wg-quick has supported this for a while, but not the config layer, and
not the Go backend, so wire this all up.
Requested-by: Alexis Geoffrey <alexis.geoffrey97@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This has several problems: 1) it blocks the main thread; 2) it doesn't
distinguish between a permanent error and a transient one; 3) the 10
seconds is hard coded; 4) there's no way for the user to cancel it.
We'll have to improve this.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
wgTurnOff can block for a while, in which case, calling getStatistics
will use a stale handle and stale tunnel. Not only that, but wgGetConfig
might return null, in which case string.split throws.
java.lang.NullPointerException: Attempt to invoke virtual method
'java.lang.String[] java.lang.String.split(java.lang.String)' on a null
at com.wireguard.android.backend.GoBackend.getStatistics
Reported-by: tomt@adslweb.co.uk
Link: https://lists.zx2c4.com/pipermail/wireguard/2021-May/006709.html
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Since MavenCentral requires GPG signed artifacts, we'll need to configure
some things on the machine running the deployment. Specifically, these
three Gradle properties need to be set (preferably in ~/.gradle/gradle.properties)
```
signing.keyId= // Duh
signing.password= // I have absolutely no idea how this will work with HSMs
signing.secretKeyRingFile= // $HOME/.gnupg/... you know the deal
```
The BINTRAY_USER and BINTRAY_KEY variables are replaced by SONATYPE_USER
and SONATYPE_PASSWORD to better reflect their new contents.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Modern Android likes to kill processes to free ram and resources. When
kernel-mode WireGuard is in use, this is quite alright with us, since
the app doesn't actually need to consume any resources at all in order
for the tunnel to run. So, we want to allow and encourage this resource
frugality. However, when the quick settings tile is being used or when
the app is referenced otherwise, the app will occasionally be restarted,
to, for example, repaint the quick settings tile. This is also fine, as
the process winds up being short-lived again. But, since process
initialization means asking for a new root shell in order to check on
kernel-mode WireGuard, this means that Magisk raises a systemwide toast.
On some phones, this happens each and every time that the notification
shade is pulled down. It's not only annoying but it sometimes obscures
other notifications that users want to see, prompting their pulling down
of the notification shade in the first place. In order to get rid of
this nuisance, just disable these notifications and extraneous logs, so
that we don't clutter the system every time that the process is
opportunistically killed and restarted.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
java.lang.IllegalStateException:
at android.app.ContextImpl.startServiceCommon (ContextImpl.java:1720)
at android.app.ContextImpl.startService (ContextImpl.java:1675)
at android.content.ContextWrapper.startService (ContextWrapper.java:669)
at com.wireguard.android.backend.GoBackend.startVpnService (GoBackend.java:4)
at com.wireguard.android.backend.GoBackend.setStateInternal (GoBackend.java:4)
at com.wireguard.android.backend.GoBackend.setState (GoBackend.java:2)
at com.wireguard.android.model.TunnelManager$setTunnelState$2$1.invokeSuspend (TunnelManager.java:6)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith (BaseContinuationImpl.java:2)
at kotlinx.coroutines.DispatchedTask.run (DispatchedTask.java:2)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely (CoroutineScheduler.java)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask (CoroutineScheduler.java:7)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker (CoroutineScheduler.java:7)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run (CoroutineScheduler.java:7)
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jonathan Davies <jpds@protonmail.com>
Fixes: 3d088411 ("libwg-go: use conn.Bind for socketfd peek")
Cc: David Crawshaw <crawshaw@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
/data/adb/modules has been the location for modules since v18.0 and nobody
should reasonably be on any older version anymore. This has continued to
work for this long because Magisk created symlinks for backwards compat. However,
these symlinks are not created anymore on Android 11, which is where this
problem first surfaced.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Should have been part of the patch that disabled this for ui/
Fixes: 8d128cf2e9 ("ui: disable LongLogTag lint")
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
We don't (and shouldn't) use BuildConfig values, but the class was
polluting our public API regardless which is undesirable.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
A set will cause identical peers to be dropped during save
Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
From the ld.gold source:
const char* name = parameters->options().soname();
if (name == NULL)
name = parameters->options().output_file_name();
That means by default it uses `-o {output}` as the verdef aux name,
which is random every time due to Go's build system. By passing in
`--soname={somethingexplicit}` we can instead have a deterministic
verdef.
This commit makes wireguard-android reproducible.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
