Various dependency updates (#265)

* update netlink-*, toml, clap, other small dependencies
* switch back to x25519-dalek from curve25519-dalek

client/Cargo.toml

@@ -16,11 +16,11 @@ path = "src/main.rs"
 [dependencies]
 anyhow = "1"
 colored = "2"
-clap = { version = "3", features = ["derive"] }
-clap_complete = "3"
+clap = { version = "4.3", features = ["derive", "wrap_help"] }
+clap_complete = "4.3"
 dialoguer = { version = "0.10", default-features = false }
 hostsfile = { path = "../hostsfile" }
-indoc = "1"
+indoc = "2.0.1"
 ipnet = { version = "2.4", features = ["serde"] }
 log = "0.4"
 regex = { version = "1", default-features = false, features = ["std"] }

client/src/main.rs

@@ -1,5 +1,5 @@
 use anyhow::{anyhow, bail};
-use clap::{AppSettings, Args, IntoApp, Parser, Subcommand};
+use clap::{ArgAction, Args, Parser, Subcommand};
 use colored::*;
 use dialoguer::{Confirm, Input};
 use hostsfile::HostsBuilder;
@@ -47,15 +47,14 @@ macro_rules! println_pad {
 }
 
 #[derive(Clone, Debug, Parser)]
-#[clap(name = "innernet", author, version, about)]
-#[clap(global_setting(AppSettings::DeriveDisplayOrder))]
+#[command(name = "innernet", author, version, about)]
 struct Opts {
     #[clap(subcommand)]
     command: Option<Command>,
 
     /// Verbose output, use -vv for even higher verbositude
-    #[clap(short, long, parse(from_occurrences))]
-    verbose: u64,
+    #[clap(short, long, action = ArgAction::Count)]
+    verbose: u8,
 
     #[clap(short, long, default_value = "/etc/innernet")]
     config_dir: PathBuf,
@@ -74,7 +73,7 @@ struct HostsOpt {
     hosts_path: PathBuf,
 
     /// Don't write to any hosts files
-    #[clap(long = "no-write-hosts", conflicts_with = "hosts-path")]
+    #[clap(long = "no-write-hosts", conflicts_with = "hosts_path")]
     no_write_hosts: bool,
 }
 
@@ -254,7 +253,7 @@ enum Command {
 
     /// Generate shell completion scripts
     Completions {
-        #[clap(arg_enum)]
+        #[clap(value_enum)]
         shell: clap_complete::Shell,
     },
 }
@@ -1275,6 +1274,7 @@ fn run(opts: &Opts) -> Result<(), Error> {
             override_endpoint(&interface, opts, sub_opts)?;
         },
         Command::Completions { shell } => {
+            use clap::CommandFactory;
             let mut app = Opts::command();
             let app_name = app.get_name().to_string();
             clap_complete::generate(shell, &mut app, app_name, &mut std::io::stdout());

client/src/util.rs

@@ -51,7 +51,7 @@ impl log::Log for Logger {
     fn flush(&self) {}
 }
 
-pub fn init_logger(verbosity: u64) {
+pub fn init_logger(verbosity: u8) {
     let level = match verbosity {
         0 => log::LevelFilter::Info,
         1 => log::LevelFilter::Debug,

netlink-request/Cargo.toml

@@ -4,9 +4,10 @@ version = "1.5.5"
 edition = "2021"
 
 [target.'cfg(target_os = "linux")'.dependencies]
-netlink-sys = "0.8"
-netlink-packet-core = "0.4"
-netlink-packet-generic = "0.3"
-netlink-packet-route = "0.13"
+netlink-sys = "0.8.5"
+netlink-packet-core = "0.5"
+netlink-packet-generic = "0.3.2"
+netlink-packet-route = "0.15"
+netlink-packet-utils = "0.5.2"
 nix = { version = "0.25", features = ["feature"] }
 once_cell = "1"

