aboutsummaryrefslogtreecommitdiffstats
path: root/src/if_wg.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* if_wg: disable llv6Jason A. Donenfeld2021-03-231-0/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: drop pointtopoint flagJason A. Donenfeld2021-03-231-1/+1
| | | | | | We'll try to work around this in wg-quick(8) and see what happens. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: fix decryption failures on jumbo ingressJason A. Donenfeld2021-03-231-5/+27
| | | | | | | All of this allocation_order and copying garbage needs to go away by making the crypto take scatter gather lists. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: implement selection of FIB (routing table) for tunneled packetsFrank Behrens2021-03-221-0/+37
| | | | | | | | | | | | | | The outgoing, encrypted packets can use a specified FIB and therefore utilize specific (default) routes. The implementation follows the existing convention for other tunnel interfaces and reuses some code from gre(4) implementation. The FIB for wg(4) interface is set by standard ifconfig(8) with parameter "tunnelfib", e.g. "ifconfig wg0 tunnelfib 1". Signed-off-by: Frank Behrens <frank@harz.behrens.de> [Jason: rewritten to avoid sosockopt and simplify] Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: do not check for null M_NOWAIT returnJason A. Donenfeld2021-03-191-8/+0
| | | | | Reported-by: Kyle Evans <kevans@freebsd.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: cleanup timeout_t usageJason A. Donenfeld2021-03-191-11/+7
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: mark as point to pointJason A. Donenfeld2021-03-191-1/+1
| | | | | | | | | | It's technically point to multipoint. Also, clear the multicast and broadcast flags. This _could_ cause problems, but hopefully not. This should fix issues with receiving incoming connections. Reported-by: Ashish <ashish.is@lostca.se> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: dispatch packets using netisrJason A. Donenfeld2021-03-191-13/+18
| | | | | | Nothing else uses ip_input directly. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: fix malloc overflowsJason A. Donenfeld2021-03-191-19/+38
| | | | | | | | | | | These should have been fixed during our initial pass but somehow weren't. Good thing we have more time to work on this. Note that all the exporting and marshalling intermediate structs are going to have to be thrown out at some point, as this whole dance here still allocates tons of kernel memory needlessly. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* if_wg: use our own taskqgroupJason A. Donenfeld2021-03-171-18/+19
| | | | | | | | Rather than relying on the iflib one, which not everyone has available, define our own. Reported-by: Frank Behrens <frank@harz.behrens.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: bumpv0.0.20210317Jason A. Donenfeld2021-03-171-1/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Initial importJason A. Donenfeld2021-03-171-0/+3451
There's still more to do with wiring this up properly. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.