wireguard: add ipv6 support

Type: improvement Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: If1a7e82ce163c4c4acaa5acf45ad2b88371396f6
author: Artem Glazychev <artem.glazychev@xored.com> 2021-06-03 20:11:54 +0700
committer: Ed Warnicke <hagbard@gmail.com> 2021-10-06 17:57:46 +0000
commit: 7dd3b5b5e37a4019ae335296ba9c4bd1e465fd17 (patch)
tree: 0cd0a76ebce52b2907514e4e4394af32094d2ab7 /src/plugins/wireguard/wireguard_api.c
parent: 0c4931cb351929a1ccdb6b29431def3705f101d7 (diff)
1 files changed, 10 insertions, 25 deletions
diff --git a/src/plugins/wireguard/wireguard_api.c b/src/plugins/wireguard/wireguard_api.c
index 3f17f658869..5dd4f86f910 100644
--- a/src/plugins/wireguard/wireguard_api.c
+++ b/src/plugins/wireguard/wireguard_api.c
@@ -47,19 +47,13 @@ static void
 
   ip_address_decode2 (&mp->interface.src_ip, &src);
 
-  if (AF_IP6 == ip_addr_version (&src))
-    rv = VNET_API_ERROR_INVALID_PROTOCOL;
+  if (mp->generate_key)
+    curve25519_gen_secret (private_key);
   else
-    {
-      if (mp->generate_key)
-	curve25519_gen_secret (private_key);
-      else
-	clib_memcpy (private_key, mp->interface.private_key,
-		     NOISE_PUBLIC_KEY_LEN);
-
-      rv = wg_if_create (ntohl (mp->interface.user_instance), private_key,
-			 ntohs (mp->interface.port), &src, &sw_if_index);
-    }
+    clib_memcpy (private_key, mp->interface.private_key, NOISE_PUBLIC_KEY_LEN);
+
+  rv = wg_if_create (ntohl (mp->interface.user_instance), private_key,
+		     ntohs (mp->interface.port), &src, &sw_if_index);
 
   /* *INDENT-OFF* */
   REPLY_MACRO2(VL_API_WIREGUARD_INTERFACE_CREATE_REPLY,
@@ -177,19 +171,10 @@ vl_api_wireguard_peer_add_t_handler (vl_api_wireguard_peer_add_t * mp)
   for (ii = 0; ii < mp->peer.n_allowed_ips; ii++)
     ip_prefix_decode (&mp->peer.allowed_ips[ii], &allowed_ips[ii]);
 
-  if (AF_IP6 == ip_addr_version (&endpoint) ||
-      FIB_PROTOCOL_IP6 == allowed_ips[0].fp_proto)
-    /* ip6 currently not supported, but the API needs to support it
-     * else we'll need to change it later, and that's a PITA */
-    rv = VNET_API_ERROR_INVALID_PROTOCOL;
-  else
-    rv = wg_peer_add (ntohl (mp->peer.sw_if_index),
-		      mp->peer.public_key,
-		      ntohl (mp->peer.table_id),
-		      &ip_addr_46 (&endpoint),
-		      allowed_ips,
-		      ntohs (mp->peer.port),
-		      ntohs (mp->peer.persistent_keepalive), &peeri);
+  rv = wg_peer_add (ntohl (mp->peer.sw_if_index), mp->peer.public_key,
+		    ntohl (mp->peer.table_id), &ip_addr_46 (&endpoint),
+		    allowed_ips, ntohs (mp->peer.port),
+		    ntohs (mp->peer.persistent_keepalive), &peeri);
 
   vec_free (allowed_ips);
 done:
author	Artem Glazychev <artem.glazychev@xored.com>	2021-06-03 20:11:54 +0700
committer	Ed Warnicke <hagbard@gmail.com>	2021-10-06 17:57:46 +0000
commit	7dd3b5b5e37a4019ae335296ba9c4bd1e465fd17 (patch)
tree	0cd0a76ebce52b2907514e4e4394af32094d2ab7 /src/plugins/wireguard/wireguard_api.c
parent	0c4931cb351929a1ccdb6b29431def3705f101d7 (diff)