Aaron Jones
48a31572f1
wg-quick: bring interface up while setting MTU
...
This avoids another ip(8) invocation for little benefit.
Confirmed to work with iproute2 and busybox.
Signed-off-by: Aaron Jones <aaronmdjones@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-18 14:41:27 +01:00
Jason A. Donenfeld
7e106d3a4c
wg-quick: android: do not choke on empty allowed-ips
...
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-11 22:15:01 -05:00
Jason A. Donenfeld
4410c87c39
wg-quick: wait for interface to disappear on freebsd
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-13 01:55:31 +02:00
Jason A. Donenfeld
cef7ac9ef9
global: put SPDX identifier on its own line
...
The kernel has very specific rules correlating file type with comment
type, and also SPDX identifiers can't be merged with other comments.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20 19:41:22 +02:00
Jason A. Donenfeld
b2ec7892c8
wg-quick: check correct variable for route deduplication
...
Reported-by: John Sager <john@sager.me.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-21 15:42:17 -07:00
Jason A. Donenfeld
ffcc09358e
wg-quick: darwin: prefer system paths for tools
...
The only things wg-quick(8) needs from Homebrew are bash(1) and wg(8).
Other than that, it's explicitly coded against the native system
utilities. Since wg-quick(8) and bash(1) are invoked in auto_su by their
full absolute path (via $SELF and $BASH, respectively), we can simply
set the $PATH to be prefixed by the default system binary paths. This
way, if users install tools that conflict with system tools -- such as
GNU coreutils -- we won't accidently call those.
Reported-by: Deirdre Connolly <durumcrustulum@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-12 00:28:28 -07:00
Jason A. Donenfeld
544d965d5f
wg-quick: android: remove compat code
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
Jason A. Donenfeld
f621f36800
wg-quick: android: allow package to be overridden
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
Jason A. Donenfeld
4349005f4e
wg-quick: allow link local default gateway
...
It's unclear why it was like this in the first place, but it apparently
broke certain IPv6 setups.
Reported-by: Jonas Blahut <j@die-blahuts.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-16 17:27:00 +02:00
Jason A. Donenfeld
4367cd0d3d
wg-quick: android: support excluding applications
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-05 19:26:13 +02:00
Jason A. Donenfeld
b3b6d97db8
wg-quick: android: prevent outgoing handshake packets from being dropped
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-25 16:15:35 +02:00
Jason A. Donenfeld
02733c681b
wg-quick: android: don't forget to free compiled regexes
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
Jason A. Donenfeld
3bbacaaf14
wg-quick: android: disable roaming to v6 networks when v4 is specified
...
This works around an unfortunate bug in 464XLAT transitions.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
Jason A. Donenfeld
8c4cf156d5
wg-quick: android: change name of intent
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-04 07:05:58 +02:00
Jason A. Donenfeld
2044bb026d
wg-quick: android: delay setting users until end
...
`ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing
them to reconnect. By delaying this until after routes are set, we
ensure that the sockets reconnect using the tunnel, rather than the old
route.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 16:38:08 +02:00
Jason A. Donenfeld
206e8f08e2
wg-quick: darwin: set DNS servers after delay on route change
...
This works around a race condition in macOS's network daemons, while
also adding one in the form of possibly calling kill -ALRM on a stale
PID; unfortunately bash can't wait from a trap.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 01:24:51 +02:00
Jason A. Donenfeld
d532074ef5
wg-quick: freebsd: configure as p2p link
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 05:24:07 +02:00
Jason A. Donenfeld
df6c69e98c
wg-quick: darwin: add multiple IP addresses
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 05:22:55 +02:00
Jason A. Donenfeld
19ce650fb6
wg-quick: determine IPs when saving interface
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 02:42:31 +02:00
Jason A. Donenfeld
c99e6beecb
wg-quick: freebsd: work around security vulnerabilities in bash
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-24 02:24:02 +02:00
Jason A. Donenfeld
86dd5587a9
wg-quick: allow enumeration of socket files
...
These OSes have an unpriv'd ifconfig, so this isn't an even larger info
leak.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 15:31:47 +02:00
Jason A. Donenfeld
d40231c766
wg-quick: support FreeBSD/Darwin search path
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 15:24:07 +02:00
Jason A. Donenfeld
6b7f88aa7d
wg-quick: openbsd: add new implementation
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
Jason A. Donenfeld
333363f77c
wg-quick: freebsd: add new implementation
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
Jason A. Donenfeld
52eb6a187c
wg-quick: darwin: do not remove routes when no real interface
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
Jason A. Donenfeld
59dae33e9a
wg-quick: darwin: rename namefile environment variable
...
This paves the way for an openbsd implementation.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
Jason A. Donenfeld
434bc616b2
wg-quick: darwin: simpler inclusion check
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 19:30:34 +02:00
Jason A. Donenfeld
986feba2ee
wg-quick: darwin: reorder functions
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
Jason A. Donenfeld
80ff1f8ded
wg-quick: darwin: networksetup does not like missing stdio
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
Jason A. Donenfeld
884f7c50ce
wg-quick: darwin: avoid routing loop if no default
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 04:08:53 +02:00
Jason A. Donenfeld
0d9f30246d
wg-quick: darwin: sometimes there are no network services
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 03:26:51 +02:00
Jason A. Donenfeld
fe9bc71e40
wg-quick: use invoking shell in auto rooting
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 19:19:48 +02:00
Jason A. Donenfeld
6c407ae27b
wg-quick: add intentionally undocumented userspace implementation knob
...
This knob might disappear at some point, and we don't want to encourage
its use, so it's not being documented, but this should help with
development of new implementations.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:25:42 +02:00
Jason A. Donenfeld
4502350512
wg-quick: darwin: use bash from environment and require bash 4+
...
For properly configured Homebrew installations /usr/local/bin should be
before /bin, so this should still work. This allows the script to be
used in more than one setting.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:25:42 +02:00
Jason A. Donenfeld
699777da8c
wg-quick: darwin: restore DNS on down
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
9c18c70da6
wg-quick: darwin: bash correctness
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
f64f0cc740
wg-quick: darwin: remove v6 routes after shutdown
...
This works around a Darwin kernel bug regarding interface removal.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
cfa4203be7
wg-quick: darwin: ensure socket directory exists
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
a5412d1056
wg-quick: add darwin implementation
...
It's pretty rough and leaves much to be desired, but it works.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-15 02:12:13 +02:00
Jason A. Donenfeld
5d9433d73f
wg-quick: add wg symlink
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 19:23:17 +02:00
Jason A. Donenfeld
a563ba2cf9
wg-quick: add android implementation
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 18:23:52 +02:00
Jason A. Donenfeld
08c78a65af
wg: reorganize for multiplatform wg-quick
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 18:18:40 +02:00