stellarproject/guard
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Clear private keys

Browse source
This commit is contained in:
Michael Crosby 2019-07-11 12:35:24 +00:00
parent 4a5c60c66d
commit 0763310b16
5 changed files with 68 additions and 409 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -22,7 +22,6 @@ INFO[0000] tunnel created tunnel=guard0
INFO[0000] created guard0 tunnel
{
"id": "guard0",
"private_key": "+A4O44heAgTmLcVipqSFAYxigpAv61UbWigU0xoHbng=",
"listen_port": "10100",
"address": "10.199.199.1/32",
"public_key": "37uzie/EZzzDpRbVTUOtuVXwhht/599pdhseh9MJ7QE=",
@ -50,7 +49,6 @@ The last argument is used as the tunnel ID and interface name on the server.
{
"id": "wg0",
"private_key": "+EymZwYNHxGVe5T1gmTbwKmQgWksDlZzldTwoZi5lnQ=",
"listen_port": "31000",
"address": "192.168.5.1/32",
"public_key": "irDV3wkkNe6f1GLAPFNGjj0xsQsoxPCNko4Lf3igcjM=",
@ -94,7 +92,6 @@ Endpoint = 127.0.0.1:31000
[
{
"id": "wg0",
"private_key": "+EymZwYNHxGVe5T1gmTbwKmQgWksDlZzldTwoZi5lnQ=",
"listen_port": "31000",
"address": "192.168.5.1/32",
"peers": [
@ -104,7 +101,6 @@ Endpoint = 127.0.0.1:31000
"allowed_ips": [
"192.168.5.2/32"
],
"private_key": "kFJ6VSq+l6sBPaI2DUbEWSVI83Kcfz/yo7WfVheT+FI="
}
],
"public_key": "irDV3wkkNe6f1GLAPFNGjj0xsQsoxPCNko4Lf3igcjM=",
@ -122,7 +118,6 @@ You can remove and update peers using the `peers` commands.
{
"id": "wg0",
"private_key": "+EymZwYNHxGVe5T1gmTbwKmQgWksDlZzldTwoZi5lnQ=",
"listen_port": "31000",
"address": "192.168.5.1/32",
"public_key": "irDV3wkkNe6f1GLAPFNGjj0xsQsoxPCNko4Lf3igcjM=",

377
api/v1/guard.pb.go
View file

@ -189,47 +189,6 @@ func (m *NewPeerRequest) XXX_DiscardUnknown() {
var xxx_messageInfo_NewPeerRequest proto.InternalMessageInfo
type AddPeerRequest struct {
// id of the tunnel
ID string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
Peer *Peer `protobuf:"bytes,2,opt,name=peer,proto3" json:"peer,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *AddPeerRequest) Reset() { *m = AddPeerRequest{} }
func (*AddPeerRequest) ProtoMessage() {}
func (*AddPeerRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{4}
}
func (m *AddPeerRequest) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
}
func (m *AddPeerRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
if deterministic {
return xxx_messageInfo_AddPeerRequest.Marshal(b, m, deterministic)
} else {
b = b[:cap(b)]
n, err := m.MarshalTo(b)
if err != nil {
return nil, err
}
return b[:n], nil
}
}
func (m *AddPeerRequest) XXX_Merge(src proto.Message) {
xxx_messageInfo_AddPeerRequest.Merge(m, src)
}
func (m *AddPeerRequest) XXX_Size() int {
return m.Size()
}
func (m *AddPeerRequest) XXX_DiscardUnknown() {
xxx_messageInfo_AddPeerRequest.DiscardUnknown(m)
}
var xxx_messageInfo_AddPeerRequest proto.InternalMessageInfo
type DeletePeerRequest struct {
// id of the tunnel
ID string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
