summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sbin/ifconfig/ifconfig.812
-rw-r--r--sbin/ifconfig/ifconfig.c31
-rw-r--r--sys/net/if_wg.c12
-rw-r--r--sys/net/if_wg.h4
4 files changed, 53 insertions, 6 deletions
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index c635ede8b4d..3f03ddf6d9d 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ifconfig.8,v 1.395 2023/05/16 14:32:54 jan Exp $
+.\" $OpenBSD: ifconfig.8,v 1.396 2023/06/01 18:57:53 kn Exp $
.\" $NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
.\" $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
.\"
@@ -31,7 +31,7 @@
.\"
.\" @(#)ifconfig.8 8.4 (Berkeley) 6/1/94
.\"
-.Dd $Mdocdate: May 16 2023 $
+.Dd $Mdocdate: June 1 2023 $
.Dt IFCONFIG 8
.Os
.Sh NAME
@@ -2316,6 +2316,7 @@ Packets on a VLAN interface without a tag set will use a value of
.Op Fl wgpeerall
.Oo
.Oo Fl Oc Ns Cm wgpeer Ar publickey
+.Op Oo Fl Oc Ns Cm wgdescr Ns Oo Cm iption Oc Ar value
.Op Cm wgaip Ar allowed-ip_address/prefix
.Op Cm wgendpoint Ar peer_address port
.Op Cm wgpka Ar interval
@@ -2383,6 +2384,13 @@ Peer configuration options, which apply to the
immediately preceding them,
are as follows:
.Bl -tag -width Ds
+.Tg wgdescription
+.It Cm wgdescr Ns Oo Cm iption Oc Ar value
+Set the peer's description.
+This can be used to label peers in situations where they may
+otherwise be difficult to distinguish.
+.It Cm -wgdescr Ns Op Cm iption
+Clear the peer description.
.It Cm wgaip Ar allowed-ip_address/prefix
Set the peer's IPv4 or IPv6
.Ar allowed-ip_address
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index 5dc9ea641ca..1ae9a90bb82 100644
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ifconfig.c,v 1.464 2023/05/16 14:32:54 jan Exp $ */
+/* $OpenBSD: ifconfig.c,v 1.465 2023/06/01 18:57:54 kn Exp $ */
/* $NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $ */
/*
@@ -351,6 +351,7 @@ void transceiverdump(const char *, int);
/* WG */
void setwgpeer(const char *, int);
+void setwgpeerdesc(const char *, int);
void setwgpeerep(const char *, const char *);
void setwgpeeraip(const char *, int);
void setwgpeerpsk(const char *, int);
@@ -360,6 +361,7 @@ void setwgkey(const char *, int);
void setwgrtable(const char *, int);
void unsetwgpeer(const char *, int);
+void unsetwgpeerdesc(const char *, int);
void unsetwgpeerpsk(const char *, int);
void unsetwgpeerall(const char *, int);
@@ -619,6 +621,8 @@ const struct cmd {
{ "sffdump", 0, 0, transceiverdump },
{ "wgpeer", NEXTARG, A_WIREGUARD, setwgpeer},
+ { "wgdescription", NEXTARG, A_WIREGUARD, setwgpeerdesc},
+ { "wgdescr", NEXTARG, A_WIREGUARD, setwgpeerdesc},
{ "wgendpoint", NEXTARG2, A_WIREGUARD, NULL, setwgpeerep},
{ "wgaip", NEXTARG, A_WIREGUARD, setwgpeeraip},
{ "wgpsk", NEXTARG, A_WIREGUARD, setwgpeerpsk},
@@ -627,7 +631,8 @@ const struct cmd {
{ "wgkey", NEXTARG, A_WIREGUARD, setwgkey},
{ "wgrtable", NEXTARG, A_WIREGUARD, setwgrtable},
{ "-wgpeer", NEXTARG, A_WIREGUARD, unsetwgpeer},
- { "-wgpsk", 0, A_WIREGUARD, unsetwgpeerpsk},
+ { "-wgdescription", 0, A_WIREGUARD, unsetwgpeerdesc},
+ { "-wgdescr", 0, A_WIREGUARD, unsetwgpeerdesc},
{ "-wgpeerall", 0, A_WIREGUARD, unsetwgpeerall},
#else /* SMALL */
