Conn{},
+		outside:          &udp.NoopConn{},
 		firewall:         &Firewall{},
 		lightHouse:       lh,
-		handshakeManager: NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.Conn{}, defaultHandshakeConfig),
+		handshakeManager: NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.NoopConn{}, defaultHandshakeConfig),
 		l:                l,
 	}
 	ifce.certState.Store(cs)
@@ -133,10 +133,10 @@ func Test_NewConnectionManagerTest2(t *testing.T) {
 	ifce := &Interface{
 		hostMap:          hostMap,
 		inside:           &test.NoopTun{},
-		outside:          &udp.Conn{},
+		outside:          &udp.NoopConn{},
 		firewall:         &Firewall{},
 		lightHouse:       lh,
-		handshakeManager: NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.Conn{}, defaultHandshakeConfig),
+		handshakeManager: NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.NoopConn{}, defaultHandshakeConfig),
 		l:                l,
 	}
 	ifce.certState.Store(cs)
@@ -252,10 +252,10 @@ func Test_NewConnectionManagerTest_DisconnectInvalid(t *testing.T) {
 	ifce := &Interface{
 		hostMap:           hostMap,
 		inside:            &test.NoopTun{},
-		outside:           &udp.Conn{},
+		outside:           &udp.NoopConn{},
 		firewall:          &Firewall{},
 		lightHouse:        lh,
-		handshakeManager:  NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.Conn{}, defaultHandshakeConfig),
+		handshakeManager:  NewHandshakeManager(l, vpncidr, preferredRanges, hostMap, lh, &udp.NoopConn{}, defaultHandshakeConfig),
 		l:                 l,
 		disconnectInvalid: true,
 		caPool:            ncp,
diff --git a/control_tester.go b/control_tester.go
@@ -21,7 +21,7 @@ import (
 func (c *Control) WaitForType(msgType header.MessageType, subType header.MessageSubType, pipeTo *Control) {
 	h := &header.H{}
 	for {
-		p := c.f.outside.Get(true)
+		p := c.f.outside.(*udp.TesterConn).Get(true)
 		if err := h.Parse(p.Data); err != nil {
 			panic(err)
 		}
@@ -37,7 +37,7 @@ func (c *Control) WaitForType(msgType header.MessageType, subType header.Message
 func (c *Control) WaitForTypeByIndex(toIndex uint32, msgType header.MessageType, subType header.MessageSubType, pipeTo *Control) {
 	h := &header.H{}
 	for {
-		p := c.f.outside.Get(true)
+		p := c.f.outside.(*udp.TesterConn).Get(true)
 		if err := h.Parse(p.Data); err != nil {
 			panic(err)
 		}
@@ -90,11 +90,11 @@ func (c *Control) GetFromTun(block bool) []byte {
 
 // GetFromUDP will pull a udp packet off the udp side of nebula
 func (c *Control) GetFromUDP(block bool) *udp.Packet {
-	return c.f.outside.Get(block)
+	return c.f.outside.(*udp.TesterConn).Get(block)
 }
 
 func (c *Control) GetUDPTxChan() <-chan *udp.Packet {
-	return c.f.outside.TxPackets
+	return c.f.outside.(*udp.TesterConn).TxPackets
 }
 
 func (c *Control) GetTunTxChan() <-chan []byte {
@@ -103,7 +103,7 @@ func (c *Control) GetTunTxChan() <-chan []byte {
 
 // InjectUDPPacket will inject a packet into the udp side of nebula
 func (c *Control) InjectUDPPacket(p *udp.Packet) {
-	c.f.outside.Send(p)
+	c.f.outside.(*udp.TesterConn).Send(p)
 }
 