@ -242,7 +201,7 @@ type DeletePeerRequest struct {
func (m *DeletePeerRequest) Reset() { *m = DeletePeerRequest{} }
func (*DeletePeerRequest) ProtoMessage() {}
func (*DeletePeerRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{5}
return fileDescriptor_ebe0601dd3932458, []int{4}
}
func (m *DeletePeerRequest) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -282,7 +241,7 @@ type DeleteRequest struct {
func (m *DeleteRequest) Reset() { *m = DeleteRequest{} }
func (*DeleteRequest) ProtoMessage() {}
func (*DeleteRequest) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{6}
return fileDescriptor_ebe0601dd3932458, []int{5}
}
func (m *DeleteRequest) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -321,7 +280,7 @@ type ListResponse struct {
func (m *ListResponse) Reset() { *m = ListResponse{} }
func (*ListResponse) ProtoMessage() {}
func (*ListResponse) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{7}
return fileDescriptor_ebe0601dd3932458, []int{6}
}
func (m *ListResponse) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -368,7 +327,7 @@ type Tunnel struct {
func (m *Tunnel) Reset() { *m = Tunnel{} }
func (*Tunnel) ProtoMessage() {}
func (*Tunnel) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{8}
return fileDescriptor_ebe0601dd3932458, []int{7}
}
func (m *Tunnel) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -412,7 +371,7 @@ type Peer struct {
func (m *Peer) Reset() { *m = Peer{} }
func (*Peer) ProtoMessage() {}
func (*Peer) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{9}
return fileDescriptor_ebe0601dd3932458, []int{8}
}
func (m *Peer) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -451,7 +410,7 @@ type Masquerade struct {
func (m *Masquerade) Reset() { *m = Masquerade{} }
func (*Masquerade) ProtoMessage() {}
func (*Masquerade) Descriptor() ([]byte, []int) {
return fileDescriptor_ebe0601dd3932458, []int{10}
return fileDescriptor_ebe0601dd3932458, []int{9}
}
func (m *Masquerade) XXX_Unmarshal(b []byte) error {
return m.Unmarshal(b)
@ -485,7 +444,6 @@ func init() {
proto.RegisterType((*TunnelResponse)(nil), "com.crosbymichael.guard.v1.TunnelResponse")
proto.RegisterType((*PeerResponse)(nil), "com.crosbymichael.guard.v1.PeerResponse")
proto.RegisterType((*NewPeerRequest)(nil), "com.crosbymichael.guard.v1.NewPeerRequest")
proto.RegisterType((*AddPeerRequest)(nil), "com.crosbymichael.guard.v1.AddPeerRequest")
proto.RegisterType((*DeletePeerRequest)(nil), "com.crosbymichael.guard.v1.DeletePeerRequest")
proto.RegisterType((*DeleteRequest)(nil), "com.crosbymichael.guard.v1.DeleteRequest")
proto.RegisterType((*ListResponse)(nil), "com.crosbymichael.guard.v1.ListResponse")
@ -499,53 +457,52 @@ func init() {
}
var fileDescriptor_ebe0601dd3932458 = []byte{
// 736 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0x4f, 0x6f, 0xda, 0x48,
