void/amneziawg-tools
2
0
Fork 0
mirror of https://github.com/amnezia-vpn/amneziawg-tools.git synced 2025-08-02 01:22:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: rename advanced security to awg
Some checks failed
Linux / Build for Ubuntu (push) Has been cancelled
Details
Linux / Build for Alpine (push) Has been cancelled
Details
Windows / Build for Windows (push) Has been cancelled
Details
Linux / GitHub Release (push) Has been cancelled
Details
Windows / GitHub Release (push) Has been cancelled
Details

Browse source
This commit is contained in:
Mark Puha 2025-07-18 05:09:12 +02:00
parent 4b25e43d67
commit 430e39aaf9
10 changed files with 54 additions and 115 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
contrib/embeddable-wg-library/wireguard.c
View file

@ -74,8 +74,7 @@ enum wgdevice_attribute {
enum wgpeer_flag { enum wgpeer_flag {
WGPEER_F_REMOVE_ME = 1U << 0, WGPEER_F_REMOVE_ME = 1U << 0,
WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1, WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1,
WGPEER_F_HAS_ADVANCED_SECURITY = 1U << 3, WGPEER_F_HAS_AWG = 1U << 3
WGPEER_F_HAS_SPECIAL_HANDSHAKE = 1U << 4
}; };
enum wgpeer_attribute { enum wgpeer_attribute {
WGPEER_A_UNSPEC, WGPEER_A_UNSPEC,
@ -89,8 +88,7 @@ enum wgpeer_attribute {
WGPEER_A_TX_BYTES, WGPEER_A_TX_BYTES,
WGPEER_A_ALLOWEDIPS, WGPEER_A_ALLOWEDIPS,
WGPEER_A_PROTOCOL_VERSION, WGPEER_A_PROTOCOL_VERSION,
WGPEER_A_ADVANCED_SECURITY, WGPEER_A_AWG,
WGPEER_A_SPECIAL_HANDSHAKE,
__WGPEER_A_LAST __WGPEER_A_LAST
}; };

5
contrib/peer-approver/approve.sh
View file

@ -4,8 +4,7 @@ ACCOUNTS_FILE=$1
INTERFACE_NAME=$2 INTERFACE_NAME=$2
PUBLIC_KEY=$3 PUBLIC_KEY=$3
ENDPOINT=$4 ENDPOINT=$4
ADVANCED_SECURITY=$5 AWG=$5
SPECIAL_HANDSHAKE=$6
ACCOUNT_STR=`grep "${PUBLIC_KEY}" "${ACCOUNTS_FILE}"` ACCOUNT_STR=`grep "${PUBLIC_KEY}" "${ACCOUNTS_FILE}"`
@ -20,7 +19,7 @@ PSK=$(echo ${ACCOUNT[2]}|tr -d '"')
PSK_FILE=$(tempfile) PSK_FILE=$(tempfile)
echo "${PSK}" > "${PSK_FILE}" echo "${PSK}" > "${PSK_FILE}"
awg set "${INTERFACE_NAME}" peer "${PUBLIC_KEY}" allowed-ips "${ALLOWED_IPS}" endpoint "${ENDPOINT}" allowed-ips "${ALLOWED_IPS}" preshared-key "${PSK_FILE}" advanced-security "${ADVANCED_SECURITY}" special-handshake "${SPECIAL_HANDSHAKE}" awg set "${INTERFACE_NAME}" peer "${PUBLIC_KEY}" allowed-ips "${ALLOWED_IPS}" endpoint "${ENDPOINT}" allowed-ips "${ALLOWED_IPS}" preshared-key "${PSK_FILE}" awg "${AWG}"
EXIT_CODE=$? EXIT_CODE=$?
rm -f "{$PSK_FILE}" rm -f "{$PSK_FILE}"

