wg: don't insist on having a private key

This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2017-10-16 03:17:12 +02:00
parent 085796b210
commit 65db14706b

View file

@ -384,11 +384,6 @@ bool config_read_init(struct config_ctx *ctx, bool append)
struct wgdevice *config_read_finish(struct config_ctx *ctx) struct wgdevice *config_read_finish(struct config_ctx *ctx)
{ {
struct wgpeer *peer; struct wgpeer *peer;
if (ctx->device->flags & WGDEVICE_REPLACE_PEERS && key_is_zero(ctx->device->private_key)) {
fprintf(stderr, "No private key is configured\n");
goto err;
}
for_each_wgpeer (ctx->device, peer) { for_each_wgpeer (ctx->device, peer) {
if (key_is_zero(peer->public_key)) { if (key_is_zero(peer->public_key)) {
fprintf(stderr, "A peer is missing a public key\n"); fprintf(stderr, "A peer is missing a public key\n");