From 5f4e092e04755bcb89d2252d828de2de8d3d7aca Mon Sep 17 00:00:00 2001 From: Tushar Pankaj Date: Mon, 12 Nov 2018 18:34:29 -0600 Subject: Implement basic server/client + protocol Includes WireGuard submodule to use the embeddable library Squashed commit of the following: commit 3e5252d93c87c4cddf596d4030d736e2cea81557 Author: Tushar Pankaj Date: Mon Nov 12 18:33:33 2018 -0600 Implement server check iface Signed-off-by: Tushar Pankaj commit a30c60e51ecae887fd89654bdedddcf0decb766c Author: Tushar Pankaj Date: Mon Nov 12 18:26:57 2018 -0600 Add WireGuard embeddable library Signed-off-by: Tushar Pankaj commit ea6ab8ce09d4e84440185536f7b3e92346789233 Author: Tushar Pankaj Date: Mon Nov 12 17:59:39 2018 -0600 Working client and server comms Signed-off-by: Tushar Pankaj commit 5d717e37baaa9882ea2356fa24a2b85beaf51558 Author: Tushar Pankaj Date: Mon Nov 12 17:13:32 2018 -0600 Add IP addr structs to protocol Signed-off-by: Tushar Pankaj commit 8c31eec08257f77a9c95c7437b21bf7eb8106916 Author: Tushar Pankaj Date: Mon Nov 12 17:06:18 2018 -0600 Style fixes Signed-off-by: Tushar Pankaj commit 64f825db92ce31102b29ac96fd382ac3643fb6ae Author: Tushar Pankaj Date: Mon Nov 12 17:06:07 2018 -0600 Write client connect_to_server Signed-off-by: Tushar Pankaj commit f33225d130263eea481e28269b6b01a7cf75b0c8 Author: Tushar Pankaj Date: Fri Nov 9 20:00:37 2018 -0600 Add pthread library Signed-off-by: Tushar Pankaj commit 1f73168641d92917dc942c3d6cc200fb7f557674 Merge: 98fe966 3048896 Author: Tushar Pankaj Date: Wed Nov 7 10:59:13 2018 -0600 Merge branch 'master' into tp/protocol_draft commit 98fe966940eaf324b5d8d1edc64f6d0ff1334441 Author: Tushar Pankaj Date: Wed Nov 7 10:55:53 2018 -0600 Add Makefile library includes for capnp Signed-off-by: Tushar Pankaj commit 3bd7dffda7db8e9bf4cd0dad2455328508efb9b2 Author: Tushar Pankaj Date: Wed Nov 7 10:49:50 2018 -0600 Make protocol.capnp.o compile Signed-off-by: Tushar Pankaj commit 14e708783433816fd6cead46e2aa823ab8e41294 Author: Tushar Pankaj Date: Wed Nov 7 10:38:29 2018 -0600 Untested first draft of protocol.capnp Signed-off-by: Tushar Pankaj commit 5558c37a1a2626beaee5bb69c83d4013f2bcaf44 Author: Tushar Pankaj Date: Tue Nov 6 20:51:49 2018 -0600 Exclude capnproto from clang-format Signed-off-by: Tushar Pankaj commit 50042af6aec61c495c08d1b83f4c63288a30cc90 Author: Tushar Pankaj Date: Wed Oct 31 20:40:23 2018 -0500 Make better var names Signed-off-by: Tushar Pankaj commit 2352cbc91e6be9bcd73ca2794372b1ed8361448e Author: Tushar Pankaj Date: Wed Oct 31 20:08:05 2018 -0500 First draft of protocol Signed-off-by: Tushar Pankaj --- .gitmodules | 3 ++ Makefile | 28 ++++++++--- README.md | 8 +++ WireGuard | 1 + client.c | 47 +++++++++++++++-- client.h | 6 ++- protocol.capnp | 34 +++++++++++++ protocol.capnp.c | 142 ++++++++++++++++++++++++++++++++++++++++++++++++++++ protocol.capnp.h | 119 +++++++++++++++++++++++++++++++++++++++++++ protocol.h | 7 ++- server.c | 79 ++++++++++++++++++++++++++++- server.h | 6 ++- wg_dynamic_client.c | 22 +++++++- wg_dynamic_server.c | 30 +++++++++-- wireguard.c | 1 + wireguard.h | 1 + 16 files changed, 511 insertions(+), 23 deletions(-) create mode 100644 .gitmodules create mode 160000 WireGuard create mode 100644 protocol.capnp create mode 100644 protocol.capnp.c create mode 100644 protocol.capnp.h create mode 120000 wireguard.c create mode 120000 wireguard.h diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..2c0078c --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "WireGuard"] + path = WireGuard + url = git://git.zx2c4.com/WireGuard diff --git a/Makefile b/Makefile index 1e95e47..0c47913 100644 --- a/Makefile +++ b/Makefile @@ -1,27 +1,41 @@ CC ?= gcc +LIBRARY_INCLUDES = +LIBRARY_LDFLAGS = -D_REENTRANT -lpthread -lcapnp_c CFLAGS_DEBUG = -g -Wall -Wextra -std=gnu11 -fsanitize=address -fsanitize=leak\ -fsanitize=undefined LDFLAGS_DEBUG = -fsanitize=address -fsanitize=leak -fsanitize=undefined CFLAGS_OPT = -std=gnu11 -O2 -pipe -DNDEBUG LDFLAGS_OPT = -CFLAGS ?= ${CFLAGS_DEBUG} -LDFLAGS ?= ${LDFLAGS_DEBUG} +CFLAGS ?= ${CFLAGS_DEBUG} ${LIBRARY_INCLUDES} +LDFLAGS ?= ${LDFLAGS_DEBUG} ${LIBRARY_LDFLAGS} .PHONY: clean style PROGS = wg-dynamic-client wg-dynamic-server -CLIENT_OBJS = wg_dynamic_client.o client.o -SERVER_OBJS = wg_dynamic_server.o server.o +CLIENT_OBJS = wg_dynamic_client.o client.o protocol.capnp.o wireguard.o +SERVER_OBJS = wg_dynamic_server.o server.o protocol.capnp.o wireguard.o all: ${PROGS} wg-dynamic-client: ${CLIENT_OBJS} ${CC} ${LDFLAGS} ${CLIENT_OBJS} -o $@ wg-dynamic-server: ${SERVER_OBJS} ${CC} ${LDFLAGS} ${SERVER_OBJS} -o $@ + wg_dynamic_client.o: wg_dynamic_client.c client.h -client.o: client.c client.h +client.o: client.c client.h wireguard.h wg_dynamic_server.o: wg_dynamic_server.c server.h -server.o: server.c server.h +server.o: server.c server.h wireguard.h +wireguard.o: wireguard.c wireguard.h +protocol.capnp.o: protocol.capnp.c + +# capnproto +protocol.capnp.h: protocol.capnp.c + ; +protocol.capnp.c: protocol.capnp + capnpc protocol.capnp -oc +%.capnp: ; clean: rm -f ${PROGS} *.o *~ style: - clang-format -i --style=file *.c *.h + find . -path ./WireGuard -prune -o -type f \( -name "*.c" -or \ + -name "*.h" \) -and -not \( -name "*.capnp.c" -or \ + -name "*.capnp.h" \) -print | xargs clang-format -i --style=file diff --git a/README.md b/README.md index 0a4f3da..e42b809 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,11 @@ # Wireguard Dynamic IP Configuration Tool This is a work-in-progress (i.e. nonexistent) configuration tool for dynamic IPs in Wireguard. There will eventually be stuff here. + +## Dependencies +* Wireguard +* [libcapnp_c](https://github.com/opensourcerouting/c-capnproto) + +## Building +1. git submodule update --init --recursive +2. `make` diff --git a/WireGuard b/WireGuard new file mode 160000 index 0000000..1b6d93d --- /dev/null +++ b/WireGuard @@ -0,0 +1 @@ +Subproject commit 1b6d93db9a309840bcd7bb67a6bf3e8ca1880035 diff --git a/client.c b/client.c index 2c2f091..ebef8b3 100644 --- a/client.c +++ b/client.c @@ -3,8 +3,49 @@ * Copyright (C) 2018 