diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2025-05-23 20:22:37 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2025-05-23 20:26:12 +0200 |
| commit | 780182e37d2b5981171766b8f31bcefd64da7a43 (patch) | |
| tree | 304dd71cb13ed50300a6dc9fc60bf5493543bfd9 /828ffc88cd6d6813a82520640d09e7827bf2dcd2 | |
| parent | wg-quick: linux: use smallest mtu, not largest (diff) | |
| download | wireguard-tools-780182e37d2b5981171766b8f31bcefd64da7a43.tar.xz wireguard-tools-780182e37d2b5981171766b8f31bcefd64da7a43.zip | |
syncconf: account for psks removed from config file
Otherwise removing a psk from a config file wouldn't reflect on the
runtime state.
Note that this could have been implemented more simply, by just setting
WGPEER_HAS_PRESHARED_KEY on all of the file's peers, since the psk slot
is zeroed by calloc in config.c, and this way ones with no set key will
be cleared. The downside is that this means every peer update will take
the handshake lock in the kernel, creating more work and possibly
contention:
if (preshared_key) {
down_write(&peer->handshake.lock);
memcpy(&peer->handshake.preshared_key, preshared_key,
NOISE_SYMMETRIC_KEY_LEN);
up_write(&peer->handshake.lock);
}
Avoid this by only setting it if there's a mismatch between the runtime
and the file. Computationally this shouldn't make much of a difference
because we can do it in the same iteration as the peer removal
detection.
Reported-by: Patrick Havelange <patrick.havelange_ext@softathome.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to '828ffc88cd6d6813a82520640d09e7827bf2dcd2')
0 files changed, 0 insertions, 0 deletions