25
contrib/peer-approver/notification-listener.c
View file

@ -116,19 +116,18 @@ static int get_endpoint(struct nlattr *peer[], char **endpoint_ip)
return 0; return 0;
} }
static int run_callback(char *ifname, char *pubkey, char *endpoint_ip, bool advanced_security, bool special_handshake) static int run_callback(char *ifname, char *pubkey, char *endpoint_ip, bool is_awg)
{ {
char** new_argv = malloc((cb_argc + 2) * sizeof *new_argv); char** new_argv = malloc((cb_argc + 2) * sizeof *new_argv);
new_argv[0] = cb_argv[1]; new_argv[0] = cb_argv[1];
for (int i = 2; i < cb_argc - 4; i++) { for (int i = 2; i < cb_argc - 3; i++) {
new_argv[i - 1] = cb_argv[i]; new_argv[i - 1] = cb_argv[i];
} }
new_argv[cb_argc - 5] = ifname; new_argv[cb_argc - 4] = ifname;
new_argv[cb_argc - 4] = pubkey; new_argv[cb_argc - 3] = pubkey;
new_argv[cb_argc - 3] = endpoint_ip; new_argv[cb_argc - 2] = endpoint_ip;
new_argv[cb_argc - 2] = (advanced_security ? "on\0" : "off\0"); new_argv[cb_argc - 1] = (is_awg ? "on\0" : "off\0");
new_argv[cb_argc - 1] = (special_handshake ? "on\0" : "off\0");
new_argv[cb_argc] = NULL; new_argv[cb_argc] = NULL;
int child_pid = fork(), ret; int child_pid = fork(), ret;
@ -156,8 +155,7 @@ static int netlink_callback(struct nl_msg *msg, void *arg)
nla_parse(tb, WGDEVICE_A_MAX, genlmsg_attrdata(gnlh, 0), genlmsg_attrlen(gnlh, 0), NULL); nla_parse(tb, WGDEVICE_A_MAX, genlmsg_attrdata(gnlh, 0), genlmsg_attrlen(gnlh, 0), NULL);
char *ifname, *pubkey, *endpoint_ip; char *ifname, *pubkey, *endpoint_ip;
bool advanced_security = false; bool is_awg = false;
bool special_handshake = false;
int cb_ret; int cb_ret;
switch (gnlh->cmd) { switch (gnlh->cmd) {
@ -178,13 +176,10 @@ static int netlink_callback(struct nl_msg *msg, void *arg)
prerr("invalid endpoint!\n"); prerr("invalid endpoint!\n");
return NL_SKIP; return NL_SKIP;
} }
if (nla_get_flag(peer[WGPEER_A_ADVANCED_SECURITY])) { if (nla_get_flag(peer[WGPEER_A_AWG])) {
advanced_security = true; is_awg = true;
} }
if (nla_get_flag(peer[WGPEER_A_SPECIAL_HANDSHAKE])) { if (cb_ret = run_callback(ifname, pubkey, endpoint_ip, is_awg)) {
special_handshake = true;
}
if (cb_ret = run_callback(ifname, pubkey, endpoint_ip, advanced_security, special_handshake)) {
prerr("failed to execute callback script: %d!\n", cb_ret); prerr("failed to execute callback script: %d!\n", cb_ret);
return NL_SKIP; return NL_SKIP;
} }

22
src/config.c
View file

@ -425,8 +425,8 @@ static inline bool parse_awg_string(char **device_value, const char *name, const
return true; return true;
} }
if (len >= MAX_AWG_JUNK_LEN) { if (len >= MAX_AWG_STRING_LEN) {
fprintf(stderr, "Unable to process string for: %s; longer than: %d\n", name, MAX_AWG_JUNK_LEN); fprintf(stderr, "Unable to process string for: %s; longer than: %d\n", name, MAX_AWG_STRING_LEN);
return false; return false;
} }
*device_value = strdup(value); *device_value = strdup(value);
@ -645,13 +645,9 @@ static bool process_line(struct config_ctx *ctx, const char *line)
if (ret) if (ret)
ctx->last_peer->flags |= WGPEER_HAS_PRESHARED_KEY; ctx->last_peer->flags |= WGPEER_HAS_PRESHARED_KEY;
} else if (key_match("AdvancedSecurity")) { } else if (key_match("AdvancedSecurity")) {
ret = parse_bool(&ctx->last_peer->advanced_security, "AdvancedSecurity", value); ret = parse_bool(&ctx->last_peer->awg, "AdvancedSecurity", value);
if (ret) if (ret)
ctx->last_peer->flags |= WGPEER_HAS_ADVANCED_SECURITY; ctx->last_peer->flags |= WGPEER_HAS_AWG;
} else if (key_match("SpecialHandshake")) {
ret = parse_bool(&ctx->last_peer->special_handshake, "SpecialHandshake", value);
if (ret)
ctx->last_peer->flags |= WGPEER_HAS_SPECIAL_HANDSHAKE;
} else } else
goto error; goto error;
} else } else
@ -1017,15 +1013,9 @@ struct wgdevice *config_read_cmd(const char *argv[], int argc)
argv += 2; argv += 2;
argc -= 2; argc -= 2;
} else if (!strcmp(argv[0], "advanced-security") && argc >= 2 && peer) { } else if (!strcmp(argv[0], "advanced-security") && argc >= 2 && peer) {
if (!parse_bool(&peer->advanced_security, "AdvancedSecurity", argv[1])) if (!parse_bool(&peer->awg, "AdvancedSecurity", argv[1]))
goto error; goto error;
peer->flags |= WGPEER_HAS_ADVANCED_SECURITY; peer->flags |= WGPEER_HAS_AWG;
argv += 2;
argc -= 2;
} else if (!strcmp(argv[0], "special-handshake") && argc >= 2 && peer) {
if (!parse_bool(&peer->special_handshake, "SpecialHandshake", argv[1]))
goto error;
peer->flags |= WGPEER_HAS_SPECIAL_HANDSHAKE;
argv += 2; argv += 2;
argc -= 2; argc -= 2;
} else { } else {

