commit wireguard for openSUSE:Factory

root Sat, 21 Dec 2019 03:30:57 -0800

Hello community,

here is the log from the commit of package wireguard for openSUSE:Factory 
checked in at 2019-12-21 12:30:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/wireguard (Old)
 and      /work/SRC/openSUSE:Factory/.wireguard.new.6675 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "wireguard"

Sat Dec 21 12:30:06 2019 rev:5 rq:758082 version:0.0.20191219

Changes:
--------
--- /work/SRC/openSUSE:Factory/wireguard/wireguard.changes      2019-12-12 
23:19:32.442206066 +0100
+++ /work/SRC/openSUSE:Factory/.wireguard.new.6675/wireguard.changes    
2019-12-21 12:30:17.743332260 +0100
@@ -1,0 +2,10 @@
+Thu Dec 19 07:26:52 UTC 2019 - Martin Hauke <[email protected]>
+
+- Update to version 0.0.20191219
+  * wg-quick: linux: try both iptables(8) and nft(8) on teardown
+  * wg-quick: linux: use already configured addresses instead of
+    in-memory
+  * compat: ipv6_dst_lookup_flow was backported to 5.3 and 5.4
+  * tools: adjust wg.8 syntax for consistency in COMMANDS section
+
+-------------------------------------------------------------------

Old:
----
  WireGuard-0.0.20191212.tar.asc
  WireGuard-0.0.20191212.tar.xz

New:
----
  WireGuard-0.0.20191219.tar.asc
  WireGuard-0.0.20191219.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ wireguard.spec ++++++
--- /var/tmp/diff_new_pack.N1S1L6/_old  2019-12-21 12:30:19.775333226 +0100
+++ /var/tmp/diff_new_pack.N1S1L6/_new  2019-12-21 12:30:19.811333243 +0100
@@ -18,7 +18,7 @@
 
 
 Name:           wireguard
-Version:        0.0.20191212
+Version:        0.0.20191219
 Release:        0
 Summary:        Fast, modern, secure kernel VPN tunnel
 License:        GPL-2.0-only

++++++ WireGuard-0.0.20191212.tar.xz -> WireGuard-0.0.20191219.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/WireGuard-0.0.20191212/src/compat/compat.h 
new/WireGuard-0.0.20191219/src/compat/compat.h
--- old/WireGuard-0.0.20191212/src/compat/compat.h      2019-12-12 
12:24:51.000000000 +0100
+++ new/WireGuard-0.0.20191219/src/compat/compat.h      2019-12-19 
01:12:35.000000000 +0100
@@ -861,7 +861,7 @@
 })
 #endif
 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 5) && LINUX_VERSION_CODE >= 
KERNEL_VERSION(5, 4, 0)) || LINUX_VERSION_CODE < KERNEL_VERSION(5, 3, 18)
 #define ipv6_dst_lookup_flow(a, b, c, d) ipv6_dst_lookup(a, b, &dst, c) + 
(void *)0 ?: dst
 #endif
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/WireGuard-0.0.20191212/src/dkms.conf 
new/WireGuard-0.0.20191219/src/dkms.conf
--- old/WireGuard-0.0.20191212/src/dkms.conf    2019-12-12 12:24:51.000000000 
+0100
+++ new/WireGuard-0.0.20191219/src/dkms.conf    2019-12-19 01:12:35.000000000 
+0100
@@ -1,5 +1,5 @@
 PACKAGE_NAME="wireguard"
-PACKAGE_VERSION="0.0.20191212"
+PACKAGE_VERSION="0.0.20191219"
 AUTOINSTALL=yes
 
 BUILT_MODULE_NAME="wireguard"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/WireGuard-0.0.20191212/src/tools/man/wg.8 
new/WireGuard-0.0.20191219/src/tools/man/wg.8
--- old/WireGuard-0.0.20191212/src/tools/man/wg.8       2019-12-12 
12:24:51.000000000 +0100
+++ new/WireGuard-0.0.20191219/src/tools/man/wg.8       2019-12-19 
01:12:35.000000000 +0100
@@ -122,7 +122,7 @@
     $ wg genkey | tee private.key | wg pubkey > public.key
 .TP
 \fBhelp\fP
-Show usage message.
+Shows usage message.
 
