Reference preshared keys by path.

7 files changed, 35 insertions, 38 deletions

diff --git a/src/config.rs b/src/config.rs
index 6269525..362c962 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -2,7 +2,7 @@
 //
 // Copyright 2019 Hristo Venev
 
-use crate::model::{Ipv4Set, Ipv6Set, Key};
+use crate::model::{Ipv4Set, Ipv6Set, Key, Secret};
 use serde_derive;
 use std::collections::HashMap;
 use std::path::PathBuf;
@@ -11,7 +11,7 @@ use std::path::PathBuf;
 #[serde(deny_unknown_fields)]
 pub struct Source {
     pub url: String,
-    pub psk: Option<Key>,
+    pub psk: Option<Secret>,
     pub ipv4: Ipv4Set,
     pub ipv6: Ipv6Set,
     #[serde(default)]
@@ -22,7 +22,7 @@ pub struct Source {
 #[serde(deny_unknown_fields)]
 pub struct Peer {
     pub source: Option<String>,
-    pub psk: Option<Key>,
+    pub psk: Option<Secret>,
 }
 
 #[derive(Clone, PartialEq, Eq, Debug)]
diff --git a/src/fileutil.rs b/src/fileutil.rs
index c124fae..b138955 100644
--- a/src/fileutil.rs
+++ b/src/fileutil.rs
@@ -24,11 +24,6 @@ impl Drop for Temp {
 
 impl Temp {
     #[inline]
-    pub fn path(&self) -> &Path {
-        &*self.path
-    }
-
-    #[inline]
     pub fn leave(mut self) -> PathBuf {
         mem::replace(&mut self.path, PathBuf::new())
     }
@@ -67,7 +62,7 @@ impl Writer {
     #[inline]
     pub fn sync_done(self) -> io::Result<Temp> {
         self.file.sync_data()?;
-        Ok(self.inner)
+        Ok(self.done())
     }
 
     #[inline]
diff --git a/src/main.rs b/src/main.rs
index ca4068d..8ab9fb3 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -37,8 +37,7 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config
             State::Source(ref mut s) => {
                 if key == "psk" {
                     arg = args.next()?;
-                    let arg = arg.to_str()?;
-                    s.psk = Some(model::Key::from_str(arg).ok()?);
+                    s.psk = Some(model::Secret::new(arg.into()));
                     continue;
                 }
                 if key == "ipv4" {
@@ -65,8 +64,7 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config
             State::Peer(ref mut p) => {
                 if key == "psk" {
                     arg = args.next()?;
-                    let arg = arg.to_str()?;
-                    p.psk = Some(model::Key::from_str(arg).ok()?);
+                    p.psk = Some(model::Secret::new(arg.into()));
                     continue;
                 }
                 if key == "source" {
@@ -137,7 +135,7 @@ fn help(argv0: &str, args: Vec<OsString>) -> i32 {
     print!(
         "\
 Usage:
-    {} IFNAME CONFIG         - run daemon on iterface
+    {} IFNAME CONFIG         - run daemon on interface
     {} --check-source PATH   - validate source JSON
     {} --cmdline IFNAME ...  - run daemon using config passed as arguments
 ",
diff --git a/src/manager/builder.rs b/src/manager/builder.rs
index 9580d07..6ee71f2 100644
--- a/src/manager/builder.rs
+++ b/src/manager/builder.rs
@@ -135,7 +135,7 @@ fn insert_peer<'b>(
     err: &mut Vec<Error>,
     src: &Source,
     p: &proto::Peer,
-    psk: Option<&model::Key>,
+    psk: Option<&model::Secret>,
     update: impl for<'c> FnOnce(&'c mut model::Peer) -> (),
 ) -> &'b mut model::Peer {
     match c.peers.entry(p.public_key) {
@@ -161,7 +161,7 @@ fn find_psk<'a>(
     gc: &'a config::GlobalConfig,
     src: &'a Source,
     p: &proto::Peer,
-) -> Result<Option<&'a model::Key>, Error> {
+) -> Result<Option<&'a model::Secret>, Error> {
     let want = match gc.peers.get(&p.public_key) {
         Some(v) => v,
         None => return Ok(None),
diff --git a/src/manager/mod.rs b/src/manager/mod.rs
index 8df4d23..b7fb8c2 100644
--- a/src/manager/mod.rs
+++ b/src/manager/mod.rs
@@ -35,10 +35,12 @@ impl Manager {
         let runtime_directory = c.runtime_directory.ok_or_else(|| {
             io::Error::new(io::ErrorKind::InvalidInput, "runtime directory required")
         })?;
-        let mut state_path = runtime_directory.clone();
+
+        let mut state_path = runtime_directory;
         state_path.push("state.json");
+
         let mut m = Self {
-            dev: wg::Device::open(ifname, runtime_directory)?,
+            dev: wg::Device::open(ifname)?,
             global_config: c.global,
             sources: vec![],
             current: model::Config::empty(),
diff --git a/src/model.rs b/src/model.rs
index f0e1a7a..1f537bc 100644
--- a/src/model.rs
+++ b/src/model.rs
@@ -8,6 +8,7 @@
 use base64;
 use std::collections::HashMap;
 use std::fmt;
+use std::path::{Path, PathBuf};
 use std::str::FromStr;
 
