| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Prevent the ambiguity where a mistyped subcommand was interpreted as the target
wrapped process.
- Introduce `run` and `exec` (alias) subcommands for launching wrapped processes.
- Promote internal test commands (`test-ns`, `test-args`, `test-lifecycle`) to explicit subcommands.
- Update CLI routing to return an error for unknown subcommands instead of falling back to the default execution path.
- Update `README.md` usage examples and all test suites to use the new subcommand structure.
|
|
- Extract orchestration logic from `internal/cli` into a new `internal/manager` package for better composability.
- Migrate technical implementation details from README.md to package-level godoc strings.
- Rewrite README.md to be more user-centric, focusing on quick start and usage.
- Add comprehensive documentation for exported structs and fields across the project.
- Verify all changes with `go fmt`, `go vet`, `golangci-lint`, and full E2E test suite.
|
|
public domain license
- Update go.mod and all internal imports to reflect the new module path
- Add LICENSE file with the Unlicense (public domain dedication)
- Increase timeouts in e2e lifecycle tests to prevent flaky failures
- Verify all tests, linting, and formatting pass with the new module name
|
|
- Replace marker-file pinning with kernel bind-mount anchors for reliable namespace persistence.
- Implement atomic "last-man-out" cleanup sequence using ProfileLock, preventing namespace leaks and race conditions.
- Add comprehensive resilience test suite covering:
- Crash recovery from stale runtime state.
- Host network change stability.
- Configuration hot-swap session persistence.
- Resource exhaustion and high-churn lifecycle stress.
- Align documentation and test expectations with rootless session-based persistence.
- Fix argument integrity and isolation leaks.
- Ensure 100% pass rate for all E2E and integration tests.
|
|
parser for robustness
- CLI:
- Add optional `[name]` argument to `wg-wrap profile import <path> [name]` to allow overriding the imported profile name. If not provided, it falls back to the derived filename.
- Update `README.md` command documentation to reflect custom profile names and list the `wg-wrap profile stop <name>` subcommand.
- Expand `internal/cli/profile_test.go` to cover derived vs custom-named profile imports.
- WG Configuration Parser:
- Overhaul `pkg/wgconf/wgconf.go` to support case-insensitivity on section headers (e.g. `[peer]`, `[interface]`) and key names (e.g. `privatekey`, `allowedips`).
- Implement robust trailing comment stripping (both `#` and `;`) while preserving inline comment-like characters in cryptographic keys (e.g. `key-with-hash-inside#123`) using whitespace-padded match logic.
- Clean up and normalize leading/trailing spaces/tabs on parsed keys, values, and list elements (e.g. `AllowedIPs` and `DNS` fields).
- Gracefully ignore unrecognized keys (e.g. `MTU`, `ListenPort`, `PresharedKey`) without returning errors.
- Add comprehensive tests in `pkg/wgconf/wgconf_test.go` covering inline/block comments, formatting variations, unrecognized keys, and case-insensitivity.
|
|
- Implement complete rootless network namespace bootstrap via C launcher using unshare(CLONE_NEWUSER | CLONE_NEWNS | CLONE_NEWNET).
- Resolve unprivileged network isolation blackhole via host-socket preservation (FD passing): open client UDP sockets on the host pre-isolation, clear O_CLOEXEC, and ingest them via custom `FDBind` inside the sandbox.
- Implement isolated routing table automation over `tun0` (addresses, MTU, default routes).
- Implement persistent, multi-process namespace sharing and joining using reference-counted PID files and the setns system call.
- Write robust, self-contained E2E data plane test suites in `tests/e2e/e2e_test.go` using a mock UDP listener.
- Update project documentation (`README.md` and `AGENTS.md`) to reflect completed milestones.
- Ensure 100% test passing rate and zero lint/staticcheck warnings.
|
|
|
|
counting
|
|
|
|
|
|
|
|
|
