From b971f3edcd2502a7872123b5399ffe7baee1c959 Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Fri, 26 Aug 2022 12:21:11 +0200
Subject: [PATCH] add wireguard probe

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 probe.c     | 18 ++++++++++++++++++
 sslh-main.c |  5 +++++
 2 files changed, 23 insertions(+)

diff --git a/probe.c b/probe.c
index fdf9424..bef73af 100644
--- a/probe.c
+++ b/probe.c
@@ -33,6 +33,7 @@
 
 static int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
 static int is_openvpn_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
+static int is_wireguard_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
 static int is_tinc_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
 static int is_xmpp_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
 static int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item*);
@@ -49,6 +50,7 @@ static struct protocol_probe_desc builtins[] = {
     /* description  probe  */
     { "ssh",        is_ssh_protocol},
     { "openvpn",    is_openvpn_protocol },
+    { "wireguard",  is_wireguard_protocol },
     { "tinc",       is_tinc_protocol },
     { "xmpp",       is_xmpp_protocol },
     { "http",       is_http_protocol },
@@ -185,6 +187,22 @@ static int is_openvpn_protocol (const char*p,ssize_t len, struct sslhcfg_protoco
     }
 }
 
+static int is_wireguard_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)
+{
+    if (proto->is_udp == 0)
+        return PROBE_NEXT;
+
+    // Handshake Init: 148 bytes
+    if (len != 148)
+        return PROBE_NEXT;
+
+    // Handshake Init: p[0] = 0x01, p[1..3] = 0x000000 (reserved)
+    if (ntohl(*(uint32_t*)p) != 0x01000000)
+        return PROBE_NEXT;
+
+    return PROBE_MATCH;
+}
+
 /* Is the buffer the beginning of a tinc connections?
  * Protocol is documented here: http://www.tinc-vpn.org/documentation/tinc.pdf
  * First connection starts with "0 " in 1.0.15)
diff --git a/sslh-main.c b/sslh-main.c
index 0009498..b5ead6d 100644
--- a/sslh-main.c
+++ b/sslh-main.c
@@ -202,6 +202,11 @@ void config_sanity_check(struct sslhcfg_item* cfg)
                               cfg->protocols[i].name, cfg->protocols[i].host, cfg->protocols[i].port);
                 exit(1);
             }
+        } else {
+            if (!strcmp(cfg->protocols[i].name, "wireguard")) {
+                print_message(msg_config_error, "Wireguard works only with UDP\n");
+                exit(1);
+            }
         }
     }
 }