Changes for Iphone
This commit is contained in:
parent
fac3246d99
commit
a05e3644b6
|
@ -90,6 +90,12 @@
|
||||||
#define ARCH_CPU_ARMEL 1
|
#define ARCH_CPU_ARMEL 1
|
||||||
#define ARCH_CPU_32_BITS 1
|
#define ARCH_CPU_32_BITS 1
|
||||||
#define ARCH_CPU_LITTLE_ENDIAN 1
|
#define ARCH_CPU_LITTLE_ENDIAN 1
|
||||||
|
#elif defined(__aarch64__)
|
||||||
|
#define ARCH_CPU_ARM_FAMILY 1
|
||||||
|
#define ARCH_CPU_ARM64 1
|
||||||
|
#define ARCH_CPU_64_BITS 1
|
||||||
|
#define ARCH_CPU_LITTLE_ENDIAN 1
|
||||||
|
#define ARCH_CPU_ALLOW_UNALIGNED 1
|
||||||
#elif defined(__pnacl__)
|
#elif defined(__pnacl__)
|
||||||
#define ARCH_CPU_32_BITS 1
|
#define ARCH_CPU_32_BITS 1
|
||||||
#elif defined(__MIPSEL__)
|
#elif defined(__MIPSEL__)
|
||||||
|
|
|
@ -22,6 +22,10 @@ https://blake2.net.
|
||||||
#include "blake2s.h"
|
#include "blake2s.h"
|
||||||
#include "crypto_ops.h"
|
#include "crypto_ops.h"
|
||||||
|
|
||||||
|
#ifndef BLAKE2S_WITH_ASM
|
||||||
|
#define BLAKE2S_WITH_ASM 1
|
||||||
|
#endif // BLAKE2S_WITH_ASM
|
||||||
|
|
||||||
void blake2s_compress_sse(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]);
|
void blake2s_compress_sse(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]);
|
||||||
|
|
||||||
#if !defined(__cplusplus) && (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L)
|
#if !defined(__cplusplus) && (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L)
|
||||||
|
@ -242,8 +246,8 @@ static void blake2s_compress(blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYT
|
||||||
#undef G
|
#undef G
|
||||||
#undef ROUND
|
#undef ROUND
|
||||||
|
|
||||||
static inline void blake2s_compress_impl(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]) {
|
static inline void blake2s_compress_impl(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]) {
|
||||||
#if defined(ARCH_CPU_X86_64)
|
#if defined(ARCH_CPU_X86_64) && BLAKE2S_WITH_ASM
|
||||||
blake2s_compress_sse(S, block);
|
blake2s_compress_sse(S, block);
|
||||||
#else
|
#else
|
||||||
blake2s_compress(S, block);
|
blake2s_compress(S, block);
|
||||||
|
@ -443,4 +447,4 @@ fail:
|
||||||
puts("error");
|
puts("error");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -30,6 +30,11 @@ enum {
|
||||||
#define CHACHA20_WITH_AVX512 1
|
#define CHACHA20_WITH_AVX512 1
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef CHACHA20_WITH_ASM
|
||||||
|
#define CHACHA20_WITH_ASM 1
|
||||||
|
#endif // CHACHA20_WITH_ASM
|
||||||
|
|
||||||
|
|
||||||
extern "C" {
|
extern "C" {
|
||||||
void _cdecl hchacha20_ssse3(uint8 *derived_key, const uint8 *nonce, const uint8 *key);
|
void _cdecl hchacha20_ssse3(uint8 *derived_key, const uint8 *nonce, const uint8 *key);
|
||||||
void _cdecl chacha20_ssse3(uint8 *out, const uint8 *in, size_t len, const uint32 key[8], const uint32 counter[4]);
|
void _cdecl chacha20_ssse3(uint8 *out, const uint8 *in, size_t len, const uint32 key[8], const uint32 counter[4]);
|
||||||
|
@ -56,9 +61,6 @@ void poly1305_emit_neon(void *ctx, uint8 mac[16], const uint32 nonce[4]);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
struct chacha20_ctx {
|
struct chacha20_ctx {
|
||||||
uint32 state[CHACHA20_BLOCK_SIZE / sizeof(uint32)];
|
uint32 state[CHACHA20_BLOCK_SIZE / sizeof(uint32)];
|
||||||
};
|
};
|
||||||
|
@ -158,7 +160,7 @@ SAFEBUFFERS static void hchacha20_generic(uint8 derived_key[CHACHA20POLY1305_KEY
|
||||||
|
|
||||||
static inline void hchacha20(uint8 derived_key[CHACHA20POLY1305_KEYLEN], const uint8 nonce[16], const uint8 key[CHACHA20POLY1305_KEYLEN])
|
