diff options
| author | Mikael Magnusson <mikma@users.sourceforge.net> | 2019-03-27 01:33:44 +0100 |
|---|---|---|
| committer | Mikael Magnusson <mikma@users.sourceforge.net> | 2020-05-08 18:52:55 +0200 |
| commit | 6fde8496187ddfd5f481c4dd3ee5a5509830cd9f (patch) | |
| tree | 40c925c3d771c0c8eacd3a07d22948739f6fd28c /proto/wireguard/wireguard.c | |
| parent | 0ed082c568eb9df878d94c44754bd5e725137fa8 (diff) | |
Wireguard: Set up wireguard device
Add private key and listen port items.
Diffstat (limited to 'proto/wireguard/wireguard.c')
| -rw-r--r-- | proto/wireguard/wireguard.c | 75 |
1 files changed, 72 insertions, 3 deletions
diff --git a/proto/wireguard/wireguard.c b/proto/wireguard/wireguard.c index 2a020be2..4b065751 100644 --- a/proto/wireguard/wireguard.c +++ b/proto/wireguard/wireguard.c @@ -8,6 +8,61 @@ #include "wireguard.h" #include "proto/bgp/bgp.h" +static +int get_device(struct wg_proto *p, wg_device **pdev, const char *device_name) +{ + struct wg_config *c = (struct wg_config *) p->p.cf; + + /* if (has_user_space(p)) */ + /* return user_get_device(p, dev, device_name); */ + /* else */ + /* return wg_get_device(dev, device_name); */ + + wg_device *dev = calloc(1, sizeof(wg_device)); + strncpy(dev->name, device_name, sizeof(dev->name)); + dev->flags = WGDEVICE_HAS_PRIVATE_KEY | WGDEVICE_HAS_LISTEN_PORT; + memcpy(dev->private_key, p->private_key, sizeof(dev->private_key)); + dev->listen_port = c->listen_port; + debug("listen port %d\n", c->listen_port); + + wg_peer *peer = calloc(1, sizeof(wg_peer)); + dev->first_peer = peer; + dev->last_peer = peer; + + peer->flags = WGPEER_HAS_PUBLIC_KEY; + memcpy(peer->public_key, p->peer.public_key, sizeof(peer->public_key)); + peer->next_peer = NULL; + + sockaddr_fill((sockaddr*)&peer->endpoint.addr, + ipa_is_ip4(c->peer.endpoint) ? AF_INET : AF_INET6, + c->peer.endpoint, NULL, c->peer.remote_port); + + wg_allowedip *allowedip = calloc(1, sizeof(wg_allowedip)); + peer->first_allowedip = allowedip; + peer->last_allowedip = allowedip; + + switch (c->peer.allowedip.type) + { + case NET_IP4: + allowedip->family = AF_INET; + allowedip->ip4 = ipa_to_in4(net_prefix(&c->peer.allowedip)); + allowedip->cidr = net_pxlen(&c->peer.allowedip); + break; + case NET_IP6: + allowedip->family = AF_INET6; + allowedip->ip6 = ipa_to_in6(net_prefix(&c->peer.allowedip)); + allowedip->cidr = net_pxlen(&c->peer.allowedip); + break; + default: + break; + } + + allowedip->next_allowedip = NULL; + + *pdev = dev; + return 0; +} + static void wg_init_entry(void *e_) { @@ -340,7 +395,7 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n, struct wg_device *dev = NULL; - if (wg_get_device(&dev, ifname) == 0) { + if (get_device(p, &dev, ifname) == 0) { bool dirty = false; bool found = false; struct wg_peer *peer = NULL; @@ -445,7 +500,7 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n, struct wg_device *dev = NULL; - if (wg_get_device(&dev, c->ifname) == 0) { + if (get_device(p, &dev, c->ifname) == 0) { bool found = false; struct wg_peer *peer = NULL; wg_for_each_peer(dev, peer) { @@ -566,6 +621,13 @@ wg_init(struct proto_config *C) P->reload_routes = wg_reload_routes; // P->accept_ra_types = RA_ANY; + log(L_TRACE "WG: private_key %s", c->private_key); + if (c->private_key) + wg_key_from_base64(p->private_key, c->private_key); + log(L_TRACE "WG: public_key %s", c->peer.public_key); + if (c->peer.public_key) + wg_key_from_base64(p->peer.public_key, c->peer.public_key); + /* Add all channels */ struct wg_channel_config *cc; WALK_LIST(cc, C->channels) @@ -581,7 +643,14 @@ wg_start(struct proto *P) struct wg_config *cf UNUSED = (struct wg_config *) P->cf; struct wg_proto *p = (struct wg_proto *) P; - debug("start\n"); + log(L_TRACE "WG: start"); + + if (get_device(p, &p->dev, cf->ifname) >= 0) + { + int res = wg_set_device(p->dev); + log(L_TRACE "WG: wg_set_device %d", res); + } + struct wg_channel *ch; WALK_LIST(ch,p->p.channels) { fib_init(&ch->rtable, P->pool, ch->c.net_type, sizeof(struct wg_entry), |