 // InjectTunUDPPacket puts a udp packet on the tun interface. Using UDP here because it's a simpler protocol
@@ -143,7 +143,7 @@ func (c *Control) GetVpnIp() iputil.VpnIp {
 }
 
 func (c *Control) GetUDPAddr() string {
-	return c.f.outside.Addr.String()
+	return c.f.outside.(*udp.TesterConn).Addr.String()
 }
 
 func (c *Control) KillPendingTunnel(vpnIp net.IP) bool {
diff --git a/handshake_manager.go b/handshake_manager.go
@@ -45,7 +45,7 @@ type HandshakeManager struct {
 	pendingHostMap         *HostMap
 	mainHostMap            *HostMap
 	lightHouse             *LightHouse
-	outside                *udp.Conn
+	outside                udp.Conn
 	config                 HandshakeConfig
 	OutboundHandshakeTimer *LockingTimerWheel[iputil.VpnIp]
 	messageMetrics         *MessageMetrics
@@ -57,7 +57,7 @@ type HandshakeManager struct {
 	trigger chan iputil.VpnIp
 }
 
-func NewHandshakeManager(l *logrus.Logger, tunCidr *net.IPNet, preferredRanges []*net.IPNet, mainHostMap *HostMap, lightHouse *LightHouse, outside *udp.Conn, config HandshakeConfig) *HandshakeManager {
+func NewHandshakeManager(l *logrus.Logger, tunCidr *net.IPNet, preferredRanges []*net.IPNet, mainHostMap *HostMap, lightHouse *LightHouse, outside udp.Conn, config HandshakeConfig) *HandshakeManager {
 	return &HandshakeManager{
 		pendingHostMap:         NewHostMap(l, "pending", tunCidr, preferredRanges),
 		mainHostMap:            mainHostMap,
diff --git a/handshake_manager_test.go b/handshake_manager_test.go
@@ -23,7 +23,7 @@ func Test_NewHandshakeManagerVpnIp(t *testing.T) {
 	mainHM := NewHostMap(l, "test", vpncidr, preferredRanges)
 	lh := newTestLighthouse()
 
-	blah := NewHandshakeManager(l, tuncidr, preferredRanges, mainHM, lh, &udp.Conn{}, defaultHandshakeConfig)
+	blah := NewHandshakeManager(l, tuncidr, preferredRanges, mainHM, lh, &udp.NoopConn{}, defaultHandshakeConfig)
 
 	now := time.Now()
 	blah.NextOutboundHandshakeTimerTick(now, mw)
diff --git a/interface.go b/interface.go
@@ -26,7 +26,7 @@ const mtu = 9001
 
 type InterfaceConfig struct {
 	HostMap                 *HostMap
-	Outside                 *udp.Conn
+	Outside                 udp.Conn
 	Inside                  overlay.Device
 	certState               *CertState
 	Cipher                  string
@@ -52,7 +52,7 @@ type InterfaceConfig struct {
 
 type Interface struct {
 	hostMap            *HostMap
-	outside            *udp.Conn
+	outside            udp.Conn
 	inside             overlay.Device
 	certState          atomic.Pointer[CertState]
 	cipher             string
@@ -80,7 +80,7 @@ type Interface struct {
 
 	conntrackCacheTimeout time.Duration
 
-	writers []*udp.Conn
+	writers []udp.Conn
 	readers []io.ReadWriteCloser
 
 	metricHandshakes    metrics.Histogram
@@ -167,7 +167,7 @@ func NewInterface(ctx context.Context, c *InterfaceConfig) (*Interface, error) {
 		dropMulticast:      c.DropMulticast,
 		routines:           c.routines,
 		version:            c.version,
-		writers:            make([]*udp.Conn, c.routines),
+		writers:            make([]udp.Conn, c.routines),
 		readers:            make([]io.ReadWriteCloser, c.routines),
 		caPool:             c.caPool,
 		disconnectInvalid:  c.disconnectInvalid,
@@ -243,7 +243,7 @@ func (f *Interface) run() {
 func (f *Interface) listenOut(i int) {
 	runtime.LockOSThread()
 