static inline void hchacha20(uint8 derived_key[CHACHA20POLY1305_KEYLEN], const uint8 nonce[16], const uint8 key[CHACHA20POLY1305_KEYLEN])
|
||||||
{
|
{
|
||||||
#if defined(ARCH_CPU_X86_64) && defined(COMPILER_MSVC)
|
#if defined(ARCH_CPU_X86_64) && defined(COMPILER_MSVC) && CHACHA20_WITH_ASM
|
||||||
if (X86_PCAP_SSSE3) {
|
if (X86_PCAP_SSSE3) {
|
||||||
hchacha20_ssse3(derived_key, nonce, key);
|
hchacha20_ssse3(derived_key, nonce, key);
|
||||||
return;
|
return;
|
||||||
|
@ -181,7 +183,7 @@ SAFEBUFFERS static void chacha20_crypt(struct chacha20_ctx *ctx, uint8 *dst, con
|
||||||
if (bytes == 0)
|
if (bytes == 0)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
#if defined(ARCH_CPU_X86_64)
|
#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
|
||||||
#if CHACHA20_WITH_AVX512
|
#if CHACHA20_WITH_AVX512
|
||||||
if (X86_PCAP_AVX512F) {
|
if (X86_PCAP_AVX512F) {
|
||||||
chacha20_avx512(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
|
chacha20_avx512(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
|
||||||
|
@ -207,7 +209,7 @@ SAFEBUFFERS static void chacha20_crypt(struct chacha20_ctx *ctx, uint8 *dst, con
|
||||||
}
|
}
|
||||||
#endif // defined(ARCH_CPU_X86_64)
|
#endif // defined(ARCH_CPU_X86_64)
|
||||||
|
|
||||||
#if defined(ARCH_CPU_ARM_FAMILY)
|
#if defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
|
||||||
if (ARM_PCAP_NEON) {
|
if (ARM_PCAP_NEON) {
|
||||||
chacha20_neon(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
|
chacha20_neon(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
|
||||||
} else {
|
} else {
|
||||||
|
@ -240,7 +242,7 @@ struct poly1305_ctx {
|
||||||
size_t num;
|
size_t num;
|
||||||
};
|
};
|
||||||
|
|
||||||
#if !(defined(CONFIG_X86_64) || defined(CONFIG_ARM) || defined(CONFIG_ARM64) || (defined(CONFIG_MIPS) && defined(CONFIG_64BIT)))
|
#if !(defined(CONFIG_X86_64) || defined(CONFIG_ARM) || defined(CONFIG_ARM64) || (defined(CONFIG_MIPS) && defined(CONFIG_64BIT))) || !CHACHA20_WITH_ASM
|
||||||
struct poly1305_internal {
|
struct poly1305_internal {
|
||||||
uint32 h[5];
|
uint32 h[5];
|
||||||
uint32 r[4];
|
uint32 r[4];
|
||||||
|
@ -408,9 +410,9 @@ SAFEBUFFERS static void poly1305_init(struct poly1305_ctx *ctx, const uint8 key[
|
||||||
ctx->nonce[2] = ReadLE32(&key[24]);
|
ctx->nonce[2] = ReadLE32(&key[24]);
|
||||||
ctx->nonce[3] = ReadLE32(&key[28]);
|
ctx->nonce[3] = ReadLE32(&key[28]);
|
||||||
|
|
||||||
#if defined(ARCH_CPU_X86_64)
|
#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
|
||||||
poly1305_init_x86_64(ctx->opaque, key);
|
poly1305_init_x86_64(ctx->opaque, key);
|
||||||
#elif defined(ARCH_CPU_ARM_FAMILY)
|
#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
|
||||||
poly1305_init_arm(ctx->opaque, key);
|
poly1305_init_arm(ctx->opaque, key);
|
||||||
#elif defined(CONFIG_MIPS) && defined(CONFIG_64BIT)
|
#elif defined(CONFIG_MIPS) && defined(CONFIG_64BIT)
|
||||||
poly1305_init_mips(ctx->opaque, key);
|
poly1305_init_mips(ctx->opaque, key);
|
||||||
|
@ -422,7 +424,7 @@ SAFEBUFFERS static void poly1305_init(struct poly1305_ctx *ctx, const uint8 key[
|
||||||
|
|
||||||
static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint32 padbit)
|
static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint32 padbit)
|
||||||
{
|
{
|
||||||
#if defined(ARCH_CPU_X86_64)
|
#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
|
||||||
#if CHACHA20_WITH_AVX512
|
#if CHACHA20_WITH_AVX512
|
||||||
if(X86_PCAP_AVX512F)
|
if(X86_PCAP_AVX512F)
|
||||||
poly1305_blocks_avx512(ctx, inp, len, padbit);
|
poly1305_blocks_avx512(ctx, inp, len, padbit);
|
||||||
|
@ -434,7 +436,7 @@ static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint
