aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--client.c34
1 files changed, 32 insertions, 2 deletions
diff --git a/client.c b/client.c
index ebef8b3..131e6fb 100644
--- a/client.c
+++ b/client.c
@@ -10,13 +10,43 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
+#include "wireguard.h"
#include "protocol.h"
#include "client.h"
bool is_server_in_allowed_ips(const char iface[])
{
- /* TODO: check if IP is in wg allowed ips, etc */
- return true;
+ unsigned __int128 server_addr;
+ unsigned __int128 subnet_mask;
+ unsigned __int128 allowed_ip6;
+ wg_device *device;
+ wg_allowedip *allowedip;
+ int ret;
+
+ inet_pton(AF_INET6, WG_DYNAMIC_SERVER_IP, &server_addr);
+
+ ret = wg_get_device(&device, iface);
+ if (ret < 0) {
+ goto nodevice;
+ }
+
+ wg_for_each_allowedip(device->first_peer, allowedip)
+ {
+ if (allowedip->family == AF_INET6) {
+ allowed_ip6 = *(unsigned __int128 *)(&allowedip->ip6);
+ subnet_mask = ~0 << allowedip->cidr;
+ server_addr &= subnet_mask;
+ allowed_ip6 &= subnet_mask;
+ if (server_addr == allowed_ip6) {
+ return true;
+ }
+ }
+ }
+ return false;
+
+nodevice:
+ wg_free_device(device);
+ return false;
}
int connect_to_server()