From ca4eddd56712a5b7984395601b63dd79e7a8abd6 Mon Sep 17 00:00:00 2001
From: Hristo Venev <hristo@venev.name>
Date: Tue, 4 Feb 2020 23:52:59 +0100
Subject: Add source.allow_road_warriors option.

---
 src/config.rs          | 7 +++++++
 src/main.rs            | 9 +++++++++
 src/manager/builder.rs | 9 +++++++++
 3 files changed, 25 insertions(+)

diff --git a/src/config.rs b/src/config.rs
index 3eb0dd4..a1dff3e 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -17,6 +17,8 @@ pub struct Source {
     pub ipv6: Ipv6Set,
     #[serde(default)]
     pub required: bool,
+    #[serde(default = "default_allow_road_warriors")]
+    pub allow_road_warriors: bool,
 }
 
 #[derive(serde_derive::Deserialize)]
@@ -132,6 +134,11 @@ impl From<ConfigRepr> for Config {
     }
 }
 
+#[inline]
+const fn default_allow_road_warriors() -> bool {
+    true
+}
+
 #[inline]
 const fn default_min_keepalive() -> u32 {
     10
diff --git a/src/main.rs b/src/main.rs
index 2ab02af..5cdaa40 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -60,6 +60,14 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config
                     s.required = true;
                     continue;
                 }
+                if key == "deny_road_warriors" {
+                    s.allow_road_warriors = false;
+                    continue;
+                }
+                if key == "allow_road_warriors" {
+                    s.allow_road_warriors = true;
+                    continue;
+                }
             }
             State::Peer(ref mut p) => {
                 if key == "source" {
@@ -116,6 +124,7 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config
                 ipv4: model::Ipv4Set::new(),
                 ipv6: model::Ipv6Set::new(),
                 required: false,
+                allow_road_warriors: true,
             });
             cur = State::Source(cfg.sources.last_mut().unwrap());
             continue;
diff --git a/src/manager/builder.rs b/src/manager/builder.rs
index e302f7e..22fcca1 100644
--- a/src/manager/builder.rs
+++ b/src/manager/builder.rs
@@ -122,6 +122,15 @@ impl<'a> ConfigBuilder<'a> {
         }
 
         let ent = if p.base == self.public_key {
+            if !src.config.allow_road_warriors {
+                self.err.push(Error::new(
+                    "road warriors from this source not allowed",
+                    src,
+                    &p.peer,
+                    true,
+                ));
+                return;
+            }
             insert_peer(&mut self.c, &mut self.err, src, &p.peer, contact)
         } else if let Some(ent) = self.c.peers.get_mut(&p.base) {
             ent
-- 
cgit