smegmesh/pkg/wg/wg.go

package wg

import (
	"crypto"
	"crypto/rand"
	"fmt"

	"github.com/tim-beatham/smegmesh/pkg/lib"
	logging "github.com/tim-beatham/smegmesh/pkg/log"
	"golang.zx2c4.com/wireguard/wgctrl"
	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)

type WgInterfaceManipulatorImpl struct {
	client *wgctrl.Client
}

const hashLength = 6

// CreateInterface creates a WireGuard interface
func (m *WgInterfaceManipulatorImpl) CreateInterface(port int, privKey *wgtypes.Key) (string, error) {
	rtnl, err := lib.NewRtNetlinkConfig()

	if err != nil {
		return "", fmt.Errorf("failed to access link: %w", err)
	}
	defer rtnl.Close()

	randomBuf := make([]byte, 32)
	_, err = rand.Read(randomBuf)

	if err != nil {
		return "", err
	}

	md5 := crypto.MD5.New().Sum(randomBuf)
	md5Str := fmt.Sprintf("wg%x", md5)[:hashLength]

	err = rtnl.CreateLink(md5Str)

	if err != nil {
		return "", fmt.Errorf("failed to create link: %w", err)
	}

	var cfg wgtypes.Config = wgtypes.Config{
		PrivateKey: privKey,
		ListenPort: &port,
	}

	err = m.client.ConfigureDevice(md5Str, cfg)

	if err != nil {
		m.RemoveInterface(md5Str)
		return "", fmt.Errorf("failed to configure dev: %w", err)
	}

	logging.Log.WriteInfof("ip link set up dev %s type wireguard", md5Str)
	return md5Str, nil
}

// Add an address to the given interface
func (m *WgInterfaceManipulatorImpl) AddAddress(ifName string, addr string) error {
	rtnl, err := lib.NewRtNetlinkConfig()

	if err != nil {
		return fmt.Errorf("failed to create config: %w", err)
	}
	defer rtnl.Close()

	err = rtnl.AddAddress(ifName, addr)

	if err != nil {
		err = fmt.Errorf("failed to add address: %w", err)
	}

	return err
}

// RemoveInterface implements WgInterfaceManipulator.
func (*WgInterfaceManipulatorImpl) RemoveInterface(ifName string) error {
	rtnl, err := lib.NewRtNetlinkConfig()

	if err != nil {
		return fmt.Errorf("failed to create config: %w", err)
	}
	defer rtnl.Close()

	return rtnl.DeleteLink(ifName)
}

func NewWgInterfaceManipulator(client *wgctrl.Client) WgInterfaceManipulator {
	return &WgInterfaceManipulatorImpl{client: client}
}
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00			`package wg`

			`import (`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`"crypto"`
			`"crypto/rand"`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00			`"fmt"`
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00
74-perform-dad - Performing DAD to check if IPv6 address present before adding outselves to mesh - Changing name from wgmesh to smegmesh 2024-01-02 00:55:50 +01:00			`"github.com/tim-beatham/smegmesh/pkg/lib"`
			`logging "github.com/tim-beatham/smegmesh/pkg/log"`
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00			`"golang.zx2c4.com/wireguard/wgctrl"`
			`"golang.zx2c4.com/wireguard/wgctrl/wgtypes"`
			`)`

Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00			`type WgInterfaceManipulatorImpl struct {`
			`client *wgctrl.Client`
			`}`

Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`const hashLength = 6`

Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`// CreateInterface creates a WireGuard interface`
27-remove-client-grpc-endpoint Removed a client's grpc endpoint value. Client's aren't publicly available so there is no need for a client's gRPC endpoint. Also changed a node ID's to their public key. A node id's public address is an issue for mobility of clients as their endpoint is subject to change 2023-11-24 13:07:03 +01:00			`func (m WgInterfaceManipulatorImpl) CreateInterface(port int, privKey wgtypes.Key) (string, error) {`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`rtnl, err := lib.NewRtNetlinkConfig()`

			`if err != nil {`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`return "", fmt.Errorf("failed to access link: %w", err)`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`}`
			`defer rtnl.Close()`

Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`randomBuf := make([]byte, 32)`
			`_, err = rand.Read(randomBuf)`

			`if err != nil {`
			`return "", err`
			`}`

			`md5 := crypto.MD5.New().Sum(randomBuf)`
45-use-statistical-testing Keepalive is based on per mesh and not per node. Using total ordering mechanism similar to paxos to elect a leader if leader doesn't update it's timestamp within 3 * keepAlive then give the leader a gravestone and elect the next leader. Leader is bassed on lexicographically ordered public key. 2023-12-07 19:18:13 +01:00			`md5Str := fmt.Sprintf("wg%x", md5)[:hashLength]`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00
			`err = rtnl.CreateLink(md5Str)`
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00
			`if err != nil {`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`return "", fmt.Errorf("failed to create link: %w", err)`
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00			`}`

			`var cfg wgtypes.Config = wgtypes.Config{`
27-remove-client-grpc-endpoint Removed a client's grpc endpoint value. Client's aren't publicly available so there is no need for a client's gRPC endpoint. Also changed a node ID's to their public key. A node id's public address is an issue for mobility of clients as their endpoint is subject to change 2023-11-24 13:07:03 +01:00			`PrivateKey: privKey,`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`ListenPort: &port,`
Created join-mesh, list-meshes command 2023-09-19 14:45:49 +02:00			`}`

Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`err = m.client.ConfigureDevice(md5Str, cfg)`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00
			`if err != nil {`
Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`m.RemoveInterface(md5Str)`
			`return "", fmt.Errorf("failed to configure dev: %w", err)`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00			`}`

Hashing the WireGuard interface Hashing the interface and using ephmeral ports so that the admin doesn't choose an interface and port combination. An administrator can alteranatively decide to provide port but this isn't critical. 2023-11-20 14:03:42 +01:00			`logging.Log.WriteInfof("ip link set up dev %s type wireguard", md5Str)`
			`return md5Str, nil`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00			`}`

Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`// Add an address to the given interface`
			`func (m *WgInterfaceManipulatorImpl) AddAddress(ifName string, addr string) error {`
			`rtnl, err := lib.NewRtNetlinkConfig()`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00
			`if err != nil {`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`return fmt.Errorf("failed to create config: %w", err)`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00			`}`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`defer rtnl.Close()`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`err = rtnl.AddAddress(ifName, addr)`
Fixing an issue where packets are dropped each time we change wg configuration 2023-11-01 11:39:46 +01:00
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`if err != nil {`
			`err = fmt.Errorf("failed to add address: %w", err)`
Fixing an issue where packets are dropped each time we change wg configuration 2023-11-01 11:39:46 +01:00			`}`

Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`return err`
			`}`

			`// RemoveInterface implements WgInterfaceManipulator.`
			`func (*WgInterfaceManipulatorImpl) RemoveInterface(ifName string) error {`
			`rtnl, err := lib.NewRtNetlinkConfig()`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00
			`if err != nil {`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`return fmt.Errorf("failed to create config: %w", err)`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00			`}`
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`defer rtnl.Close()`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00
Removed interface manipulation via os.Exec into rtnetlink calls 2023-11-07 20:48:53 +01:00			`return rtnl.DeleteLink(ifName)`
Added ability to set interface as up 2023-09-21 19:43:29 +02:00			`}`
Standardising filenames, interfacing out for tests and modifying network device manipulation 2023-10-28 17:38:25 +02:00
			`func NewWgInterfaceManipulator(client *wgctrl.Client) WgInterfaceManipulator {`
			`return &WgInterfaceManipulatorImpl{client: client}`
			`}`