wg: improve error reporting and detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
1a64438b21
commit
742f038fc2
|
@ -93,12 +93,8 @@ static inline uint16_t parse_port(const char *value)
|
||||||
static inline bool parse_key(uint8_t key[WG_KEY_LEN], const char *value)
|
static inline bool parse_key(uint8_t key[WG_KEY_LEN], const char *value)
|
||||||
{
|
{
|
||||||
uint8_t tmp[WG_KEY_LEN + 1];
|
uint8_t tmp[WG_KEY_LEN + 1];
|
||||||
if (strlen(value) != b64_len(WG_KEY_LEN) - 1) {
|
if (strlen(value) != b64_len(WG_KEY_LEN) - 1 || b64_pton(value, tmp, WG_KEY_LEN + 1) != WG_KEY_LEN) {
|
||||||
fprintf(stderr, "Key is not the correct length: `%s`\n", value);
|
fprintf(stderr, "Key is not the correct length or format: `%s`\n", value);
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (b64_pton(value, tmp, WG_KEY_LEN + 1) < 0) {
|
|
||||||
fprintf(stderr, "Could not parse base64 key: `%s`\n", value);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
memcpy(key, tmp, WG_KEY_LEN);
|
memcpy(key, tmp, WG_KEY_LEN);
|
||||||
|
|
11
src/genkey.c
11
src/genkey.c
|
@ -11,6 +11,7 @@
|
||||||
|
|
||||||
#include "curve25519.h"
|
#include "curve25519.h"
|
||||||
#include "base64.h"
|
#include "base64.h"
|
||||||
|
#include "subcommands.h"
|
||||||
|
|
||||||
#ifdef __NR_getrandom
|
#ifdef __NR_getrandom
|
||||||
static inline ssize_t get_random_bytes(uint8_t *out, size_t len)
|
static inline ssize_t get_random_bytes(uint8_t *out, size_t len)
|
||||||
|
@ -37,6 +38,11 @@ int genkey_main(int argc, char *argv[])
|
||||||
char private_key_base64[b64_len(CURVE25519_POINT_SIZE)];
|
char private_key_base64[b64_len(CURVE25519_POINT_SIZE)];
|
||||||
struct stat stat;
|
struct stat stat;
|
||||||
|
|
||||||
|
if (argc != 1) {
|
||||||
|
fprintf(stderr, "Usage: %s %s\n", PROG_NAME, argv[0]);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
if (!fstat(STDOUT_FILENO, &stat) && S_ISREG(stat.st_mode) && stat.st_mode & S_IRWXO)
|
if (!fstat(STDOUT_FILENO, &stat) && S_ISREG(stat.st_mode) && stat.st_mode & S_IRWXO)
|
||||||
fputs("Warning: writing to world accessible file.\nConsider setting the umask to 077 and trying again.\n", stderr);
|
fputs("Warning: writing to world accessible file.\nConsider setting the umask to 077 and trying again.\n", stderr);
|
||||||
|
|
||||||
|
@ -47,9 +53,8 @@ int genkey_main(int argc, char *argv[])
|
||||||
if (argc && !strcmp(argv[0], "genkey"))
|
if (argc && !strcmp(argv[0], "genkey"))
|
||||||
curve25519_normalize_secret(private_key);
|
curve25519_normalize_secret(private_key);
|
||||||
|
|
||||||
if (b64_ntop(private_key, sizeof(private_key), private_key_base64, sizeof(private_key_base64)) < 0) {
|
if (b64_ntop(private_key, sizeof(private_key), private_key_base64, sizeof(private_key_base64)) != sizeof(private_key_base64) - 1) {
|
||||||
errno = EINVAL;
|
fprintf(stderr, "%s: Could not convert key to base64\n", PROG_NAME);
|
||||||
perror("b64");
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
33
src/pubkey.c
33
src/pubkey.c
|
@ -3,29 +3,46 @@
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <resolv.h>
|
#include <resolv.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <ctype.h>
|
||||||
|
|
||||||
#include "curve25519.h"
|
#include "curve25519.h"
|
||||||
#include "base64.h"
|
#include "base64.h"
|
||||||
|
#include "subcommands.h"
|
||||||
|
|
||||||
int pubkey_main(__attribute__((unused)) int argc, __attribute__((unused)) char *argv[])
|
int pubkey_main(int argc, char *argv[])
|
||||||
{
|
{
|
||||||
unsigned char private_key[CURVE25519_POINT_SIZE + 1] = { 0 }, public_key[CURVE25519_POINT_SIZE] = { 0 };
|
unsigned char private_key[CURVE25519_POINT_SIZE + 1] = { 0 }, public_key[CURVE25519_POINT_SIZE] = { 0 };
|
||||||
char private_key_base64[b64_len(CURVE25519_POINT_SIZE)] = { 0 }, public_key_base64[b64_len(CURVE25519_POINT_SIZE)] = { 0 };
|
