ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-02-22 18:02:46 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

wireguard-tools: allow generating private_key

Browse Source 
When the uci configuration is created automatically during a very early
stage, where no entropy daemon is set up, generating the key directly is
not an option. Therefore we allow to set the private_key to "generate"
and generate the private key directly before the interface is taken up.

Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
Tested-by: Jan-Niklas Burfeind <git@aiyionpri.me>
This commit is contained in:
Leonardo Mörlein 2021-09-15 03:09:18 +02:00 committed by Petr Štetiar
parent 04ed224543
commit 5406684087
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
package/network/utils/wireguard-tools/files/wireguard.sh
View File

@ -102,6 +102,23 @@ proto_wireguard_setup_peer() {
fi fi
} }
ensure_key_is_generated() {
local private_key
private_key="$(uci get network."$1".private_key)"
if [ "$private_key" == "generate" ]; then
local ucitmp
oldmask="$(umask)"
umask 077
ucitmp="$(mktemp -d)"
private_key="$("${WG}" genkey)"
uci -q -t "$ucitmp" set network."$1".private_key="$private_key" && \
uci -q -t "$ucitmp" commit network
rm -rf "$ucitmp"
umask "$oldmask"
fi
}
proto_wireguard_setup() { proto_wireguard_setup() {
local config="$1" local config="$1"
local wg_dir="/tmp/wireguard" local wg_dir="/tmp/wireguard"
@ -111,6 +128,8 @@ proto_wireguard_setup() {
local listen_port local listen_port
local mtu local mtu
ensure_key_is_generated "${config}"
config_load network config_load network
config_get private_key "${config}" "private_key" config_get private_key "${config}" "private_key"
config_get listen_port "${config}" "listen_port" config_get listen_port "${config}" "listen_port"