Commit Graph

342 Commits (hosts-selinux)

Author SHA1 Message Date
Jake McGinty b53376b9c8 meta: release v1.5.3-beta.3 2022-01-18 15:19:53 +09:00
Jake McGinty 4a682f8adc wireguard-control: cargo fmt 2022-01-18 15:19:40 +09:00
Jake McGinty c80fe23e1c meta: cargo update 2022-01-18 15:19:16 +09:00
Jake McGinty b09d12225b wireguard-control: gracefully handle multiple Peers NLAs
Fixes #187
2022-01-18 15:12:22 +09:00
Jake McGinty ce23bbdf63 meta: release v1.5.3-beta.2 2022-01-12 16:31:31 -06:00
Jake McGinty cf72456484 meta: cargo update 2022-01-12 16:31:03 -06:00
Jake McGinty 44aceb109c wireguard-control: cargo fmt 2022-01-12 16:26:11 -06:00
Jake McGinty dc40e20fcf wireguard-control: support multipart wireguard responses
previously, any messages beyond the first were ignored, so
innernet wouldn't be aware of all peers on the interface.

fixes #187
2022-01-12 16:22:02 -06:00
Jake McGinty 6541605319 wireguard-control: add log crate dependency to allow debug output 2022-01-12 16:15:05 -06:00
Jake McGinty fa24aedd1f netlink-request: don't include Done and Ack messages in response 2022-01-12 15:56:56 -06:00
Jake McGinty b15b541669 meta: release v1.5.3-beta.1 2022-01-11 14:18:19 -06:00
Matěj Laitl 1b260823f9
client, server systemd units: make Restart=always truly respected (#184)
Surprisingly, Restart=always may not _always_ restart the unit if it restarts too fast.

Set a combination of options which should make systemd truly restart innernet always.
See https://unix.stackexchange.com/q/289629/352972.

The `RestartSec=60` is the main and important one which would prevent systemd from ever failing
to restart innernet in the default settings (because with it it would never exceed the default
limit of 5 restarts in 10 seconds).

`StartLimitIntervalSec=0` option is a complementary one for explicitly disabling the logic, and
may be removed from this PR if deemed unnecessary.
2022-01-12 04:58:28 +09:00
Jake McGinty 160451c8e5 meta: cargo update 2022-01-11 02:02:05 -06:00
Jake McGinty 0423e78683 server: cargo fmt 2022-01-11 01:54:59 -06:00
Jake McGinty 5c72592069 meta: rust edition 2018 -> 2021 2022-01-11 01:54:43 -06:00
Jake McGinty 8dd11977af meta: structopt 0.3 -> clap 3 2022-01-11 01:51:32 -06:00
Jake McGinty 97a49c5c0e netlink-request: match semver with rest of the project 2022-01-11 01:17:24 -06:00
Jake McGinty a919a7ff52 release: update release.toml for latest cargo-release 2022-01-11 01:14:15 -06:00
Jake McGinty e04bd26743 wireguard-control: correct the target genl payload length 2022-01-11 01:04:14 -06:00
Jake McGinty 9fbc0c5f1b netlink-request: print out packet that was oversized for debugging 2022-01-11 00:25:19 -06:00
Jake McGinty a21928c30c wireguard-control: add more checks on peer/NLA sizes 2022-01-10 20:29:41 -06:00
Jake McGinty a95fa1b03e wireguard-control: make cargo clippy happy 2022-01-09 23:12:28 -06:00
Jake McGinty a122077473 wireguard-control: fix iface attr not being in first message 2022-01-09 23:11:20 -06:00
Jake McGinty 68d3b09f3a wireguard-control: cargo fmt 2022-01-09 22:58:21 -06:00
Jake McGinty 92b60f535d wireguard-control: break up large updates into multiple netlink messages 2022-01-09 22:56:39 -06:00
Jake McGinty 4784a695ad netlink-request: add length check for serliazed netlink buffer 2022-01-08 13:33:39 -06:00
Jake McGinty 09e68c2c01
(linux) wireguard-control: migrate from `wireguard-control-sys` to `netlink` crates (#177)
also introduces a new `netlink-request` crate to help modularize the netlink code. this currently depends on a fork of the `netlink` project, but we should be able to use the official version soon.
2022-01-07 18:35:21 +09:00
Matěj Laitl 7ade68379f
Run rustfmt on CI (#178)
* Run rustfmt on CI