netlink-request/src/lib.rs

@@ -7,9 +7,10 @@ mod linux {
     use netlink_packet_generic::{
         constants::GENL_HDRLEN,
         ctrl::{nlas::GenlCtrlAttrs, GenlCtrl, GenlCtrlCmd},
-        GenlFamily, GenlMessage,
+        GenlFamily, GenlHeader, GenlMessage,
     };
     use netlink_packet_route::RtnlMessage;
+    use netlink_packet_utils::{Emitable, ParseableParametrized};
     use netlink_sys::{constants::NETLINK_GENERIC, protocols::NETLINK_ROUTE, Socket};
     use nix::unistd::{sysconf, SysconfVar};
     use once_cell::sync::OnceCell;
@@ -49,7 +50,7 @@ mod linux {
         flags: Option<u16>,
     ) -> Result<Vec<NetlinkMessage<GenlMessage<F>>>, io::Error>
     where
-        F: GenlFamily + Clone + Debug + Eq,
+        F: GenlFamily + Clone + Debug + Eq + Emitable + ParseableParametrized<[u8], GenlHeader>,
         GenlMessage<F>: Clone + Debug + Eq + NetlinkSerializable + NetlinkDeserializable,
     {
         if message.family_id() == 0 {
@@ -98,7 +99,7 @@ mod linux {
     ) -> Result<Vec<NetlinkMessage<I>>, io::Error>
     where
         NetlinkPayload<I>: From<I>,
-        I: Clone + Debug + Eq + NetlinkSerializable + NetlinkDeserializable,
+        I: Clone + Debug + Eq + Emitable + NetlinkSerializable + NetlinkDeserializable,
     {
         let mut req = NetlinkMessage::from(message);
 

server/Cargo.toml

@@ -18,38 +18,38 @@ v6-test = []
 [dependencies]
 anyhow = "1"
 bytes = "1"
-clap = { version = "3", features = ["derive"] }
-clap_complete = "3"
+clap = { version = "4.3", features = ["derive", "wrap_help"] }
+clap_complete = "4.3"
 colored = "2"
 dialoguer = { version = "0.10", default-features = false }
 hyper = { version = "0.14", default-features = false, features = ["http1", "server", "runtime", "stream"] }
-indoc = "1"
+indoc = "2.0.1"
 ipnet = { version = "2.4", features = ["serde"] }
 libc = "0.2"
-libsqlite3-sys = "0.25"
+libsqlite3-sys = "0.26"
 log = "0.4"
 once_cell = "1.17.1"
 parking_lot = "0.12"
 pretty_env_logger = "0.4"
 publicip = { path = "../publicip" }
 regex = { version = "1", default-features = false, features = ["std"] }
-rusqlite = "0.28"
+rusqlite = "0.29"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 shared = { path = "../shared" }
 subtle = "2"
 thiserror = "1"
-tokio = { version = "1", features = ["macros", "rt-multi-thread", "time"] }
-toml = "0.5"
+tokio = { version = "1.28.0", features = ["macros", "rt-multi-thread", "time"] }
+toml = "0.7.4"
 url = "2"
 wireguard-control = { path = "../wireguard-control" }
 
 [target.'cfg(target_os = "linux")'.dependencies]
-socket2 = { version = "0.4", features = ["all"] }
+socket2 = { version = "0.5.2", features = ["all"] }
 
 # Workaround for https://github.com/rusqlite/rusqlite/issues/914
 [target.'cfg(target_env = "musl")'.dependencies]
-rusqlite = { version = "0.28", features = ["bundled"] }
+rusqlite = { version = "0.29", features = ["bundled"] }
 
 [dev-dependencies]
 anyhow = "1"

server/src/initialize.rs

@@ -37,7 +37,7 @@ pub struct InitializeOpts {
     pub network_cidr: Option<IpNet>,
 
     /// This server's external endpoint (ex: 100.100.100.100:51820)
-    #[clap(long, conflicts_with = "auto-external-endpoint")]
+    #[clap(long, conflicts_with = "auto_external_endpoint")]
     pub external_endpoint: Option<Endpoint>,
 
     /// Auto-resolve external endpoint

server/src/main.rs

@@ -1,5 +1,5 @@
 use anyhow::{anyhow, bail};
-use clap::{AppSettings, IntoApp, Parser, Subcommand};
+use clap::{Parser, Subcommand};
 use colored::*;
 use dialoguer::Confirm;
 use hyper::{http, server::conn::AddrStream, Body, Request, Response};
@@ -45,8 +45,7 @@ pub use shared::{Association, AssociationContents};
 pub const VERSION: &str = env!("CARGO_PKG_VERSION");
 
 #[derive(Debug, Parser)]
-#[clap(name = "innernet-server", author, version, about)]
-#[clap(global_setting(AppSettings::DeriveDisplayOrder))]
+#[command(name = "innernet-server", author, version, about)]
 struct Opts {
     #[clap(subcommand)]
     command: Command,
@@ -127,7 +126,7 @@ enum Command {
 
