From 92991938af46be631759e3c99748521252c42e62 Mon Sep 17 00:00:00 2001 From: ntozaks Date: Mon, 28 Jul 2025 12:14:01 -0600 Subject: [PATCH 1/6] initial PSK support --- src/cmd/configure.go | 12 ++++++++++++ src/cmd/serve.go | 11 +++++++++++ src/peer/config.go | 31 +++++++++++++++++++++++++++++++ src/peer/peer_config.go | 6 ++++++ 4 files changed, 60 insertions(+) diff --git a/src/cmd/configure.go b/src/cmd/configure.go index 415175d..5446e09 100644 --- a/src/cmd/configure.go +++ b/src/cmd/configure.go @@ -38,6 +38,7 @@ type configureCmdConfig struct { mtu int disableV6 bool localhostIP string + generatePSK bool } // Defaults for configure command. @@ -66,6 +67,7 @@ var configureCmdArgs = configureCmdConfig{ mtu: MTU, disableV6: false, localhostIP: "", + generatePSK: false, } // configureCmd represents the configure command. @@ -89,6 +91,7 @@ func init() { configureCmd.Flags().IntVarP(&configureCmdArgs.sport, "sport", "S", configureCmdArgs.sport, "listener port for server wireguard relay. Default is to copy the --outbound-endpoint port, or fallback to 51820") configureCmd.Flags().StringVarP(&configureCmdArgs.nickname, "nickname", "n", configureCmdArgs.nickname, "Server nickname to display in 'status' command") configureCmd.Flags().StringVarP(&configureCmdArgs.localhostIP, "localhost-ip", "i", configureCmdArgs.localhostIP, "[EXPERIMENTAL] Redirect wiretap packets destined for this IPv4 address to server's localhost") + configureCmd.Flags().BoolVarP(&configureCmdArgs.generatePSK, "PSK", "K", configureCmdArgs.generatePSK, "generates a preshared key") configureCmd.Flags().StringVarP(&configureCmdArgs.configFileRelay, "relay-output", "", configureCmdArgs.configFileRelay, "wireguard relay config output filename") configureCmd.Flags().StringVarP(&configureCmdArgs.configFileE2EE, "e2ee-output", "", configureCmdArgs.configFileE2EE, "wireguard E2EE config output filename") @@ -223,6 +226,15 @@ func (c configureCmdConfig) Run() { Peers: []peer.PeerConfigArgs{ { PublicKey: serverConfigRelay.GetPublicKey(), + PresharedKey: func() string { + if c.generatePSK { + err = serverConfigRelay.GenPresharedKey() + check("failed to generate preshared key", err) + return serverConfigRelay.GetPresharedKey() + } else { + return "" + } + }(), AllowedIPs: func() []string { if c.simple { return c.allowedIPs diff --git a/src/cmd/serve.go b/src/cmd/serve.go index 2639c2a..6ba676a 100644 --- a/src/cmd/serve.go +++ b/src/cmd/serve.go @@ -164,6 +164,7 @@ func init() { // Deprecated flags, kept for backwards compatibility. cmd.Flags().StringP("private-relay", "", "", "wireguard private key for relay interface") cmd.Flags().StringP("public-relay", "", "", "wireguard public key of remote peer for relay interface") + cmd.Flags().StringP("preshared-relay", "", "", "wireguard preshared key of remote peer for relay interface") cmd.Flags().StringP("private-e2ee", "", "", "wireguard private key for E2EE interface") cmd.Flags().StringP("public-e2ee", "", "", "wireguard public key of remote peer for E2EE interface") cmd.Flags().StringP("endpoint-relay", "", wiretapDefault.endpointRelay, "socket address of remote peer that server will connect to (example \"1.2.3.4:51820\")") @@ -188,6 +189,8 @@ func init() { err = viper.BindPFlag("Relay.Peer.publickey", cmd.Flags().Lookup("public-relay")) check("error binding flag to viper", err) + err = viper.BindPFlag("Relay.Peer.presharedkey", cmd.Flags().Lookup("preshared-relay")) + check("error binding flag to viper", err) err = viper.BindPFlag("Relay.Peer.endpoint", cmd.Flags().Lookup("endpoint-relay")) check("error