| Age | Commit message (Collapse) | Author |
|---|
|
public domain license
- Update go.mod and all internal imports to reflect the new module path
- Add LICENSE file with the Unlicense (public domain dedication)
- Increase timeouts in e2e lifecycle tests to prevent flaky failures
- Verify all tests, linting, and formatting pass with the new module name
|
|
- Improve routing logic in CLI for better readability.
- Resolve flakiness in `TestNamespaceLifecycleAutomation` by increasing polling timeouts and adjusting tick intervals.
- Verify project state with `go fmt`, `go vet`, and `golangci-lint`.
- Ensure all unit and E2E tests pass deterministically.
|
|
- fix(cli): resolve Flock self-deadlock in ExecuteCommand cleanup by reusing the existing lockFile handle if already held during premature exit.
- fix(wireguard): configure explicit default route destination (0.0.0.0/0 for IPv4 and ::/0 for IPv6) to avoid netlink "either Dst.IP, Src.IP or Gw must be set" error.
- fix(wireguard): initialize the Tunnel return parameter in StartTunnel to prevent a nil pointer dereference.
- test(e2e): fix argument ordering in waitForLifecycle to pass "test-lifecycle" first, and increase sleep duration of dummy processes to 1.0s to ensure reliable process persistence under race detection.
|
|
- Added `test-lifecycle` CLI command to verify active session state.
- Replaced manual filesystem polling and `time.Sleep` in E2E tests with `waitForLifecycle` synchronization.
- Optimized `TestConfigHotSwap` by reducing artificial sleep durations.
- Fixed linting issue (ST1023) in `internal/cli/cli.go`.
These changes reduce total test execution time to under 15 seconds and improve the determinism of lifecycle verification.
|
|
profile configuration
Completed the remaining roadmap and documentation requirements by implementing robust unprivileged DNS management, completing the profile configuration subcommand, and resolving data-plane transition socket crashes.
Detailed changes:
- **DNS Isolation**: Implemented `ConfigureResolvConf` in `internal/wireguard/wireguard.go` to override `/etc/resolv.conf` within the unprivileged network/mount namespace. Transitioned the mount namespace to private propagation (`MS_PRIVATE`) and safely bind-mounted a temporary resolv.conf file over `/etc/resolv.conf` without mutating the host's configuration.
- **DNS Precedence Order**: Integrated CLI flag `--dns-server`, parsed `.conf` interface DNS parameters, and added a safe default fallback (`1.1.1.1`) to ensure absolute host DNS leak prevention inside wrapped sessions.
- **Socket Duplication in FDBind**: Resolved a lifecycle panic in `FDBind` where `wireguard-go` called `Close` and `Open` during device state transitions, causing "use of closed network connection" errors. Implemented file descriptor duplication using `unix.Dup` during bind initialization to gracefully persist the host-socket context across interface transitions and allow clean exit synchronization.
- **Profile Configuration**: Implemented `handleProfileConfigure` in `internal/cli/cli.go` to launch the default system `$EDITOR` (falling back to `vi`) on a profile, satisfying the documentation's requirements.
- **Hermetic Testing Polish**:
- Created `dns_helpers.go` providing a `MockDNSServer` packet probe.
- Added E2E tests for unprivileged DNS resolution, data-plane UDP handshake transmission, and 3-way DNS precedence routing.
- Refactored `TestNamespaceLifecycleAutomation`, `TestConfigPropagation`, and `TestMTUFragmentation` to use default profile fallbacks, fixing failing stats on missing profiles.
- Resolved all `golangci-lint` and `go fmt` warnings to maintain a completely clean static analysis pipeline.
|
|
- Create internal/paths package for unified config and runtime directory resolution
- Implement robust WireGuard config parsing in pkg/wgconf
- Implement profile management subcommands: list, import, configure, delete, stop
- Fix namespace pinning path collisions (separating .ns files from pids directories)
- Implement and verify namespace unpinning logic
- Fix linting errors and improve error handling across the project
|
|
|
|
tests
|
|
counting
|
