On Tue, May 23, 2023 at 07:13:28PM +0000, Klemens Nanni wrote:
> On Sat, Jan 14, 2023 at 02:28:27PM +0000, Stuart Henderson wrote:
> > On 2023/01/12 04:49, Mikolaj Kucharski wrote:
> > > Hi,
> > >
> > > Is there anything else which I can do, to help this diff reviwed and
> > > increase the chance of getting in?
> > >
> > > Thread at https://marc.info/?t=163478298600001&r=1&w=2
> > >
> > > Last version of the diff at
> > > https://marc.info/?l=openbsd-tech&m=167185582521873&q=mbox
> >
> > Inlining that for a few comments, otherwise it's ok sthen
>
> wgdescr[iption] would be consistent with the existing descr[iption].
> At least my keep typing the trailing "r"...
>
> Then '-wgdescr' and 'wgdescr ""' work and are implemented exactly like
> te inteface description equivalents.
>
> I could use this now in a new VPN setup, so here's a polished diff,
> with the above, missing ifconfig.8 bits written and other nits inline.
>
> As Theo suggested, I'd drop the wg.4 and leave it to ifconfig.8 proper.
>
> Feedback?
>
> Either way, net/wireguard-tools needs a bump/rebuild.
Updated diff at the end, grabbing the new per-description mutex also for
reading, not just writing it.
I did not run into an issue with the first two diffs, but other peer
properties have their own mutex as well and they're consistently used
for all accesses, as I'd expect, so protect new description properly.
Also fixed ifconfig.8's wireguard synopsis bits.
Anyone?
>
> >
> > : Index: sbin/ifconfig/ifconfig.c
> > : ===================================================================
> > : RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> > : retrieving revision 1.460
> > : diff -u -p -u -r1.460 ifconfig.c
> > : --- sbin/ifconfig/ifconfig.c 18 Dec 2022 18:56:38 -0000 1.460
> > : +++ sbin/ifconfig/ifconfig.c 24 Dec 2022 00:49:05 -0000
> > : @@ -355,12 +355,14 @@ void setwgpeerep(const char *, const cha
> > : void setwgpeeraip(const char *, int);
> > : void setwgpeerpsk(const char *, int);
> > : void setwgpeerpka(const char *, int);
> > : +void setwgpeerdesc(const char *, int);
> > : void setwgport(const char *, int);
> > : void setwgkey(const char *, int);
> > : void setwgrtable(const char *, int);
> > :
> > : void unsetwgpeer(const char *, int);
> > : void unsetwgpeerpsk(const char *, int);
> > : +void unsetwgpeerdesc(const char *, int);
> > : void unsetwgpeerall(const char *, int);
> > :
> > : void wg_status(int);
> > : @@ -623,11 +625,13 @@ const struct cmd {
> > : { "wgaip", NEXTARG, A_WIREGUARD, setwgpeeraip},
> > : { "wgpsk", NEXTARG, A_WIREGUARD, setwgpeerpsk},
> > : { "wgpka", NEXTARG, A_WIREGUARD, setwgpeerpka},
> > : + { "wgdesc", NEXTARG, A_WIREGUARD, setwgpeerdesc},
> > : { "wgport", NEXTARG, A_WIREGUARD, setwgport},
> > : { "wgkey", NEXTARG, A_WIREGUARD, setwgkey},
> > : { "wgrtable", NEXTARG, A_WIREGUARD, setwgrtable},
> > : { "-wgpeer", NEXTARG, A_WIREGUARD, unsetwgpeer},
> > : { "-wgpsk", 0, A_WIREGUARD, unsetwgpeerpsk},
> > : + { "-wgdesc", 0, A_WIREGUARD, unsetwgpeerdesc},
> > : { "-wgpeerall", 0, A_WIREGUARD, unsetwgpeerall},
> > :
> > : #else /* SMALL */
> > : @@ -5856,6 +5860,16 @@ setwgpeerpka(const char *pka, int param)
> > : }
> > :
> > : void
> > : +setwgpeerdesc(const char *wgdesc, int param)
> > : +{
> > : + if (wg_peer == NULL)
> > : + errx(1, "wgdesc: wgpeer not set");
> > : + if (strlen(wgdesc))
> > : + strlcpy(wg_peer->p_description, wgdesc, IFDESCRSIZE);
> > : + wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
> > : +}
> > : +
> > : +void
> > : setwgport(const char *port, int param)
> > : {
> > : const char *errmsg = NULL;
> > : @@ -5902,6 +5916,15 @@ unsetwgpeerpsk(const char *value, int pa
> > : }
> > :
> > : void
> > : +unsetwgpeerdesc(const char *value, int param)
> > : +{
> > : + if (wg_peer == NULL)
> > : + errx(1, "wgdesc: wgpeer not set");
> > : + strlcpy(wg_peer->p_description, "", IFDESCRSIZE);
> > : + wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
> >
> > I was a bit confused by this at first (wondering if it should use
> > "&= ~WG_PEER_SET_DESCRIPTION"). I understand it now but I think that
> > a different name would make it clearer. Maybe WG_PEER_UPDATE_DESCR?
