Allow cli to set wireguard settings

1 files changed, 118 insertions, 28 deletions

diff --git a/mullvad-cli/src/cmds/tunnel.rs b/mullvad-cli/src/cmds/tunnel.rs
index 33e75d26d4..5887148abe 100644
--- a/mullvad-cli/src/cmds/tunnel.rs
+++ b/mullvad-cli/src/cmds/tunnel.rs
@@ -18,20 +18,55 @@ impl Command for Tunnel {
             .about("Manage tunnel specific options")
             .setting(clap::AppSettings::SubcommandRequired)
             .subcommand(create_openvpn_subcommand())
+            .subcommand(create_wireguard_subcommand())
             .subcommand(create_ipv6_subcommand())
     }
 
     fn run(&self, matches: &clap::ArgMatches) -> Result<()> {
-        if let Some(openvpn_matches) = matches.subcommand_matches("openvpn") {
-            Self::handle_openvpn_cmd(openvpn_matches)
-        } else if let Some(ipv6_matches) = matches.subcommand_matches("ipv6") {
-            Self::handle_ipv6_cmd(ipv6_matches)
-        } else {
-            unreachable!("unhandled command");
+        match matches.subcommand() {
+            ("openvpn", Some(openvpn_matches)) => Self::handle_openvpn_cmd(openvpn_matches),
+            ("wireguard", Some(wg_matches)) => Self::handle_wireguard_cmd(wg_matches),
+            ("ipv6", Some(ipv6_matches)) => Self::handle_ipv6_cmd(ipv6_matches),
+            _ => {
+                unreachable!("unhandled comand");
+            }
         }
     }
 }
 
+fn create_wireguard_subcommand() -> clap::App<'static, 'static> {
+    let app = clap::SubCommand::with_name("wireguard")
+        .about("Manage options for Wireguard tunnels")
+        .setting(clap::AppSettings::SubcommandRequired)
+        .subcommand(create_wireguard_mtu_subcommand());
+    if cfg!(target_os = "linux") {
+        app.subcommand(create_wireguard_fwmark_subcommand())
+    } else {
+        app
+    }
+}
+
+fn create_wireguard_mtu_subcommand() -> clap::App<'static, 'static> {
+    clap::SubCommand::with_name("mtu")
+        .about("Configure the MTU of the wireguard tunnel")
+        .setting(clap::AppSettings::SubcommandRequired)
+        .subcommand(clap::SubCommand::with_name("get"))
+        .subcommand(clap::SubCommand::with_name("unset"))
+        .subcommand(
+            clap::SubCommand::with_name("set").arg(clap::Arg::with_name("mtu").required(true)),
+        )
+}
+
+fn create_wireguard_fwmark_subcommand() -> clap::App<'static, 'static> {
+    clap::SubCommand::with_name("fwmark")
+        .about("Configure the firewall mark used to direct traffic through Wireguard tunnel")
+        .setting(clap::AppSettings::SubcommandRequired)
+        .subcommand(clap::SubCommand::with_name("get"))
+        .subcommand(
+            clap::SubCommand::with_name("set").arg(clap::Arg::with_name("fwmark").required(true)),
+        )
+}
+
 fn create_openvpn_subcommand() -> clap::App<'static, 'static> {
     clap::SubCommand::with_name("openvpn")
         .about("Manage options for OpenVPN tunnels")
@@ -129,39 +164,94 @@ fn create_ipv6_subcommand() -> clap::App<'static, 'static> {
 
 impl Tunnel {
     fn handle_openvpn_cmd(matches: &clap::ArgMatches) -> Result<()> {
-        if let Some(m) = matches.subcommand_matches("mssfix") {
-            Self::handle_openvpn_mssfix_cmd(m)
-        } else if let Some(m) = matches.subcommand_matches("proxy") {
-            Self::handle_openvpn_proxy_cmd(m)
-        } else {
-            unreachable!("unhandled command");
+        match matches.subcommand() {
+            ("mssfix", Some(mssfix_matches)) => Self::handle_openvpn_mssfix_cmd(mssfix_matches),
+            ("proxy", Some(proxy_matches)) => Self::handle_openvpn_proxy_cmd(proxy_matches),
+            _ => unreachable!("unhandled command"),
         }
     }
 