Wireguard LLC */ -int connect_to_server(const char interface[]) +#include +#include +#include +#include +#include +#include +#include +#include "protocol.h" +#include "client.h" + +bool is_server_in_allowed_ips(const char iface[]) +{ + /* TODO: check if IP is in wg allowed ips, etc */ + return true; +} + +int connect_to_server() +{ + int sock = -1; + int ret; + struct sockaddr_in6 addr; + + sock = socket(AF_INET6, SOCK_STREAM, 0); + if (sock < 0) { + return -errno; + } + addr.sin6_family = AF_INET6; + addr.sin6_port = htons(WG_DYNAMIC_SERVER_PORT); + inet_pton(AF_INET6, WG_DYNAMIC_SERVER_IP, &addr.sin6_addr); + ret = connect(sock, (struct sockaddr *)&addr, sizeof(addr)); + if (ret < 0) { + return -errno; + } + + return sock; +} + +int close_connection(int sock) { - /* TODO */ - return -1; + int ret; + ret = close(sock); + if (ret < 0) { + return -errno; + } + return 0; } diff --git a/client.h b/client.h index 996cb58..5a4b460 100644 --- a/client.h +++ b/client.h @@ -6,6 +6,10 @@ #ifndef CLIENT_H #define CLIENT_H -int connect_to_server(const char interface[]); +#include + +bool is_server_in_allowed_ips(const char iface[]); +int connect_to_server(); +int close_connection(int sock); #endif diff --git a/protocol.capnp b/protocol.capnp new file mode 100644 index 0000000..69f5db4 --- /dev/null +++ b/protocol.capnp @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: MIT +# +# Copyright (C) 2018 Wireguard LLC +# + +@0xed77208fb3340cc1; + +# client request message +struct WgClientMsg { + request @0 :WgClientRequestType; + + enum WgClientRequestType { + simple @0; + } +} + +# IPv4 address +struct WgIpv4Addr { + addr @0 :UInt32; # IPv4 address + cidr @1 :UInt8; # CIDR of IPv4 address +} + +# IPv6 address +struct WgIpv6Addr { + addr @0 :Data; # IPv6 address + cidr @1: UInt8; # CIDR of IPv6 address +} + +# server response message +struct WgServerSimpleMsg { + leasedIpv4 @0 :WgIpv4Addr; # dynamic IPv4 leased to client + leaseTimeout @1 :UInt32; # activity timeout for the IP lease in seconds + ipv4Routes @2 :List(WgIpv4Addr); # IPv4 routes for client +} diff --git a/protocol.capnp.c b/protocol.capnp.c new file mode 100644 index 0000000..b13f7c6 --- /dev/null +++ b/protocol.capnp.c @@ -0,0 +1,142 @@ +#include "protocol.capnp.h" +/* AUTO GENERATED - DO NOT EDIT */ +#ifdef __GNUC__ +# define capnp_unused __attribute__((unused)) +# define capnp_use(x) (void) x; +#else +# define capnp_unused +# define capnp_use(x) +#endif + + +WgClientMsg_ptr new_WgClientMsg(struct capn_segment *s) { + WgClientMsg_ptr p; + p.p = capn_new_struct(s, 8, 0); + return p; +} +WgClientMsg_list new_WgClientMsg_list(struct capn_segment *s, int len) { + WgClientMsg_list p; + p.p = capn_new_list(s, len, 8, 0); + return p; +} +void read_WgClientMsg(struct WgClientMsg *s capnp_unused, WgClientMsg_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + s->request = (enum WgClientMsg_WgClientRequestType)(int) capn_read16(p.p, 0); +} +void write_WgClientMsg(const struct WgClientMsg *s capnp_unused, WgClientMsg_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + