github.com/moqsien/xraycore@v1.8.5/infra/conf/wireguard.go

github.com/moqsien/xraycore@v1.8.5/infra/conf/wireguard.go (about)

     1  package conf
     2  
     3  import (
     4  	"encoding/base64"
     5  	"encoding/hex"
     6  
     7  	"github.com/moqsien/xraycore/proxy/wireguard"
     8  	"google.golang.org/protobuf/proto"
     9  )
    10  
    11  type WireGuardPeerConfig struct {
    12  	PublicKey    string   `json:"publicKey"`
    13  	PreSharedKey string   `json:"preSharedKey"`
    14  	Endpoint     string   `json:"endpoint"`
    15  	KeepAlive    int      `json:"keepAlive"`
    16  	AllowedIPs   []string `json:"allowedIPs,omitempty"`
    17  }
    18  
    19  func (c *WireGuardPeerConfig) Build() (proto.Message, error) {
    20  	var err error
    21  	config := new(wireguard.PeerConfig)
    22  
    23  	config.PublicKey, err = parseWireGuardKey(c.PublicKey)
    24  	if err != nil {
    25  		return nil, err
    26  	}
    27  
    28  	if c.PreSharedKey != "" {
    29  		config.PreSharedKey, err = parseWireGuardKey(c.PreSharedKey)
    30  		if err != nil {
    31  			return nil, err
    32  		}
    33  	} else {
    34  		config.PreSharedKey = "0000000000000000000000000000000000000000000000000000000000000000"
    35  	}
    36  
    37  	config.Endpoint = c.Endpoint
    38  	// default 0
    39  	config.KeepAlive = int32(c.KeepAlive)
    40  	if c.AllowedIPs == nil {
    41  		config.AllowedIps = []string{"0.0.0.0/0", "::0/0"}
    42  	} else {
    43  		config.AllowedIps = c.AllowedIPs
    44  	}
    45  
    46  	return config, nil
    47  }
    48  
    49  type WireGuardConfig struct {
    50  	SecretKey  string                 `json:"secretKey"`
    51  	Address    []string               `json:"address"`
    52  	Peers      []*WireGuardPeerConfig `json:"peers"`
    53  	MTU        int                    `json:"mtu"`
    54  	NumWorkers int                    `json:"workers"`
    55  	Reserved   []byte                 `json:"reserved"`
    56  }
    57  
    58  func (c *WireGuardConfig) Build() (proto.Message, error) {
    59  	config := new(wireguard.DeviceConfig)
    60  
    61  	var err error
    62  	config.SecretKey, err = parseWireGuardKey(c.SecretKey)
    63  	if err != nil {
    64  		return nil, err
    65  	}
    66  
    67  	if c.Address == nil {
    68  		// bogon ips
    69  		config.Endpoint = []string{"10.0.0.1", "fd59:7153:2388:b5fd:0000:0000:0000:0001"}
    70  	} else {
    71  		config.Endpoint = c.Address
    72  	}
    73  
    74  	if c.Peers != nil {
    75  		config.Peers = make([]*wireguard.PeerConfig, len(c.Peers))
    76  		for i, p := range c.Peers {
    77  			msg, err := p.Build()
    78  			if err != nil {
    79  				return nil, err
    80  			}
    81  			config.Peers[i] = msg.(*wireguard.PeerConfig)
    82  		}
    83  	}
    84  
    85  	if c.MTU == 0 {
    86  		config.Mtu = 1420
    87  	} else {
    88  		config.Mtu = int32(c.MTU)
    89  	}
    90  	// these a fallback code exists in github.com/nanoda0523/wireguard-go code,
    91  	// we don't need to process fallback manually
    92  	config.NumWorkers = int32(c.NumWorkers)
    93  
    94  	if len(c.Reserved) != 0 && len(c.Reserved) != 3 {
    95  		return nil, newError(`"reserved" should be empty or 3 bytes`)
    96  	}
    97  	config.Reserved = c.Reserved
    98  
    99  	return config, nil
   100  }
   101  
   102  func parseWireGuardKey(str string) (string, error) {
   103  	if len(str) != 64 {
   104  		// may in base64 form
   105  		dat, err := base64.StdEncoding.DecodeString(str)
   106  		if err != nil {
   107  			return "", err
   108  		}
   109  		if len(dat) != 32 {
   110  			return "", newError("key should be 32 bytes: " + str)
   111  		}
   112  		return hex.EncodeToString(dat), err
   113  	} else {
   114  		// already hex form
   115  		return str, nil
   116  	}
   117  }