From 80bea2db90a90b6743078fde097003e48a4a9c8d Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Wed, 16 Oct 2019 11:19:14 +0200 Subject: WIP --- lease.c | 30 +++++++++++++++++++++++++----- lease.h | 4 ++-- tests/netsh.sh | 2 +- wg-dynamic-server.c | 4 ++-- 4 files changed, 30 insertions(+), 10 deletions(-) diff --git a/lease.c b/lease.c index 2915736..b7258ef 100644 --- a/lease.c +++ b/lease.c @@ -52,7 +52,7 @@ static time_t get_monotonic_time() return monotime.tv_sec; } -void leases_init(char *fname, struct mnl_socket *nlsock) +void leases_init(char *fname, struct mnl_socket *nlsock, uint32_t ifindex) { struct nlmsghdr *nlh; struct rtmsg *rtm; @@ -73,7 +73,7 @@ void leases_init(char *fname, struct mnl_socket *nlsock) if (mnl_socket_sendto(nlsock, nlh, nlh->nlmsg_len) < 0) fatal("mnl_socket_sendto()"); - leases_update_pools(nlsock); + leases_update_pools(nlsock, ifindex); synchronized = true; UNUSED(fname); /* TODO: open file and initialize from it */ @@ -446,6 +446,12 @@ static int data_ipv4_attr_cb(const struct nlattr *attr, void *data) return MNL_CB_ERROR; } break; + case RTA_OIF: + if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) { + log_err("mnl_attr_validate: %s\n", strerror(errno)); + return MNL_CB_ERROR; + } + break; default: return MNL_CB_OK; } @@ -467,6 +473,12 @@ static int data_ipv6_attr_cb(const struct nlattr *attr, void *data) return MNL_CB_ERROR; } break; + case RTA_OIF: + if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) { + log_err("mnl_attr_validate: %s\n", strerror(errno)); + return MNL_CB_ERROR; + } + break; default: return MNL_CB_OK; } @@ -478,13 +490,21 @@ static int process_nlpacket_cb(const struct nlmsghdr *nlh, void *data) { struct nlattr *tb[RTA_MAX + 1] = {}; struct rtmsg *rm = mnl_nlmsg_get_payload(nlh); - UNUSED(data); + uint32_t ifindex; + + BUG_ON(!data); + ifindex = *((int *) data); if (rm->rtm_family == AF_INET) mnl_attr_parse(nlh, sizeof(*rm), data_ipv4_attr_cb, tb); else if (rm->rtm_family == AF_INET6) mnl_attr_parse(nlh, sizeof(*rm), data_ipv6_attr_cb, tb); + if (!tb[RTA_OIF] || mnl_attr_get_u32(tb[RTA_OIF]) != ifindex) { + debug("ignoring interface %u (want %u)\n", tb[RTA_OIF] ? mnl_attr_get_u32(tb[RTA_OIF]) : 0, ifindex); + return MNL_CB_OK; + } + if (tb[RTA_GATEWAY]) return MNL_CB_OK; @@ -519,13 +539,13 @@ static int process_nlpacket_cb(const struct nlmsghdr *nlh, void *data) return MNL_CB_OK; } -void leases_update_pools(struct mnl_socket *nlsock) +void leases_update_pools(struct mnl_socket *nlsock, uint32_t ifindex) { int ret; char buf[MNL_SOCKET_BUFFER_SIZE]; while ((ret = mnl_socket_recvfrom(nlsock, buf, sizeof buf)) > 0) { - if (mnl_cb_run(buf, ret, 0, 0, process_nlpacket_cb, NULL) == -1) + if (mnl_cb_run(buf, ret, 0, 0, process_nlpacket_cb, (void *) &ifindex) == -1) fatal("mnl_cb_run()"); } diff --git a/lease.h b/lease.h index 383bac7..cfb1a16 100644 --- a/lease.h +++ b/lease.h @@ -28,7 +28,7 @@ struct wg_dynamic_lease { * Initializes internal state, retrieves routes from nlsock and reads leases * from fname. */ -void leases_init(char *fname, struct mnl_socket *nlsock); +void leases_init(char *fname, struct mnl_socket *nlsock, uint32_t ifindex); /* * Frees everything, closes file. @@ -67,7 +67,7 @@ void update_allowed_ips(const char *devname, wg_key peer_pubkey, /* * Updates all pools with information from the mnl socket nlsock. */ -void leases_update_pools(struct mnl_socket *nlsock); +void leases_update_pools(struct mnl_socket *nlsock, uint32_t ifindex); /* * Return true if lease is !NULL and has not expired. diff --git a/tests/netsh.sh b/tests/netsh.sh index f9e9c1e..37d174e 100755 --- a/tests/netsh.sh +++ b/tests/netsh.sh @@ -86,4 +86,4 @@ echo echo wg-test-$$ $server_public echo -nn 1 ./wg-dynamic-server --leasetime 10 wg0 +nn 1 gdb -ex r --args ./wg-dynamic-server --leasetime 10 wg0 diff --git a/wg-dynamic-server.c b/wg-dynamic-server.c index feb9656..942deea 100644 --- a/wg-dynamic-server.c +++ b/wg-dynamic-server.c @@ -439,7 +439,7 @@ static void setup() wg_interface); setup_sockets(); - leases_init(NULL, nlsock); + leases_init(NULL, nlsock, device->ifindex); init_leaess_from_peers(); } @@ -493,7 +493,7 @@ static void handle_event(void *ptr, uint32_t events) } if (ptr == nlsock) { - leases_update_pools(nlsock); + leases_update_pools(nlsock, device->ifindex); return; } -- cgit v1.2.3-59-g8ed1b