Commit Graph

190 Commits

Author SHA1 Message Date
Jason A. Donenfeld f583209935 wg: no need to put this on the stack
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-12-03 15:07:52 +01:00
Jason A. Donenfeld 8bf100a25b wg: remove undocumented unused syntax
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-12-03 15:07:52 +01:00
Jason A. Donenfeld 30cf5eb883 wg: fix removing preshared keys
Also clean up related logic quite a bit and add unit tests.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-23 11:09:12 +01:00
Jason A. Donenfeld bc1f6be5db global: switch from timeval to timespec
This gets us nanoseconds instead of microseconds, which is better, and
we can do this pretty much without freaking out existing userspace,
which doesn't actually make use of the nano/micro seconds field:

zx2c4@thinkpad ~ $ cat a.c
void main()
{
        puts(sizeof(struct timeval) == sizeof(struct timespec) ? "success" : "failure");
}
zx2c4@thinkpad ~ $ gcc a.c -m64 && ./a.out
success
zx2c4@thinkpad ~ $ gcc a.c -m32 && ./a.out
success

This doesn't solve y2038 problem, but timespec64 isn't yet a thing in
userspace.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-22 18:32:48 +01:00
Jason A. Donenfeld 08ce3b2426 wg: tighten up strtoul parsing
Reported-by: Cedric Buxin <cedric.buxin@izri.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-17 14:06:18 +01:00
Jason A. Donenfeld be4597e10f wg-quick: document localhost exception and v6 rule
Reported-by: Hermann Lienstromberg <nurtic-vibe@grmml.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-12 00:57:44 +09:00
Jason A. Donenfeld e77a77a805 wg: allow for NULL keys everywhere
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-11 12:30:49 +09:00
Jason A. Donenfeld e7923ba775 wg: remove ioctl cruft
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-11 12:19:55 +09:00
Jason A. Donenfeld e0775354bd wg-quick: allow for tabs in keys
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-10 16:20:09 +09:00
Jason A. Donenfeld d8ad40da25 wg-quick: stat the correct enclosing folder of config file
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-10 16:20:09 +09:00
Jason A. Donenfeld 753dc179b6 wg-quick: save all hooks on save
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-01 00:55:19 +01:00
Jason A. Donenfeld 6e313371cc wg-quick: fsync the temporary file before renaming
This ensures that on an unclean shutdown, we either see the old content
or the new content, but not empty content.

Suggested-by: Ka Ho Ng <ngkaho1234@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 18:13:31 +01:00
Jason A. Donenfeld eb181e811c wg-quick: allow for saving existing interface
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:51:38 +01:00
Jason A. Donenfeld 2207025c2f wg: correct type for CTRL_ATTR_FAMILY_ID
Suggested-by: Jörg Thalheim <joerg@thalheim.io>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld d30d9630b6 wg-quick: allow for the hatchet, but not by default
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld 9bcb48eacd wg-quick: remember to rewind DNS settings on failure
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld 17f9548182 wg-quick: allow specifiying multiple hooks
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld b1dd8d711e global: style nits
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld d9d0a2cbed global: infuriating kernel iterator style
One types:

   for (i = 0 ...

So one should also type:

  for_each_obj (obj ...

But the upstream kernel style guidelines are insane, and so we must
instead do:

  for_each_obj(obj ...

Ugly, but one must choose his battles wisely.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld fe703c0cf5 wg: account for padding being in zero attribute
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 88b1d35ec0 wg: newline after warning
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 06e7bdf2a5 wg: style
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 6f9b135966 wg: add pass example to wg-quick man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 65db14706b wg: don't insist on having a private key
This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 085796b210 wg: retry resolution except when fatal
The reference to this is <https://sourceware.org/glibc/wiki/NameResolver>,
which mentions:

"From the perspective of the application that calls getaddrinfo() it
perhaps doesn't matter that much since EAI_FAIL, EAI_NONAME and
EAI_NODATA are all permanent failure codes and the causes are all
permanent failures in the sense that there is no point in retrying
later."

