diff options
| author | David Lönnhager <david.l@mullvad.net> | 2019-12-17 12:31:11 +0100 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2019-12-17 12:31:11 +0100 |
| commit | a85e9db8d1689ac292daa60f674067f21cec1f33 (patch) | |
| tree | 70f42303da155de47edbf1689cf2b8958eeea671 /mullvad-cli/src | |
| parent | a5f588de6cc711ea3b5a790056f1a50242e98dcc (diff) | |
| parent | 964d5211746a3e2841e6a86c22d1c5bd757707bb (diff) | |
| download | mullvadvpn-a85e9db8d1689ac292daa60f674067f21cec1f33.tar.xz mullvadvpn-a85e9db8d1689ac292daa60f674067f21cec1f33.zip | |
Merge branch 'rotate-wireguard-pubkey'
Diffstat (limited to 'mullvad-cli/src')
| -rw-r--r-- | mullvad-cli/src/cmds/tunnel.rs | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/mullvad-cli/src/cmds/tunnel.rs b/mullvad-cli/src/cmds/tunnel.rs index 75119ac87d..2d0da4bf32 100644 --- a/mullvad-cli/src/cmds/tunnel.rs +++ b/mullvad-cli/src/cmds/tunnel.rs @@ -56,6 +56,18 @@ fn create_wireguard_keys_subcommand() -> clap::App<'static, 'static> { .setting(clap::AppSettings::SubcommandRequiredElseHelp) .subcommand(clap::SubCommand::with_name("check")) .subcommand(clap::SubCommand::with_name("generate")) + .subcommand(create_wireguard_keys_rotation_interval_subcommand()) +} + +fn create_wireguard_keys_rotation_interval_subcommand() -> clap::App<'static, 'static> { + clap::SubCommand::with_name("rotation-interval") + .about("Manage automatic key rotation (specified in hours; 0 = disabled)") + .setting(clap::AppSettings::SubcommandRequiredElseHelp) + .subcommand(clap::SubCommand::with_name("get")) + .subcommand(clap::SubCommand::with_name("reset").about("Use the default rotation interval")) + .subcommand( + clap::SubCommand::with_name("set").arg(clap::Arg::with_name("interval").required(true)), + ) } @@ -120,8 +132,17 @@ impl Tunnel { ("key", Some(matches)) => match matches.subcommand() { ("check", _) => Self::process_wireguard_key_check(), ("generate", _) => Self::process_wireguard_key_generate(), + ("rotation-interval", Some(matches)) => match matches.subcommand() { + ("get", _) => Self::process_wireguard_rotation_interval_get(), + ("set", Some(matches)) => { + Self::process_wireguard_rotation_interval_set(matches) + } + ("reset", _) => Self::process_wireguard_rotation_interval_reset(), + _ => unreachable!("unhandled command"), + }, _ => unreachable!("unhandled command"), }, + _ => unreachable!("unhandled command"), } } @@ -184,6 +205,35 @@ impl Tunnel { Ok(()) } + fn process_wireguard_rotation_interval_get() -> Result<()> { + let tunnel_options = Self::get_tunnel_options()?; + println!( + "Rotation interval: {} hour(s)", + tunnel_options + .wireguard + .automatic_rotation + .map(|interval| interval.to_string()) + .unwrap_or_else(|| "default".to_owned()) + ); + Ok(()) + } + + fn process_wireguard_rotation_interval_set(matches: &clap::ArgMatches<'_>) -> Result<()> { + let rotate_interval = + value_t!(matches.value_of("interval"), u32).unwrap_or_else(|e| e.exit()); + let mut rpc = new_rpc_client()?; + rpc.set_wireguard_rotation_interval(Some(rotate_interval))?; + println!("Set key rotation interval: {} hour(s)", rotate_interval); + Ok(()) + } + + fn process_wireguard_rotation_interval_reset() -> Result<()> { + let mut rpc = new_rpc_client()?; + rpc.set_wireguard_rotation_interval(None)?; + println!("Set key rotation interval: default"); + Ok(()) + } + fn handle_ipv6_cmd(matches: &clap::ArgMatches<'_>) -> Result<()> { if matches.subcommand_matches("get").is_some() { Self::process_ipv6_get() |