10
src/containers.h
View file

@ -23,8 +23,8 @@
#define WG_KEY_LEN 32 #define WG_KEY_LEN 32
#endif #endif
#ifndef MAX_AWG_JUNK_LEN #ifndef MAX_AWG_STRING_LEN
#define MAX_AWG_JUNK_LEN 5 * 1024 #define MAX_AWG_STRING_LEN 5 * 1024
#endif #endif
/* Cross platform __kernel_timespec */ /* Cross platform __kernel_timespec */
@ -49,8 +49,7 @@ enum {
WGPEER_HAS_PUBLIC_KEY = 1U << 2, WGPEER_HAS_PUBLIC_KEY = 1U << 2,
WGPEER_HAS_PRESHARED_KEY = 1U << 3, WGPEER_HAS_PRESHARED_KEY = 1U << 3,
WGPEER_HAS_PERSISTENT_KEEPALIVE_INTERVAL = 1U << 4, WGPEER_HAS_PERSISTENT_KEEPALIVE_INTERVAL = 1U << 4,
WGPEER_HAS_ADVANCED_SECURITY = 1U << 5, WGPEER_HAS_AWG = 1U << 5
WGPEER_HAS_SPECIAL_HANDSHAKE = 1U << 6
}; };
struct wgpeer { struct wgpeer {
@ -69,8 +68,7 @@ struct wgpeer {
uint64_t rx_bytes, tx_bytes; uint64_t rx_bytes, tx_bytes;
uint16_t persistent_keepalive_interval; uint16_t persistent_keepalive_interval;
bool advanced_security; bool awg;
bool special_handshake;
struct wgallowedip *first_allowedip, *last_allowedip; struct wgallowedip *first_allowedip, *last_allowedip;
struct wgpeer *next_peer; struct wgpeer *next_peer;

