Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2017-10-17 | tools: don't insist on having a private key | Jason A. Donenfeld | 1 | -5/+0 | |
This lets us do flexible things from wg-quick such as: PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i) It also was never a very sensible policy to enforce. Suggested-by: Luis Ressel <aranea@aixah.de> | |||||
2017-10-17 | tools: retry resolution except when fatal | Jason A. Donenfeld | 3 | -21/+23 | |
The reference to this is <https://sourceware.org/glibc/wiki/NameResolver>, which mentions: "From the perspective of the application that calls getaddrinfo() it perhaps doesn't matter that much since EAI_FAIL, EAI_NONAME and EAI_NODATA are all permanent failure codes and the causes are all permanent failures in the sense that there is no point in retrying later." This should cover more early-boot situations. While we're at it, we clean up the logic a bit so that we don't have a retry message on the final non-retrying attempt. We also peer into errno when receiving EAI_SYSTEM, to report to the user what actually happened. Also, fix the quoting back tick front tick mess. | |||||
2017-10-17 | tools: encoding: be more paranoid | Jason A. Donenfeld | 1 | -2/+2 | |
Needless, but overkill can be fun. | |||||
2017-10-17 | Makefile: even prettier output | Jason A. Donenfeld | 2 | -3/+7 | |
2017-10-17 | qemu: newer packages | Jason A. Donenfeld | 1 | -37/+50 | |
2017-10-17 | qemu: always create directory before untarring | Jason A. Donenfeld | 1 | -1/+9 | |
2017-10-17 | qemu: phase out bitbanging | Jason A. Donenfeld | 3 | -28/+5 | |
Although I was secretly proud of having figured out these unholy hacks, it turns out -no-reboot lets us do things in a platform-independent way. Suggested-by: Jann Horn <jann@thejh.net> | |||||
2017-10-17 | qemu: open /dev/console if we're started early | Jason A. Donenfeld | 1 | -3/+19 | |
2017-10-17 | qemu: simplify shutdown | Jason A. Donenfeld | 1 | -4/+2 | |
Now that we have the watchdog, killing the watchdog process is another way of shutting down. | |||||
2017-10-17 | qemu: add more debugging options to main makefile | Jason A. Donenfeld | 2 | -13/+11 | |
2017-10-17 | qemu: work on ubuntu toolchain | Jason A. Donenfeld | 1 | -1/+1 | |
2017-10-17 | qemu: add build-only target | Jason A. Donenfeld | 1 | -0/+3 | |
Useful for IDEs | |||||
2017-10-17 | selftest: better test index for rate limiter | Jason A. Donenfeld | 1 | -2/+13 | |
2017-10-17 | blake2s: modernize API and have faster _final | Jason A. Donenfeld | 2 | -48/+64 | |
2017-10-17 | Makefile: do not clean before cloc | Jason A. Donenfeld | 1 | -2/+2 | |
2017-10-17 | receive: improve control flow | Jason A. Donenfeld | 1 | -4/+2 | |
2017-10-17 | compat: support READ_ONCE | Jason A. Donenfeld | 1 | -0/+4 | |
2017-10-17 | device: no need to take lock for integer comparison | Jason A. Donenfeld | 1 | -4/+3 | |
2017-10-17 | device: our use of queues means this check is worthless | Jason A. Donenfeld | 1 | -6/+0 | |
2017-10-17 | socket: eliminate dead code | Jason A. Donenfeld | 1 | -2/+1 | |
2017-10-17 | send: improve dead packet control flow | Jason A. Donenfeld | 1 | -6/+3 | |
2017-10-17 | noise: no need to take the RCU lock if we're not dereferencing | Jason A. Donenfeld | 1 | -4/+2 | |
2017-10-17 | compat: just make ro_after_init read_mostly | Jason A. Donenfeld | 2 | -3/+5 | |
2017-10-17 | noise: handshake constants can be read-only after init | Jason A. Donenfeld | 1 | -2/+2 | |
2017-10-11 | version: bump snapshot0.0.20171011 | Jason A. Donenfeld | 2 | -2/+2 | |
2017-10-11 | contrib: filter compat lines | Jason A. Donenfeld | 2 | -1/+29 | |
2017-10-11 | receive: disable bh before using stats seq lock | Jason A. Donenfeld | 1 | -0/+4 | |
