Page MenuHomeVyOS Platform

Wireguard Remove Peer Fails
Closed, ResolvedPublicBUG

Description

While trying to set up Wireguard interface and its peers, I had a question in my mind that can we remove peers, other than just disabling it? After executing delete interfaces wireguard wg0 peer Example, everything seemed fine until commiting and saving which returned error.

The error contained these: cmd 'wg set wg0 peer ['ebFx/1G0ti8tvuZd94sEIosAZZIznX+dBAKG/8DFm0I='] remove' and Key is not the correct length or format: '[ebFx/1G0ti8tvuZd94sEIosAZZIznX+dBAKG/8DFm0I=]'. There is also a stack trace corresponding to this:

File "/usr/libexec/vyos/conf_mode/interfaces-wireguard.py", line 117, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-wireguard.py", line 109, in apply
    w.update(wireguard)
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/wireguard.py", line 185, in update
    self._cmd(cmd.format(**peer))
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 51, in _cmd
    return cmd(command, self.debug)
  File "/usr/lib/python3/dist-packages/vyos/util.py", line 179, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: wg set wg0 peer ['ebFx/1G0ti8tvuZd94sEIosAZZIznX+dBAKG/8DFm0I='] remove

As a person who is also interested in coding, I have checked out here and seen that peer_config variable is a list type. Hence, during command formatting process, it is formatted in a wrong way. One easy solution can be taking first and only element of the array (since one peer can only have one pubkey) at this line.

Details

Difficulty level
Easy (less than an hour)
Version
VyOS 1.3-rolling-202009270004
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

orhanasan changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.
Viacheslav changed the task status from Open to Confirmed.Sep 30 2020, 12:11 PM

To reproduce this bug

set interfaces wireguard wg0 address 10.200.200.1/24
set interfaces wireguard wg0 peer PEER01 allowed-ips 10.205.212.10/32
set interfaces wireguard wg0 peer PEER01 address 192.168.1.254
set interfaces wireguard wg0 peer PEER01 port 12345
set interfaces wireguard wg0 peer PEER01 pubkey 'n1CUsmR0M2LUUsyicBd6blZICwUqqWWHbu4ifZ2/9gk='


set interfaces wireguard wg0 peer PEER02 allowed-ips 10.205.212.11/32
set interfaces wireguard wg0 peer PEER02 address 192.168.1.55
set interfaces wireguard wg0 peer PEER02 port 12345
set interfaces wireguard wg0 peer PEER02 pubkey 'ebFx/1G0ti8tvuZd94sEIosAZZIznX+dBAKG/8DFm0I='

And delete any peer

[edit]
vyos@r4-roll# delete interfaces wireguard wg0 peer PEER01
[edit]
vyos@r4-roll# commit
[ interfaces wireguard wg0 ]

Report Time:      2020-09-30 12:12:02
Image Version:    VyOS 1.3-rolling-202009300117
Release Train:    equuleus

Built by:         autobuild@vyos.net
Built on:         Wed 30 Sep 2020 01:17 UTC
Build UUID:       5389d291-d2be-4c52-8f78-43cc7201c749
Build Commit ID:  a058b040f1d406

Architecture:     x86_64
Boot via:         installed image
System type:      KVM guest

Hardware vendor:  QEMU
Hardware model:   Standard PC (Q35 + ICH9, 2009)
Hardware S/N:     
Hardware UUID:    6b0ccb9b-288c-4dea-9335-cef51763f9da

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-wireguard.py", line 117, in <module>
    apply(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-wireguard.py", line 109, in apply
    w.update(wireguard)
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/wireguard.py", line 185, in update
    self._cmd(cmd.format(**peer))
  File "/usr/lib/python3/dist-packages/vyos/ifconfig/control.py", line 51, in _cmd
    return cmd(command, self.debug)
  File "/usr/lib/python3/dist-packages/vyos/util.py", line 179, in cmd
    raise OSError(code, feedback)
PermissionError: [Errno 1] failed to run command: wg set wg0 peer ['n1CUsmR0M2LUUsyicBd6blZICwUqqWWHbu4ifZ2/9gk='] remove
returned: 
exit code: 1

noteworthy:
cmd 'wg set wg0 peer ['n1CUsmR0M2LUUsyicBd6blZICwUqqWWHbu4ifZ2/9gk='] remove'
returned (out):

returned (err):
Key is not the correct length or format: `[n1CUsmR0M2LUUsyicBd6blZICwUqqWWHbu4ifZ2/9gk=]'

[[interfaces wireguard wg0]] failed
Commit failed
[edit]
vyos@r4-roll#
erkin set Issue type to Bug (incorrect behavior).Aug 29 2021, 12:48 PM
erkin removed a subscriber: Active contributors.