Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.sbin/wgconfig Update wgconfig(8) for proplib API changes.



details:   https://anonhg.NetBSD.org/src/rev/398f83d052ff
branches:  trunk
changeset: 942837:398f83d052ff
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Thu Aug 20 21:34:51 2020 +0000

description:
Update wgconfig(8) for proplib API changes.

Also check type tags before conversion.

diffstat:

 usr.sbin/wgconfig/wgconfig.c |  259 +++++++++++++++++++++++++-----------------
 1 files changed, 156 insertions(+), 103 deletions(-)

diffs (truncated from 484 to 300 lines):

diff -r 947de366bd9f -r 398f83d052ff usr.sbin/wgconfig/wgconfig.c
--- a/usr.sbin/wgconfig/wgconfig.c      Thu Aug 20 21:34:42 2020 +0000
+++ b/usr.sbin/wgconfig/wgconfig.c      Thu Aug 20 21:34:51 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: wgconfig.c,v 1.2 2020/08/20 21:31:26 riastradh Exp $   */
+/*     $NetBSD: wgconfig.c,v 1.3 2020/08/20 21:34:51 riastradh Exp $   */
 
 /*
  * Copyright (C) Ryota Ozaki <ozaki.ryota%gmail.com@localhost>
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: wgconfig.c,v 1.2 2020/08/20 21:31:26 riastradh Exp $");
+__RCSID("$NetBSD: wgconfig.c,v 1.3 2020/08/20 21:34:51 riastradh Exp $");
 
 #include <sys/ioctl.h>
 
@@ -80,15 +80,16 @@
 format_key(prop_object_t key_prop)
 {
        int error;
-       unsigned char *key;
+       const void *key;
        size_t key_len;
        static char key_b64[KEY_BASE64_LEN + 1];
-       static const char *none = "(none)";
 
        if (key_prop == NULL)
-               return none;
+               return "(none)";
+       if (prop_object_type(key_prop) != PROP_TYPE_DATA)
+               errx(EXIT_FAILURE, "invalid key");
 
-       key = prop_data_data(key_prop);
+       key = prop_data_value(key_prop);
        key_len = prop_data_size(key_prop);
        if (key_len != KEY_LEN)
                errx(EXIT_FAILURE, "invalid key len: %lu", key_len);
@@ -106,10 +107,13 @@
        int error;
        static char buf[INET6_ADDRSTRLEN];
        struct sockaddr_storage sockaddr;
-       char *addr;
+       const void *addr;
        size_t addr_len;
 
-       addr = prop_data_data(endpoint_prop);
+       if (prop_object_type(endpoint_prop) != PROP_TYPE_DATA)
+               errx(EXIT_FAILURE, "invalid endpoint");
+
+       addr = prop_data_value(endpoint_prop);
        addr_len = prop_data_size(endpoint_prop);
        memcpy(&sockaddr, addr, addr_len);
 
@@ -124,48 +128,68 @@
 static void
 handle_allowed_ips(prop_dictionary_t peer, const char *prefix)
 {
+       prop_object_t prop_obj;
        prop_array_t allowedips;
        prop_object_iterator_t it;
        prop_dictionary_t allowedip;
        bool first = true;
 
-       allowedips = prop_dictionary_get(peer, "allowedips");
-       if (allowedips == NULL)
+       prop_obj = prop_dictionary_get(peer, "allowedips");
+       if (prop_obj == NULL)
                return;
+       if (prop_object_type(prop_obj) != PROP_TYPE_ARRAY)
+               errx(EXIT_FAILURE, "invalid allowedips");
+       allowedips = prop_obj;
 
        printf("%sallowed-ips: ", prefix);
 
        it = prop_array_iterator(allowedips);
-       while ((allowedip = prop_object_iterator_next(it)) != NULL) {
-               prop_object_t prop_obj;
+       while ((prop_obj = prop_object_iterator_next(it)) != NULL) {
                uint8_t family;
                uint8_t cidr;
-               char *addr;
+               const void *addr;
+               size_t addrlen, famaddrlen;
                char ntopbuf[INET6_ADDRSTRLEN];
                const char *ntopret;
 
