aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Dunwoodie <ncon@mail.noconroy.net>2019-10-05 01:53:17 +0100
committerMatt Dunwoodie <ncon@mail.noconroy.net>2019-10-05 01:53:17 +0100
commit5ae7f7a743489217ed9240db052fdc85a3a66a5c (patch)
treebe1829c2dcd541ca268b14f6cf5c9af89830cfed
parentNew idea again. Please bear with me (diff)
downloadwireguard-openbsd-5ae7f7a743489217ed9240db052fdc85a3a66a5c.tar.xz
wireguard-openbsd-5ae7f7a743489217ed9240db052fdc85a3a66a5c.zip
Modify if_wg.h interface
-rw-r--r--src/if_wg.c79
-rw-r--r--src/if_wg.h81
-rw-r--r--src/patches/ifconfig.patch60
-rw-r--r--src/wireguard.h8
4 files changed, 108 insertions, 120 deletions
diff --git a/src/if_wg.c b/src/if_wg.c
index 092667c..0533f4c 100644
--- a/src/if_wg.c
+++ b/src/if_wg.c
@@ -68,7 +68,7 @@ struct wg_route {
struct wg_peer *r_peer;
struct wg_softc *r_sc;
struct mbuf_queue r_outgoing;
- SLIST_HEAD(, wg_route_entry) r_aip;
+ SLIST_HEAD(, wg_route_entry) r_routes;
};
struct wg_route_entry {
@@ -187,7 +187,7 @@ wg_softc_route_add(struct wg_softc *sc, struct wg_cidr *cidr, struct wg_route *r
}
route = malloc(sizeof(*route), M_DEVBUF, M_WAITOK);
- SLIST_INSERT_HEAD(&r->r_aip, route, r_entry);
+ SLIST_INSERT_HEAD(&r->r_routes, route, r_entry);
route->r_dst = r;
route->r_cidr = *cidr;
node->an_gc = (struct art_node *) route;
@@ -220,7 +220,7 @@ wg_softc_route_delete(struct wg_softc *sc, struct wg_cidr *cidr)
srp_leave(&sr);
route = (struct wg_route_entry *) node->an_gc;
- SLIST_REMOVE(&route->r_dst->r_aip, route, wg_route_entry, r_entry);
+ SLIST_REMOVE(&route->r_dst->r_routes, route, wg_route_entry, r_entry);
free(route, M_DEVBUF, sizeof(struct wg_route_entry));
free(node, M_DEVBUF, sizeof(*node));
@@ -1043,7 +1043,7 @@ wg_softc_peer_route_delete(struct wg_softc *sc, struct wg_peer *peer)
{
struct wg_route_entry *raip, *traip;
struct wg_route *route = peer->p_arg;
- SLIST_FOREACH_SAFE(raip, &route->r_aip, r_entry, traip)
+ SLIST_FOREACH_SAFE(raip, &route->r_routes, r_entry, traip)
wg_softc_route_delete(sc, &raip->r_cidr);
}
@@ -1066,7 +1066,6 @@ wg_ioctl_set_peer(struct wg_softc *sc, u_long cmd, struct wg_set_peer *wsp)
struct wg_route *route;
struct wg_pubkey pub;
- struct wg_privkey shared;
if (suser(curproc))
return EPERM;
@@ -1074,11 +1073,11 @@ wg_ioctl_set_peer(struct wg_softc *sc, u_long cmd, struct wg_set_peer *wsp)
/* Silently ignore set peer when the key is for ourselves */
//if (!memcmp(sc->sc_kp.pub, wsp->sp_pubkey, WG_KEY_SIZE))
// return 0;
- if (IS_NULL_KEY(wsp->sp_pubkey) || IS_MASKED_KEY(wsp->sp_pubkey))
+ if (IS_NULL_KEY(wsp->sp_pubkey.k) || IS_MASKED_KEY(wsp->sp_pubkey.k))
return EINVAL;
/* TODO compat with byte key */
- memcpy(pub.k, wsp->sp_pubkey, sizeof(pub.k));