Otherwise we might get a situation like this: CPU0 CPU1 ---- ---- lock(tstats lock); local_irq_disable(); lock(queue lock); lock(tstats lock); <Interrupt> lock(queue lock); CPU1 is waiting for CPU0 to release tstats lock. But CPU0, in the interrupt handler, is waiting for CPU1 to release queue lock. The solution is to disable interrupts on CPU0, so that this can't happen. Note that this only affects 32-bit, since u64_stats_update_begin nops out on native 64-bit platforms. Reported-by: René van Dorst <opensource@vdorst.com> | |||||
2017-10-11 | tools: man: include kill-switch documentation using fwmark | Jason A. Donenfeld | 1 | -0/+36 | |
2017-10-11 | socket: set skb->mark in addition to flowi | Jason A. Donenfeld | 1 | -0/+2 | |
Otherwise netfilter's ip_route_me_harder doesn't know how to reroute this and we get a nasty loop. | |||||
2017-10-11 | send: do not requeue if packet is dead | Jason A. Donenfeld | 1 | -1/+6 | |
2017-10-11 | compat: move version logic to compat.h and out of main .c | Jason A. Donenfeld | 3 | -8/+22 | |
2017-10-10 | tools: store tail pointer to make coalescing peers fast | Jason A. Donenfeld | 2 | -74/+70 | |
2017-10-09 | tools: warn once on unrecognized items | Jason A. Donenfeld | 2 | -0/+22 | |
DaveM suggests we do in fact do this. Others on the same thread weren't happy about the length of the proposed message, so we also give a bit of a less dramatic warning. This reverts commit a2cc976a3b572cf308cc2d97c080eacac60416fe. | |||||
2017-10-09 | routingtable: iterate progressively | Jason A. Donenfeld | 4 | -53/+81 | |
2017-10-09 | routingtable: only use device's mutex, not a special rt one | Jason A. Donenfeld | 6 | -100/+38 | |
2017-10-09 | crypto/x86_64: satisfy stack validation 2.0 | Jason A. Donenfeld | 3 | -31/+29 | |
We change this to look like the code gcc generates, so as to keep the objtool checker somewhat happy. | |||||
2017-10-09 | qemu: bump stable kernel | Jason A. Donenfeld | 1 | -1/+1 | |
2017-10-09 | Makefile: quiet recursive make | Jason A. Donenfeld | 1 | -10/+10 | |
2017-10-08 | tools: try again if dump is interrupted | Jason A. Donenfeld | 1 | -1/+4 | |
2017-10-06 | socket: gcc inlining makes this faster | Jason A. Donenfeld | 3 | -11/+10 | |
2017-10-06 | socket: don't bother recomparing afterwards | Jason A. Donenfeld | 1 | -6/+4 | |
It doesn't actually matter if this races, so there's no point in making the hot path slower with the stack copy. Suggested-by: Willy Tarreau <w@1wt.eu> | |||||
2017-10-06 | socket: compare while unlocked first | Jason A. Donenfeld | 2 | -27/+26 | |
This should be a bit faster. Suggested-by: Willy Tarreau <w@1wt.eu> | |||||
2017-10-06 | receive: do not consider 0 jiffies as being set | Jason A. Donenfeld | 1 | -4/+4 | |
This causes tests to fail if run within the first 5 minutes. We also move to jiffies 64, so that there's low chance of wrapping in case handshakes are spread far apart. Reported-by: René van Dorst <opensource@vdorst.com> | |||||
2017-10-06 | version: bump snapshot0.0.20171005 | Jason A. Donenfeld | 2 | -2/+2 | |
2017-10-05 | queueing: cleanup skb_padding | Jason A. Donenfeld | 2 | -14/+14 | |
2017-10-05 | compat: macro rewrite netlink instead of cluttering | Jason A. Donenfeld | 2 | -19/+23 | |
2017-10-05 | Makefile: clang now builds the kernel, so use scan-build | Jason A. Donenfeld | 4 | -10/+9 | |
Also add little stub for coccinelle and clean up semicolon issue it found. | |||||
2017-10-05 | queueing: move from ctx to cb | Jason A. Donenfeld | 5 | -151/+119 | |
2017-10-05 | receive: do not store endpoint in ctx | Jason A. Donenfeld | 2 | -6/+21 | |
2017-10-05 | compat: RHEL backported netlink changes | Jason A. Donenfeld | 1 | -1/+1 | |