wireguard-control: correct the target genl payload length

2022-01-11 01:02:53 -06:00 · 2022-01-11 01:02:53 -06:00 · e04bd26743
parent 9fbc0c5f1b
commit e04bd26743
2 changed files with 10 additions and 6 deletions
--- a/netlink-request/src/lib.rs
+++ b/netlink-request/src/lib.rs
@ -1,11 +1,12 @@
 #[cfg(target_os = "linux")]
 mod linux {
    pub const MAX_NETLINK_BUFFER_LENGTH: usize = 4096;
-    pub const MAX_GENL_PAYLOAD_LENGTH: usize = MAX_NETLINK_BUFFER_LENGTH - GENL_HDRLEN;
+    pub const MAX_GENL_PAYLOAD_LENGTH: usize =
+        MAX_NETLINK_BUFFER_LENGTH - NETLINK_HEADER_LEN - GENL_HDRLEN;

    use netlink_packet_core::{
-        NetlinkDeserializable, NetlinkMessage, NetlinkPayload, NetlinkSerializable, NLM_F_ACK,
-        NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST,
+        NetlinkDeserializable, NetlinkMessage, NetlinkPayload, NetlinkSerializable,
+        NETLINK_HEADER_LEN, NLM_F_ACK, NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST,
    };
    use netlink_packet_generic::{
        constants::GENL_HDRLEN,
--- a/wireguard-control/src/backends/kernel.rs
+++ b/wireguard-control/src/backends/kernel.rs
@ -396,6 +396,7 @@ mod tests {
                WgPeerAttrs::PublicKey([2u8; 32]),
                WgPeerAttrs::PersistentKeepalive(25),
                WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()),
+                WgPeerAttrs::Flags(WGPEER_F_REPLACE_ALLOWEDIPS),
                WgPeerAttrs::AllowedIps(vec![vec![
                    WgAllowedIpAttrs::Family(AF_INET),
                    WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()),
@ -416,26 +417,28 @@ mod tests {
            .push(WgDeviceAttrs::Flags(WGDEVICE_F_REPLACE_PEERS))
            .unwrap();

-        for _ in 0..10_000 {
+        for i in 0..10_000 {
            payload
                .push_peer(vec![
                    WgPeerAttrs::PublicKey([2u8; 32]),
                    WgPeerAttrs::PersistentKeepalive(25),
-                    WgPeerAttrs::PresharedKey([1u8; 32]),
                    WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()),
+                    WgPeerAttrs::Flags(WGPEER_F_REPLACE_ALLOWEDIPS),
                    WgPeerAttrs::AllowedIps(vec![vec![
                        WgAllowedIpAttrs::Family(AF_INET),
                        WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()),
                        WgAllowedIpAttrs::Cidr(24),
                    ]]),
+                    WgPeerAttrs::Unspec(vec![1u8; (i % 256) as usize]),
                ])
                .unwrap();
        }

        let messages = payload.finish();
+        println!("generated {} messages", messages.len());
        assert!(messages.len() > 1);
        for message in messages {
-            assert!(message.buffer_len() <= MAX_NETLINK_BUFFER_LENGTH);
+            assert!(NetlinkMessage::from(message).buffer_len() <= MAX_NETLINK_BUFFER_LENGTH);
        }
    }
 }