diff options
Diffstat (limited to 'src/config.c')
| -rw-r--r-- | src/config.c | 41 |
1 files changed, 32 insertions, 9 deletions
diff --git a/src/config.c b/src/config.c index b8394a5..6b8aa58 100644 --- a/src/config.c +++ b/src/config.c @@ -1,11 +1,10 @@ -// SPDX-License-Identifier: GPL-2.0 +// SPDX-License-Identifier: GPL-2.0 OR MIT /* * Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ #include <arpa/inet.h> #include <limits.h> -#include <ctype.h> #include <netdb.h> #include <stdio.h> #include <stdlib.h> @@ -19,6 +18,7 @@ #include "containers.h" #include "ipc.h" #include "encoding.h" +#include "ctype.h" #define COMMENT_CHAR '#' @@ -86,7 +86,7 @@ static inline bool parse_fwmark(uint32_t *fwmark, uint32_t *flags, const char *v return true; } - if (!isdigit(value[0])) + if (!char_is_digit(value[0])) goto err; if (strlen(value) > 2 && value[0] == '0' && value[1] == 'x') @@ -141,7 +141,7 @@ static bool parse_keyfile(uint8_t key[static WG_KEY_LEN], const char *path) dst[WG_KEY_LEN_BASE64 - 1] = '\0'; while ((c = getc(f)) != EOF) { - if (!isspace(c)) { + if (!char_is_space(c)) { fprintf(stderr, "Found trailing character in key file: `%c'\n", c); goto out; } @@ -290,7 +290,7 @@ static inline bool parse_persistent_keepalive(uint16_t *interval, uint32_t *flag return true; } - if (!isdigit(value[0])) + if (!char_is_digit(value[0])) goto err; ret = strtoul(value, &end, 10); @@ -337,6 +337,20 @@ static bool validate_netmask(struct wgallowedip *allowedip) return true; } +static inline void parse_ip_prefix(struct wgpeer *peer, uint32_t *flags, char **mask) +{ + /* If the IP is prefixed with either '+' or '-' consider this an + * incremental change. Disable WGPEER_REPLACE_ALLOWEDIPS. */ + switch ((*mask)[0]) { + case '-': + *flags |= WGALLOWEDIP_REMOVE_ME; + /* fall through */ + case '+': + peer->flags &= ~WGPEER_REPLACE_ALLOWEDIPS; + ++(*mask); + } +} + static inline bool parse_allowedips(struct wgpeer *peer, struct wgallowedip **last_allowedip, const char *value) { struct wgallowedip *allowedip = *last_allowedip, *new_allowedip; @@ -353,10 +367,18 @@ static inline bool parse_allowedips(struct wgpeer *peer, struct wgallowedip **la } sep = mutable; while ((mask = strsep(&sep, ","))) { + uint32_t flags = 0; unsigned long cidr; char *end, *ip; + parse_ip_prefix(peer, &flags, &mask); + saved_entry = strdup(mask); + if (!saved_entry) { + perror("strdup"); + free(mutable); + return false; + } ip = strsep(&mask, "/"); new_allowedip = calloc(1, sizeof(*new_allowedip)); @@ -375,7 +397,7 @@ static inline bool parse_allowedips(struct wgpeer *peer, struct wgallowedip **la } if (mask) { - if (!isdigit(mask[0])) + if (!char_is_digit(mask[0])) goto err; cidr = strtoul(mask, &end, 10); if (*end || (cidr > 32 && new_allowedip->family == AF_INET) || (cidr > 128 && new_allowedip->family == AF_INET6)) @@ -387,6 +409,7 @@ static inline bool parse_allowedips(struct wgpeer *peer, struct wgallowedip **la else goto err; new_allowedip->cidr = cidr; + new_allowedip->flags = flags; if (!validate_netmask(new_allowedip)) fprintf(stderr, "Warning: AllowedIP has nonzero host part: %s/%s\n", ip, mask); @@ -501,7 +524,7 @@ bool config_read_line(struct config_ctx *ctx, const char *input) } for (size_t i = 0; i < len; ++i) { - if (!isspace(input[i])) + if (!char_is_space(input[i])) line[cleaned_len++] = input[i]; } if (!cleaned_len) @@ -555,13 +578,13 @@ static char *strip_spaces(const char *in) return NULL; } for (i = 0, l = 0; i < t; ++i) { - if (!isspace(in[i])) + if (!char_is_space(in[i])) out[l++] = in[i]; } return out; } -struct wgdevice *config_read_cmd(char *argv[], int argc) +struct wgdevice *config_read_cmd(const char *argv[], int argc) { struct wgdevice *device = calloc(1, sizeof(*device)); struct wgpeer *peer = NULL; |