feat: add network secret for registration validation#183
Open
cg8-5712 wants to merge 5 commits intovnt-dev:v2from
Open
feat: add network secret for registration validation#183cg8-5712 wants to merge 5 commits intovnt-dev:v2from
cg8-5712 wants to merge 5 commits intovnt-dev:v2from
Conversation
- Introduce `network_secret` field in `FileConfig` and `Args` structs - Update configuration handling to include `network_secret` - Modify Java example to set `network_secret` for client configuration - Update HTML forms to include input for `network_secret` This change adds a new optional field for a network join secret, which is used for server-side admission control. It enhances security by allowing validation of network registrations. The new field is reflected in both the configuration files and the user interface.
- Consolidate the route addition method call into a single line - Simplify the function signature of `route_timeout_task` These changes improve code readability by reducing the number of lines and making the function signatures more concise. The functionality remains unchanged, but the code is now cleaner and easier to follow.
There was a problem hiding this comment.
Pull request overview
Adds support for an optional network_secret (network join secret) across the CLI/config, core config propagation, the web UI/config generator, and JNI Java examples to enable server-side registration/admission validation.
Changes:
- Introduces
network_secretin Rust configs (CLI/file/web start config) and propagates it into the core config. - Updates the web UI to collect, parse, and emit
network_secretin generated TOML. - Updates JNI JSON parsing and Java examples to include
network_secret.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
vnt-web/static/index.html |
Adds UI field + TOML parse/emit + example snippet updates for network_secret. |
vnt-web/src/service_http.rs |
Extends StartConfig and conversion into core config with network_secret. |
vnt-jni/src/lib.rs |
Extends JNI JSON config parsing to accept network_secret. |
vnt-jni/java_example/com/vnt/VntConfig.java |
Adds builder/JSON emission support for network_secret. |
vnt-jni/java_example/AndroidVpnExample.java |
Demonstrates setting network_secret in the example config. |
vnt-core/src/context/config.rs |
Adds network_secret to core config and changes key_sign() behavior. |
src/main_cli.rs |
Adjusts logging to reflect whether network auth / payload encryption are enabled. |
src/args_config.rs |
Adds network_secret to CLI args + file config + example config output. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Create Dockerfile for building the application - Add docker-compose.yml for service orchestration - Include example configuration file for user reference - Add .dockerignore to exclude unnecessary files from the image This commit introduces Docker support for the project, allowing for easier deployment and management of the application. The Dockerfile sets up the build environment, while the docker-compose.yml facilitates running the application with necessary configurations. An example configuration file is provided to guide users in setting up their own configurations.
Author
|
@copilot /review |
- Translate comments in Rust code from Chinese to English - Update HTML comments for better clarity - Ensure consistency in language across the project These changes improve the documentation and comments in the codebase, making it more understandable for developers who may not be fluent in Chinese.
- Change network mode to host for the vnt2-client service - Remove port mappings as they are no longer needed - Update comments to clarify the implications of host networking This change allows the VNT peers to access services running on the host machine directly, which is necessary for certain configurations. The previous port mappings are redundant with this setup, simplifying the configuration and improving network performance.
Author
|
All features tested pass |
Open
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
network_secretfield inFileConfigandArgsstructsnetwork_secretnetwork_secretfor client configurationnetwork_secretThis change adds a new optional field for a network join secret, which is used for server-side admission control. It enhances security by allowing validation of network registrations. The new field is reflected in both the configuration files and the user interface.