@@ -5736,6 +5741,15 @@ setwgpeer(const char *peerkey_b64, int param)
}
void
+setwgpeerdesc(const char *descr, int param)
+{
+ if (wg_peer == NULL)
+ errx(1, "wgdescr: wgpeer not set");
+ wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
+ strlcpy(wg_peer->p_description, descr, IFDESCRSIZE);
+}
+
+void
setwgpeeraip(const char *aip, int param)
{
int res;
@@ -5839,6 +5853,15 @@ unsetwgpeer(const char *peerkey_b64, int param)
}
void
+unsetwgpeerdesc(const char *descr, int param)
+{
+ if (wg_peer == NULL)
+ errx(1, "wgdescr: wgpeer not set");
+ wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
+ strlcpy(wg_peer->p_description, "", IFDESCRSIZE);
+}
+
+void
unsetwgpeerpsk(const char *value, int param)
{
if (wg_peer == NULL)
@@ -5908,6 +5931,10 @@ wg_status(int ifaliases)
key, sizeof(key));
printf("\twgpeer %s\n", key);
+ if (strlen(wg_peer->p_description))
+ printf("\t\twgdescr: %s\n",
+ wg_peer->p_description);
+
if (wg_peer->p_flags & WG_PEER_HAS_PSK)
printf("\t\twgpsk (present)\n");
diff --git a/sys/net/if_wg.c b/sys/net/if_wg.c
index 36b9ad8ca32..951cb6f1df0 100644
--- a/sys/net/if_wg.c
+++ b/sys/net/if_wg.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_wg.c,v 1.27 2023/05/30 08:30:01 jsg Exp $ */
+/* $OpenBSD: if_wg.c,v 1.28 2023/06/01 18:57:53 kn Exp $ */
/*
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
@@ -221,6 +221,8 @@ struct wg_peer {
SLIST_ENTRY(wg_peer) p_start_list;
int p_start_onlist;
+
+ char p_description[IFDESCRSIZE];
};
struct wg_softc {
@@ -407,6 +409,8 @@ wg_peer_create(struct wg_softc *sc, uint8_t public[WG_KEY_SIZE])
peer->p_counters_tx = 0;
peer->p_counters_rx = 0;
+ strlcpy(peer->p_description, "", IFDESCRSIZE);
+
mtx_init(&peer->p_endpoint_mtx, IPL_NET);
bzero(&peer->p_endpoint, sizeof(peer->p_endpoint));
@@ -2320,6 +2324,10 @@ wg_ioctl_set(struct wg_softc *sc, struct wg_data_io *data)
}
}
+ if (peer_o.p_flags & WG_PEER_SET_DESCRIPTION)
+ strlcpy(peer->p_description, peer_o.p_description,
+ IFDESCRSIZE);
+
aip_p = &peer_p->p_aips[0];
for (j = 0; j < peer_o.p_aips_count; j++) {
if ((ret = copyin(aip_p, &aip_o, sizeof(aip_o))) != 0)
@@ -2430,6 +2438,8 @@ wg_ioctl_get(struct wg_softc *sc, struct wg_data_io *data)
}
peer_o.p_aips_count = aip_count;
+ strlcpy(peer_o.p_description, peer->p_description, IFDESCRSIZE);
+
if ((ret = copyout(&peer_o, peer_p, sizeof(peer_o))) != 0)
goto unlock_and_ret_size;
diff --git a/sys/net/if_wg.h b/sys/net/if_wg.h
index 2b5d1e646a0..adb623ce2da 100644
--- a/sys/net/if_wg.h
+++ b/sys/net/if_wg.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_wg.h,v 1.4 2020/06/22 12:20:44 jasper Exp $ */
+/* $OpenBSD: if_wg.h,v 1.5 2023/06/01 18:57:53 kn Exp $ */
/*
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
@@ -61,6 +61,7 @@ struct wg_aip_io {
#define WG_PEER_REPLACE_AIPS (1 << 4)
#define WG_PEER_REMOVE (1 << 5)
#define WG_PEER_UPDATE (1 << 6)
+#define WG_PEER_SET_DESCRIPTION (1 << 7)
#define p_sa p_endpoint.sa_sa
#define p_sin p_endpoint.sa_sin
@@ -80,6 +81,7 @@ struct wg_peer_io {
uint64_t p_txbytes;
uint64_t p_rxbytes;
struct timespec p_last_handshake; /* nanotime */
+ char p_description[IFDESCRSIZE];
size_t p_aips_count;
struct wg_aip_io p_aips[];
};