Reading configuration from stdin
Manuel Schölling
manuel.schoelling at gmx.de
Mon Dec 11 21:36:21 CET 2017
On Mon, 2017-12-11 at 05:24 +0100, Jason A. Donenfeld wrote:
> I'd suggest the following for a WireGuard NetworkManager plugin:
>
> 1. If you want to do stuff for wireguard-p2p, can you make it a
> separate "extra" plugin, so that the generic WireGuard one is
> globally
> useful? And then people who use the p2p stuff can use a separate
> plugin that piggybacks upon the first?
I can try. Should be easy to rip out the p2p stuff once it's done.
> 2. Write it in a language that will be accepted by upstream. I have
> no
> clue their thoughts on Rust.
No idea, either. However, I am not really a fan of writing GTK in C
(with all the manual reference counting and stuff). Let me first write
it in Rust and make it work. Then I can still port it back to C.
> 3. Rather than calling wg(8), maybe it's best to speak the Netlink
> API
> directly? I can give you a hand with this, if you want. The API is
> documented in this header:
> https://git.zx2c4.com/WireGuard/tree/src/uapi/wireguard.h
Not a bad idea, I think in the mid/long term I should do that!
> > Would it make sense (aka be secure) if we make it possible to call
> > 'wg
> > setconf wg0 -' so the wg tool does not read the configuration from
> > a
> > file but from stdin? Same for 'wg set wg0 private-key -' and 'wg
> > set
> > wg0 psk -'?
>
> wg-quick(8) does this precise thing, and generally this is a fine way
> of passing config information. However, usually you can get away with
> using the more explicit /dev/stdin or /proc/self/fd/0, as Aaron
> suggested. Are there reasons to prefer - over /dev/stdin?
>
> Jason
More information about the WireGuard
mailing list