ts_ffi 0.3.3

c ffi bindings for tailscale-rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

use std::{
    ffi,
    ffi::{CStr, c_char},
};

use crate::TOKIO_RUNTIME;

/// A Tailscale cryptographic key.
#[derive(Debug, Default)]
#[repr(transparent)]
pub struct key(pub [u8; 32]);

macro_rules! impl_to_from {
    ($key:ty, $($keys:ty),+) => {
        impl_to_from!($key);
        impl_to_from!($($keys),+);
    };

    ($key:ty$(,)?) => {
        impl From<key> for $key {
            fn from(value: key) -> Self {
                value.0.into()
            }
        }

        impl From<&key> for $key {
            fn from(value: &key) -> Self {
                value.0.into()
            }
        }

        impl From<$key> for key {
            fn from(value: $key) -> Self {
                key(value.into())
            }
        }
        impl From<&$key> for key {
            fn from(value: &$key) -> Self {
                key((*value).into())
            }
        }
    };
}

impl_to_from!(
    ts_keys::NodePublicKey,
    ts_keys::NodePrivateKey,
    ts_keys::DiscoPublicKey,
    ts_keys::DiscoPrivateKey,
    ts_keys::MachinePrivateKey,
    ts_keys::MachinePublicKey,
    ts_keys::NetworkLockPrivateKey,
    ts_keys::NetworkLockPublicKey
);

/// Tailscale key state for running a device.
#[derive(Debug, Default)]
#[repr(C)]
pub struct persisted_key_state {
    /// Private key for the node (device) identity.
    pub node_private_key: key,
    /// Private key for the machine.
    pub machine_private_key: key,
    /// Private key for tailnet lock.
    pub network_lock_private_key: key,
}

impl From<persisted_key_state> for ts_keys::PersistState {
    fn from(value: persisted_key_state) -> Self {
        (&value).into()
    }
}

impl From<&persisted_key_state> for ts_keys::PersistState {
    fn from(value: &persisted_key_state) -> Self {
        ts_keys::PersistState {
            machine_key: (&value.machine_private_key).into(),
            network_lock_key: (&value.network_lock_private_key).into(),
            node_key: (&value.node_private_key).into(),
        }
    }
}

impl From<ts_keys::PersistState> for persisted_key_state {
    fn from(value: ts_keys::PersistState) -> Self {
        Self {
            machine_private_key: value.machine_key.into(),
            network_lock_private_key: value.network_lock_key.into(),
            node_private_key: value.node_key.into(),
        }
    }
}

/// Load the key state from the given file path.
///
/// The second parameter indicates whether to overwrite the file with a new key state if the
/// contents couldn't be read.
///
/// Returns a negative number on error.
///
/// # Safety
///
/// `path` must be safe to convert to a [`CStr`], i.e. it must be NUL-terminated and valid for read
/// up to the NUL-terminator.
#[unsafe(no_mangle)]
pub unsafe extern "C" fn ts_load_key_file(
    path: *const c_char,
    overwrite_if_invalid: bool,
    key_state: &mut persisted_key_state,
) -> ffi::c_int {
    let s = unsafe { CStr::from_ptr(path) };
    let s = match s.to_str() {
        Ok(s) => s,
        Err(e) => {
            tracing::error!(error = %e, "converting path to str");
            return -1;
        }
    };

    let mode = if overwrite_if_invalid {
        tailscale::config::BadFormatBehavior::Overwrite
    } else {
        tailscale::config::BadFormatBehavior::Error
    };

    let _span = tracing::trace_span!("ts_load_key_file", ?mode, path = %s).entered();

    match TOKIO_RUNTIME.block_on(tailscale::config::load_key_file(s, mode)) {
        Ok(state) => {
            *key_state = state.into();
            tracing::info!(?key_state, "loaded key state");

            0
        }
        Err(e) => {
            tracing::error!(error = %e, "loading key file");

            -1
        }
    }
}