apps/cunicu
1
0
Fork 0
mirror of https://codeberg.org/cunicu/cunicu.git synced 2025-09-27 05:06:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

pdisc: fix exchange of peer names

Browse Source 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
This commit is contained in:
Steffen Vogel
2022-10-01 22:44:13 +02:00
parent 5801aaace1
commit ffc1454841
9 changed files with 87 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/config/config.go
View File

@@ -113,6 +113,11 @@ func (c *Config) Init(args []string) error {
// was initialized.
c.logger = zap.L().Named("config")
// Initialize some defaults configuration settings at runtime
if err := InitDefaults(); err != nil {
return fmt.Errorf("failed to initialize defaults: %w", err)
}
c.InterfaceOrderCLI = args
ps, err := c.GetProviders()

10
pkg/config/defaults.go
View File

@@ -117,15 +117,17 @@ func InitDefaults() error {
logger := zap.L().Named("config")
s := &DefaultSettings.DefaultInterfaceSettings
// Check if WireGuard interface can be created by the kernel
if !DefaultInterfaceSettings.WireGuard.UserSpace && !wg.KernelModuleExists() {
if !s.WireGuard.UserSpace && !wg.KernelModuleExists() {
logger.Warn("The system does not have kernel support for WireGuard. Falling back to user-space implementation.")
DefaultInterfaceSettings.WireGuard.UserSpace = true
s.WireGuard.UserSpace = true
}
// Set default hostname
if DefaultInterfaceSettings.PeerDisc.Hostname == "" {
if DefaultInterfaceSettings.PeerDisc.Hostname, err = os.Hostname(); err != nil {
if s.PeerDisc.Name == "" {
if s.PeerDisc.Name, err = os.Hostname(); err != nil {
return fmt.Errorf("failed to get hostname: %w", err)
}
}

2
pkg/config/defaults_test.go
View File

@@ -11,6 +11,6 @@ var _ = Context("default", func() {
err := config.InitDefaults()
Expect(err).To(Succeed())
Expect(config.DefaultInterfaceSettings.PeerDisc.Hostname).NotTo(BeEmpty())
Expect(config.DefaultInterfaceSettings.PeerDisc.Name).NotTo(BeEmpty())
})
})

4
pkg/config/map_test.go
View File

@@ -24,13 +24,13 @@ var _ = It("map", func() {
},
},
PeerDisc: config.PeerDiscoverySettings{
Hostname: "test",
Name: "test",
},
},
},
DefaultInterfaceSettings: config.InterfaceSettings{
PeerDisc: config.PeerDiscoverySettings{
Hostname: "test2",
Name: "test2",
},
Hooks: []config.HookSetting{
&config.ExecHookSetting{

2
pkg/config/settings.go
View File

@@ -100,7 +100,7 @@ type HostSyncSettings struct {
type PeerDiscoverySettings struct {
Enabled bool `koanf:"enabled,omitempty"`
Hostname string `koanf:"hostname,omitempty"`
Name string `koanf:"hostname,omitempty"`
Community crypto.KeyPassphrase `koanf:"community,omitempty"`
Networks []net.IPNet `koanf:"networks,omitempty"`
Whitelist []crypto.Key `koanf:"whitelist,omitempty"`

