util  Diff

Home Timeline Files Branches Tags Tickets Wiki Help
Annotate Patch Side-by-side Diff

Differences From Artifact [40df359611]:

To Artifact [da84aa2670]:

    10     10   #include <netinet/in.h>
    11     11   #include <unistd.h>
    12     12   #include <sys/socket.h>
    13     13   #include <netdb.h>
    14     14   
    15     15   /* libs */
    16     16   #include <wireguard.h>
           17  +#include "wglist.h"
           18  +	/* wireguard uses messy linked lists but doesn't
           19  +	 * provide any routines for manipulating them;
           20  +	 * wglist.h fills in the gap */
    17     21   
    18     22   #include <libpq-fe.h>
    19     23   
    20     24   
    21     25   size_t dumpEndpoint(char* d, const wg_endpoint* const e) {
    22     26   	const struct sockaddr* addr;
    23     27   	size_t len;
................................................................................
   125    129   	) free(allowedip);
   126    130   	/* end import */
   127    131   	free(peer);
   128    132   }
   129    133   
   130    134   /* linked list manipulation routines */
   131    135   
   132         -#define _ll_rec peer
   133         -#define _ll_box wg_device
   134         -#define _ll_obj wg_peer
   135         -#define _ll_iter wg_for_each_peer
   136         -#define _ll_ns wgd
   137         -#include "list.h"
   138         -
   139         -#define _ll_rec allowedip
   140         -#define _ll_box wg_peer
   141         -#define _ll_obj wg_allowedip
   142         -#define _ll_iter wg_for_each_allowedip
   143         -#define _ll_ns wgd_peer
   144         -#include "list.h"
   145    136   
   146    137   #if 0
   147    138   void wgd_drop_peer(wg_device* dev, wg_peer* peer) {
   148    139   	if(dev -> first_peer == peer) {
   149    140   		if(dev -> last_peer == peer) {
   150    141   			dev -> first_peer = dev -> last_peer = null;
   151    142   		} else {
................................................................................
   276    267   					}
   277    268   				++l;}
   278    269   				
   279    270   				if(!foundIP) {
   280    271   					/* this IP hasn't been loaded into the
   281    272   					 * kernel yet; upload it now */
   282    273   					_infof("inserting IP PG%zu %s", j, inetstr);
          274  +					// is this necessary? FIXME
          275  +					/* found -> flags |= WGPEER_REPLACE_ALLOWEDIPS; */
          276  +					wg_allowedip* nip = wgd_peer_new_allowedip(found);
          277  +					memcpy(nip, &aip, sizeof aip);
   283    278   					dirty = true;
   284    279   				}
   285    280   			}
   286    281   
   287    282   			if(goodIPc < ips -> sz) {
   288    283   				size_t l = 0;
   289    284   				wg_allowedip* wgip;
   290    285   				wg_for_each_allowedip(found, wgip) {
   291    286   					char inetstr[256];
   292    287   					dumpAllowedIP(inetstr, wgip);
   293    288   					_dbgf("IP WG%zu :: %s", l, inetstr);
   294         -					if(!goodIPs[l]) {
          289  +					if(l<goodIPc && !goodIPs[l]) {
   295    290   						/* this IP is stale, delete it */
   296    291   						_infof("deleting IP WG%zu %s", l, inetstr);
          292  +						wgd_peer_drop_allowedip(found, wgip);
          293  +						found -> flags |= WGPEER_REPLACE_ALLOWEDIPS;
   297    294   						dirty = true;
   298    295   					}
   299    296   				++l;}
   300    297   			}
   301    298   		} else {
   302    299   			_infof("inserting key %s", key_b64);
   303    300   			dirty = true;
   304    301   			/* install new peer */
          302  +			wg_peer* np = wgd_new_peer(wg);
          303  +			np -> flags = WGPEER_HAS_PUBLIC_KEY;
          304  +			memcpy(np -> public_key, key, sizeof key);
          305  +
   305    306   			for (size_t j = 0; j < ips -> sz; ++j) {
   306    307   				char inetstr[256];
   307    308   				wg_allowedip aip = inet_to_allowedip(ips -> elts[j].data);
   308    309   				dumpAllowedIP(inetstr, &aip);
   309    310   				_dbgf("new IP %zu :: %s", j, inetstr);
          311  +				wg_allowedip* nip = wgd_peer_new_allowedip(np);
          312  +				memcpy(nip, &aip, sizeof aip);
   310    313   			}
   311    314   		}
   312    315   
   313    316   		free(ips);
   314    317   	}
   315    318   	{ size_t i=0; wg_peer* p; wg_for_each_peer(wg, p) {
   316         -		if(valid_peers[i] == false) {
          319  +		if(i<peerc && valid_peers[i] == false) {
   317    320   			char b64 [128];
   318    321   			wg_key_to_base64(b64, p->public_key);
   319    322   			_infof("dropping peer %s", b64);
   320         -			wgd_drop_peer(wg, p);
          323  +			//wgd_drop_peer(wg, p);
          324  +			p -> flags |= WGPEER_REMOVE_ME;
   321    325   			dirty = true;
   322    326   		}
   323    327   	++i;}}
   324    328   
   325    329   	_dbg("final peer list:");
   326    330   	{ size_t j=0; wg_peer* p; wg_for_each_peer(wg, p) {
   327    331   		char b64 [128];
   328    332   		wg_key_to_base64(b64, p->public_key);
   329         -		_dbgf("P%zu :: %s", j, b64);
          333  +		_dbgf("P%zu :: %s%s", j, b64,
          334  +			p->flags & WGPEER_REMOVE_ME          ? " [DELETE]" :
          335  +			p->flags & WGPEER_REPLACE_ALLOWEDIPS ? " [CHGIP]" : "");
   330    336   	++j;}}
   331    337   	
   332         -	if(dirty) wg_set_device(wg);
          338  +	dirty = true;
          339  +	if(dirty) {
          340  +		int e = wg_set_device(wg);
          341  +		if(e != 0) 
          342  +			_fatalf("could not set wg device (error %i)", -e);
          343  +	}
   333    344   
   334    345   	PQclear(rows);
   335    346   }
   336    347   
   337    348   int main(int argc, char** argv) {
   338    349   	setvbuf(stderr, null, _IONBF, 0);
   339    350   	if (argc < 3) {
Fossil 2.17 [6b37b55f75] 2021-08-16 00:11:20