Hi Jason and list,
I would like to discuss changing WG's current handling of an Endpoint= DNS
failure with "wg setconf ...".
Currently)
"Configuration parsing error", the configuration is aborted, keeping WG from
starting.
Proposed)
Ignore the DNS error, do not change the "endpoint", and continue parsing the
configuration so WG can be started.
The current stderr DNS error message will continue to be generated.
Optionally, some users may want to call "reresolve-dns.sh" [1] or similar at a
later time(s) to update the DNS derived "endpoint".
I have tested this trivial patch to accomplish the proposed change:
Note: The config.c parse_endpoint() function provides additional sanity
checking, only the DNS failure would allow parsing to continue.
--- wireguard-0.0.20190123/src/tools/config.c.orig 2019-01-30
09:02:53.685777217 -0600
+++ wireguard-0.0.20190123/src/tools/config.c 2019-01-30 09:03:44.253387871
-0600
@@ -241,7 +241,7 @@
timeout >= 90000000) {
free(mutable);
fprintf(stderr, "%s: `%s'\n", ret == EAI_SYSTEM ?
strerror(errno) : gai_strerror(ret), value);
- return false;
+ return true;
}
fprintf(stderr, "%s: `%s'. Trying again in %.2f seconds...\n",
ret == EAI_SYSTEM ? strerror(errno) : gai_strerror(ret), value, timeout /
1000000.0);
usleep(timeout);
This change effects:
--
wg setconf ...
wg addconf ...
wg set ... endpoint <ip>:<port> ...
--
I propose this will make WireGuard configuration more robust, minimizing the
effect of an Endpoint= DNS failure.
Lonnie
[1]
https://git.zx2c4.com/WireGuard/tree/contrib/examples/reresolve-dns/reresolve-dns.sh
_______________________________________________
WireGuard mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/wireguard
