From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 22 May 2023 05:15:49 +0000 (+0900)
Subject: network/wireguard: make AllowedIPs= cleared by specifying an empty string
X-Git-Tag: v254-rc1~425^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=54189b2ec395e1dc2808618c2b6238798e8fa0c7;p=thirdparty%2Fsystemd.git

network/wireguard: make AllowedIPs= cleared by specifying an empty string
---

diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 51e7e029901..ffc6452bbfe 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -34,9 +34,18 @@
 static void wireguard_resolve_endpoints(NetDev *netdev);
 static int peer_resolve_endpoint(WireguardPeer *peer);
 
-static WireguardPeer* wireguard_peer_free(WireguardPeer *peer) {
+static void wireguard_peer_clear_ipmasks(WireguardPeer *peer) {
         WireguardIPmask *mask;
 
+        assert(peer);
+
+        while ((mask = peer->ipmasks)) {
+                LIST_REMOVE(ipmasks, peer->ipmasks, mask);
+                free(mask);
+        }
+}
+
+static WireguardPeer* wireguard_peer_free(WireguardPeer *peer) {
         if (!peer)
                 return NULL;
 
@@ -49,10 +58,7 @@ static WireguardPeer* wireguard_peer_free(WireguardPeer *peer) {
 
         config_section_free(peer->section);
 
-        while ((mask = peer->ipmasks)) {
-                LIST_REMOVE(ipmasks, peer->ipmasks, mask);
-                free(mask);
-        }
+        wireguard_peer_clear_ipmasks(peer);
 
         free(peer->endpoint_host);
         free(peer->endpoint_port);
@@ -685,6 +691,12 @@ int config_parse_wireguard_allowed_ips(
         if (r < 0)
                 return log_oom();
 
+        if (isempty(rvalue)) {
+                wireguard_peer_clear_ipmasks(peer);
+                TAKE_PTR(peer);
+                return 0;
+        }
+
         for (const char *p = rvalue;;) {
                 _cleanup_free_ char *word = NULL;
                 union in_addr_union masked;