This commit applies eight low-risk internal optimizations identified
in the performance audit. No wire protocol changes — 100% MikroTik
compatible.
Changes:
- ecsrp5.rs: Cache WCurve in a global LazyLock, eliminating the
expensive BigUint modular square root recomputation on every
EC-SRP5 authentication. Also optimize the local hex::encode
module to use a single pre-allocated String instead of N format!
allocations.
- server.rs: Deduplicate Instant::now() calls in the TCP TX hot
loop, caching the result at the top of each iteration.
- csv_output.rs: Hold the CSV file handle open in a static
Mutex<Option<(String, File)>> instead of reopening the file on
every write_result call. Add explicit flush after each write.
- server_pro/user_db.rs: Replace hand-rolled Gregorian calendar
math (30+ lines looping from 1970) with chrono::Local::now().
Optimize hash_password() to write username:password directly
into the SHA256 hasher and hex-encode with a pre-allocated
String.
- server_pro/enforcer.rs: Replace allocating error string matching
(format!({}, e).as_str().contains(...)) with direct
QuotaError variant matching. Pass ip_str into flush_to_db()
to avoid a per-call ip.to_string().
- syslog_logger.rs: Move timestamp formatting outside the global
std::sync::Mutex to reduce lock hold time. Replace manual
calendar arithmetic with chrono::Local::now().format().
New dependency: chrono (already pulled in transitively by rusqlite).
TEST_END now includes: duration, avg TX/RX Mbps, total bytes, lost packets.
All test functions track cumulative totals via BandwidthState::record_interval()
and return summary stats.
Example:
TEST_END peer=172.16.81.1:59070 proto=UDP dir=TX duration=6s
tx_avg=275.00Mbps rx_avg=0.00Mbps tx_bytes=206250000 rx_bytes=0 lost=0
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Syslog now uses RFC 3164 (BSD) format with proper timestamps
and facility=local0 for easy filtering
- Added deploy/syslog-ng-btest.conf with filters for:
- All btest events (all.log + daily rotation)
- Auth events only (auth.log)
- Test events only (tests.log)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New features:
- --syslog <address:port> sends structured events to remote syslog (RFC 5424 UDP)
Events: AUTH_SUCCESS, AUTH_FAILURE, TEST_START, TEST_END, TEST_RESULT
- EC-SRP5 authentication for both client and server modes
- TCP multi-connection support (session tokens, all 3 directions)
Bug fixes since v0.2.0:
- EC-SRP5 server: fixed gamma parity (was 50% auth failure rate)
- EC-SRP5 server: use lift_x not redp1 for verification
- TCP send direction: server sends 12-byte status messages to client
- TCP both direction: TX loop injects status between data packets
- TCP data: send all zeros (no 0x07 header that MikroTik rejected)
- TCP disconnect detection: running flag set on EOF
- UDP multi-connection: unconnected socket accepts all source ports
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
