mirror of
https://github.com/cwinfo/yggdrasil-go.git
synced 2024-12-01 09:21:35 +00:00
Tidy up a bit, make sure to copy the private key at startup
This commit is contained in:
parent
a7d06e048a
commit
9cdfd59476
@ -81,48 +81,6 @@ func readConfig(log *log.Logger, useconf bool, useconffile string, normaliseconf
|
|||||||
if err := hjson.Unmarshal(conf, &dat); err != nil {
|
if err := hjson.Unmarshal(conf, &dat); err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
// Check if we have old field names
|
|
||||||
if _, ok := dat["TunnelRouting"]; ok {
|
|
||||||
log.Warnln("WARNING: Tunnel routing is no longer supported")
|
|
||||||
}
|
|
||||||
if old, ok := dat["SigningPrivateKey"]; ok {
|
|
||||||
log.Warnln("WARNING: The \"SigningPrivateKey\" configuration option has been renamed to \"PrivateKey\"")
|
|
||||||
if _, ok := dat["PrivateKey"]; !ok {
|
|
||||||
if privstr, err := hex.DecodeString(old.(string)); err == nil {
|
|
||||||
priv := ed25519.PrivateKey(privstr)
|
|
||||||
pub := priv.Public().(ed25519.PublicKey)
|
|
||||||
dat["PrivateKey"] = hex.EncodeToString(priv[:])
|
|
||||||
dat["PublicKey"] = hex.EncodeToString(pub[:])
|
|
||||||
} else {
|
|
||||||
log.Warnln("WARNING: The \"SigningPrivateKey\" configuration option contains an invalid value and will be ignored")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if oldmc, ok := dat["MulticastInterfaces"]; ok {
|
|
||||||
if oldmcvals, ok := oldmc.([]interface{}); ok {
|
|
||||||
var newmc []config.MulticastInterfaceConfig
|
|
||||||
for _, oldmcval := range oldmcvals {
|
|
||||||
if str, ok := oldmcval.(string); ok {
|
|
||||||
newmc = append(newmc, config.MulticastInterfaceConfig{
|
|
||||||
Regex: str,
|
|
||||||
Beacon: true,
|
|
||||||
Listen: true,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if newmc != nil {
|
|
||||||
if oldport, ok := dat["LinkLocalTCPPort"]; ok {
|
|
||||||
// numbers parse to float64 by default
|
|
||||||
if port, ok := oldport.(float64); ok {
|
|
||||||
for idx := range newmc {
|
|
||||||
newmc[idx].Port = uint16(port)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
dat["MulticastInterfaces"] = newmc
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Sanitise the config
|
// Sanitise the config
|
||||||
confJson, err := json.Marshal(dat)
|
confJson, err := json.Marshal(dat)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -322,7 +280,6 @@ func run(args yggArgs, ctx context.Context, done chan struct{}) {
|
|||||||
fmt.Println(ipnet.String())
|
fmt.Println(ipnet.String())
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
default:
|
|
||||||
}
|
}
|
||||||
|
|
||||||
n := &node{}
|
n := &node{}
|
||||||
@ -352,8 +309,7 @@ func run(args yggArgs, ctx context.Context, done chan struct{}) {
|
|||||||
}
|
}
|
||||||
options = append(options, core.AllowedPublicKey(k[:]))
|
options = append(options, core.AllowedPublicKey(k[:]))
|
||||||
}
|
}
|
||||||
n.core, err = core.New(sk[:], logger, options...)
|
if n.core, err = core.New(sk[:], logger, options...); err != nil {
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -363,8 +319,7 @@ func run(args yggArgs, ctx context.Context, done chan struct{}) {
|
|||||||
options := []admin.SetupOption{
|
options := []admin.SetupOption{
|
||||||
admin.ListenAddress(cfg.AdminListen),
|
admin.ListenAddress(cfg.AdminListen),
|
||||||
}
|
}
|
||||||
n.admin, err = admin.New(n.core, logger, options...)
|
if n.admin, err = admin.New(n.core, logger, options...); err != nil {
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -380,8 +335,7 @@ func run(args yggArgs, ctx context.Context, done chan struct{}) {
|
|||||||
Port: intf.Port,
|
Port: intf.Port,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
n.multicast, err = multicast.New(n.core, logger, options...)
|
if n.multicast, err = multicast.New(n.core, logger, options...); err != nil {
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
if n.admin != nil {
|
if n.admin != nil {
|
||||||
@ -395,9 +349,7 @@ func run(args yggArgs, ctx context.Context, done chan struct{}) {
|
|||||||
tuntap.InterfaceName(cfg.IfName),
|
tuntap.InterfaceName(cfg.IfName),
|
||||||
tuntap.InterfaceMTU(cfg.IfMTU),
|
tuntap.InterfaceMTU(cfg.IfMTU),
|
||||||
}
|
}
|
||||||
rwc := ipv6rwc.NewReadWriteCloser(n.core)
|
if n.tuntap, err = tuntap.New(ipv6rwc.NewReadWriteCloser(n.core), logger, options...); err != nil {
|
||||||
n.tuntap, err = tuntap.New(rwc, logger, options...)
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
if n.admin != nil {
|
if n.admin != nil {
|
||||||
|
@ -47,15 +47,17 @@ type Core struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func New(secret ed25519.PrivateKey, logger util.Logger, opts ...SetupOption) (*Core, error) {
|
func New(secret ed25519.PrivateKey, logger util.Logger, opts ...SetupOption) (*Core, error) {
|
||||||
if len(secret) != ed25519.PrivateKeySize {
|
|
||||||
return nil, fmt.Errorf("private key is incorrect length")
|
|
||||||
}
|
|
||||||
c := &Core{
|
c := &Core{
|
||||||
secret: secret,
|
|
||||||
public: secret.Public().(ed25519.PublicKey),
|
|
||||||
log: logger,
|
log: logger,
|
||||||
}
|
}
|
||||||
c.ctx, c.cancel = context.WithCancel(context.Background())
|
c.ctx, c.cancel = context.WithCancel(context.Background())
|
||||||
|
// Take a copy of the private key so that it is in our own memory space.
|
||||||
|
if len(secret) != ed25519.PrivateKeySize {
|
||||||
|
return nil, fmt.Errorf("private key is incorrect length")
|
||||||
|
}
|
||||||
|
c.secret = make(ed25519.PrivateKey, 0, ed25519.PrivateKeySize)
|
||||||
|
copy(c.secret, secret)
|
||||||
|
c.public = secret.Public().(ed25519.PublicKey)
|
||||||
var err error
|
var err error
|
||||||
if c.PacketConn, err = iwe.NewPacketConn(c.secret); err != nil {
|
if c.PacketConn, err = iwe.NewPacketConn(c.secret); err != nil {
|
||||||
return nil, fmt.Errorf("error creating encryption: %w", err)
|
return nil, fmt.Errorf("error creating encryption: %w", err)
|
||||||
|
Loading…
Reference in New Issue
Block a user