Hi
Just one other issue with the MacOS client. When you have multiple users
on the same computer (say user A and user B) user A can import a
WireGuard config in the client. Then another user B can see the config
name, but cannot modify or connect because the required keys are in the
Keychain of user A. So far all is fine. But user A may specify the
config to connect on demand (basically upon login). Then when logging in
as user B, WireGuard will still try to connect without having access to
the connection settings (because they are stored in the keychain of user
A). This causes an endless loop, which should be avoided.
Best
Jasper
On 23 Aug 2020, at 20:34, Laura Smith wrote:
Hi,
These aren't show-stoppers per-se, but it would be nice to see them
fixed and new clients pushed out via the App Store:
(1) MacOS (10.15.6 but also observed on 10.15.5, not tested on
anything older)
- Start with WG client in an operational state
- Disconnect network (e.g. if on WiFI, turn off the WiFi in the menu
bar)
- Sleep the machine
- Wait- Wake the machine
- Turn on Wifi
- Note that WG client fails to re-establish connectivity (shows
connected, but no traffic flows until you deactivate/reactivate WG)
(2) iOS (13.6.1, also observed on 13.6, not tested on anything older)
After a period of time, seems to be a few days to a week, WG seems to
deactivate of its own accord (as if some sort of counter was reached
or something). This does not appear to be correlated with network
connectivity (e.g. I can switch to airplane mode for an extended
period of time, then re-enable, and WG remains connected), so its
something else in the WG code (either itself or the way it interacts
with iOS).
This is all a bit frustrating because you are unknowingly then using
an unencrypted connection.
Perhaps WG should consider adding "retry" functionality (OpenVPN
client for iOS has such a feature, where you can tell it to retry for
a period of time or indefinitely)
Apart from that, WG is great ;-)
Laura