60
pkg/daemon/feature/pdisc/handlers.go
View File

@@ -6,7 +6,6 @@ import (
"github.com/stv0g/cunicu/pkg/core"
"github.com/stv0g/cunicu/pkg/crypto"
"github.com/stv0g/cunicu/pkg/daemon"
pdiscproto "github.com/stv0g/cunicu/pkg/proto/feature/pdisc"
"github.com/stv0g/cunicu/pkg/signaling"
"github.com/stv0g/cunicu/pkg/wg"
@@ -36,7 +35,7 @@ func (pd *Interface) OnInterfaceModified(i *core.Interface, old *wg.Device, m co
func (pd *Interface) OnSignalingMessage(kp *crypto.PublicKeyPair, msg *signaling.Message) {
if msg.Peer != nil {
if i := pd.Daemon.Watcher.InterfaceByPublicKey(kp.Theirs); i != nil {
if i := pd.Daemon.InterfaceByPublicKey(kp.Theirs); i != nil {
// Received our own peer description. Ignoring...
return
}
@@ -47,8 +46,10 @@ func (pd *Interface) OnSignalingMessage(kp *crypto.PublicKeyPair, msg *signaling
}
}
func (pd *Interface) OnPeerDescription(pdisc *pdiscproto.PeerDescription) error {
pk, err := crypto.ParseKeyBytes(pdisc.PublicKey)
func (pd *Interface) OnPeerDescription(d *pdiscproto.PeerDescription) error {
pd.logger.Debug("Received peer description", zap.Any("description", d))
pk, err := crypto.ParseKeyBytes(d.PublicKey)
if err != nil {
return fmt.Errorf("invalid public key: %w", err)
}
@@ -58,65 +59,68 @@ func (pd *Interface) OnPeerDescription(pdisc *pdiscproto.PeerDescription) error
return nil
}
p := pd.Daemon.PeerByPublicKey(&pk)
cp := pd.Peers[pk]
switch pdisc.Change {
switch d.Change {
case pdiscproto.PeerDescriptionChange_PEER_ADD:
if p != nil {
if cp != nil {
pd.logger.Warn("Peer already exists. Updating it instead")
pdisc.Change = pdiscproto.PeerDescriptionChange_PEER_UPDATE
d.Change = pdiscproto.PeerDescriptionChange_PEER_UPDATE
}
case pdiscproto.PeerDescriptionChange_PEER_UPDATE:
if p == nil {
if cp == nil {
pd.logger.Warn("Peer does not exist exists yet. Adding it instead")
pdisc.Change = pdiscproto.PeerDescriptionChange_PEER_ADD
d.Change = pdiscproto.PeerDescriptionChange_PEER_ADD
}
default:
if p == nil {
return fmt.Errorf("cant remove non-existing peer")
if cp == nil {
pd.logger.Warn("Ignoring non-existing peer")
return nil
}
}
cfg := pdisc.Config()
cfg := d.Config()
switch pdisc.Change {
if d.Name != "" {
pd.peerNames[pk] = d.Name
}
switch d.Change {
case pdiscproto.PeerDescriptionChange_PEER_ADD:
if err := pd.AddPeer(&cfg); err != nil {
return fmt.Errorf("failed to add peer: %w", err)
}
case pdiscproto.PeerDescriptionChange_PEER_UPDATE:
if pdisc.PublicKeyNew != nil {
if d.PublicKeyNew != nil {
// Remove old peer
if err := p.Interface.RemovePeer(pk); err != nil {
if err := cp.Interface.RemovePeer(pk); err != nil {
return fmt.Errorf("failed to remove peer: %w", err)
}
// Re-add peer with new public key
if err := p.Interface.AddPeer(&cfg); err != nil {
if err := cp.Interface.AddPeer(&cfg); err != nil {
return fmt.Errorf("failed to add peer: %w", err)
}
} else {
if err := p.Interface.UpdatePeer(&cfg); err != nil {
if err := cp.Interface.UpdatePeer(&cfg); err != nil {
return fmt.Errorf("failed to remove peer: %w", err)
}
}
case pdiscproto.PeerDescriptionChange_PEER_REMOVE:
if err := p.Interface.RemovePeer(pk); err != nil {
if err := cp.Interface.RemovePeer(pk); err != nil {
return fmt.Errorf("failed to remove peer: %w", err)
}
}
// Re-announce ourself in case this is a new peer we did not knew already
if p == nil {
// TODO: Check if delay is really necessary
if cp == nil {
// TODO: Fix the race which requires the delay
time.AfterFunc(1*time.Second, func() {
if err := pd.Daemon.ForEachInterface(func(i *daemon.Interface) error {
return pd.sendPeerDescription(pdiscproto.PeerDescriptionChange_PEER_ADD, nil)
}); err != nil {
if err := pd.sendPeerDescription(pdiscproto.PeerDescriptionChange_PEER_ADD, nil); err != nil {
pd.logger.Error("Failed to send peer description", zap.Error(err))
}
})
@@ -124,3 +128,11 @@ func (pd *Interface) OnPeerDescription(pdisc *pdiscproto.PeerDescription) error
return nil
}
func (pd *Interface) OnPeerAdded(p *core.Peer) {
if name, ok := pd.peerNames[p.PublicKey()]; ok {
p.Name = name
}
}
func (pd *Interface) OnPeerRemoved(p *core.Peer) {}

