diff options
author | Mikael Magnusson <mikma@users.sourceforge.net> | 2020-04-20 18:20:14 +0200 |
---|---|---|
committer | Mikael Magnusson <mikma@users.sourceforge.net> | 2021-01-12 23:34:17 +0100 |
commit | 57b25f23706f8df12d0d32533123fba09f0f80d1 (patch) | |
tree | fc2b2870e832b23daaaf68f18cb15105e7274799 | |
parent | 9a8bbec44769145bf6be2f541b5f61b713c49383 (diff) |
Wireguard: Refactor add_allowed_ip
-rw-r--r-- | proto/wireguard/wireguard.c | 42 |
1 files changed, 37 insertions, 5 deletions
diff --git a/proto/wireguard/wireguard.c b/proto/wireguard/wireguard.c index 8b15b90b..366357af 100644 --- a/proto/wireguard/wireguard.c +++ b/proto/wireguard/wireguard.c @@ -278,13 +278,42 @@ init_allowed_ip(struct wg_allowedip *allowedip, u8 net_type, struct network *n) allowedip->cidr = net_pxlen(n->n.addr); } -static int -add_allowed_ip(u8 net_type, struct network *n, wg_peer *peer) +static struct wg_allowedip * +create_allowed_ip_network(u8 net_type, struct network *n) { - // Add allowed ip struct wg_allowedip *allowedip = malloc(sizeof(struct wg_allowedip)); init_allowed_ip(allowedip, net_type, n); + return allowedip; +} + +static void +init_allowed_ip_addr(struct wg_allowedip *allowedip, ip_addr addr) +{ + memset(allowedip, 0, sizeof(struct wg_allowedip)); + if (ipa_is_ip4(addr)) { + allowedip->family = AF_INET; + allowedip->ip4.s_addr = ip4_to_u32(ip4_hton(ipa_to_ip4(addr))); + allowedip->cidr = IP4_MAX_PREFIX_LENGTH; + } else { + allowedip->family = AF_INET6; + ip6_addr netaddr = ip6_hton(ipa_to_ip6(addr)); + memcpy(allowedip->ip6.s6_addr, &netaddr, 16); + allowedip->cidr = IP6_MAX_PREFIX_LENGTH; + } +} + +static struct wg_allowedip * +create_allowed_ip_addr(ip_addr addr) +{ + struct wg_allowedip *allowedip = malloc(sizeof(struct wg_allowedip)); + init_allowed_ip_addr(allowedip, addr); + return allowedip; +} + +static int +add_allowed_ip(struct wg_allowedip *allowedip, wg_peer *peer) +{ if (peer->first_allowedip && peer->last_allowedip) peer->last_allowedip->next_allowedip = allowedip; else @@ -439,8 +468,11 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n, dump_peer(peer); if (is_tunnel_ep) set_peer_tunnel_ep(p, peer, encap.ep.ip, encap.udp_dest_port); - if (add_ip) - add_allowed_ip(ch->c.net_type, n, peer); + if (add_ip) { + struct wg_allowedip *allowed_n = + create_allowed_ip_network(ch->c.net_type, n); + add_allowed_ip(allowed_n, peer); + } dirty = true; if (dirty) { |