From patchwork Fri May 24 11:00:44 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: wireguard: Add option to disable Endpoint Host Dependency
From: Adrian Schmutzler <freifunk@adrianschmutzler.de>
X-Patchwork-Id: 1110
Message-Id: <20190524110044.981-1-freifunk@adrianschmutzler.de>
To: franken-dev@freifunk.net
Date: Fri, 24 May 2019 13:00:44 +0200

When using IPv6 addresses (or DNS which has AAAA record) as endpoint,
add_host_dependency fails for some reason which causes the wireguard
interface to disappear.

This patch backports an option from OpenWrt master, where
host_dependency can be disabled by adding 'option nohostroute 1'
to the interface.

This is an alternate approach based on the work of Fabian Bläse.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Fabian Bläse <fabian@blaese.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
---
 ...01-wireguard-introduce-nohostroute-option.patch | 47 ++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch

diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch
new file mode 100644
index 00000000..09d43ddc
--- /dev/null
+++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch
@@ -0,0 +1,47 @@
+From: Daniel Golle <daniel@makrotopia.org>
+Date: Tue, 19 Mar 2019 16:47:17 +0100
+Subject: wireguard: introduce 'nohostroute' option
+
+Use a new config option 'nohostroute' to explicitely prevent creation
+of the route to the endpoint.
+
+Signed-off-by: Daniel Golle <daniel@makrotopia.org>
+[squashed with commit 1e8bb50, shorten commit message]
+Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.net>
+
+diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh
+index 96fa7215ff..fb781070d6 100644
+--- a/package/network/services/wireguard/files/wireguard.sh
++++ b/package/network/services/wireguard/files/wireguard.sh
+@@ -114,6 +114,7 @@ proto_wireguard_setup() {
+   config_get mtu           "${config}" "mtu"
+   config_get fwmark        "${config}" "fwmark"
+   config_get ip6prefix     "${config}" "ip6prefix"
++  config_get nohostroute   "${config}" "nohostroute"
+ 
+   # create interface
+   ip link del dev "${config}" 2>/dev/null
+@@ -176,12 +177,14 @@ proto_wireguard_setup() {
+   done
+ 
+   # endpoint dependency
+-  wg show "${config}" endpoints | \
+-    sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
+-    while IFS=$'\t ' read -r key address port; do
+-    [ -n "${port}" ] || continue
+-    proto_add_host_dependency "${config}" "${address}"
+-  done
++  if [ "${nohostroute}" != "1" ]; then
++    wg show "${config}" endpoints | \
++      sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
++      while IFS=$'\t ' read -r key address port; do
++      [ -n "${port}" ] || continue
++      proto_add_host_dependency "${config}" "${address}"
++    done
++  fi
+ 
+   proto_send_update "${config}"
+ }
+-- 
+2.11.0
+