diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-09-02 18:39:04 -0600 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-09-02 23:59:44 -0600 |
| commit | e3284e370e8bfa6f95549612265b16208a21b56a (patch) | |
| tree | 5073b382efbed77749e8fffb6e56886667cd6c47 /src | |
| parent | 24a1007e2dde304868e59b3301e23db11df679f2 (diff) | |
netlink: insert peer version placeholder
While we don't want people to ever use old protocols, people will
complain if the API "changes", so explicitly make the unset protocol
mean the latest, and add a dummy mechanism of specifying the protocol on
a per-peer basis, which we hope nobody actually ever uses.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/netlink.c | 12 | ||||
| -rw-r--r-- | src/tests/qemu/Makefile | 2 | ||||
| -rw-r--r-- | src/uapi/wireguard.h | 6 |
3 files changed, 17 insertions, 3 deletions
diff --git a/src/netlink.c b/src/netlink.c index 5390498..8ffaa66 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -36,7 +36,8 @@ static const struct nla_policy peer_policy[WGPEER_A_MAX + 1] = { [WGPEER_A_LAST_HANDSHAKE_TIME] = { .len = sizeof(struct timespec) }, [WGPEER_A_RX_BYTES] = { .type = NLA_U64 }, [WGPEER_A_TX_BYTES] = { .type = NLA_U64 }, - [WGPEER_A_ALLOWEDIPS] = { .type = NLA_NESTED } + [WGPEER_A_ALLOWEDIPS] = { .type = NLA_NESTED }, + [WGPEER_A_PROTOCOL_VERSION] = { .type = NLA_U32 } }; static const struct nla_policy allowedip_policy[WGALLOWEDIP_A_MAX + 1] = { @@ -128,7 +129,8 @@ static int get_peer(struct wireguard_peer *peer, unsigned int index, nla_put_u64_64bit(skb, WGPEER_A_TX_BYTES, peer->tx_bytes, WGPEER_A_UNSPEC) || nla_put_u64_64bit(skb, WGPEER_A_RX_BYTES, peer->rx_bytes, - WGPEER_A_UNSPEC)) + WGPEER_A_UNSPEC) || + nla_put_u32(skb, WGPEER_A_PROTOCOL_VERSION, 1)) goto err; read_lock_bh(&peer->endpoint_lock); @@ -363,6 +365,12 @@ static int set_peer(struct wireguard_device *wg, struct nlattr **attrs) if (attrs[WGPEER_A_FLAGS]) flags = nla_get_u32(attrs[WGPEER_A_FLAGS]); + ret = -EPFNOSUPPORT; + if (attrs[WGPEER_A_PROTOCOL_VERSION]) { + if (nla_get_u32(attrs[WGPEER_A_PROTOCOL_VERSION]) != 1) + goto out; + } + peer = pubkey_hashtable_lookup(&wg->peer_hashtable, nla_data(attrs[WGPEER_A_PUBLIC_KEY])); if (!peer) { /* Peer doesn't exist yet. Add a new one. */ diff --git a/src/tests/qemu/Makefile b/src/tests/qemu/Makefile index cef3f4b..3b840fa 100644 --- a/src/tests/qemu/Makefile +++ b/src/tests/qemu/Makefile @@ -14,7 +14,7 @@ endif ARCH := $(firstword $(subst -, ,$(CBUILD))) # Set these from the environment to override -KERNEL_VERSION ?= 4.17.12 +KERNEL_VERSION ?= 4.18.5 KERNEL_VERSION := $(KERNEL_VERSION)$(if $(DEBUG_KERNEL),$(if $(findstring -debug,$(KERNEL_VERSION)),,-debug),) BUILD_PATH ?= $(PWD)/../../../qemu-build/$(ARCH) DISTFILES_PATH ?= $(PWD)/distfiles diff --git a/src/uapi/wireguard.h b/src/uapi/wireguard.h index 8b8a1f2..90b1c1f 100644 --- a/src/uapi/wireguard.h +++ b/src/uapi/wireguard.h @@ -47,6 +47,7 @@ * 2: NLA_NESTED * ... * ... + * WGPEER_A_PROTOCOL_VERSION: NLA_U32 * 1: NLA_NESTED * ... * ... @@ -101,6 +102,10 @@ * 2: NLA_NESTED * ... * ... + * WGPEER_A_PROTOCOL_VERSION: NLA_U32, should not be set or used at all by most + * users of this API, as the most recent protocol + * will be used when this is unset. Otherwise, must + * be set to 1. * 1: NLA_NESTED * ... * ... @@ -166,6 +171,7 @@ enum wgpeer_attribute { WGPEER_A_RX_BYTES, WGPEER_A_TX_BYTES, WGPEER_A_ALLOWEDIPS, + WGPEER_A_PROTOCOL_VERSION, __WGPEER_A_LAST }; #define WGPEER_A_MAX (__WGPEER_A_LAST - 1) |