Commit Graph

55 Commits (a77cbb4f490b1156b0955de93d36a1e7a4e3195c)

Author SHA1 Message Date
Jake McGinty a87d56cfc9
{client,server}: send and require a header that contains the server public key
This is a stop-gap CSRF protection mechanism from unsophisticated attacks. It's to be considered a temporary solution until a more complete one can be implemented, but it should be sufficient in most cases for the time being.

See https://github.com/tonarino/innernet/issues/38 for further discussion.
2021-04-09 13:48:00 +09:00
BlackHoleFox b1e1ff8f4f
wgctrl-sys: Remove some unsafe in the kernel backend
Validates WireGuard interfaces against the linux specification for interface names.
Refactor userspace and other OSes to use InterfaceName
2021-04-09 10:28:37 +09:00
Jake McGinty 2122748727 server: add comments to get_listener 2021-04-06 13:33:55 +09:00
Jake McGinty 41565e46d7 server: bind specifically to WireGuard interface on Linux
This is one many upcoming changes to address IP spoofing
issues.

See #26 for more details.
2021-04-06 13:33:55 +09:00
Jake McGinty c49f061bb7 kabloomers. public release v1.0.0 2021-03-30 02:47:34 +09:00