fix(wireguard): sync runtime peer management with client registration and derive the correct server public key from the WireGuard private key
This commit is contained in:
@@ -1,5 +1,13 @@
|
||||
# Changelog
|
||||
|
||||
## 2026-03-31 - 1.16.2 - fix(wireguard)
|
||||
sync runtime peer management with client registration and derive the correct server public key from the WireGuard private key
|
||||
|
||||
- Register, remove, and rotate WireGuard peers in the running listener when clients are added, deleted, or rekeyed.
|
||||
- Generate client WireGuard configs with the public key derived from the configured WireGuard private key instead of reusing the generic server public key.
|
||||
- Handle expired WireGuard sessions by re-initiating handshakes and mark client state as handshaking until the tunnel becomes active.
|
||||
- Improve allowed IP matching and peer VPN IP extraction for runtime packet routing.
|
||||
|
||||
## 2026-03-30 - 1.16.1 - fix(rust/server)
|
||||
add serde alias for clientAllowedIPs in server config
|
||||
|
||||
|
||||
Reference in New Issue
Block a user