0x14, 0x8f, 0x81, 0x98, 0xf0, 0x48, 0x90, 0x76, 0x36, 0x8a, 0xbc, 0xec, 0x2e, 0x44, 0x5e, 0x69,
0x97, 0x8d, 0xb4, 0xb6, 0xc8, 0x56, 0x3d, 0xb4, 0xbd, 0x84, 0xd2, 0xaa, 0x28, 0x69, 0x84, 0xdc,
0x4a, 0xad, 0x2a, 0xb5, 0xc8, 0xe0, 0x17, 0x67, 0x14, 0x63, 0x3b, 0x1e, 0x43, 0xc4, 0x2d, 0x1f,
0xa9, 0x1f, 0x23, 0xc7, 0xaa, 0xa7, 0x9e, 0x50, 0xe3, 0x4f, 0x52, 0x79, 0xc6, 0x84, 0x18, 0x09,
0x87, 0x46, 0xb9, 0x79, 0xde, 0x9f, 0x79, 0xef, 0xfd, 0x7e, 0xf3, 0x7e, 0x86, 0xa6, 0x4d, 0xc3,
0xd3, 0x51, 0x5f, 0x1b, 0x78, 0x43, 0x7d, 0x10, 0x78, 0xac, 0x3f, 0x19, 0xd2, 0xc1, 0xa9, 0x89,
0x8e, 0x6e, 0x8f, 0xcc, 0xc0, 0xd2, 0x4d, 0x9f, 0xea, 0xe3, 0xa6, 0x38, 0x68, 0x7e, 0xe0, 0x85,
0x1e, 0xa9, 0x0e, 0xbc, 0xa1, 0x96, 0x8a, 0xd5, 0x84, 0x7b, 0xdc, 0xac, 0x6e, 0xdb, 0x9e, 0xed,
0xf1, 0x30, 0x3d, 0xfe, 0x12, 0x19, 0xd5, 0xdf, 0x6d, 0xcf, 0xb3, 0x1d, 0xd4, 0xf9, 0xa9, 0x3f,
0x3a, 0xd1, 0x71, 0xe8, 0x87, 0x13, 0xe1, 0x54, 0x3f, 0xc2, 0xd6, 0xf3, 0x00, 0xcd, 0x10, 0x0d,
0x3c, 0x1f, 0x21, 0x0b, 0xc9, 0x0e, 0xe4, 0xa8, 0xa5, 0x48, 0xbb, 0x52, 0xa3, 0xd4, 0x92, 0xa3,
0x69, 0x3d, 0xd7, 0x69, 0x1b, 0x39, 0x6a, 0x91, 0x2a, 0x6c, 0xa0, 0x6b, 0xf9, 0x1e, 0x75, 0x43,
0x25, 0x17, 0x7b, 0x8d, 0x9b, 0x33, 0x51, 0xa0, 0x68, 0x5a, 0x56, 0x80, 0x8c, 0x29, 0x79, 0xee,
0x9a, 0x1d, 0xd5, 0x23, 0xa8, 0xbc, 0x1d, 0xb9, 0x2e, 0x3a, 0x06, 0x32, 0xdf, 0x73, 0x19, 0x92,
0x27, 0x20, 0x87, 0xdc, 0xc2, 0x6b, 0x94, 0xf7, 0x55, 0x6d, 0xf9, 0x40, 0x5a, 0x92, 0x9b, 0x64,
0xa8, 0x97, 0x12, 0x6c, 0x76, 0x11, 0x83, 0x87, 0xb8, 0x8c, 0x3c, 0x82, 0x82, 0x8f, 0x18, 0xf0,
0x61, 0xca, 0xfb, 0xbb, 0x59, 0x99, 0xbc, 0x26, 0x8f, 0x56, 0x6d, 0xa8, 0x1c, 0xe3, 0x85, 0x68,
0x22, 0x1b, 0xb0, 0xbf, 0xa0, 0x18, 0x67, 0xf4, 0xa8, 0x25, 0xf0, 0x6a, 0x41, 0x34, 0xad, 0xcb,
0x71, 0x66, 0xa7, 0x6d, 0xc8, 0xb1, 0xab, 0x63, 0x65, 0x20, 0xf7, 0x09, 0x2a, 0x07, 0x96, 0xb5,
0x4a, 0xa1, 0xfb, 0x0d, 0xd2, 0x85, 0x5f, 0xda, 0xe8, 0x60, 0x88, 0x0f, 0x35, 0x8b, 0xfa, 0x0f,
0x6c, 0x89, 0x1b, 0xef, 0xb8, 0x4d, 0x3d, 0x82, 0xcd, 0x23, 0xca, 0xc2, 0x1b, 0x16, 0x9f, 0x41,
0x51, 0x70, 0xc2, 0x14, 0x69, 0x37, 0xbf, 0x22, 0x8d, 0xb3, 0x14, 0xf5, 0x6b, 0x0e, 0x64, 0x61,
0x5b, 0xda, 0x7e, 0x1d, 0xca, 0x7e, 0x40, 0xc7, 0x66, 0x88, 0xbd, 0x33, 0x9c, 0x24, 0xcf, 0x17,
0x12, 0xd3, 0x21, 0x4e, 0xe2, 0x00, 0x87, 0xb2, 0x10, 0xdd, 0x9e, 0xef, 0x05, 0x61, 0x42, 0x05,
0x08, 0x53, 0xd7, 0x0b, 0x52, 0x2f, 0xbc, 0x90, 0xe2, 0x89, 0xfc, 0x06, 0x79, 0xcb, 0x65, 0xca,
0x3a, 0x2f, 0x5a, 0x8c, 0xa6, 0xf5, 0x7c, 0xfb, 0xf8, 0x8d, 0x11, 0xdb, 0xc8, 0x63, 0x58, 0x8f,
0xa1, 0x61, 0x8a, 0xcc, 0xa7, 0xba, 0x9b, 0x19, 0x11, 0x4e, 0x5e, 0x02, 0x0c, 0x4d, 0x76, 0x3e,
0xc2, 0xc0, 0xb4, 0x50, 0x29, 0x72, 0x5a, 0xff, 0xce, 0x4a, 0x7e, 0x7d, 0x13, 0x6d, 0xdc, 0xca,
0x24, 0x7f, 0x02, 0xf8, 0xa3, 0xbe, 0x43, 0x07, 0x7c, 0xea, 0x0d, 0xde, 0x77, 0x49, 0x58, 0xe2,
0xa1, 0x6f, 0x6f, 0x74, 0x29, 0xbd, 0xd1, 0xea, 0x54, 0x82, 0x42, 0xdc, 0xd2, 0x52, 0x48, 0xd3,