-	var li *udp.Conn
+	var li udp.Conn
 	// TODO clean this up with a coherent interface for each outside connection
 	if i > 0 {
 		li = f.writers[i]
diff --git a/lighthouse.go b/lighthouse.go
@@ -39,7 +39,7 @@ type LightHouse struct {
 	myVpnIp      iputil.VpnIp
 	myVpnZeros   iputil.VpnIp
 	myVpnNet     *net.IPNet
-	punchConn    *udp.Conn
+	punchConn    udp.Conn
 	punchy       *Punchy
 
 	// Local cache of answers from light houses
@@ -84,7 +84,7 @@ type LightHouse struct {
 
 // NewLightHouseFromConfig will build a Lighthouse struct from the values provided in the config object
 // addrMap should be nil unless this is during a config reload
-func NewLightHouseFromConfig(ctx context.Context, l *logrus.Logger, c *config.C, myVpnNet *net.IPNet, pc *udp.Conn, p *Punchy) (*LightHouse, error) {
+func NewLightHouseFromConfig(ctx context.Context, l *logrus.Logger, c *config.C, myVpnNet *net.IPNet, pc udp.Conn, p *Punchy) (*LightHouse, error) {
 	amLighthouse := c.GetBool("lighthouse.am_lighthouse", false)
 	nebulaPort := uint32(c.GetInt("listen.port", 0))
 	if amLighthouse && nebulaPort == 0 {
diff --git a/main.go b/main.go
@@ -147,7 +147,7 @@ func Main(c *config.C, configTest bool, buildVersion string, logger *logrus.Logg
 	}
 
 	// set up our UDP listener
-	udpConns := make([]*udp.Conn, routines)
+	udpConns := make([]udp.Conn, routines)
 	port := c.GetInt("listen.port", 0)
 
 	if !configTest {
diff --git a/udp/conn.go b/udp/conn.go
@@ -1,6 +1,7 @@
 package udp
 
 import (
+	"github.com/slackhq/nebula/config"
 	"github.com/slackhq/nebula/firewall"
 	"github.com/slackhq/nebula/header"
 )
@@ -18,3 +19,29 @@ type EncReader func(
 	q int,
 	localCache firewall.ConntrackCache,
 )
+
+type Conn interface {
+	Rebind() error
+	LocalAddr() (*Addr, error)
+	ListenOut(r EncReader, lhf LightHouseHandlerFunc, cache *firewall.ConntrackCacheTicker, q int)
+	WriteTo(b []byte, addr *Addr) error
+	ReloadConfig(c *config.C)
+}
+
+type NoopConn struct{}
+
+func (NoopConn) Rebind() error {
+	return nil
+}
+func (NoopConn) LocalAddr() (*Addr, error) {
+	return nil, nil
+}
+func (NoopConn) ListenOut(_ EncReader, _ LightHouseHandlerFunc, _ *firewall.ConntrackCacheTicker, _ int) {
+	return
+}
+func (NoopConn) WriteTo(_ []byte, _ *Addr) error {
+	return nil
+}
+func (NoopConn) ReloadConfig(_ *config.C) {
+	return
+}
diff --git a/udp/udp_android.go b/udp/udp_android.go
@@ -34,6 +34,6 @@ func NewListenConfig(multi bool) net.ListenConfig {
 	}
 }
 
-func (u *Conn) Rebind() error {
+func (u *GenericConn) Rebind() error {
 	return nil
 }
diff --git a/udp/udp_darwin.go b/udp/udp_darwin.go
@@ -37,7 +37,7 @@ func NewListenConfig(multi bool) net.ListenConfig {
 	}
 }
 
-func (u *Conn) Rebind() error {
+func (u *GenericConn) Rebind() error {
 	file, err := u.File()
 	if err != nil {
 		return err
diff --git a/udp/udp_freebsd.go b/udp/udp_freebsd.go
@@ -36,6 +36,6 @@ func NewListenConfig(multi bool) net.ListenConfig {
 	}
 }
 