 mod ip;
@@ -29,6 +30,21 @@ impl Key {
     }
 }
 
+#[derive(serde_derive::Serialize, serde_derive::Deserialize, Clone, PartialEq, Eq, Debug)]
+pub struct Secret(PathBuf);
+
+impl Secret {
+    #[inline]
+    pub fn new(path: PathBuf) -> Self {
+        Self(path)
+    }
+
+    #[inline]
+    pub fn path(&self) -> &Path {
+        &self.0
+    }
+}
+
 impl fmt::Display for Key {
     #[inline]
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
@@ -184,7 +200,7 @@ impl<'de> serde::Deserialize<'de> for Endpoint {
 #[derive(serde_derive::Serialize, serde_derive::Deserialize, Clone, PartialEq, Eq, Debug)]
 pub struct Peer {
     pub endpoint: Option<Endpoint>,
-    pub psk: Option<Key>,
+    pub psk: Option<Secret>,
     pub keepalive: u32,
     pub ipv4: Vec<Ipv4Net>,
     pub ipv6: Vec<Ipv6Net>,
diff --git a/src/wg.rs b/src/wg.rs
index 6a13d4e..879251b 100644
--- a/src/wg.rs
+++ b/src/wg.rs
@@ -2,21 +2,19 @@
 //
 // Copyright 2019 Hristo Venev
 
-use crate::{fileutil, model};
+use crate::model;
 use std::ffi::{OsStr, OsString};
-use std::path::PathBuf;
 use std::process::{Command, Stdio};
-use std::{env, io, mem};
+use std::{env, io};
 
 pub struct Device {
     ifname: OsString,
-    tmpdir: PathBuf,
 }
 
 impl Device {
     #[inline]
-    pub fn open(ifname: OsString, tmpdir: PathBuf) -> io::Result<Self> {
-        let dev = Self { ifname, tmpdir };
+    pub fn open(ifname: OsString) -> io::Result<Self> {
+        let dev = Self { ifname };
         let _ = dev.get_public_key()?;
         Ok(dev)
     }
@@ -60,8 +58,6 @@ impl Device {
         proc.arg("set");
         proc.arg(&self.ifname);
 
-        let mut tmps = vec![];
-
         for (pubkey, conf) in &new.peers {
             let old_endpoint;
             if let Some(old_peer) = old.peers.get(pubkey) {
@@ -88,16 +84,7 @@ impl Device {
 
             if let Some(psk) = &conf.psk {
                 proc.arg("preshared-key");
-                let mut tmp = self.tmpdir.clone();
-                tmp.push(format!("tmp-{}", tmps.len()));
-                let mut tmp = fileutil::Writer::new(tmp)?;
-                {
-                    use io::Write;
-                    writeln!(tmp.file(), "{}", psk)?;
-                }
-                let tmp = tmp.done();
-                proc.arg(tmp.path());
-                tmps.push(tmp);
+                proc.arg(psk.path());
             }
 
             let mut ips = String::new();
@@ -131,7 +118,6 @@ impl Device {
         }
 
         let r = proc.status()?;
-        mem::drop(tmps);
         if !r.success() {
             return Err(io::Error::new(io::ErrorKind::Other, "child process failed"));
         }