+ pub = wsp->sp_pubkey;
if ((peer = wg_device_ref_peerkey(&sc->sc_dev, &pub)) == NULL) {
route = malloc(sizeof(*route), M_DEVBUF, M_WAITOK | M_ZERO);
peer = wg_device_new_peer(&sc->sc_dev, &pub, route);
@@ -1086,7 +1085,7 @@ wg_ioctl_set_peer(struct wg_softc *sc, u_long cmd, struct wg_set_peer *wsp)
route->r_sc = sc;
route->r_peer = peer;
mq_init(&route->r_outgoing, IFQ_MAXLEN, IPL_NET);
- SLIST_INIT(&route->r_aip);
+ SLIST_INIT(&route->r_routes);
wg_timer_setup(&peer->p_timers, route,
(void (*)(void *)) wg_route_send_keepalive,
@@ -1104,11 +1103,10 @@ wg_ioctl_set_peer(struct wg_softc *sc, u_long cmd, struct wg_set_peer *wsp)
route->r_ip = wsp->sp_ip;
break;
case SIOCSWGPEERPSK:
- if (IS_NULL_KEY(wsp->sp_psk) || IS_MASKED_KEY(wsp->sp_psk))
+ if (IS_NULL_KEY(wsp->sp_shared.k) ||
+ IS_MASKED_KEY(wsp->sp_shared.k))
return EINVAL;
- /* TODO compat with byte key */
- memcpy(shared.k, wsp->sp_psk, sizeof(shared.k));
- wg_peer_setshared(peer, &shared);
+ wg_peer_setshared(peer, &wsp->sp_shared);
break;
case SIOCSWGPEERPKA:
wg_timer_persistent_keepalive_set(&peer->p_timers, wsp->sp_pka);
@@ -1118,10 +1116,10 @@ wg_ioctl_set_peer(struct wg_softc *sc, u_long cmd, struct wg_set_peer *wsp)
wg_peer_drop(peer);
return WG_OK;
case SIOCSWGPEERAIP:
- ret = wg_softc_route_add(sc, &wsp->sp_aip, route);
+ ret = wg_softc_route_add(sc, &wsp->sp_route, route);
break;
case SIOCDWGPEERAIP:
- ret = wg_softc_route_delete(sc, &wsp->sp_aip);
+ ret = wg_softc_route_delete(sc, &wsp->sp_route);
break;
case SIOCCWGPEERAIP:
wg_softc_peer_route_delete(sc, peer);
@@ -1138,7 +1136,6 @@ wg_ioctl_set_serv(struct wg_softc *sc, u_long cmd, struct wg_set_serv *wss)
{
struct wg_peer *peer;
struct wg_keypair kp;
- struct wg_privkey priv;
if (suser(curproc))
return EPERM;
@@ -1149,18 +1146,18 @@ wg_ioctl_set_serv(struct wg_softc *sc, u_long cmd, struct wg_set_serv *wss)
return wg_bind_port(sc);
case SIOCSWGSERVKEY: /* Set WireGuard server private + public key */
/* Check that the new key does not belong to a peer */
- memcpy(priv.k, wss->ss_privkey, sizeof(priv.k));
- wg_keypair_from_key(&kp, &priv);
+ /* TODO cleanup kp */
+ wg_keypair_from_key(&kp, &wss->ss_privkey);
peer = wg_device_ref_peerkey(&sc->sc_dev, &kp.pub);
if (peer != NULL){
wg_peer_put(peer);
return ENOTSUP;
}
- if (IS_NULL_KEY(wss->ss_privkey) ||
- IS_MASKED_KEY(wss->ss_privkey))
+ if (IS_NULL_KEY(wss->ss_privkey.k) ||
+ IS_MASKED_KEY(wss->ss_privkey.k))
return EINVAL;
- wg_device_setkey(&sc->sc_dev, &priv);
+ wg_device_setkey(&sc->sc_dev, &wss->ss_privkey);
break;
case SIOCCWGPEERS: /* Clear all WireGuard peers */
break;
@@ -1171,29 +1168,19 @@ wg_ioctl_set_serv(struct wg_softc *sc, u_long cmd, struct wg_set_serv *wss)
void