24
src/ipc-freebsd.h
View file

@ -142,7 +142,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
} }
if (nvlist_exists_number(nvl_device, "h1")) { if (nvlist_exists_number(nvl_device, "h1")) {
binary = nvlist_get_binary(nvl_device, "h1", &size); binary = nvlist_get_binary(nvl_device, "h1", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->init_packet_magic_header = strdup((const char*)binary); dev->init_packet_magic_header = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_H1; dev->flags |= WGDEVICE_HAS_H1;
@ -150,7 +150,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
} }
if (nvlist_exists_number(nvl_device, "h2")) { if (nvlist_exists_number(nvl_device, "h2")) {
binary = nvlist_get_binary(nvl_device, "h2", &size); binary = nvlist_get_binary(nvl_device, "h2", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->response_packet_magic_header = strdup((const char*)binary); dev->response_packet_magic_header = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_H2; dev->flags |= WGDEVICE_HAS_H2;
@ -158,7 +158,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
} }
if (nvlist_exists_number(nvl_device, "h3")) { if (nvlist_exists_number(nvl_device, "h3")) {
binary = nvlist_get_binary(nvl_device, "h3", &size); binary = nvlist_get_binary(nvl_device, "h3", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->underload_packet_magic_header = strdup((const char*)binary); dev->underload_packet_magic_header = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_H3; dev->flags |= WGDEVICE_HAS_H3;
@ -166,7 +166,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
} }
if (nvlist_exists_number(nvl_device, "h4")) { if (nvlist_exists_number(nvl_device, "h4")) {
binary = nvlist_get_binary(nvl_device, "h4", &size); binary = nvlist_get_binary(nvl_device, "h4", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->transport_packet_magic_header = strdup((const char*)binary); dev->transport_packet_magic_header = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_H4; dev->flags |= WGDEVICE_HAS_H4;
@ -175,7 +175,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "i1")) if (nvlist_exists_binary(nvl_device, "i1"))
{ {
binary = nvlist_get_binary(nvl_device, "i1", &size); binary = nvlist_get_binary(nvl_device, "i1", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->i1 = strdup((const char*)binary); dev->i1 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_I1; dev->flags |= WGDEVICE_HAS_I1;
@ -184,7 +184,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "i2")) if (nvlist_exists_binary(nvl_device, "i2"))
{ {
binary = nvlist_get_binary(nvl_device, "i2", &size); binary = nvlist_get_binary(nvl_device, "i2", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->i2 = strdup((const char*)binary); dev->i2 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_I2; dev->flags |= WGDEVICE_HAS_I2;
@ -193,7 +193,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "i3")) if (nvlist_exists_binary(nvl_device, "i3"))
{ {
binary = nvlist_get_binary(nvl_device, "i3", &size); binary = nvlist_get_binary(nvl_device, "i3", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->i3 = strdup((const char*)binary); dev->i3 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_I3; dev->flags |= WGDEVICE_HAS_I3;
@ -202,7 +202,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "i4")) if (nvlist_exists_binary(nvl_device, "i4"))
{ {
binary = nvlist_get_binary(nvl_device, "i4", &size); binary = nvlist_get_binary(nvl_device, "i4", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->i4 = strdup((const char*)binary); dev->i4 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_I4; dev->flags |= WGDEVICE_HAS_I4;
@ -211,7 +211,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "i5")) if (nvlist_exists_binary(nvl_device, "i5"))
{ {
binary = nvlist_get_binary(nvl_device, "i5", &size); binary = nvlist_get_binary(nvl_device, "i5", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->i5 = strdup((const char*)binary); dev->i5 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_I5; dev->flags |= WGDEVICE_HAS_I5;
@ -220,7 +220,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "j1")) if (nvlist_exists_binary(nvl_device, "j1"))
{ {
binary = nvlist_get_binary(nvl_device, "j1", &size); binary = nvlist_get_binary(nvl_device, "j1", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->j1 = strdup((const char*)binary); dev->j1 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_J1; dev->flags |= WGDEVICE_HAS_J1;
@ -229,7 +229,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "j2")) if (nvlist_exists_binary(nvl_device, "j2"))
{ {
binary = nvlist_get_binary(nvl_device, "j2", &size); binary = nvlist_get_binary(nvl_device, "j2", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->j2 = strdup((const char*)binary); dev->j2 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_J2; dev->flags |= WGDEVICE_HAS_J2;
@ -238,7 +238,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
if (nvlist_exists_binary(nvl_device, "j3")) if (nvlist_exists_binary(nvl_device, "j3"))
{ {
binary = nvlist_get_binary(nvl_device, "j3", &size); binary = nvlist_get_binary(nvl_device, "j3", &size);
if (binary && size < MAX_AWG_JUNK_LEN) if (binary && size < MAX_AWG_STRING_LEN)
{ {
dev->j3 = strdup((const char*)binary); dev->j3 = strdup((const char*)binary);
dev->flags |= WGDEVICE_HAS_J3; dev->flags |= WGDEVICE_HAS_J3;