>
> This matches the [-]descr[iption] implementation, which always sets it,
> either to the user's value or to the empty string.
>
> Set and update thus seem equivalent to me, I'm fine with flag name and
> handling as-is.
>
> >
> > : +}
> > : +
> > : +void
> > : unsetwgpeerall(const char *value, int param)
> > : {
> > : ensurewginterface();
> > : @@ -5961,6 +5984,9 @@ wg_status(int ifaliases)
> > : b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> > : key, sizeof(key));
> > : printf("\twgpeer %s\n", key);
> > : +
> > : + if (strlen(wg_peer->p_description))
> > : + printf("\t\twgdesc %s\n",
> > wg_peer->p_description);
>
> I made this a) print a double-colon and b) always say "wgdescr" without
> "iption" such that any potential script parsing ifconfig output for
> "description:" won't suddenly match this as well.
>
> > :
> > : if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> > : printf("\t\twgpsk (present)\n");
> > : Index: share/man/man4/wg.4
>
> ... dropped.
>
> > : Index: sys/net/if_wg.c
> > : ===================================================================
> > : RCS file: /cvs/src/sys/net/if_wg.c,v
> > : retrieving revision 1.26
> > : diff -u -p -u -r1.26 if_wg.c
> > : --- sys/net/if_wg.c 21 Jul 2022 11:26:50 -0000 1.26
> > : +++ sys/net/if_wg.c 24 Dec 2022 00:49:06 -0000
> > : @@ -221,6 +221,9 @@ struct wg_peer {
> > :
> > : SLIST_ENTRY(wg_peer) p_start_list;
> > : int p_start_onlist;
> > : +
> > : + struct mutex p_description_mtx;
> > : + char p_description[IFDESCRSIZE];
> > : };
> > :
> > : struct wg_softc {
> > : @@ -275,6 +278,7 @@ int wg_peer_get_sockaddr(struct wg_peer
> > : void wg_peer_clear_src(struct wg_peer *);
> > : void wg_peer_get_endpoint(struct wg_peer *, struct wg_endpoint *);
> > : void wg_peer_counters_add(struct wg_peer *, uint64_t, uint64_t);
> > : +void wg_peer_set_description(struct wg_peer *, char *);
> > :
> > : int wg_aip_add(struct wg_softc *, struct wg_peer *, struct
> > wg_aip_io *);
> > : struct wg_peer *
> > : @@ -407,6 +411,9 @@ wg_peer_create(struct wg_softc *sc, uint
> > : peer->p_counters_tx = 0;
> > : peer->p_counters_rx = 0;
> > :
> > : + mtx_init(&peer->p_description_mtx, IPL_NET);
> > : + memset(peer->p_description, 0, IFDESCRSIZE);
> > : +
>
> I used strlcpy with the empty string to be consistent with how it is cleared
> in other hunks and clarify that this is always a string.
>
> > : mtx_init(&peer->p_endpoint_mtx, IPL_NET);
> > : bzero(&peer->p_endpoint, sizeof(peer->p_endpoint));
> > :
> > : @@ -581,6 +588,15 @@ wg_peer_counters_add(struct wg_peer *pee
> > : mtx_leave(&peer->p_counters_mtx);
> > : }
> > :
> > : +void
> > : +wg_peer_set_description(struct wg_peer *peer, char *description)
> > : +{
> > : + mtx_enter(&peer->p_description_mtx);
> > : + memset(peer->p_description, 0, IFDESCRSIZE);
> > : + strlcpy(peer->p_description, description, IFDESCRSIZE);
>
> memset is not needed here.
