Auth notifications for unknown peers

contrib/peer-approver/accounts.csv

@@ -0,0 +1,2 @@
+Public Key,Allowed Ips,PSK
+/Ca5004uiLJVBqSPaBUKg5zBszO9qbzEUCWmVkelkjY=,"10.8.1.10/32",E37VXqGtGvwftop/uFsbZcIO76Ox1kMmB6Sz/JoIw2I=

contrib/peer-approver/approve.sh

@@ -1,5 +1,21 @@
 #!/usr/bin/env bash
 
-echo "came with arguments: "
-echo $*
+ACCOUNTS_FILE=$1
+INTERFACE_NAME=$2
+PUBLIC_KEY=$3
+ENDPOINT=$4
+ADVANCED_SECURITY=$5
 
+ACCOUNT_STR=`grep "${PUBLIC_KEY}" "${ACCOUNTS_FILE}"`
+
+if [ "${ACCOUNT_STR}" == "" ]; then
+  echo "Public key not found in accounts file!"
+  exit 255
+fi
+
+ACCOUNT=(${ACCOUNT_STR//,/ })
+ALLOWED_IPS=$(echo ${ACCOUNT[1]}|tr -d '"')
+PSK=$(echo ${ACCOUNT[2]}|tr -d '"')
+
+awg set "${INTERFACE_NAME}" peer "${PUBLIC_KEY}" allowed-ips "${ALLOWED_IPS}" endpoint "${ENDPOINT}" allowed-ips "${ALLOWED_IPS}" preshared-key "${PSK}" advanced-security "${ADVANCED_SECURITY}"
+exit $?

contrib/peer-approver/notification-listener.c

@@ -24,7 +24,6 @@
 static struct nl_sock *sk = NULL;
 static char **cb_argv;
 static int cb_argc;
-//static bool running_cb = false;
 
 static int cleanup_and_exit(int ret)
 {
@@ -35,8 +34,7 @@ static int cleanup_and_exit(int ret)
 
 static void signal_handler(int sig)
 {
-	//if (!running_cb)
-		cleanup_and_exit(EXIT_SUCCESS);
+	cleanup_and_exit(EXIT_SUCCESS);
 }
 
 static inline void encode_base64(char dest[static 4], const uint8_t src[static 3])
@@ -132,8 +130,6 @@ static int run_callback(char *ifname, char *pubkey, char *endpoint_ip, bool adva
 	new_argv[cb_argc - 1] = (advanced_security ? "on\0" : "off\0");
 	new_argv[cb_argc] = NULL;
 
-	//running_cb = true;
-
 	int child_pid = fork(), ret;
 	if (child_pid < 0) {
 		prerr("failed to spawn child process: %d\n", child_pid);
@@ -145,8 +141,6 @@ static int run_callback(char *ifname, char *pubkey, char *endpoint_ip, bool adva
 		waitpid(child_pid, &ret, 0);
 	}
 
-	//running_cb = false;
-
 	free(new_argv);
 	return ret;
 }