capn_write16(p.p, 0, (uint16_t) (s->request)); +} +void get_WgClientMsg(struct WgClientMsg *s, WgClientMsg_list l, int i) { + WgClientMsg_ptr p; + p.p = capn_getp(l.p, i, 0); + read_WgClientMsg(s, p); +} +void set_WgClientMsg(const struct WgClientMsg *s, WgClientMsg_list l, int i) { + WgClientMsg_ptr p; + p.p = capn_getp(l.p, i, 0); + write_WgClientMsg(s, p); +} + +WgIpv4Addr_ptr new_WgIpv4Addr(struct capn_segment *s) { + WgIpv4Addr_ptr p; + p.p = capn_new_struct(s, 8, 0); + return p; +} +WgIpv4Addr_list new_WgIpv4Addr_list(struct capn_segment *s, int len) { + WgIpv4Addr_list p; + p.p = capn_new_list(s, len, 8, 0); + return p; +} +void read_WgIpv4Addr(struct WgIpv4Addr *s capnp_unused, WgIpv4Addr_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + s->addr = capn_read32(p.p, 0); + s->cidr = capn_read8(p.p, 4); +} +void write_WgIpv4Addr(const struct WgIpv4Addr *s capnp_unused, WgIpv4Addr_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + capn_write32(p.p, 0, s->addr); + capn_write8(p.p, 4, s->cidr); +} +void get_WgIpv4Addr(struct WgIpv4Addr *s, WgIpv4Addr_list l, int i) { + WgIpv4Addr_ptr p; + p.p = capn_getp(l.p, i, 0); + read_WgIpv4Addr(s, p); +} +void set_WgIpv4Addr(const struct WgIpv4Addr *s, WgIpv4Addr_list l, int i) { + WgIpv4Addr_ptr p; + p.p = capn_getp(l.p, i, 0); + write_WgIpv4Addr(s, p); +} + +WgIpv6Addr_ptr new_WgIpv6Addr(struct capn_segment *s) { + WgIpv6Addr_ptr p; + p.p = capn_new_struct(s, 8, 1); + return p; +} +WgIpv6Addr_list new_WgIpv6Addr_list(struct capn_segment *s, int len) { + WgIpv6Addr_list p; + p.p = capn_new_list(s, len, 8, 1); + return p; +} +void read_WgIpv6Addr(struct WgIpv6Addr *s capnp_unused, WgIpv6Addr_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + s->addr = capn_get_data(p.p, 0); + s->cidr = capn_read8(p.p, 0); +} +void write_WgIpv6Addr(const struct WgIpv6Addr *s capnp_unused, WgIpv6Addr_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + capn_setp(p.p, 0, s->addr.p); + capn_write8(p.p, 0, s->cidr); +} +void get_WgIpv6Addr(struct WgIpv6Addr *s, WgIpv6Addr_list l, int i) { + WgIpv6Addr_ptr p; + p.p = capn_getp(l.p, i, 0); + read_WgIpv6Addr(s, p); +} +void set_WgIpv6Addr(const struct WgIpv6Addr *s, WgIpv6Addr_list l, int i) { + WgIpv6Addr_ptr p; + p.p = capn_getp(l.p, i, 0); + write_WgIpv6Addr(s, p); +} + +WgServerSimpleMsg_ptr new_WgServerSimpleMsg(struct capn_segment *s) { + WgServerSimpleMsg_ptr p; + p.p = capn_new_struct(s, 8, 2); + return p; +} +WgServerSimpleMsg_list new_WgServerSimpleMsg_list(struct capn_segment *s, int len) { + WgServerSimpleMsg_list p; + p.p = capn_new_list(s, len, 8, 2); + return p; +} +void read_WgServerSimpleMsg(struct WgServerSimpleMsg *s capnp_unused, WgServerSimpleMsg_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + s->leasedIpv4.p = capn_getp(p.p, 0, 0); + s->leaseTimeout = capn_read32(p.p, 0); + s->ipv4Routes.p = capn_getp(p.p, 1, 0); +} +void write_WgServerSimpleMsg(const struct WgServerSimpleMsg *s capnp_unused, WgServerSimpleMsg_ptr