[ANNOUNCE] wireguard-tools v1.0.20200820 released

Jason A. Donenfeld Jason at zx2c4.com
Thu Aug 20 12:13:26 CEST 2020 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

A new version, v1.0.20200820, of wireguard-tools has been tagged in the git
repository, containing various required userspace utilities, such as the
wg(8) and wg-quick(8) commands and documentation.

== Changes ==

  * ipc: split into separate files per-platform
  
  This is in preparation for FreeBSD support, which I had hoped to have this
  release, but we're still waiting on some tooling fixes, so hopefully next
  wg(8) will support that. Either way, the code base is now a lot more amenable
  to adding more kernel platform support.
  
  * wincompat: fold random into genkey
  
  As part of moving to per-platform files, we can fold our get_random_bytes
  implementation in the same way that we handle the other ones.
  
  * systemd: add reload target to systemd unit
  
  Users can now run `systemctl reload wg-quick at wgnet0`, as described in the
  wg-quick(8) man page. Note that this won't adjust Address=, DNS=, or the
  various other non-wg(8) fields.
  
  * man: wg-quick: use syncconf instead of addconf for strip example
  
  Simple documentation fix.
  
  * pubkey: isblank is a subset of isspace
  * ctype: use non-locale-specific ctype.h
  
  In addition to ensuring that isalpha() and such isn't locale-specific, we also
  make these constant time, even though we're never distinguishing between bits
  of a secret using them. From that perspective, though, this is markedly better
  than the locale-specific table lookups in glibc, even though base64 characters
  span two cache lines and valid private keys must hit both. This may be useful
  for other projects too: https://git.zx2c4.com/wireguard-tools/tree/src/ctype.h
  
  * wg-quick: wait on process substitutions
  
  Bash does not propagate error values, which is a bummer, but process
  substitutions are a useful feature. Introduce a new idiom to deal with
  this: either "; wait $!" after the line to propagate the error, or "||
  true" to indicate explicitly that we don't care about the error. Discussions
  about this with upstream bash didn't lead anywhere:
  https://lists.gnu.org/archive/html/bug-bash/2020-08/msg00031.html
  So, we now work around this limitation manually.

This release contains commits from: Jason A. Donenfeld and Domonkos P. 
Tomcsanyi.

As always, the source is available at https://git.zx2c4.com/wireguard-tools/ and
information about the project is available at https://www.wireguard.com/ .

This release is available in compressed tarball form here:
  https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-1.0.20200820.tar.xz
  SHA2-256: 

A PGP signature of that file decompressed is available here:
  https://git.zx2c4.com/wireguard-tools/snapshot/wireguard-tools-1.0.20200820.tar.asc
  Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
  Remember to unxz the tarball before verifying the signature.

If you're a package maintainer, please bump your package version. If you're a
user, the WireGuard team welcomes any and all feedback on this latest version.

Finally, WireGuard development thrives on donations. By popular demand, we
have a webpage for this: https://www.wireguard.com/donations/

Thank you,
Jason Donenfeld


-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAl8+TDQQHGphc29uQHp4
MmM0LmNvbQAKCRBJ/HASpd4Drk/EEADG4YnUkARZmR2qvh+5t3Iiqa9KVMXFOF3/
V+2IZa0IoCBsLqUIxAnuel5/KvMWL9IqycfuP/E+8vj8M0l1WGv3y0VCFPZ/6Hml
O7QWNZVG/71x4iUnz7tgBO08YW7BcASSiQ8KhZHaS+5D2sWofD8LBVofl/xJYVcc
rDpzupfqcD265o5l7MsXwIqakS32Apye6mwptIFMpSw/8xl5S0SGeAF4KYtiJA/B
oU6b9fAkpDcmYpWQ93hbpJboFM0z1yFK380uZZuNeeJLZ9wPod3ub3f8Ftl2ndKI
7yfSt4opKd1TOsqlPU6CR4ZXHWrV37G4Y9/4TbkesjsefKIrtZcB3ShkcU+0GuhZ
aD5PIGxRMuozsBCLiqudfY+28BdOh3MDmxp5UiHA32MZStDmYZl8z4lhxcr0+La8
yKa5n4iDyXQmjqr1IAtZdZBTD6du/rhYKroG4DMhXRkQP3RnFoMje9YgUVPhAoY2
uQUsg+KQa7LLjgNoaDtmzJgB41heLh4IHh+pzYjtfENljFaGEOkklSZlcqIvQwQh
9r9aVV9SYMR6MIx6jg0rXKKHO/XB4BK8JWuDn2v6xw9qg2B/g8iRZNBJF7jP98DP
Id3FaUDrWUXLHt7WEhPyocFtXSod+r1TzAX2Cr5Gl7L4BmQB3jJ1nqZFspSpZtlH
QP8bGmvomQ==
=fJ94
-----END PGP SIGNATURE-----

More information about the WireGuard mailing list