47
src/ipc-linux.h
View file

@ -243,17 +243,10 @@ again:
goto toobig_peers; goto toobig_peers;
} }
} }
if (peer->flags & WGPEER_HAS_ADVANCED_SECURITY) { if (peer->flags & WGPEER_HAS_AWG) {
if (peer->advanced_security) if (peer->awg)
mnl_attr_put_check(nlh, SOCKET_BUFFER_SIZE, WGPEER_A_ADVANCED_SECURITY, 0, NULL); mnl_attr_put_check(nlh, SOCKET_BUFFER_SIZE, WGPEER_A_AWG, 0, NULL);
flags |= WGPEER_F_HAS_ADVANCED_SECURITY; flags |= WGPEER_F_HAS_AWG;
}
if (peer->flags & WGPEER_HAS_SPECIAL_HANDSHAKE)
{
if (peer->special_handshake)
mnl_attr_put_check(
nlh, SOCKET_BUFFER_SIZE, WGPEER_A_SPECIAL_HANDSHAKE, 0, NULL);
flags |= WGPEER_F_HAS_SPECIAL_HANDSHAKE;
} }
if (flags) { if (flags) {
if (!mnl_attr_put_u32_check(nlh, SOCKET_BUFFER_SIZE, WGPEER_A_FLAGS, flags)) if (!mnl_attr_put_u32_check(nlh, SOCKET_BUFFER_SIZE, WGPEER_A_FLAGS, flags))
@ -427,36 +420,18 @@ static int parse_peer(const struct nlattr *attr, void *data)
if (!mnl_attr_validate(attr, MNL_TYPE_U32)) { if (!mnl_attr_validate(attr, MNL_TYPE_U32)) {
uint32_t flags = mnl_attr_get_u32(attr); uint32_t flags = mnl_attr_get_u32(attr);
if (flags & WGPEER_F_HAS_ADVANCED_SECURITY && !(peer->flags & WGPEER_HAS_ADVANCED_SECURITY)) { if (flags & WGPEER_F_HAS_AWG && !(peer->flags & WGPEER_HAS_AWG)) {
peer->flags |= WGPEER_HAS_ADVANCED_SECURITY; peer->flags |= WGPEER_HAS_AWG;
peer->advanced_security = false; peer->awg = false;
}
if (
flags & WGPEER_F_HAS_SPECIAL_HANDSHAKE &&
!(peer->flags & WGPEER_HAS_SPECIAL_HANDSHAKE))
{
peer->flags |= WGPEER_HAS_SPECIAL_HANDSHAKE;
peer->special_handshake = false;
} }
} }
break; break;
case WGPEER_A_ADVANCED_SECURITY: case WGPEER_A_AWG:
if (!mnl_attr_validate(attr, MNL_TYPE_FLAG)) { if (!mnl_attr_validate(attr, MNL_TYPE_FLAG)) {
peer->advanced_security = true; peer->awg = true;
if (!(peer->flags & WGPEER_HAS_ADVANCED_SECURITY)) { if (!(peer->flags & WGPEER_HAS_AWG)) {
peer->flags |= WGPEER_HAS_ADVANCED_SECURITY; peer->flags |= WGPEER_HAS_AWG;
}
}
break;
case WGPEER_A_SPECIAL_HANDSHAKE:
if (!mnl_attr_validate(attr, MNL_TYPE_FLAG))
{
peer->special_handshake = true;
if (!(peer->flags & WGPEER_HAS_SPECIAL_HANDSHAKE))
{
peer->flags |= WGPEER_HAS_SPECIAL_HANDSHAKE;
} }
} }
break; break;

7
src/ipc-uapi.h
View file

@ -96,12 +96,7 @@ static int userspace_set_device(struct wgdevice *dev)
for_each_wgpeer(dev, peer) { for_each_wgpeer(dev, peer) {
key_to_hex(hex, peer->public_key); key_to_hex(hex, peer->public_key);
fprintf(f, "public_key=%s\n", hex); fprintf(f, "public_key=%s\n", hex);
if (peer->flags & WGPEER_HAS_ADVANCED_SECURITY) { if (peer->flags & WGPEER_HAS_AWG) {
ret = -EINVAL;
goto out;
}
if (peer->flags & WGPEER_HAS_SPECIAL_HANDSHAKE)
{
ret = -EINVAL; ret = -EINVAL;
goto out; goto out;
} }

