aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMathias Hall-Andersen <mathias@hall-andersen.dk>2018-04-09 16:56:53 +0200
committerMathias Hall-Andersen <mathias@hall-andersen.dk>2018-04-09 16:56:53 +0200
commit7bf05df12cada7144b4a0479a0159dc9bfecd229 (patch)
tree29033d868169b5fbcd6361a3efde511d706c66c3
parentWork on dummy tun implementation (diff)
downloadwireguard-go-device-test.tar.xz
wireguard-go-device-test.zip
Provide better seperation of parsing and configdevice-test
-rw-r--r--bind.go26
-rw-r--r--config.go93
-rw-r--r--device.go2
-rw-r--r--device_test.go6
-rw-r--r--tun_dummy.go (renamed from dummy_tun.go)0
-rw-r--r--uapi.go138
6 files changed, 154 insertions, 111 deletions
diff --git a/bind.go b/bind.go
index 00e6bd7..2067b0e 100644
--- a/bind.go
+++ b/bind.go
@@ -28,32 +28,6 @@ func unsafeCloseBind(device *Device) error {
return err
}
-func (device *Device) BindSetMark(mark uint32) error {
-
- device.net.mutex.Lock()
- defer device.net.mutex.Unlock()
-
- device.peers.mutex.Lock()
- defer device.peers.mutex.Unlock()
-
- // check if modified
-
- if device.net.fwmark == mark {
- return nil
- }
-
- // update fwmark on existing bind
-
- device.net.fwmark = mark
- if device.isUp.Get() && device.net.bind != nil {
- if err := device.net.bind.SetMark(mark); err != nil {
- return err
- }
- }
-
- return nil
-}
-
func (device *Device) BindUpdate() error {
device.net.mutex.Lock()
diff --git a/config.go b/config.go
new file mode 100644
index 0000000..324217b
--- /dev/null
+++ b/config.go
@@ -0,0 +1,93 @@
+package main
+
+import (
+ "net"
+)
+
+// Get Device State
+
+func (device *Device) GetPrivateKey() NoisePrivateKey {
+ device.noise.mutex.Lock()
+ defer device.noise.mutex.Unlock()
+ return device.noise.privateKey
+}
+
+func (device *Device) GetPublicKey() NoisePublicKey {
+ device.noise.mutex.Lock()
+ defer device.noise.mutex.Unlock()
+ return device.noise.publicKey
+}
+
+func (device *Device) GetListenPort() uint16 {
+ device.net.mutex.Lock()
+ defer device.net.mutex.Unlock()
+ return device.net.port
+}
+
+func (device *Device) GetFWMark() uint32 {
+ device.net.mutex.Lock()
+ defer device.net.mutex.Unlock()
+ return device.net.fwmark
+}
+
+func (device *Device) GetAllowedIPs(peer *Peer) []net.IPNet {
+ device.routing.mutex.RLock()
+ defer device.routing.mutex.RUnlock()
+ return device.routing.table.AllowedIPs(peer)
+}
+
+func (device *Device) GetPeers() []*Peer {
+ device.peers.mutex.Lock()
+ defer device.peers.mutex.Unlock()
+
+ // extract a list of peers
+
+ peers := make([]*Peer, len(device.peers.keyMap))
+ for _, peer := range device.peers.keyMap {
+ peers = append(peers, peer)
+ }
+ return peers
+}
+
+// Update Device State
+
+func (device *Device) SetPort(port uint16) {
+ device.net.mutex.Lock()
+ device.net.port = port
+ device.net.mutex.Unlock()
+}
+
+func (device *Device) SetMark(mark uint32) error {
+
+ device.net.mutex.Lock()
+ defer device.net.mutex.Unlock()
+
+ // check if modified
+
+ if device.net.fwmark == mark {
+ return nil
+ }
+
+ // update fwmark on existing bind
+
+ device.net.fwmark = mark
+ if device.isUp.Get() && device.net.bind != nil {
+ if err := device.net.bind.SetMark(mark); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (device *Device) ReplaceAllowedIPs(peer *Peer) {
+ device.routing.mutex.Lock()
+ device.routing.table.RemovePeer(peer)
+ device.routing.mutex.Unlock()
+}
+
+func (device *Device) AddAllowedIP(ip net.IP, prefix uint, peer *Peer) {
+ device.routing.mutex.Lock()
+ device.routing.table.Insert(ip, prefix, peer)
+ device.routing.mutex.Unlock()
+}
diff --git a/device.go b/device.go
index cbfa152..488c714 100644
--- a/device.go
+++ b/device.go
@@ -23,7 +23,7 @@ type Device struct {
net struct {
mutex sync.RWMutex
- network Networking // networking intergace
+ network Networking // networking interface
bind Bind // bind interface
port uint16 // listening port
fwmark uint32 // mark value (0 = disabled)
diff --git a/device_test.go b/device_test.go
index f8f9ace..24b4cd9 100644
--- a/device_test.go
+++ b/device_test.go
@@ -92,8 +92,8 @@ func TestDevice(t *testing.T) {
// create devices
- log1 := NewLogger(LogLevelDebug, "test-dev1")
- log2 := NewLogger(LogLevelDebug, "test-dev2")
+ log1 := NewLogger(LogLevelError, "test-device-1 : ")
+ log2 := NewLogger(LogLevelError, "test-device-2 : ")
dev1 := NewDevice(tun1, net1, log1)
dev2 := NewDevice(tun2, net2, log2)
@@ -101,6 +101,8 @@ func TestDevice(t *testing.T) {
println(dev1)
println(dev2)
+ // create key material
+
// configure devices
// generate TUN traffic
diff --git a/dummy_tun.go b/tun_dummy.go
index 36d77b3..36d77b3 100644
--- a/dummy_tun.go
+++ b/tun_dummy.go
diff --git a/uapi.go b/uapi.go
index 11e4b94..4151237 100644
--- a/uapi.go
+++ b/uapi.go
@@ -34,66 +34,49 @@ func ipcGetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
lines = append(lines, line)
}
- func() {
+ // serialize device related values
- // lock required resources
-
- device.net.mutex.RLock()
- defer device.net.mutex.RUnlock()
-
- device.noise.mutex.RLock()
- defer device.noise.mutex.RUnlock()
+ if !device.noise.privateKey.IsZero() {
+ send("private_key=" + device.GetPrivateKey().ToHex())
+ }
- device.routing.mutex.RLock()
- defer device.routing.mutex.RUnlock()
+ if device.net.port != 0 {
+ send(fmt.Sprintf("listen_port=%d", device.GetListenPort()))
+ }
- device.peers.mutex.Lock()
- defer device.peers.mutex.Unlock()
+ if device.net.fwmark != 0 {
+ send(fmt.Sprintf("fwmark=%d", device.GetFWMark()))
+ }
- // serialize device related values
+ // serialize each peer state
- if !device.noise.privateKey.IsZero() {
- send("private_key=" + device.noise.privateKey.ToHex())
- }
+ for _, peer := range device.GetPeers() {
+ peer.mutex.RLock()
+ defer peer.mutex.RUnlock()
- if device.net.port != 0 {
- send(fmt.Sprintf("listen_port=%d", device.net.port))
+ send("public_key=" + peer.handshake.remoteStatic.ToHex())
+ send("preshared_key=" + peer.handshake.presharedKey.ToHex())
+ if peer.endpoint != nil {
+ send("endpoint=" + peer.endpoint.DstToString())
}
- if device.net.fwmark != 0 {
- send(fmt.Sprintf("fwmark=%d", device.net.fwmark))
- }
+ nano := atomic.LoadInt64(&peer.stats.lastHandshakeNano)
+ secs := nano / time.Second.Nanoseconds()
+ nano %= time.Second.Nanoseconds()
- // serialize each peer state
-
- for _, peer := range device.peers.keyMap {
- peer.mutex.RLock()
- defer peer.mutex.RUnlock()
-
- send("public_key=" + peer.handshake.remoteStatic.ToHex())
- send("preshared_key=" + peer.handshake.presharedKey.ToHex())
- if peer.endpoint != nil {
- send("endpoint=" + peer.endpoint.DstToString())
- }
-
- nano := atomic.LoadInt64(&peer.stats.lastHandshakeNano)
- secs := nano / time.Second.Nanoseconds()
- nano %= time.Second.Nanoseconds()
-
- send(fmt.Sprintf("last_handshake_time_sec=%d", secs))
- send(fmt.Sprintf("last_handshake_time_nsec=%d", nano))
- send(fmt.Sprintf("tx_bytes=%d", peer.stats.txBytes))
- send(fmt.Sprintf("rx_bytes=%d", peer.stats.rxBytes))
- send(fmt.Sprintf("persistent_keepalive_interval=%d",
- atomic.LoadUint64(&peer.persistentKeepaliveInterval),
- ))
-
- for _, ip := range device.routing.table.AllowedIPs(peer) {
- send("allowed_ip=" + ip.String())
- }
+ send(fmt.Sprintf("last_handshake_time_sec=%d", secs))