binding flag to viper", err) err = viper.BindPFlag("Relay.Peer.allowed", cmd.Flags().Lookup("allowed")) @@ -238,6 +241,7 @@ func init() { "ipv6-e2ee-client", "private-relay", "public-relay", + "preshared-relay", "private-e2ee", "public-e2ee", "endpoint-relay", @@ -361,6 +365,13 @@ func (c serveCmdConfig) Run() { return 0 } }(), + PresharedKey: func() string { + if len(viper.GetString("Relay.Peer.presharedkey")) > 0 { + return viper.GetString("Relay.Peer.presharedkey") + } else { + return "" + } + }(), AllowedIPs: aips, }, }, diff --git a/src/peer/config.go b/src/peer/config.go index c8d5968..7fa1378 100644 --- a/src/peer/config.go +++ b/src/peer/config.go @@ -19,6 +19,7 @@ type Config struct { peers []PeerConfig addresses []net.IPNet localhostIP string + presharedKey *wgtypes.Key } type configJSON struct { @@ -27,6 +28,7 @@ type configJSON struct { Peers []PeerConfig Addresses []net.IPNet LocalhostIP string + PresharedKey *wgtypes.Key } type ConfigArgs struct { @@ -38,6 +40,7 @@ type ConfigArgs struct { Peers []PeerConfigArgs Addresses []string LocalhostIP string + PresharedKey string } type Shell uint @@ -193,6 +196,8 @@ func ParseConfig(filename string) (c Config, err error) { err = newPeer.SetAllowedIPs(strings.Split(value, ",")) case "publickey": err = newPeer.SetPublicKey(value) + case "presharedkey": + err = newPeer.SetPresharedKey(value) case "persistentkeepalive": keepalive, e := strconv.Atoi(value) if e != nil { @@ -233,6 +238,7 @@ func (c *Config) MarshalJSON() ([]byte, error) { c.peers, c.addresses, c.localhostIP, + c.presharedKey, }) } @@ -248,6 +254,7 @@ func (c *Config) UnmarshalJSON(b []byte) error { c.peers = tmp.Peers c.addresses = tmp.Addresses c.localhostIP = tmp.LocalhostIP + c.presharedKey = tmp.PresharedKey return nil } @@ -266,6 +273,19 @@ func (c *Config) GetPrivateKey() string { return c.config.PrivateKey.String() } +func (c* Config) GenPresharedKey() error { + key, err := wgtypes.GenerateKey() + if err != nil { + return err + } + c.presharedKey = &key + return nil +} + +func (c* Config) GetPresharedKey() string { + return c.presharedKey.String() +} + func (c *Config) SetPort(port int) error { if port < 1 || port > 65535 { return errors.New("invalid port") @@ -439,6 +459,9 @@ func (c *Config) AsShareableFile() string { s.WriteString("[Peer]\n") s.WriteString(fmt.Sprintf("PublicKey = %s\n", c.config.PrivateKey.PublicKey().String())) + if len(c.presharedKey) > 0 { + s.WriteString(fmt.Sprintf("PresharedKey = %s\n", c.presharedKey.String())) + } s.WriteString("AllowedIPs = 0.0.0.0/32\n") return s.String() @@ -487,6 +510,11 @@ func CreateServerCommand(relayConfig Config, e2eeConfig Config, shell Shell, sim // Relay Peer. keys = append(keys, "WIRETAP_RELAY_PEER_PUBLICKEY") vals = append(vals, relayConfig.GetPeerPublicKey(0)) + + if len(relayConfig.GetPresharedKey()) > 0 { + keys = append(keys, "WIRETAP_RELAY_PEER_PRESHAREDKEY") + vals = append(vals, relayConfig.GetPresharedKey()) + } if len(relayConfig.peers) > 0 && len(relayConfig.peers[0].config.AllowedIPs) > 0 { keys = append(keys, "WIRETAP_RELAY_PEER_ALLOWED") @@ -587,6 +615,9 @@ func CreateServerFile(relayConfig Config, e2eeConfig Config, simple bool) string } s.WriteString(fmt.Sprintf("PublicKey = %s\n", relayConfig.GetPeerPublicKey(0))) + if len(relayConfig.GetPresharedKey()) > 0 { + s.WriteString(fmt.Sprintf("PresharedKey = %s\n", relayConfig.GetPresharedKey())) + } if len(relayConfig.GetPeerEndpoint(0)) > 0 { s.WriteString(fmt.Sprintf("Endpoint = %s\n", relayConfig.GetPeerEndpoint(0))) } diff --git a/src/peer/peer_config.go b/src/peer/peer_config.go index 7cc4064..dc5e9cf 100644 --- a/src/peer/peer_config.go +++ b/src/peer/peer_config.go @@ -265,6 +265,9 @@ func (p *PeerConfig) AsFile() string { s.WriteString(fmt.Sprintf("PublicKey = %s\n", p.config.PublicKey.String())) + if p.config.PresharedKey != nil { + s.WriteString(fmt.Sprintf("PresharedKey = %s\n", p.config.PresharedKey.String())) + } ips := []string{} for _, a := range p.config.AllowedIPs { ips = append(ips, a.String()) @@ -286,6 +289,9 @@ func (p *PeerConfig) AsIPC() string { var s strings.Builder s.WriteString(fmt.Sprintf("public_key=%s\n", hex.EncodeToString(p.config.PublicKey[:]))) + if len(p.config.PresharedKey) != 0 { + s.WriteString(fmt.Sprintf("preshared_key=%s\n", p.config.PresharedKey.String())) + } if p.config.Endpoint != nil { s.WriteString(fmt.Sprintf("endpoint=%s\n", p.config.Endpoint.String())) } From 8032c2638d8c7747ba203b5728c1192fddacf6cf Mon Sep 17 00:00:00 2001 From: ntozaks Date: Tue, 29 Jul 2025 16:00:31 -0600 Subject: [PATCH 2/6] pointer dereferencing --- src/peer/config.go | 6 +++--- src/peer/peer_config.go | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/peer/config.go b/src/peer/config.go index 7fa1378..d03fa05 100644 --- a/src/peer/config.go +++ b/src/peer/config.go @@ -459,7 +459,7 @@ func (c *Config) AsShareableFile() string { s.WriteString("[Peer]\n") s.WriteString(fmt.Sprintf("PublicKey = %s\n", c.config.PrivateKey.PublicKey().String())) - if len(c.presharedKey) > 0 { + if c.presharedKey != nil { s.WriteString(fmt.Sprintf("PresharedKey = %s\n", c.presharedKey.String())) } s.WriteString("AllowedIPs = 0.0.0.0/32\n") @@ -511,7 +511,7 @@ func CreateServerCommand(relayConfig Config, e2eeConfig Config, shell Shell, sim keys = append(keys, "WIRETAP_RELAY_PEER_PUBLICKEY") vals = append(vals, relayConfig.GetPeerPublicKey(0)) - if len(relayConfig.GetPresharedKey()) > 0 { + if relayConfig.presharedKey != nil { keys = append(keys, "WIRETAP_RELAY_PEER_PRESHAREDKEY") vals = append(vals, relayConfig.GetPresharedKey()) } @@ -615,7 +615,7 @@ func CreateServerFile(relayConfig Config, e2eeConfig Config, simple bool) string } s.WriteString(fmt.Sprintf("PublicKey = %s\n", relayConfig.GetPeerPublicKey(0))) - if len(relayConfig.GetPresharedKey()) > 0 { + if relayConfig.presharedKey != nil { s.WriteString(fmt.Sprintf("PresharedKey = %s\n", relayConfig.GetPresharedKey())) } if len(relayConfig.GetPeerEndpoint(0)) > 0 { diff --git a/src/peer/peer_config.go b/src/peer/peer_config.go index dc5e9cf..74614ae 100644 --- a/src/peer/peer_config.go +++ b/src/peer/peer_config.go @@ -289,8 +289,8 @@ func (p *PeerConfig) AsIPC() string { var s strings.Builder s.WriteString(fmt.Sprintf("public_key=%s\n", hex.EncodeToString(p.config.PublicKey[:]))) - if len(p.config.PresharedKey) != 0 { - s.WriteString(fmt.Sprintf("preshared_key=%s\n", p.config.PresharedKey.String())) + if p.config.PresharedKey != nil { + s.WriteString(fmt.Sprintf("preshared_key=%s\n", hex.EncodeToString(p.config.PresharedKey[:]))) } if p.config.Endpoint != nil { s.WriteString(fmt.Sprintf("endpoint=%s\n", p.config.Endpoint.String())) From a1c515a7952851c5870bec99898cd6f8f3e30d32 Mon Sep 17 00:00:00 2001 From: ntozaks Date: Thu, 31 Jul 2025 11:15:02 -0600 Subject: [PATCH 3/6] merge main and ptr check --- src/cmd/add_client.go | 2 +- src/cmd/add_server.go | 2 +- src/cmd/serve.go | 11 ++++++++++- src/peer/config.go | 13 +++++++++---- src/peer/peer_config.go | 32 +++++++++++++++++++++++++------- 5 files changed, 