wg_ioctl_get_serv(struct wg_softc *sc, struct wg_get_serv *wgs)
{
+ struct map_item *item;
+ struct wg_peer *peer;
size_t num = 0;
- /*struct wg_peer *peer; */
- struct wg_keypair *kp;
- //uint8_t key[WG_KEY_SIZE];
+ /* TODO We only want to pass the private key to root */
wgs->gs_port = sc->sc_port;
- kp = &sc->sc_dev.d_keypair;
- memcpy(wgs->gs_pubkey, kp->pub.k, sizeof(wgs->gs_pubkey));
-
- /* We only want to pass the private key to root */
- if (!suser(curproc) || IS_NULL_KEY(kp->priv.k))
- memcpy(wgs->gs_privkey, kp->priv.k, sizeof(wgs->gs_privkey));
- else
- memset(wgs->gs_privkey, 0xff, sizeof(wgs->gs_privkey));
-
- struct map_item *item;
- struct wg_peer *peer;
+ wgs->gs_keypair = sc->sc_dev.d_keypair;
/* For the time being, no lock as we hold kernel lock in ioctl */
FM_FOREACH_FILLED(item, &sc->sc_dev.d_peers) {
if (num < wgs->gs_num_peers) {
peer = item->value;
- copyout(peer->p_remote.k, wgs->gs_peers[num], WG_KEY_SIZE);
+ copyout(peer->p_remote.k, wgs->gs_peers[num].k, WG_KEY_SIZE);
}
num++;
}
@@ -1204,24 +1191,16 @@ int
wg_ioctl_get_peer(struct wg_softc *sc, struct wg_get_peer *wgp)
{
size_t num = 0;
- struct wg_pubkey pub;
- struct wg_privkey shared;
struct wg_peer *peer;
struct wg_route *route;
- memcpy(pub.k, wgp->gp_pubkey, sizeof(pub.k));
-
- if ((peer = wg_device_ref_peerkey(&sc->sc_dev, &pub)) == NULL)
+ if ((peer = wg_device_ref_peerkey(&sc->sc_dev, &wgp->gp_pubkey)) == NULL)
return ENOENT;
route = peer->p_arg;
- /* We only want to pass the preshared key to root */
- wg_peer_getshared(peer, &shared);
- if (!suser(curproc) || IS_NULL_KEY(shared.k))
- memcpy(wgp->gp_psk, shared.k, sizeof(wgp->gp_psk));
- else
- memset(wgp->gp_psk, 0xff, sizeof(wgp->gp_psk));
+ /* TODO We only want to pass the preshared key to root */
+ wg_peer_getshared(peer, &wgp->gp_shared);
wgp->gp_last_handshake = wg_peer_last_handshake(peer);
wgp->gp_pka = wg_timer_persistent_keepalive_get(&peer->p_timers);
@@ -1231,12 +1210,12 @@ wg_ioctl_get_peer(struct wg_softc *sc, struct wg_get_peer *wgp)
wgp->gp_ip = route->r_ip;
struct wg_route_entry *r;
- SLIST_FOREACH(r, &route->r_aip, r_entry) {
- if (num < wgp->gp_num_aip)
- copyout(&r->r_cidr, &wgp->gp_aip[num], sizeof(*wgp->gp_aip));
+ SLIST_FOREACH(r, &route->r_routes, r_entry) {
+ if (num < wgp->gp_num_routes)
+ copyout(&r->r_cidr, &wgp->gp_routes[num], sizeof(*wgp->gp_routes));
num++;
}
- wgp->gp_num_aip = num;
+ wgp->gp_num_routes = num;
wg_peer_put(peer);
return 0;
}
diff --git a/src/if_wg.h b/src/if_wg.h
index 122a065..54b8c69 100644
--- a/src/if_wg.h
+++ b/src/if_wg.h
@@ -18,6 +18,7 @@
#define __IF_WG_H__
#include <net/if.h>
+#include <netinet/in.h>
/*
* This is the public interface to the WireGuard network interface.
