From 4eeccd2b59cc09a384f3534df61c9ad8cf0118b7 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Mon, 5 Aug 2019 16:44:06 +0200 Subject: netlink: skip peers with invalid keys --- src/netlink.c | 10 ++++++++-- src/peer.c | 11 +++++++---- 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/src/netlink.c b/src/netlink.c index eb94f4d..0805a26 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -413,10 +413,16 @@ static int set_peer(struct wg_device *wg, struct nlattr **attrs) } up_read(&wg->static_identity.lock); - ret = -ENOMEM; peer = wg_peer_create(wg, public_key, preshared_key); - if (!peer) + if (IS_ERR(peer)) { + /* Similar to the above, if the key is invalid, we skip + * it without fanfare, so that services don't need to + * worry about doing key validation themselves. + */ + ret = PTR_ERR(peer) == -EKEYREJECTED ? 0 : PTR_ERR(peer); + peer = NULL; goto out; + } /* Take additional reference, as though we've just been * looked up. */ diff --git a/src/peer.c b/src/peer.c index ffb911f..071eedf 100644 --- a/src/peer.c +++ b/src/peer.c @@ -22,20 +22,23 @@ struct wg_peer *wg_peer_create(struct wg_device *wg, const u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN]) { struct wg_peer *peer; + int ret = -ENOMEM; lockdep_assert_held(&wg->device_update_lock); if (wg->num_peers >= MAX_PEERS_PER_DEVICE) - return NULL; + return ERR_PTR(ret); peer = kzalloc(sizeof(*peer), GFP_KERNEL); if (unlikely(!peer)) - return NULL; + return ERR_PTR(ret); peer->device = wg; if (!wg_noise_handshake_init(&peer->handshake, &wg->static_identity, - public_key, preshared_key, peer)) + public_key, preshared_key, peer)) { + ret = -EKEYREJECTED; goto err_1; + } if (dst_cache_init(&peer->endpoint_cache, GFP_KERNEL)) goto err_1; if (wg_packet_queue_init(&peer->tx_queue, wg_packet_tx_worker, false, @@ -74,7 +77,7 @@ err_2: dst_cache_destroy(&peer->endpoint_cache); err_1: kfree(peer); - return NULL; + return ERR_PTR(ret); } struct wg_peer *wg_peer_get_maybe_zero(struct wg_peer *peer) -- cgit v1.2.3-59-g8ed1b