-               prop_obj = prop_dictionary_get(allowedip, "family");
-               if (prop_obj == NULL) {
+               if (prop_object_type(prop_obj) != PROP_TYPE_DICTIONARY) {
+                       warnx("invalid allowedip");
+                       continue;
+               }
+               allowedip = prop_obj;
+
+               if (!prop_dictionary_get_uint8(allowedip, "family", &family)) {
                        warnx("allowed-ip without family");
                        continue;
                }
 
-               family = (uint8_t)prop_number_unsigned_integer_value(prop_obj);
-
-               prop_obj = prop_dictionary_get(allowedip, "cidr");
-               if (prop_obj == NULL) {
+               if (!prop_dictionary_get_uint8(allowedip, "cidr", &cidr)) {
                        warnx("allowed-ip without cidr");
                        continue;
                }
-               cidr = (uint8_t)prop_number_unsigned_integer_value(prop_obj);
 
-               prop_obj = prop_dictionary_get(allowedip, "ip");
-               if (prop_obj == NULL) {
+               if (!prop_dictionary_get_data(allowedip, "ip",
+                       &addr, &addrlen)) {
                        warnx("allowed-ip without ip");
                        continue;
                }
 
-               addr = prop_data_data(prop_obj);
+               switch (family) {
+               case AF_INET:
+                       famaddrlen = sizeof(struct in_addr);
+                       break;
+               case AF_INET6:
+                       famaddrlen = sizeof(struct in6_addr);
+                       break;
+               default:
+                       warnx("unknown family %d", family);
+                       continue;
+               }
+               if (addrlen != famaddrlen) {
+                       warnx("allowed-ip bad ip length");
+                       continue;
+               }
+
                ntopret = inet_ntop(family, addr, ntopbuf, sizeof(ntopbuf));
                if (ntopret == NULL)
                        errx(EXIT_FAILURE, "inet_ntop failed");
@@ -217,6 +241,7 @@
 show_peer(prop_dictionary_t peer, const char *prefix, bool show_psk)
 {
        prop_object_t prop_obj;
+       uint64_t sec;
 
        prop_obj = prop_dictionary_get(peer, "public_key");
        if (prop_obj == NULL) {
@@ -240,15 +265,10 @@
 
        handle_allowed_ips(peer, prefix);
 
-       prop_obj = prop_dictionary_get(peer, "last_handshake_time_sec");
-       if (prop_obj != NULL) {
-               uint64_t sec = prop_number_unsigned_integer_value(prop_obj);
+       if (prop_dictionary_get_uint64(peer, "last_handshake_time_sec", &sec))
                printf("%slatest-handshake: %"PRIu64"\n", prefix, sec);
-       } else
+       else
                printf("%slatest-handshake: (none)\n", prefix);
-#if 0
-       prop_obj = prop_dictionary_get(peer, "last_handshake_time_nsec");
-#endif
 }
 
 static int
@@ -256,6 +276,8 @@
 {
        prop_dictionary_t prop_dict;
        prop_object_t prop_obj;
+       uint16_t port;
+       prop_array_t peers;
 
        prop_dict = ioctl_get(interface);
 
@@ -268,26 +290,28 @@
        printf("\tprivate-key: (hidden)\n");
 #endif
 
-       prop_obj = prop_dictionary_get(prop_dict, "listen_port");
-       if (prop_obj != NULL) {
-               uint64_t port = prop_number_unsigned_integer_value(prop_obj);
-               if (port != (uint64_t)(uint16_t)port)
-                       errx(EXIT_FAILURE, "invalid port: %" PRIu64, port);
-               printf("\tlisten-port: %u\n", (uint16_t)port);
+       if (prop_dictionary_get_uint16(prop_dict, "listen_port", &port)) {
+               printf("\tlisten-port: %u\n", port);
        } else {
                printf("\tlisten-port: (none)\n");
        }
 