@@ -31,6 +32,7 @@
static inline int _memchrcmp(uint8_t *b, uint8_t c, size_t l) {
while (l--) if (*b++ != c) return 1; return 0;
}
+
#define IS_NULL_KEY(k) (!_memchrcmp(k, 0, WG_KEY_SIZE))
#define IS_MASKED_KEY(k) (!_memchrcmp(k, 0xff, WG_KEY_SIZE))
@@ -57,60 +59,69 @@ union wg_ip {
struct sockaddr_in6 ip_in6;
};
+struct wg_keypair {
+ struct wg_pubkey {
+ uint8_t k[WG_KEY_SIZE];
+ } pub;
+ struct wg_privkey {
+ uint8_t k[WG_KEY_SIZE];
+ } priv;
+};
+
struct wg_cidr {
- sa_family_t c_af;
- uint8_t c_mask;
+ sa_family_t c_af;
+ uint8_t c_mask;
union {
- struct in_addr ipv4;
+ struct in_addr ipv4;
struct in6_addr ipv6;
} c_ip;
};
-struct wg_set_peer {
- char sp_name[IFNAMSIZ];
- uint8_t sp_pubkey[WG_KEY_SIZE];
- union {
- uint8_t d_psk[WG_PSK_SIZE];
- uint16_t d_pka;
- union wg_ip d_ip;
- struct wg_cidr d_aip;
- } sp_data;
-};
-
struct wg_set_serv {
char ss_name[IFNAMSIZ];
union {
- uint8_t d_privkey[WG_KEY_SIZE];
- in_port_t d_port;
+ struct wg_privkey d_privkey;
+ in_port_t d_port;
} ss_data;
};
-#define sp_psk sp_data.d_psk
-#define sp_pka sp_data.d_pka
-#define sp_ip sp_data.d_ip
-#define sp_aip sp_data.d_aip
+struct wg_set_peer {
+ char sp_name[IFNAMSIZ];
+ struct wg_pubkey sp_pubkey;
+ union {
+ struct wg_privkey d_shared;
+ struct wg_cidr d_route;
+ union wg_ip d_ip;
+ uint16_t d_pka;
+ } sp_data;
+};
+
#define ss_privkey ss_data.d_privkey
#define ss_port ss_data.d_port
+#define sp_shared sp_data.d_shared
+#define sp_route sp_data.d_route
+#define sp_pka sp_data.d_pka
+#define sp_ip sp_data.d_ip
struct wg_get_peer {
- char gp_name[IFNAMSIZ];
- uint8_t gp_pubkey[WG_KEY_SIZE];
- uint8_t gp_psk [WG_PSK_SIZE];
- uint64_t gp_tx_bytes, gp_rx_bytes;
- uint16_t gp_pka;
- union wg_ip gp_ip;
- struct timespec gp_last_handshake;
- size_t gp_num_aip;
- struct wg_cidr *gp_aip;
+ char gp_name[IFNAMSIZ];
+ struct wg_pubkey gp_pubkey;
+ struct wg_privkey gp_shared;
+ union wg_ip gp_ip;
+ uint16_t gp_pka;
+ uint64_t gp_tx_bytes;
+ uint64_t gp_rx_bytes;
+ struct timespec gp_last_handshake;
+ struct wg_cidr *gp_routes;
+ size_t gp_num_routes;
};
struct wg_get_serv {
- char gs_name[IFNAMSIZ];
- uint8_t gs_pubkey[WG_KEY_SIZE];
- uint8_t gs_privkey[WG_KEY_SIZE];
- in_port_t gs_port;
- size_t gs_num_peers;
- uint8_t (*gs_peers)[WG_KEY_SIZE];
+ char gs_name[IFNAMSIZ];
+ struct wg_keypair gs_keypair;
+ in_port_t gs_port;
+ struct wg_pubkey *gs_peers;
+ size_t gs_num_peers;
};
#endif /* __IF_WG_H__ */
diff --git a/src/patches/ifconfig.patch b/src/patches/ifconfig.patch
index 6d830bd..841f597 100644
--- a/src/patches/ifconfig.patch
+++ b/src/patches/ifconfig.patch
@@ -145,7 +145,7 @@
+ errx(1, "%s", gai_strerror(error));
