shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-04 13:51:24 +03:00
Code

wireguard: check whether PrivateKey= and PublicKey= are set

Browse Source
This commit is contained in:
Yu Watanabe 2019-03-04 14:31:36 +09:00
parent fedcb4c3eb
commit 9cc9021aed
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/network/netdev/wireguard.c
View File

@ -812,6 +812,21 @@ static void wireguard_done(NetDev *netdev) {
set_free(w->peers_with_failed_endpoint);
}
static int wireguard_peer_verify(WireguardPeer *peer) {
NetDev *netdev = NETDEV(peer->wireguard);
if (section_is_invalid(peer->section))
return -EINVAL;
if (eqzero(peer->public_key))
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"%s: WireGuardPeer section without PublicKey= configured. "
"Ignoring [WireGuardPeer] section from line %u.",
peer->section->filename, peer->section->line);
return 0;
}
static int wireguard_verify(NetDev *netdev, const char *filename) {
WireguardPeer *peer, *peer_next;
Wireguard *w;
@ -820,8 +835,13 @@ static int wireguard_verify(NetDev *netdev, const char *filename) {
w = WIREGUARD(netdev);
assert(w);
if (eqzero(w->private_key))
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(EINVAL),
"%s: Missing PrivateKey= or PrivateKeyFile=, ignoring.",
filename);
LIST_FOREACH_SAFE(peers, peer, peer_next, w->peers)
if (section_is_invalid(peer->section))
if (wireguard_peer_verify(peer) < 0)
wireguard_peer_free(peer);
return 0;