-       prop_array_t peers = prop_dictionary_get(prop_dict, "peers");
-       if (peers == NULL)
+       prop_obj = prop_dictionary_get(prop_dict, "peers");
+       if (prop_obj == NULL)
                return EXIT_SUCCESS;
+       if (prop_object_type(prop_obj) != PROP_TYPE_ARRAY)
+               errx(EXIT_FAILURE, "invalid peers");
+       peers = prop_obj;
 
        prop_object_iterator_t it = prop_array_iterator(peers);
-       prop_dictionary_t peer;
-       while ((peer = prop_object_iterator_next(it)) != NULL) {
-               prop_obj = prop_dictionary_get(peer, "name");
-               if (prop_obj != NULL) {
-                       const char *name = prop_string_cstring_nocopy(prop_obj);
+       while ((prop_obj = prop_object_iterator_next(it)) != NULL) {
+               const char *name;
+
+               if (prop_object_type(prop_obj) != PROP_TYPE_DICTIONARY)
+                       errx(EXIT_FAILURE, "invalid peer");
+               prop_dictionary_t peer = prop_obj;
+
+               if (prop_dictionary_get_string(peer, "name", &name)) {
                        printf("\tpeer: %s\n", name);
                } else
                        printf("\tpeer: (none)\n");
@@ -302,6 +326,7 @@
 cmd_show_peer(const char *interface, int argc, char *argv[])
 {
        prop_dictionary_t prop_dict;
+       prop_object_t prop_obj;
        const char *target;
        const char *opt = "--show-preshared-key";
        bool show_psk = false;
@@ -317,26 +342,31 @@
 
        prop_dict = ioctl_get(interface);
 
-       prop_array_t peers = prop_dictionary_get(prop_dict, "peers");
-       if (peers == NULL)
+       prop_obj = prop_dictionary_get(prop_dict, "peers");
+       if (prop_obj == NULL)
                return EXIT_SUCCESS;
+       if (prop_object_type(prop_obj) != PROP_TYPE_ARRAY)
+               errx(EXIT_FAILURE, "invalid peers");
 
+       prop_array_t peers = prop_obj;
        prop_object_iterator_t it = prop_array_iterator(peers);
-       prop_dictionary_t peer;
-       while ((peer = prop_object_iterator_next(it)) != NULL) {
-               prop_object_t prop_obj;
-               prop_obj = prop_dictionary_get(peer, "name");
-               if (prop_obj == NULL)
+       while ((prop_obj = prop_object_iterator_next(it)) != NULL) {
+               const char *name;
+
+               if (prop_object_type(prop_obj) != PROP_TYPE_DICTIONARY)
+                       errx(EXIT_FAILURE, "invalid peer");
+               prop_dictionary_t peer = prop_obj;
+
+               if (!prop_dictionary_get_string(peer, "name", &name))
                        continue;
-               const char *name = prop_string_cstring_nocopy(prop_obj);
                if (strcmp(name, target) == 0) {
                        printf("peer: %s\n", name);
                        show_peer(peer, "\t", show_psk);
-                       break;
+                       return EXIT_SUCCESS;
                }
        }
 
-       return EXIT_SUCCESS;
+       return EXIT_FAILURE;
 }
 
 static int
@@ -413,9 +443,12 @@
 
        prop_dictionary_t prop_dict;
        prop_dict = prop_dictionary_create();
-       prop_data_t privkey = prop_data_create_data(keybuf, sizeof(keybuf));
-       prop_dictionary_set(prop_dict, "private_key", privkey);
-       prop_object_release(privkey);
+       if (prop_dict == NULL)
+               errx(EXIT_FAILURE, "prop_dictionary_create");
+
+       if (!prop_dictionary_set_data(prop_dict, "private_key",
+               keybuf, sizeof(keybuf)))
+               errx(EXIT_FAILURE, "prop_dictionary_set_data");
 
        char *buf = prop_dictionary_externalize(prop_dict);
        if (buf == NULL)
@@ -459,9 +492,11 @@
 
        prop_dictionary_t prop_dict;
        prop_dict = prop_dictionary_create();
-       prop_number_t prop_port = prop_number_create_unsigned_integer(port);
-       prop_dictionary_set(prop_dict, "listen_port", prop_port);
-       prop_object_release(prop_port);
+       if (prop_dict == NULL)
+               errx(EXIT_FAILURE, "prop_dictionary_create");
+
+       if (!prop_dictionary_set_uint16(prop_dict, "listen_port", port))
+               errx(EXIT_FAILURE, "prop_dictionary_set_uint16");
 
        char *buf = prop_dictionary_externalize(prop_dict);
        if (buf == NULL)
@@ -475,7 +510,6 @@
 handle_option_endpoint(const char *_addr_port, prop_dictionary_t prop_dict)
 {



Home | Main Index | Thread Index | Old Index