|
||||||
poly1305_blocks_avx(ctx, inp, len, padbit);
|
poly1305_blocks_avx(ctx, inp, len, padbit);
|
||||||
else
|
else
|
||||||
poly1305_blocks_x86_64(ctx, inp, len, padbit);
|
poly1305_blocks_x86_64(ctx, inp, len, padbit);
|
||||||
#elif defined(ARCH_CPU_ARM_FAMILY)
|
#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
|
||||||
if (ARM_PCAP_NEON)
|
if (ARM_PCAP_NEON)
|
||||||
poly1305_blocks_neon(ctx, inp, len, padbit);
|
poly1305_blocks_neon(ctx, inp, len, padbit);
|
||||||
else
|
else
|
||||||
|
@ -446,12 +448,12 @@ static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint
|
||||||
|
|
||||||
static inline void poly1305_emit(void *ctx, uint8 mac[16], const uint32 nonce[4])
|
static inline void poly1305_emit(void *ctx, uint8 mac[16], const uint32 nonce[4])
|
||||||
{
|
{
|
||||||
#if defined(ARCH_CPU_X86_64)
|
#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
|
||||||
if (X86_PCAP_AVX)
|
if (X86_PCAP_AVX)
|
||||||
poly1305_emit_avx(ctx, mac, nonce);
|
poly1305_emit_avx(ctx, mac, nonce);
|
||||||
else
|
else
|
||||||
poly1305_emit_x86_64(ctx, mac, nonce);
|
poly1305_emit_x86_64(ctx, mac, nonce);
|
||||||
#elif defined(ARCH_CPU_ARM_FAMILY)
|
#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
|
||||||
if (ARM_PCAP_NEON)
|
if (ARM_PCAP_NEON)
|
||||||
poly1305_emit_neon(ctx, mac, nonce);
|
poly1305_emit_neon(ctx, mac, nonce);
|
||||||
else
|
else
|
||||||
|
|
10
util.cpp
10
util.cpp
|
@ -15,8 +15,14 @@
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
#include <netinet/in.h>
|
#include <netinet/in.h>
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
|
#include <sys/time.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(OS_MACOSX)
|
||||||
|
#include <mach/mach_time.h>
|
||||||
|
#endif // OS_MACOSX
|
||||||
|
|
||||||
#include <vector>
|
#include <vector>
|
||||||
#include <algorithm>
|
#include <algorithm>
|
||||||
#include "tunsafe_types.h"
|
#include "tunsafe_types.h"
|
||||||
|
@ -451,6 +457,8 @@ void InitOsxGetMilliseconds() {
|
||||||
}
|
}
|
||||||
|
|
||||||
uint64 OsGetMilliseconds() {
|
uint64 OsGetMilliseconds() {
|
||||||
|
assert(initclock != 0);
|
||||||
|
|
||||||
uint64_t clock = mach_absolute_time() - initclock;
|
uint64_t clock = mach_absolute_time() - initclock;
|
||||||
return clock * (uint64_t)timebase.numer / (uint64_t)timebase.denom;
|
return clock * (uint64_t)timebase.numer / (uint64_t)timebase.denom;
|
||||||
}
|
}
|
||||||
|
@ -480,4 +488,4 @@ void OsInterruptibleSleep(int millis) {
|
||||||
usleep((useconds_t)millis * 1000);
|
usleep((useconds_t)millis * 1000);
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif // defined(OS_POSIX)
|
#endif // defined(OS_POSIX)
|
||||||
|
|
|
@ -66,11 +66,11 @@ bool ParseCidrAddr(char *s, WgCidrAddr *out) {
|
||||||
char *slash = strchr(s, '/');
|
char *slash = strchr(s, '/');
|
||||||
if (!slash)
|
if (!slash)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
*slash = 0;
|
*slash = 0;
|
||||||
int e = atoi(slash + 1);
|
int e = atoi(slash + 1);
|
||||||
if (e < 0) return false;
|
if (e < 0) return false;
|
||||||
|
|
||||||
if (inet_pton(AF_INET, s, out->addr) == 1) {
|
if (inet_pton(AF_INET, s, out->addr) == 1) {
|
||||||
if (e > 32) return false;
|
if (e > 32) return false;
|
||||||
out->cidr = e;
|
out->cidr = e;
|
||||||
|
@ -93,16 +93,16 @@ class DnsResolverThread : private Thread::Runner {
|
||||||
public:
|
public:
|
||||||
DnsResolverThread();
|
DnsResolverThread();
|
||||||
~DnsResolverThread();
|
~DnsResolverThread();
|
||||||
|
|
||||||
// Resolve the hostname and store the result in |result|.
