diff --git a/src/bin/punchnet/main.rs b/src/bin/punchnet/main.rs index ccf73e7..c507824 100755 --- a/src/bin/punchnet/main.rs +++ b/src/bin/punchnet/main.rs @@ -11,6 +11,7 @@ use std::env; use std::time::Duration; use clap::Parser; use daemonize::Daemonize; +use etherparse::icmpv6::CODE_PARAM_PROBLEM_UNRECOG_NEXT_HEADER_BY_INTERMEDIATE_NODE; use futures_util::io; use libc::SIGTERM; use libc::kill; @@ -345,83 +346,96 @@ fn main() { } } - let out = OpenOptions::new() - .create(true) - .truncate(true) - .write(true) - .open("/tmp/punchnet.out").unwrap(); - let err = OpenOptions::new() - .create(true) - .truncate(true) - .write(true) - .open("/tmp/punchnet.err").unwrap(); + let should_daemonize = true; - let daemonize = Daemonize::new() - .pid_file("/tmp/punchnet.pid") - .chown_pid_file(true) - .working_directory(get_base_dir()) - .stdout(out) - .stderr(err) - .privileged_action(|| { - }); + if should_daemonize { + let out = OpenOptions::new() + .create(true) + .truncate(true) + .write(true) + .open("/tmp/punchnet.out").unwrap(); + let err = OpenOptions::new() + .create(true) + .truncate(true) + .write(true) + .open("/tmp/punchnet.err").unwrap(); - match daemonize.start() { - Ok(_) => { - let rt = Runtime::new().unwrap(); - match &cmd.cmd { - Commands::Start => { - rt.block_on(async move { - let remembered_token = get_access_token(); - if remembered_token.is_none() { - eprintln!("not logged in, should login with user/pass or token first"); - process::exit(-2); - } + let daemonize = Daemonize::new() + .pid_file("/tmp/punchnet.pid") + .chown_pid_file(true) + .working_directory(get_base_dir()) + .stdout(out) + .stderr(err) + .privileged_action(|| { + }); - let remembered = remembered_token.unwrap(); - - let connect_info = parse_connect_result( - connect(TEST_PREFIX, &client_id, &remembered.access_token).await - ); - daemonize_me(connect_info, remembered, client_id, mac).await; - }) - } - Commands::AutoRun(tk) => { - rt.block_on(async move { - let mut remembered_token = get_access_token(); - if remembered_token.is_none() { - let data = parse_login_result( - login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await - ); - remembered_token = Some(CachedLoginInfo{ - access_token: data.access_token, - username: data.username, - user_type: data.user_type, - audit: data.audit, - network_id: data.network_id, - network_name: data.network_name, - }); - } - - let remembered = remembered_token.unwrap(); - - let connect_info = parse_connect_result( - connect(TEST_PREFIX, &client_id, &remembered.access_token).await - ); - daemonize_me(connect_info, remembered, client_id, mac).await; - }) - - } - other => { - eprintln!("should not comes here"); - process::exit(-1); - } + match daemonize.start() { + Ok(_) => { + run_it(cmd, client_id, mac, system, version); } + Err(e) => { + eprintln!("failed to daemonize"); + } + } + + } else { + run_it(cmd, client_id, mac, system, version); + } + +} + +fn run_it(cmd: CommandLineInput2, client_id: String, mac: Mac, system: &str, version: &str) { + let rt = Runtime::new().unwrap(); + match &cmd.cmd { + Commands::Start => { + rt.block_on(async move { + let remembered_token = get_access_token(); + if remembered_token.is_none() { + eprintln!("not logged in, should login with user/pass or token first"); + process::exit(-2); + } + + let remembered = remembered_token.unwrap(); + + let connect_info = parse_connect_result( + connect(TEST_PREFIX, &client_id, &remembered.access_token).await + ); + daemonize_me(connect_info, remembered, client_id, mac).await; + }) + } + Commands::AutoRun(tk) => { + rt.block_on(async move { + let mut remembered_token = get_access_token(); + if remembered_token.is_none() { + let data = parse_login_result( + login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await + ); + remembered_token = Some(CachedLoginInfo{ + access_token: data.access_token, + username: data.username, + user_type: data.user_type, + audit: data.audit, + network_id: data.network_id, + network_name: data.network_name, + }); + } + + let remembered = remembered_token.unwrap(); + + let connect_info = parse_connect_result( + connect(TEST_PREFIX, &client_id, &remembered.access_token).await + ); + daemonize_me(connect_info, remembered, client_id, mac).await; + }) } - Err(e) => { - eprintln!("failed to daemonize"); + other => { + eprintln!("should not comes here"); + process::exit(-1); } } + + } pub fn delete_pid_file() { diff --git a/src/network/tun_linux.rs b/src/network/tun_linux.rs index 2ed55bd..52ad658 100755 --- a/src/network/tun_linux.rs +++ b/src/network/tun_linux.rs @@ -207,6 +207,7 @@ impl TunTapPacketHandler for Iface { Ok(_) => return Ok(()), } } + async fn handle_packet_from_device( &self, data: Vec, @@ -288,7 +289,7 @@ impl TunTapPacketHandler for Iface { } let size = data.len(); - let Ok(encrypted) = edge.encryptor.read().unwrap().decrypt(&data) else { + let Ok(encrypted) = edge.encryptor.read().unwrap().encrypt(&data) else { // let Ok(encrypted) = aes_encrypt(encrypt_key, &data) else { error!("failed to encrypt packet request"); return Ok(()); diff --git a/src/utils/encrypter.rs b/src/utils/encrypter.rs index f86b26e..667b38f 100644 --- a/src/utils/encrypter.rs +++ b/src/utils/encrypter.rs @@ -1,5 +1,7 @@ use std::{sync::{Arc, OnceLock, RwLock, atomic::{AtomicBool, AtomicU32, Ordering}}, time::{SystemTime, UNIX_EPOCH}}; +use tracing::debug; + use chacha20poly1305::{KeyInit, aead::Aead}; use dashmap::DashSet; use sdlan_sn_rs::utils::{Result, SDLanError, aes_decrypt, aes_encrypt}; @@ -115,7 +117,10 @@ impl Encryptor for Chacha20Encryptor { nonce.extend_from_slice(&next_data.to_be_bytes()); match cipher.encrypt(nonce.as_slice().into(), data) { - Ok(data) => Ok(data), + Ok(data) => { + nonce.extend_from_slice(&data); + Ok(nonce) + }, Err(e) => { Err(SDLanError::EncryptError(e.to_string())) } @@ -127,11 +132,11 @@ impl Encryptor for Chacha20Encryptor { return Err(SDLanError::EncryptError("ciphered text size error".to_owned())) } let cipher = chacha20poly1305::ChaCha20Poly1305::new(self.key.as_slice().into()); - let nonce = &ciphered[0..11]; + let nonce = &ciphered[0..12]; match cipher.decrypt(nonce.into(), &ciphered[12..]) { Ok(data) => Ok(data), Err(e) => { - Err(SDLanError::EncryptError(e.to_string())) + Err(SDLanError::EncryptError(format!("failed to decyrpt: {}", e.to_string()))) } } }