>
> > : + mtx_leave(&peer->p_description_mtx);
> > : +}
> > : +
> > : int
> > : wg_aip_add(struct wg_softc *sc, struct wg_peer *peer, struct wg_aip_io
> > *d)
> > : {
> > : @@ -2320,6 +2336,10 @@ wg_ioctl_set(struct wg_softc *sc, struct
> > : }
> > : }
> > :
> > : + if (peer_o.p_flags & WG_PEER_SET_DESCRIPTION) {
> > : + wg_peer_set_description(peer, peer_o.p_description);
> > : + }
> > : +
>
> Dropped brackets to be consistent with code around this block.
>
> > : aip_p = &peer_p->p_aips[0];
> > : for (j = 0; j < peer_o.p_aips_count; j++) {
> > : if ((ret = copyin(aip_p, &aip_o, sizeof(aip_o))) != 0)
> > : @@ -2429,6 +2449,8 @@ wg_ioctl_get(struct wg_softc *sc, struct
> > : aip_count++;
> > : }
> > : peer_o.p_aips_count = aip_count;
> > : +
> > : + strlcpy(peer_o.p_description, peer->p_description, IFDESCRSIZE);
> > :
> > : if ((ret = copyout(&peer_o, peer_p, sizeof(peer_o))) != 0)
> > : goto unlock_and_ret_size;
> > : Index: sys/net/if_wg.h
> > : ===================================================================
> > : RCS file: /cvs/src/sys/net/if_wg.h,v
> > : retrieving revision 1.4
> > : diff -u -p -u -r1.4 if_wg.h
> > : --- sys/net/if_wg.h 22 Jun 2020 12:20:44 -0000 1.4
> > : +++ sys/net/if_wg.h 24 Dec 2022 00:49:06 -0000
> > : @@ -61,6 +61,7 @@ struct wg_aip_io {
> > : #define WG_PEER_REPLACE_AIPS (1 << 4)
> > : #define WG_PEER_REMOVE (1 << 5)
> > : #define WG_PEER_UPDATE (1 << 6)
> > : +#define WG_PEER_SET_DESCRIPTION (1 << 7)
> > :
> > : #define p_sa p_endpoint.sa_sa
> > : #define p_sin p_endpoint.sa_sin
> > : @@ -80,6 +81,7 @@ struct wg_peer_io {
> > : uint64_t p_txbytes;
> > : uint64_t p_rxbytes;
> > : struct timespec p_last_handshake; /* nanotime */
> > : + char p_description[IFDESCRSIZE];
> > : size_t p_aips_count;
> > : struct wg_aip_io p_aips[];
> > : };
> > :
> > : --
> > : Regards,
> > : Mikolaj
> > :
> >
>
>
> Index: sys/net/if_wg.c
> ===================================================================
> RCS file: /cvs/src/sys/net/if_wg.c,v
> retrieving revision 1.26
> diff -u -p -r1.26 if_wg.c
> --- sys/net/if_wg.c 21 Jul 2022 11:26:50 -0000 1.26
> +++ sys/net/if_wg.c 23 May 2023 18:37:52 -0000
> @@ -221,6 +221,9 @@ struct wg_peer {
>
> SLIST_ENTRY(wg_peer) p_start_list;
> int p_start_onlist;
> +
> + struct mutex p_description_mtx;
> + char p_description[IFDESCRSIZE];
> };
>
> struct wg_softc {
> @@ -275,6 +278,7 @@ int wg_peer_get_sockaddr(struct wg_peer
> void wg_peer_clear_src(struct wg_peer *);
> void wg_peer_get_endpoint(struct wg_peer *, struct wg_endpoint *);
> void wg_peer_counters_add(struct wg_peer *, uint64_t, uint64_t);
> +void wg_peer_set_description(struct wg_peer *, const char *);
>
> int wg_aip_add(struct wg_softc *, struct wg_peer *, struct wg_aip_io *);
> struct wg_peer *
> @@ -407,6 +411,9 @@ wg_peer_create(struct wg_softc *sc, uint
> peer->p_counters_tx = 0;
> peer->p_counters_rx = 0;
>
> + mtx_init(&peer->p_description_mtx, IPL_NET);