|
// Resolve the hostname and store the result in |result|.
|
||||||
// The function will block until it's resolved. If the cancellation
|
// The function will block until it's resolved. If the cancellation
|
||||||
// token or becomes signalled, the call will fail.
|
// token or becomes signalled, the call will fail.
|
||||||
bool Resolve(const char *hostname, IpAddr *result, DnsResolverCanceller *token);
|
bool Resolve(const char *hostname, IpAddr *result, DnsResolverCanceller *token);
|
||||||
|
|
||||||
private:
|
private:
|
||||||
virtual void ThreadMain();
|
virtual void ThreadMain();
|
||||||
void StartThread();
|
void StartThread();
|
||||||
|
|
||||||
struct Entry {
|
struct Entry {
|
||||||
enum {
|
enum {
|
||||||
// Set when it's been posted to the job queue
|
// Set when it's been posted to the job queue
|
||||||
|
@ -112,10 +112,10 @@ private:
|
||||||
// Set when the original thread has cancelled and worker thread should delete
|
// Set when the original thread has cancelled and worker thread should delete
|
||||||
CANCELLED = 2,
|
CANCELLED = 2,
|
||||||
};
|
};
|
||||||
|
|
||||||
Entry() : hostname(NULL) {}
|
Entry() : hostname(NULL) {}
|
||||||
~Entry() { free(hostname); }
|
~Entry() { free(hostname); }
|
||||||
|
|
||||||
char *hostname;
|
char *hostname;
|
||||||
IpAddr *result;
|
IpAddr *result;
|
||||||
Entry *next;
|
Entry *next;
|
||||||
|
@ -147,7 +147,7 @@ void DnsResolverCanceller::Cancel() {
|
||||||
bool DnsResolverThread::Resolve(const char *hostname, IpAddr *result, DnsResolverCanceller *token) {
|
bool DnsResolverThread::Resolve(const char *hostname, IpAddr *result, DnsResolverCanceller *token) {
|
||||||
if (token->cancel_)
|
if (token->cancel_)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
Entry *e = new Entry;
|
Entry *e = new Entry;
|
||||||
e->hostname = _strdup(hostname);
|
e->hostname = _strdup(hostname);
|
||||||
e->result = result;
|
e->result = result;
|
||||||
|
@ -155,7 +155,7 @@ bool DnsResolverThread::Resolve(const char *hostname, IpAddr *result, DnsResolve
|
||||||
e->state = Entry::POSTED;
|
e->state = Entry::POSTED;
|
||||||
e->condvar = &token->condvar_;
|
e->condvar = &token->condvar_;
|
||||||
result->sin.sin_family = 0;
|
result->sin.sin_family = 0;
|
||||||
|
|
||||||
// Push it to the queue and start thread
|
// Push it to the queue and start thread
|
||||||
g_dns_mutex.Acquire();
|
g_dns_mutex.Acquire();
|
||||||
Entry **p = &entry_;
|
Entry **p = &entry_;
|
||||||
|
@ -240,19 +240,19 @@ bool DnsResolver::Resolve(const char *hostname, IpAddr *result) {
|
||||||
int attempt = 0;
|
int attempt = 0;
|
||||||
static const uint8 retry_delays[] = {1, 2, 3, 5, 10};
|
static const uint8 retry_delays[] = {1, 2, 3, 5, 10};
|
||||||
char buf[kSizeOfAddress];
|
char buf[kSizeOfAddress];
|
||||||
|
|
||||||
memset(result, 0, sizeof(IpAddr));
|
memset(result, 0, sizeof(IpAddr));
|
||||||
|
|
||||||
// First check cache
|
// First check cache
|
||||||
for (auto it = cache_.begin(); it != cache_.end(); ++it) {
|
for (auto it = cache_.begin(); it != cache_.end(); ++it) {
|
||||||
if (it->name == hostname) {
|
if (it->name == hostname) {
|
||||||
|
|
||||||
*result = it->ip;
|
*result = it->ip;
|
||||||
RINFO("Resolved %s to %s%s", hostname, PrintIpAddr(*result, buf), " (cached)");
|
RINFO("Resolved %s to %s%s", hostname, PrintIpAddr(*result, buf), " (cached)");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(OS_WIN)
|
#if defined(OS_WIN)
|
||||||
