xref: /openbsd/sys/net/if_wg.h (revision e5dd7070) 
1 /*	$OpenBSD: if_wg.h,v 1.4 2020/06/22 12:20:44 jasper Exp $ */
2 
3 /*
4  * Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
5  * Copyright (C) 2019-2020 Matt Dunwoodie <ncon@noconroy.net>
6  *
7  * Permission to use, copy, modify, and distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 #ifndef __IF_WG_H__
21 #define __IF_WG_H__
22 
23 #include <sys/limits.h>
24 #include <sys/errno.h>
25 
26 #include <net/if.h>
27 #include <netinet/in.h>
28 
29 
30 /*
31  * This is the public interface to the WireGuard network interface.
32  *
33  * It is designed to be used by tools such as ifconfig(8) and wg(8).
34  */
35 
36 #define WG_KEY_LEN 32
37 
38 /*
39  * These ioctls do not need a NETLOCK as they use their own locks to serialise
40  * access.
41  */
42 #define SIOCSWG _IOWR('i', 210, struct wg_data_io)
43 #define SIOCGWG _IOWR('i', 211, struct wg_data_io)
44 
45 #define a_ipv4	a_addr.addr_ipv4
46 #define a_ipv6	a_addr.addr_ipv6
47 
48 struct wg_aip_io {
49 	sa_family_t	 a_af;
50 	int		 a_cidr;
51 	union wg_aip_addr {
52 		struct in_addr		addr_ipv4;
53 		struct in6_addr		addr_ipv6;
54 	}		 a_addr;
55 };
56 
57 #define WG_PEER_HAS_PUBLIC		(1 << 0)
58 #define WG_PEER_HAS_PSK			(1 << 1)
59 #define WG_PEER_HAS_PKA			(1 << 2)
60 #define WG_PEER_HAS_ENDPOINT		(1 << 3)
61 #define WG_PEER_REPLACE_AIPS		(1 << 4)
62 #define WG_PEER_REMOVE			(1 << 5)
63 #define WG_PEER_UPDATE			(1 << 6)
64 
65 #define p_sa		p_endpoint.sa_sa
66 #define p_sin		p_endpoint.sa_sin
67 #define p_sin6		p_endpoint.sa_sin6
68 
69 struct wg_peer_io {
70 	int			p_flags;
71 	int			p_protocol_version;
72 	uint8_t			p_public[WG_KEY_LEN];
73 	uint8_t			p_psk[WG_KEY_LEN];
74 	uint16_t		p_pka;
75 	union wg_peer_endpoint {
76 		struct sockaddr		sa_sa;
77 		struct sockaddr_in	sa_sin;
78 		struct sockaddr_in6	sa_sin6;
79 	}			p_endpoint;
80 	uint64_t		p_txbytes;
81 	uint64_t		p_rxbytes;
82 	struct timespec		p_last_handshake; /* nanotime */
83 	size_t			p_aips_count;
84 	struct wg_aip_io	p_aips[];
85 };
86 
87 #define WG_INTERFACE_HAS_PUBLIC		(1 << 0)
88 #define WG_INTERFACE_HAS_PRIVATE	(1 << 1)
89 #define WG_INTERFACE_HAS_PORT		(1 << 2)
90 #define WG_INTERFACE_HAS_RTABLE		(1 << 3)
91 #define WG_INTERFACE_REPLACE_PEERS	(1 << 4)
92 
93 struct wg_interface_io {
94 	uint8_t			i_flags;
95 	in_port_t		i_port;
96 	int			i_rtable;
97 	uint8_t			i_public[WG_KEY_LEN];
98 	uint8_t			i_private[WG_KEY_LEN];
99 	size_t			i_peers_count;
100 	struct wg_peer_io	i_peers[];
101 };
102 
103 struct wg_data_io {
104 	char	 		 wgd_name[IFNAMSIZ];
105 	size_t			 wgd_size;	/* total size of the memory pointed to by wgd_interface */
106 	struct wg_interface_io	*wgd_interface;
107 };
108 
109 #endif /* __IF_WG_H__ */
110