1 files changed, 53 insertions, 40 deletions

diff --git a/proto/wireguard/wireguard.c b/proto/wireguard/wireguard.c
index 4b065751..56507e2b 100644
--- a/proto/wireguard/wireguard.c
+++ b/proto/wireguard/wireguard.c
@@ -25,39 +25,49 @@ int get_device(struct wg_proto *p, wg_device **pdev, const char *device_name)
   dev->listen_port = c->listen_port;
   debug("listen port %d\n", c->listen_port);
 
-  wg_peer *peer = calloc(1, sizeof(wg_peer));
-  dev->first_peer = peer;
-  dev->last_peer = peer;
-
-  peer->flags = WGPEER_HAS_PUBLIC_KEY;
-  memcpy(peer->public_key, p->peer.public_key, sizeof(peer->public_key));
-  peer->next_peer = NULL;
-
-  sockaddr_fill((sockaddr*)&peer->endpoint.addr,
-		ipa_is_ip4(c->peer.endpoint) ? AF_INET : AF_INET6,
-		c->peer.endpoint, NULL, c->peer.remote_port);
-
-  wg_allowedip *allowedip = calloc(1, sizeof(wg_allowedip));
-  peer->first_allowedip = allowedip;
-  peer->last_allowedip = allowedip;
-
-  switch (c->peer.allowedip.type)
+  struct peer_config *pc = NULL;
+  WALK_LIST(pc,c->peers)
     {
-    case NET_IP4:
-      allowedip->family = AF_INET;
-      allowedip->ip4 = ipa_to_in4(net_prefix(&c->peer.allowedip));
-      allowedip->cidr = net_pxlen(&c->peer.allowedip);
-      break;
-    case NET_IP6:
-      allowedip->family = AF_INET6;
-      allowedip->ip6 = ipa_to_in6(net_prefix(&c->peer.allowedip));
-      allowedip->cidr = net_pxlen(&c->peer.allowedip);
-      break;
-    default:
-      break;
-    }
+      wg_peer *peer = calloc(1, sizeof(wg_peer));
+      if (!dev->first_peer)
+	dev->first_peer = peer;
+      if (dev->last_peer)
+	dev->last_peer->next_peer = peer;
+      dev->last_peer = peer;
+
+      if (pc->public_key)
+	{
+	  peer->flags = WGPEER_HAS_PUBLIC_KEY;
+	  wg_key_from_base64(peer->public_key, pc->public_key);
+	}
+      peer->next_peer = NULL;
+
+      sockaddr_fill((sockaddr*)&peer->endpoint.addr,
+		    ipa_is_ip4(pc->endpoint) ? AF_INET : AF_INET6,
+		    pc->endpoint, NULL, pc->remote_port);
+
+      wg_allowedip *allowedip = calloc(1, sizeof(wg_allowedip));
+      peer->first_allowedip = allowedip;
+      peer->last_allowedip = allowedip;
+
+      switch (pc->allowedip.type)
+	{
+	case NET_IP4:
+	  allowedip->family = AF_INET;
+	  allowedip->ip4 = ipa_to_in4(net_prefix(&pc->allowedip));
+	  allowedip->cidr = net_pxlen(&pc->allowedip);
+	  break;
+	case NET_IP6:
+	  allowedip->family = AF_INET6;
+	  allowedip->ip6 = ipa_to_in6(net_prefix(&pc->allowedip));
+	  allowedip->cidr = net_pxlen(&pc->allowedip);
+	  break;
+	default:
+	  break;
+	}
 
-  allowedip->next_allowedip = NULL;
+      allowedip->next_allowedip = NULL;
+    }
 
   *pdev = dev;
   return 0;
@@ -393,9 +403,9 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n,
       if (t && t->u.ptr && decode_tunnel_encap(t, &pubkey, &remote_ep_as4, &remote_ep_addr, &color, &udp_dest_port, &flags) == 0) {
 	log(L_TRACE "WG:     Attr %x %x %d %04x", t->flags, t->type, t->u.ptr->length, flags);
 
-	struct wg_device *dev = NULL;
+	struct wg_device *dev = p->dev;
 
-	if (get_device(p, &dev, ifname) == 0) {
+	if (dev != NULL) {
 	  bool dirty = false;
 	  bool found = false;
 	  struct wg_peer *peer = NULL;
@@ -429,8 +439,6 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n,
 	    int res = wg_set_device(dev);
 	    log(L_TRACE "WG: wg_set_device %d", res);
 	  }
-	  wg_free_device(dev);
-	  dev = NULL;
 	}
 
 	
@@ -498,9 +506,9 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n,
       return;
     }
 
-	struct wg_device *dev = NULL;
+	struct wg_device *dev = p->dev;
 
-	if (get_device(p, &dev, c->ifname) == 0) {
+	if (dev != NULL) {
 	  bool found = false;
 	  struct wg_peer *peer = NULL;
 	  wg_for_each_peer(dev, peer) {
@@ -575,9 +583,6 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n,
 	    }
 	  }
 
-	  wg_free_device(dev);
-	  dev = NULL;
-
 	  /*
     old_metric = en->metric;
 
@@ -679,6 +684,14 @@ wg_dump(struct proto *P)
   }
 }
 
+struct peer_config *peer_new(struct wg_config *c)
+{
+  struct peer_config *pc = cfg_allocz(sizeof(struct peer_config));
+  debug("peer_new %p\n", pc);
+  add_tail(&c->peers, (node*)pc);
+  return pc;
+}
+
 struct channel_class channel_wg = {
   .channel_size =       sizeof(struct wg_channel),
   .config_size =        sizeof(struct wg_channel_config),