This commit resolves multiple issues with the PSK broker integration.
- The manual testing procedure never actually utilized the brokers
due to the use of the outfile option, this led to issues with the
broker being hidden.
- The manual testing procedure omitted checking whether a PSK was
actually sent to WireGuard entirely. This was fixed by writing an
entirely new manual integration testing shell-script that can serve
as a blueprint for future integration tests.
- Many parts of the PSK broker code did not report (log) errors
accurately; added error logging
- BrokerServer set message.payload.return_code to the msg_type value,
this led to crashes
- The PSK broker commands all omitted to set the memfd policy, this led
to immediate crashes once secrets where actually allocated
- The MioBrokerClient IO state machine was broken and the design was
too obtuse to debug. The state machine returned the length prefix as
a message instead of actually interpreting it as a state machine.
Seems the code was integrated but never actually tested. This was
fixed by rewriting the entire state machine code using the new
LengthPrefixEncoder/Decoder facilities. A write-buffer that was not
being flushed is now handled by flushing the buffer in blocking-io
mode.
* wireguard-broker: merge from dev/broker-architecture
* use zerocopy instead of lenses
* Require use_broker feature flag to comile broker binaries
* Remove PhantomData from BrokerServer & BrokerClient
* Modify mio client rx to be non-recursive, add integration test
Co-authored-by: Karolin Varner <karo@cupdev.net>
Co-authored-by: Prabhpreet Dua <615318+prabhpreet@users.noreply.github.com>
