wireguard,wireguard-tools: update to 1.0.20210424 (#6864)

Co-authored-by: Tianling Shen <cnsztl@immortalwrt.org>
2025-04-16 04:13:31 +00:00 · 2021-05-21 18:57:54 +08:00 · 2021-05-21 18:57:54 +08:00 · 79b427589c
commit 79b427589c
parent c07e97d809
4 changed files with 25 additions and 13 deletions
--- a/package/network/services/wireguard/Makefile
+++ b/package/network/services/wireguard/Makefile
@ -11,12 +11,12 @@ include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=wireguard

-PKG_VERSION:=1.0.20210219
+PKG_VERSION:=1.0.20210424
 PKG_RELEASE:=1

 PKG_SOURCE:=wireguard-linux-compat-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-linux-compat/snapshot/
-PKG_HASH:=99d35296b8d847a0d4db97a4dda96b464311a6354e75fe0bef6e7c4578690f00
+PKG_HASH:=8839139a53733bd20602e39cfc679a8176747dae8fe9f9c7fce28f8fba71abde

 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING
--- a/package/network/utils/wireguard-tools/Makefile
+++ b/package/network/utils/wireguard-tools/Makefile
@ -11,18 +11,17 @@ include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=wireguard-tools

-PKG_VERSION:=1.0.20210315
+PKG_VERSION:=1.0.20210424
 PKG_RELEASE:=1

 PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/
-PKG_HASH:=af001d5492be6bf58ef0bebe04b446b6f50eb53e1226fab679cc34af40733a22
+PKG_HASH:=b288b0c43871d919629d7e77846ef0b47f8eeaa9ebc9cedeee8233fc6cc376ad

 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING

 PKG_BUILD_PARALLEL:=1
-PKG_USE_MIPS16:=0

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/package-defaults.mk
@ -31,13 +30,25 @@ MAKE_PATH:=src
 MAKE_VARS += PLATFORM=linux

 define Package/wireguard-tools
-  $(call Package/wireguard/Default)
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=VPN
+  URL:=https://www.wireguard.com
+  MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com>
  TITLE:=WireGuard userspace control program (wg)
-  DEPENDS:=+ip
+  DEPENDS:= \
+	  +@BUSYBOX_CONFIG_IP \
+	  +@BUSYBOX_CONFIG_FEATURE_IP_LINK \
+	  +kmod-wireguard
 endef

 define Package/wireguard-tools/description
-  $(call Package/wireguard/Default/description)
+  WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
+  state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
+  more useful than IPSec, while avoiding the massive headache. It intends to
+  be considerably more performant than OpenVPN.  WireGuard is designed as a
+  general purpose VPN for running on embedded interfaces and super computers
+  alike, fit for many different circumstances. It uses UDP.

  This package provides the userspace control program for WireGuard,
  `wg(8)`, a netifd protocol helper, and a re-resolve watchdog script.
--- a/package/network/utils/wireguard-tools/files/wireguard.sh
+++ b/package/network/utils/wireguard-tools/files/wireguard.sh
@ -112,6 +112,7 @@ proto_wireguard_setup() {
 	config_get fwmark "${config}" "fwmark"
 	config_get ip6prefix "${config}" "ip6prefix"
 	config_get nohostroute "${config}" "nohostroute"
+	config_get tunlink "${config}" "tunlink"

 	ip link del dev "${config}" 2>/dev/null
 	ip link add dev "${config}" type wireguard
@ -173,7 +174,7 @@ proto_wireguard_setup() {
 		sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
 		while IFS=$'\t ' read -r key address port; do
 			[ -n "${port}" ] || continue
-			proto_add_host_dependency "${config}" "${address}"
+			proto_add_host_dependency "${config}" "${address}" "${tunlink}"
 		done
 	fi

--- a/package/network/utils/wireguard-tools/files/wireguard_watchdog
+++ b/package/network/utils/wireguard-tools/files/wireguard_watchdog
@ -27,7 +27,7 @@ check_peer_activity() {
  config_get public_key "${cfg}" "public_key"
  config_get endpoint_host "${cfg}" "endpoint_host"
  config_get endpoint_port "${cfg}" "endpoint_port"
-  persistent_keepalive=`wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}'`
+  persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')

  # only process peers with endpoints and keepalive set
  [ -z ${endpoint_host} ] && return 0;
@ -42,16 +42,16 @@ check_peer_activity() {
  [ -n "${IPV4}" -o -n "${IPV6}" ] && return 0;

  # re-resolve endpoint hostname if not responding for too long
-  last_handshake=`wg show ${iface} latest-handshakes | grep ${public_key} | awk '{print $2}'`
+  last_handshake=$(wg show ${iface} latest-handshakes | grep ${public_key} | awk '{print $2}')
  [ -z ${last_handshake} ] && return 0;
-  idle_seconds=$((`date +%s`-${last_handshake}))
+  idle_seconds=$(($(date +%s)-${last_handshake}))
  [ ${idle_seconds} -lt 150 ] && return 0;
  logger -t "wireguard_monitor" "${iface} endpoint ${endpoint_host}:${endpoint_port} is not responding for ${idle_seconds} seconds, trying to re-resolve hostname"
  wg set ${iface} peer ${public_key} endpoint "${endpoint_host}:${endpoint_port}"
 }

 # query ubus for all active wireguard interfaces
-wg_ifaces=`ubus -S call network.interface dump | jsonfilter -e '@.interface[@.up=true]' | jsonfilter -a -e '@[@.proto="wireguard"].interface' | tr "\n" " "`
+wg_ifaces=$(ubus -S call network.interface dump | jsonfilter -e '@.interface[@.up=true]' | jsonfilter -a -e '@[@.proto="wireguard"].interface' | tr "\n" " ")

 # check every peer in every active wireguard interface
 config_load network