[PATCH] wireguard-tools: allow generating private_key

Leonardo Mörlein me at irrelefant.net
Thu Jan 7 20:24:35 EST 2021


When the uci configuration is created automatically during a very early
stage, where no entropy daemon is set up, generating the key directly is
not an option. Therefore we allow to set the private_key to "generate"
and generate the private key directly before the interface is taken up.

Signed-off-by: Leonardo Mörlein <me at irrelefant.net>
---
 package/network/utils/wireguard-tools/files/wireguard.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/package/network/utils/wireguard-tools/files/wireguard.sh b/package/network/utils/wireguard-tools/files/wireguard.sh
index 63261aea71..d874c4b5e6 100644
--- a/package/network/utils/wireguard-tools/files/wireguard.sh
+++ b/package/network/utils/wireguard-tools/files/wireguard.sh
@@ -121,6 +121,11 @@ proto_wireguard_setup() {
 		ip link set mtu "${mtu}" dev "${config}"
 	fi
 
+	if [ "$private_key" == "generate" ]; then
+		private_key=`"${WG}" genkey`
+		uci -q set network."$config".private_key="$private_key" && uci -q commit network
+	fi
+
 	proto_init_update "${config}" 1
 
 	umask 077
-- 
2.30.0




More information about the openwrt-devel mailing list