Message ID | 20191205103338.28355-1-fe@dev.tdt.de |
---|---|
State | Accepted |
Delegated to: | John Crispin |
Headers | show |
Series | [OpenWrt-Devel,v2] wireguard: skip peer config if public key of the peer is not defined | expand |
On 05/12/2019 11:33, Florian Eckert wrote: > If a config section of a peer does not have a public key defined, the > whole interface does not start. The following log is shown > > daemon.notice netifd: test (21071): Line unrecognized: `PublicKey=' > daemon.notice netifd: test (21071): Configuration parsing erro > > The command 'wg show' does only show the interface name. > > With this change we skip the peer for this interface and emit a log > message. So the other peers get configured. > > Signed-off-by: Florian Eckert <fe@dev.tdt.de> Merged, Thanks ! > --- > v2: > * Update error message to be a sentence > > package/network/services/wireguard/files/wireguard.sh | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh > index 4c811c6ba9..ccac34e45f 100644 > --- a/package/network/services/wireguard/files/wireguard.sh > +++ b/package/network/services/wireguard/files/wireguard.sh > @@ -42,6 +42,11 @@ proto_wireguard_setup_peer() { > config_get endpoint_port "${peer_config}" "endpoint_port" > config_get persistent_keepalive "${peer_config}" "persistent_keepalive" > > + if [ -z "$public_key" ]; then > + echo "Skipping peer config $peer_config because public key is not defined." > + return 0 > + fi > + > echo "[Peer]" >> "${wg_cfg}" > echo "PublicKey=${public_key}" >> "${wg_cfg}" > if [ "${preshared_key}" ]; then >
Hi, > + if [ -z "$public_key" ]; then > + echo "Skipping peer config $peer_config because public key is not defined." > + return 0 > + fi I guess there will be other error conditions that could cause the wg setup to fail... is there any more robust way to check the config for validity? Could some `wg` sub command be used for that? ~ Jo
diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh index 4c811c6ba9..ccac34e45f 100644 --- a/package/network/services/wireguard/files/wireguard.sh +++ b/package/network/services/wireguard/files/wireguard.sh @@ -42,6 +42,11 @@ proto_wireguard_setup_peer() { config_get endpoint_port "${peer_config}" "endpoint_port" config_get persistent_keepalive "${peer_config}" "persistent_keepalive" + if [ -z "$public_key" ]; then + echo "Skipping peer config $peer_config because public key is not defined." + return 0 + fi + echo "[Peer]" >> "${wg_cfg}" echo "PublicKey=${public_key}" >> "${wg_cfg}" if [ "${preshared_key}" ]; then
If a config section of a peer does not have a public key defined, the whole interface does not start. The following log is shown daemon.notice netifd: test (21071): Line unrecognized: `PublicKey=' daemon.notice netifd: test (21071): Configuration parsing erro The command 'wg show' does only show the interface name. With this change we skip the peer for this interface and emit a log message. So the other peers get configured. Signed-off-by: Florian Eckert <fe@dev.tdt.de> --- v2: * Update error message to be a sentence package/network/services/wireguard/files/wireguard.sh | 5 +++++ 1 file changed, 5 insertions(+)