punchnet/sdlan-lib-rs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chacha20 is supported, need test aes

Browse Source
This commit is contained in:
alex 2026-03-18 15:58:28 +08:00
parent fa8a60a737
commit 321146f6ac
3 changed files with 93 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
src/bin/punchnet/main.rs
View File

@ -11,6 +11,7 @@ use std::env;
use std::time::Duration; use std::time::Duration;
use clap::Parser; use clap::Parser;
use daemonize::Daemonize; use daemonize::Daemonize;
use etherparse::icmpv6::CODE_PARAM_PROBLEM_UNRECOG_NEXT_HEADER_BY_INTERMEDIATE_NODE;
use futures_util::io; use futures_util::io;
use libc::SIGTERM; use libc::SIGTERM;
use libc::kill; use libc::kill;
@ -345,83 +346,96 @@ fn main() {
} }
} }
let out = OpenOptions::new() let should_daemonize = true;
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.out").unwrap();
let err = OpenOptions::new()
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.err").unwrap();
let daemonize = Daemonize::new() if should_daemonize {
.pid_file("/tmp/punchnet.pid") let out = OpenOptions::new()
.chown_pid_file(true) .create(true)
.working_directory(get_base_dir()) .truncate(true)
.stdout(out) .write(true)
.stderr(err) .open("/tmp/punchnet.out").unwrap();
.privileged_action(|| { let err = OpenOptions::new()
}); .create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.err").unwrap();
match daemonize.start() { let daemonize = Daemonize::new()
Ok(_) => { .pid_file("/tmp/punchnet.pid")
let rt = Runtime::new().unwrap(); .chown_pid_file(true)
match &cmd.cmd { .working_directory(get_base_dir())
Commands::Start => { .stdout(out)
rt.block_on(async move { .stderr(err)
let remembered_token = get_access_token(); .privileged_action(|| {
if remembered_token.is_none() { });
eprintln!("not logged in, should login with user/pass or token first");
process::exit(-2);
}
let remembered = remembered_token.unwrap(); match daemonize.start() {
Ok(_) => {
let connect_info = parse_connect_result( run_it(cmd, client_id, mac, system, version);
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
Commands::AutoRun(tk) => {
rt.block_on(async move {
let mut remembered_token = get_access_token();
if remembered_token.is_none() {
let data = parse_login_result(
login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await
);
remembered_token = Some(CachedLoginInfo{
access_token: data.access_token,
username: data.username,
user_type: data.user_type,
audit: data.audit,
network_id: data.network_id,
network_name: data.network_name,
});
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
other => {
eprintln!("should not comes here");
process::exit(-1);
}
} }
Err(e) => {
eprintln!("failed to daemonize");
}
}
} else {
run_it(cmd, client_id, mac, system, version);
}
}
fn run_it(cmd: CommandLineInput2, client_id: String, mac: Mac, system: &str, version: &str) {
let rt = Runtime::new().unwrap();
match &cmd.cmd {
Commands::Start => {
rt.block_on(async move {
let remembered_token = get_access_token();
if remembered_token.is_none() {
eprintln!("not logged in, should login with user/pass or token first");
process::exit(-2);
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
Commands::AutoRun(tk) => {
rt.block_on(async move {
let mut remembered_token = get_access_token();
if remembered_token.is_none() {
let data = parse_login_result(
login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await
);
remembered_token = Some(CachedLoginInfo{
access_token: data.access_token,
username: data.username,
user_type: data.user_type,
audit: data.audit,
network_id: data.network_id,
network_name: data.network_name,
});
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
} }
Err(e) => { other => {
eprintln!("failed to daemonize"); eprintln!("should not comes here");
process::exit(-1);
} }
} }
} }
pub fn delete_pid_file() { pub fn delete_pid_file() {

3
src/network/tun_linux.rs
View File

@ -207,6 +207,7 @@ impl TunTapPacketHandler for Iface {
Ok(_) => return Ok(()), Ok(_) => return Ok(()),
} }
} }
async fn handle_packet_from_device( async fn handle_packet_from_device(
&self, &self,
data: Vec<u8>, data: Vec<u8>,
@ -288,7 +289,7 @@ impl TunTapPacketHandler for Iface {
} }
let size = data.len(); let size = data.len();
let Ok(encrypted) = edge.encryptor.read().unwrap().decrypt(&data) else { let Ok(encrypted) = edge.encryptor.read().unwrap().encrypt(&data) else {
// let Ok(encrypted) = aes_encrypt(encrypt_key, &data) else { // let Ok(encrypted) = aes_encrypt(encrypt_key, &data) else {
error!("failed to encrypt packet request"); error!("failed to encrypt packet request");
return Ok(()); return Ok(());

11
src/utils/encrypter.rs
View File

@ -1,5 +1,7 @@
use std::{sync::{Arc, OnceLock, RwLock, atomic::{AtomicBool, AtomicU32, Ordering}}, time::{SystemTime, UNIX_EPOCH}}; use std::{sync::{Arc, OnceLock, RwLock, atomic::{AtomicBool, AtomicU32, Ordering}}, time::{SystemTime, UNIX_EPOCH}};
use tracing::debug;
use chacha20poly1305::{KeyInit, aead::Aead}; use chacha20poly1305::{KeyInit, aead::Aead};
use dashmap::DashSet; use dashmap::DashSet;
use sdlan_sn_rs::utils::{Result, SDLanError, aes_decrypt, aes_encrypt}; use sdlan_sn_rs::utils::{Result, SDLanError, aes_decrypt, aes_encrypt};
@ -115,7 +117,10 @@ impl Encryptor for Chacha20Encryptor {
nonce.extend_from_slice(&next_data.to_be_bytes()); nonce.extend_from_slice(&next_data.to_be_bytes());
match cipher.encrypt(nonce.as_slice().into(), data) { match cipher.encrypt(nonce.as_slice().into(), data) {
Ok(data) => Ok(data), Ok(data) => {
nonce.extend_from_slice(&data);
Ok(nonce)
},
Err(e) => { Err(e) => {
Err(SDLanError::EncryptError(e.to_string())) Err(SDLanError::EncryptError(e.to_string()))
} }
@ -127,11 +132,11 @@ impl Encryptor for Chacha20Encryptor {
return Err(SDLanError::EncryptError("ciphered text size error".to_owned())) return Err(SDLanError::EncryptError("ciphered text size error".to_owned()))
} }
let cipher = chacha20poly1305::ChaCha20Poly1305::new(self.key.as_slice().into()); let cipher = chacha20poly1305::ChaCha20Poly1305::new(self.key.as_slice().into());
let nonce = &ciphered[0..11]; let nonce = &ciphered[0..12];
match cipher.decrypt(nonce.into(), &ciphered[12..]) { match cipher.decrypt(nonce.into(), &ciphered[12..]) {
Ok(data) => Ok(data), Ok(data) => Ok(data),
Err(e) => { Err(e) => {
Err(SDLanError::EncryptError(e.to_string())) Err(SDLanError::EncryptError(format!("failed to decyrpt: {}", e.to_string())))
} }
} }
} }