Cleanup

Update README.md
2025-01-04 13:52:50 +01:00 · 2025-01-04 13:36:55 +01:00 · 2025-01-04 12:30:12 +00:00
5 changed files with 24 additions and 20 deletions
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# vppn: Virtual Pretty Private Network
+# vppn: Virtual Potentially Private Network

 ## TODO

@@ -30,7 +30,7 @@ AmbientCapabilities=CAP_NET_BIND_SERVICE
 Type=simple
 User=user
 WorkingDirectory=/home/user/
-ExecStart=/home/user/hub -listen <addr>:https -secure=true -root-dir=/home/user
+ExecStart=/home/user/hub -listen <addr>:https -root-dir=/home/user
 Restart=always
 RestartSec=8
 TimeoutStopSec=24
--- a/hub/app.go
+++ b/hub/app.go
@@ -19,14 +19,14 @@ var templateFS embed.FS
 type Config struct {
 	RootDir    string
 	ListenAddr string
-	Secure     bool
+	Insecure   bool
 }

 type App struct {
-	api    *api.API
-	mux    *http.ServeMux
-	tmpl   map[string]*template.Template
-	secure bool
+	api      *api.API
+	mux      *http.ServeMux
+	tmpl     map[string]*template.Template
+	insecure bool
 }

 func NewApp(conf Config) (*App, error) {
@@ -36,10 +36,10 @@ func NewApp(conf Config) (*App, error) {
 	}

 	app := &App{
-		api:    api,
-		mux:    http.NewServeMux(),
-		tmpl:   webutil.ParseTemplateSet(templateFuncs, templateFS),
-		secure: conf.Secure,
+		api:      api,
+		mux:      http.NewServeMux(),
+		tmpl:     webutil.ParseTemplateSet(templateFuncs, templateFS),
+		insecure: conf.Insecure,
 	}

 	app.registerRoutes()
--- a/hub/cookie.go
+++ b/hub/cookie.go
@@ -17,8 +17,9 @@ func (a *App) setCookie(w http.ResponseWriter, name, value string) {
 		Name:     name,
 		Value:    value,
 		Path:     "/",
-		Secure:   a.secure,
+		Secure:   !a.insecure,
 		SameSite: http.SameSiteStrictMode,
+		HttpOnly: true,
 		MaxAge:   86400 * 365 * 10,
 	})
 }
--- a/hub/main.go
+++ b/hub/main.go
@@ -15,7 +15,7 @@ func Main() {
 	conf := Config{}
 	flag.StringVar(&conf.RootDir, "root-dir", "", "[REQUIRED] Root directory.")
 	flag.StringVar(&conf.ListenAddr, "listen", "", "[REQUIRED] Listen address.")
-	flag.BoolVar(&conf.Secure, "secure", false, "Use secure cookies.")
+	flag.BoolVar(&conf.Insecure, "insecure", false, "Don't use secure cookies.")

 	flag.Parse()

--- a/node/supervisor.go
+++ b/node/supervisor.go
@@ -107,14 +107,10 @@ type peerStateData struct {
 // ----------------------------------------------------------------------------

 func (s *peerStateData) sendControlPacket(pkt interface{ Marshal([]byte) []byte }) {
-	s.limiter.Limit()
-	_sendControlPacket(pkt, s.staged, s.buf1, s.buf2)
+	s._sendControlPacket(pkt, s.staged)
 }

-func (s *peerStateData) sendControlPacketTo(
-	pkt interface{ Marshal([]byte) []byte },
-	addr netip.AddrPort,
-) {
+func (s *peerStateData) sendControlPacketTo(pkt interface{ Marshal([]byte) []byte }, addr netip.AddrPort) {
 	if !addr.IsValid() {
 		s.logf("ERROR: Attepted to send packet to invalid address: %v", addr)
 		return
@@ -122,7 +118,14 @@ func (s *peerStateData) sendControlPacketTo(
 	route := s.staged
 	route.Direct = true
 	route.RemoteAddr = addr
-	s.limiter.Limit()
+	s._sendControlPacket(pkt, route)
+}
+
+func (s *peerStateData) _sendControlPacket(pkt interface{ Marshal([]byte) []byte }, route peerRoute) {
+	if err := s.limiter.Limit(); err != nil {
+		s.logf("Not sending control packet: rate limited.") // Shouldn't happen.
+		return
+	}
 	_sendControlPacket(pkt, route, s.buf1, s.buf2)
 }
Author	SHA1	Message	Date
jdl	55f63043ee	Cleanup	2025-01-04 13:52:50 +01:00
jdl	36172bf310	Cleanup	2025-01-04 13:36:55 +01:00
J. David Lee	2549e1ae08	Update README.md	2025-01-04 12:30:12 +00:00