0x77, 0xe7, 0x16, 0xef, 0xd6, 0xa1, 0x6c, 0x3a, 0x8e, 0x77, 0x81, 0x56, 0x8f, 0xfa, 0xf1, 0xdb,
0xce, 0x37, 0x4a, 0xad, 0x4a, 0x34, 0xad, 0xc3, 0x81, 0x30, 0x77, 0xba, 0xcc, 0x80, 0x24, 0xa4,
0xe3, 0xb3, 0x54, 0x33, 0x85, 0x05, 0x79, 0x69, 0xc2, 0xb6, 0x8f, 0x01, 0xe3, 0x6c, 0x84, 0xbd,
0x33, 0x44, 0xdf, 0x74, 0xe8, 0x18, 0x39, 0xe6, 0x5b, 0xc6, 0xaf, 0x73, 0xdf, 0xe1, 0xcc, 0xb5,
0xc8, 0xb8, 0xbc, 0xc8, 0xb8, 0xba, 0x07, 0x30, 0x47, 0x8d, 0xfc, 0x01, 0x25, 0xea, 0x86, 0x18,
0x9c, 0x98, 0x03, 0x14, 0xc3, 0x1a, 0x73, 0xc3, 0xfe, 0xe7, 0x02, 0x94, 0xde, 0xd1, 0x00, 0x39,
0xde, 0xa4, 0x07, 0xb2, 0x50, 0x4c, 0xf2, 0x6f, 0x16, 0x27, 0x29, 0x55, 0xad, 0xee, 0xad, 0xf0,
0xa2, 0x67, 0xeb, 0x70, 0x08, 0xb2, 0xd8, 0xa3, 0xec, 0x02, 0xa9, 0x5d, 0xab, 0xee, 0x68, 0x42,
0xe5, 0xb5, 0x99, 0xca, 0x6b, 0x2f, 0x62, 0x95, 0x27, 0xaf, 0xa0, 0x10, 0xef, 0x1a, 0x59, 0xe2,
0xaf, 0x36, 0xb2, 0x4a, 0xa4, 0xb6, 0xb4, 0x07, 0xc5, 0x44, 0xf9, 0x48, 0xe6, 0x34, 0x69, 0x79,
0xcc, 0x2e, 0x90, 0x12, 0x73, 0x13, 0x8a, 0x89, 0xe2, 0x65, 0x17, 0x48, 0xcb, 0xe2, 0x4f, 0x41,
0x6b, 0x03, 0xcc, 0x45, 0x8f, 0xfc, 0x77, 0x37, 0xbc, 0xf7, 0x2c, 0xd4, 0x6a, 0x5d, 0x5d, 0xd7,
0xd6, 0xbe, 0x5d, 0xd7, 0xd6, 0x2e, 0xa3, 0x9a, 0x74, 0x15, 0xd5, 0xa4, 0x2f, 0x51, 0x4d, 0xfa,
0x1e, 0xd5, 0xa4, 0x0f, 0x8d, 0x95, 0x7e, 0xf9, 0x4f, 0xc7, 0xcd, 0xf7, 0x6b, 0x7d, 0x99, 0x93,
0xf5, 0xff, 0x8f, 0x00, 0x00, 0x00, 0xff, 0xff, 0x16, 0xa8, 0x29, 0xc6, 0x27, 0x08, 0x00, 0x00,
// 713 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0x41, 0x6b, 0xdb, 0x4a,
0x10, 0x8e, 0x6c, 0x47, 0x8e, 0xc7, 0x49, 0xe0, 0xed, 0x0b, 0x41, 0xcf, 0xaf, 0xb5, 0x83, 0x0a,
0xad, 0x1b, 0xa8, 0x84, 0xd3, 0xd2, 0x43, 0xdb, 0x4b, 0x5d, 0xb7, 0xd4, 0x24, 0x0d, 0x46, 0x2d,
0xb4, 0x14, 0x8a, 0x91, 0xad, 0x89, 0xb2, 0x44, 0x96, 0x14, 0xed, 0xda, 0xc1, 0xb7, 0xfc, 0xbc,
0x5c, 0x0a, 0xa5, 0xa7, 0x9e, 0x4c, 0xa3, 0x5f, 0x52, 0xb4, 0x6b, 0xc7, 0x91, 0xc1, 0x4a, 0x0a,
0xb9, 0x69, 0x67, 0xe6, 0xdb, 0x99, 0xf9, 0x76, 0xe6, 0x13, 0x34, 0x5c, 0xca, 0x8f, 0x87, 0x3d,
0xa3, 0x1f, 0x0c, 0xcc, 0x7e, 0x14, 0xb0, 0xde, 0x78, 0x40, 0xfb, 0xc7, 0x36, 0x7a, 0xa6, 0x3b,
0xb4, 0x23, 0xc7, 0xb4, 0x43, 0x6a, 0x8e, 0x1a, 0xf2, 0x60, 0x84, 0x51, 0xc0, 0x03, 0x52, 0xe9,
0x07, 0x03, 0x23, 0x15, 0x6b, 0x48, 0xf7, 0xa8, 0x51, 0xd9, 0x72, 0x03, 0x37, 0x10, 0x61, 0x66,
0xf2, 0x25, 0x11, 0x95, 0xff, 0xdd, 0x20, 0x70, 0x3d, 0x34, 0xc5, 0xa9, 0x37, 0x3c, 0x32, 0x71,
0x10, 0xf2, 0xb1, 0x74, 0xea, 0xdf, 0x60, 0xe3, 0x4d, 0x84, 0x36, 0x47, 0x0b, 0x4f, 0x87, 0xc8,
0x38, 0xd9, 0x86, 0x1c, 0x75, 0x34, 0x65, 0x47, 0xa9, 0x97, 0x9a, 0x6a, 0x3c, 0xa9, 0xe5, 0xda,
0x2d, 0x2b, 0x47, 0x1d, 0x52, 0x81, 0x35, 0xf4, 0x9d, 0x30, 0xa0, 0x3e, 0xd7, 0x72, 0x89, 0xd7,
0xba, 0x3a, 0x13, 0x0d, 0x8a, 0xb6, 0xe3, 0x44, 0xc8, 0x98, 0x96, 0x17, 0xae, 0xd9, 0x51, 0x3f,
0x80, 0xcd, 0x4f, 0x43, 0xdf, 0x47, 0xcf, 0x42, 0x16, 0x06, 0x3e, 0x43, 0xf2, 0x02, 0x54, 0x2e,