 .SH CONFIGURATION FILE FORMAT
 The configuration file format is based on \fIINI\fP. There are two top level 
sections
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/WireGuard-0.0.20191212/src/tools/wg-quick/linux.bash 
new/WireGuard-0.0.20191219/src/tools/wg-quick/linux.bash
--- old/WireGuard-0.0.20191212/src/tools/wg-quick/linux.bash    2019-12-12 
12:24:51.000000000 +0100
+++ new/WireGuard-0.0.20191219/src/tools/wg-quick/linux.bash    2019-12-19 
01:12:35.000000000 +0100
@@ -188,7 +188,8 @@
                        [[ $table == *" wg-quick-$INTERFACE" ]] && printf -v 
nftcmd '%sdelete %s\n' "$nftcmd" "$table"
                done < <(nft list tables 2>/dev/null)
                [[ -z $nftcmd ]] || cmd nft -f <(echo -n "$nftcmd")
-       else
+       fi
+       if type -p iptables >/dev/null; then
                local line iptables found restore
                for iptables in iptables ip6tables; do
                        restore="" found=0
@@ -204,7 +205,7 @@
 
 HAVE_SET_FIREWALL=0
 add_default() {
-       local table i
+       local table line
        if ! get_fwmark table; then
                table=51820
                while [[ -n $(ip -4 route show table $table 2>/dev/null) || -n 
$(ip -6 route show table $table 2>/dev/null) ]]; do
@@ -223,11 +224,11 @@
        printf -v nftcmd '%sadd chain %s %s preraw { type filter hook 
prerouting priority -300; }\n' "$nftcmd" "$pf" "$nftable"
        printf -v nftcmd '%sadd chain %s %s premangle { type filter hook 
prerouting priority -150; }\n' "$nftcmd" "$pf" "$nftable"
        printf -v nftcmd '%sadd chain %s %s postmangle { type filter hook 
postrouting priority -150; }\n' "$nftcmd" "$pf" "$nftable"
-       for i in "${ADDRESSES[@]}"; do
-               [[ ( $proto == -4 && $i != *:* ) || ( $proto == -6 && $i == *:* 
) ]] || continue
-               printf -v restore '%s-I PREROUTING ! -i %s -d %s -m addrtype ! 
--src-type LOCAL -j DROP %s\n' "$restore" "$INTERFACE" "${i%/*}" "$marker"
-               printf -v nftcmd '%sadd rule %s %s preraw iifname != %s %s 
daddr %s fib saddr type != local drop\n' "$nftcmd" "$pf" "$nftable" 
"$INTERFACE" "$pf" "${i%/*}"
-       done
+       while read -r line; do
+               [[ $line =~ .*inet6?\ ([0-9a-f:.]+)/[0-9]+.* ]] || continue
+               printf -v restore '%s-I PREROUTING ! -i %s -d %s -m addrtype ! 
--src-type LOCAL -j DROP %s\n' "$restore" "$INTERFACE" "${BASH_REMATCH[1]}" 
"$marker"
+               printf -v nftcmd '%sadd rule %s %s preraw iifname != %s %s 
daddr %s fib saddr type != local drop\n' "$nftcmd" "$pf" "$nftable" 
"$INTERFACE" "$pf" "${BASH_REMATCH[1]}"
+       done < <(ip -o $proto addr show dev "$INTERFACE" 2>/dev/null)
        printf -v restore '%sCOMMIT\n*mangle\n-I POSTROUTING -m mark --mark %d 
-p udp -j CONNMARK --save-mark %s\n-I PREROUTING -p udp -j CONNMARK 
--restore-mark %s\nCOMMIT\n' "$restore" $table "$marker" "$marker"
        printf -v nftcmd '%sadd rule %s %s postmangle meta l4proto udp mark %d 
ct mark set mark \n' "$nftcmd" "$pf" "$nftable" $table
        printf -v nftcmd '%sadd rule %s %s premangle meta l4proto udp meta mark 
set ct mark \n' "$nftcmd" "$pf" "$nftable"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/WireGuard-0.0.20191212/src/version.h 
new/WireGuard-0.0.20191219/src/version.h
--- old/WireGuard-0.0.20191212/src/version.h    2019-12-12 12:24:51.000000000 
+0100
+++ new/WireGuard-0.0.20191219/src/version.h    2019-12-19 01:12:35.000000000 
+0100
@@ -1 +1 @@
-#define WIREGUARD_VERSION "0.0.20191212"
+#define WIREGUARD_VERSION "0.0.20191219"

commit wireguard for openSUSE:Factory

Reply via email to