cwinfo/yggdrasil-go
5
0
Fork 0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-22 21:10:29 +00:00
Code Releases Activity

removeSourceSubnet and removeRoute via the admin api

Browse Source
This commit is contained in:
Arceliar 2018-11-22 21:30:56 -06:00
parent 5953027411
commit 4870a2e149
3 changed files with 110 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/yggdrasil/admin.go
View File

@ -280,6 +280,28 @@ func (a *admin) init(c *Core, listenaddr string) {
}) })
return admin_info{"routes": routes}, nil return admin_info{"routes": routes}, nil
}) })
a.addHandler("removeSourceSubnet", []string{"subnet"}, func(in admin_info) (admin_info, error) {
var err error
a.core.router.doAdmin(func() {
err = a.core.router.cryptokey.removeSourceSubnet(in["subnet"].(string))
})
if err == nil {
return admin_info{"removed": []string{in["subnet"].(string)}}, nil
} else {
return admin_info{"not_removed": []string{in["subnet"].(string)}}, errors.New("Failed to remove source subnet")
}
})
a.addHandler("removeRoute", []string{"subnet", "destPubKey"}, func(in admin_info) (admin_info, error) {
var err error
a.core.router.doAdmin(func() {
err = a.core.router.cryptokey.removeRoute(in["subnet"].(string), in["destPubKey"].(string))
})
if err == nil {
return admin_info{"removed": []string{fmt.Sprintf("%s via %s", in["subnet"].(string), in["destPubKey"].(string))}}, nil
} else {
return admin_info{"not_removed": []string{fmt.Sprintf("%s via %s", in["subnet"].(string), in["destPubKey"].(string))}}, errors.New("Failed to remove route")
}
})
} }
// start runs the admin API socket to listen for / respond to admin API calls. // start runs the admin API socket to listen for / respond to admin API calls.

88
src/yggdrasil/ckr.go
View File

@ -171,8 +171,10 @@ func (c *cryptokey) addRoute(cidr string, dest string) error {
} }
} }
// Decode the public key // Decode the public key
if bpk, err := hex.DecodeString(dest); err != nil && len(bpk) == boxPubKeyLen { if bpk, err := hex.DecodeString(dest); err != nil {
return err return err
} else if len(bpk) != boxPubKeyLen {
return errors.New(fmt.Sprintf("Incorrect key length for %s", dest))
} else { } else {
// Add the new crypto-key route // Add the new crypto-key route
var key boxPubKey var key boxPubKey
@ -252,3 +254,87 @@ func (c *cryptokey) getPublicKeyForAddress(addr address, addrlen int) (boxPubKey
// No route was found if we got to this point // No route was found if we got to this point
return boxPubKey{}, errors.New(fmt.Sprintf("No route to %s", ip.String())) return boxPubKey{}, errors.New(fmt.Sprintf("No route to %s", ip.String()))
} }
// Removes a source subnet, which allows traffic with these source addresses to
// be tunnelled using crypto-key routing.
func (c *cryptokey) removeSourceSubnet(cidr string) error {
// Is the CIDR we've been given valid?
_, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return err
}
// Get the prefix length and size
_, prefixsize := ipnet.Mask.Size()
// Build our references to the routing sources
var routingsources *[]net.IPNet
// Check if the prefix is IPv4 or IPv6
if prefixsize == net.IPv6len*8 {
routingsources = &c.ipv6sources
} else if prefixsize == net.IPv4len*8 {
routingsources = &c.ipv4sources
} else {
return errors.New("Unexpected prefix size")
}
// Check if we already have this CIDR
for idx, subnet := range *routingsources {
if subnet.String() == ipnet.String() {
*routingsources = append((*routingsources)[:idx], (*routingsources)[idx+1:]...)
c.core.log.Println("Removed CKR source subnet", cidr)
return nil
}
}
return errors.New("Source subnet not found")
}
// Removes a destination route for the given CIDR to be tunnelled to the node
// with the given BoxPubKey.
func (c *cryptokey) removeRoute(cidr string, dest string) error {
// Is the CIDR we've been given valid?
_, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
return err
}
// Get the prefix length and size
_, prefixsize := ipnet.Mask.Size()
// Build our references to the routing table and cache
var routingtable *[]cryptokey_route
var routingcache *map[address]cryptokey_route
// Check if the prefix is IPv4 or IPv6
if prefixsize == net.IPv6len*8 {
routingtable = &c.ipv6routes
routingcache = &c.ipv6cache
} else if prefixsize == net.IPv4len*8 {
routingtable = &c.ipv4routes
routingcache = &c.ipv4cache
} else {
return errors.New("Unexpected prefix size")
}
// Decode the public key
bpk, err := hex.DecodeString(dest)
if err != nil {
return err
} else if len(bpk) != boxPubKeyLen {
return errors.New(fmt.Sprintf("Incorrect key length for %s", dest))
}
netStr := ipnet.String()
for idx, route := range *routingtable {
if bytes.Equal(route.destination[:], bpk) && route.subnet.String() == netStr {
*routingtable = append((*routingtable)[:idx], (*routingtable)[idx+1:]...)
for k := range *routingcache {
delete(*routingcache, k)
}
c.core.log.Println("Removed CKR destination subnet %s via %s", cidr, dest)
return nil
}
}
return errors.New(fmt.Sprintf("Route does not exists for %s", cidr))
}

2
yggdrasilctl.go
View File

@ -231,7 +231,7 @@ func main() {
uint(k), uint(v), uint(queuesizepercent), uint(portqueuepackets[k])) uint(k), uint(v), uint(queuesizepercent), uint(portqueuepackets[k]))
} }
} }
case "addpeer", "removepeer", "addallowedencryptionpublickey", "removeallowedencryptionpublickey", "addsourcesubnet", "addroute": case "addpeer", "removepeer", "addallowedencryptionpublickey", "removeallowedencryptionpublickey", "addsourcesubnet", "addroute", "removesourcesubnet", "removeroute":
if _, ok := res["added"]; ok { if _, ok := res["added"]; ok {
for _, v := range res["added"].([]interface{}) { for _, v := range res["added"].([]interface{}) {
fmt.Println("Added:", fmt.Sprint(v)) fmt.Println("Added:", fmt.Sprint(v))