From 56ac8740b79e291eabe6427d722921533b3a9837 Mon Sep 17 00:00:00 2001 From: diogo464 Date: Sun, 15 Feb 2026 22:05:57 +0000 Subject: updated dependencies --- src/setup.rs | 108 +++++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 75 insertions(+), 33 deletions(-) (limited to 'src/setup.rs') diff --git a/src/setup.rs b/src/setup.rs index e7d454c..c36772f 100644 --- a/src/setup.rs +++ b/src/setup.rs @@ -2,13 +2,46 @@ use std::net::{IpAddr, SocketAddr}; use ipnet::IpNet; use netlink_packet_wireguard::{ - constants::{AF_INET, AF_INET6, WGDEVICE_F_REPLACE_PEERS, WGPEER_F_REPLACE_ALLOWEDIPS}, - nlas::{WgAllowedIp, WgAllowedIpAttrs, WgDeviceAttrs, WgPeer, WgPeerAttrs}, - Wireguard, WireguardCmd, + WireguardAddressFamily, WireguardAllowedIp, WireguardAllowedIpAttr, WireguardAttribute, + WireguardCmd, WireguardMessage, WireguardPeer, WireguardPeerAttribute, }; use super::Key; +#[allow(unused)] +mod constants { + // this is copy pasted from the netlink_packet_wireguard's constants module because for some reason + // they stopped exposing constants in commit 3067a394fc7bc28fadbed5359c44cce95aac0f13 + pub const WGDEVICE_F_REPLACE_PEERS: u32 = 1 << 0; + + pub const WGPEER_F_REMOVE_ME: u32 = 1 << 0; + pub const WGPEER_F_REPLACE_ALLOWEDIPS: u32 = 1 << 1; + pub const WGPEER_F_UPDATE_ONLY: u32 = 1 << 2; + + pub const WGPEER_A_UNSPEC: u16 = 0; + pub const WGPEER_A_PUBLIC_KEY: u16 = 1; + pub const WGPEER_A_PRESHARED_KEY: u16 = 2; + pub const WGPEER_A_FLAGS: u16 = 3; + pub const WGPEER_A_ENDPOINT: u16 = 4; + pub const WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL: u16 = 5; + pub const WGPEER_A_LAST_HANDSHAKE_TIME: u16 = 6; + pub const WGPEER_A_RX_BYTES: u16 = 7; + pub const WGPEER_A_TX_BYTES: u16 = 8; + pub const WGPEER_A_ALLOWEDIPS: u16 = 9; + pub const WGPEER_A_PROTOCOL_VERSION: u16 = 10; + + pub const WGALLOWEDIP_A_UNSPEC: u16 = 0; + pub const WGALLOWEDIP_A_FAMILY: u16 = 1; + pub const WGALLOWEDIP_A_IPADDR: u16 = 2; + pub const WGALLOWEDIP_A_CIDR_MASK: u16 = 3; + + pub const AF_INET6: u16 = 10; + pub const AF_INET: u16 = 2; +} + +#[allow(unused)] +pub(crate) use constants::*; + #[derive(Debug)] pub struct PeerDescriptor { pub(super) public_key: Key, @@ -87,20 +120,25 @@ impl PeerDescriptor { self } - pub(super) fn into_wireguard(self) -> WgPeer { - let mut nlas = Vec::new(); - nlas.push(WgPeerAttrs::PublicKey(self.public_key.into_array())); - nlas.extend( + pub(super) fn into_wireguard(self) -> WireguardPeer { + let mut attributes = Vec::new(); + attributes.push(WireguardPeerAttribute::PublicKey( + self.public_key.into_array(), + )); + attributes.extend( self.preshared_key - .map(|key| WgPeerAttrs::PresharedKey(key.into_array())), + .map(|key| WireguardPeerAttribute::PresharedKey(key.into_array())), ); - nlas.extend(self.endpoint.map(WgPeerAttrs::Endpoint)); - nlas.extend(self.keepalive.map(WgPeerAttrs::PersistentKeepalive)); - nlas.extend(self.allowed_ips.map(|allowed_ips| { - WgPeerAttrs::AllowedIps(allowed_ips.into_iter().map(ipnet_to_wg).collect()) + attributes.extend(self.endpoint.map(WireguardPeerAttribute::Endpoint)); + attributes.extend( + self.keepalive + .map(WireguardPeerAttribute::PersistentKeepalive), + ); + attributes.extend(self.allowed_ips.map(|allowed_ips| { + WireguardPeerAttribute::AllowedIps(allowed_ips.into_iter().map(ipnet_to_wg).collect()) })); - nlas.push(WgPeerAttrs::Flags(WGPEER_F_REPLACE_ALLOWEDIPS)); - WgPeer(nlas) + attributes.push(WireguardPeerAttribute::Flags(WGPEER_F_REPLACE_ALLOWEDIPS)); + WireguardPeer(attributes) } } @@ -174,39 +212,43 @@ impl DeviceDescriptor { self } - pub(super) fn into_wireguard(self, device_name: String) -> Wireguard { - let mut nlas = Vec::new(); - nlas.push(WgDeviceAttrs::IfName(device_name)); - nlas.extend( + pub(super) fn into_wireguard(self, device_name: String) -> WireguardMessage { + let mut attributes = Vec::new(); + attributes.push(WireguardAttribute::IfName(device_name)); + attributes.extend( self.private_key - .map(|key| WgDeviceAttrs::PrivateKey(key.into_array())), + .map(|key| WireguardAttribute::PrivateKey(key.into_array())), ); - nlas.extend(self.listen_port.map(WgDeviceAttrs::ListenPort)); - nlas.extend(self.fwmark.map(WgDeviceAttrs::Fwmark)); - nlas.extend(self.peers.map(|peers| { - WgDeviceAttrs::Peers( + attributes.extend(self.listen_port.map(WireguardAttribute::ListenPort)); + attributes.extend(self.fwmark.map(WireguardAttribute::Fwmark)); + attributes.extend(self.peers.map(|peers| { + WireguardAttribute::Peers( peers .into_iter() .map(PeerDescriptor::into_wireguard) .collect(), ) })); - nlas.push(WgDeviceAttrs::Flags(WGDEVICE_F_REPLACE_PEERS)); + attributes.push(WireguardAttribute::Flags(WGDEVICE_F_REPLACE_PEERS)); - Wireguard { + WireguardMessage { cmd: WireguardCmd::SetDevice, - nlas, + attributes, } } } -fn ipnet_to_wg(net: IpNet) -> WgAllowedIp { - let mut nlas = Vec::default(); - nlas.push(WgAllowedIpAttrs::Cidr(net.prefix_len())); - nlas.push(WgAllowedIpAttrs::IpAddr(net.addr())); +fn ipnet_to_wg(net: IpNet) -> WireguardAllowedIp { + let mut attributes = Vec::default(); + attributes.push(WireguardAllowedIpAttr::Cidr(net.prefix_len())); + attributes.push(WireguardAllowedIpAttr::IpAddr(net.addr())); match net.addr() { - IpAddr::V4(_) => nlas.push(WgAllowedIpAttrs::Family(AF_INET)), - IpAddr::V6(_) => nlas.push(WgAllowedIpAttrs::Family(AF_INET6)), + IpAddr::V4(_) => { + attributes.push(WireguardAllowedIpAttr::Family(WireguardAddressFamily::Ipv4)) + } + IpAddr::V6(_) => { + attributes.push(WireguardAllowedIpAttr::Family(WireguardAddressFamily::Ipv6)) + } } - WgAllowedIp(nlas) + WireguardAllowedIp(attributes) } -- cgit