summaryrefslogtreecommitdiffstats
path: root/src/wireguard.h
diff options
context:
space:
mode:
authorMatt Dunwoodie <ncon@mail.noconroy.net>2019-05-19 13:58:35 +1000
committerMatt Dunwoodie <ncon@mail.noconroy.net>2019-05-19 15:08:50 +1000
commitfe512707839518725a0c4047e2bf5e71129d2ce6 (patch)
tree4381084316cf5fb05f427c56db8fb96c12fab849 /src/wireguard.h
parentTouch up Makefile (diff)
downloadwireguard-openbsd-fe512707839518725a0c4047e2bf5e71129d2ce6.tar.xz
wireguard-openbsd-fe512707839518725a0c4047e2bf5e71129d2ce6.zip
Update cookie calculation
Previously, the cookie system was never used, while that is still the case, this is a step closer to having IP based cookies. There is a new type added, `wg_cookie_param` which stores the parameters to calculate a cookie value. In this case, there is: * rval - the random value, changes every 2 minutes (to be controlled by if_wg.c) * ival - the identifier value, usually going to be an IP address + port * ilen - the length of the identifier value
Diffstat (limited to 'src/wireguard.h')
-rw-r--r--src/wireguard.h12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/wireguard.h b/src/wireguard.h
index f8fbd7b29ef..f202137008c 100644
--- a/src/wireguard.h
+++ b/src/wireguard.h
@@ -13,6 +13,8 @@
#define WG_MAC_SIZE 16
#define WG_HASH_SIZE 32
#define WG_COOKIE_SIZE 16
+#define WG_COOKIE_RVAL_SIZE 16
+#define WG_COOKIE_IVAL_MAXSIZE 32
#define WG_TIMESTAMP_SIZE 12
/*
@@ -88,7 +90,7 @@ struct wg_peer {
struct timespec p_lastrecv;
struct timespec p_lastinit;
- struct wg_cookie {
+ struct wg_cookie_value {
u_int8_t value [WG_COOKIE_SIZE];
struct timespec time;
} p_cookie;
@@ -101,6 +103,12 @@ struct wg_peer {
struct mbuf_list p_tempq;
};
+struct wg_cookie_param {
+ u_int8_t c_rval[WG_COOKIE_RVAL_SIZE];
+ u_int8_t c_ival[WG_COOKIE_IVAL_MAXSIZE];
+ u_int8_t c_ilen;
+};
+
extern void (*const wg_task_fn[WG_TASK_NUM])(struct wg_peer *, struct mbuf_list *);
/* Upcall is a struct to store callbacks for wireguard */
@@ -111,7 +119,7 @@ struct wg_upcall {
void *uc_arg;
u_int8_t *(*uc_getpubkey)(void *);
u_int8_t *(*uc_getprivkey)(void *);
- u_int8_t *(*uc_getcookie)(void *, struct mbuf *);
+ bool (*uc_getcookie)(void *, struct mbuf *, struct wg_cookie_param *);
struct wg_peer *(*uc_lookupkey)(void *, u_int8_t [WG_KEY_SIZE]);
struct wg_peer *(*uc_lookupid)(void *, u_int32_t);
};