From: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Mon, 16 Oct 2017 01:17:12 +0000 (+0200)
Subject: wg: don't insist on having a private key
X-Git-Tag: v1.0.20191226~202
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=65db14706bd895ecb34106a719c499ef2d75f166;p=thirdparty%2Fwireguard-tools.git

wg: don't insist on having a private key

This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---

diff --git a/src/config.c b/src/config.c
index 30e004c..ec16e26 100644
--- a/src/config.c
+++ b/src/config.c
@@ -384,11 +384,6 @@ bool config_read_init(struct config_ctx *ctx, bool append)
 struct wgdevice *config_read_finish(struct config_ctx *ctx)
 {
 	struct wgpeer *peer;
-	if (ctx->device->flags & WGDEVICE_REPLACE_PEERS && key_is_zero(ctx->device->private_key)) {
-		fprintf(stderr, "No private key is configured\n");
-		goto err;
-	}
-
 	for_each_wgpeer (ctx->device, peer) {
 		if (key_is_zero(peer->public_key)) {
 			fprintf(stderr, "A peer is missing a public key\n");