Stop inlining all the Packet armor/dearmor stuff to reduce binary bloat. This stuff is called all over the place.

node/Packet.cpp

@@ -71,4 +71,90 @@ const char *Packet::errorString(ErrorCode e)
 	return "(unknown)";
 }
 
+void Packet::armor(const void *key,bool encryptPayload)
+{
+	unsigned char mangledKey[32];
+	unsigned char macKey[32];
+	unsigned char mac[16];
+	const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB;
+	unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen);
+
+	// Set flag now, since it affects key mangle function
+	setCipher(encryptPayload ? ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012 : ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE);
+
+	_salsa20MangleKey((const unsigned char *)key,mangledKey);
+	Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8),ZT_PROTO_SALSA20_ROUNDS);
+
+	// MAC key is always the first 32 bytes of the Salsa20 key stream
+	// This is the same construction DJB's NaCl library uses
+	s20.encrypt(ZERO_KEY,macKey,sizeof(macKey));
+
+	if (encryptPayload)
+		s20.encrypt(payload,payload,payloadLen);
+
+	Poly1305::compute(mac,payload,payloadLen,macKey);
+	memcpy(field(ZT_PACKET_IDX_MAC,8),mac,8);
+}
+
+bool Packet::dearmor(const void *key)
+{
+	unsigned char mangledKey[32];
+	unsigned char macKey[32];
+	unsigned char mac[16];
+	const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB;
+	unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen);
+	unsigned int cs = cipher();
+
+	if ((cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE)||(cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)) {
+		_salsa20MangleKey((const unsigned char *)key,mangledKey);
+		Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8),ZT_PROTO_SALSA20_ROUNDS);
+
+		s20.encrypt(ZERO_KEY,macKey,sizeof(macKey));
+		Poly1305::compute(mac,payload,payloadLen,macKey);
+		if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8))
+			return false;
+
+		if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)
+			s20.decrypt(payload,payload,payloadLen);
+
+		return true;
+	} else if (cs == ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM) {
+		return false; // not implemented yet
+	} else return false; // unrecognized cipher suite
+}
+
+bool Packet::compress()
+{
+	unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH * 2];
+	if ((!compressed())&&(size() > (ZT_PACKET_IDX_PAYLOAD + 32))) {
+		int pl = (int)(size() - ZT_PACKET_IDX_PAYLOAD);
+		int cl = LZ4_compress((const char *)field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)pl),(char *)buf,pl);
+		if ((cl > 0)&&(cl < pl)) {
+			(*this)[ZT_PACKET_IDX_VERB] |= (char)ZT_PROTO_VERB_FLAG_COMPRESSED;
+			setSize((unsigned int)cl + ZT_PACKET_IDX_PAYLOAD);
+			memcpy(field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)cl),buf,cl);
+			return true;
+		}
+	}
+	(*this)[ZT_PACKET_IDX_VERB] &= (char)(~ZT_PROTO_VERB_FLAG_COMPRESSED);
+	return false;
+}
+
+bool Packet::uncompress()
+{
+	unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH];
+	if ((compressed())&&(size() >= ZT_PROTO_MIN_PACKET_LENGTH)) {
+		if (size() > ZT_PACKET_IDX_PAYLOAD) {
+			unsigned int compLen = size() - ZT_PACKET_IDX_PAYLOAD;
+			int ucl = LZ4_decompress_safe((const char *)field(ZT_PACKET_IDX_PAYLOAD,compLen),(char *)buf,compLen,sizeof(buf));
+			if ((ucl > 0)&&(ucl <= (int)(capacity() - ZT_PACKET_IDX_PAYLOAD))) {
+				setSize((unsigned int)ucl + ZT_PACKET_IDX_PAYLOAD);
+				memcpy(field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)ucl),buf,ucl);
+			} else return false;
+		}
+		(*this)[ZT_PACKET_IDX_VERB] &= (char)(~ZT_PROTO_VERB_FLAG_COMPRESSED);
+	}
+	return true;
+}
+
 } // namespace ZeroTier

node/Packet.hpp

@@ -1019,10 +1019,7 @@ public:
 	/**
 	 * @return Raw packet payload
 	 */
-	inline const unsigned char *payload() const
+	inline const unsigned char *payload() const { return field(ZT_PACKET_IDX_PAYLOAD,size() - ZT_PACKET_IDX_PAYLOAD); }
-	{
-		return field(ZT_PACKET_IDX_PAYLOAD,size() - ZT_PACKET_IDX_PAYLOAD);
-	}
 
