punchnet/sdlan-lib-rs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chacha20 is supported, need test aes

Browse Source
This commit is contained in:
alex 2026-03-18 15:58:28 +08:00
parent fa8a60a737
commit 321146f6ac
3 changed files with 93 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
src/bin/punchnet/main.rs
View File

@ -11,6 +11,7 @@ use std::env;
use std::time::Duration;
use clap::Parser;
use daemonize::Daemonize;
use etherparse::icmpv6::CODE_PARAM_PROBLEM_UNRECOG_NEXT_HEADER_BY_INTERMEDIATE_NODE;
use futures_util::io;
use libc::SIGTERM;
use libc::kill;
@ -345,83 +346,96 @@ fn main() {
}
}
let out = OpenOptions::new()
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.out").unwrap();
let err = OpenOptions::new()
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.err").unwrap();
let should_daemonize = true;
let daemonize = Daemonize::new()
.pid_file("/tmp/punchnet.pid")
.chown_pid_file(true)
.working_directory(get_base_dir())
.stdout(out)
.stderr(err)
.privileged_action(|| {
});
if should_daemonize {
let out = OpenOptions::new()
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.out").unwrap();
let err = OpenOptions::new()
.create(true)
.truncate(true)
.write(true)
.open("/tmp/punchnet.err").unwrap();
match daemonize.start() {
Ok(_) => {
let rt = Runtime::new().unwrap();
match &cmd.cmd {
Commands::Start => {
rt.block_on(async move {
let remembered_token = get_access_token();
if remembered_token.is_none() {
eprintln!("not logged in, should login with user/pass or token first");
process::exit(-2);
}
let daemonize = Daemonize::new()
.pid_file("/tmp/punchnet.pid")
.chown_pid_file(true)
.working_directory(get_base_dir())
.stdout(out)
.stderr(err)
.privileged_action(|| {
});
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
Commands::AutoRun(tk) => {
rt.block_on(async move {
let mut remembered_token = get_access_token();
if remembered_token.is_none() {
let data = parse_login_result(
login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await
);
remembered_token = Some(CachedLoginInfo{
access_token: data.access_token,
username: data.username,
user_type: data.user_type,
audit: data.audit,
network_id: data.network_id,
network_name: data.network_name,
});
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
other => {
eprintln!("should not comes here");
process::exit(-1);
}
match daemonize.start() {
Ok(_) => {
run_it(cmd, client_id, mac, system, version);
}
Err(e) => {
eprintln!("failed to daemonize");
}
}
} else {
run_it(cmd, client_id, mac, system, version);
}
}
fn run_it(cmd: CommandLineInput2, client_id: String, mac: Mac, system: &str, version: &str) {
let rt = Runtime::new().unwrap();
match &cmd.cmd {
Commands::Start => {
rt.block_on(async move {
let remembered_token = get_access_token();
if remembered_token.is_none() {
eprintln!("not logged in, should login with user/pass or token first");
process::exit(-2);
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
Commands::AutoRun(tk) => {
rt.block_on(async move {
let mut remembered_token = get_access_token();
if remembered_token.is_none() {
let data = parse_login_result(
login_with_token(TEST_PREFIX, &client_id, &tk.token, mac, system, version).await
);
remembered_token = Some(CachedLoginInfo{
access_token: data.access_token,
username: data.username,
user_type: data.user_type,
audit: data.audit,
network_id: data.network_id,
network_name: data.network_name,
});
}
let remembered = remembered_token.unwrap();
let connect_info = parse_connect_result(
connect(TEST_PREFIX, &client_id, &remembered.access_token).await
);
daemonize_me(connect_info, remembered, client_id, mac).await;
})
}
Err(e) => {
eprintln!("failed to daemonize");
other => {
eprintln!("should not comes here");
process::exit(-1);
}
}
}
pub fn delete_pid_file() {

3
src/network/tun_linux.rs
View File

@ -207,6 +207,7 @@ impl TunTapPacketHandler for Iface {
Ok(_) => return Ok(()),
}
}
async fn handle_packet_from_device(
&self,
data: Vec<u8>,
@ -288,7 +289,7 @@ impl TunTapPacketHandler for Iface {
}
let size = data.len();
let Ok(encrypted) = edge.encryptor.read().unwrap().decrypt(&data) else {
let Ok(encrypted) = edge.encryptor.read().unwrap().encrypt(&data) else {
// let Ok(encrypted) = aes_encrypt(encrypt_key, &data) else {
error!("failed to encrypt packet request");
return Ok(());

11
src/utils/encrypter.rs
View File

@ -1,5 +1,7 @@
use std::{sync::{Arc, OnceLock, RwLock, atomic::{AtomicBool, AtomicU32, Ordering}}, time::{SystemTime, UNIX_EPOCH}};
use tracing::debug;
use chacha20poly1305::{KeyInit, aead::Aead};
use dashmap::DashSet;
use sdlan_sn_rs::utils::{Result, SDLanError, aes_decrypt, aes_encrypt};
@ -115,7 +117,10 @@ impl Encryptor for Chacha20Encryptor {
nonce.extend_from_slice(&next_data.to_be_bytes());
match cipher.encrypt(nonce.as_slice().into(), data) {
Ok(data) => Ok(data),
Ok(data) => {
nonce.extend_from_slice(&data);
Ok(nonce)
},
Err(e) => {
Err(SDLanError::EncryptError(e.to_string()))
}
@ -127,11 +132,11 @@ impl Encryptor for Chacha20Encryptor {
return Err(SDLanError::EncryptError("ciphered text size error".to_owned()))
}
let cipher = chacha20poly1305::ChaCha20Poly1305::new(self.key.as_slice().into());
let nonce = &ciphered[0..11];
let nonce = &ciphered[0..12];
match cipher.decrypt(nonce.into(), &ciphered[12..]) {
Ok(data) => Ok(data),
Err(e) => {
Err(SDLanError::EncryptError(e.to_string()))
Err(SDLanError::EncryptError(format!("failed to decyrpt: {}", e.to_string())))
}
}
}