diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2016-08-08 13:53:00 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-08-08 14:05:37 +0200 |
| commit | f3489814efef5041ccffd8c6b5a45e37c133627d (patch) | |
| tree | 012086ab4e88da937a6156d0d2cf06d53d839730 /src | |
| parent | Kbuild: move module deps out of tests/ (diff) | |
| download | wireguard-monolithic-historical-f3489814efef5041ccffd8c6b5a45e37c133627d.tar.xz wireguard-monolithic-historical-f3489814efef5041ccffd8c6b5a45e37c133627d.zip | |
persistent-keepalive: change range to [1,65535]
Diffstat (limited to '')
| -rw-r--r-- | src/config.c | 11 | ||||
| -rw-r--r-- | src/tools/config.c | 4 | ||||
| -rw-r--r-- | src/tools/wg.8 | 4 |
3 files changed, 8 insertions, 11 deletions
diff --git a/src/config.c b/src/config.c index 3ca23f3..b065e0c 100644 --- a/src/config.c +++ b/src/config.c @@ -104,13 +104,10 @@ static int set_peer(struct wireguard_device *wg, void __user *user_peer, size_t } if (in_peer.persistent_keepalive_interval != (uint16_t)-1) { - if (in_peer.persistent_keepalive_interval && (in_peer.persistent_keepalive_interval < 10 || in_peer.persistent_keepalive_interval > 3600)) - ret = -EINVAL; - else { - if (!peer->persistent_keepalive_interval && in_peer.persistent_keepalive_interval && netdev_pub(wg)->flags & IFF_UP) - packet_send_keepalive(peer); - peer->persistent_keepalive_interval = (unsigned long)in_peer.persistent_keepalive_interval * HZ; - } + const bool send_keepalive = !peer->persistent_keepalive_interval && in_peer.persistent_keepalive_interval && netdev_pub(wg)->flags & IFF_UP; + peer->persistent_keepalive_interval = (unsigned long)in_peer.persistent_keepalive_interval * HZ; + if (send_keepalive) + packet_send_keepalive(peer); } if (netdev_pub(wg)->flags & IFF_UP) diff --git a/src/tools/config.c b/src/tools/config.c index 55a8ab5..d307007 100644 --- a/src/tools/config.c +++ b/src/tools/config.c @@ -193,8 +193,8 @@ static inline bool parse_persistent_keepalive(__u16 *interval, const char *value } ret = strtoul(value, &end, 10); - if (!*value || *value == '-' || *end || (ret && (ret < 10 || ret > 3600))) { - fprintf(stderr, "The persistent keepalive interval must be 0/off or 10-3600. Found: `%s`\n", value); + if (!*value || *value == '-' || *end || ret > 65535) { + fprintf(stderr, "The persistent keepalive interval must be 0/off or 1-65535. Found: `%s`\n", value); return false; } diff --git a/src/tools/wg.8 b/src/tools/wg.8 index 0795fdf..4e7e4c2 100644 --- a/src/tools/wg.8 +++ b/src/tools/wg.8 @@ -68,7 +68,7 @@ public-key cryptography, for post-quantum resistance. If \fIallowed-ips\fP is specified, but the value is the empty string, all allowed ips are removed from the peer. The use of \fIpersistent-keepalive\fP is optional and is by default off; setting it to 0 or "off", disables it. Otherwise it represents, -in seconds, between 10 and 3600 inclusive, how often to send an authenticated +in seconds, between 1 and 65535 inclusive, how often to send an authenticated empty packet to the peer, for the purpose of keeping a stateful firewall or NAT mapping valid persistently. For example, if the interface very rarely sends traffic, but it might at anytime receive traffic from a peer, and it is behind @@ -142,7 +142,7 @@ port number. This endpoint will be updated automatically to the most recent source IP address and port of correctly authenticated packets from the peer. Optional. .IP \(bu -PersistentKeepalive \(em a seconds interval, between 10 and 3600 inclusive, of +PersistentKeepalive \(em a seconds interval, between 1 and 65535 inclusive, of how often to send an authenticated empty packet to the peer for the purpose of keeping a stateful firewall or NAT mapping valid persistently. For example, if the interface very rarely sends traffic, but it might at anytime receive traffic from a peer, |