// Then disable dns blocker (otherwise the windows dns client service can't resolve)
|
// Then disable dns blocker (otherwise the windows dns client service can't resolve)
|
||||||
if (dns_blocker_ && dns_blocker_->IsActive()) {
|
if (dns_blocker_ && dns_blocker_->IsActive()) {
|
||||||
|
@ -260,7 +260,7 @@ bool DnsResolver::Resolve(const char *hostname, IpAddr *result) {
|
||||||
dns_blocker_->RestoreDns();
|
dns_blocker_->RestoreDns();
|
||||||
}
|
}
|
||||||
#endif // defined(OS_WIN)
|
#endif // defined(OS_WIN)
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
if (g_dnsresolver_thread.Resolve(hostname, result, &token_)) {
|
if (g_dnsresolver_thread.Resolve(hostname, result, &token_)) {
|
||||||
// add to cache
|
// add to cache
|
||||||
|
@ -270,11 +270,11 @@ bool DnsResolver::Resolve(const char *hostname, IpAddr *result) {
|
||||||
}
|
}
|
||||||
if (token_.is_cancelled())
|
if (token_.is_cancelled())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
RINFO("Unable to resolve %s. Trying again in %d second(s)", hostname, retry_delays[attempt]);
|
RINFO("Unable to resolve %s. Trying again in %d second(s)", hostname, retry_delays[attempt]);
|
||||||
if (!InterruptibleSleep(retry_delays[attempt] * 1000, &token_))
|
if (!InterruptibleSleep(retry_delays[attempt] * 1000, &token_))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if (attempt != ARRAY_SIZE(retry_delays) - 1)
|
if (attempt != ARRAY_SIZE(retry_delays) - 1)
|
||||||
attempt++;
|
attempt++;
|
||||||
}
|
}
|
||||||
|
@ -284,7 +284,7 @@ bool ParseSockaddrInWithPort(const char *si, IpAddr *sin, DnsResolver *resolver)
|
||||||
size_t len = strlen(si) + 1;
|
size_t len = strlen(si) + 1;
|
||||||
char *s = (char*)alloca(len);
|
char *s = (char*)alloca(len);
|
||||||
memcpy(s, si, len);
|
memcpy(s, si, len);
|
||||||
|
|
||||||
memset(sin, 0, sizeof(IpAddr));
|
memset(sin, 0, sizeof(IpAddr));
|
||||||
if (*s == '[') {
|
if (*s == '[') {
|
||||||
char *end = strchr(s, ']');
|
char *end = strchr(s, ']');
|
||||||
|
@ -303,7 +303,7 @@ bool ParseSockaddrInWithPort(const char *si, IpAddr *sin, DnsResolver *resolver)
|
||||||
char *x = strchr(s, ':');
|
char *x = strchr(s, ':');
|
||||||
if (!x) return false;
|
if (!x) return false;
|
||||||
*x = 0;
|
*x = 0;
|
||||||
|
|
||||||
if (inet_pton(AF_INET, s, &sin->sin.sin_addr) == 1) {
|
if (inet_pton(AF_INET, s, &sin->sin.sin_addr) == 1) {
|
||||||
sin->sin.sin_family = AF_INET;
|
sin->sin.sin_family = AF_INET;
|
||||||
} else if (!resolver) {
|
} else if (!resolver) {
|
||||||
|
@ -335,7 +335,7 @@ public:
|
||||||
WgFileParser(WireguardProcessor *wg, DnsResolver *resolver) : wg_(wg), dns_resolver_(resolver) {}
|
WgFileParser(WireguardProcessor *wg, DnsResolver *resolver) : wg_(wg), dns_resolver_(resolver) {}
|
||||||
bool ParseFlag(const char *group, const char *key, char *value);
|
bool ParseFlag(const char *group, const char *key, char *value);
|
||||||
WireguardProcessor *wg_;
|
WireguardProcessor *wg_;
|
||||||
|
|
||||||
void FinishGroup();
|
void FinishGroup();
|
||||||
struct Peer {
|
struct Peer {
|
||||||
WgPublicKey pub;
|
WgPublicKey pub;
|
||||||
|
@ -414,7 +414,7 @@ bool WgFileParser::ParseFlag(const char *group, const char *key, char *value) {
|
||||||
IpAddr sin;
|
IpAddr sin;
|
||||||
std::vector<char*> ss;
|
std::vector<char*> ss;
|
||||||
bool ciphermode = false;
|
bool ciphermode = false;
|
||||||
|
|
||||||
if (strcmp(group, "[Interface]") == 0) {
|
if (strcmp(group, "[Interface]") == 0) {
|
||||||
if (key == NULL) return true;
