diff options
Diffstat (limited to 'conf/config.go')
-rw-r--r-- | conf/config.go | 82 |
1 files changed, 49 insertions, 33 deletions
diff --git a/conf/config.go b/conf/config.go index e1951d47..74ffacf6 100644 --- a/conf/config.go +++ b/conf/config.go @@ -1,6 +1,6 @@ /* SPDX-License-Identifier: MIT * - * Copyright (C) 2019 WireGuard LLC. All Rights Reserved. + * Copyright (C) 2019-2022 WireGuard LLC. All Rights Reserved. */ package conf @@ -9,9 +9,8 @@ import ( "crypto/rand" "crypto/subtle" "encoding/base64" - "encoding/hex" "fmt" - "net" + "net/netip" "strings" "time" @@ -22,19 +21,16 @@ import ( const KeyLength = 32 -type IPCidr struct { - IP net.IP - Cidr uint8 -} - type Endpoint struct { Host string Port uint16 } -type Key [KeyLength]byte -type HandshakeTime time.Duration -type Bytes uint64 +type ( + Key [KeyLength]byte + HandshakeTime time.Duration + Bytes uint64 +) type Config struct { Name string @@ -44,17 +40,22 @@ type Config struct { type Interface struct { PrivateKey Key - Addresses []IPCidr + Addresses []netip.Prefix ListenPort uint16 MTU uint16 - DNS []net.IP + DNS []netip.Addr DNSSearch []string + PreUp string + PostUp string + PreDown string + PostDown string + TableOff bool } type Peer struct { PublicKey Key PresharedKey Key - AllowedIPs []IPCidr + AllowedIPs []netip.Prefix Endpoint Endpoint PersistentKeepalive uint16 @@ -63,26 +64,37 @@ type Peer struct { LastHandshakeTime HandshakeTime } -func (r *IPCidr) String() string { - return fmt.Sprintf("%s/%d", r.IP.String(), r.Cidr) -} - -func (r *IPCidr) Bits() uint8 { - if r.IP.To4() != nil { - return 32 +func (conf *Config) IntersectsWith(other *Config) bool { + allRoutes := make(map[netip.Prefix]bool, len(conf.Interface.Addresses)*2+len(conf.Peers)*3) + for _, a := range conf.Interface.Addresses { + allRoutes[netip.PrefixFrom(a.Addr(), a.Addr().BitLen())] = true + allRoutes[a.Masked()] = true } - return 128 -} - -func (r *IPCidr) IPNet() net.IPNet { - return net.IPNet{ - IP: r.IP, - Mask: net.CIDRMask(int(r.Cidr), int(r.Bits())), + for i := range conf.Peers { + for _, a := range conf.Peers[i].AllowedIPs { + allRoutes[a.Masked()] = true + } } + for _, a := range other.Interface.Addresses { + if allRoutes[netip.PrefixFrom(a.Addr(), a.Addr().BitLen())] { + return true + } + if allRoutes[a.Masked()] { + return true + } + } + for i := range other.Peers { + for _, a := range other.Peers[i].AllowedIPs { + if allRoutes[a.Masked()] { + return true + } + } + } + return false } func (e *Endpoint) String() string { - if strings.IndexByte(e.Host, ':') > 0 { + if strings.IndexByte(e.Host, ':') != -1 { return fmt.Sprintf("[%s]:%d", e.Host, e.Port) } return fmt.Sprintf("%s:%d", e.Host, e.Port) @@ -96,10 +108,6 @@ func (k *Key) String() string { return base64.StdEncoding.EncodeToString(k[:]) } -func (k *Key) HexString() string { - return hex.EncodeToString(k[:]) -} - func (k *Key) IsZero() bool { var zeros Key return subtle.ConstantTimeCompare(zeros[:], k[:]) == 1 @@ -230,3 +238,11 @@ func (conf *Config) DeduplicateNetworkEntries() { peer.AllowedIPs = peer.AllowedIPs[:i] } } + +func (conf *Config) Redact() { + conf.Interface.PrivateKey = Key{} + for i := range conf.Peers { + conf.Peers[i].PublicKey = Key{} + conf.Peers[i].PresharedKey = Key{} + } +} |