AUDIT changes

hub/handlers.go

@@ -260,7 +260,7 @@ func (a *App) _adminPasswordSubmit(s *api.Session, w http.ResponseWriter, r *htt
 		return err
 	}
 
-	return a.redirect(w, r, "/admin/config/")
+	return a.redirect(w, r, "/admin/network/list/")
 }
 
 func (a *App) _peerInit(peer *api.Peer, w http.ResponseWriter, r *http.Request) error {

peer/multicast/broadcaster.go

@@ -44,7 +44,7 @@ func broadcastInner(selfVPNIP netip.Addr, pubKey wgtypes.Key, wgPort uint16, sig
 	// dropped by receivers' freshness gate.
 	send := func() error {
 		packet.Timestamp = time.Now().Unix()
-		payload := packet.Marshal(buf, signKey)
+		payload := packet.marshal(buf, signKey)
 		_, err := conn.WriteToUDP(payload, addr)
 		return err
 	}

peer/multicast/packet.go

@@ -29,8 +29,8 @@ type Packet struct {
 	Signed    []byte     // Raw signed message for verification (incoming packet).
 }
 
-// Marshal the packet into a buffer with prefixed signature.
+// marshal the packet into a buffer with prefixed signature.
-func (p Packet) Marshal(buf []byte, signKey *[64]byte) []byte {
+func (p Packet) marshal(buf []byte, signKey *[64]byte) []byte {
 	buf[0] = p.PeerIP
 	copy(buf[1:33], p.WGPubKey[:])
 	binary.BigEndian.PutUint16(buf[33:35], p.WGPort)
@@ -43,7 +43,7 @@ func (p Packet) Verify(buf []byte, pubKey *[32]byte) bool {
 	return ok
 }
 
-func Unmarshal(signed []byte) (p Packet) {
+func unmarshal(signed []byte) (p Packet) {
 	buf := signed[signSize:]
 	p.PeerIP = buf[0]
 	copy(p.WGPubKey[:], buf[1:33])

peer/multicast/packet_test.go

@@ -21,12 +21,12 @@ func TestPacket(t *testing.T) {
 	}
 
 	buf := make([]byte, BufferSize)
-	signed := p.Marshal(buf, priv)
+	signed := p.marshal(buf, priv)
 	if len(signed) != SignedPacketSize {
 		t.Fatalf("signed length = %d, want %d", len(signed), SignedPacketSize)
 	}
 
-	got := Unmarshal(signed)
+	got := unmarshal(signed)
 	if got.PeerIP != p.PeerIP || got.WGPubKey != p.WGPubKey ||
 		got.WGPort != p.WGPort || got.Timestamp != p.Timestamp {
 		t.Fatalf("round-trip mismatch:\n got %+v\nwant %+v", got, p)

peer/multicast/receiver.go

@@ -27,7 +27,7 @@ func receiver(vpnNet netip.Prefix, selfVPNIP netip.Addr, ch chan<- Packet) error
 	}
 	defer conn.Close()
 
-	buf := make([]byte, BufferSize+1) // +1 to detect oversized packets
+	buf := make([]byte, SignedPacketSize+1) // +1 to detect oversized packets
 
 	for {
 		conn.SetReadDeadline(time.Now().Add(32 * time.Second))
@@ -43,7 +43,7 @@ func receiver(vpnNet netip.Prefix, selfVPNIP netip.Addr, ch chan<- Packet) error
 			continue
 		}
 
-		packet := Unmarshal(buf[:n])
+		packet := unmarshal(buf[:n])
 
 		if packet.PeerIP == selfIP {
 			continue

peer/on_tick.go

@@ -16,7 +16,7 @@ func (a *App) onTick() {
 	for _, wgPeer := range wgPeers {
 		p, ok := a.peersByKey[wgPeer.PublicKey]
 		if !ok {
-			log.Printf("Wireguard peer not in index, removing: %v", wgPeer)
+			log.Printf("Wireguard peer not known. Removing: %v", wgPeer.PublicKey)
 			a.devRemove(&Peer{wgPeer: wgPeer})
 			continue
 		}