| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
It turns out that using 0.0.0.0 somehow conflicts with DNS lookups when
CLAT is in use.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DNS resolver prior had useless comments, awful nesting, converted
bytes into strings and back into bytes, and generally made no sense.
That's been rewritten now.
But more fundumentally, this commit made the DNS resolver actually
accomplish its objective, by passing AI_ALL to it. It turns out, though,
that the Go library isn't actually using GAI in the way we need for
parsing IP addresses, so we actually need to do another round, this time
with hints flag as zero, so that we get the DNS64 address.
Additionally, since we're now binding sockets to interfaces, we can
entirely remove the excludedRoutes logic.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
A Christmas Special, for TestFlight, and possibly for release if things
go well there.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
We can now remove -DNOCRYPT cflag while compiling
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
|
|
|
|
|
|
| |
This fixes a crash that happens when you:
1. Scroll to the end of the Edit screen
2. Delete a peer
3. Toggle the Activate On Demand switch
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
This can be reverted once we've done more testing.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
| |
The username corresponds to the Account field in iOS system VPN UI,
but if we don't set it, the field is not shown, so setting it isn't
really required.
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
"I am very anti-paren." --Eric
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
|
|
|
| |
When handling network path changes, change the listen port
only when the first interface has changed.
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The solution implemented in commit b8c331c causes the tunnel to
remain in 'Activating' state, without the ability to cancel that.
So, in this commit, instead of retrying DNS silently on
Activated-On-Demand tunnels, we fail the startTunnel() silently.
To summarize, if activate-on-demand is on:
- If started from the WireGuard app, show error using lastErrorFile
mechanism, suggesting a way to turn off Activate On Demand
- If not started from WireGuard app, don't call displayMessage()
(don't show error to user) and silently fail starting the tunnel
Signed-off-by: Roopesh Chander <roop@roopc.net>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|
|
|
|
| |
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
|