     /// Generate shell completion scripts
     Completions {
-        #[clap(arg_enum)]
+        #[clap(value_enum)]
         shell: clap_complete::Shell,
     },
 }
@@ -199,7 +198,9 @@ impl ConfigFile {
                 path.display()
             );
         }
-        Ok(toml::from_slice(&std::fs::read(path).with_path(path)?)?)
+        Ok(toml::from_str(
+            &std::fs::read_to_string(path).with_path(path)?,
+        )?)
     }
 }
 
@@ -279,6 +280,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
         Command::AddCidr { interface, args } => add_cidr(&interface, &conf, args)?,
         Command::DeleteCidr { interface, args } => delete_cidr(&interface, &conf, args)?,
         Command::Completions { shell } => {
+            use clap::CommandFactory;
             let mut app = Opts::command();
             let app_name = app.get_name().to_string();
             clap_complete::generate(shell, &mut app, app_name, &mut std::io::stdout());

shared/Cargo.toml

@@ -9,10 +9,10 @@ version = "1.5.5"
 [dependencies]
 anyhow = "1"
 atty = "0.2"
-clap = { version = "3", features = ["derive"] }
+clap = { version = "4.3", features = ["derive", "wrap_help"] }
 colored = "2.0"
 dialoguer = { version = "0.10", default-features = false }
-indoc = "1"
+indoc = "2.0.1"
 ipnet = { version = "2.4", features = ["serde"] }
 libc = "0.2"
 log = "0.4"
@@ -20,15 +20,15 @@ once_cell = "1.17.1"
 publicip = { path = "../publicip" }
 regex = "1"
 serde = { version = "1", features = ["derive"] }
-toml = "0.5"
+toml = "0.7.4"
 url = "2"
 wireguard-control = { path = "../wireguard-control" }
 
 [target.'cfg(target_os = "linux")'.dependencies]
-netlink-sys = "0.8"
-netlink-packet-core = "0.4"
-netlink-packet-route = "0.13"
+netlink-sys = "0.8.5"
+netlink-packet-core = "0.5"
+netlink-packet-route = "0.15"
 netlink-request = { path = "../netlink-request" }
 
 [target.'cfg(target_os = "macos")'.dependencies]
-nix = "0.25"
+nix = "0.26"

shared/src/interface_config.rs

@@ -112,7 +112,9 @@ impl InterfaceConfig {
     }
 
     pub fn from_file<P: AsRef<Path>>(path: P) -> Result<Self, Error> {
-        Ok(toml::from_slice(&std::fs::read(&path).with_path(path)?)?)
+        Ok(toml::from_str(
+            &std::fs::read_to_string(&path).with_path(path)?,
+        )?)
     }
 
     pub fn from_interface(config_dir: &Path, interface: &InterfaceName) -> Result<Self, Error> {

shared/src/netlink.rs

@@ -1,5 +1,8 @@
 use ipnet::IpNet;
-use netlink_packet_core::{NetlinkMessage, NetlinkPayload, NLM_F_ACK, NLM_F_CREATE, NLM_F_REQUEST};
+use netlink_packet_core::{
+    NetlinkMessage, NetlinkPayload, NLM_F_ACK, NLM_F_CREATE, NLM_F_DUMP, NLM_F_REPLACE,
+    NLM_F_REQUEST,
+};
 use netlink_packet_route::{
     address,
     constants::*,
@@ -23,14 +26,12 @@ fn if_nametoindex(interface: &InterfaceName) -> Result<u32, io::Error> {
 
