public-mirrors
/
innernet
mirror of https://github.com/tonarino/innernet.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wireguard-control: correct the target genl payload length

pull/186/head
Jake McGinty 2022-01-11 01:02:53 -06:00
parent 9fbc0c5f1b
commit e04bd26743
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
netlink-request/src/lib.rs
View File

@ -1,11 +1,12 @@
#[cfg(target_os = "linux")] #[cfg(target_os = "linux")]
mod linux { mod linux {
pub const MAX_NETLINK_BUFFER_LENGTH: usize = 4096; pub const MAX_NETLINK_BUFFER_LENGTH: usize = 4096;
pub const MAX_GENL_PAYLOAD_LENGTH: usize = MAX_NETLINK_BUFFER_LENGTH - GENL_HDRLEN; pub const MAX_GENL_PAYLOAD_LENGTH: usize =
MAX_NETLINK_BUFFER_LENGTH - NETLINK_HEADER_LEN - GENL_HDRLEN;
use netlink_packet_core::{ use netlink_packet_core::{
NetlinkDeserializable, NetlinkMessage, NetlinkPayload, NetlinkSerializable, NLM_F_ACK, NetlinkDeserializable, NetlinkMessage, NetlinkPayload, NetlinkSerializable,
NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST, NETLINK_HEADER_LEN, NLM_F_ACK, NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST,
}; };
use netlink_packet_generic::{ use netlink_packet_generic::{
constants::GENL_HDRLEN, constants::GENL_HDRLEN,

9
wireguard-control/src/backends/kernel.rs
View File

@ -396,6 +396,7 @@ mod tests {
WgPeerAttrs::PublicKey([2u8; 32]), WgPeerAttrs::PublicKey([2u8; 32]),
WgPeerAttrs::PersistentKeepalive(25), WgPeerAttrs::PersistentKeepalive(25),
WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()), WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()),
WgPeerAttrs::Flags(WGPEER_F_REPLACE_ALLOWEDIPS),
WgPeerAttrs::AllowedIps(vec![vec![ WgPeerAttrs::AllowedIps(vec![vec![
WgAllowedIpAttrs::Family(AF_INET), WgAllowedIpAttrs::Family(AF_INET),
WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()), WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()),
@ -416,26 +417,28 @@ mod tests {
.push(WgDeviceAttrs::Flags(WGDEVICE_F_REPLACE_PEERS)) .push(WgDeviceAttrs::Flags(WGDEVICE_F_REPLACE_PEERS))
.unwrap(); .unwrap();
for _ in 0..10_000 { for i in 0..10_000 {
payload payload
.push_peer(vec![ .push_peer(vec![
WgPeerAttrs::PublicKey([2u8; 32]), WgPeerAttrs::PublicKey([2u8; 32]),
WgPeerAttrs::PersistentKeepalive(25), WgPeerAttrs::PersistentKeepalive(25),
WgPeerAttrs::PresharedKey([1u8; 32]),
WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()), WgPeerAttrs::Endpoint("1.1.1.1:51820".parse().unwrap()),
WgPeerAttrs::Flags(WGPEER_F_REPLACE_ALLOWEDIPS),
WgPeerAttrs::AllowedIps(vec![vec![ WgPeerAttrs::AllowedIps(vec![vec![
WgAllowedIpAttrs::Family(AF_INET), WgAllowedIpAttrs::Family(AF_INET),
WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()), WgAllowedIpAttrs::IpAddr([10, 1, 1, 1].into()),
WgAllowedIpAttrs::Cidr(24), WgAllowedIpAttrs::Cidr(24),
]]), ]]),
WgPeerAttrs::Unspec(vec![1u8; (i % 256) as usize]),
]) ])
.unwrap(); .unwrap();
} }
let messages = payload.finish(); let messages = payload.finish();
println!("generated {} messages", messages.len());
assert!(messages.len() > 1); assert!(messages.len() > 1);
for message in messages { for message in messages {
assert!(message.buffer_len() <= MAX_NETLINK_BUFFER_LENGTH); assert!(NetlinkMessage::from(message).buffer_len() <= MAX_NETLINK_BUFFER_LENGTH);
} }
} }
} }