-func (u *Conn) Rebind() error {
+func (u *GenericConn) Rebind() error {
 	return nil
 }
diff --git a/udp/udp_generic.go b/udp/udp_generic.go
@@ -18,30 +18,30 @@ import (
 	"github.com/slackhq/nebula/header"
 )
 
-type Conn struct {
+type GenericConn struct {
 	*net.UDPConn
 	l *logrus.Logger
 }
 
-func NewListener(l *logrus.Logger, ip net.IP, port int, multi bool, batch int) (*Conn, error) {
+func NewListener(l *logrus.Logger, ip net.IP, port int, multi bool, batch int) (Conn, error) {
 	lc := NewListenConfig(multi)
 	pc, err := lc.ListenPacket(context.TODO(), "udp", net.JoinHostPort(ip.String(), fmt.Sprintf("%v", port)))
 	if err != nil {
 		return nil, err
 	}
 	if uc, ok := pc.(*net.UDPConn); ok {
-		return &Conn{UDPConn: uc, l: l}, nil
+		return &GenericConn{UDPConn: uc, l: l}, nil
 	}
 	return nil, fmt.Errorf("Unexpected PacketConn: %T %#v", pc, pc)
 }
 
-func (uc *Conn) WriteTo(b []byte, addr *Addr) error {
-	_, err := uc.UDPConn.WriteToUDP(b, &net.UDPAddr{IP: addr.IP, Port: int(addr.Port)})
+func (u *GenericConn) WriteTo(b []byte, addr *Addr) error {
+	_, err := u.UDPConn.WriteToUDP(b, &net.UDPAddr{IP: addr.IP, Port: int(addr.Port)})
 	return err
 }
 
-func (uc *Conn) LocalAddr() (*Addr, error) {
-	a := uc.UDPConn.LocalAddr()
+func (u *GenericConn) LocalAddr() (*Addr, error) {
+	a := u.UDPConn.LocalAddr()
 
 	switch v := a.(type) {
 	case *net.UDPAddr:
@@ -55,11 +55,11 @@ func (uc *Conn) LocalAddr() (*Addr, error) {
 	}
 }
 
-func (u *Conn) ReloadConfig(c *config.C) {
+func (u *GenericConn) ReloadConfig(c *config.C) {
 	// TODO
 }
 
-func NewUDPStatsEmitter(udpConns []*Conn) func() {
+func NewUDPStatsEmitter(udpConns []Conn) func() {
 	// No UDP stats for non-linux
 	return func() {}
 }
@@ -68,7 +68,7 @@ type rawMessage struct {
 	Len uint32
 }
 
-func (u *Conn) ListenOut(r EncReader, lhf LightHouseHandlerFunc, cache *firewall.ConntrackCacheTicker, q int) {
+func (u *GenericConn) ListenOut(r EncReader, lhf LightHouseHandlerFunc, cache *firewall.ConntrackCacheTicker, q int) {
 	plaintext := make([]byte, MTU)
 	buffer := make([]byte, MTU)
 	h := &header.H{}
diff --git a/udp/udp_linux.go b/udp/udp_linux.go
diff --git a/udp/udp_linux_32.go b/udp/udp_linux_32.go
diff --git a/udp/udp_linux_64.go b/udp/udp_linux_64.go
diff --git a/udp/udp_tester.go b/udp/udp_tester.go
diff --git a/udp/udp_windows.go b/udp/udp_windows.go

