netlink: skip peers with invalid keys

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

2 files changed, 15 insertions, 6 deletions

diff --git a/src/netlink.c b/src/netlink.c
index eb94f4d..0805a26 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -413,10 +413,16 @@ static int set_peer(struct wg_device *wg, struct nlattr **attrs)
 		}
 		up_read(&wg->static_identity.lock);
 
-		ret = -ENOMEM;
 		peer = wg_peer_create(wg, public_key, preshared_key);
-		if (!peer)
+		if (IS_ERR(peer)) {
+			/* Similar to the above, if the key is invalid, we skip
+			 * it without fanfare, so that services don't need to
+			 * worry about doing key validation themselves.
+			 */
+			ret = PTR_ERR(peer) == -EKEYREJECTED ? 0 : PTR_ERR(peer);
+			peer = NULL;
 			goto out;
+		}
 		/* Take additional reference, as though we've just been
 		 * looked up.
 		 */
diff --git a/src/peer.c b/src/peer.c
index ffb911f..071eedf 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -22,20 +22,23 @@ struct wg_peer *wg_peer_create(struct wg_device *wg,
 			       const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN])
 {
 	struct wg_peer *peer;
+	int ret = -ENOMEM;
 
 	lockdep_assert_held(&wg->device_update_lock);
 
 	if (wg->num_peers >= MAX_PEERS_PER_DEVICE)
-		return NULL;
+		return ERR_PTR(ret);
 
 	peer = kzalloc(sizeof(*peer), GFP_KERNEL);
 	if (unlikely(!peer))
-		return NULL;
+		return ERR_PTR(ret);
 	peer->device = wg;
 
 	if (!wg_noise_handshake_init(&peer->handshake, &wg->static_identity,
-				     public_key, preshared_key, peer))
+				     public_key, preshared_key, peer)) {
+		ret = -EKEYREJECTED;
 		goto err_1;
+	}
 	if (dst_cache_init(&peer->endpoint_cache, GFP_KERNEL))
 		goto err_1;
 	if (wg_packet_queue_init(&peer->tx_queue, wg_packet_tx_worker, false,
@@ -74,7 +77,7 @@ err_2:
 	dst_cache_destroy(&peer->endpoint_cache);
 err_1:
 	kfree(peer);
-	return NULL;
+	return ERR_PTR(ret);
 }
 
 struct wg_peer *wg_peer_get_maybe_zero(struct wg_peer *peer)