15
pkg/daemon/feature/pdisc/pdisc.go
View File

@@ -27,7 +27,8 @@ func init() {
type Interface struct {
*daemon.Interface
peerMap map[crypto.Key]bool
peerFilter map[crypto.Key]bool
peerNames map[crypto.Key]string
logger *zap.Logger
}
@@ -39,16 +40,17 @@ func New(i *daemon.Interface) (daemon.Feature, error) {
pd := &Interface{
Interface: i,
peerMap: map[crypto.Key]bool{},
peerFilter: map[crypto.Key]bool{},
peerNames: map[crypto.Key]string{},
logger: zap.L().Named("pdisc").With(zap.String("intf", i.Name())),
}
for _, k := range pd.Settings.PeerDisc.Whitelist {
pd.peerMap[crypto.Key(k)] = true
pd.peerFilter[crypto.Key(k)] = true
}
for _, k := range pd.Settings.PeerDisc.Blacklist {
pd.peerMap[crypto.Key(k)] = false
pd.peerFilter[crypto.Key(k)] = false
}
// Avoid sending a peer description if the interface does not have a private key yet
@@ -59,6 +61,7 @@ func New(i *daemon.Interface) (daemon.Feature, error) {
}
i.OnModified(pd)
i.OnPeer(pd)
return pd, nil
}
@@ -115,7 +118,7 @@ func (pd *Interface) sendPeerDescription(chg pdiscproto.PeerDescriptionChange, p
d := &pdiscproto.PeerDescription{
Change: chg,
Hostname: pd.Settings.PeerDisc.Hostname,
Name: pd.Settings.PeerDisc.Name,
AllowedIps: allowedIPsStrs,
BuildInfo: buildinfo.BuildInfo(),
}
@@ -150,7 +153,7 @@ func (pd *Interface) sendPeerDescription(chg pdiscproto.PeerDescriptionChange, p
}
func (pd *Interface) isAccepted(pk crypto.Key) bool {
if verdict, ok := pd.peerMap[pk]; ok {
if verdict, ok := pd.peerFilter[pk]; ok {
return verdict
}