0x2c, 0x22, 0x47, 0x79, 0x4f, 0x37, 0x96, 0x37, 0x64, 0x4c, 0xb1, 0x53, 0x84, 0x7e, 0xae, 0xc0,
0x7a, 0x07, 0x31, 0xba, 0x8b, 0xcb, 0xc8, 0x33, 0x28, 0x84, 0x88, 0x91, 0x68, 0xa6, 0xbc, 0xb7,
0x93, 0x85, 0x14, 0x39, 0x45, 0xb4, 0xee, 0xc2, 0xe6, 0x21, 0x9e, 0xc9, 0x22, 0xb2, 0x09, 0x7b,
0x00, 0xc5, 0x04, 0xd1, 0xa5, 0x8e, 0xe4, 0xab, 0x09, 0xf1, 0xa4, 0xa6, 0x26, 0xc8, 0x76, 0xcb,
0x52, 0x13, 0x57, 0xdb, 0xc9, 0x60, 0xae, 0x03, 0xff, 0xb4, 0xd0, 0x43, 0x8e, 0x77, 0x95, 0x4b,
0x7f, 0x04, 0x1b, 0xf2, 0xc6, 0x1b, 0x6e, 0xd3, 0x0f, 0x60, 0xfd, 0x80, 0x32, 0x7e, 0xc5, 0xf2,
0x2b, 0x28, 0x4a, 0xce, 0x98, 0xa6, 0xec, 0xe4, 0x6f, 0x49, 0xf3, 0x0c, 0xa2, 0xff, 0xcc, 0x81,
0x2a, 0x6d, 0x4b, 0xcb, 0xaf, 0x41, 0x39, 0x8c, 0xe8, 0xc8, 0xe6, 0xd8, 0x3d, 0xc1, 0xf1, 0x74,
0xbc, 0x60, 0x6a, 0xda, 0xc7, 0x71, 0x12, 0xe0, 0x51, 0xc6, 0xd1, 0xef, 0x86, 0x41, 0xc4, 0xa7,
0x54, 0x81, 0x34, 0x75, 0x82, 0x28, 0x35, 0x81, 0x85, 0x14, 0x8f, 0xe4, 0x3f, 0xc8, 0x3b, 0x3e,
0xd3, 0x56, 0x45, 0xd2, 0x62, 0x3c, 0xa9, 0xe5, 0x5b, 0x87, 0x1f, 0xad, 0xc4, 0x46, 0x9e, 0xc3,
0x6a, 0x42, 0x0d, 0xd3, 0x54, 0xd1, 0xd5, 0xcd, 0x23, 0x20, 0xc3, 0xc9, 0x3b, 0x80, 0x81, 0xcd,
0x4e, 0x87, 0x18, 0xd9, 0x0e, 0x6a, 0x45, 0x31, 0x3f, 0x0f, 0xb3, 0xc0, 0x1f, 0xae, 0xa2, 0xad,
0x6b, 0x48, 0x72, 0x1f, 0x20, 0x1c, 0xf6, 0x3c, 0xda, 0x17, 0x5d, 0xaf, 0x89, 0xba, 0x4b, 0xd2,
0x92, 0x34, 0x7d, 0x7d, 0xe3, 0x4a, 0xe9, 0x8d, 0xd3, 0x27, 0x0a, 0x14, 0x92, 0x92, 0x96, 0x52,
0x9a, 0xbe, 0x3b, 0xb7, 0x78, 0xb7, 0x09, 0x65, 0xdb, 0xf3, 0x82, 0x33, 0x74, 0xba, 0x34, 0x4c,
0x66, 0x2f, 0x5f, 0x2f, 0x35, 0x37, 0xe3, 0x49, 0x0d, 0x5e, 0x4b, 0x73, 0xbb, 0xc3, 0x2c, 0x98,
0x86, 0xb4, 0x43, 0x96, 0x2a, 0xa6, 0xb0, 0xb0, 0xfe, 0x0d, 0xd8, 0x0a, 0x31, 0x62, 0xe2, 0x35,
0x78, 0xf7, 0x04, 0x31, 0xb4, 0x3d, 0x3a, 0x42, 0xc1, 0xf9, 0x86, 0xf5, 0xef, 0xdc, 0xb7, 0x3f,
0x73, 0x2d, 0xbe, 0xb8, 0xba, 0xf8, 0xe2, 0xfa, 0x2e, 0xc0, 0x9c, 0x35, 0x72, 0x0f, 0x4a, 0xd4,
0xe7, 0x18, 0x1d, 0xd9, 0x7d, 0x94, 0xcd, 0x5a, 0x73, 0xc3, 0xde, 0xf7, 0x3c, 0x94, 0x3e, 0xd3,
0x08, 0x05, 0xdf, 0xa4, 0x0b, 0xaa, 0x54, 0x34, 0xf2, 0x38, 0xeb, 0x4d, 0x52, 0xaa, 0x57, 0xd9,
0xbd, 0xc5, 0x44, 0xcf, 0xd6, 0x61, 0x1f, 0x54, 0xb9, 0x47, 0xd9, 0x09, 0x52, 0xbb, 0x56, 0xd9,
0x36, 0xa4, 0x0a, 0x1b, 0x33, 0x15, 0x36, 0xde, 0x26, 0x2a, 0x4c, 0xde, 0x43, 0x21, 0xd9, 0x35,
0xb2, 0xc4, 0x5f, 0xa9, 0x67, 0xa5, 0x48, 0x6d, 0x69, 0x17, 0x8a, 0x53, 0x65, 0x22, 0x99, 0xdd,
0xa4, 0xe5, 0x2b, 0x3b, 0x41, 0x4a, 0x6c, 0x5d, 0x80, 0xb9, 0x22, 0x91, 0x27, 0x37, 0xf7, 0x7e,
0x3d, 0xcd, 0x5f, 0x10, 0xdc, 0x6c, 0x5e, 0x5c, 0x56, 0x57, 0x7e, 0x5d, 0x56, 0x57, 0xce, 0xe3,
0xaa, 0x72, 0x11, 0x57, 0x95, 0x1f, 0x71, 0x55, 0xf9, 0x1d, 0x57, 0x95, 0xaf, 0xf5, 0x5b, 0xfd,
0x2f, 0x5f, 0x8e, 0x1a, 0x5f, 0x56, 0x7a, 0xaa, 0x60, 0xf2, 0xe9, 0x9f, 0x00, 0x00, 0x00, 0xff,
0xff, 0xd0, 0x15, 0x47, 0x35, 0x64, 0x07, 0x00, 0x00,
}
// Reference imports to suppress errors if they are not otherwise used.
@ -568,8 +525,6 @@ type WireguardClient interface {
List(ctx context.Context, in *types.Empty, opts ...grpc.CallOption) (*ListResponse, error)
// NewPeer to the tunnel with gernerated keys
NewPeer(ctx context.Context, in *NewPeerRequest, opts ...grpc.CallOption) (*PeerResponse, error)
// AddPeer to the tunnel
AddPeer(ctx context.Context, in *AddPeerRequest, opts ...grpc.CallOption) (*TunnelResponse, error)
// DeletePeer from a tunnel
DeletePeer(ctx context.Context, in *DeletePeerRequest, opts ...grpc.CallOption) (*TunnelResponse, error)
}
@ -618,15 +573,6 @@ func (c *wireguardClient) NewPeer(ctx context.Context, in *NewPeerRequest, opts
return out, nil
}
func (c *wireguardClient) AddPeer(ctx context.Context, in *AddPeerRequest, opts ...grpc.CallOption) (*TunnelResponse, error) {
out := new(TunnelResponse)
err := c.cc.Invoke(ctx, "/com.crosbymichael.guard.v1.Wireguard/AddPeer", in, out, opts...)
if err != nil {
return nil, err
}
return out, nil
}
func (c *wireguardClient) DeletePeer(ctx context.Context, in *DeletePeerRequest, opts ...grpc.CallOption) (*TunnelResponse, error) {
out := new(TunnelResponse)
err := c.cc.Invoke(ctx, "/com.crosbymichael.guard.v1.Wireguard/DeletePeer", in, out, opts...)
@ -646,8 +592,6 @@ type WireguardServer interface {
List(context.Context, *types.Empty) (*ListResponse, error)
// NewPeer to the tunnel with gernerated keys
NewPeer(context.Context, *NewPeerRequest) (*PeerResponse, error)
// AddPeer to the tunnel
AddPeer(context.Context, *AddPeerRequest) (*TunnelResponse, error)
// DeletePeer from a tunnel
DeletePeer(context.Context, *DeletePeerRequest) (*TunnelResponse, error)
}
@ -728,24 +672,6 @@ func _Wireguard_NewPeer_Handler(srv interface{}, ctx context.Context, dec func(i
return interceptor(ctx, in, info, handler)
}
func _Wireguard_AddPeer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(AddPeerRequest)
if err := dec(in); err != nil {
return nil, err
}
if interceptor == nil {
return srv.(WireguardServer).AddPeer(ctx, in)
}
info := &grpc.UnaryServerInfo{
Server: srv,
FullMethod: "/com.crosbymichael.guard.v1.Wireguard/AddPeer",
}
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
return srv.(WireguardServer).AddPeer(ctx, req.(*AddPeerRequest))
}
return interceptor(ctx, in, info, handler)
}
func _Wireguard_DeletePeer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
in := new(DeletePeerRequest)
if err := dec(in); err != nil {
@ -784,10 +710,6 @@ var _Wireguard_serviceDesc = grpc.ServiceDesc{
MethodName: "NewPeer",
Handler: _Wireguard_NewPeer_Handler,
},
{
MethodName: "AddPeer",
Handler: _Wireguard_AddPeer_Handler,
},
{
MethodName: "DeletePeer",
Handler: _Wireguard_DeletePeer_Handler,
@ -947,43 +869,6 @@ func (m *NewPeerRequest) MarshalTo(dAtA []byte) (int, error) {
return i, nil
}
func (m *AddPeerRequest) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
n, err := m.MarshalTo(dAtA)
if err != nil {
return nil, err
}
return dAtA[:n], nil
}
func (m *AddPeerRequest) MarshalTo(dAtA []byte) (int, error) {
var i int
_ = i
var l int
_ = l
if len(m.ID) > 0 {
dAtA[i] = 0xa
i++
i = encodeVarintGuard(dAtA, i, uint64(len(m.ID)))
i += copy(dAtA[i:], m.ID)
}
if m.Peer != nil {
dAtA[i] = 0x12
i++
i = encodeVarintGuard(dAtA, i, uint64(m.Peer.Size()))
n4, err := m.Peer.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n4
}
if m.XXX_unrecognized != nil {
i += copy(dAtA[i:], m.XXX_unrecognized)
}
return i, nil
}
func (m *DeletePeerRequest) Marshal() (dAtA []byte, err error) {
size := m.Size()
dAtA = make([]byte, size)
@ -1138,11 +1023,11 @@ func (m *Tunnel) MarshalTo(dAtA []byte) (int, error) {
dAtA[i] = 0x3a
i++
i = encodeVarintGuard(dAtA, i, uint64(m.Masquerade.Size()))
n5, err := m.Masquerade.MarshalTo(dAtA[i:])
n4, err := m.Masquerade.MarshalTo(dAtA[i:])
if err != nil {
return 0, err
}
i += n5
i += n4
}
if len(m.PublicKey) > 0 {
dAtA[i] = 0x42
@ -1347,26 +1232,6 @@ func (m *NewPeerRequest) Size() (n int) {
return n
}
func (m *AddPeerRequest) Size() (n int) {
if m == nil {
return 0
}
var l int
_ = l
l = len(m.ID)
if l > 0 {
n += 1 + l + sovGuard(uint64(l))
}
if m.Peer != nil {
l = m.Peer.Size()
n += 1 + l + sovGuard(uint64(l))
}
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
return n
}
func (m *DeletePeerRequest) Size() (n int) {
if m == nil {
return 0
@ -1586,18 +1451,6 @@ func (this *NewPeerRequest) String() string {
}, "")
return s
}
func (this *AddPeerRequest) String() string {
if this == nil {
return "nil"
}
s := strings.Join([]string{`&AddPeerRequest{`,
`ID:` + fmt.Sprintf("%v", this.ID) + `,`,
`Peer:` + strings.Replace(fmt.Sprintf("%v", this.Peer), "Peer", "Peer", 1) + `,`,
`XXX_unrecognized:` + fmt.Sprintf("%v", this.XXX_unrecognized) + `,`,
`}`,
}, "")
return s
}
func (this *DeletePeerRequest) String() string {
if this == nil {
return "nil"
@ -2202,128 +2055,6 @@ func (m *NewPeerRequest) Unmarshal(dAtA []byte) error {
}
return nil
}
func (m *AddPeerRequest) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0
for iNdEx < l {
preIndex := iNdEx
var wire uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGuard
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
wire |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
fieldNum := int32(wire >> 3)
wireType := int(wire & 0x7)
if wireType == 4 {
return fmt.Errorf("proto: AddPeerRequest: wiretype end group for non-group")
}
if fieldNum <= 0 {
return fmt.Errorf("proto: AddPeerRequest: illegal tag %d (wire type %d)", fieldNum, wire)
}
switch fieldNum {
case 1:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ID", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGuard
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
stringLen |= uint64(b&0x7F) << shift
if b < 0x80 {
break
}
}
intStringLen := int(stringLen)
if intStringLen < 0 {
return ErrInvalidLengthGuard
}
postIndex := iNdEx + intStringLen
if postIndex < 0 {
return ErrInvalidLengthGuard
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
m.ID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 2:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Peer", wireType)
}
var msglen int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowGuard
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
msglen |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
if msglen < 0 {
return ErrInvalidLengthGuard
}
postIndex := iNdEx + msglen
if postIndex < 0 {
return ErrInvalidLengthGuard
}
if postIndex > l {
return io.ErrUnexpectedEOF
}
if m.Peer == nil {
m.Peer = &Peer{}
}
if err := m.Peer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
return err
}
iNdEx = postIndex
default:
iNdEx = preIndex
skippy, err := skipGuard(dAtA[iNdEx:])
if err != nil {
return err
}
if skippy < 0 {
return ErrInvalidLengthGuard
}
if (iNdEx + skippy) < 0 {
return ErrInvalidLengthGuard
}
if (iNdEx + skippy) > l {
return io.ErrUnexpectedEOF
}
m.XXX_unrecognized = append(m.XXX_unrecognized, dAtA[iNdEx:iNdEx+skippy]...)
iNdEx += skippy
}
}
if iNdEx > l {
return io.ErrUnexpectedEOF
}
return nil
}
func (m *DeletePeerRequest) Unmarshal(dAtA []byte) error {
l := len(dAtA)
iNdEx := 0

8
api/v1/guard.proto
View file

@ -16,8 +16,6 @@ service Wireguard {
rpc List(google.protobuf.Empty) returns (ListResponse);
// NewPeer to the tunnel with gernerated keys
rpc NewPeer(NewPeerRequest) returns (PeerResponse);
// AddPeer to the tunnel
rpc AddPeer(AddPeerRequest) returns (TunnelResponse);
// DeletePeer from a tunnel
rpc DeletePeer(DeletePeerRequest) returns (TunnelResponse);
}
@ -45,12 +43,6 @@ message NewPeerRequest {
string address = 3;
}
message AddPeerRequest {
// id of the tunnel
string id = 1 [(gogoproto.customname) = "ID"];
Peer peer = 2;
}
message DeletePeerRequest {
// id of the tunnel
string id = 1 [(gogoproto.customname) = "ID"];

41
main.go
View file

@ -290,47 +290,6 @@ var peersCommand = cli.Command{
return t.Render(os.Stdout)
},
},
{
Name: "add",
Description: "add a peer",
Flags: []cli.Flag{
cli.StringFlag{
Name: "key,k",
Usage: "public key",
},
cli.StringFlag{
Name: "ip,i",
Usage: "ip cidr for the peer",
},
},
Action: func(clix *cli.Context) error {
conn, err := grpc.Dial(clix.GlobalString("address"), grpc.WithInsecure())
if err != nil {
return errors.Wrap(err, "dial server")
}
defer conn.Close()
var (
ctx = cancelContext()
client = v1.NewWireguardClient(conn)
)
r, err := client.AddPeer(ctx, &v1.AddPeerRequest{
ID: clix.GlobalString("tunnel"),
Peer: &v1.Peer{
ID: clix.Args().First(),
PublicKey: clix.String("key"),
AllowedIPs: []string{
clix.String("ip"),
},
},
})
if err != nil {
return err
}
return jsonTunnel(r.Tunnel)
},
},
{
Name: "delete",
Description: "delete a peer",

46
server.go
View file

@ -126,6 +126,8 @@ func (s *server) Create(ctx context.Context, r *v1.CreateRequest) (*v1.TunnelRes
return nil, errors.Wrap(err, "start tunnel")
}
log.Info("tunnel created")
clearTunnel(&t)
return &v1.TunnelResponse{
Tunnel: &t,
}, nil
@ -162,7 +164,8 @@ func (s *server) NewPeer(ctx context.Context, r *v1.NewPeerRequest) (*v1.PeerRes
r.Address,
},
}
t.Peers = append(t.Peers, peer)
peerCopy := *peer
t.Peers = append(t.Peers, &peerCopy)
// TODO: make atomic swaps
if err := s.saveTunnel(t); err != nil {
log.WithError(err).Error("save tunnel")
@ -176,43 +179,13 @@ func (s *server) NewPeer(ctx context.Context, r *v1.NewPeerRequest) (*v1.PeerRes
log.WithError(err).Error("restart config")
return nil, errors.Wrap(err, "restart tunnel")
}
clearTunnel(t)
return &v1.PeerResponse{
Tunnel: t,
Peer: peer,
}, nil
}
func (s *server) AddPeer(ctx context.Context, r *v1.AddPeerRequest) (*v1.TunnelResponse, error) {
if r.ID == "" {
return nil, errors.New("tunnel id cannot be empty")
}
log := logrus.WithFields(logrus.Fields{
"tunnel": r.ID,
"peer": r.Peer.ID,
})
t, err := s.loadTunnel(r.ID)
if err != nil {
log.WithError(err).Error("load tunnel")
return nil, err
}
t.Peers = append(t.Peers, r.Peer)
if err := s.saveTunnel(t); err != nil {
log.WithError(err).Error("save tunnel")
return nil, err
}
if err := s.saveConf(t); err != nil {
log.WithError(err).Error("save config")
return nil, err
}
if err := wgquick(ctx, "restart", t.ID); err != nil {
return nil, errors.Wrap(err, "restart tunnel")
}
return &v1.TunnelResponse{
Tunnel: t,
}, nil
}
func (s *server) DeletePeer(ctx context.Context, r *v1.DeletePeerRequest) (*v1.TunnelResponse, error) {
if r.ID == "" {
return nil, errors.New("tunnel id cannot be empty")
@ -247,6 +220,7 @@ func (s *server) DeletePeer(ctx context.Context, r *v1.DeletePeerRequest) (*v1.T
return nil, errors.Wrap(err, "restart tunnel")
}
log.Info("delete peer")
clearTunnel(t)
return &v1.TunnelResponse{
Tunnel: t,
}, nil
@ -293,6 +267,7 @@ func (s *server) List(ctx context.Context, _ *types.Empty) (*v1.ListResponse, er
if err != nil {
return nil, err
}
clearTunnel(t)
r.Tunnels = append(r.Tunnels, t)
}
return &r, nil
@ -353,6 +328,13 @@ func publicKey(ctx context.Context, privateKey string) (string, error) {
return strings.TrimSuffix(string(data), "\n"), nil
}
func clearTunnel(t *v1.Tunnel) {
t.PrivateKey = ""
for _, p := range t.Peers {
p.PrivateKey = ""
}
}
func wireguard(ctx context.Context, args ...string) ([]byte, error) {
cmd := exec.CommandContext(ctx, "wg", args...)
return cmd.CombinedOutput()