 pub fn set_up(interface: &InterfaceName, mtu: u32) -> Result<(), io::Error> {
     let index = if_nametoindex(interface)?;
-    let message = LinkMessage {
-        header: LinkHeader {
-            index,
-            flags: IFF_UP,
-            ..Default::default()
-        },
-        nlas: vec![link::nlas::Nla::Mtu(mtu)],
-    };
+    let mut header = LinkHeader::default();
+    header.index = index;
+    header.flags = IFF_UP;
+    let mut message = LinkMessage::default();
+    message.header = header;
+    message.nlas = vec![link::nlas::Nla::Mtu(mtu)];
     netlink_request_rtnl(RtnlMessage::SetLink(message), None)?;
     log::debug!("set interface {} up with mtu {}", interface, mtu);
     Ok(())
@@ -54,16 +55,15 @@ pub fn set_addr(interface: &InterfaceName, addr: IpNet) -> Result<(), io::Error>
             vec![address::Nla::Address(network.addr().octets().to_vec())],
         ),
     };
-    let message = AddressMessage {
-        header: AddressHeader {
-            index,
-            family,
-            prefix_len: addr.prefix_len(),
-            scope: RT_SCOPE_UNIVERSE,
-            ..Default::default()
-        },
-        nlas,
-    };
+    let mut header = AddressHeader::default();
+    header.index = index;
+    header.family = family;
+    header.prefix_len = addr.prefix_len();
+    header.scope = RT_SCOPE_UNIVERSE;
+
+    let mut message = AddressMessage::default();
+    message.header = header;
+    message.nlas = nlas;
     netlink_request_rtnl(
         RtnlMessage::NewAddress(message),
         Some(NLM_F_REQUEST | NLM_F_ACK | NLM_F_REPLACE | NLM_F_CREATE),
@@ -78,18 +78,16 @@ pub fn add_route(interface: &InterfaceName, cidr: IpNet) -> Result<bool, io::Err
         IpNet::V4(network) => (AF_INET as u8, network.network().octets().to_vec()),
         IpNet::V6(network) => (AF_INET6 as u8, network.network().octets().to_vec()),
     };
-    let message = RouteMessage {
-        header: RouteHeader {
-            table: RT_TABLE_MAIN,
-            protocol: RTPROT_BOOT,
-            scope: RT_SCOPE_LINK,
-            kind: RTN_UNICAST,
-            destination_prefix_length: cidr.prefix_len(),
-            address_family,
-            ..Default::default()
-        },
-        nlas: vec![route::Nla::Destination(dst), route::Nla::Oif(if_index)],
-    };
+    let mut header = RouteHeader::default();
+    header.table = RT_TABLE_MAIN;
+    header.protocol = RTPROT_BOOT;
+    header.scope = RT_SCOPE_LINK;
+    header.kind = RTN_UNICAST;
+    header.destination_prefix_length = cidr.prefix_len();
+    header.address_family = address_family;
+    let mut message = RouteMessage::default();
+    message.header = header;
+    message.nlas = vec![route::Nla::Destination(dst), route::Nla::Oif(if_index)];
 
     match netlink_request_rtnl(RtnlMessage::NewRoute(message), None) {
         Ok(_) => {

shared/src/types.rs

@@ -1,5 +1,8 @@
 use anyhow::{anyhow, Error};
-use clap::Args;
+use clap::{
+    builder::{PossibleValuesParser, TypedValueParser},
+    Args,
+};
 use ipnet::IpNet;
 use once_cell::sync::Lazy;
 use regex::Regex;
@@ -286,7 +289,7 @@ pub struct RedeemContents {
 #[derive(Debug, Clone, PartialEq, Eq, Args)]
 pub struct InstallOpts {
     /// Set a specific interface name
-    #[clap(long, conflicts_with = "default-name")]
+    #[clap(long, conflicts_with = "default_name")]
     pub name: Option<String>,
 
     /// Use the network name inside the invitation as the interface name
@@ -305,7 +308,7 @@ pub struct AddPeerOpts {
     pub name: Option<Hostname>,
 
     /// Specify desired IP of new peer (within parent CIDR)
-    #[clap(long, conflicts_with = "auto-ip")]
+    #[clap(long, conflicts_with = "auto_ip")]
     pub ip: Option<IpAddr>,
 
     /// Auto-assign the peer the first available IP within the CIDR
@@ -398,7 +401,7 @@ pub struct ListenPortOpts {
     pub listen_port: Option<u16>,
 
     /// Unset the local listen port to use a randomized port
-    #[clap(short, long, conflicts_with = "listen-port")]
+    #[clap(short, long, conflicts_with = "listen_port")]
     pub unset: bool,
 
     /// Bypass confirmation
@@ -433,7 +436,7 @@ pub struct NatOpts {
     /// ex. --exclude-nat-candidates '0.0.0.0/0' would report no candidates.
     pub exclude_nat_candidates: Vec<IpNet>,
 
