1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 
3 #pragma once
4 
5 typedef struct Wireguard Wireguard;
6 
7 #include <netinet/in.h>
8 #include <linux/wireguard.h>
9 
10 #include "sd-event.h"
11 #include "sd-resolve.h"
12 
13 #include "in-addr-util.h"
14 #include "netdev.h"
15 #include "socket-util.h"
16 
17 typedef struct WireguardIPmask {
18         uint16_t family;
19         union in_addr_union ip;
20         uint8_t cidr;
21 
22         LIST_FIELDS(struct WireguardIPmask, ipmasks);
23 } WireguardIPmask;
24 
25 typedef struct WireguardPeer {
26         Wireguard *wireguard;
27         ConfigSection *section;
28 
29         uint8_t public_key[WG_KEY_LEN];
30         uint8_t preshared_key[WG_KEY_LEN];
31         char *preshared_key_file;
32         uint32_t flags;
33         uint16_t persistent_keepalive_interval;
34 
35         union sockaddr_union endpoint;
36         char *endpoint_host;
37         char *endpoint_port;
38 
39         unsigned n_retries;
40         sd_event_source *resolve_retry_event_source;
41         sd_resolve_query *resolve_query;
42 
43         uint32_t route_table;
44         uint32_t route_priority;
45         bool route_table_set;
46         bool route_priority_set;
47 
48         LIST_HEAD(WireguardIPmask, ipmasks);
49         LIST_FIELDS(struct WireguardPeer, peers);
50 } WireguardPeer;
51 
52 struct Wireguard {
53         NetDev meta;
54         unsigned last_peer_section;
55 
56         uint32_t flags;
57         uint8_t private_key[WG_KEY_LEN];
58         char *private_key_file;
59         uint16_t port;
60         uint32_t fwmark;
61 
62         Hashmap *peers_by_section;
63         LIST_HEAD(WireguardPeer, peers);
64 
65         Set *routes;
66         uint32_t route_table;
67         uint32_t route_priority;
68 };
69 
70 DEFINE_NETDEV_CAST(WIREGUARD, Wireguard);
71 extern const NetDevVTable wireguard_vtable;
72 
73 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_allowed_ips);
74 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_endpoint);
75 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_listen_port);
76 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_peer_key);
77 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_private_key);
78 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_private_key_file);
79 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_preshared_key_file);
80 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_keepalive);
81 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_route_table);
82 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_peer_route_table);
83 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_route_priority);
84 CONFIG_PARSER_PROTOTYPE(config_parse_wireguard_peer_route_priority);
85