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@ import (`
`21`	`21`	`func (c Control) WaitForType(msgType header.MessageType, subType header.MessageSubType, pipeTo Control) {`
`22`	`22`	`h := &header.H{}`
`23`	`23`	`for {`
`24`		`- p := c.f.outside.Get(true)`
	`24`	`+ p := c.f.outside.(*udp.TesterConn).Get(true)`
`25`	`25`	`if err := h.Parse(p.Data); err != nil {`
`26`	`26`	`panic(err)`
`27`	`27`	`}`
`@@ -37,7 +37,7 @@ func (c *Control) WaitForType(msgType header.MessageType, subType header.Message`
`37`	`37`	`func (c Control) WaitForTypeByIndex(toIndex uint32, msgType header.MessageType, subType header.MessageSubType, pipeTo Control) {`
`38`	`38`	`h := &header.H{}`
`39`	`39`	`for {`
`40`		`- p := c.f.outside.Get(true)`
	`40`	`+ p := c.f.outside.(*udp.TesterConn).Get(true)`
`41`	`41`	`if err := h.Parse(p.Data); err != nil {`
`42`	`42`	`panic(err)`
`43`	`43`	`}`
`@@ -90,11 +90,11 @@ func (c *Control) GetFromTun(block bool) []byte {`
`90`	`90`
`91`	`91`	`// GetFromUDP will pull a udp packet off the udp side of nebula`
`92`	`92`	`func (c Control) GetFromUDP(block bool) udp.Packet {`
`93`		`- return c.f.outside.Get(block)`
	`93`	`+ return c.f.outside.(*udp.TesterConn).Get(block)`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`func (c Control) GetUDPTxChan() <-chan udp.Packet {`
`97`		`- return c.f.outside.TxPackets`
	`97`	`+ return c.f.outside.(*udp.TesterConn).TxPackets`
`98`	`98`	`}`
`99`	`99`
`100`	`100`	`func (c *Control) GetTunTxChan() <-chan []byte {`
`@@ -103,7 +103,7 @@ func (c *Control) GetTunTxChan() <-chan []byte {`
`103`	`103`
`104`	`104`	`// InjectUDPPacket will inject a packet into the udp side of nebula`
`105`	`105`	`func (c Control) InjectUDPPacket(p udp.Packet) {`
`106`		`- c.f.outside.Send(p)`
	`106`	`+ c.f.outside.(*udp.TesterConn).Send(p)`
`107`	`107`	`}`
`108`	`108`
`109`	`109`	`// InjectTunUDPPacket puts a udp packet on the tun interface. Using UDP here because it's a simpler protocol`
`@@ -143,7 +143,7 @@ func (c *Control) GetVpnIp() iputil.VpnIp {`
`143`	`143`	`}`
`144`	`144`
`145`	`145`	`func (c *Control) GetUDPAddr() string {`
`146`		`- return c.f.outside.Addr.String()`
	`146`	`+ return c.f.outside.(*udp.TesterConn).Addr.String()`
`147`	`147`	`}`
`148`	`148`
`149`	`149`	`func (c *Control) KillPendingTunnel(vpnIp net.IP) bool {`
Original file line number	Diff line number	Diff line change
`@@ -147,7 +147,7 @@ func Main(c config.C, configTest bool, buildVersion string, logger logrus.Logg`
`147`	`147`	`}`
`148`	`148`
`149`	`149`	`// set up our UDP listener`
`150`		`- udpConns := make([]*udp.Conn, routines)`
	`150`	`+ udpConns := make([]udp.Conn, routines)`
`151`	`151`	`port := c.GetInt("listen.port", 0)`
`152`	`152`
`153`	`153`	`if !configTest {`
Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,6 @@ func NewListenConfig(multi bool) net.ListenConfig {`
`34`	`34`	`}`
`35`	`35`	`}`
`36`	`36`
`37`		`-func (u *Conn) Rebind() error {`
	`37`	`+func (u *GenericConn) Rebind() error {`
`38`	`38`	`return nil`
`39`	`39`	`}`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ func NewListenConfig(multi bool) net.ListenConfig {`
