diff options
authorJason A. Donenfeld <Jason@zx2c4.com>2021-11-29 12:31:54 -0500
committerJason A. Donenfeld <Jason@zx2c4.com>2021-11-29 12:31:54 -0500
commit2dd424e2d808703339688ff78e32ed30cd0dfe87 (patch)
parentdevice: reduce peer lock critical section in UAPI (diff)
device: handle peer post config on blank line
We missed a function exit point. This was exacerbated by e3134bf ("device: defer state machine transitions until configuration is complete"), but the bug existed prior. Minus provided the following useful reproducer script: #!/usr/bin/env bash set -eux make wireguard-go || exit 125 ip netns del test-ns || true ip netns add test-ns ip link add test-kernel type wireguard wg set test-kernel listen-port 0 private-key <(echo "QMCfZcp1KU27kEkpcMCgASEjDnDZDYsfMLHPed7+538=") peer "eDPZJMdfnb8ZcA/VSUnLZvLB2k8HVH12ufCGa7Z7rHI=" allowed-ips ip link set test-kernel netns test-ns up ip -n test-ns addr add dev test-kernel port=$(ip netns exec test-ns wg show test-kernel listen-port) ip link del test-go || true ./wireguard-go test-go wg set test-go private-key <(echo "WBM7qimR3vFk1QtWNfH+F4ggy/hmO+5hfIHKxxI4nF4=") peer "+nj9Dkqpl4phsHo2dQliGm5aEiWJJgBtYKbh7XjeNjg=" allowed-ips endpoint$port ip addr add dev test-go ip link set test-go up ping -c2 -W1 Reported-by: minus <minus@mnus.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
1 files changed, 1 insertions, 0 deletions
diff --git a/device/uapi.go b/device/uapi.go
index f3acf81..0f98c68 100644
--- a/device/uapi.go
+++ b/device/uapi.go
@@ -159,6 +159,7 @@ func (device *Device) IpcSetOperation(r io.Reader) (err error) {
line := scanner.Text()
if line == "" {
// Blank line means terminate operation.
+ peer.handlePostConfig()
return nil
parts := strings.Split(line, "=")