> + strlcpy(peer->p_description, "", IFDESCRSIZE);
> +
> mtx_init(&peer->p_endpoint_mtx, IPL_NET);
> bzero(&peer->p_endpoint, sizeof(peer->p_endpoint));
>
> @@ -581,6 +588,14 @@ wg_peer_counters_add(struct wg_peer *pee
> mtx_leave(&peer->p_counters_mtx);
> }
>
> +void
> +wg_peer_set_description(struct wg_peer *peer, const char *description)
> +{
> + mtx_enter(&peer->p_description_mtx);
> + strlcpy(peer->p_description, description, IFDESCRSIZE);
> + mtx_leave(&peer->p_description_mtx);
> +}
> +
> int
> wg_aip_add(struct wg_softc *sc, struct wg_peer *peer, struct wg_aip_io *d)
> {
> @@ -2320,6 +2335,9 @@ wg_ioctl_set(struct wg_softc *sc, struct
> }
> }
>
> + if (peer_o.p_flags & WG_PEER_SET_DESCRIPTION)
> + wg_peer_set_description(peer, peer_o.p_description);
> +
> aip_p = &peer_p->p_aips[0];
> for (j = 0; j < peer_o.p_aips_count; j++) {
> if ((ret = copyin(aip_p, &aip_o, sizeof(aip_o))) != 0)
> @@ -2429,6 +2447,8 @@ wg_ioctl_get(struct wg_softc *sc, struct
> aip_count++;
> }
> peer_o.p_aips_count = aip_count;
> +
> + strlcpy(peer_o.p_description, peer->p_description, IFDESCRSIZE);
>
> if ((ret = copyout(&peer_o, peer_p, sizeof(peer_o))) != 0)
> goto unlock_and_ret_size;
> Index: sys/net/if_wg.h
> ===================================================================
> RCS file: /cvs/src/sys/net/if_wg.h,v
> retrieving revision 1.4
> diff -u -p -r1.4 if_wg.h
> --- sys/net/if_wg.h 22 Jun 2020 12:20:44 -0000 1.4
> +++ sys/net/if_wg.h 23 May 2023 18:41:24 -0000
> @@ -61,6 +61,7 @@ struct wg_aip_io {
> #define WG_PEER_REPLACE_AIPS (1 << 4)
> #define WG_PEER_REMOVE (1 << 5)
> #define WG_PEER_UPDATE (1 << 6)
> +#define WG_PEER_SET_DESCRIPTION (1 << 7)
>
> #define p_sa p_endpoint.sa_sa
> #define p_sin p_endpoint.sa_sin
> @@ -80,6 +81,7 @@ struct wg_peer_io {
> uint64_t p_txbytes;
> uint64_t p_rxbytes;
> struct timespec p_last_handshake; /* nanotime */
> + char p_description[IFDESCRSIZE];
> size_t p_aips_count;
> struct wg_aip_io p_aips[];
> };
> Index: sbin/ifconfig/ifconfig.8
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
> retrieving revision 1.395
> diff -u -p -r1.395 ifconfig.8
> --- sbin/ifconfig/ifconfig.8 16 May 2023 14:32:54 -0000 1.395
> +++ sbin/ifconfig/ifconfig.8 23 May 2023 18:49:49 -0000
> @@ -2316,6 +2316,7 @@ Packets on a VLAN interface without a ta
> .Op Fl wgpeerall
> .Oo
> .Oo Fl Oc Ns Cm wgpeer Ar publickey
> +.Op Cm wgdescr Ns Oo Cm iption Oc Ar value
> .Op Cm wgaip Ar allowed-ip_address/prefix
> .Op Cm wgendpoint Ar peer_address port
> .Op Cm wgpka Ar interval
> @@ -2383,6 +2384,13 @@ Peer configuration options, which apply
> immediately preceding them,
> are as follows:
> .Bl -tag -width Ds
> +.Tg wgdescription
> +.It Cm wgdescr Ns Oo Cm iption Oc Ar value
> +Set the peer's description.
> +This can be used to label peers in situations where they may
> +otherwise be difficult to distinguish.
> +.It Cm -wgdescr Ns Op Cm iption
> +Clear the peer description.
