From fcaabe4aace93e3148a5a4493b2317a0154ac660 Mon Sep 17 00:00:00 2001 From: Arceliar Date: Sat, 26 May 2018 20:40:19 -0500 Subject: [PATCH 1/3] Fix some issues with hjson by converting to json then parsing to go struct, and remove useconffile option since it doesn't seem to add anything over stdin and increases the attack surface --- yggdrasil.go | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/yggdrasil.go b/yggdrasil.go index f85fd3ca..9b5ee631 100644 --- a/yggdrasil.go +++ b/yggdrasil.go @@ -1,5 +1,6 @@ package main +import "encoding/json" import "encoding/hex" import "flag" import "fmt" @@ -91,11 +92,9 @@ func generateConfig(isAutoconf bool) *nodeConfig { cfg := nodeConfig{} if isAutoconf { cfg.Listen = "[::]:0" - cfg.MulticastInterfaces = []string{".*"} } else { r1 := rand.New(rand.NewSource(time.Now().UnixNano())) cfg.Listen = fmt.Sprintf("[::]:%d", r1.Intn(65534-32768)+32768) - cfg.MulticastInterfaces = []string{} } cfg.AdminListen = "[::1]:9001" cfg.EncryptionPublicKey = hex.EncodeToString(bpub[:]) @@ -104,6 +103,7 @@ func generateConfig(isAutoconf bool) *nodeConfig { cfg.SigningPrivateKey = hex.EncodeToString(spriv[:]) cfg.Peers = []string{} cfg.AllowedEncryptionPublicKeys = []string{} + cfg.MulticastInterfaces = []string{".*"} cfg.IfName = core.DEBUG_GetTUNDefaultIfName() cfg.IfMTU = core.DEBUG_GetTUNDefaultIfMTU() cfg.IfTAPMode = core.DEBUG_GetTUNDefaultIfTAPMode() @@ -113,7 +113,6 @@ func generateConfig(isAutoconf bool) *nodeConfig { func doGenconf() string { cfg := generateConfig(false) - cfg.MulticastInterfaces = append(cfg.MulticastInterfaces, ".*") bs, err := hjson.Marshal(cfg) if err != nil { panic(err) @@ -124,8 +123,7 @@ func doGenconf() string { var pprof = flag.Bool("pprof", false, "Run pprof, see http://localhost:6060/debug/pprof/") var genconf = flag.Bool("genconf", false, "print a new config to stdout") var useconf = flag.Bool("useconf", false, "read config from stdin") -var useconffile = flag.String("useconffile", "", "read config from specified file path") -var normaliseconf = flag.Bool("normaliseconf", false, "use in combination with either -useconf or -useconffile, outputs your configuration normalised") +var normaliseconf = flag.Bool("normaliseconf", false, "use in combination with -useconf, outputs your configuration normalised") var autoconf = flag.Bool("autoconf", false, "automatic mode (dynamic IP, peer with IPv6 neighbors)") func main() { @@ -134,14 +132,10 @@ func main() { switch { case *autoconf: cfg = generateConfig(true) - case *useconffile != "" || *useconf: + case *useconf: var config []byte var err error - if *useconffile != "" { - config, err = ioutil.ReadFile(*useconffile) - } else { - config, err = ioutil.ReadAll(os.Stdin) - } + config, err = ioutil.ReadAll(os.Stdin) if err != nil { panic(err) } @@ -150,6 +144,11 @@ func main() { if err := hjson.Unmarshal(config, &dat); err != nil { panic(err) } + confJson, err := json.Marshal(dat) + if err != nil { + panic(err) + } + json.Unmarshal(confJson, &cfg) // For now we will do a little bit to help the user adjust their // configuration to match the new configuration format changes := map[string]string{ From e62cfa8c840e549d69ec85483ccac4f23ef7fd6e Mon Sep 17 00:00:00 2001 From: Arceliar Date: Sun, 27 May 2018 12:31:35 -0500 Subject: [PATCH 2/3] revert removal of useconffile --- yggdrasil.