admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(wireguard): use netip.AddrPort instead of *net.UDPAddr

Browse Source
This commit is contained in:
Quentin McGaw
2023-05-20 20:05:40 +00:00
parent 0a29337c3b
commit 86ec75722a
7 changed files with 42 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/provider/utils/wireguard.go
View File

@@ -1,7 +1,6 @@
package utils package utils
import ( import (
"net"
"net/netip" "net/netip"
"github.com/qdm12/gluetun/internal/configuration/settings" "github.com/qdm12/gluetun/internal/configuration/settings"
@@ -21,9 +20,7 @@ func BuildWireguardSettings(connection models.Connection,
const rulePriority = 101 // 100 is to receive external connections const rulePriority = 101 // 100 is to receive external connections
settings.RulePriority = rulePriority settings.RulePriority = rulePriority
settings.Endpoint = new(net.UDPAddr) settings.Endpoint = netip.AddrPortFrom(connection.IP, connection.Port)
settings.Endpoint.IP = connection.IP.AsSlice()
settings.Endpoint.Port = int(connection.Port)
settings.Addresses = make([]netip.Prefix, 0, len(userSettings.Addresses)) settings.Addresses = make([]netip.Prefix, 0, len(userSettings.Addresses))
for _, address := range userSettings.Addresses { for _, address := range userSettings.Addresses {

6
internal/provider/utils/wireguard_test.go
View File

@@ -1,7 +1,6 @@
package utils package utils
import ( import (
"net"
"net/netip" "net/netip"
"testing" "testing"
@@ -43,10 +42,7 @@ func Test_BuildWireguardSettings(t *testing.T) {
PrivateKey: "private", PrivateKey: "private",
PublicKey: "public", PublicKey: "public",
PreSharedKey: "pre-shared", PreSharedKey: "pre-shared",
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51821),
IP: net.IP{1, 2, 3, 4},
Port: 51821,
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 1, 1, 1}), 32), netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 1, 1, 1}), 32),
}, },

5
internal/wireguard/config.go
View File

@@ -57,7 +57,10 @@ func makeDeviceConfig(settings Settings) (config wgtypes.Config, err error) {
*allIPv6(), *allIPv6(),
}, },
ReplaceAllowedIPs: true, ReplaceAllowedIPs: true,
Endpoint: settings.Endpoint, Endpoint: &net.UDPAddr{
IP: settings.Endpoint.Addr().AsSlice(),
Port: int(settings.Endpoint.Port()),
},
}, },
}, },
} }

8
internal/wireguard/config_test.go
View File

@@ -3,6 +3,7 @@ package wireguard
import ( import (
"errors" "errors"
"net" "net"
"net/netip"
"testing" "testing"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@@ -60,10 +61,7 @@ func Test_makeDeviceConfig(t *testing.T) {
PublicKey: validKey2, PublicKey: validKey2,
PreSharedKey: validKey3, PreSharedKey: validKey3,
FirewallMark: 9876, FirewallMark: 9876,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{99, 99, 99, 99}), 51820),
IP: net.IPv4(99, 99, 99, 99),
Port: 51820,
},
}, },
config: wgtypes.Config{ config: wgtypes.Config{
PrivateKey: parseKey(t, validKey1), PrivateKey: parseKey(t, validKey1),
@@ -85,7 +83,7 @@ func Test_makeDeviceConfig(t *testing.T) {
}, },
ReplaceAllowedIPs: true, ReplaceAllowedIPs: true,
Endpoint: &net.UDPAddr{ Endpoint: &net.UDPAddr{
IP: net.IPv4(99, 99, 99, 99), IP: net.IP{99, 99, 99, 99},
Port: 51820, Port: 51820,
}, },
}, },

10
internal/wireguard/constructor_test.go
View File

@@ -1,7 +1,6 @@
package wireguard package wireguard
import ( import (
"net"
"net/netip" "net/netip"
"testing" "testing"
@@ -31,9 +30,7 @@ func Test_New(t *testing.T) {
settings: Settings{ settings: Settings{
PrivateKey: validKeyString, PrivateKey: validKeyString,
PublicKey: validKeyString, PublicKey: validKeyString,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 0),
IP: net.IPv4(1, 2, 3, 4),
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{5, 6, 7, 8}), 32), netip.PrefixFrom(netip.AddrFrom4([4]byte{5, 6, 7, 8}), 32),
}, },
@@ -46,10 +43,7 @@ func Test_New(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKeyString, PrivateKey: validKeyString,
PublicKey: validKeyString, PublicKey: validKeyString,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{5, 6, 7, 8}), 32), netip.PrefixFrom(netip.AddrFrom4([4]byte{5, 6, 7, 8}), 32),
}, },