This should cover more early-boot situations.

While we're at it, we clean up the logic a bit so that we don't have a
retry message on the final non-retrying attempt. We also peer into errno
when receiving EAI_SYSTEM, to report to the user what actually happened.

Also, fix the quoting back tick front tick mess.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld 7fe7f81088 wg: encoding: be more paranoid
Needless, but overkill can be fun.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld eb68ad0722 Makefile: even prettier output
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld d7b3f0fcaf wg: man: include kill-switch documentation using fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11 15:50:29 +02:00
Jason A. Donenfeld 4e0e99c74d wg: store tail pointer to make coalescing peers fast
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-10 17:19:01 +02:00
Jason A. Donenfeld e13b1e719b wg: warn once on unrecognized items
DaveM suggests we do in fact do this. Others on the same thread weren't
happy about the length of the proposed message, so we also give a bit of
a less dramatic warning.

This reverts commit a2cc976a3b572cf308cc2d97c080eacac60416fe.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-09 13:31:18 +02:00
Jason A. Donenfeld 8774fccff3 wg: try again if dump is interrupted
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-08 16:24:37 +02:00
Jason A. Donenfeld 38ac0ff08e Makefile: clang now builds the kernel, so use scan-build
Also add little stub for coccinelle and clean up semicolon issue it
found.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05 22:21:53 +02:00
Jason A. Donenfeld e95fcccb4d Makefile: add non-verbose mode to tools
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03 22:52:06 +02:00
Jason A. Donenfeld a99b64e5a4 global: satisfy bitshift pedantry
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-03 06:20:48 +02:00
Jason A. Donenfeld 91416b0caf wg: compile on non-Linux
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 13:05:35 +02:00
Jason A. Donenfeld 573bd7f303 wg: simmer down silly compilers
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 03:44:06 +02:00
Jason A. Donenfeld 53e5b4fa89 wg: do not warn on unrecognized items
Upstream advice is to simply be silent.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:51:57 +02:00
Jason A. Donenfeld 83caaa7a96 wg-quick: check permissions of parent directory
Also prefix octal 0, in case these files are actually of modes that
don't start with 0 by accident (such as SUID or sticky bit).

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:45:53 +02:00
Jason A. Donenfeld cbd2b0531f wg-quick: verify wireguard interface in more clever way
This helps with old Debian which has ancient iproute2, as well as paving
the path toward this script supporting userspace implementations.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:45:53 +02:00
Jason A. Donenfeld a566bde126 wg-quick: anchor sysctl regex to start and end
This doesn't actually fix a real problem, but it is more correct than
not having it.

Suggested-by: Aaron Sigel <aaron@vtty.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:45:53 +02:00
Jason A. Donenfeld 5b65f87e9f netlink: switch from ioctl to netlink for configuration
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:45:53 +02:00
Jason A. Donenfeld 9a0790b50a wg: uapi: only make sure socket file is socket
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-26 15:04:07 +02:00
Jason A. Donenfeld 9ef84af8c0 wg: use key_is_zero for comparing to zeros
Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-24 23:10:15 +02:00
Jason A. Donenfeld 92feabdd17 wg-quick: only bash complete existing interfaces for down
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-06 20:51:41 +02:00
Jason A. Donenfeld 34337b0906 wg: fix removal of psk
This is an attribute of the peer, not the device.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-08-23 12:51:52 -06:00
Jason A. Donenfeld bc9494f8b6 wg: stricter userspace ipc parsing
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-08-02 21:09:22 +02:00
Jason A. Donenfeld 6b27d0d0f0 wg-quick: add explicit support for common DNS usage
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-26 03:38:09 +02:00
Jason A. Donenfeld 41e50edbe5 wg-quick: do not use grep
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-24 23:22:10 +02:00
Jason A. Donenfeld 11204afd6f wg-quick: do not set explicit src route for v6 default route
This was only required because clueless network operators were trying to
route fec0::/10 globally, when that range doesn't actually have global
scope. Now that we understand the cause was operator error, we revert
the change here, so that the routing table is kept consistent.