 	/**
 	 * Armor packet for transport
@@ -1030,30 +1027,7 @@ public:
 	 * @param key 32-byte key
 	 * @param encryptPayload If true, encrypt packet payload, else just MAC
 	 */
-	inline void armor(const void *key,bool encryptPayload)
+	void armor(const void *key,bool encryptPayload);
-	{
-		unsigned char mangledKey[32];
-		unsigned char macKey[32];
-		unsigned char mac[16];
-		const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB;
-		unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen);
-
-		// Set flag now, since it affects key mangle function
-		setCipher(encryptPayload ? ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012 : ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE);
-
-		_salsa20MangleKey((const unsigned char *)key,mangledKey);
-		Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8),ZT_PROTO_SALSA20_ROUNDS);
-
-		// MAC key is always the first 32 bytes of the Salsa20 key stream
-		// This is the same construction DJB's NaCl library uses
-		s20.encrypt(ZERO_KEY,macKey,sizeof(macKey));
-
-		if (encryptPayload)
-			s20.encrypt(payload,payload,payloadLen);
-
-		Poly1305::compute(mac,payload,payloadLen,macKey);
-		memcpy(field(ZT_PACKET_IDX_MAC,8),mac,8);
-	}
 
 	/**
 	 * Verify and (if encrypted) decrypt packet
@@ -1061,32 +1035,7 @@ public:
 	 * @param key 32-byte key
 	 * @return False if packet is invalid or failed MAC authenticity check
 	 */
-	inline bool dearmor(const void *key)
+	bool dearmor(const void *key);
-	{
-		unsigned char mangledKey[32];
-		unsigned char macKey[32];
-		unsigned char mac[16];
-		const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB;
-		unsigned char *const payload = field(ZT_PACKET_IDX_VERB,payloadLen);
-		unsigned int cs = cipher();
-
-		if ((cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE)||(cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)) {
-			_salsa20MangleKey((const unsigned char *)key,mangledKey);
-			Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8),ZT_PROTO_SALSA20_ROUNDS);
-
-			s20.encrypt(ZERO_KEY,macKey,sizeof(macKey));
-			Poly1305::compute(mac,payload,payloadLen,macKey);
-			if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8))
-				return false;
-
-			if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)
-				s20.decrypt(payload,payload,payloadLen);
-
-			return true;
-		} else if (cs == ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM) {
-			return false; // not implemented yet
-		} else return false; // unrecognized cipher suite
-	}
 
 	/**
 	 * Attempt to compress payload if not already (must be unencrypted)
@@ -1098,22 +1047,7 @@ public:
 	 * 
 	 * @return True if compression occurred
 	 */
-	inline bool compress()
+	bool compress();
-	{
-		unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH * 2];
-		if ((!compressed())&&(size() > (ZT_PACKET_IDX_PAYLOAD + 32))) {
-			int pl = (int)(size() - ZT_PACKET_IDX_PAYLOAD);
-			int cl = LZ4_compress((const char *)field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)pl),(char *)buf,pl);
-			if ((cl > 0)&&(cl < pl)) {
-				(*this)[ZT_PACKET_IDX_VERB] |= (char)ZT_PROTO_VERB_FLAG_COMPRESSED;
-				setSize((unsigned int)cl + ZT_PACKET_IDX_PAYLOAD);
-				memcpy(field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)cl),buf,cl);
-				return true;
-			}
-		}
-		(*this)[ZT_PACKET_IDX_VERB] &= (char)(~ZT_PROTO_VERB_FLAG_COMPRESSED);
-		return false;
-	}
 
 	/**
 	 * Attempt to decompress payload if it is compressed (must be unencrypted)
@@ -1123,22 +1057,7 @@ public:
 	 * 
 	 * @return True if data is now decompressed and valid, false on error
 	 */
-	inline bool uncompress()
+	bool uncompress();
-	{
-		unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH];
-		if ((compressed())&&(size() >= ZT_PROTO_MIN_PACKET_LENGTH)) {
-			if (size() > ZT_PACKET_IDX_PAYLOAD) {
-				unsigned int compLen = size() - ZT_PACKET_IDX_PAYLOAD;
-				int ucl = LZ4_decompress_safe((const char *)field(ZT_PACKET_IDX_PAYLOAD,compLen),(char *)buf,compLen,sizeof(buf));
-				if ((ucl > 0)&&(ucl <= (int)(capacity() - ZT_PACKET_IDX_PAYLOAD))) {
-					setSize((unsigned int)ucl + ZT_PACKET_IDX_PAYLOAD);
-					memcpy(field(ZT_PACKET_IDX_PAYLOAD,(unsigned int)ucl),buf,ucl);
-				} else return false;
-			}
-			(*this)[ZT_PACKET_IDX_VERB] &= (char)(~ZT_PROTO_VERB_FLAG_COMPRESSED);
-		}
-		return true;
-	}
 
 private:
 	static const unsigned char ZERO_KEY[32];