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
+ memcpy(&wsp.sp_ip, ai->ai_addr, ai->ai_addrlen);
+
+ if (ioctl(s, SIOCSWGPEERIP, (caddr_t)&wsp) < 0)
@@ -163,9 +163,9 @@
+ errx(1, "wgaip: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
+
-+ wg_load_allowedip(&wsp.sp_aip, aip);
++ wg_load_allowedip(&wsp.sp_route, aip);
+
+ if (ioctl(s, SIOCSWGPEERAIP, (caddr_t)&wsp) < 0)
+ err(1, "SIOCSWGPEERAIP");
@@ -180,8 +180,8 @@
+ errx(1, "wgpsk: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
-+ WG_LOAD_KEY(wsp.sp_psk, psk_b64, "wgpsk");
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
++ WG_LOAD_KEY(wsp.sp_shared.k, psk_b64, "wgpsk");
+
+ if (ioctl(s, SIOCSWGPEERPSK, (caddr_t)&wsp) < 0)
+ err(1, "SIOCSWGPEERPSK");
@@ -197,7 +197,7 @@
+ errx(1, "wgpsk: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
+ wsp.sp_pka = strtonum(pka, 0, 43200, &errmsg);
+ if (errmsg)
+ errx(1, "wgpka: %s, %s", pka, errmsg);
@@ -227,7 +227,7 @@
+ struct wg_set_serv wss;
+
+ strlcpy(wss.ss_name, name, sizeof(wss.ss_name));
-+ WG_LOAD_KEY(wss.ss_privkey, privkey_b64, "wgkey");
++ WG_LOAD_KEY(wss.ss_privkey.k, privkey_b64, "wgkey");
+
+ if (ioctl(s, SIOCSWGSERVKEY, (caddr_t)&wss) < 0)
+ err(1, "SIOCSWGSERVKEY");
@@ -239,7 +239,7 @@
+ struct wg_set_peer wsp;
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ WG_LOAD_KEY(wsp.sp_pubkey, peerkey_b64, "-wgpeer");
++ WG_LOAD_KEY(wsp.sp_pubkey.k, peerkey_b64, "-wgpeer");
+
+ if (ioctl(s, SIOCDWGPEER, (caddr_t)&wsp) < 0)
+ err(1, "SIOCDWGPEER");
@@ -254,7 +254,7 @@
+ errx(1, "-wgpip: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
+ bzero(&wsp.sp_ip, sizeof(wsp.sp_ip));
+
+ if (ioctl(s, SIOCSWGPEERIP, (caddr_t)&wsp) < 0)
@@ -270,9 +270,9 @@
+ errx(1, "wgaip: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
+
-+ wg_load_allowedip(&wsp.sp_aip, aip);
++ wg_load_allowedip(&wsp.sp_route, aip);
+
+ if (ioctl(s, SIOCDWGPEERAIP, (caddr_t)&wsp) < 0)
+ err(1, "SIOCDWGPEERAIP");
@@ -287,8 +287,8 @@
+ errx(1, "wgpsk: wgpeer not set");
+
+ strlcpy(wsp.sp_name, name, sizeof(wsp.sp_name));
-+ memcpy(wsp.sp_pubkey, wg_peer, WG_KEY_SIZE);
-+ bzero(wsp.sp_psk, sizeof(wsp.sp_psk));
++ memcpy(wsp.sp_pubkey.k, wg_peer, WG_KEY_SIZE);
++ bzero(wsp.sp_shared.k, sizeof(wsp.sp_shared.k));
+
+ if (ioctl(s, SIOCSWGPEERPSK, (caddr_t)&wsp) < 0)
+ err(1, "SIOCSWGPEERPSK");
@@ -330,33 +330,33 @@
+
+ /* Print local key */
+
-+ if (IS_NULL_KEY(wgs.gs_pubkey)) {
++ if (IS_NULL_KEY(wgs.gs_keypair.pub.k)) {
+ printf("\twgkey unset\n");
-+ } else if (IS_MASKED_KEY(wgs.gs_privkey)) {
++ } else if (IS_MASKED_KEY(wgs.gs_keypair.priv.k)) {
+ printf("\twgkey masked\n");
-+ EVP_EncodeBlock(key, wgs.gs_pubkey, WG_KEY_SIZE);
