diff options
Diffstat (limited to 'pkg/wgconf')
| -rw-r--r-- | pkg/wgconf/wgconf.go | 55 | ||||
| -rw-r--r-- | pkg/wgconf/wgconf_test.go | 145 |
2 files changed, 187 insertions, 13 deletions
diff --git a/pkg/wgconf/wgconf.go b/pkg/wgconf/wgconf.go index 2615892..36434ba 100644 --- a/pkg/wgconf/wgconf.go +++ b/pkg/wgconf/wgconf.go @@ -22,6 +22,23 @@ type Peer struct { AllowedIPs []string } +// stripComment removes inline and block comments from a line, keeping spaces intact otherwise. +func stripComment(line string) string { + line = strings.TrimSpace(line) + if line == "" || strings.HasPrefix(line, "#") || strings.HasPrefix(line, ";") { + return "" + } + + // Find the first occurrence of '#' or ';' preceded by a whitespace character. + // This protects characters like '#' if they are part of a key/value with no leading whitespace. + for i := 1; i < len(line); i++ { + if (line[i] == '#' || line[i] == ';') && (line[i-1] == ' ' || line[i-1] == '\t') { + return strings.TrimSpace(line[:i]) + } + } + return line +} + // Parse reads a WireGuard .conf file and returns a Config struct. func Parse(path string) (*Config, error) { file, err := os.Open(path) @@ -40,18 +57,23 @@ func Parse(path string) (*Config, error) { scanner := bufio.NewScanner(file) for scanner.Scan() { - line := strings.TrimSpace(scanner.Text()) - if line == "" || strings.HasPrefix(line, "#") { + line := stripComment(scanner.Text()) + if line == "" { continue } - if strings.HasPrefix(line, "[") { - section := strings.Trim(line, "[]") - if section == "Peer" { + if strings.HasPrefix(line, "[") && strings.HasSuffix(line, "]") { + section := strings.ToLower(strings.Trim(line, "[] \t")) + if section == "peer" { if currentPeer != nil { cfg.Peers = append(cfg.Peers, *currentPeer) } currentPeer = &Peer{} + } else { + if currentPeer != nil { + cfg.Peers = append(cfg.Peers, *currentPeer) + currentPeer = nil + } } continue } @@ -61,25 +83,32 @@ func Parse(path string) (*Config, error) { return nil, fmt.Errorf("invalid line format: %s", line) } - key := strings.TrimSpace(parts[0]) + key := strings.ToLower(strings.TrimSpace(parts[0])) val := strings.TrimSpace(parts[1]) if currentPeer != nil { switch key { - case "PublicKey": + case "publickey": currentPeer.PublicKey = val - case "Endpoint": + case "endpoint": currentPeer.Endpoint = val - case "AllowedIPs": - currentPeer.AllowedIPs = strings.Split(val, ",") + case "allowedips": + var ips []string + for _, ip := range strings.Split(val, ",") { + trimmed := strings.TrimSpace(ip) + if trimmed != "" { + ips = append(ips, trimmed) + } + } + currentPeer.AllowedIPs = ips } } else { switch key { - case "PrivateKey": + case "privatekey": cfg.PrivateKey = val - case "Address": + case "address": cfg.Address = val - case "DNS": + case "dns": cfg.DNS = val } } diff --git a/pkg/wgconf/wgconf_test.go b/pkg/wgconf/wgconf_test.go index 805aeaa..92583a5 100644 --- a/pkg/wgconf/wgconf_test.go +++ b/pkg/wgconf/wgconf_test.go @@ -3,6 +3,7 @@ package wgconf import ( "os" "path/filepath" + "reflect" "testing" ) @@ -69,3 +70,147 @@ InvalidLineWithoutEquals` t.Error("expected error for invalid line format, got nil") } } + +func TestParseConfigInTheWildEdgeCases(t *testing.T) { + tests := []struct { + name string + content string + want *Config + wantErr bool + }{ + { + name: "Case insensitivity for sections and keys", + content: ` +[interface] +privatekey = my-private-key +address = 10.0.1.2/24 +dns = 8.8.8.8 + +[peer] +publickey = peer-public-key +endpoint = 5.5.5.5:51820 +allowedips = 10.0.1.0/24, fd00::1/64 +`, + want: &Config{ + PrivateKey: "my-private-key", + Address: "10.0.1.2/24", + DNS: "8.8.8.8", + Peers: []Peer{ + { + PublicKey: "peer-public-key", + Endpoint: "5.5.5.5:51820", + AllowedIPs: []string{"10.0.1.0/24", "fd00::1/64"}, + }, + }, + }, + }, + { + name: "Inline and block comments", + content: ` +# This is a whole-line comment +; This is another whole-line comment starting with semicolon + +[Interface] +PrivateKey = key-with-hash-inside#123 # Comment at end of line +Address = 10.0.0.1/24 ; inline semicolon comment +DNS = 1.1.1.1 # DNS fallback + +[Peer] +PublicKey = peerkey ; comment here +# This is a comment between fields +Endpoint = 1.1.1.1:1111 +AllowedIPs = 10.0.0.0/24, 10.0.1.0/24 # comment at the end of allowed ips +`, + want: &Config{ + PrivateKey: "key-with-hash-inside#123", + Address: "10.0.0.1/24", + DNS: "1.1.1.1", + Peers: []Peer{ + { + PublicKey: "peerkey", + Endpoint: "1.1.1.1:1111", + AllowedIPs: []string{"10.0.0.0/24", "10.0.1.0/24"}, + }, + }, + }, + }, + { + name: "Crazy whitespaces and tabs", + content: ` + [Interface] + PrivateKey = key123 + Address = 10.0.0.2/24 + DNS = 9.9.9.9 + + [Peer] +PublicKey = key456 +Endpoint = 2.2.2.2:2222 +AllowedIPs = 192.168.1.1/32 , 192.168.1.2/32 +`, + want: &Config{ + PrivateKey: "key123", + Address: "10.0.0.2/24", + DNS: "9.9.9.9", + Peers: []Peer{ + { + PublicKey: "key456", + Endpoint: "2.2.2.2:2222", + AllowedIPs: []string{"192.168.1.1/32", "192.168.1.2/32"}, + }, + }, + }, + }, + { + name: "Ignore unrecognized keys under Interface and Peer", + content: ` +[Interface] +PrivateKey = pk +Address = 10.0.0.1/24 +ListenPort = 51820 +FwMark = 1234 +MTU = 1420 +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE + +[Peer] +PublicKey = pubk +PresharedKey = preshared_key_abc +Endpoint = 3.3.3.3:3333 +AllowedIPs = 0.0.0.0/0 +PersistentKeepalive = 25 +`, + want: &Config{ + PrivateKey: "pk", + Address: "10.0.0.1/24", + DNS: "", + Peers: []Peer{ + { + PublicKey: "pubk", + Endpoint: "3.3.3.3:3333", + AllowedIPs: []string{"0.0.0.0/0"}, + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tmpFile := filepath.Join(t.TempDir(), "test_wild.conf") + if err := os.WriteFile(tmpFile, []byte(tt.content), 0644); err != nil { + t.Fatal(err) + } + + cfg, err := Parse(tmpFile) + if (err != nil) != tt.wantErr { + t.Fatalf("Parse() error = %v, wantErr %v", err, tt.wantErr) + } + + if err == nil { + if !reflect.DeepEqual(cfg, tt.want) { + t.Errorf("Parse() got = %+v, want = %+v", cfg, tt.want) + } + } + }) + } +} |