|
if (key == NULL) return true;
|
||||||
if (strcmp(key, "PrivateKey") == 0) {
|
if (strcmp(key, "PrivateKey") == 0) {
|
||||||
|
@ -501,7 +501,7 @@ bool WgFileParser::ParseFlag(const char *group, const char *key, char *value) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
} else if (strcmp(group, "[Peer]") == 0) {
|
} else if (strcmp(group, "[Peer]") == 0) {
|
||||||
if (key == NULL) {
|
if (key == NULL) {
|
||||||
if (!had_interface_) {
|
if (!had_interface_) {
|
||||||
RERROR("Missing [Interface].PrivateKey.");
|
RERROR("Missing [Interface].PrivateKey.");
|
||||||
return false;
|
return false;
|
||||||
|
@ -562,7 +562,7 @@ bool WgFileParser::ParseFlag(const char *group, const char *key, char *value) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
err:
|
err:
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
@ -577,25 +577,21 @@ static bool ContainsNonAsciiCharacter(const char *buf, size_t size) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver) {
|
bool ParseWireGuardConfigString(WireguardProcessor *wg, char *buf, size_t buf_size, DnsResolver *dns_resolver) {
|
||||||
char buf[1024];
|
|
||||||
char group[32] = {0};
|
char group[32] = {0};
|
||||||
|
|
||||||
WgFileParser file_parser(wg, dns_resolver);
|
WgFileParser file_parser(wg, dns_resolver);
|
||||||
|
|
||||||
RINFO("Loading file: %s", filename);
|
const char *buf_end = buf + buf_size;
|
||||||
|
for (;;) {
|
||||||
FILE *f = fopen(filename, "r");
|
char *nl = (char*)memchr(buf, '\n', buf_end - buf);
|
||||||
if (!f) {
|
if (nl)
|
||||||
RERROR("Unable to open: %s", filename);
|
*nl = 0;
|
||||||
return false;
|
|
||||||
}
|
size_t len = (nl ? nl : buf_end) - buf;
|
||||||
|
|
||||||
while (fgets(buf, sizeof(buf), f)) {
|
|
||||||
size_t len = strlen(buf);
|
|
||||||
|
|
||||||
if (ContainsNonAsciiCharacter(buf, len)) {
|
if (ContainsNonAsciiCharacter(buf, len)) {
|
||||||
RERROR("File is not a config file: %s", filename);
|
RERROR("File is not a config file");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -606,45 +602,72 @@ bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsR
|
||||||
}
|
}
|
||||||
while (len && is_space(buf[len - 1]))
|
while (len && is_space(buf[len - 1]))
|
||||||
buf[--len] = 0;
|
buf[--len] = 0;
|
||||||
|
|
||||||
if (buf[0] == '\0')
|
|
||||||
continue;
|
|
||||||
|
|
||||||
if (buf[0] == '[') {
|
if (buf[0] == '[') {
|
||||||
if (len < sizeof(group)) {
|
if (len < sizeof(group)) {
|
||||||
memcpy(group, buf, len + 1);
|
memcpy(group, buf, len + 1);
|
||||||
if (!file_parser.ParseFlag(group, NULL, NULL)) {
|
if (!file_parser.ParseFlag(group, NULL, NULL)) {
|
||||||
RERROR("Error parsing %s", group);
|
RERROR("Error parsing %s", group);
|
||||||
fclose(f);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
continue;
|
} else if (buf[0] != '\0') {
|
||||||
}
|
char *sep = strchr(buf, '=');
|
||||||
char *sep = strchr(buf, '=');
|
if (!sep) {
|
||||||
if (!sep) {
|
RERROR("Missing = on line: %s", buf);
|
||||||
RERROR("Missing = on line: %s", buf);
|
return false;
|
||||||
continue;
|
}
|
||||||
}
|
char *sepe = sep;
|
||||||
char *sepe = sep;
|
while (sepe > buf && is_space(sepe[-1]))
|
||||||
while (sepe > buf && is_space(sepe[-1]))
|
sepe--;
|
||||||
sepe--;
|
*sepe = 0;
|
||||||
*sepe = 0;
|
|
||||||
|
// trim space after =
|
||||||
// trim space after =
|
do sep++; while (is_space(*sep));
|
||||||
do sep++; while (is_space(*sep));
|
|
||||||
|
if (!file_parser.ParseFlag(group, buf, sep)) {
