diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2021-11-29 12:31:54 -0500 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-11-29 12:31:54 -0500 |
| commit | 2dd424e2d808703339688ff78e32ed30cd0dfe87 (patch) | |
| tree | 13352c7648fc53db4ca5b12e5947135b893a7e5a /device | |
| parent | device: reduce peer lock critical section in UAPI (diff) | |
| download | wireguard-go-2dd424e2d808703339688ff78e32ed30cd0dfe87.tar.xz wireguard-go-2dd424e2d808703339688ff78e32ed30cd0dfe87.zip | |
device: handle peer post config on blank line
We missed a function exit point. This was exacerbated by e3134bf
("device: defer state machine transitions until configuration is
complete"), but the bug existed prior. Minus provided the following
useful reproducer script:
#!/usr/bin/env bash
set -eux
make wireguard-go || exit 125
ip netns del test-ns || true
ip netns add test-ns
ip link add test-kernel type wireguard
wg set test-kernel listen-port 0 private-key <(echo "QMCfZcp1KU27kEkpcMCgASEjDnDZDYsfMLHPed7+538=") peer "eDPZJMdfnb8ZcA/VSUnLZvLB2k8HVH12ufCGa7Z7rHI=" allowed-ips 10.51.234.10/32
ip link set test-kernel netns test-ns up
ip -n test-ns addr add 10.51.234.1/24 dev test-kernel
port=$(ip netns exec test-ns wg show test-kernel listen-port)
ip link del test-go || true
./wireguard-go test-go
wg set test-go private-key <(echo "WBM7qimR3vFk1QtWNfH+F4ggy/hmO+5hfIHKxxI4nF4=") peer "+nj9Dkqpl4phsHo2dQliGm5aEiWJJgBtYKbh7XjeNjg=" allowed-ips 0.0.0.0/0 endpoint 127.0.0.1:$port
ip addr add 10.51.234.10/24 dev test-go
ip link set test-go up
ping -c2 -W1 10.51.234.1
Reported-by: minus <minus@mnus.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'device')
| -rw-r--r-- | device/uapi.go | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/device/uapi.go b/device/uapi.go index f3acf81..0f98c68 100644 --- a/device/uapi.go +++ b/device/uapi.go @@ -159,6 +159,7 @@ func (device *Device) IpcSetOperation(r io.Reader) (err error) { line := scanner.Text() if line == "" { // Blank line means terminate operation. + peer.handlePostConfig() return nil } parts := strings.Split(line, "=") |