p) { + capn_resolve(&p.p); + capnp_use(s); + capn_setp(p.p, 0, s->leasedIpv4.p); + capn_write32(p.p, 0, s->leaseTimeout); + capn_setp(p.p, 1, s->ipv4Routes.p); +} +void get_WgServerSimpleMsg(struct WgServerSimpleMsg *s, WgServerSimpleMsg_list l, int i) { + WgServerSimpleMsg_ptr p; + p.p = capn_getp(l.p, i, 0); + read_WgServerSimpleMsg(s, p); +} +void set_WgServerSimpleMsg(const struct WgServerSimpleMsg *s, WgServerSimpleMsg_list l, int i) { + WgServerSimpleMsg_ptr p; + p.p = capn_getp(l.p, i, 0); + write_WgServerSimpleMsg(s, p); +} diff --git a/protocol.capnp.h b/protocol.capnp.h new file mode 100644 index 0000000..bf8a949 --- /dev/null +++ b/protocol.capnp.h @@ -0,0 +1,119 @@ +#ifndef CAPN_ED77208FB3340CC1 +#define CAPN_ED77208FB3340CC1 +/* AUTO GENERATED - DO NOT EDIT */ +#include + +#if CAPN_VERSION != 1 +#error "version mismatch between capnp_c.h and generated code" +#endif + +#ifndef capnp_nowarn +# ifdef __GNUC__ +# define capnp_nowarn __extension__ +# else +# define capnp_nowarn +# endif +#endif + + +#ifdef __cplusplus +extern "C" { +#endif + +struct WgClientMsg; +struct WgIpv4Addr; +struct WgIpv6Addr; +struct WgServerSimpleMsg; + +typedef struct {capn_ptr p;} WgClientMsg_ptr; +typedef struct {capn_ptr p;} WgIpv4Addr_ptr; +typedef struct {capn_ptr p;} WgIpv6Addr_ptr; +typedef struct {capn_ptr p;} WgServerSimpleMsg_ptr; + +typedef struct {capn_ptr p;} WgClientMsg_list; +typedef struct {capn_ptr p;} WgIpv4Addr_list; +typedef struct {capn_ptr p;} WgIpv6Addr_list; +typedef struct {capn_ptr p;} WgServerSimpleMsg_list; + +enum WgClientMsg_WgClientRequestType { + WgClientMsg_WgClientRequestType_simple = 0 +}; + +struct WgClientMsg { + enum WgClientMsg_WgClientRequestType request; +}; + +static const size_t WgClientMsg_word_count = 1; + +static const size_t WgClientMsg_pointer_count = 0; + +static const size_t WgClientMsg_struct_bytes_count = 8; + +struct WgIpv4Addr { + uint32_t addr; + uint8_t cidr; +}; + +static const size_t WgIpv4Addr_word_count = 1; + +static const size_t WgIpv4Addr_pointer_count = 0; + +static const size_t WgIpv4Addr_struct_bytes_count = 8; + +struct WgIpv6Addr { + capn_data addr; + uint8_t cidr; +}; + +static const size_t WgIpv6Addr_word_count = 1; + +static const size_t WgIpv6Addr_pointer_count = 1; + +static const size_t WgIpv6Addr_struct_bytes_count = 16; + +struct WgServerSimpleMsg { + WgIpv4Addr_ptr leasedIpv4; + uint32_t leaseTimeout; + WgIpv4Addr_list ipv4Routes; +}; + +static const size_t WgServerSimpleMsg_word_count = 1; + +static const size_t WgServerSimpleMsg_pointer_count = 2; + +static const size_t WgServerSimpleMsg_struct_bytes_count = 24; + +WgClientMsg_ptr new_WgClientMsg(struct capn_segment*); +WgIpv4Addr_ptr new_WgIpv4Addr(struct capn_segment*); +WgIpv6Addr_ptr new_WgIpv6Addr(struct capn_segment*); +WgServerSimpleMsg_ptr new_WgServerSimpleMsg(struct capn_segment*); + +WgClientMsg_list new_WgClientMsg_list(struct capn_segment*, int len); +WgIpv4Addr_list new_WgIpv4Addr_list(struct capn_segment*, int len); +WgIpv6Addr_list new_WgIpv6Addr_list(struct