> .It Cm wgaip Ar allowed-ip_address/prefix
> Set the peer's IPv4 or IPv6
> .Ar allowed-ip_address
> Index: sbin/ifconfig/ifconfig.c
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.464
> diff -u -p -r1.464 ifconfig.c
> --- sbin/ifconfig/ifconfig.c 16 May 2023 14:32:54 -0000 1.464
> +++ sbin/ifconfig/ifconfig.c 23 May 2023 18:40:47 -0000
> @@ -351,6 +351,7 @@ void transceiverdump(const char *, int);
>
> /* WG */
> void setwgpeer(const char *, int);
> +void setwgpeerdesc(const char *, int);
> void setwgpeerep(const char *, const char *);
> void setwgpeeraip(const char *, int);
> void setwgpeerpsk(const char *, int);
> @@ -360,6 +361,7 @@ void setwgkey(const char *, int);
> void setwgrtable(const char *, int);
>
> void unsetwgpeer(const char *, int);
> +void unsetwgpeerdesc(const char *, int);
> void unsetwgpeerpsk(const char *, int);
> void unsetwgpeerall(const char *, int);
>
> @@ -619,6 +621,8 @@ const struct cmd {
> { "sffdump", 0, 0, transceiverdump },
>
> { "wgpeer", NEXTARG, A_WIREGUARD, setwgpeer},
> + { "wgdescription", NEXTARG, A_WIREGUARD, setwgpeerdesc},
> + { "wgdescr", NEXTARG, A_WIREGUARD, setwgpeerdesc},
> { "wgendpoint", NEXTARG2, A_WIREGUARD, NULL, setwgpeerep},
> { "wgaip", NEXTARG, A_WIREGUARD, setwgpeeraip},
> { "wgpsk", NEXTARG, A_WIREGUARD, setwgpeerpsk},
> @@ -627,7 +631,8 @@ const struct cmd {
> { "wgkey", NEXTARG, A_WIREGUARD, setwgkey},
> { "wgrtable", NEXTARG, A_WIREGUARD, setwgrtable},
> { "-wgpeer", NEXTARG, A_WIREGUARD, unsetwgpeer},
> - { "-wgpsk", 0, A_WIREGUARD, unsetwgpeerpsk},
> + { "-wgdescription", 0, A_WIREGUARD, unsetwgpeerdesc},
> + { "-wgdescr", 0, A_WIREGUARD, unsetwgpeerdesc},
> { "-wgpeerall", 0, A_WIREGUARD, unsetwgpeerall},
>
> #else /* SMALL */
> @@ -5736,6 +5741,15 @@ setwgpeer(const char *peerkey_b64, int p
> }
>
> void
> +setwgpeerdesc(const char *descr, int param)
> +{
> + if (wg_peer == NULL)
> + errx(1, "wgdescr: wgpeer not set");
> + wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
> + strlcpy(wg_peer->p_description, descr, IFDESCRSIZE);
> +}
> +
> +void
> setwgpeeraip(const char *aip, int param)
> {
> int res;
> @@ -5839,6 +5853,15 @@ unsetwgpeer(const char *peerkey_b64, int
> }
>
> void
> +unsetwgpeerdesc(const char *descr, int param)
> +{
> + if (wg_peer == NULL)
> + errx(1, "wgdescr: wgpeer not set");
> + wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
> + strlcpy(wg_peer->p_description, "", IFDESCRSIZE);
> +}
> +
> +void
> unsetwgpeerpsk(const char *value, int param)
> {
> if (wg_peer == NULL)
> @@ -5907,6 +5930,9 @@ wg_status(int ifaliases)
> b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> key, sizeof(key));
> printf("\twgpeer %s\n", key);
> +
> + if (strlen(wg_peer->p_description))
> + printf("\t\twgdescr: %s\n",
> wg_peer->p_description);
>
> if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> printf("\t\twgpsk (present)\n");
>
Index: sys/net/if_wg.c
===================================================================
RCS file: /cvs/src/sys/net/if_wg.c,v
retrieving revision 1.27
diff -u -p -r1.27 if_wg.c
--- sys/net/if_wg.c 30 May 2023 08:30:01 -0000 1.27
+++ sys/net/if_wg.c 30 May 2023 15:37:41 -0000
@@ -221,6 +221,9 @@ struct wg_peer {
SLIST_ENTRY(wg_peer) p_start_list;
int p_start_onlist;
+
+ struct mutex p_description_mtx;
+ char p_description[IFDESCRSIZE];
};
struct wg_softc {
@@ -275,6 +278,8 @@ int wg_peer_get_sockaddr(struct wg_peer
