HomeFreeBSD

ifconfig: wg: stop requiring peer endpoints

Description

ifconfig: wg: stop requiring peer endpoints

The way that wireguard is designed does not actually require all peers
to have endpoints. In an architecture that might mimic a traditional
VPN server <-> client, the wg interface on a server would have a number
of peers without set endpoints -- the expectation is that the "clients"
will connect to the "server" peer, which will authenticate the
connection as a known peer and learn the endpoint from there.

MFC after: 3 days
Discussed with: decke, grehan (independently)

Details

Provenance
kevansAuthored on Mar 8 2021, 1:04 AM
Parents
rG1ae20f7c70ea: kern: malloc: fix panic on M_WAITOK during THREAD_NO_SLEEPING()
Branches
Unknown
Tags
Unknown