20
internal/wireguard/settings.go
View File

@@ -3,7 +3,6 @@ package wireguard
import ( import (
"errors" "errors"
"fmt" "fmt"
"net"
"net/netip" "net/netip"
"regexp" "regexp"
"strings" "strings"
@@ -22,7 +21,7 @@ type Settings struct {
// Pre shared key in base 64 format // Pre shared key in base 64 format
PreSharedKey string PreSharedKey string
// Wireguard server endpoint to connect to. // Wireguard server endpoint to connect to.
Endpoint *net.UDPAddr Endpoint netip.AddrPort
// Addresses assigned to the client. // Addresses assigned to the client.
// Note IPv6 addresses are ignored if IPv6 is not supported. // Note IPv6 addresses are ignored if IPv6 is not supported.
Addresses []netip.Prefix Addresses []netip.Prefix
@@ -46,9 +45,9 @@ func (s *Settings) SetDefaults() {
s.InterfaceName = defaultInterfaceName s.InterfaceName = defaultInterfaceName
} }
if s.Endpoint != nil && s.Endpoint.Port == 0 { if s.Endpoint.IsValid() && s.Endpoint.Port() == 0 {
const defaultPort = 51820 const defaultPort = 51820
s.Endpoint.Port = defaultPort s.Endpoint = netip.AddrPortFrom(s.Endpoint.Addr(), defaultPort)
} }
if s.FirewallMark == 0 { if s.FirewallMark == 0 {
@@ -74,8 +73,7 @@ var (
ErrPublicKeyMissing = errors.New("public key is missing") ErrPublicKeyMissing = errors.New("public key is missing")
ErrPublicKeyInvalid = errors.New("cannot parse public key") ErrPublicKeyInvalid = errors.New("cannot parse public key")
ErrPreSharedKeyInvalid = errors.New("cannot parse pre-shared key") ErrPreSharedKeyInvalid = errors.New("cannot parse pre-shared key")
ErrEndpointMissing = errors.New("endpoint is missing") ErrEndpointAddrMissing = errors.New("endpoint address is missing")
ErrEndpointIPMissing = errors.New("endpoint IP is missing")
ErrEndpointPortMissing = errors.New("endpoint port is missing") ErrEndpointPortMissing = errors.New("endpoint port is missing")
ErrAddressMissing = errors.New("interface address is missing") ErrAddressMissing = errors.New("interface address is missing")
ErrAddressNotValid = errors.New("interface address is not valid") ErrAddressNotValid = errors.New("interface address is not valid")
@@ -109,11 +107,9 @@ func (s *Settings) Check() (err error) {
} }
switch { switch {
case s.Endpoint == nil: case !s.Endpoint.Addr().IsValid():
return fmt.Errorf("%w", ErrEndpointMissing) return fmt.Errorf("%w", ErrEndpointAddrMissing)
case len(s.Endpoint.IP) == 0: case s.Endpoint.Port() == 0:
return fmt.Errorf("%w", ErrEndpointIPMissing)
case s.Endpoint.Port == 0:
return fmt.Errorf("%w", ErrEndpointPortMissing) return fmt.Errorf("%w", ErrEndpointPortMissing)
} }
@@ -198,7 +194,7 @@ func (s Settings) ToLines(settings ToLinesSettings) (lines []string) {
lines = append(lines, fieldPrefix+"Pre shared key: "+isSet) lines = append(lines, fieldPrefix+"Pre shared key: "+isSet)
endpointStr := notSet endpointStr := notSet
if s.Endpoint != nil { if s.Endpoint.Addr().IsValid() {
endpointStr = s.Endpoint.String() endpointStr = s.Endpoint.String()
} }
lines = append(lines, fieldPrefix+"Endpoint: "+endpointStr) lines = append(lines, fieldPrefix+"Endpoint: "+endpointStr)

