2016-11-18 06:22:00 +01:00
|
|
|
/* Copyright (C) 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
|
2015-06-05 15:58:00 +02:00
|
|
|
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <string.h>
|
2016-07-03 20:39:47 +02:00
|
|
|
#include <fcntl.h>
|
wg: first additions of userspace integration
This is designed to work with a server that follows this:
struct sockaddr_un addr = {
.sun_family = AF_UNIX,
.sun_path = "/var/run/wireguard/wguserspace0.sock"
};
int fd, ret;
ssize_t len;
socklen_t socklen;
struct wgdevice *device;
fd = socket(AF_UNIX, SOCK_DGRAM, 0);
if (fd < 0)
exit(1);
if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
exit(1);
for (;;) {
/* First we look at how big the next message is, so we know how much to
* allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
if (len < 0) {
handle_error();
continue;
}
/* Next we allocate a buffer for the received data. */
device = NULL;
if (len) {
device = malloc(len);
if (!device) {
handle_error();
continue;
}
}
/* Finally we receive the data, storing too the return address. */
socklen = sizeof(addr);
len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
if (len < 0) {
handle_error();
free(device);
continue;
}
if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
device = get_current_wireguard_device(&len);
sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
} else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
ret = set_current_wireguard_device(device);
sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
free(device);
}
}
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-19 15:26:56 +02:00
|
|
|
#ifdef __linux
|
|
|
|
|
#include <syscall.h>
|
|
|
|
|
#endif
|
2015-06-05 15:58:00 +02:00
|
|
|
|
|
|
|
|
#include "curve25519.h"
|
|
|
|
|
#include "base64.h"
|
2016-07-03 20:06:33 +02:00
|
|
|
#include "subcommands.h"
|
2015-06-05 15:58:00 +02:00
|
|
|
|
|
|
|
|
static inline ssize_t get_random_bytes(uint8_t *out, size_t len)
|
|
|
|
|
{
|
|
|
|
|
ssize_t ret;
|
2016-07-03 20:39:47 +02:00
|
|
|
int fd;
|
wg: first additions of userspace integration
This is designed to work with a server that follows this:
struct sockaddr_un addr = {
.sun_family = AF_UNIX,
.sun_path = "/var/run/wireguard/wguserspace0.sock"
};
int fd, ret;
ssize_t len;
socklen_t socklen;
struct wgdevice *device;
fd = socket(AF_UNIX, SOCK_DGRAM, 0);
if (fd < 0)
exit(1);
if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
exit(1);
for (;;) {
/* First we look at how big the next message is, so we know how much to
* allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
if (len < 0) {
handle_error();
continue;
}
/* Next we allocate a buffer for the received data. */
device = NULL;
if (len) {
device = malloc(len);
if (!device) {
handle_error();
continue;
}
}
/* Finally we receive the data, storing too the return address. */
socklen = sizeof(addr);
len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
if (len < 0) {
handle_error();
free(device);
continue;
}
if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
device = get_current_wireguard_device(&len);
sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
} else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
ret = set_current_wireguard_device(device);
sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
free(device);
}
}
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-19 15:26:56 +02:00
|
|
|
#if defined(__NR_getrandom) && defined(__linux__)
|
2016-07-03 20:39:47 +02:00
|
|
|
ret = syscall(__NR_getrandom, out, len, 0);
|
|
|
|
|
if (ret >= 0)
|
|
|
|
|
return ret;
|
|
|
|
|
#endif
|
|
|
|
|
fd = open("/dev/urandom", O_RDONLY);
|
2015-06-05 15:58:00 +02:00
|
|
|
if (fd < 0)
|
|
|
|
|
return fd;
|
|
|
|
|
ret = read(fd, out, len);
|
|
|
|
|
close(fd);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int genkey_main(int argc, char *argv[])
|
|
|
|
|
{
|
|
|
|
|
unsigned char private_key[CURVE25519_POINT_SIZE];
|
|
|
|
|
char private_key_base64[b64_len(CURVE25519_POINT_SIZE)];
|
|
|
|
|
struct stat stat;
|
|
|
|
|
|
2016-07-03 20:06:33 +02:00
|
|
|
if (argc != 1) {
|
|
|
|
|
fprintf(stderr, "Usage: %s %s\n", PROG_NAME, argv[0]);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-05 15:58:00 +02:00
|
|
|
if (!fstat(STDOUT_FILENO, &stat) && S_ISREG(stat.st_mode) && stat.st_mode & S_IRWXO)
|
|
|
|
|
fputs("Warning: writing to world accessible file.\nConsider setting the umask to 077 and trying again.\n", stderr);
|
|
|
|
|
|
|
|
|
|
if (get_random_bytes(private_key, CURVE25519_POINT_SIZE) != CURVE25519_POINT_SIZE) {
|
|
|
|
|
perror("getrandom");
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
if (argc && !strcmp(argv[0], "genkey"))
|
|
|
|
|
curve25519_normalize_secret(private_key);
|
|
|
|
|
|
2016-07-03 20:06:33 +02:00
|
|
|
if (b64_ntop(private_key, sizeof(private_key), private_key_base64, sizeof(private_key_base64)) != sizeof(private_key_base64) - 1) {
|
|
|
|
|
fprintf(stderr, "%s: Could not convert key to base64\n", PROG_NAME);
|
2015-06-05 15:58:00 +02:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
puts(private_key_base64);
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
}
|