* Run rustfmt on nightly toolchain, outside test matrix

Rustfmt doesn't need dependencies and should be platform-agnostic anyway.
2022-01-07 17:57:43 +09:00
Jake McGinty 6be3e61074 meta: release v1.5.2 2021-12-06 02:35:18 +09:00
Jake McGinty d2a2e881e5 add warning when binary is called with 'inn' shortcut 2021-11-30 04:16:44 +09:00
Caleb Maclennan 11a66b635e readme: use full original binary name 2021-11-30 03:54:10 +09:00
Jake McGinty 2c31a4b6ec client: run 'up' on all interfaces when none is specified 2021-11-23 23:07:57 -07:00
Jake McGinty 2fd0049d1a wireguard-control-sys: cargo fmt 2021-11-21 15:49:41 +09:00
Jake McGinty 7f6b5afe31 meta: cargo update 2021-11-21 15:46:34 +09:00
Jake McGinty 55c3a18d00 wireguard-control(-sys): add FFI upgrade script and run it 2021-11-21 15:46:09 +09:00
Jake McGinty b5ebb8e8d7 wireguard-control-sys: use pregenerated bindings
cuts down on total dependencies and build time goes from ~8s -> ~2s
(on my desktop).
2021-11-21 15:33:03 +09:00
Jake McGinty ec754e60c4 client: non-interactive `set-listen-port` and `override-endpoint`
closes #158
2021-11-16 18:46:45 +09:00
Jake McGinty ae2c554b23
{client, server}: make config/data directories configurable (#172)
* client: allow config/data dirs to be changed

* server: allow config/data dirs to be changed

* meta: cargo clippy & cargo fmt

* shared: use const for Duration instead of lazy_static
2021-11-15 18:11:13 +09:00
Jake McGinty bce7af20ce client: fix NAT traverse helptext 2021-11-14 10:24:25 +09:00
Jake McGinty e6f25ca1d7 docker-tests: add simultaneous peer invitation test 2021-11-12 17:53:37 +09:00
Jake McGinty d7c491c8f3 client: granular control over NAT traversal
added to `innernet {up,fetch,install}`:

  --no-nat-traversal: Doesn't attempt NAT traversal
    (prevents long time delays in execution of command)

  --exclude-nat-candidates: Exclude a list of CIDRs from being
    considered candidates

  --no-nat-candidates: Don't report NAT candidates.
    (shorthand for '--exclude-nat-candidates 0.0.0.0/0')

Closes #160
2021-11-12 14:42:10 +09:00
Jake McGinty 9a59ac3094 meta: release v1.5.1 2021-11-11 18:42:21 +09:00
Jake McGinty e2473951b7 meta: update dependencies 2021-11-11 18:41:44 +09:00
Jake McGinty 991c6435c1 client: wait after updating interface before attempting NAT traversal
otherwise, the server-reported IP itself won't have time to check
if a handshake succeeds or not.
2021-11-11 18:34:31 +09:00
Jake McGinty b0d0ee8565 fix tests 2021-11-06 18:54:52 +09:00
Jake McGinty d7cf24c63c server: validate hostname in 'new'
fixes #164
2021-11-05 12:36:35 +09:00
Jake McGinty 17dd26921f meta: update dependencies 2021-11-05 12:22:35 +09:00
Jake McGinty c09d828414 shared: follow-up to bfa5d5e, double- to single-quote in opt rustdocs 2021-09-21 12:50:21 +09:00
Jake McGinty bfa5d5ee5d client: change rustdoc double-quotes to single for zsh completions.
clap (used by StructOpt) doesn't escape double-quotes inside the
rustdocs that is uses to generate completion helptext. Rather than wait
on them, it's simpler to just avoid double-quotes for now at least.

Closes #156
2021-09-21 12:46:56 +09:00
Jake McGinty cac46dbf30 docker-tests: simplify build step 2021-09-18 16:15:29 +09:00