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/yggdrasil.go b/yggdrasil.go index 9b5ee631..91403bba 100644 --- a/yggdrasil.go +++ b/yggdrasil.go @@ -123,7 +123,8 @@ func doGenconf() string { var pprof = flag.Bool("pprof", false, "Run pprof, see http://localhost:6060/debug/pprof/") var genconf = flag.Bool("genconf", false, "print a new config to stdout") var useconf = flag.Bool("useconf", false, "read config from stdin") -var normaliseconf = flag.Bool("normaliseconf", false, "use in combination with -useconf, outputs your configuration normalised") +var useconffile = flag.String("useconffile", "", "read config from specified file path") +var normaliseconf = flag.Bool("normaliseconf", false, "use in combination with either -useconf or -useconffile, outputs your configuration normalised") var autoconf = flag.Bool("autoconf", false, "automatic mode (dynamic IP, peer with IPv6 neighbors)") func main() { @@ -132,10 +133,14 @@ func main() { switch { case *autoconf: cfg = generateConfig(true) - case *useconf: + case *useconffile != "" || *useconf: var config []byte var err error - config, err = ioutil.ReadAll(os.Stdin) + if *useconffile != "" { + config, err = ioutil.ReadFile(*useconffile) + } else { + config, err = ioutil.ReadAll(os.Stdin) + } if err != nil { panic(err) } From 7b12493417c6668c12859b9e58c5f7e0c2b45439 Mon Sep 17 00:00:00 2001 From: Arceliar Date: Sun, 27 May 2018 12:56:33 -0500 Subject: [PATCH 3/3] panic if tcp startup fails, since otherwise a nil pointer occurs in multicast. make udp do the same thing. --- src/yggdrasil/debug.go | 14 ++++++++------ src/yggdrasil/udp.go | 7 ++++--- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/src/yggdrasil/debug.go b/src/yggdrasil/debug.go index a86f2225..40cc5c4f 100644 --- a/src/yggdrasil/debug.go +++ b/src/yggdrasil/debug.go @@ -284,9 +284,10 @@ func (c *Core) DEBUG_init(bpub []byte, //////////////////////////////////////////////////////////////////////////////// func (c *Core) DEBUG_setupAndStartGlobalUDPInterface(addrport string) { - iface := udpInterface{} - iface.init(c, addrport) - c.udp = &iface + if err := c.udp.init(c, addrport); err != nil { + c.log.Println("Failed to start UDP interface:", err) + panic(err) + } } func (c *Core) DEBUG_getGlobalUDPAddr() *net.UDPAddr { @@ -337,9 +338,10 @@ func (c *Core) DEBUG_addSOCKSConn(socksaddr, peeraddr string) { //* func (c *Core) DEBUG_setupAndStartGlobalTCPInterface(addrport string) { - iface := tcpInterface{} - iface.init(c, addrport) - c.tcp = &iface + if err := c.tcp.init(c, addrport); err != nil { + c.log.Println("Failed to start TCP interface:", err) + panic(err) + } } func (c *Core) DEBUG_getGlobalTCPAddr() *net.TCPAddr { diff --git a/src/yggdrasil/udp.go b/src/yggdrasil/udp.go index 81f5d38b..02fb9d6d 100644 --- a/src/yggdrasil/udp.go +++ b/src/yggdrasil/udp.go @@ -65,18 +65,19 @@ type udpKeys struct { sig sigPubKey } -func (iface *udpInterface) init(core *Core, addr string) { +func (iface *udpInterface) init(core *Core, addr string) (err error) { iface.core = core udpAddr, err := net.ResolveUDPAddr("udp", addr) if err != nil { - panic(err) + return } iface.sock, err = net.ListenUDP("udp", udpAddr) if err != nil { - panic(err) + return } iface.conns = make(map[connAddr]*connInfo) go iface.reader() + return } func (iface *udpInterface) sendKeys(addr connAddr) {