char private_key_base64[b64_len(CURVE25519_POINT_SIZE)] = { 0 }, public_key_base64[b64_len(CURVE25519_POINT_SIZE)] = { 0 };
|
||||||
|
int trailing_char;
|
||||||
|
|
||||||
|
if (argc != 1) {
|
||||||
|
fprintf(stderr, "Usage: %s %s\n", PROG_NAME, argv[0]);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
if (fread(private_key_base64, 1, sizeof(private_key_base64) - 1, stdin) != sizeof(private_key_base64) - 1) {
|
if (fread(private_key_base64, 1, sizeof(private_key_base64) - 1, stdin) != sizeof(private_key_base64) - 1) {
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
perror("fread(private key)");
|
fprintf(stderr, "%s: Key is not the correct length or format\n", PROG_NAME);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (b64_pton(private_key_base64, private_key, sizeof(private_key)) < 0) {
|
|
||||||
errno = EINVAL;
|
for (;;) {
|
||||||
perror("b64");
|
trailing_char = getc(stdin);
|
||||||
|
if (!trailing_char || isspace(trailing_char) || isblank(trailing_char))
|
||||||
|
continue;
|
||||||
|
if (trailing_char == EOF)
|
||||||
|
break;
|
||||||
|
fprintf(stderr, "%s: Trailing characters found after key\n", PROG_NAME);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (b64_pton(private_key_base64, private_key, sizeof(private_key)) != sizeof(private_key) - 1) {
|
||||||
|
fprintf(stderr, "%s: Key is not the correct length or format\n", PROG_NAME);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
curve25519_generate_public(public_key, private_key);
|
curve25519_generate_public(public_key, private_key);
|
||||||
if (b64_ntop(public_key, sizeof(public_key), public_key_base64, sizeof(public_key_base64)) < 0) {
|
if (b64_ntop(public_key, sizeof(public_key), public_key_base64, sizeof(public_key_base64)) != sizeof(public_key_base64) - 1) {
|
||||||
errno = EINVAL;
|
fprintf(stderr, "%s: Could not convert key to base64\n", PROG_NAME);
|
||||||
perror("b64");
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
puts(public_key_base64);
|
puts(public_key_base64);
|
||||||
|
|
15
src/wg.c
15
src/wg.c
|
@ -23,12 +23,13 @@ static const struct {
|
||||||
{ "pubkey", pubkey_main, "Reads a private key from stdin and writes a public key to stdout" }
|
{ "pubkey", pubkey_main, "Reads a private key from stdin and writes a public key to stdout" }
|
||||||
};
|
};
|
||||||
|
|
||||||
static void show_usage(void)
|
static void show_usage(FILE *file)
|
||||||
{
|
{
|
||||||
fprintf(stderr, "Usage: %s <cmd> [<args>]\n\n", PROG_NAME);
|
fprintf(file, "Usage: %s <cmd> [<args>]\n\n", PROG_NAME);
|
||||||
fprintf(stderr, "Available subcommands:\n");
|
fprintf(file, "Available subcommands:\n");
|
||||||
for (size_t i = 0; i < sizeof(subcommands) / sizeof(subcommands[0]); ++i)
|
for (size_t i = 0; i < sizeof(subcommands) / sizeof(subcommands[0]); ++i)
|
||||||
fprintf(stderr, " %s: %s\n", subcommands[i].subcommand, subcommands[i].description);
|
fprintf(file, " %s: %s\n", subcommands[i].subcommand, subcommands[i].description);
|
||||||
|
fprintf(file, "You may pass `--help' to any of these subcommands to view usage.\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
int main(int argc, char *argv[])
|
||||||
|
@ -37,8 +38,8 @@ int main(int argc, char *argv[])
|
||||||
PROG_NAME = argv[0];
|
PROG_NAME = argv[0];
|
||||||
|
|
||||||
if (argc == 2 && (!strcmp(argv[1], "-h") || !strcmp(argv[1], "--help") || !strcmp(argv[1], "help"))) {
|
if (argc == 2 && (!strcmp(argv[1], "-h") || !strcmp(argv[1], "--help") || !strcmp(argv[1], "help"))) {
|
||||||
show_usage();
|
show_usage(stdout);
|
||||||
return 1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (argc == 1) {
|
if (argc == 1) {
|
||||||
|
@ -61,6 +62,6 @@ findsubcommand:
|
||||||
}
|
}
|
||||||
|
|
||||||
fprintf(stderr, "Invalid subcommand: `%s`\n", argv[1]);
|
fprintf(stderr, "Invalid subcommand: `%s`\n", argv[1]);
|
||||||
show_usage();
|
show_usage(stderr);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue