From: Paul Alesius <paul@unnservice.com>
To: 55055@debbugs.gnu.org
Subject: [bug#55055] [PATCH] gnu: wireguard: Add support for PresharedKey
Date: Thu, 21 Apr 2022 15:26:30 +0200 [thread overview]
Message-ID: <CAL8jUGVj31UESVDj61D3kaYCWyPrapEzOYEAmPHwAqgN0tr6nw@mail.gmail.com> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 193 bytes --]
The WireGuard configuration supports a PresharedKey attribute for
additional security. This patch adds support for configuring a PresharedKey
attribute.
Tested, working.
With regards,
- Paul
[-- Attachment #1.2: Type: text/html, Size: 292 bytes --]
[-- Attachment #2: guix.wg-psk.patch --]
[-- Type: application/octet-stream, Size: 1744 bytes --]
diff --git a/gnu/services/vpn.scm b/gnu/services/vpn.scm
index b24e9cffb3..e3f5ff0d05 100644
--- a/gnu/services/vpn.scm
+++ b/gnu/services/vpn.scm
@@ -62,6 +62,7 @@ (define-module (gnu services vpn)
wireguard-peer-allowed-ips
wireguard-peer-public-key
wireguard-peer-keep-alive
+ wireguard-peer-preshared-key
wireguard-configuration
wireguard-configuration?
@@ -701,6 +702,8 @@ (define-record-type* <wireguard-peer>
(endpoint wireguard-peer-endpoint
(default #f)) ;string
(public-key wireguard-peer-public-key) ;string
+ (preshared-key wireguard-peer-preshared-key
+ (default #f)) ;string
(allowed-ips wireguard-peer-allowed-ips) ;list of strings
(keep-alive wireguard-peer-keep-alive
(default #f))) ;integer
@@ -727,16 +730,20 @@ (define (wireguard-configuration-file config)
(define (peer->config peer)
(let ((name (wireguard-peer-name peer))
(public-key (wireguard-peer-public-key peer))
+ (preshared-key (wireguard-peer-preshared-key peer))
(endpoint (wireguard-peer-endpoint peer))
(allowed-ips (wireguard-peer-allowed-ips peer))
(keep-alive (wireguard-peer-keep-alive peer)))
(format #f "[Peer] #~a
PublicKey = ~a
AllowedIPs = ~a
-~a~a"
+~a~a~a"
name
public-key
(string-join allowed-ips ",")
+ (if preshared-key
+ (format #f "PresharedKey = ~a\n" preshared-key)
+ "")
(if endpoint
(format #f "Endpoint = ~a\n" endpoint)
"")
next reply other threads:[~2022-04-21 13:28 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-21 13:26 Paul Alesius [this message]
2022-04-21 14:25 ` [bug#55055] [PATCH] gnu: wireguard: Add support for PresharedKey Maxime Devos
[not found] ` <CAL8jUGUyedoy+9va2qGJR5QpXn5B6cn7dWODyBJ0kxq1HQ+GYQ@mail.gmail.com>
2022-04-21 20:41 ` [bug#55055] Fwd: " Paul Alesius
2022-04-21 21:55 ` Maxime Devos
2022-04-21 21:59 ` Maxime Devos
2022-04-21 21:48 ` Maxime Devos
2022-12-26 16:53 ` bug#55055: " Mathieu Othacehe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAL8jUGVj31UESVDj61D3kaYCWyPrapEzOYEAmPHwAqgN0tr6nw@mail.gmail.com \
--to=paul@unnservice.com \
--cc=55055@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).