This reverts commit 64e47de870a2f0575b5564a70e5680b48ab83ff9.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-24 23:19:38 +02:00
Jason A. Donenfeld 077dac0514 wg-quick: usage typos
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-20 06:48:57 +02:00
Jason A. Donenfeld aad91ae679 global: wireguard.io --> wireguard.com
Due to concerns with the .io TLD, we are switching to using
wireguard.com instead.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-20 03:37:39 +02:00
Jason A. Donenfeld e22155a3b7 wg: remove double include in ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-29 14:34:27 +02:00
Jason A. Donenfeld d3ebbaccab wg-quick: use printf -v instead of namerefs for bash 4.2
I'm not happy about this.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-28 05:28:54 +02:00
Jason A. Donenfeld cf4b3ebd08 wg-quick: properly match IPv6 endpoint
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-24 02:06:26 +02:00
Jason A. Donenfeld f90f8f33a7 wg: use proper __linux__ ifdef
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-12 17:02:12 +02:00
Jason A. Donenfeld eaa64b198b wg-quick: match ipv6 default route more broadly
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-12 00:20:31 +02:00
Jason A. Donenfeld 1b5234f3d5 wg-quick: make sure we have empty table for both v6 and v4
Otherwise, we wind up not doing the right thing in the v6-only case, or
doing something totally borked when v4 and v6 are filled unevenly.

Reported-by: Roelf Wichertjes <contact@roelf.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-06-11 23:39:17 +02:00
Jason A. Donenfeld 32afe0e220 wg: allow creating device with no peers
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31 05:35:34 +02:00
Jason A. Donenfeld f65fba7dd8 man: update wg-quick(8) to show Debian resolvconf braindamage
While OpenResolv supports explicit ordering directives such as `-m` and
exclusivity directives such as `-x`, Debian's own resolvconf supports
none of this, instead using a hard coded list of interface name
templates for determining ordering. While trying to emulate `-x` is
difficult [*], we can at least try to mostly emulate `-m 0` by
masquerading as a `tun*` interface to resolvconf. Ugly, but it works.

[*] One heavy handed way of emulating `-x` would be something like:

   # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive
   # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf
   # rm -f /etc/resolv.conf.wg0-exclusive

This in practice works quite well, but is a bit heavy to put in a man
page. It also doesn't "stack" well. For example, if we simply run
`umount /etc/resolv.conf`, how do we know which resolv.conf entry we're
unmounting?

