Published by neilalexander over 3 years ago
This is the fourth, and hopefully final, release candidate build for Yggdrasil v0.4.
THIS BUILD CONTAINS A PROTOCOL BREAK AND IS NOT COMPATIBLE WITH PEERS RUNNING EARLIER RC OR NON-RC VERSIONS. MAKE SURE TO BACK UP YOUR CONFIGURATION FILE BEFORE INSTALLING!
Please note that your IPv6 address/subnet will change. Also note that tunnel routing and the session firewall are no longer supported.
Changes from RC3:
MulticastInterfaces
configuration option has a new format — sending and receiving multicast beacons are now configurable separatelyPublished by neilalexander over 3 years ago
This is the third release candidate build for Yggdrasil v0.4.
THIS BUILD CONTAINS A PROTOCOL BREAK AND IS NOT COMPATIBLE WITH PEERS RUNNING EARLIER NON-RC VERSIONS. MAKE SURE TO BACK UP YOUR CONFIGURATION FILE BEFORE INSTALLING!
Please note that your IPv6 address/subnet will change. Also note that tunnel routing and the session firewall are no longer supported.
Changes from RC2:
Published by neilalexander over 3 years ago
This is the second release candidate build for Yggdrasil v0.4.
THIS BUILD CONTAINS A PROTOCOL BREAK AND IS NOT COMPATIBLE WITH PEERS RUNNING EARLIER NON-RC VERSIONS. MAKE SURE TO BACK UP YOUR CONFIGURATION FILE BEFORE INSTALLING!
Please note that your IPv6 address/subnet will change. Also note that tunnel routing and the session firewall are no longer supported.
Changes from RC1:
?key=
instead of ?ed25519=
Published by neilalexander over 3 years ago
This is the first release candidate build for Yggdrasil v0.4.
THIS BUILD CONTAINS A PROTOCOL BREAK AND IS NOT COMPATIBLE WITH PEERS RUNNING EARLIER NON-RC VERSIONS. MAKE SURE TO BACK UP YOUR CONFIGURATION FILE BEFORE INSTALLING!
Please note that your IPv6 address/subnet will change. Also note that tunnel routing and the session firewall are no longer supported.
Published by neilalexander over 3 years ago
cmd/yggdrasilsim
(work-in-progress)sync.Pool
of []byte
sync.Pool
s are used in the hot loops, but not exported, to avoid memory corruption if libraries are reused by other projects/dev/tun0
-> tun0
)Published by neilalexander about 4 years ago
tcp://host:port?ed25519=key
tcp://host:port?curve25519=key
tcp://host:port?ed25519=key&curve25519=key
tcp://host:port?curve25519=key&curve25519=key&ed25519=key&ed25519=key
socks://user@password:host/...
DisconnectPeer
and RemovePeer
have been separated and implemented properly now/usr/local/etc/yggdrasil.conf
instead of /etc/yggdrasil.conf
Published by neilalexander over 4 years ago
Published by neilalexander over 4 years ago
.msi
installer files are now supported (bundling the Wireguard TUN driver)-loglevel
command line parameter is now cumulative and automatically includes all levels below the one specifiedPublished by neilalexander almost 5 years ago
SetMaximumSessionMTU
and GetMaximumSessionMTU
-address
and -subnet
for getting the address/subnet from the config file, for use with -useconffile
or -useconf
InterfacePeers
connections now use SO_BINDTODEVICE
to prefer an outgoing interfacegenkeys
utility is now in cmd
rather than misc
AddPeer
multiple times has been fixedunknown
correctly when no build name/version is available in the environment at build timePublished by neilalexander almost 5 years ago
tls://host:port
in Peers
, InterfacePeers
and Listen
configuration settings - this allows hiding Yggdrasil peerings inside regular TLS connectionsnet.Conn
instead of yggdrasil.Conn
net.Dialer
(the interface it would satisfy if it wasn't a concrete type) instead of yggdrasil.Dialer
net.Listener
instead of yggdrasil.Listener
Published by neilalexander about 5 years ago
yggdrasil.Conn
connectionstcp_congestion_control
algorithm used for its own TCP sockets to BBR, which reduces latency under loadcontrib
(and, by extension, some of our packages) now attemps to load the tun
module, in case TUN/TAP support is available but not loaded, and it restricts Yggdrasil to the CAP_NET_ADMIN
capability for managing the TUN/TAP adapter, rather than letting it do whatever the (typically root
) user can doyggdrasil.Conn.RemoteAddr()
function no longer blocks, fixing a deadlock when CKR is used while under heavy loadPublished by neilalexander about 5 years ago
hjson-go
dependency which affected builds of the previous version has now been resolved in the module manifestgetPeers
Published by neilalexander about 5 years ago
IPv4Sources
is now named IPv4LocalSubnets
IPv6Sources
is now named IPv6LocalSubnets
IPv4Destinations
is now named IPv4RemoteSubnets
IPv6Destinations
is now named IPv6RemoteSubnets
0.3.6
and 0.3.7
are vulnerable - users of these versions should upgrade as soon as possible0.3.5
and earlier are not affectedPublished by neilalexander about 5 years ago
getSwitchPeers
,getDHT
and getSessions
Listen
statement, when configured as a string rather than an array, will now be parsed correctlycoords
as a correct array of unsigned 64-bit integers, rather than the internal representationbox_pub_key
in string format againPublished by neilalexander about 5 years ago
yggdrasil.ConnDialer
, yggdrasil.ConnListener
and yggdrasil.Conn
for using Yggdrasil as a transport directly within applicationsyggdrasil
package with a public API
yggdrasil
package, making Yggdrasil effectively protocol-agnosticmulticast
packageadmin
package and uses the Yggdrasil public APItuntap
packagePPROF
debug output is now sent to stderr
instead of stdout
secured
Published by neilalexander over 5 years ago
AllowedEncryptionPublicKeys
option has now been fixed to handle incoming connections properly and no longer blocks outgoing connections (this was broken in v0.3.4)Published by neilalexander over 5 years ago
Listen
configurationgetTunnelRouting
and setTunnelRouting
calls for enabling and disabling crypto-key routing during runtimeawdl0
is a configured multicast interface, to keep it awake after system sleep, and to stop waking it when no longer neededLinkLocalTCPPort
option for controlling the port number that link-local TCP listeners will listen on by default when setting up MulticastInterfaces
(a node restart is currently required for changes to LinkLocalTCPPort
to take effect - it cannot be updated by reloading config during runtime)Listen
configuration statement is now an array instead of a stringListen
configuration statement should now conform to the same formatting as peers with the protocol prefix, e.g. tcp://[::]:0
getTunTap
call now returns properly instead of claiming no interface is enabled in all casesgetRoutes
etc in yggdrasilctl
is now working