Merge branch 'develop' into neil/mptcp

Author: neilalexander

CHANGELOG.md

@@ -16,6 +16,7 @@ import (
 	"fmt"
 	"net"
 	"runtime"
+	"time"
 
 	"github.com/yggdrasil-network/yggdrasil-go/src/address"
 )
@@ -27,6 +28,8 @@ type keySet struct {
 
 func main() {
 	threads := runtime.GOMAXPROCS(0)
+	fmt.Println("Threads:", threads)
+	start := time.Now()
 	var currentBest ed25519.PublicKey
 	newKeys := make(chan keySet, threads)
 	for i := 0; i < threads; i++ {
@@ -36,7 +39,7 @@ func main() {
 		newKey := <-newKeys
 		if isBetter(currentBest, newKey.pub) || len(currentBest) == 0 {
 			currentBest = newKey.pub
-			fmt.Println("-----")
+			fmt.Println("-----", time.Since(start))
 			fmt.Println("Priv:", hex.EncodeToString(newKey.priv))
 			fmt.Println("Pub:", hex.EncodeToString(newKey.pub))
 			addr := address.AddrForKey(newKey.pub)

cmd/genkeys/main.go

@@ -67,7 +67,7 @@ func main() {
 
 	case "syslog":
 		if syslogger, err := gsyslog.NewLogger(gsyslog.LOG_NOTICE, "DAEMON", version.BuildName()); err == nil {
-			logger = log.New(syslogger, "", log.Flags())
+			logger = log.New(syslogger, "", log.Flags() &^ (log.Ldate | log.Ltime))
 		}
 
 	default:

cmd/yggdrasil/main.go

@@ -70,6 +70,9 @@ func (m *Yggdrasil) StartJSON(configjson []byte) error {
 			}
 			options = append(options, core.AllowedPublicKey(k[:]))
 		}
+		for _, lAddr := range m.config.Listen {
+			options = append(options, core.ListenAddress(lAddr))
+		}
 		var err error
 		m.core, err = core.New(m.config.Certificate, logger, options...)
 		if err != nil {
@@ -208,8 +211,11 @@ func (m *Yggdrasil) GetPeersJSON() (result string) {
 		IP string
 	}{}
 	for _, v := range m.core.GetPeers() {
-		a := address.AddrForKey(v.Key)
-		ip := net.IP(a[:]).String()
+		var ip string
+		if v.Key != nil {
+			a := address.AddrForKey(v.Key)
+			ip = net.IP(a[:]).String()
+		}
 		peers = append(peers, struct {
 			core.PeerInfo
 			IP string

contrib/mobile/mobile.go

@@ -374,7 +374,7 @@ func (l *links) listen(u *url.URL, sintf string) (*Listener, error) {
 		for {
 			conn, err := listener.Accept()
 			if err != nil {
-				continue
+				return
 			}
 			go func(conn net.Conn) {
 				defer conn.Close()

src/core/link.go

@@ -3,46 +3,27 @@ package core
 import (
 	"crypto/tls"
 	"crypto/x509"
-	"fmt"
 )
 
 func (c *Core) generateTLSConfig(cert *tls.Certificate) (*tls.Config, error) {
 	config := &tls.Config{
 		Certificates: []tls.Certificate{*cert},
-		ClientAuth:   tls.RequireAnyClientCert,
+		ClientAuth:   tls.NoClientCert,
 		GetClientCertificate: func(cri *tls.CertificateRequestInfo) (*tls.Certificate, error) {
 			return cert, nil
 		},
 		VerifyPeerCertificate: c.verifyTLSCertificate,
 		VerifyConnection:      c.verifyTLSConnection,
 		InsecureSkipVerify:    true,
 		MinVersion:            tls.VersionTLS13,
-		NextProtos: []string{
-			fmt.Sprintf("yggdrasil/%d.%d", ProtocolVersionMajor, ProtocolVersionMinor),
-		},
 	}
 	return config, nil
 }
 
-func (c *Core) verifyTLSCertificate(rawCerts [][]byte, _ [][]*x509.Certificate) error {
-	if len(rawCerts) != 1 {
-		return fmt.Errorf("expected one certificate")
-	}
-
-	/*
-		opts := x509.VerifyOptions{}
-		cert, err := x509.ParseCertificate(rawCerts[0])
-		if err != nil {
-			return fmt.Errorf("failed to parse leaf certificate: %w", err)
-		}
-
-		_, err = cert.Verify(opts)
-		return err
-	*/
-
+func (c *Core) verifyTLSCertificate(_ [][]byte, _ [][]*x509.Certificate) error {
 	return nil
 }
 