|
||||||
if (!file_parser.ParseFlag(group, buf, sep)) {
|
RERROR("Error parsing %s.%s = %s", group, buf, sep);
|
||||||
RERROR("Error parsing %s.%s = %s", group, buf, sep);
|
return false;
|
||||||
fclose(f);
|
}
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
if (!nl)
|
||||||
|
break;
|
||||||
|
buf = nl + 1;
|
||||||
}
|
}
|
||||||
file_parser.FinishGroup();
|
file_parser.FinishGroup();
|
||||||
fclose(f);
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool LoadFileWithMaximumSize(const char *filename, std::string *result, size_t max_size) {
|
||||||
|
FILE *f = fopen(filename, "rb");
|
||||||
|
if (!f) return false;
|
||||||
|
fseek(f, 0, SEEK_END);
|
||||||
|
size_t n;
|
||||||
|
long x = ftell(f);
|
||||||
|
fseek(f, 0, SEEK_SET);
|
||||||
|
if (x < 0 || x > max_size) goto error;
|
||||||
|
result->resize((size_t)x);
|
||||||
|
n = fread(&(*result)[0], 1, x, f);
|
||||||
|
if (n != x) goto error;
|
||||||
|
fclose(f);
|
||||||
|
return true;
|
||||||
|
error:
|
||||||
|
fclose(f);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver) {
|
||||||
|
std::string temp;
|
||||||
|
RINFO("Loading file: %s", filename);
|
||||||
|
if (!LoadFileWithMaximumSize(filename, &temp, 1024 * 1024)) {
|
||||||
|
RERROR("Unable to open: %s", filename);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return ParseWireGuardConfigString(wg, &temp[0], temp.size(), dns_resolver);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
static void CmsgAppendFmt(std::string *result, const char *fmt, ...) {
|
static void CmsgAppendFmt(std::string *result, const char *fmt, ...) {
|
||||||
va_list va;
|
va_list va;
|
||||||
|
@ -667,7 +690,7 @@ static void CmsgAppendHex(std::string *result, const char *key, const void *data
|
||||||
|
|
||||||
void WgConfig::HandleConfigurationProtocolGet(WireguardProcessor *proc, std::string *result) {
|
void WgConfig::HandleConfigurationProtocolGet(WireguardProcessor *proc, std::string *result) {
|
||||||
char buf[kSizeOfAddress];
|
char buf[kSizeOfAddress];
|
||||||
|
|
||||||
CmsgAppendHex(result, "private_key", proc->dev_.s_priv_, sizeof(proc->dev_.s_priv_));
|
CmsgAppendHex(result, "private_key", proc->dev_.s_priv_, sizeof(proc->dev_.s_priv_));
|
||||||
if (proc->listen_port_)
|
if (proc->listen_port_)
|
||||||
CmsgAppendFmt(result, "listen_port=%d", proc->listen_port_);
|
CmsgAppendFmt(result, "listen_port=%d", proc->listen_port_);
|
||||||
|
@ -675,10 +698,10 @@ void WgConfig::HandleConfigurationProtocolGet(WireguardProcessor *proc, std::str
|
||||||
CmsgAppendFmt(result, "address=%s", PrintWgCidrAddr(proc->tun_addr_, buf));
|
CmsgAppendFmt(result, "address=%s", PrintWgCidrAddr(proc->tun_addr_, buf));
|
||||||
if (proc->tun6_addr_.size == 128)
|
if (proc->tun6_addr_.size == 128)
|
||||||
CmsgAppendFmt(result, "address=%s", PrintWgCidrAddr(proc->tun6_addr_, buf));
|
CmsgAppendFmt(result, "address=%s", PrintWgCidrAddr(proc->tun6_addr_, buf));
|
||||||
|
|
||||||
for (WgPeer *peer = proc->dev_.peers_; peer; peer = peer->next_peer_) {
|
for (WgPeer *peer = proc->dev_.peers_; peer; peer = peer->next_peer_) {
|
||||||
WG_SCOPED_LOCK(peer->lock_);
|
WG_SCOPED_LOCK(peer->lock_);
|
||||||
|
|
||||||
CmsgAppendHex(result, "public_key", peer->s_remote_.bytes, sizeof(peer->s_remote_));
|
CmsgAppendHex(result, "public_key", peer->s_remote_.bytes, sizeof(peer->s_remote_));
|
||||||
if (!IsOnlyZeros(peer->preshared_key_, sizeof(peer->preshared_key_)))
|
if (!IsOnlyZeros(peer->preshared_key_, sizeof(peer->preshared_key_)))