46 insertions(+), 14 deletions(-) diff --git a/src/cmd/add_client.go b/src/cmd/add_client.go index b07d11f..e0d7e49 100644 --- a/src/cmd/add_client.go +++ b/src/cmd/add_client.go @@ -50,7 +50,7 @@ var addClientCmd = &cobra.Command{ func init() { addCmd.AddCommand(addClientCmd) - addClientCmd.Flags().StringVarP(&addClientCmdArgs.serverAddress, "server-address", "s", addClientCmdArgs.serverAddress, "API address of server that new client will connect to. By default new clients connect to existing relay servers") + addClientCmd.Flags().StringVarP(&addClientCmdArgs.serverAddress, "server-address", "s", addClientCmdArgs.serverAddress, "API address or nickname of server that new client will connect to. By default new clients connect to existing relay servers") addClientCmd.Flags().IntVarP(&addClientCmdArgs.port, "port", "p", addClientCmdArgs.port, "port of wireguard listener to start; server port if --outbound-endpoint, client port otherwise. Default is the port specified in --endpoint") addClientCmd.Flags().IntVarP(&addClientCmdArgs.mtu, "mtu", "m", addClientCmdArgs.mtu, "tunnel MTU") diff --git a/src/cmd/add_server.go b/src/cmd/add_server.go index 458c8fb..dd724ef 100644 --- a/src/cmd/add_server.go +++ b/src/cmd/add_server.go @@ -55,7 +55,7 @@ func init() { addCmd.AddCommand(addServerCmd) addServerCmd.Flags().StringSliceVarP(&addServerCmdArgs.allowedIPs, "routes", "r", addServerCmdArgs.allowedIPs, "[REQUIRED] CIDR IP ranges that will be routed through wiretap") - addServerCmd.Flags().StringVarP(&addServerCmdArgs.serverAddress, "server-address", "s", addServerCmdArgs.serverAddress, "API address of server that new server will connect to, connects to client by default") + addServerCmd.Flags().StringVarP(&addServerCmdArgs.serverAddress, "server-address", "s", addServerCmdArgs.serverAddress, "API address or nickname of server that new server will connect to, connects to client by default") addServerCmd.Flags().IntVarP(&addServerCmdArgs.port, "port", "p", addServerCmdArgs.port, "listener port to start on new server for wireguard relay. If --outbound-endpoint, default is the port specified in --outbound-endpoint; otherwise default is 51820") addServerCmd.Flags().StringVarP(&addServerCmdArgs.nickname, "nickname", "n", addServerCmdArgs.nickname, "Server nickname to display in 'status' command") addServerCmd.Flags().StringVarP(&addServerCmdArgs.localhostIP, "localhost-ip", "i", addServerCmdArgs.localhostIP, "[EXPERIMENTAL] Redirect wiretap packets destined for this IPv4 address to server's localhost") diff --git a/src/cmd/serve.go b/src/cmd/serve.go index 6ba676a..b116c1b 100644 --- a/src/cmd/serve.go +++ b/src/cmd/serve.go @@ -5,6 +5,7 @@ import ( "fmt" "io" "log" + "net" "net/netip" "os" "slices" @@ -357,7 +358,15 @@ func (c serveCmdConfig) Run() { Peers: []peer.PeerConfigArgs{ { PublicKey: viper.GetString("Relay.Peer.publickey"), - Endpoint: viper.GetString("Relay.Peer.endpoint"), + Endpoint: func() string { + if len(viper.GetString("Relay.Peer.endpoint")) > 0 { + endpoint, err := net.ResolveUDPAddr("udp", (viper.GetString("Relay.Peer.endpoint"))) + check("failed to resolve endpoint DNS name for '" + viper.GetString("Relay.Peer.endpoint") + "'", err) + return endpoint.String() + } else { + return "" + } + }(), PersistentKeepaliveInterval: func() int { if len(viper.GetString("Relay.Peer.endpoint")) > 0 { return viper.GetInt("Relay.Peer.keepalive") diff --git a/src/peer/config.go b/src/peer/config.go index d03fa05..9493b03 100644 --- a/src/peer/config.go +++ b/src/peer/config.go @@ -283,7 +283,11 @@ func (c* Config) GenPresharedKey() error { } func (c* Config) GetPresharedKey() string { - return c.presharedKey.String() + if c.presharedKey != nil { + return c.presharedKey.String() + } else { + return "" + } } func (c *Config) SetPort(port int) error { @@ -398,14 +402,15 @@ func (c *Config) GetPeerPublicKey(i int) string { func (c *Config) GetPeerEndpoint(i int) string { if len(c.peers) > i { + endpointDNS := c.peers[i].endpointDNS + if endpointDNS != "" { + return endpointDNS + } endpoint := c.peers[i].config.Endpoint if endpoint != nil { return endpoint.String() } - - return "" } - return "" } diff --git a/src/peer/peer_config.go b/src/peer/peer_config.go index 74614ae..627dae3 100644 --- a/src/peer/peer_config.go +++ b/src/peer/peer_config.go @@ -15,6 +15,7 @@ import ( type PeerConfig struct { config wgtypes.PeerConfig privateKey *wgtypes.Key + endpointDNS string nickname string } @@ -22,6 +23,7 @@ type peerConfigJSON struct { Config wgtypes.PeerConfig PrivateKey *wgtypes.Key Nickname string + EndpointDNS string } type PeerConfigArgs struct { @@ -87,7 +89,7 @@ func GetPeerConfig(args PeerConfigArgs) (PeerConfig, error) { return PeerConfig{}, err } } - + if args.Nickname != "" { err = c.SetNickname(args.Nickname) if err != nil { @@ -109,7 +111,7 @@ func NewPeerConfig() (PeerConfig, error) { PublicKey: privateKey.PublicKey(), }, privateKey: &privateKey, - nickname: "", + nickname: "", }, nil } @@ -118,6 +120,7 @@ func (p *PeerConfig) MarshalJSON() ([]byte, error) { p.config, p.privateKey, p.nickname, + p.endpointDNS, }) } @@ -132,6 +135,7 @@ func (p *PeerConfig) UnmarshalJSON(b []byte) error { p.config = tmp.Config p.privateKey = tmp.PrivateKey p.nickname = tmp.Nickname + p.endpointDNS = tmp.EndpointDNS return nil } @@ -170,12 +174,20 @@ func (p *PeerConfig) SetPresharedKey(presharedKey string) error { } func (p *PeerConfig) SetEndpoint(addr string) error { - endpoint, err := net.ResolveUDPAddr("udp", addr) + host, _, err := net.SplitHostPort(addr) if err != nil { return err } - - p.config.Endpoint = endpoint + ip := net.ParseIP(host) + if ip != nil { + endpoint, err := net.ResolveUDPAddr("udp", addr) + if err != nil { + return err + } + p.config.Endpoint = endpoint + } else { + p.endpointDNS = addr + } return nil } @@ -258,11 +270,11 @@ func (p *PeerConfig) SetNickname(nickname string) error { func (p *PeerConfig) AsFile() string { var s strings.Builder s.WriteString("[Peer]\n") - + if p.nickname != "" { s.WriteString(fmt.Sprintf("%s Nickname = %s\n", CUSTOM_PREFIX, p.nickname)) } - + s.WriteString(fmt.Sprintf("PublicKey = %s\n", p.config.PublicKey.String())) if p.config.PresharedKey != nil { @@ -278,6 +290,9 @@ func (p *PeerConfig) AsFile() string { if p.config.Endpoint != nil { s.WriteString(fmt.Sprintf("Endpoint = %s\n", p.config.Endpoint.String())) } + if p.endpointDNS != "" { + s.WriteString(fmt.Sprintf("Endpoint = %s\n", p.endpointDNS)) + } if p.config.PersistentKeepaliveInterval != nil { s.WriteString(fmt.Sprintf("PersistentKeepalive = %d\n", *p.config.PersistentKeepaliveInterval/time.Second)) } @@ -295,6 +310,9 @@ func (p *PeerConfig) AsIPC() string { if p.config.Endpoint != nil { s.WriteString(fmt.Sprintf("endpoint=%s\n", p.config.Endpoint.String())) } + if p.endpointDNS != "" { + s.WriteString(fmt.Sprintf("endpoint=%s\n", p.endpointDNS)) + } for _, a := range p.config.AllowedIPs { s.WriteString(fmt.Sprintf("allowed_ip=%s\n", a.String())) } From b91744ee37fdf1e5b1cedcc4d3a12d843014c8b1 Mon Sep 17 00:00:00 2001 From: sankofa Date: Tue, 12 Aug 2025 