pangolin_mirror/olm
1
0
Fork 0
mirror of https://github.com/fosrl/olm.git synced 2026-03-06 02:36:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updates to support updates

Browse Source
This commit is contained in:
Owen
2025-11-20 14:21:27 -05:00
parent 196d1cdee7
commit 8cff1d37fa
5 changed files with 138 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
olm/common.go
View File

@@ -83,3 +83,16 @@ func GetNetworkSettingsJSON() (string, error) {
func GetNetworkSettingsIncrementor() int { func GetNetworkSettingsIncrementor() int {
return network.GetIncrementor() return network.GetIncrementor()
} }
// stringSlicesEqual compares two string slices for equality
func stringSlicesEqual(a, b []string) bool {
if len(a) != len(b) {
return false
}
for i := range a {
if a[i] != b[i] {
return false
}
}
return true
}

79
olm/olm.go
View File

@@ -543,31 +543,54 @@ func StartTunnel(config TunnelConfig) {
return return
} }
// Convert to SiteConfig // Update the peer in WireGuard
siteConfig := SiteConfig{ if dev == nil {
SiteId: updateData.SiteId, logger.Error("WireGuard device not initialized")
Endpoint: updateData.Endpoint, return
PublicKey: updateData.PublicKey,
ServerIP: updateData.ServerIP,
ServerPort: updateData.ServerPort,
RemoteSubnets: updateData.RemoteSubnets,
} }
// Update the peer in WireGuard // Find the existing peer to merge updates with
if dev != nil { var existingPeer *SiteConfig
// Find the existing peer to get old data var peerIndex int
var oldRemoteSubnets string for i, site := range wgData.Sites {
var oldPublicKey string
for _, site := range wgData.Sites {
if site.SiteId == updateData.SiteId { if site.SiteId == updateData.SiteId {
oldRemoteSubnets = site.RemoteSubnets existingPeer = &wgData.Sites[i]
oldPublicKey = site.PublicKey peerIndex = i
break break
} }
} }
if existingPeer == nil {
logger.Error("Peer with site ID %d not found", updateData.SiteId)
return
}
// Store old values for comparison
oldRemoteSubnets := existingPeer.RemoteSubnets
oldPublicKey := existingPeer.PublicKey
// Create updated site config by merging with existing data
// Only update fields that are provided (non-empty/non-zero)
siteConfig := *existingPeer // Start with existing data
if updateData.Endpoint != "" {
siteConfig.Endpoint = updateData.Endpoint
}
if updateData.PublicKey != "" {
siteConfig.PublicKey = updateData.PublicKey
}
if updateData.ServerIP != "" {
siteConfig.ServerIP = updateData.ServerIP
}
if updateData.ServerPort != 0 {
siteConfig.ServerPort = updateData.ServerPort
}
if updateData.RemoteSubnets != nil {
siteConfig.RemoteSubnets = updateData.RemoteSubnets
}
// If the public key has changed, remove the old peer first // If the public key has changed, remove the old peer first
if oldPublicKey != "" && oldPublicKey != updateData.PublicKey { if siteConfig.PublicKey != oldPublicKey {
logger.Info("Public key changed for site %d, removing old peer with key %s", updateData.SiteId, oldPublicKey) logger.Info("Public key changed for site %d, removing old peer with key %s", updateData.SiteId, oldPublicKey)
if err := RemovePeer(dev, updateData.SiteId, oldPublicKey); err != nil { if err := RemovePeer(dev, updateData.SiteId, oldPublicKey); err != nil {
logger.Error("Failed to remove old peer: %v", err) logger.Error("Failed to remove old peer: %v", err)
@@ -583,8 +606,8 @@ func StartTunnel(config TunnelConfig) {
return return
} }
// Remove old remote subnet routes if they changed // Handle remote subnet route changes
if oldRemoteSubnets != siteConfig.RemoteSubnets { if !stringSlicesEqual(oldRemoteSubnets, siteConfig.RemoteSubnets) {
if err := removeRoutesForRemoteSubnets(oldRemoteSubnets); err != nil { if err := removeRoutesForRemoteSubnets(oldRemoteSubnets); err != nil {
logger.Error("Failed to remove old remote subnet routes: %v", err) logger.Error("Failed to remove old remote subnet routes: %v", err)
// Continue anyway to add new routes // Continue anyway to add new routes
@@ -599,15 +622,7 @@ func StartTunnel(config TunnelConfig) {
// Update successful // Update successful
logger.Info("Successfully updated peer for site %d", updateData.SiteId) logger.Info("Successfully updated peer for site %d", updateData.SiteId)
for i := range wgData.Sites { wgData.Sites[peerIndex] = siteConfig
if wgData.Sites[i].SiteId == updateData.SiteId {
wgData.Sites[i] = siteConfig
break
}
}
} else {
logger.Error("WireGuard device not initialized")
}
}) })
// Handler for adding a new peer // Handler for adding a new peer
@@ -637,7 +652,10 @@ func StartTunnel(config TunnelConfig) {
} }
// Add the peer to WireGuard // Add the peer to WireGuard
if dev != nil { if dev == nil {
logger.Error("WireGuard device not initialized")
return
}
// Format the endpoint before adding the new peer. // Format the endpoint before adding the new peer.
siteConfig.Endpoint = formatEndpoint(siteConfig.Endpoint) siteConfig.Endpoint = formatEndpoint(siteConfig.Endpoint)
@@ -659,9 +677,6 @@ func StartTunnel(config TunnelConfig) {
// Update WgData with the new peer // Update WgData with the new peer
wgData.Sites = append(wgData.Sites, siteConfig) wgData.Sites = append(wgData.Sites, siteConfig)
} else {
logger.Error("WireGuard device not initialized")
}
}) })
// Handler for removing a peer // Handler for removing a peer

