diff --git a/sbin/ifconfig/ifwg.c b/sbin/ifconfig/ifwg.c index 8956e3427..a7fe150ec 100644 --- a/sbin/ifconfig/ifwg.c +++ b/sbin/ifconfig/ifwg.c @@ -82,6 +82,7 @@ struct allowedip *allowed_ips; #define ALLOWEDIPS_START 16 #define WG_KEY_LEN 32 +#define WG_PEER_ALIAS_SIZE 32 #define WG_KEY_LEN_BASE64 ((((WG_KEY_LEN) + 2) / 3) * 4 + 1) #define WG_KEY_LEN_HEX (WG_KEY_LEN * 2 + 1) #define WG_MAX_STRLEN 64 @@ -282,6 +283,9 @@ dump_peer(const nvlist_t *nvl_peer) int count, port; printf("[Peer]\n"); + if (nvlist_exists_string(nvl_peer, "alias")) { + printf("Alias = %s\n", nvlist_get_string(nvl_peer, "alias")); + } if (nvlist_exists_binary(nvl_peer, "public-key")) { key = nvlist_get_binary(nvl_peer, "public-key", &size); b64_ntop((const uint8_t *)key, size, outbuf, WG_MAX_STRLEN); @@ -526,6 +530,17 @@ DECL_CMD_FUNC(setendpoint, val, d) parse_endpoint(val); } +static +DECL_CMD_FUNC(setalias, val, d) +{ + if (!do_peer) + errx(1, "setting alias only valid when adding peer"); + + if (strlen(val) >= WG_PEER_ALIAS_SIZE) + errx(1, "alias len must be less then %d", WG_PEER_ALIAS_SIZE); + nvlist_add_string(nvl_params, "alias", val); +} + static void wireguard_status(int s) { @@ -567,6 +582,7 @@ static struct cmd wireguard_cmds[] = { DEF_CMD_ARG("public-key", setwgpubkey), DEF_CMD_ARG("allowed-ips", setallowedips), DEF_CMD_ARG("endpoint", setendpoint), + DEF_CMD_ARG("alias", setalias), }; static struct afswtch af_wireguard = { diff --git a/sys/dev/if_wg/include/sys/if_wg_session.h b/sys/dev/if_wg/include/sys/if_wg_session.h index 45399e534..afc802390 100644 --- a/sys/dev/if_wg/include/sys/if_wg_session.h +++ b/sys/dev/if_wg/include/sys/if_wg_session.h @@ -29,6 +29,7 @@ */ #define WG_KEY_SIZE 32 +#define WG_PEER_ALIAS_SIZE 32 #define WG_DEVICE_HAS_PUBKEY (1 << 0) #define WG_DEVICE_HAS_PRIVKEY (1 << 1) diff --git a/sys/dev/if_wg/include/sys/if_wg_session_vars.h b/sys/dev/if_wg/include/sys/if_wg_session_vars.h index 5fd85d3b7..eaa958dda 100644 --- a/sys/dev/if_wg/include/sys/if_wg_session_vars.h +++ b/sys/dev/if_wg/include/sys/if_wg_session_vars.h @@ -164,6 +164,8 @@ struct wg_peer { counter_u64_t p_tx_bytes; counter_u64_t p_rx_bytes; + char alias[WG_PEER_ALIAS_SIZE]; + CK_LIST_HEAD(, wg_route) p_routes; uint64_t p_magic_3; struct mtx p_lock; diff --git a/sys/dev/if_wg/module/module.c b/sys/dev/if_wg/module/module.c index 76c7db01c..69638edb9 100644 --- a/sys/dev/if_wg/module/module.c +++ b/sys/dev/if_wg/module/module.c @@ -403,6 +403,9 @@ wg_peer_to_nvl(struct wg_peer *peer) } nvlist_add_binary(nvl, "allowed-ips", aip, count*sizeof(*aip)); free(aip, M_TEMP); + if (*peer->alias != '\0') { + nvlist_add_string(nvl, "alias", peer->alias); + } return (nvl); } @@ -445,7 +448,7 @@ wg_marshal_peers(struct wg_softc *sc, nvlist_t **nvlp, nvlist_t ***nvl_arrayp, i #ifdef INVARIANTS packed = nvlist_pack(nvl_array[i], &size); if (packed == NULL) { - printf("nvlist_pack(%p, %p) => %d", + printf("nvlist_pack(%p, %p) => %d\n", nvl_array[i], &size, nvlist_error(nvl)); } free(packed, M_NVLIST); @@ -630,6 +633,18 @@ wg_peer_add(struct wg_softc *sc, const nvlist_t *nvl) } } } + if (nvlist_exists_string(nvl, "alias")) { + const char *alias; + size_t len; + + alias = nvlist_get_string(nvl, "alias"); + len = strlcpy(peer->alias, alias, WG_PEER_ALIAS_SIZE); + if (len >= WG_PEER_ALIAS_SIZE) { + device_printf(dev, "%s bad length for alias %zu\n", __func__, len); + err = EBADMSG; + goto out; + } + } if (need_insert) wg_hashtable_peer_insert(&sc->sc_hashtable, peer); return (0);