This commit resolves multiple issues with the PSK broker integration.
- The manual testing procedure never actually utilized the brokers
due to the use of the outfile option, this led to issues with the
broker being hidden.
- The manual testing procedure omitted checking whether a PSK was
actually sent to WireGuard entirely. This was fixed by writing an
entirely new manual integration testing shell-script that can serve
as a blueprint for future integration tests.
- Many parts of the PSK broker code did not report (log) errors
accurately; added error logging
- BrokerServer set message.payload.return_code to the msg_type value,
this led to crashes
- The PSK broker commands all omitted to set the memfd policy, this led
to immediate crashes once secrets where actually allocated
- The MioBrokerClient IO state machine was broken and the design was
too obtuse to debug. The state machine returned the length prefix as
a message instead of actually interpreting it as a state machine.
Seems the code was integrated but never actually tested. This was
fixed by rewriting the entire state machine code using the new
LengthPrefixEncoder/Decoder facilities. A write-buffer that was not
being flushed is now handled by flushing the buffer in blocking-io
mode.
Implements:
- An additional allocator to use memfd_secret(2) and guard pages using mmap(2), implemented in quininer/memsec#16
- An allocator that abstracts away underlying allocators, and uses specified allocator set by rosenpass_secret_memory::policy functions (or a function that sets rosenpass_secret_memory::alloc::ALLOC_INIT
- Updates to tests- integration, fuzz, bench: some tests use procspawn to spawn multiple processes with different allocator policies
Dynamically dispatch WireguardBrokerMio trait in AppServer. Also allows for mio event registration and poll processing, logic from dev/broker-architecture branch
Co-authored-by: Prabhpreet Dua <615318+prabhpreet@users.noreply.github.com>
Co-authored-by: Karolin Varner <karo@cupdev.net>