`37`	`37`	`}`
`38`	`38`	`}`
`39`	`39`
`40`		`-func (u *Conn) Rebind() error {`
	`40`	`+func (u *GenericConn) Rebind() error {`
`41`	`41`	`file, err := u.File()`
`42`	`42`	`if err != nil {`
`43`	`43`	`return err`
Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,6 @@ func NewListenConfig(multi bool) net.ListenConfig {`
`36`	`36`	`}`
`37`	`37`	`}`
`38`	`38`
`39`		`-func (u *Conn) Rebind() error {`
	`39`	`+func (u *GenericConn) Rebind() error {`
`40`	`40`	`return nil`
`41`	`41`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,30 +18,30 @@ import (`
`18`	`18`	`"github.com/slackhq/nebula/header"`
`19`	`19`	`)`
`20`	`20`
`21`		`-type Conn struct {`
	`21`	`+type GenericConn struct {`
`22`	`22`	`*net.UDPConn`
`23`	`23`	`l *logrus.Logger`
`24`	`24`	`}`
`25`	`25`
`26`		`-func NewListener(l logrus.Logger, ip net.IP, port int, multi bool, batch int) (Conn, error) {`
	`26`	`+func NewListener(l *logrus.Logger, ip net.IP, port int, multi bool, batch int) (Conn, error) {`
`27`	`27`	`lc := NewListenConfig(multi)`
`28`	`28`	`pc, err := lc.ListenPacket(context.TODO(), "udp", net.JoinHostPort(ip.String(), fmt.Sprintf("%v", port)))`
`29`	`29`	`if err != nil {`
`30`	`30`	`return nil, err`
`31`	`31`	`}`
`32`	`32`	`if uc, ok := pc.(*net.UDPConn); ok {`
`33`		`- return &Conn{UDPConn: uc, l: l}, nil`
	`33`	`+ return &GenericConn{UDPConn: uc, l: l}, nil`
`34`	`34`	`}`
`35`	`35`	`return nil, fmt.Errorf("Unexpected PacketConn: %T %#v", pc, pc)`
`36`	`36`	`}`
`37`	`37`
`38`		`-func (uc Conn) WriteTo(b []byte, addr Addr) error {`
`39`		`- _, err := uc.UDPConn.WriteToUDP(b, &net.UDPAddr{IP: addr.IP, Port: int(addr.Port)})`
	`38`	`+func (u GenericConn) WriteTo(b []byte, addr Addr) error {`
	`39`	`+ _, err := u.UDPConn.WriteToUDP(b, &net.UDPAddr{IP: addr.IP, Port: int(addr.Port)})`
`40`	`40`	`return err`
`41`	`41`	`}`
`42`	`42`
`43`		`-func (uc Conn) LocalAddr() (Addr, error) {`
`44`		`- a := uc.UDPConn.LocalAddr()`
	`43`	`+func (u GenericConn) LocalAddr() (Addr, error) {`
	`44`	`+ a := u.UDPConn.LocalAddr()`
`45`	`45`
`46`	`46`	`switch v := a.(type) {`
`47`	`47`	`case *net.UDPAddr:`
`@@ -55,11 +55,11 @@ func (uc Conn) LocalAddr() (Addr, error) {`
`55`	`55`	`}`
`56`	`56`	`}`
`57`	`57`
`58`		`-func (u Conn) ReloadConfig(c config.C) {`
	`58`	`+func (u GenericConn) ReloadConfig(c config.C) {`
`59`	`59`	`// TODO`
`60`	`60`	`}`
`61`	`61`
`62`		`-func NewUDPStatsEmitter(udpConns []*Conn) func() {`
	`62`	`+func NewUDPStatsEmitter(udpConns []Conn) func() {`
`63`	`63`	`// No UDP stats for non-linux`
`64`	`64`	`return func() {}`
`65`	`65`	`}`
`@@ -68,7 +68,7 @@ type rawMessage struct {`
`68`	`68`	`Len uint32`
`69`	`69`	`}`
`70`	`70`
`71`		`-func (u Conn) ListenOut(r EncReader, lhf LightHouseHandlerFunc, cache firewall.ConntrackCacheTicker, q int) {`
	`71`	`+func (u GenericConn) ListenOut(r EncReader, lhf LightHouseHandlerFunc, cache firewall.ConntrackCacheTicker, q int) {`
`72`	`72`	`plaintext := make([]byte, MTU)`
`73`	`73`	`buffer := make([]byte, MTU)`
`74`	`74`	`h := &header.H{}`