+ send(fmt.Sprintf("last_handshake_time_nsec=%d", nano))
+ send(fmt.Sprintf("tx_bytes=%d", peer.stats.txBytes))
+ send(fmt.Sprintf("rx_bytes=%d", peer.stats.rxBytes))
+ send(fmt.Sprintf("persistent_keepalive_interval=%d",
+ atomic.LoadUint64(&peer.persistentKeepaliveInterval),
+ ))
+ for _, ip := range device.GetAllowedIPs(peer) {
+ send("allowed_ip=" + ip.String())
}
- }()
+
+ }
// send lines (does not require resource locks)
@@ -109,10 +92,16 @@ func ipcGetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
return nil
}
-func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
+func ipcSetOperation(
+ device *Device,
+ logger *Logger,
+ networking Networking,
+ socket *bufio.ReadWriter,
+) *IPCError {
+
scanner := bufio.NewScanner(socket)
- logError := device.log.Error
- logDebug := device.log.Debug
+ logError := logger.Error
+ logDebug := logger.Debug
var peer *Peer
@@ -161,12 +150,8 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
// update port and rebind
- logDebug.Println("UAPI: Updating listen port")
-
- device.net.mutex.Lock()
- device.net.port = uint16(port)
- device.net.mutex.Unlock()
-
+ device.SetPort(uint16(port))
+ logDebug.Println("UAPI: Listen port updated")
if err := device.BindUpdate(); err != nil {
logError.Println("Failed to set listen_port:", err)
return &IPCError{Code: ipcErrorPortInUse}
@@ -191,7 +176,7 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
logDebug.Println("UAPI: Updating fwmark")
- if err := device.BindSetMark(uint32(fwmark)); err != nil {
+ if err := device.SetMark(uint32(fwmark)); err != nil {
logError.Println("Failed to update fwmark:", err)
return &IPCError{Code: ipcErrorPortInUse}
}
@@ -231,11 +216,7 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
// ignore peer with public key of device
- device.noise.mutex.RLock()
- equals := device.noise.publicKey.Equals(publicKey)
- device.noise.mutex.RUnlock()
-
- if equals {
+ if device.GetPublicKey().Equals(publicKey) {
peer = &Peer{}
dummy = true
}
@@ -294,13 +275,10 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
logDebug.Println("UAPI: Updating endpoint for peer:", peer.String())
err := func() error {
- device.net.mutex.Lock()
- defer device.net.mutex.Unlock()
-
peer.mutex.Lock()
defer peer.mutex.Unlock()
- endpoint, err := device.net.network.CreateEndpoint(value)
+ endpoint, err := networking.CreateEndpoint(value)
if err != nil {
return err
}
@@ -353,14 +331,10 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
return &IPCError{Code: ipcErrorInvalid}
}
- if dummy {
- continue
+ if !dummy {
+ device.ReplaceAllowedIPs(peer)
}
- device.routing.mutex.Lock()
- device.routing.table.RemovePeer(peer)
- device.routing.mutex.Unlock()
-
case "allowed_ip":
logDebug.Println("UAPI: Adding allowed_ip to peer:", peer.String())
@@ -371,15 +345,11 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
return &IPCError{Code: ipcErrorInvalid}
}
- if dummy {
- continue
+ if !dummy {
+ ones, _ := network.Mask.Size()
+ device.AddAllowedIP(network.IP, uint(ones), peer)
}
- ones, _ := network.Mask.Size()
- device.routing.mutex.Lock()
- device.routing.table.Insert(network.IP, uint(ones), peer)
- device.routing.mutex.Unlock()
-
default:
logError.Println("Invalid UAPI key (peer configuration):", key)
return &IPCError{Code: ipcErrorInvalid}
@@ -416,7 +386,11 @@ func ipcHandle(device *Device, socket net.Conn) {
switch op {
case "set=1\n":
device.log.Debug.Println("Config, set operation")
- status = ipcSetOperation(device, buffered)
+ status = ipcSetOperation(
+ device,
+ device.log,
+ device.net.network,
+ buffered)
case "get=1\n":
device.log.Debug.Println("Config, get operation")