++ EVP_EncodeBlock(key, wgs.gs_keypair.pub.k, WG_KEY_SIZE);
+ printf("\twgkey (pub) %s\n", key);
+ } else {
-+ EVP_EncodeBlock(key, wgs.gs_privkey, WG_KEY_SIZE);
++ EVP_EncodeBlock(key, wgs.gs_keypair.priv.k, WG_KEY_SIZE);
+ printf("\twgkey %s\n", key);
-+ EVP_EncodeBlock(key, wgs.gs_pubkey, WG_KEY_SIZE);
++ EVP_EncodeBlock(key, wgs.gs_keypair.pub.k, WG_KEY_SIZE);
+ printf("\twgkey (pub) %s\n", key);
+ }
+
+ for (i = 0; i < wgs.gs_num_peers; i++) {
+
-+ memcpy(wgp.gp_pubkey, wgs.gs_peers[i], WG_KEY_SIZE);
++ memcpy(wgp.gp_pubkey.k, wgs.gs_peers[i].k, WG_KEY_SIZE);
+
-+ wgp.gp_aip = NULL;
-+ wgp.gp_num_aip = 16;
++ wgp.gp_routes = NULL;
++ wgp.gp_num_routes = 16;
+ do {
-+ num = wgp.gp_num_aip;
-+ wgp.gp_aip = reallocarray(wgp.gp_aip, wgp.gp_num_aip, sizeof(*wgp.gp_aip));
++ num = wgp.gp_num_routes;
++ wgp.gp_routes = reallocarray(wgp.gp_routes, wgp.gp_num_routes, sizeof(*wgp.gp_routes));
+ if (ioctl(s, SIOCGWGPEER, (caddr_t)&wgp) == -1)
+ return;
-+ } while (wgp.gp_num_aip > num);
++ } while (wgp.gp_num_routes > num);
+
-+ EVP_EncodeBlock(key, wgp.gp_pubkey, WG_KEY_SIZE);
++ EVP_EncodeBlock(key, wgp.gp_pubkey.k, WG_KEY_SIZE);
+ printf("\twgpeer %s\n", key);
+
+ if (wgp.gp_last_handshake.tv_sec != 0) {
@@ -367,12 +367,12 @@
+
+ printf("\t\ttx: %llu, rx: %llu\n", wgp.gp_tx_bytes, wgp.gp_rx_bytes);
+
-+ if (IS_NULL_KEY(wgp.gp_psk)) {
++ if (IS_NULL_KEY(wgp.gp_shared.k)) {
+ printf("\t\twgpsk unset\n");
-+ } else if (IS_MASKED_KEY(wgp.gp_psk)) {
++ } else if (IS_MASKED_KEY(wgp.gp_shared.k)) {
+ printf("\t\twgpsk masked\n");
+ } else {
-+ EVP_EncodeBlock(key, wgp.gp_psk, WG_PSK_SIZE);
++ EVP_EncodeBlock(key, wgp.gp_shared.k, WG_KEY_SIZE);
+ printf("\t\twgpsk %s\n", key);
+ }
+
@@ -389,8 +389,8 @@
+ if (wgp.gp_pka != 0)
+ printf("\t\twgpka %u (sec)\n", wgp.gp_pka);
+
-+ struct wg_cidr *ip = wgp.gp_aip;
-+ for (j = 0; j < wgp.gp_num_aip; j++) {
++ struct wg_cidr *ip = wgp.gp_routes;
++ for (j = 0; j < wgp.gp_num_routes; j++) {
+ inet_ntop(ip[j].c_af, &ip[j].c_ip, hbuf, sizeof(hbuf));
+ printf("\t\twgaip %s/%hhu\n", hbuf, ip[j].c_mask);
+ }
diff --git a/src/wireguard.h b/src/wireguard.h
index 8223d38..7d77296 100644
--- a/src/wireguard.h
+++ b/src/wireguard.h
@@ -24,6 +24,9 @@
#include <sys/fixedmap.h>
#include <sys/antireplay.h>
+/* This is only needed for wg_keypair. */
+#include <net/if_wg.h>
+
#define WG_KEY_SIZE 32
#define WG_MAC_SIZE 16
#define WG_HASH_SIZE 32
@@ -121,11 +124,6 @@ static char *wg_pkt_str[] = {
"transport",
};
-struct wg_keypair {
- struct wg_pubkey { uint8_t k[WG_KEY_SIZE]; } pub;
- struct wg_privkey { uint8_t k[WG_KEY_SIZE]; } priv;
-};
-
struct wg_cookie {
uint8_t cookie[WG_COOKIE_SIZE];
struct timespec time;