7
src/showconf.c
View file

@ -95,11 +95,8 @@ int showconf_main(int argc, const char *argv[])
key_to_base64(base64, peer->preshared_key); key_to_base64(base64, peer->preshared_key);
printf("PresharedKey = %s\n", base64); printf("PresharedKey = %s\n", base64);
} }
if (peer->flags & WGPEER_HAS_ADVANCED_SECURITY) { if (peer->flags & WGPEER_HAS_AWG) {
printf("AdvancedSecurity = %s\n", peer->advanced_security ? "on" : "off"); printf("AdvancedSecurity = %s\n", peer->awg ? "on" : "off");
}
if (peer->flags & WGPEER_HAS_SPECIAL_HANDSHAKE) {
printf("SpecialHandshake = %s\n", peer->special_handshake ? "on" : "off");
} }
if (peer->first_allowedip) if (peer->first_allowedip)
printf("AllowedIPs = "); printf("AllowedIPs = ");

16
src/uapi/linux/linux/wireguard.h
View file

@ -111,10 +111,7 @@
* most recent protocol will be used when * most recent protocol will be used when
* this is unset. Otherwise, must be set * this is unset. Otherwise, must be set
* to 1. * to 1.
* WGPEER_A_ADVANCED_SECURITY: flag indicating that advanced security * WGPEER_A_AWG: flag indicating that advanced security
* techniques provided by AmneziaWG should
* be used.
* WGPEER_A_SPECIAL_HANDSHAKE: flag indicating that special handshake
* techniques provided by AmneziaWG should * techniques provided by AmneziaWG should
* be used. * be used.
* 0: NLA_NESTED * 0: NLA_NESTED
@ -147,10 +144,7 @@
* WGDEVICE_A_PEER: NLA_NESTED * WGDEVICE_A_PEER: NLA_NESTED
* WGPEER_A_PUBLIC_KEY: NLA_EXACT_LEN, len WG_KEY_LEN * WGPEER_A_PUBLIC_KEY: NLA_EXACT_LEN, len WG_KEY_LEN
* WGPEER_A_ENDPOINT: NLA_MIN_LEN(struct sockaddr), struct sockaddr_in or struct sockaddr_in6 * WGPEER_A_ENDPOINT: NLA_MIN_LEN(struct sockaddr), struct sockaddr_in or struct sockaddr_in6
* WGPEER_A_ADVANCED_SECURITY: flag indicating that advanced security * WGPEER_A_AWG: flag indicating that advanced security
* techniques provided by AmneziaWG should
* be used.
* WGPEER_A_SPECIAL_HANDSHAKE: flag indicating that special handshake
* techniques provided by AmneziaWG should * techniques provided by AmneziaWG should
* be used. * be used.
* *
@ -217,8 +211,7 @@ enum wgpeer_flag {
WGPEER_F_REMOVE_ME = 1U << 0, WGPEER_F_REMOVE_ME = 1U << 0,
WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1, WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1,
WGPEER_F_UPDATE_ONLY = 1U << 2, WGPEER_F_UPDATE_ONLY = 1U << 2,
WGPEER_F_HAS_ADVANCED_SECURITY = 1U << 3, WGPEER_F_HAS_AWG = 1U << 3,
WGPEER_F_HAS_SPECIAL_HANDSHAKE = 1U << 4,
__WGPEER_F_ALL = WGPEER_F_REMOVE_ME | WGPEER_F_REPLACE_ALLOWEDIPS | __WGPEER_F_ALL = WGPEER_F_REMOVE_ME | WGPEER_F_REPLACE_ALLOWEDIPS |
WGPEER_F_UPDATE_ONLY WGPEER_F_UPDATE_ONLY
}; };
@ -234,8 +227,7 @@ enum wgpeer_attribute {
WGPEER_A_TX_BYTES, WGPEER_A_TX_BYTES,
WGPEER_A_ALLOWEDIPS, WGPEER_A_ALLOWEDIPS,
WGPEER_A_PROTOCOL_VERSION, WGPEER_A_PROTOCOL_VERSION,
WGPEER_A_ADVANCED_SECURITY, WGPEER_A_AWG,
WGPEER_A_SPECIAL_HANDSHAKE,
__WGPEER_A_LAST __WGPEER_A_LAST
}; };
#define WGPEER_A_MAX (__WGPEER_A_LAST - 1) #define WGPEER_A_MAX (__WGPEER_A_LAST - 1)