DNS name resolution should not be done during configuration parsing.

Eryk Wieliczko eryk at wieliczko.ninja
Sun Feb 17 14:15:07 CET 2019


You are right, I got confused.
I thought that this would be something that _the user_ would have to set up. Please forgive my ignorance. :-)

Since these scripts are installed by WG and not by a user, this solution would be fine.




Isn't it the case that currently WG is performing DNS both during configuration AND during connection setup? I see that there is _getaddrinfo_ in ipc.c...
Maybe just removing all getaddrinfo from config.c would be enough to fix this?

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Sunday, February 17, 2019 2:07 PM, Jeffrey Walton <noloader at gmail.com> wrote:

> On Sun, Feb 17, 2019 at 7:40 AM Eryk Wieliczko eryk at wieliczko.ninja wrote:
>
> > > Forgive my ignorance... Should init just retry the service start?
> > > Something like this (from Systemd):
> > > [Unit]
> > > StartLimitInterval=360
> > > StartLimitBurst=5
> > > The statements above say to retry 5 times within 360 seconds.
> > > Configuring such things is an additional unnecessary step. OpenVPN/tinc don't require such hacks. Once you start OpenVPN, it's gonna work until the server dies of old age. :-)
>
> I have to admit I don't quite understand calling it "unnecessary".
>
> There seems to be two use cases (maybe more?): manual start and auto
> start. The auto start case is usually handled by init scripts. Init
> scripts usually retry.
>
> I'm not throwing stones, but I have to ask... Why not use the tools
> available instead of adding hacks on top of hacks? The hacks likely
> make the code brittle. By the time Wiregaurd gets to supporting AIX,
> Dragonfly, Hurd, Solaris and other Unix personalities no one will want
> to touch it.
>
> Jeff




More information about the WireGuard mailing list