Skip to content

v1.1.0
Compare
Choose a tag to compare
@github-actions github-actions released this 11 Apr 07:53
· 309 commits to main since this release
v1.1.0
cb0e76c

Heads up: breaking change requiring all peers update to v1.1.0 with server.

Once a server upgrades to v1.1.0, all clients will get Unauthorized errors until they also upgrade due to a newly required security header to prevent CSRF-type attacks.

Additions

  • #36: Userspace WireGuard users can now override the wireguard-go implementation choice with their own selection using the WG_USERSPACE_IMPLEMENTATION (or WG_QUICK_USERSPACE_IMPLEMENTATION) environment variable.
  • a44fe0d: innernet uninstall [interface] now exists to permanently remove an innernet network.

Fixes

  • #37: The server now requires an X-Innernet-Server-Key header with its own public key in it to help dissuade naive unauthorized requests being sent from other unprivileged applications on a peer's OS.
  • #33: Removed unsafe code in wgctrl-rs and replaced it with an interface name validation that matches the kernel and iproute2. Thanks @BlackHoleFox!
  • 72dc14c: Enforce safe permissions on innernet and innernet-server files and directories. (Open an issue if this is a problem in your setup and we can tweak this!)
  • dde58c8: Fix an issue where innernet would often not successfully start its interface the first run on macOS due to a directory not being created before running wireguard-go.
Assets 4
Loading