diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2017-06-21 03:55:31 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-06-26 12:35:06 +0200 |
| commit | 79a7dc4da9702d05c5085acffe1c4f9cf72c26a6 (patch) | |
| tree | df8160a06c0d7ed61a71b014b970bd8f0e8add9c /src/cookie.h | |
| parent | curve25519: keep certain sandy2x functions in C (diff) | |
| download | wireguard-monolithic-historical-79a7dc4da9702d05c5085acffe1c4f9cf72c26a6.tar.xz wireguard-monolithic-historical-79a7dc4da9702d05c5085acffe1c4f9cf72c26a6.zip | |
ratelimiter: rewrite from scratch
This not only removes the depenency on x_tables, but it also gives us
much better performance and memory usage. Now, systems are able to have
millions of WireGuard interfaces, without having to worry about a
thundering herd of garbage collection.
Diffstat (limited to 'src/cookie.h')
| -rw-r--r-- | src/cookie.h | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/src/cookie.h b/src/cookie.h index c87d3dd..54d0d99 100644 --- a/src/cookie.h +++ b/src/cookie.h @@ -4,7 +4,6 @@ #define WGCOOKIE_H #include "messages.h" -#include "ratelimiter.h" #include <linux/rwsem.h> struct wireguard_peer; @@ -17,7 +16,6 @@ struct cookie_checker { u8 message_mac1_key[NOISE_SYMMETRIC_KEY_LEN]; u64 secret_birthdate; struct rw_semaphore secret_lock; - struct ratelimiter ratelimiter; struct wireguard_device *device; }; @@ -39,8 +37,7 @@ enum cookie_mac_state { VALID_MAC_WITH_COOKIE }; -int cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg); -void cookie_checker_uninit(struct cookie_checker *checker); +void cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg); void cookie_checker_precompute_device_keys(struct cookie_checker *checker); void cookie_checker_precompute_peer_keys(struct wireguard_peer *peer); void cookie_init(struct cookie *cookie); |