summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-08-08 19:18:25 -0700
committerJason A. Donenfeld <Jason@zx2c4.com>2018-08-09 01:22:05 -0700
commited1b3a4fe8f3b27d47b65bc4f7cf5cd19ec199a1 (patch)
tree05b87b7e51c38fb2b20b2ace28610cfcefd2ae8c
parentdc1315ab86fdc2d2a43130e2b133ff996038090d (diff)
netlink: don't start over iteration on multipart non-first allowedips
Reported-by: Matt Layher <mdlayher@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--src/netlink.c6
-rwxr-xr-xsrc/tests/netns.sh24
2 files changed, 28 insertions, 2 deletions
diff --git a/src/netlink.c b/src/netlink.c
index 90c7aa2..3147587 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -165,7 +165,7 @@ static int get_device_start(struct netlink_callback *cb)
static int get_device_dump(struct sk_buff *skb, struct netlink_callback *cb)
{
struct wireguard_device *wg = (struct wireguard_device *)cb->args[0];
- struct wireguard_peer *peer, *next_peer_cursor = NULL, *last_peer_cursor = (struct wireguard_peer *)cb->args[1];
+ struct wireguard_peer *peer, *next_peer_cursor, *last_peer_cursor;
struct allowedips_cursor *rt_cursor = (struct allowedips_cursor *)cb->args[2];
unsigned int peer_idx = 0;
struct nlattr *peers_nest;
@@ -173,6 +173,8 @@ static int get_device_dump(struct sk_buff *skb, struct netlink_callback *cb)
void *hdr;
int ret = -EMSGSIZE;
+ next_peer_cursor = last_peer_cursor = (struct wireguard_peer *)cb->args[1];
+
rtnl_lock();
mutex_lock(&wg->device_update_lock);
cb->seq = wg->device_update_gen;
@@ -220,9 +222,9 @@ static int get_device_dump(struct sk_buff *skb, struct netlink_callback *cb)
nla_nest_end(skb, peers_nest);
out:
- peer_put(last_peer_cursor);
if (!ret && !done && next_peer_cursor)
peer_get(next_peer_cursor);
+ peer_put(last_peer_cursor);
mutex_unlock(&wg->device_update_lock);
rtnl_unlock();
diff --git a/src/tests/netns.sh b/src/tests/netns.sh
index d1950a0..29e1fd4 100755
--- a/src/tests/netns.sh
+++ b/src/tests/netns.sh
@@ -439,6 +439,30 @@ n0 wg setconf wg0 <(printf '%s\n' "${config[@]}")
n0 wg showconf wg0 > /dev/null
ip0 link del wg0
+allowedips=( )
+for i in {1..197}; do
+ allowedips+=( abcd::$i )
+done
+saved_ifs="$IFS"
+IFS=,
+allowedips="${allowedips[*]}"
+IFS="$saved_ifs"
+ip0 link add wg0 type wireguard
+n0 wg set wg0 peer "$pub1"
+n0 wg set wg0 peer "$pub2" allowed-ips "$allowedips"
+{
+ read -r pub allowedips
+ [[ $pub == "$pub1" && $allowedips == "(none)" ]]
+ read -r pub allowedips
+ [[ $pub == "$pub2" ]]
+ i=0
+ for _ in $allowedips; do
+ ((++i))
+ done
+ ((i == 197))
+} < <(n0 wg show wg0 allowed-ips)
+ip0 link del wg0
+
! n0 wg show doesnotexist || false
ip0 link add wg0 type wireguard