diff --git a/.github/workflows/ci-build-upload-binaries.yml b/.github/workflows/ci-build-upload-binaries.yml index 00c28191bdd..cd0067e7d46 100644 --- a/.github/workflows/ci-build-upload-binaries.yml +++ b/.github/workflows/ci-build-upload-binaries.yml @@ -62,10 +62,6 @@ jobs: echo 'RUSTFLAGS="--cfg tokio_unstable"' >> $GITHUB_ENV if: github.event_name == 'workflow_dispatch' && inputs.add_tokio_unstable == true - - name: Set CARGO_FEATURES - run: | - echo 'CARGO_FEATURES=--features wireguard' >> $GITHUB_ENV - - name: Install Rust stable uses: actions-rs/toolchain@v1 with: diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 19d5fc327e1..268de52c552 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -73,29 +73,27 @@ jobs: uses: actions-rs/cargo@v1 with: command: build - # Enable wireguard by default on linux only - args: --workspace --features wireguard - name: Build all examples if: matrix.os == 'custom-linux' uses: actions-rs/cargo@v1 with: command: build - args: --workspace --examples --features wireguard + args: --workspace --examples - name: Run all tests if: matrix.os == 'custom-linux' uses: actions-rs/cargo@v1 with: command: test - args: --workspace --features wireguard + args: --workspace - name: Run expensive tests if: (github.ref == 'refs/heads/develop' || github.event.pull_request.base.ref == 'develop' || github.event.pull_request.base.ref == 'master') && matrix.os == 'custom-linux' uses: actions-rs/cargo@v1 with: command: test - args: --workspace --features wireguard -- --ignored + args: --workspace -- --ignored - name: Annotate with clippy checks if: matrix.os == 'custom-linux' @@ -103,10 +101,10 @@ jobs: continue-on-error: true with: token: ${{ secrets.GITHUB_TOKEN }} - args: --workspace --features wireguard + args: --workspace - name: Clippy uses: actions-rs/cargo@v1 with: command: clippy - args: --workspace --all-targets --features wireguard -- -D warnings + args: --workspace --all-targets -- -D warnings diff --git a/.github/workflows/publish-nym-binaries.yml b/.github/workflows/publish-nym-binaries.yml index be70c514ba4..32cc171ac2c 100644 --- a/.github/workflows/publish-nym-binaries.yml +++ b/.github/workflows/publish-nym-binaries.yml @@ -51,10 +51,6 @@ jobs: echo 'RUSTFLAGS="--cfg tokio_unstable"' >> $GITHUB_ENV if: github.event_name == 'workflow_dispatch' && inputs.add_tokio_unstable == true - - name: Set CARGO_FEATURES - run: | - echo 'CARGO_FEATURES=--features wireguard' >> $GITHUB_ENV - - name: Install Rust stable uses: actions-rs/toolchain@v1 with: diff --git a/common/gateway-storage/Cargo.toml b/common/gateway-storage/Cargo.toml index eb18f1444e1..26b2be56a1b 100644 --- a/common/gateway-storage/Cargo.toml +++ b/common/gateway-storage/Cargo.toml @@ -10,8 +10,8 @@ license.workspace = true [dependencies] async-trait = { workspace = true } -bincode = { workspace = true, optional = true } -defguard_wireguard_rs = { workspace = true, optional = true } +bincode = { workspace = true } +defguard_wireguard_rs = { workspace = true } log = { workspace = true } sqlx = { workspace = true, features = [ "runtime-tokio-rustls", @@ -36,6 +36,3 @@ sqlx = { workspace = true, features = [ "macros", "migrate", ] } - -[features] -wireguard = ["defguard_wireguard_rs", "bincode"] diff --git a/common/gateway-storage/src/lib.rs b/common/gateway-storage/src/lib.rs index 7d3611fccff..d6274ae8541 100644 --- a/common/gateway-storage/src/lib.rs +++ b/common/gateway-storage/src/lib.rs @@ -25,7 +25,6 @@ mod inboxes; pub(crate) mod