-    #[clap(long, conflicts_with = "exclude-nat-candidates")]
+    #[clap(long, conflicts_with = "exclude_nat_candidates")]
     /// Don't report any candidates to coordinating server.
     /// Shorthand for --exclude-nat-candidates '0.0.0.0/0'.
     pub no_nat_candidates: bool,
@@ -465,7 +468,7 @@ pub struct NetworkOpts {
     /// external tool like e.g. babeld.
     pub no_routing: bool,
 
-    #[clap(long, default_value_t, possible_values = Backend::variants())]
+    #[clap(long, default_value_t, value_parser = PossibleValuesParser::new(Backend::variants()).map(|s| s.parse::<Backend>().unwrap()))]
     /// Specify a WireGuard backend to use.
     /// If not set, innernet will auto-select based on availability.
     pub backend: Backend,
@@ -632,8 +635,6 @@ impl<'a> PeerDiff<'a> {
         // diff.new is now guaranteed to be a Some(_) variant.
         let new = new.unwrap();
 
-        // TODO(jake): use contains() when stable: https://github.com/rust-lang/rust/issues/62358
-
         let new_allowed_ips = &[AllowedIp {
             address: new.ip,
             cidr: if new.ip.is_ipv4() { 32 } else { 128 },

wireguard-control/Cargo.toml

@@ -10,17 +10,18 @@ repository = "https://github.com/tonarino/innernet"
 version = "1.5.5"
 
 [dependencies]
-base64 = "0.13"
-hex = "0.4"
+base64 = "0.13.1"
+hex = "0.4.3"
 libc = "0.2"
 log = "0.4"
 rand_core = { version = "0.6", features = ["getrandom"] }
-curve25519-dalek = "4.0.0-pre.2"
+x25519-dalek = { version = "=2.0.0-rc.2", features = ["static_secrets"] }
 
 [target.'cfg(target_os = "linux")'.dependencies]
 netlink-request = { path = "../netlink-request" }
 netlink-sys = "0.8"
-netlink-packet-core = "0.4"
-netlink-packet-generic = "0.3"
-netlink-packet-route = "0.13"
+netlink-packet-core = "0.5"
+netlink-packet-generic = "0.3.2"
+netlink-packet-route = "0.15"
+netlink-packet-utils = "0.5.2"
 netlink-packet-wireguard = "0.2"

wireguard-control/src/backends/kernel.rs

@@ -3,7 +3,7 @@ use crate::{
     PeerConfigBuilder, PeerInfo, PeerStats,
 };
 use netlink_packet_core::{
-    NetlinkMessage, NetlinkPayload, NLM_F_ACK, NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST,
+    NetlinkMessage, NetlinkPayload, NLM_F_ACK, NLM_F_CREATE, NLM_F_DUMP, NLM_F_EXCL, NLM_F_REQUEST,
 };
 use netlink_packet_generic::GenlMessage;
 use netlink_packet_route::{
@@ -12,9 +12,9 @@ use netlink_packet_route::{
         self,
         nlas::{Info, InfoKind},
     },
-    traits::Emitable,
     LinkMessage, RtnlMessage,
 };
+use netlink_packet_utils::traits::Emitable;
 use netlink_packet_wireguard::{
     self,
     constants::{WGDEVICE_F_REPLACE_PEERS, WGPEER_F_REMOVE_ME, WGPEER_F_REPLACE_ALLOWEDIPS},

wireguard-control/src/key.rs

@@ -1,5 +1,7 @@
 use std::{ffi::NulError, fmt};
 
+use x25519_dalek::{PublicKey, StaticSecret};
+
 /// Represents an error in base64 key parsing.
 #[derive(Eq, PartialEq, Debug, Clone)]
 pub struct InvalidKey;
@@ -57,14 +59,10 @@ impl Key {
     /// Generates a public key for this private key.
     #[must_use]
     pub fn get_public(&self) -> Self {
-        use curve25519_dalek::scalar::Scalar;
+        let secret = StaticSecret::from(self.0);
+        let public = PublicKey::from(&secret);
 
-        use curve25519_dalek::constants::ED25519_BASEPOINT_TABLE;
-
-        // https://github.com/dalek-cryptography/x25519-dalek/blob/1c39ff92e0dfc0b24aa02d694f26f3b9539322a5/src/x25519.rs#L150
-        let point = (&ED25519_BASEPOINT_TABLE * &Scalar::from_bits(self.0)).to_montgomery();
-
-        Self(point.to_bytes())
+        Self(public.to_bytes())
     }
 
     /// Generates an all-zero key.