wg: don't insist on having a private key

This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/src/config.c b/src/config.c
index 30e004c0e1dc6a0e947c7972878379d7377d8cf7..ec16e2641cec0720f0e7733c925bb2d45773f65f 100644 (file)
--- a/src/config.c
+++ b/src/config.c
@@ -384,11 +384,6 @@ bool config_read_init(struct config_ctx *ctx, bool append)
 struct wgdevice *config_read_finish(struct config_ctx *ctx)
 {
        struct wgpeer *peer;
-       if (ctx->device->flags & WGDEVICE_REPLACE_PEERS && key_is_zero(ctx->device->private_key)) {
-               fprintf(stderr, "No private key is configured\n");
-               goto err;
-       }
-
        for_each_wgpeer (ctx->device, peer) {
                if (key_is_zero(peer->public_key)) {
                        fprintf(stderr, "A peer is missing a public key\n");