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30 18:07:28 +02:00
Jason A. Donenfeld 682b15cb5e wg-quick: use src routing for default routes in v6
Otherwise, traffic is sent with the IP address of a different interface,
and then packets don't actually get delivered.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-18 14:41:34 +02:00
Jason A. Donenfeld 641b479b44 man: fix psk mention in wg-quick man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-18 14:41:24 +02:00
Jason A. Donenfeld 3a7be3fac5 wg: opt-in globally to GNU-isms to keep the BSDs happy
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:34:23 +02:00
Jason A. Donenfeld 945fae0c7c wg: support text-based ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:13:14 +02:00
Jason A. Donenfeld c3b2dbcdb0 wg: check for proto error on set too
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld 067ebe2cb9 wg: stricter key file reading
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld fabb6eca2b noise: redesign preshared key mode
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld 13db708a0f wg-quick: auto MTU discovery
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld 83223f8e4c wg: retry name resolution on temporary failure
This should solve many problems at init time.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld c98c415bd1 wg: no hyphen in preshared, to keep uniformity
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-20 22:53:00 +02:00
Jason A. Donenfeld 5fab6f18d5 wg: argc is always 1
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19 18:26:32 +02:00
Jason A. Donenfeld 6a967c63a7 wg: check for malloc failure
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19 18:26:32 +02:00
Jason A. Donenfeld 755217bd85 wg: side channel resistant base64
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19 18:26:32 +02:00
Jason A. Donenfeld d42dd68add wg: do not use addrconfig with port in gai
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-28 10:46:31 +02:00
Jason A. Donenfeld 6d20c647d0 uapi: add version magic
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-24 04:44:27 +01:00
Jason A. Donenfeld a8803c17a7 wg-quick: various cleanups
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-24 04:44:27 +01:00
Jason A. Donenfeld 3067b59798 wg: document # comments in wg(8) man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-24 04:44:27 +01:00
Pim van Pelt ef66ea99e4 wg-quick: support old ip(8)
Old versions of ip(8) do not accept arguments to `ip rule show.` This
patch works around that limitation.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-19 15:34:46 +01:00
Jason A. Donenfeld aefa5e8edc wg: fix bash completion spaces
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-23 07:09:49 +01:00
Jason A. Donenfeld bda4b8c60b wg: add wg show [interface] dump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-23 07:09:49 +01:00
Jason A. Donenfeld d4edc7baa8 wg: give "off" value for fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-23 07:09:49 +01:00
Jason A. Donenfeld a9bcd0d401 wg-quick: allow config files without trailing newline
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-23 07:09:49 +01:00
Jason A. Donenfeld 6448d5557c wg-quick: unquote fwmark for bash 4.3
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-14 11:41:56 +01:00
Jason A. Donenfeld f60ceb76e6 wg-quick: set LC_ALL for consistent regex
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-13 21:55:18 +01:00
Jason A. Donenfeld c8472e2dab socket: enable setting of fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-13 21:55:18 +01:00
Jason A. Donenfeld ef29165cde socket: general ephemeral ports instead of name-based ports
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-13 21:55:17 +01:00
Jason A. Donenfeld cf2cb85a08 wg-quick: support v6 dual stack
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-13 21:55:17 +01:00
Jason A. Donenfeld 3606898d23 wg: remove key for any empty file
Rather than just using /dev/null to mean key removal, match on any empty
file, so that this interface is cross platform.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-07 12:21:22 +01:00
Jason A. Donenfeld 666623a82e wg: setconf should remove existing psk
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-07 12:21:22 +01:00
Jason A. Donenfeld 4586e14749 wg-quick: recommend using resolvconf in exclusive mode
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-19 00:07:31 +01:00
Jason A. Donenfeld db4f06d118 wg: man: recommend correct port
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-15 22:22:45 +01:00
Jason A. Donenfeld 1d20912898 wg-quick: parse IPv6 endpoints correctly
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-15 13:01:06 +01:00
Jason A. Donenfeld 035a649641 wg-quick: better removal of suppress_prefix rule
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-11 00:29:58 +01:00
Jason A. Donenfeld 396dc76a04 Update copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 06:36:19 +01:00
Jason A. Donenfeld f43b43376b uapi: use sockaddr union instead of sockaddr_storage
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 06:29:24 +01:00
Jason A. Donenfeld 48f7c3522a uapi: use flag instead of C bitfield for portability
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 05:36:43 +01:00
Jason A. Donenfeld 12904a1095 wg: ipc: read from socket incrementally
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 05:36:43 +01:00
Jason A. Donenfeld e92e0dca14 wg: error on short ret reads
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 05:36:43 +01:00
Jason A. Donenfeld 16060516bb wg-quick: enforce good permissions
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-09 00:22:21 +01:00
Jason A. Donenfeld bf5d24eca4 wg: add installation note for distros
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-05 19:41:23 +01:00
Christian Hesse d2f244b136 wg: remove DESTDIR for autodetection
DESTDIR is always empty, no need to check anything there. Check the main
system instead.

Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-05 02:30:20 +01:00