87
internal/wireguard/settings_test.go
View File

@@ -2,7 +2,6 @@ package wireguard
import ( import (
"errors" "errors"
"net"
"net/netip" "net/netip"
"testing" "testing"
@@ -29,39 +28,28 @@ func Test_Settings_SetDefaults(t *testing.T) {
}, },
"default endpoint port": { "default endpoint port": {
original: Settings{ original: Settings{
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 0),
IP: net.IPv4(1, 2, 3, 4),
},
}, },
expected: Settings{ expected: Settings{
InterfaceName: "wg0", InterfaceName: "wg0",
FirewallMark: 51820, FirewallMark: 51820,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
IPv6: ptr(false), IPv6: ptr(false),
Implementation: "auto", Implementation: "auto",
}, },
}, },
"not empty settings": { "not empty settings": {
original: Settings{ original: Settings{
InterfaceName: "wg1", InterfaceName: "wg1",
FirewallMark: 999, FirewallMark: 999,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 9999),
IP: net.IPv4(1, 2, 3, 4),
Port: 9999,
},
IPv6: ptr(true), IPv6: ptr(true),
Implementation: "userspace", Implementation: "userspace",
}, },
expected: Settings{ expected: Settings{
InterfaceName: "wg1", InterfaceName: "wg1",
FirewallMark: 999, FirewallMark: 999,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 9999),
IP: net.IPv4(1, 2, 3, 4),
Port: 9999,
},
IPv6: ptr(true), IPv6: ptr(true),
Implementation: "userspace", Implementation: "userspace",
}, },
@@ -138,31 +126,20 @@ func Test_Settings_Check(t *testing.T) {
}, },
err: errors.New("cannot parse pre-shared key"), err: errors.New("cannot parse pre-shared key"),
}, },
"empty endpoint": { "invalid endpoint address": {
settings: Settings{ settings: Settings{
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
}, },
err: ErrEndpointMissing, err: ErrEndpointAddrMissing,
}, },
"nil endpoint IP": { "zero endpoint port": {
settings: Settings{ settings: Settings{
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{}, Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 0),
},
err: ErrEndpointIPMissing,
},
"nil endpoint port": {
settings: Settings{
InterfaceName: "wg0",
PrivateKey: validKey1,
PublicKey: validKey2,
Endpoint: &net.UDPAddr{
IP: net.IPv4(1, 2, 3, 4),
},
}, },
err: ErrEndpointPortMissing, err: ErrEndpointPortMissing,
}, },
@@ -171,10 +148,7 @@ func Test_Settings_Check(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
}, },
err: ErrAddressMissing, err: ErrAddressMissing,
}, },
@@ -183,11 +157,8 @@ func Test_Settings_Check(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4), Addresses: []netip.Prefix{{}},
Port: 51820,
},
Addresses: []netip.Prefix{{}},
}, },
err: errors.New("interface address is not valid: for address 1 of 1"), err: errors.New("interface address is not valid: for address 1 of 1"),
}, },
@@ -196,10 +167,7 @@ func Test_Settings_Check(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24), netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24),
}, },
@@ -211,10 +179,7 @@ func Test_Settings_Check(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24), netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24),
}, },
@@ -228,10 +193,7 @@ func Test_Settings_Check(t *testing.T) {
InterfaceName: "wg0", InterfaceName: "wg0",
PrivateKey: validKey1, PrivateKey: validKey1,
PublicKey: validKey2, PublicKey: validKey2,
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4),
Port: 51820,
},
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24), netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 24),
}, },
@@ -331,12 +293,9 @@ func Test_Settings_Lines(t *testing.T) {
PrivateKey: "private key", PrivateKey: "private key",
PublicKey: "public key", PublicKey: "public key",
PreSharedKey: "pre-shared key", PreSharedKey: "pre-shared key",
Endpoint: &net.UDPAddr{ Endpoint: netip.AddrPortFrom(netip.AddrFrom4([4]byte{1, 2, 3, 4}), 51820),
IP: net.IPv4(1, 2, 3, 4), FirewallMark: 999,
Port: 51820, RulePriority: 888,
},
FirewallMark: 999,
RulePriority: 888,
Addresses: []netip.Prefix{ Addresses: []netip.Prefix{
netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 1, 1, 1}), 24), netip.PrefixFrom(netip.AddrFrom4([4]byte{1, 1, 1, 1}), 24),
netip.PrefixFrom(netip.AddrFrom4([4]byte{2, 2, 2, 2}), 32), netip.PrefixFrom(netip.AddrFrom4([4]byte{2, 2, 2, 2}), 32),