-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello,
A new version, v1.0.20200820, of wireguard-tools has been tagged in the git repository, containing various required userspace utilities, such as the wg(8) and wg-quick(8) commands and documentation. == Changes == * ipc: split into separate files per-platform This is in preparation for FreeBSD support, which I had hoped to have this release, but we're still waiting on some tooling fixes, so hopefully next wg(8) will support that. Either way, the code base is now a lot more amenable to adding more kernel platform support. * wincompat: fold random into genkey As part of moving to per-platform files, we can fold our get_random_bytes implementation in the same way that we handle the other ones. * systemd: add reload target to systemd unit Users can now run `systemctl reload wg-quick@wgnet0`, as described in the wg-quick(8) man page. Note that this won't adjust Address=, DNS=, or the various other non-wg(8) fields. * man: wg-quick: use syncconf instead of addconf for strip example Simple documentation fix. * pubkey: isblank is a subset of isspace * ctype: use non-locale-specific ctype.h In addition to ensuring that isalpha() and such isn't locale-specific, we also make these constant time, even though we're never distinguishing between bits of a secret using them. From that perspective, though, this is markedly better than the locale-specific table lookups in glibc, even though base64 characters span two cache lines and valid private keys must hit both. This may be useful for other projects too: https://git.zx2c4.com/wireguard-tools/tree/src/ctype.h * wg-quick: wait on process substitutions Bash does not propagate error values, which is a bummer, but process substitutions are a useful feature. Introduce a new idiom to deal with this: either "; wait $!" after the line to propagate the error, or "|| true" to indicate explicitly that we don't care about the error. Discussions about this with upstream bash didn't lead anywhere: https://lists.gnu.org/archive/html/bug-bash/2020-08/msg00031.html So, we now work around this limitation manually. This release contains commits from: Jason A. Donenfeld and Domonkos P. Tomcsanyi. As always, the source is available at https://git.zx2c4.com/wireguard-tools/ and information about the project is available at https://www.wireguard.com/ . This release is available in compressed tarball form here: https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-1.0.20200820.tar.xz SHA2-256: A PGP signature of that file decompressed is available here: https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-1.0.20200820.tar.asc Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE Remember to unxz the tarball before verifying the signature. If you're a package maintainer, please bump your package version. If you're a user, the WireGuard team welcomes any and all feedback on this latest version. Finally, WireGuard development thrives on donations. By popular demand, we have a webpage for this: https://www.wireguard.com/donations/ Thank you, Jason Donenfeld -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAl8+TDQQHGphc29uQHp4 MmM0LmNvbQAKCRBJ/HASpd4Drk/EEADG4YnUkARZmR2qvh+5t3Iiqa9KVMXFOF3/ V+2IZa0IoCBsLqUIxAnuel5/KvMWL9IqycfuP/E+8vj8M0l1WGv3y0VCFPZ/6Hml O7QWNZVG/71x4iUnz7tgBO08YW7BcASSiQ8KhZHaS+5D2sWofD8LBVofl/xJYVcc rDpzupfqcD265o5l7MsXwIqakS32Apye6mwptIFMpSw/8xl5S0SGeAF4KYtiJA/B oU6b9fAkpDcmYpWQ93hbpJboFM0z1yFK380uZZuNeeJLZ9wPod3ub3f8Ftl2ndKI 7yfSt4opKd1TOsqlPU6CR4ZXHWrV37G4Y9/4TbkesjsefKIrtZcB3ShkcU+0GuhZ aD5PIGxRMuozsBCLiqudfY+28BdOh3MDmxp5UiHA32MZStDmYZl8z4lhxcr0+La8 yKa5n4iDyXQmjqr1IAtZdZBTD6du/rhYKroG4DMhXRkQP3RnFoMje9YgUVPhAoY2 uQUsg+KQa7LLjgNoaDtmzJgB41heLh4IHh+pzYjtfENljFaGEOkklSZlcqIvQwQh 9r9aVV9SYMR6MIx6jg0rXKKHO/XB4BK8JWuDn2v6xw9qg2B/g8iRZNBJF7jP98DP Id3FaUDrWUXLHt7WEhPyocFtXSod+r1TzAX2Cr5Gl7L4BmQB3jJ1nqZFspSpZtlH QP8bGmvomQ== =fJ94 -----END PGP SIGNATURE-----
