making dual stack addressing work client side

logic/wireguard.go

@@ -150,9 +150,22 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 			logger.Log(0, "failed to get network"+err.Error())
 			return err
 		}
-		net := strings.Split(network.AddressRange, "/")
-		mask := net[len(net)-1]
-		setKernelDevice(ifacename, node.Address, mask)
+		var address4 string
+		var address6 string
+		var mask4 string
+		var mask6 string
+		if network.AddressRange != "" {
+			net := strings.Split(network.AddressRange, "/")
+			mask4 = net[len(net)-1]
+			address4 = node.Address
+		}
+		if network.AddressRange6 != "" {
+			net := strings.Split(network.AddressRange6, "/")
+			mask6 = net[len(net)-1]
+			address6 = node.Address
+		}
+
+		setKernelDevice(ifacename, address4, mask4, address6, mask6)
 	}
 
 	nodeport := int(node.ListenPort)
@@ -247,7 +260,7 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 	return err
 }
 
-func setKernelDevice(ifacename, address, mask string) error {
+func setKernelDevice(ifacename, address4, mask4, address6, mask6 string) error {
 	ipExec, err := exec.LookPath("ip")
 	if err != nil {
 		return err
@@ -256,7 +269,12 @@ func setKernelDevice(ifacename, address, mask string) error {
 	// == best effort ==
 	ncutils.RunCmd("ip link delete dev "+ifacename, false)
 	ncutils.RunCmd(ipExec+" link add dev "+ifacename+" type wireguard", true)
-	ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address+"/"+mask, true) // this was a bug waiting to happen
+	if address4 != "" {
+		ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address4+"/"+mask4, true)
+	}
+	if address6 != "" {
+		ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address6+"/"+mask6, true)
+	}
 
 	return nil
 }

netclient/wireguard/common.go

@@ -328,12 +328,14 @@ func WriteWgConfig(node *models.Node, privateKey string, peers []wgtypes.PeerCon
 	if node.ListenPort > 0 && node.UDPHolePunch != "yes" {
 		wireguard.Section(section_interface).Key("ListenPort").SetValue(strconv.Itoa(int(node.ListenPort)))
 	}
-	if node.Address != "" {
-		wireguard.Section(section_interface).Key("Address").SetValue(node.Address)
-	}
+	addrString := node.Address
 	if node.Address6 != "" {
-		wireguard.Section(section_interface).Key("Address").SetValue(node.Address6)
+		if addrString != "" {
+			addrString += ","
+		}
+		addrString += node.Address6
 	}
+	wireguard.Section(section_interface).Key("Address").SetValue(addrString)
 	// need to figure out DNS
 	//if node.DNSOn == "yes" {
 	//	wireguard.Section(section_interface).Key("DNS").SetValue(cfg.Server.CoreDNSAddr)

netclient/wireguard/noquick.go

@@ -51,14 +51,18 @@ func ApplyWithoutWGQuick(node *models.Node, ifacename string, confPath string) e
 			ListenPort: &nodeport,
 		}
 	}
-
+	var address4 string
+	var address6 string
+	var mask4 string
+	var mask6 string
 	if node.Address != "" {
 		netmaskArr := strings.Split(node.NetworkSettings.AddressRange, "/")
 		var netmask = "32"
 		if len(netmaskArr) == 2 {
 			netmask = netmaskArr[1]
 		}
-		setKernelDevice(ifacename, node.Address, netmask)
+		mask4 = netmask
+		address4 = node.Address
 	}
 	if node.Address6 != "" {
 		netmaskArr := strings.Split(node.NetworkSettings.AddressRange6, "/")
@@ -66,8 +70,11 @@ func ApplyWithoutWGQuick(node *models.Node, ifacename string, confPath string) e
 		if len(netmaskArr) == 2 {
 			netmask = netmaskArr[1]
 		}
-		setKernelDevice(ifacename, node.Address6, netmask)
+		mask6 = netmask
+		address6 = node.Address
 	}
+	setKernelDevice(ifacename, address4, mask4, address6, mask6)
+
 	_, err = wgclient.Device(ifacename)
 	if err != nil {
 		if !os.IsNotExist(err) {
@@ -134,7 +141,7 @@ func RemoveWithoutWGQuick(ifacename string) error {
 	return err
 }
 
-func setKernelDevice(ifacename, address, mask string) error {
+func setKernelDevice(ifacename, address4, mask4, address6, mask6 string) error {
 	ipExec, err := exec.LookPath("ip")
 	if err != nil {
 		return err
@@ -143,7 +150,11 @@ func setKernelDevice(ifacename, address, mask string) error {
 	// == best effort ==
 	ncutils.RunCmd("ip link delete dev "+ifacename, false)
 	ncutils.RunCmd(ipExec+" link add dev "+ifacename+" type wireguard", true)
-	ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address+"/"+mask, true) // this was a bug waiting to happen
-
+	if address4 != "" {
+		ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address4+"/"+mask4, true)
+	}
+	if address6 != "" {
+		ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address6+"/"+mask6, true)
+	}
 	return nil
 }