10:21:33 -0600 Subject: [PATCH 4/6] initial PSK support for add server --- src/cmd/add.go | 3 +++ src/cmd/add_server.go | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/src/cmd/add.go b/src/cmd/add.go index e4f392d..5c0db14 100644 --- a/src/cmd/add.go +++ b/src/cmd/add.go @@ -10,6 +10,7 @@ type addCmdConfig struct { endpoint string outboundEndpoint string keepalive int + generatePSK bool } // Defaults for add command. @@ -18,6 +19,7 @@ var addCmdArgs = addCmdConfig{ endpoint: Endpoint, outboundEndpoint: Endpoint, keepalive: Keepalive, + generatePSK: false, } // addCmd represents the add command. @@ -33,6 +35,7 @@ func init() { addCmd.PersistentFlags().StringVarP(&addCmdArgs.endpoint, "endpoint", "e", addCmdArgs.endpoint, "IP:PORT (or [IP]:PORT for IPv6) of wireguard listener that server will connect to (example \"1.2.3.4:51820\")") addCmd.PersistentFlags().StringVarP(&addCmdArgs.outboundEndpoint, "outbound-endpoint", "o", addCmdArgs.outboundEndpoint, "IP:PORT (or [IP]:PORT for IPv6) of wireguard listener that client will connect to (example \"4.3.2.1:51820\"") + addCmd.PersistentFlags().BoolVarP(&addCmdArgs.generatePSK, "PSK", "K", addCmdArgs.generatePSK, "generate a preshared key") addCmd.PersistentFlags().IntVarP(&addCmdArgs.keepalive, "keepalive", "k", addCmdArgs.keepalive, "tunnel keepalive in seconds") diff --git a/src/cmd/add_server.go b/src/cmd/add_server.go index 80d1d56..1400356 100644 --- a/src/cmd/add_server.go +++ b/src/cmd/add_server.go @@ -142,6 +142,16 @@ func (c addServerCmdConfig) Run() { // Add new server as relay peer. serverRelayPeer, err := peer.GetPeerConfig(peer.PeerConfigArgs{ PublicKey: serverConfigRelay.GetPublicKey(), + PresharedKey: func() string { + if addArgs.generatePSK { + err := serverConfigRelay.GenPresharedKey() + check("failed to generate preshared key", err) + return serverConfigRelay.GetPresharedKey() + } else { + return "" + } + }(), + Nickname: c.nickname, AllowedIPs: func() []string { allowedIPs := []string{} for _, prefix := range newRelayPrefixes { From 45b1ba8ac160a29b0a79e7821f4b3bec25ce373c Mon Sep 17 00:00:00 2001 From: sankofa Date: Tue, 12 Aug 2025 10:33:51 -0600 Subject: [PATCH 5/6] removing nickname --- src/cmd/add_server.go | 1 - 1 file changed, 1 deletion(-) diff --git a/src/cmd/add_server.go b/src/cmd/add_server.go index 1400356..97a99b7 100644 --- a/src/cmd/add_server.go +++ b/src/cmd/add_server.go @@ -151,7 +151,6 @@ func (c addServerCmdConfig) Run() { return "" } }(), - Nickname: c.nickname, AllowedIPs: func() []string { allowedIPs := []string{} for _, prefix := range newRelayPrefixes { From e36ddd631c8e053e5c8be81722474800b4739996 Mon Sep 17 00:00:00 2001 From: sankofa Date: Wed, 13 Aug 2025 07:41:44 -0600 Subject: [PATCH 6/6] inital PSK support for add client --- src/cmd/add_client.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/cmd/add_client.go b/src/cmd/add_client.go index 1e5de06..df2c36c 100644 --- a/src/cmd/add_client.go +++ b/src/cmd/add_client.go @@ -198,6 +198,15 @@ func (c addClientCmdConfig) Run() { // Make peer configs to populate server peers. clientPeerConfigRelay, err := peer.GetPeerConfig(peer.PeerConfigArgs{ PublicKey: clientConfigRelay.GetPublicKey(), + PresharedKey: func() string { + if addArgs.generatePSK { + err := clientConfigRelay.GenPresharedKey() + check("failed to generate preshared key", err) + return clientConfigRelay.GetPresharedKey() + } else { + return "" + } + }(), AllowedIPs: func() []string { allowed := []string{} for _, prefix := range clientConfigRelay.GetAddresses() {