     fn handle_openvpn_mssfix_cmd(matches: &clap::ArgMatches) -> Result<()> {
-        if matches.subcommand_matches("get").is_some() {
-            Self::process_openvpn_mssfix_get()
-        } else if matches.subcommand_matches("unset").is_some() {
-            Self::process_openvpn_mssfix_unset()
-        } else if let Some(m) = matches.subcommand_matches("set") {
-            Self::process_openvpn_mssfix_set(m)
-        } else {
-            unreachable!("unhandled command");
+        match matches.subcommand() {
+            ("get", Some(_)) => Self::process_openvpn_mssfix_get(),
+            ("unset", Some(_)) => Self::process_openvpn_mssfix_unset(),
+            ("set", Some(set_matches)) => Self::process_openvpn_mssfix_set(set_matches),
+            _ => unreachable!("unhandled command"),
         }
     }
 
     fn handle_openvpn_proxy_cmd(matches: &clap::ArgMatches) -> Result<()> {
-        if matches.subcommand_matches("get").is_some() {
-            Self::process_openvpn_proxy_get()
-        } else if matches.subcommand_matches("unset").is_some() {
-            Self::process_openvpn_proxy_unset()
-        } else if let Some(m) = matches.subcommand_matches("set") {
-            Self::process_openvpn_proxy_set(m)
-        } else {
-            unreachable!("unhandled command");
+        match matches.subcommand() {
+            ("get", Some(_)) => Self::process_openvpn_proxy_get(),
+            ("unset", Some(_)) => Self::process_openvpn_proxy_unset(),
+            ("set", Some(set_matches)) => Self::process_openvpn_proxy_set(set_matches),
+            _ => unreachable!("unhandled command"),
         }
     }
 
+    fn handle_wireguard_cmd(matches: &clap::ArgMatches) -> Result<()> {
+        match matches.subcommand() {
+            ("mtu", Some(matches)) => match matches.subcommand() {
+                ("get", _) => Self::process_wireguard_mtu_get(),
+                ("set", Some(matches)) => Self::process_wireguard_mtu_set(matches),
+                ("unset", _) => Self::process_wireguard_mtu_unset(),
+                _ => unreachable!("unhandled command"),
+            },
+
+            #[cfg(target_os = "linux")]
+            ("fwmark", Some(matches)) => match matches.subcommand() {
+                ("get", _) => Self::process_wireguard_fwmark_get(),
+                ("set", Some(fwmark_matches)) => Self::process_wireguard_fwmark_set(fwmark_matches),
+                _ => unreachable!("unhandled command"),
+            },
+            _ => unreachable!("unhandled command"),
+        }
+    }
+
+    fn process_wireguard_mtu_get() -> Result<()> {
+        let tunnel_options = Self::get_tunnel_options()?;
+        println!(
+            "mtu: {}",
+            tunnel_options
+                .wireguard
+                .mtu
+                .map(|mtu| mtu.to_string())
+                .unwrap_or("unset".into())
+        );
+        Ok(())
+    }
+
+    fn process_wireguard_mtu_set(matches: &clap::ArgMatches) -> Result<()> {
+        let mtu = value_t!(matches.value_of("mtu"), u16).unwrap_or_else(|e| e.exit());
+        let mut rpc = new_rpc_client()?;
+        rpc.set_wireguard_mtu(Some(mtu))?;
+        println!("Wireguard MTU has been updated");
+        Ok(())
+    }
+
+    fn process_wireguard_mtu_unset() -> Result<()> {
+        let mut rpc = new_rpc_client()?;
+        rpc.set_wireguard_mtu(None)?;
+        println!("Wireguard MTU has been unset");
+        Ok(())
+    }
+
+    #[cfg(target_os = "linux")]
+    fn process_wireguard_fwmark_get() -> Result<()> {
+        let tunnel_options = Self::get_tunnel_options()?;
+        println!("fwmark: {}", tunnel_options.wireguard.fwmark);
+        Ok(())
+    }
+
+    #[cfg(target_os = "linux")]
+    fn process_wireguard_fwmark_set(matches: &clap::ArgMatches) -> Result<()> {
+        let fwmark = value_t!(matches.value_of("fwmark"), i32).unwrap_or_else(|e| e.exit());
+        let mut rpc = new_rpc_client()?;
+        rpc.set_wireguard_fwmark(fwmark)?;
+        println!("Firewall mark parameter has been updated");
+        Ok(())
+    }
+
     fn handle_ipv6_cmd(matches: &clap::ArgMatches) -> Result<()> {
         if matches.subcommand_matches("get").is_some() {
             Self::process_ipv6_get()