WireGuard Archive on lore.kernel.org
 help / Atom feed
* wg setconf: ignore Endpoint= DNS failure
@ 2019-01-30 19:54 Lonnie Abelbeck
  0 siblings, 0 replies; 1+ messages in thread
From: Lonnie Abelbeck @ 2019-01-30 19:54 UTC (permalink / raw)
  To: WireGuard mailing list

Hi Jason and list,

I would like to discuss changing WG's current handling of an Endpoint= DNS failure with "wg setconf ...".

Currently)
"Configuration parsing error",  the configuration is aborted, keeping WG from starting.

Proposed)
Ignore the DNS error, do not change the "endpoint", and continue parsing the configuration so WG can be started.
The current stderr DNS error message will continue to be generated.
Optionally, some users may want to call "reresolve-dns.sh" [1] or similar at a later time(s) to update the DNS derived "endpoint".


I have tested this trivial patch to accomplish the proposed change:
Note: The config.c parse_endpoint() function provides additional sanity checking, only the DNS failure would allow parsing to continue.

--- wireguard-0.0.20190123/src/tools/config.c.orig	2019-01-30 09:02:53.685777217 -0600
+++ wireguard-0.0.20190123/src/tools/config.c	2019-01-30 09:03:44.253387871 -0600
@@ -241,7 +241,7 @@
				timeout >= 90000000) {
			free(mutable);
			fprintf(stderr, "%s: `%s'\n", ret == EAI_SYSTEM ? strerror(errno) : gai_strerror(ret), value);
-			return false;
+			return true;
		}
		fprintf(stderr, "%s: `%s'. Trying again in %.2f seconds...\n", ret == EAI_SYSTEM ? strerror(errno) : gai_strerror(ret), value, timeout / 1000000.0);
		usleep(timeout);


This change effects:
--
wg setconf ...
wg addconf ...
wg set ... endpoint <ip>:<port> ...
--

I propose this will make WireGuard configuration more robust, minimizing the effect of an Endpoint= DNS failure.


Lonnie

[1] https://git.zx2c4.com/WireGuard/tree/contrib/examples/reresolve-dns/reresolve-dns.sh


_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 1+ messages in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-30 19:54 wg setconf: ignore Endpoint= DNS failure Lonnie Abelbeck

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/ public-inbox