|
||||||
CmsgAppendHex(result, "preshared_key", peer->preshared_key_, sizeof(peer->preshared_key_));
|
CmsgAppendHex(result, "preshared_key", peer->preshared_key_, sizeof(peer->preshared_key_));
|
||||||
|
@ -692,7 +715,7 @@ void WgConfig::HandleConfigurationProtocolGet(WireguardProcessor *proc, std::str
|
||||||
CmsgAppendFmt(result, "endpoint=%s:%d", PrintIpAddr(peer->endpoint_, buf), htons(peer->endpoint_.sin.sin_port));
|
CmsgAppendFmt(result, "endpoint=%s:%d", PrintIpAddr(peer->endpoint_, buf), htons(peer->endpoint_.sin.sin_port));
|
||||||
else if (peer->endpoint_.sin.sin_family == AF_INET6)
|
else if (peer->endpoint_.sin.sin_family == AF_INET6)
|
||||||
CmsgAppendFmt(result, "endpoint=[%s]:%d", PrintIpAddr(peer->endpoint_, buf), htons(peer->endpoint_.sin6.sin6_port));
|
CmsgAppendFmt(result, "endpoint=[%s]:%d", PrintIpAddr(peer->endpoint_, buf), htons(peer->endpoint_.sin6.sin6_port));
|
||||||
|
|
||||||
if (peer->last_complete_handskake_timestamp_) {
|
if (peer->last_complete_handskake_timestamp_) {
|
||||||
uint64 millis_since = OsGetMilliseconds() - peer->last_complete_handskake_timestamp_;
|
uint64 millis_since = OsGetMilliseconds() - peer->last_complete_handskake_timestamp_;
|
||||||
uint64 when = time(NULL) - millis_since / 1000;
|
uint64 when = time(NULL) - millis_since / 1000;
|
||||||
|
@ -712,12 +735,12 @@ bool WgConfig::HandleConfigurationProtocolMessage(WireguardProcessor *proc, cons
|
||||||
IpAddr sin;
|
IpAddr sin;
|
||||||
uint8 buf32[32];
|
uint8 buf32[32];
|
||||||
assert(proc->dev().IsMainThread());
|
assert(proc->dev().IsMainThread());
|
||||||
|
|
||||||
result->clear();
|
result->clear();
|
||||||
|
|
||||||
if (!ParseConfigKeyValue(&message_copy[0], &kv))
|
if (!ParseConfigKeyValue(&message_copy[0], &kv))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
for (auto it : kv) {
|
for (auto it : kv) {
|
||||||
char *key = it.first, *value = it.second;
|
char *key = it.first, *value = it.second;
|
||||||
if (strcmp(key, "get") == 0) {
|
if (strcmp(key, "get") == 0) {
|
||||||
|
@ -780,7 +803,7 @@ bool WgConfig::HandleConfigurationProtocolMessage(WireguardProcessor *proc, cons
|
||||||
goto getout_fail;
|
goto getout_fail;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// reconfigure the tun interface?
|
// reconfigure the tun interface?
|
||||||
if (did_set_address) {
|
if (did_set_address) {
|
||||||
proc->ConfigureTun();
|
proc->ConfigureTun();
|
||||||
|
@ -788,7 +811,7 @@ bool WgConfig::HandleConfigurationProtocolMessage(WireguardProcessor *proc, cons
|
||||||
|
|
||||||
result->append("errno=0\n\n");
|
result->append("errno=0\n\n");
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
getout_fail:
|
getout_fail:
|
||||||
(*result) = "errno=1\n\n";
|
(*result) = "errno=1\n\n";
|
||||||
return false;
|
return false;
|
||||||
|
|
|
@ -49,6 +49,7 @@ private:
|
||||||
static void HandleConfigurationProtocolGet(WireguardProcessor *proc, std::string *result);
|
static void HandleConfigurationProtocolGet(WireguardProcessor *proc, std::string *result);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
bool ParseWireGuardConfigString(WireguardProcessor *wg, char *buf, size_t buf_size, DnsResolver *dns_resolver);
|
||||||
bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver);
|
bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver);
|
||||||
|
|
||||||
#define kSizeOfAddress 64
|
#define kSizeOfAddress 64
|
||||||
|
|
Loading…
Reference in a new issue