298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-16 04:13:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

wireguard,wireguard-tools: update to 1.0.20210424 (#6864)

Browse Source 
Co-authored-by: Tianling Shen <cnsztl@immortalwrt.org>
This commit is contained in:
Beginner 2021-05-21 18:57:54 +08:00 committed by GitHub
parent c07e97d809
commit 79b427589c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/network/services/wireguard/Makefile
View File

@ -11,12 +11,12 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=wireguard PKG_NAME:=wireguard
PKG_VERSION:=1.0.20210219 PKG_VERSION:=1.0.20210424
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=wireguard-linux-compat-$(PKG_VERSION).tar.xz PKG_SOURCE:=wireguard-linux-compat-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-linux-compat/snapshot/ PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-linux-compat/snapshot/
PKG_HASH:=99d35296b8d847a0d4db97a4dda96b464311a6354e75fe0bef6e7c4578690f00 PKG_HASH:=8839139a53733bd20602e39cfc679a8176747dae8fe9f9c7fce28f8fba71abde
PKG_LICENSE:=GPL-2.0 PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=COPYING

23
package/network/utils/wireguard-tools/Makefile
View File

@ -11,18 +11,17 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=wireguard-tools PKG_NAME:=wireguard-tools
PKG_VERSION:=1.0.20210315 PKG_VERSION:=1.0.20210424
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/ PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/
PKG_HASH:=af001d5492be6bf58ef0bebe04b446b6f50eb53e1226fab679cc34af40733a22 PKG_HASH:=b288b0c43871d919629d7e77846ef0b47f8eeaa9ebc9cedeee8233fc6cc376ad
PKG_LICENSE:=GPL-2.0 PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING PKG_LICENSE_FILES:=COPYING
PKG_BUILD_PARALLEL:=1 PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/package-defaults.mk include $(INCLUDE_DIR)/package-defaults.mk
@ -31,13 +30,25 @@ MAKE_PATH:=src
MAKE_VARS += PLATFORM=linux MAKE_VARS += PLATFORM=linux
define Package/wireguard-tools define Package/wireguard-tools
$(call Package/wireguard/Default) SECTION:=net
CATEGORY:=Network
SUBMENU:=VPN
URL:=https://www.wireguard.com
MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com>
TITLE:=WireGuard userspace control program (wg) TITLE:=WireGuard userspace control program (wg)
DEPENDS:=+ip DEPENDS:= \
+@BUSYBOX_CONFIG_IP \
+@BUSYBOX_CONFIG_FEATURE_IP_LINK \
+kmod-wireguard
endef endef
define Package/wireguard-tools/description define Package/wireguard-tools/description
$(call Package/wireguard/Default/description) WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN. WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances. It uses UDP.
This package provides the userspace control program for WireGuard, This package provides the userspace control program for WireGuard,
`wg(8)`, a netifd protocol helper, and a re-resolve watchdog script. `wg(8)`, a netifd protocol helper, and a re-resolve watchdog script.

3
package/network/utils/wireguard-tools/files/wireguard.sh
View File

@ -112,6 +112,7 @@ proto_wireguard_setup() {
config_get fwmark "${config}" "fwmark" config_get fwmark "${config}" "fwmark"
config_get ip6prefix "${config}" "ip6prefix" config_get ip6prefix "${config}" "ip6prefix"
config_get nohostroute "${config}" "nohostroute" config_get nohostroute "${config}" "nohostroute"
config_get tunlink "${config}" "tunlink"
ip link del dev "${config}" 2>/dev/null ip link del dev "${config}" 2>/dev/null
ip link add dev "${config}" type wireguard ip link add dev "${config}" type wireguard
@ -173,7 +174,7 @@ proto_wireguard_setup() {
sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
while IFS=$'\t ' read -r key address port; do while IFS=$'\t ' read -r key address port; do
[ -n "${port}" ] || continue [ -n "${port}" ] || continue
proto_add_host_dependency "${config}" "${address}" proto_add_host_dependency "${config}" "${address}" "${tunlink}"
done done
fi fi

8
package/network/utils/wireguard-tools/files/wireguard_watchdog
View File

@ -27,7 +27,7 @@ check_peer_activity() {
config_get public_key "${cfg}" "public_key" config_get public_key "${cfg}" "public_key"
config_get endpoint_host "${cfg}" "endpoint_host" config_get endpoint_host "${cfg}" "endpoint_host"
config_get endpoint_port "${cfg}" "endpoint_port" config_get endpoint_port "${cfg}" "endpoint_port"
persistent_keepalive=`wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}'` persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')
# only process peers with endpoints and keepalive set # only process peers with endpoints and keepalive set
[ -z ${endpoint_host} ] && return 0; [ -z ${endpoint_host} ] && return 0;
@ -42,16 +42,16 @@ check_peer_activity() {
[ -n "${IPV4}" -o -n "${IPV6}" ] && return 0; [ -n "${IPV4}" -o -n "${IPV6}" ] && return 0;
# re-resolve endpoint hostname if not responding for too long # re-resolve endpoint hostname if not responding for too long
last_handshake=`wg show ${iface} latest-handshakes | grep ${public_key} | awk '{print $2}'` last_handshake=$(wg show ${iface} latest-handshakes | grep ${public_key} | awk '{print $2}')
[ -z ${last_handshake} ] && return 0; [ -z ${last_handshake} ] && return 0;
idle_seconds=$((`date +%s`-${last_handshake})) idle_seconds=$(($(date +%s)-${last_handshake}))
[ ${idle_seconds} -lt 150 ] && return 0; [ ${idle_seconds} -lt 150 ] && return 0;
logger -t "wireguard_monitor" "${iface} endpoint ${endpoint_host}:${endpoint_port} is not responding for ${idle_seconds} seconds, trying to re-resolve hostname" logger -t "wireguard_monitor" "${iface} endpoint ${endpoint_host}:${endpoint_port} is not responding for ${idle_seconds} seconds, trying to re-resolve hostname"
wg set ${iface} peer ${public_key} endpoint "${endpoint_host}:${endpoint_port}" wg set ${iface} peer ${public_key} endpoint "${endpoint_host}:${endpoint_port}"
} }
# query ubus for all active wireguard interfaces # query ubus for all active wireguard interfaces
wg_ifaces=`ubus -S call network.interface dump | jsonfilter -e '@.interface[@.up=true]' | jsonfilter -a -e '@[@.proto="wireguard"].interface' | tr "\n" " "` wg_ifaces=$(ubus -S call network.interface dump | jsonfilter -e '@.interface[@.up=true]' | jsonfilter -a -e '@[@.proto="wireguard"].interface' | tr "\n" " ")
# check every peer in every active wireguard interface # check every peer in every active wireguard interface
config_load network config_load network