Primary TODO

  • Finish porting this script to ./tests/netns.sh using vnets and epairs.
  • Shore up vnet support and races/locking around moving between vnets.
  • Work out priv_check from vnet perspective. (There's no ns_capable() on FreeBSD, just capable(), which makes it a bit weird for one jail to have permissions in another.)
  • Make code style consistent with one FreeBSD way, rather than a mix of styles.
  • Review all included headers, and minimize a bit.
  • Figure out clear locking rules for network stack stuff -- when different functions run under what locks and what they race with.

Crypto TODO

  • Do packet encryption using opencrypto/ with sg lists on the mbuf.
  • Send 25519 upstream to sys/crypto, and port to it.
  • Send simple chapoly upstream to sys/crypto, and port to it.
  • Port to sys/crypto's blake2s implementation.

Tooling TODO

  • Relicense wg(8) as MIT and integrate into upstream build system.
  • Examine possibility of a non-bash wg-quick(8) for sending upstream.