void wg_peer_clear_src(struct wg_peer *);
void wg_peer_get_endpoint(struct wg_peer *, struct wg_endpoint *);
void wg_peer_counters_add(struct wg_peer *, uint64_t, uint64_t);
+void wg_peer_set_description(struct wg_peer *, const char *);
+void wg_peer_get_description(struct wg_peer *, char *);
int wg_aip_add(struct wg_softc *, struct wg_peer *, struct wg_aip_io *);
struct wg_peer *
@@ -407,6 +412,9 @@ wg_peer_create(struct wg_softc *sc, uint
peer->p_counters_tx = 0;
peer->p_counters_rx = 0;
+ mtx_init(&peer->p_description_mtx, IPL_NET);
+ strlcpy(peer->p_description, "", IFDESCRSIZE);
+
mtx_init(&peer->p_endpoint_mtx, IPL_NET);
bzero(&peer->p_endpoint, sizeof(peer->p_endpoint));
@@ -581,6 +589,22 @@ wg_peer_counters_add(struct wg_peer *pee
mtx_leave(&peer->p_counters_mtx);
}
+void
+wg_peer_set_description(struct wg_peer *peer, const char *description)
+{
+ mtx_enter(&peer->p_description_mtx);
+ strlcpy(peer->p_description, description, IFDESCRSIZE);
+ mtx_leave(&peer->p_description_mtx);
+}
+
+void
+wg_peer_get_description(struct wg_peer *peer, char *description)
+{
+ mtx_enter(&peer->p_description_mtx);
+ strlcpy(description, peer->p_description, IFDESCRSIZE);
+ mtx_leave(&peer->p_description_mtx);
+}
+
int
wg_aip_add(struct wg_softc *sc, struct wg_peer *peer, struct wg_aip_io *d)
{
@@ -2320,6 +2344,9 @@ wg_ioctl_set(struct wg_softc *sc, struct
}
}
+ if (peer_o.p_flags & WG_PEER_SET_DESCRIPTION)
+ wg_peer_set_description(peer, peer_o.p_description);
+
aip_p = &peer_p->p_aips[0];
for (j = 0; j < peer_o.p_aips_count; j++) {
if ((ret = copyin(aip_p, &aip_o, sizeof(aip_o))) != 0)
@@ -2429,6 +2456,8 @@ wg_ioctl_get(struct wg_softc *sc, struct
aip_count++;
}
peer_o.p_aips_count = aip_count;
+
+ wg_peer_get_description(peer, peer_o.p_description);
if ((ret = copyout(&peer_o, peer_p, sizeof(peer_o))) != 0)
goto unlock_and_ret_size;
Index: sys/net/if_wg.h
===================================================================
RCS file: /cvs/src/sys/net/if_wg.h,v
retrieving revision 1.4
diff -u -p -r1.4 if_wg.h
--- sys/net/if_wg.h 22 Jun 2020 12:20:44 -0000 1.4
+++ sys/net/if_wg.h 29 May 2023 22:20:02 -0000
@@ -61,6 +61,7 @@ struct wg_aip_io {
#define WG_PEER_REPLACE_AIPS (1 << 4)
#define WG_PEER_REMOVE (1 << 5)
#define WG_PEER_UPDATE (1 << 6)
+#define WG_PEER_SET_DESCRIPTION (1 << 7)
#define p_sa p_endpoint.sa_sa
#define p_sin p_endpoint.sa_sin
@@ -80,6 +81,7 @@ struct wg_peer_io {
uint64_t p_txbytes;
uint64_t p_rxbytes;
struct timespec p_last_handshake; /* nanotime */
+ char p_description[IFDESCRSIZE];
size_t p_aips_count;
struct wg_aip_io p_aips[];
};
Index: sbin/ifconfig/ifconfig.8
===================================================================
RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
retrieving revision 1.395
diff -u -p -r1.395 ifconfig.8
--- sbin/ifconfig/ifconfig.8 16 May 2023 14:32:54 -0000 1.395
+++ sbin/ifconfig/ifconfig.8 30 May 2023 23:38:33 -0000
@@ -2316,6 +2316,7 @@ Packets on a VLAN interface without a ta
.Op Fl wgpeerall
.Oo
.Oo Fl Oc Ns Cm wgpeer Ar publickey
+.Op Oo Fl Oc Ns Cm wgdescr Ns Oo Cm iption Oc Ar value
.Op Cm wgaip Ar allowed-ip_address/prefix
.Op Cm wgendpoint Ar peer_address port
.Op Cm wgpka Ar interval
@@ -2383,6 +2384,13 @@ Peer configuration options, which apply
immediately preceding them,
are as follows:
.Bl -tag -width Ds
+.Tg wgdescription
+.It Cm wgdescr Ns Oo Cm iption Oc Ar value
+Set the peer's description.