models; mod shared_keys; mod tickets; -#[cfg(feature = "wireguard")] mod wireguard_peers; #[async_trait] @@ -217,7 +216,6 @@ pub trait Storage: Send + Sync { /// /// * `peer`: wireguard peer data to be stored /// * `suspended`: if peer exists, but it's currently suspended - #[cfg(feature = "wireguard")] async fn insert_wireguard_peer( &self, peer: &defguard_wireguard_rs::host::Peer, @@ -229,14 +227,12 @@ pub trait Storage: Send + Sync { /// # Arguments /// /// * `peer_public_key`: wireguard public key of the peer to be retrieved. - #[cfg(feature = "wireguard")] async fn get_wireguard_peer( &self, peer_public_key: &str, ) -> Result, StorageError>; /// Retrieves all wireguard peers. - #[cfg(feature = "wireguard")] async fn get_all_wireguard_peers(&self) -> Result, StorageError>; /// Remove a wireguard peer from the storage. @@ -244,7 +240,6 @@ pub trait Storage: Send + Sync { /// # Arguments /// /// * `peer_public_key`: wireguard public key of the peer to be removed. - #[cfg(feature = "wireguard")] async fn remove_wireguard_peer(&self, peer_public_key: &str) -> Result<(), StorageError>; } @@ -255,7 +250,6 @@ pub struct PersistentStorage { inbox_manager: InboxManager, bandwidth_manager: BandwidthManager, ticket_manager: TicketStorageManager, - #[cfg(feature = "wireguard")] wireguard_peer_manager: wireguard_peers::WgPeerManager, } @@ -300,7 +294,6 @@ impl PersistentStorage { // the cloning here are cheap as connection pool is stored behind an Arc Ok(PersistentStorage { - #[cfg(feature = "wireguard")] wireguard_peer_manager: wireguard_peers::WgPeerManager::new(connection_pool.clone()), shared_key_manager: SharedKeysManager::new(connection_pool.clone()), inbox_manager: InboxManager::new(connection_pool.clone(), message_retrieval_limit), @@ -620,7 +613,6 @@ impl Storage for PersistentStorage { Ok(self.ticket_manager.get_epoch_signers(epoch_id).await?) } - #[cfg(feature = "wireguard")] async fn insert_wireguard_peer( &self, peer: &defguard_wireguard_rs::host::Peer, @@ -632,7 +624,6 @@ impl Storage for PersistentStorage { Ok(()) } - #[cfg(feature = "wireguard")] async fn get_wireguard_peer( &self, peer_public_key: &str, @@ -644,13 +635,11 @@ impl Storage for PersistentStorage { Ok(peer) } - #[cfg(feature = "wireguard")] async fn get_all_wireguard_peers(&self) -> Result, StorageError> { let ret = self.wireguard_peer_manager.retrieve_all_peers().await?; Ok(ret) } - #[cfg(feature = "wireguard")] async fn remove_wireguard_peer(&self, peer_public_key: &str) -> Result<(), StorageError> { self.wireguard_peer_manager .remove_peer(peer_public_key) diff --git a/common/gateway-storage/src/models.rs b/common/gateway-storage/src/models.rs index e1973ac1e38..dc0229d1f31 100644 --- a/common/gateway-storage/src/models.rs +++ b/common/gateway-storage/src/models.rs @@ -72,7 +72,6 @@ impl TryFrom for ClientTicket { } } -#[cfg(feature = "wireguard")] #[derive(Debug, Clone, FromRow)] pub struct WireguardPeer { pub public_key: String, @@ -87,7 +86,6 @@ pub struct WireguardPeer { pub suspended: bool, } -#[cfg(feature = "wireguard")] impl From for WireguardPeer { fn from(value: defguard_wireguard_rs::host::Peer) -> Self { WireguardPeer { @@ -120,7 +118,6 @@ impl From for WireguardPeer { } } -#[cfg(feature = "wireguard")] impl TryFrom for defguard_wireguard_rs::host::Peer { type Error = crate::error::StorageError; diff --git a/common/wireguard/Cargo.toml b/common/wireguard/Cargo.toml index 18759fa6410..f90708a68d3 100644 --- a/common/wireguard/Cargo.toml +++ b/common/wireguard/Cargo.toml @@ -23,7 +23,7 @@ x25519-dalek = { workspace = true } ip_network = { workspace = true } log.workspace = true nym-crypto = { path = "../crypto", features = ["asymmetric"] } -nym-gateway-storage = { path = "../gateway-storage", features = ["wireguard"] } +nym-gateway-storage = { path = "../gateway-storage" } nym-network-defaults = { path = "../network-defaults" } nym-task = { path = "../task" } nym-wireguard-types = { path = "../wireguard-types" } diff --git a/gateway/Cargo.toml b/gateway/Cargo.toml index e5f43bc54db..4a62c70bee4 100644 --- a/gateway/Cargo.toml +++ b/gateway/Cargo.toml @@ -93,10 +93,10 @@ nym-types = { path = "../common/types" } nym-validator-client = { path = "../common/client-libs/validator-client" } nym-ip-packet-router = { path = "../service-providers/ip-packet-router" } -nym-wireguard = { path = "../common/wireguard", optional = true } +nym-wireguard = { path = "../common/wireguard" } nym-wireguard-types = { path = "../common/wireguard-types", default-features = false } -defguard_wireguard_rs = { workspace = true, optional = true } +defguard_wireguard_rs = { workspace = true } [build-dependencies] @@ -109,11 +109,6 @@ sqlx = { workspace = true, features = [ ] } [features] -wireguard = [ - "nym-wireguard", - "defguard_wireguard_rs", - "nym-gateway-storage/wireguard", -] bin-deps = ["clap", 'nym-bin-common/output_format'] [package.metadata.deb] diff --git a/gateway/src/error.rs b/gateway/src/error.rs index 8dc005a0a1f..4d9f8fc9b4f 100644 --- a/gateway/src/error.rs +++ b/gateway/src/error.rs @@ -199,13 +199,11 @@ pub enum GatewayError { #[error("the current multisig contract is not using 'AbsolutePercentage' threshold!")] InvalidMultisigThreshold, - #[cfg(all(feature = "wireguard", target_os = "linux"))] #[error("failed to remove wireguard interface: {0}")] WireguardInterfaceError(#[from] defguard_wireguard_rs::error::WireguardInterfaceError), - #[cfg(all(feature = "wireguard", target_os = "linux"))] - #[error("wireguard not set")] - WireguardNotSet, + #[error("internal wireguard error {0}")] + InternalWireguardError(String), #[error("failed to start authenticator: {source}")] AuthenticatorStartError { diff --git a/gateway/src/node/mod.rs b/gateway/src/node/mod.rs index 5de29f806ad..47d3630b30f 100644 --- a/gateway/src/node/mod.rs +++ b/gateway/src/node/mod.rs @@ -50,7 +50,6 @@ struct StartedNetworkRequester { // TODO: should this struct live here? #[allow(unused)] struct StartedAuthenticator { - #[cfg(feature = "wireguard")] wg_api: Arc, /// Handle to interact with the local authenticator @@ -145,7 +144,6 @@ pub struct Gateway { storage: St, - #[cfg(all(feature = "wireguard", target_os = "linux"))] wireguard_data: Option, run_http_server: bool, @@ -168,7 +166,6 @@ impl Gateway { network_requester_opts, ip_packet_router_opts, authenticator_opts: None, - #[cfg(all(feature = "wireguard", target_os = "linux"))] wireguard_data: None, run_http_server: true, task_client: None, @@ -192,7 +189,6 @@ impl Gateway { identity_keypair, sphinx_keypair, storage, - #[cfg(all(feature = "wireguard", target_os = "linux"))] wireguard_data: None, run_http_server: true, task_client: None, @@ -207,7 +203,6 @@ impl Gateway { self.task_client = Some(task_client) } - #[cfg(all(feature = "wireguard", target_os = "linux"))] pub fn set_wireguard_data(&mut self, wireguard_data: nym_wireguard::WireguardData) { self.wireguard_data = Some(wireguard_data) } @@ -245,7 +240,7 @@ impl Gateway { mixnet_handling::Listener::new(listening_address, shutdown).start(connection_handler); } - #[cfg(all(feature = "wireguard", target_os = "linux"))] + #[cfg(target_os = "linux")] async fn start_authenticator( &mut self, forwarding_channel: MixForwardingSender, @@ -317,11 +312,13 @@ impl Gateway { handle: LocalEmbeddedClientHandle::new(start_data.address, auth_mix_sender), }) } else { - Err(Box::new(GatewayError::WireguardNotSet)) + Err(Box::new(GatewayError::InternalWireguardError( + "wireguard not set".to_string(), + ))) } } - #[cfg(all(feature = "wireguard", not(target_os = "linux")))] + #[cfg(not(target_os = "linux"))] async fn start_authenticator( &self, _forwarding_channel: MixForwardingSender, @@ -654,14 +651,15 @@ impl Gateway { info!("embedded ip packet router is disabled"); }; - #[cfg(feature = "wireguard")] - let _wg_api = { + let _wg_api = if self.wireguard_data.is_some() { let embedded_auth = self .start_authenticator(mix_forwarding_channel, shutdown.fork("authenticator")) .await .map_err(|source| GatewayError::AuthenticatorStartError { source })?; active_clients_store.insert_embedded(embedded_auth.handle); Some(embedded_auth.wg_api) + } else { + None }; if self.run_http_server { diff --git a/nym-node/Cargo.toml b/nym-node/Cargo.toml index 942de6a37c9..f33229d4bb5 100644 --- a/nym-node/Cargo.toml +++ b/nym-node/Cargo.toml @@ -17,7 +17,7 @@ license = "GPL-3.0" anyhow.workspace = true bip39 = { workspace = true, features = ["zeroize"] } bs58.workspace = true -celes = { workspace = true } # country codes +celes = { workspace = true } # country codes colored = { workspace = true } clap = { workspace = true, features = ["cargo", "env"] } humantime-serde = { workspace = true } @@ -39,7 +39,10 @@ semver = { workspace = true } cupid = { workspace = true } sysinfo = { workspace = true } -nym-bin-common = { path = "../common/bin-common", features = ["basic_tracing", "output_format"] } +nym-bin-common = { path = "../common/bin-common", features = [ + "basic_tracing", + "output_format", +] } nym-client-core-config-types = { path = "../common/client-core/config-types" } nym-config = { path = "../common/config" } nym-crypto = { path = "../common/crypto", features = ["asymmetric", "rand"] } @@ -62,6 +65,3 @@ nym-ip-packet-router = { path = "../service-providers/ip-packet-router" } [build-dependencies] # temporary bonding information v1 (to grab and parse nym-mixnode and nym-gateway package versions) cargo_metadata = { workspace = true } - -[features] -wireguard = ["nym-gateway/wireguard"] diff --git a/nym-node/src/node/mod.rs b/nym-node/src/node/mod.rs index 19242eda042..d0361b5057a 100644 --- a/nym-node/src/node/mod.rs +++ b/nym-node/src/node/mod.rs @@ -580,8 +580,9 @@ impl NymNode { ); entry_gateway.disable_http_server(); entry_gateway.set_task_client(task_client); - #[cfg(all(feature = "wireguard", target_os = "linux"))] - entry_gateway.set_wireguard_data(self.wireguard.into()); + if self.config.wireguard.enabled { + entry_gateway.set_wireguard_data(self.wireguard.into()); + } tokio::spawn(async move { if let Err(err) = entry_gateway.run().await { @@ -608,8 +609,9 @@ impl NymNode { ); exit_gateway.disable_http_server(); exit_gateway.set_task_client(task_client); - #[cfg(all(feature = "wireguard", target_os = "linux"))] - exit_gateway.set_wireguard_data(self.wireguard.into()); + if self.config.wireguard.enabled { + exit_gateway.set_wireguard_data(self.wireguard.into()); + } tokio::spawn(async move { if let Err(err) = exit_gateway.run().await {