-func (c *Core) verifyTLSConnection(cs tls.ConnectionState) error {
+func (c *Core) verifyTLSConnection(_ tls.ConnectionState) error {
 	return nil
 }

src/core/tls.go

@@ -101,6 +101,9 @@ func (m *version_metadata) decode(r io.Reader, password []byte) bool {
 		return false
 	}
 
+	if len(bs) < ed25519.SignatureSize {
+		return false
+	}
 	sig := bs[len(bs)-ed25519.SignatureSize:]
 	bs = bs[:len(bs)-ed25519.SignatureSize]
 

src/core/version.go

@@ -4,11 +4,10 @@
 package tun
 
 import (
-	"bytes"
 	"errors"
 	"fmt"
 	"log"
-	"net"
+	"net/netip"
 
 	"github.com/yggdrasil-network/yggdrasil-go/src/config"
 	"golang.org/x/sys/windows"
@@ -89,13 +88,9 @@ func (tun *TunAdapter) setupAddress(addr string) error {
 		return errors.New("Can't configure IPv6 address as TUN adapter is not present")
 	}
 	if intf, ok := tun.iface.(*wgtun.NativeTun); ok {
-		if ipaddr, ipnet, err := net.ParseCIDR(addr); err == nil {
+		if ipnet, err := netip.ParsePrefix(addr); err == nil {
 			luid := winipcfg.LUID(intf.LUID())
-			addresses := append([]net.IPNet{}, net.IPNet{
-				IP:   ipaddr,
-				Mask: ipnet.Mask,
-			})
-
+			addresses := []netip.Prefix{ipnet}
 			err := luid.SetIPAddressesForFamily(windows.AF_INET6, addresses)
 			if err == windows.ERROR_OBJECT_ALREADY_EXISTS {
 				cleanupAddressesOnDisconnectedInterfaces(windows.AF_INET6, addresses)
@@ -118,24 +113,13 @@ func (tun *TunAdapter) setupAddress(addr string) error {
  * SPDX-License-Identifier: MIT
  * Copyright (C) 2019 WireGuard LLC. All Rights Reserved.
  */
-func cleanupAddressesOnDisconnectedInterfaces(family winipcfg.AddressFamily, addresses []net.IPNet) {
+func cleanupAddressesOnDisconnectedInterfaces(family winipcfg.AddressFamily, addresses []netip.Prefix) {
 	if len(addresses) == 0 {
 		return
 	}
-	includedInAddresses := func(a net.IPNet) bool {
-		// TODO: this makes the whole algorithm O(n^2). But we can't stick net.IPNet in a Go hashmap. Bummer!
-		for _, addr := range addresses {
-			ip := addr.IP
-			if ip4 := ip.To4(); ip4 != nil {
-				ip = ip4
-			}
-			mA, _ := addr.Mask.Size()
-			mB, _ := a.Mask.Size()
-			if bytes.Equal(ip, a.IP) && mA == mB {
-				return true
-			}
-		}
-		return false
+	addrHash := make(map[netip.Addr]bool, len(addresses))
+	for i := range addresses {
+		addrHash[addresses[i].Addr()] = true
 	}
 	interfaces, err := winipcfg.GetAdaptersAddresses(family, winipcfg.GAAFlagDefault)
 	if err != nil {
@@ -146,11 +130,10 @@ func cleanupAddressesOnDisconnectedInterfaces(family winipcfg.AddressFamily, add
 			continue
 		}
 		for address := iface.FirstUnicastAddress; address != nil; address = address.Next {
-			ip := address.Address.IP()
-			ipnet := net.IPNet{IP: ip, Mask: net.CIDRMask(int(address.OnLinkPrefixLength), 8*len(ip))}
-			if includedInAddresses(ipnet) {
-				log.Printf("Cleaning up stale address %s from interface ‘%s’", ipnet.String(), iface.FriendlyName())
-				iface.LUID.DeleteIPAddress(ipnet)
+			if ip, _ := netip.AddrFromSlice(address.Address.IP()); addrHash[ip] {
+				prefix := netip.PrefixFrom(ip, int(address.OnLinkPrefixLength))
+				log.Printf("Cleaning up stale address %s from interface ‘%s’", prefix.String(), iface.FriendlyName())
+				iface.LUID.DeleteIPAddress(prefix)
 			}
 		}
 	}