+This can be used to label peers in situations where they may
+otherwise be difficult to distinguish.
+.It Cm -wgdescr Ns Op Cm iption
+Clear the peer description.
.It Cm wgaip Ar allowed-ip_address/prefix
Set the peer's IPv4 or IPv6
.Ar allowed-ip_address
Index: sbin/ifconfig/ifconfig.c
===================================================================
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.464
diff -u -p -r1.464 ifconfig.c
--- sbin/ifconfig/ifconfig.c 16 May 2023 14:32:54 -0000 1.464
+++ sbin/ifconfig/ifconfig.c 29 May 2023 22:20:02 -0000
@@ -351,6 +351,7 @@ void transceiverdump(const char *, int);
/* WG */
void setwgpeer(const char *, int);
+void setwgpeerdesc(const char *, int);
void setwgpeerep(const char *, const char *);
void setwgpeeraip(const char *, int);
void setwgpeerpsk(const char *, int);
@@ -360,6 +361,7 @@ void setwgkey(const char *, int);
void setwgrtable(const char *, int);
void unsetwgpeer(const char *, int);
+void unsetwgpeerdesc(const char *, int);
void unsetwgpeerpsk(const char *, int);
void unsetwgpeerall(const char *, int);
@@ -619,6 +621,8 @@ const struct cmd {
{ "sffdump", 0, 0, transceiverdump },
{ "wgpeer", NEXTARG, A_WIREGUARD, setwgpeer},
+ { "wgdescription", NEXTARG, A_WIREGUARD, setwgpeerdesc},
+ { "wgdescr", NEXTARG, A_WIREGUARD, setwgpeerdesc},
{ "wgendpoint", NEXTARG2, A_WIREGUARD, NULL, setwgpeerep},
{ "wgaip", NEXTARG, A_WIREGUARD, setwgpeeraip},
{ "wgpsk", NEXTARG, A_WIREGUARD, setwgpeerpsk},
@@ -627,7 +631,8 @@ const struct cmd {
{ "wgkey", NEXTARG, A_WIREGUARD, setwgkey},
{ "wgrtable", NEXTARG, A_WIREGUARD, setwgrtable},
{ "-wgpeer", NEXTARG, A_WIREGUARD, unsetwgpeer},
- { "-wgpsk", 0, A_WIREGUARD, unsetwgpeerpsk},
+ { "-wgdescription", 0, A_WIREGUARD, unsetwgpeerdesc},
+ { "-wgdescr", 0, A_WIREGUARD, unsetwgpeerdesc},
{ "-wgpeerall", 0, A_WIREGUARD, unsetwgpeerall},
#else /* SMALL */
@@ -5736,6 +5741,15 @@ setwgpeer(const char *peerkey_b64, int p
}
void
+setwgpeerdesc(const char *descr, int param)
+{
+ if (wg_peer == NULL)
+ errx(1, "wgdescr: wgpeer not set");
+ wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
+ strlcpy(wg_peer->p_description, descr, IFDESCRSIZE);
+}
+
+void
setwgpeeraip(const char *aip, int param)
{
int res;
@@ -5839,6 +5853,15 @@ unsetwgpeer(const char *peerkey_b64, int
}
void
+unsetwgpeerdesc(const char *descr, int param)
+{
+ if (wg_peer == NULL)
+ errx(1, "wgdescr: wgpeer not set");
+ wg_peer->p_flags |= WG_PEER_SET_DESCRIPTION;
+ strlcpy(wg_peer->p_description, "", IFDESCRSIZE);
+}
+
+void
unsetwgpeerpsk(const char *value, int param)
{
if (wg_peer == NULL)
@@ -5907,6 +5930,9 @@ wg_status(int ifaliases)
b64_ntop(wg_peer->p_public, WG_KEY_LEN,
key, sizeof(key));
printf("\twgpeer %s\n", key);
+
+ if (strlen(wg_peer->p_description))
+ printf("\t\twgdescr: %s\n",
wg_peer->p_description);
if (wg_peer->p_flags & WG_PEER_HAS_PSK)
printf("\t\twgpsk (present)\n");