capn_segment*, int len); +WgServerSimpleMsg_list new_WgServerSimpleMsg_list(struct capn_segment*, int len); + +void read_WgClientMsg(struct WgClientMsg*, WgClientMsg_ptr); +void read_WgIpv4Addr(struct WgIpv4Addr*, WgIpv4Addr_ptr); +void read_WgIpv6Addr(struct WgIpv6Addr*, WgIpv6Addr_ptr); +void read_WgServerSimpleMsg(struct WgServerSimpleMsg*, WgServerSimpleMsg_ptr); + +void write_WgClientMsg(const struct WgClientMsg*, WgClientMsg_ptr); +void write_WgIpv4Addr(const struct WgIpv4Addr*, WgIpv4Addr_ptr); +void write_WgIpv6Addr(const struct WgIpv6Addr*, WgIpv6Addr_ptr); +void write_WgServerSimpleMsg(const struct WgServerSimpleMsg*, WgServerSimpleMsg_ptr); + +void get_WgClientMsg(struct WgClientMsg*, WgClientMsg_list, int i); +void get_WgIpv4Addr(struct WgIpv4Addr*, WgIpv4Addr_list, int i); +void get_WgIpv6Addr(struct WgIpv6Addr*, WgIpv6Addr_list, int i); +void get_WgServerSimpleMsg(struct WgServerSimpleMsg*, WgServerSimpleMsg_list, int i); + +void set_WgClientMsg(const struct WgClientMsg*, WgClientMsg_list, int i); +void set_WgIpv4Addr(const struct WgIpv4Addr*, WgIpv4Addr_list, int i); +void set_WgIpv6Addr(const struct WgIpv6Addr*, WgIpv6Addr_list, int i); +void set_WgServerSimpleMsg(const struct WgServerSimpleMsg*, WgServerSimpleMsg_list, int i); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/protocol.h b/protocol.h index 47199cd..ff6c04d 100644 --- a/protocol.h +++ b/protocol.h @@ -3,7 +3,10 @@ * Copyright (C) 2018 Wireguard LLC */ -#ifndef NEGOTIATION_H -#define NEGOTIATION_H +#ifndef PROTOCOL_H +#define PROTOCOL_H + +#define WG_DYNAMIC_SERVER_IP "::1" +#define WG_DYNAMIC_SERVER_PORT 51820 #endif diff --git a/server.c b/server.c index 0315ccb..318dc60 100644 --- a/server.c +++ b/server.c @@ -3,8 +3,83 @@ * Copyright (C) 2018 Wireguard LLC */ -int setup_server(const char interface[]) +#include +#include +#include +#include +#include +#include +#include +#include +#include "wireguard.h" +#include "protocol.h" +#include "server.h" + +bool is_wg_up_on_iface(const char iface[]) +{ + wg_device *device; + if (wg_get_device(&device, iface) < 0) { + return false; + } else { + return true; + } +} + +int setup_server() +{ + int sock = -1; + int reuseaddr = 1; + int ret; + struct sockaddr_in6 addr; + + sock = socket(AF_INET6, SOCK_STREAM, 0); + if (sock < 0) { + return -errno; + } + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &reuseaddr, + sizeof(reuseaddr)); + addr.sin6_family = AF_INET6; + addr.sin6_port = htons(WG_DYNAMIC_SERVER_PORT); + inet_pton(AF_INET6, WG_DYNAMIC_SERVER_IP, &addr.sin6_addr); + ret = bind(sock, (struct sockaddr *)&addr, sizeof(addr)); + if (ret < 0) { + return -errno; + } + ret = listen(sock, 5); + if (ret < 0) { + return -errno; + } + return sock; +} + +static void handle_connection(int conn, struct sockaddr_in6 addr) { /* TODO */ - return -1; +} + +int handle_connections(int sock) +{ + int conn = -1; + pid_t pid = -1; + struct sockaddr_in6 addr; + socklen_t addr_size = sizeof(addr); + ; + while (1) { + conn = accept(sock, (struct sockaddr *)&addr, &addr_size); + if (conn < 0) { + return -errno; + } + pid = fork(); + if (pid < 0) { + return -errno; + } else if (pid == 0) { + close(sock); + handle_connection(conn, addr); + close(conn); + exit(EXIT_SUCCESS); + } else { + close(conn); + } + } + return 0; } diff --git a/server.h b/server.h index 3ffa9c5..43f8af2 100644 --- a/server.h +++ b/server.h @@ -6,6 +6,10 @@ #ifndef SERVER_H #define SERVER_H -int setup_server(const char interface[]); +#include + +bool is_wg_up_on_iface(const char iface[]); +int setup_server(); +int handle_connections(int sock); #endif diff --git a/wg_dynamic_client.c b/wg_dynamic_client.c index 318714d..7862e9e 100644 --- a/wg_dynamic_client.c +++ b/wg_dynamic_client.c @@ -7,6 +7,7 @@ #include #include +#include const char *PROG_NAME; @@ -17,6 +18,9 @@ static void show_usage() int main(int argc, char *argv[]) { + const char *iface; + int sock; + PROG_NAME = argv[0]; if (argc == 1) { @@ -24,8 +28,22 @@ int main(int argc, char *argv[]) return EXIT_FAILURE; } - if (connect_to_server(argv[1]) < 0) { - perror("error connecting to server"); + iface = argv[1]; + + if (!is_server_in_allowed_ips(iface)) { + fprintf(stderr, "server is not in allowed IPs for tunnel %s\n", + iface); + return EXIT_FAILURE; + } + + if ((sock = connect_to_server(argv[1])) < 0) { + fprintf(stderr, "error connecting to server: %s\n", + strerror(-sock)); + return EXIT_FAILURE; + } + + if ((sock = close_connection(sock)) < 0) { + fprintf(stderr, "error closing socket: %s\n", strerror(-sock)); return EXIT_FAILURE; } diff --git a/wg_dynamic_server.c b/wg_dynamic_server.c index 191da67..75bf3af 100644 --- a/wg_dynamic_server.c +++ b/wg_dynamic_server.c @@ -7,6 +7,7 @@ #include #include +#include const char *PROG_NAME; @@ -17,6 +18,10 @@ static void show_usage() int main(int argc, char *argv[]) { + const char *iface; + int sock; + int ret; + PROG_NAME = argv[0]; if (argc == 1) { @@ -24,10 +29,25 @@ int main(int argc, char *argv[]) return EXIT_FAILURE; } - if (setup_server(argv[1]) < 0) { - perror("error setting up server"); - return EXIT_FAILURE; - } + iface = argv[1]; + + if (!is_wg_up_on_iface(iface)) { + fprintf(stderr, "no such wireguard iface %s\n", iface); + return EXIT_FAILURE; + } + + if ((sock = setup_server(argv[1])) < 0) { + fprintf(stderr, "error setting up server: %s\n", + strerror(-sock)); + return EXIT_FAILURE; + } + + if ((ret = handle_connections(sock)) < 0) { + fprintf(stderr, "error while handling connections: %s\n", + strerror(-ret)); + return EXIT_FAILURE; + } - return EXIT_SUCCESS; + /* unreachable */ + return EXIT_FAILURE; } diff --git a/wireguard.c b/wireguard.c new file mode 120000 index 0000000..172545a --- /dev/null +++ b/wireguard.c @@ -0,0 +1 @@ +WireGuard/contrib/examples/embeddable-wg-library/wireguard.c \ No newline at end of file diff --git a/wireguard.h b/wireguard.h new file mode 120000 index 0000000..7bf9982 --- /dev/null +++ b/wireguard.h @@ -0,0 +1 @@ +WireGuard/contrib/examples/embeddable-wg-library/wireguard.h \ No newline at end of file -- cgit v1.2.3-59-g8ed1b