- Introduced a new module `test_vector_sets.rs` containing test vector definitions for deterministic protocol testing.
- Added a new test file `test_vector_crypto_server.rs` to validate the protocol implementation using captured internal randomness.
- Added serialization and deserialization of `Secret`, `Public`, and `PublicBox` types in `serialization.rs`.
- Added necessary dependencies in `Cargo.toml` for test vectors: assert_tv, serde and base64
- Updated audit records in `audits.toml` and `imports.lock` for new dependencies.
With this commit, rosenpass uses a signal handler based on the signal-hook-mio crate.
Even though, in this commit, no rosenpass-rp code is touched, this also
fixes the signal handling in rosenpass-rp. The way rosenpass is
integrated in rp is a bit of a hack – it just directly embeds
rosenpass in the same process (though on a dedicated thread). For this
reason, rp now just inherits rosenpass' signal handlers. The
rosenpass event_loop() will terminate. The main loop of `rp` just spends
most of the time waiting for rosenpass itself to finish, and exits when
it finishes.
Unfortunately, this means we are not using signalfd(2)[^0]; the
signal-hook-mio crate appears to use a pipe-based mechanism to deliver
events to mio instead.
This may not be such a bad thing, as signalfd has some severe drawbacks
with respect to subprocesses and masked signals[^1].
Fixes: #358 (https://github.com/rosenpass/rosenpass/issues/385)
Fixes: #522 (https://github.com/rosenpass/rosenpass/issues/522)
Fixes: #678 (https://github.com/rosenpass/rosenpass/pull/678)
[^0]: https://unixism.net/2021/02/making-signals-less-painful-under-linux/
[^1]: https://ldpreload.com/blog/signalfd-is-useless?reposted-on-request
This, for now, disables correct handling of program termination,
but not because the RAII does not work. Instead, we need to implement
a proper signal handling concept.
We also removed some teardown handlers which are not covered by RAII,
like removing the routes we set up. The reason for this is, that this
is going to be taken care of by removing the wireguard device anyway.
Before this commit, there was a submodule rp::exchange::netlink
and there where platform checks, printing error messages on systems
other than freebsd and linux.
Neither is really necessary. If the application won't compile on other
systems it won't work, and if it happens to work then why give users a
spurious error message.