48
pkg/proto/feature/pdisc/pdisc.pb.go
View File

@@ -78,7 +78,7 @@ type PeerDescription struct {
Change PeerDescriptionChange `protobuf:"varint,1,opt,name=change,proto3,enum=cunicu.pdisc.PeerDescriptionChange" json:"change,omitempty"`
// Hostname of the node
Hostname string `protobuf:"bytes,2,opt,name=hostname,proto3" json:"hostname,omitempty"`
Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
// Public WireGuard Curve25519 key
PublicKey []byte `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
// A new public WireGuard Curve25519 key
@@ -129,9 +129,9 @@ func (x *PeerDescription) GetChange() PeerDescriptionChange {
return PeerDescriptionChange_PEER_ADD
}
func (x *PeerDescription) GetHostname() string {
func (x *PeerDescription) GetName() string {
if x != nil {
return x.Hostname
return x.Name
}
return ""
}
@@ -170,31 +170,31 @@ var file_feature_pdisc_proto_rawDesc = []byte{
0x0a, 0x13, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x70, 0x64, 0x69, 0x73, 0x63, 0x2e,
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x63, 0x75, 0x6e, 0x69, 0x63, 0x75, 0x2e, 0x70, 0x64,
0x69, 0x73, 0x63, 0x1a, 0x0c, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x22, 0x82, 0x02, 0x0a, 0x0f, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
0x6f, 0x22, 0xfa, 0x01, 0x0a, 0x0f, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x3b, 0x0a, 0x06, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x18,
0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x63, 0x75, 0x6e, 0x69, 0x63, 0x75, 0x2e, 0x70,
0x64, 0x69, 0x73, 0x63, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
0x74, 0x69, 0x6f, 0x6e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x06, 0x63, 0x68, 0x61, 0x6e,
0x67, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02,
0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d,
0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01,
0x28, 0x0c, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x24, 0x0a,
0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6e, 0x65, 0x77, 0x18,
0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79,
0x4e, 0x65, 0x77, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x69,
0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
0x64, 0x49, 0x70, 0x73, 0x12, 0x30, 0x0a, 0x0a, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x5f, 0x69, 0x6e,
0x66, 0x6f, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x63, 0x75, 0x6e, 0x69, 0x63,
0x75, 0x2e, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x09, 0x62, 0x75, 0x69,
0x6c, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x2a, 0x47, 0x0a, 0x15, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65,
0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x12,
0x0c, 0x0a, 0x08, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x41, 0x44, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a,
0x0b, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x52, 0x45, 0x4d, 0x4f, 0x56, 0x45, 0x10, 0x01, 0x12, 0x0f,
0x0a, 0x0b, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x55, 0x50, 0x44, 0x41, 0x54, 0x45, 0x10, 0x02, 0x42,
0x31, 0x5a, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x74,
0x76, 0x30, 0x67, 0x2f, 0x63, 0x75, 0x6e, 0x69, 0x63, 0x75, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70,
0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x70, 0x64, 0x69,
0x73, 0x63, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x67, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63,
0x5f, 0x6b, 0x65, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c,
0x69, 0x63, 0x4b, 0x65, 0x79, 0x12, 0x24, 0x0a, 0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f,
0x6b, 0x65, 0x79, 0x5f, 0x6e, 0x65, 0x77, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x70,
0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x4e, 0x65, 0x77, 0x12, 0x1f, 0x0a, 0x0b, 0x61,
0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x69, 0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09,
0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x49, 0x70, 0x73, 0x12, 0x30, 0x0a, 0x0a,
0x62, 0x75, 0x69, 0x6c, 0x64, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b,
0x32, 0x11, 0x2e, 0x63, 0x75, 0x6e, 0x69, 0x63, 0x75, 0x2e, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x49,
0x6e, 0x66, 0x6f, 0x52, 0x09, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x49, 0x6e, 0x66, 0x6f, 0x2a, 0x47,
0x0a, 0x15, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f,
0x6e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x0c, 0x0a, 0x08, 0x50, 0x45, 0x45, 0x52, 0x5f,
0x41, 0x44, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x52, 0x45,
0x4d, 0x4f, 0x56, 0x45, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x55,
0x50, 0x44, 0x41, 0x54, 0x45, 0x10, 0x02, 0x42, 0x31, 0x5a, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75,
0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x74, 0x76, 0x30, 0x67, 0x2f, 0x63, 0x75, 0x6e, 0x69,
0x63, 0x75, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x66, 0x65, 0x61,
0x74, 0x75, 0x72, 0x65, 0x2f, 0x70, 0x64, 0x69, 0x73, 0x63, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
0x6f, 0x33,
}
var (

2
proto/feature/pdisc.proto
View File

@@ -16,7 +16,7 @@ message PeerDescription {
PeerDescriptionChange change = 1;
// Hostname of the node
string hostname = 2;
string name = 2;
// Public WireGuard Curve25519 key
bytes public_key = 3;