7
olm/peer.go
View File

@@ -34,10 +34,9 @@ func ConfigurePeer(dev *device.Device, siteConfig SiteConfig, privateKey wgtypes
allowedIPs = append(allowedIPs, allowedIpStr) allowedIPs = append(allowedIPs, allowedIpStr)
// If we have anything in remoteSubnets, add those as well // If we have anything in remoteSubnets, add those as well
if siteConfig.RemoteSubnets != "" { if len(siteConfig.RemoteSubnets) > 0 {
// Split remote subnets by comma and add each one // Add each remote subnet
remoteSubnets := strings.Split(siteConfig.RemoteSubnets, ",") for _, subnet := range siteConfig.RemoteSubnets {
for _, subnet := range remoteSubnets {
subnet = strings.TrimSpace(subnet) subnet = strings.TrimSpace(subnet)
if subnet != "" { if subnet != "" {
allowedIPs = append(allowedIPs, subnet) allowedIPs = append(allowedIPs, subnet)

22
olm/route.go
View File

@@ -268,15 +268,14 @@ func removeRouteForNetworkConfig(destination string) error {
return nil return nil
} }
// addRoutesForRemoteSubnets adds routes for each comma-separated CIDR in RemoteSubnets // addRoutesForRemoteSubnets adds routes for each subnet in RemoteSubnets
func addRoutesForRemoteSubnets(remoteSubnets, interfaceName string) error { func addRoutesForRemoteSubnets(remoteSubnets []string, interfaceName string) error {
if remoteSubnets == "" { if len(remoteSubnets) == 0 {
return nil return nil
} }
// Split remote subnets by comma and add routes for each one // Add routes for each subnet
subnets := strings.Split(remoteSubnets, ",") for _, subnet := range remoteSubnets {
for _, subnet := range subnets {
subnet = strings.TrimSpace(subnet) subnet = strings.TrimSpace(subnet)
if subnet == "" { if subnet == "" {
continue continue
@@ -314,15 +313,14 @@ func addRoutesForRemoteSubnets(remoteSubnets, interfaceName string) error {
return nil return nil
} }
// removeRoutesForRemoteSubnets removes routes for each comma-separated CIDR in RemoteSubnets // removeRoutesForRemoteSubnets removes routes for each subnet in RemoteSubnets
func removeRoutesForRemoteSubnets(remoteSubnets string) error { func removeRoutesForRemoteSubnets(remoteSubnets []string) error {
if remoteSubnets == "" { if len(remoteSubnets) == 0 {
return nil return nil
} }
// Split remote subnets by comma and remove routes for each one // Remove routes for each subnet
subnets := strings.Split(remoteSubnets, ",") for _, subnet := range remoteSubnets {
for _, subnet := range subnets {
subnet = strings.TrimSpace(subnet) subnet = strings.TrimSpace(subnet)
if subnet == "" { if subnet == "" {
continue continue

14
olm/types.go
View File

@@ -11,7 +11,7 @@ type SiteConfig struct {
PublicKey string `json:"publicKey"` PublicKey string `json:"publicKey"`
ServerIP string `json:"serverIP"` ServerIP string `json:"serverIP"`
ServerPort uint16 `json:"serverPort"` ServerPort uint16 `json:"serverPort"`
RemoteSubnets string `json:"remoteSubnets,omitempty"` // optional, comma-separated list of subnets that this site can access RemoteSubnets []string `json:"remoteSubnets,omitempty"` // optional, array of subnets that this site can access
} }
type HolePunchMessage struct { type HolePunchMessage struct {
@@ -42,11 +42,11 @@ type PeerAction struct {
// UpdatePeerData represents the data needed to update a peer // UpdatePeerData represents the data needed to update a peer
type UpdatePeerData struct { type UpdatePeerData struct {
SiteId int `json:"siteId"` SiteId int `json:"siteId"`
Endpoint string `json:"endpoint"` Endpoint string `json:"endpoint,omitempty"`
PublicKey string `json:"publicKey"` PublicKey string `json:"publicKey,omitempty"`
ServerIP string `json:"serverIP"` ServerIP string `json:"serverIP,omitempty"`
ServerPort uint16 `json:"serverPort"` ServerPort uint16 `json:"serverPort,omitempty"`
RemoteSubnets string `json:"remoteSubnets,omitempty"` // optional, comma-separated list of subnets that this site can access RemoteSubnets []string `json:"remoteSubnets,omitempty"` // optional, array of subnets that this site can access
} }
// AddPeerData represents the data needed to add a peer // AddPeerData represents the data needed to add a peer
@@ -56,7 +56,7 @@ type AddPeerData struct {
PublicKey string `json:"publicKey"` PublicKey string `json:"publicKey"`
ServerIP string `json:"serverIP"` ServerIP string `json:"serverIP"`
ServerPort uint16 `json:"serverPort"` ServerPort uint16 `json:"serverPort"`
RemoteSubnets string `json:"remoteSubnets,omitempty"` // optional, comma-separated list of subnets that this site can access RemoteSubnets []string `json:"remoteSubnets,omitempty"` // optional, array of subnets that this site can access
} }
// RemovePeerData represents the data needed to remove a peer // RemovePeerData represents the data needed to remove a peer