GoBackend: parse allowed ips

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Aurélien Chabot 2018-03-02 23:08:25 +11:00 committed by Jason A. Donenfeld
parent c6d311923a
commit 175f7e16dd

View File

@ -5,6 +5,7 @@ import android.content.Intent;
import android.os.ParcelFileDescriptor; import android.os.ParcelFileDescriptor;
import android.support.v4.util.ArraySet; import android.support.v4.util.ArraySet;
import android.util.Log; import android.util.Log;
import android.util.Pair;
import com.wireguard.android.model.Tunnel; import com.wireguard.android.model.Tunnel;
import com.wireguard.android.model.Tunnel.State; import com.wireguard.android.model.Tunnel.State;
@ -20,6 +21,7 @@ import java.net.InetSocketAddress;
import java.util.Collections; import java.util.Collections;
import java.util.Formatter; import java.util.Formatter;
import java.util.Set; import java.util.Set;
import java.util.Vector;
public final class GoBackend implements Backend { public final class GoBackend implements Backend {
private static final String TAG = "WireGuard/" + GoBackend.class.getSimpleName(); private static final String TAG = "WireGuard/" + GoBackend.class.getSimpleName();
@ -143,6 +145,33 @@ public final class GoBackend implements Backend {
return "[" + socketAddress.getAddress().getHostAddress() + "]:" + socketAddress.getPort(); return "[" + socketAddress.getAddress().getHostAddress() + "]:" + socketAddress.getPort();
} }
private Vector<Pair<String, Integer>> parseAllowedIps(String string) throws Exception {
Vector<Pair<String, Integer>> ret = new Vector<>();
for (final String allowedIp : string.split(" *, *")) {
String[] part = allowedIp.split("/", 2);
if (part.length > 2)
throw new Exception("Invalid allowed ips string " + string);
try {
InetAddress address = InetAddress.getByName(part[0]);
int networkPrefixLength;
if (part.length == 2) {
networkPrefixLength = Integer.valueOf(part[1]);
if (networkPrefixLength < 0 || networkPrefixLength > 128
|| (address instanceof Inet4Address && networkPrefixLength > 32))
throw new Exception();
} else {
networkPrefixLength = (address instanceof Inet4Address) ? 32 : 128;
}
ret.add(new Pair<>(address.getHostAddress(), networkPrefixLength));
} catch (Exception e) {
throw new Exception("Invalid allowed ips string " + string);
}
}
return ret;
}
private void setStateInternal(final Tunnel tunnel, final Config config, final State state) private void setStateInternal(final Tunnel tunnel, final Config config, final State state)
throws Exception { throws Exception {
@ -179,8 +208,8 @@ public final class GoBackend implements Backend {
if (peer.getPersistentKeepalive() != null) if (peer.getPersistentKeepalive() != null)
fmt.format("persistent_keepalive_interval=%d\n", Integer.parseInt(peer.getPersistentKeepalive())); fmt.format("persistent_keepalive_interval=%d\n", Integer.parseInt(peer.getPersistentKeepalive()));
if (peer.getAllowedIPs() != null) { if (peer.getAllowedIPs() != null) {
for (final String allowedIp : peer.getAllowedIPs().split(" *, *")) { for (final Pair<String, Integer> allowedIp : parseAllowedIps(peer.getAllowedIPs())) {
fmt.format("allowed_ip=%s\n", allowedIp); fmt.format("allowed_ip=%s\n", allowedIp.first + "/" + allowedIp.second);
} }
} }
} }
@ -195,9 +224,8 @@ public final class GoBackend implements Backend {
for (final Peer peer : config.getPeers()) { for (final Peer peer : config.getPeers()) {
if (peer.getAllowedIPs() != null) { if (peer.getAllowedIPs() != null) {
for (final String allowedIp : peer.getAllowedIPs().split(" *, *")) { for (final Pair<String, Integer> allowedIp : parseAllowedIps(peer.getAllowedIPs())) {
String[] part = allowedIp.split("/", 2); builder.addRoute(allowedIp.first, allowedIp.second);
builder.addRoute(part[0], Integer.parseInt(part[1]));
} }
} }
} }