aboutsummaryrefslogtreecommitdiffstatshomepage
Commit message (Collapse)AuthorAgeFilesLines
* allowedips: single expression endian choicejd/endianness-trickJason A. Donenfeld2018-05-041-4/+1
| | | | | | This will upset millions of curious onlookers, and people will begin to doubt my judgement and sanity. But this really is cleaner to express as a single statement.
* allowedips: use native endian on lookupJason A. Donenfeld2018-05-041-21/+40
|
* embeddable-wg-library: zero attribute paddingJason A. Donenfeld2018-05-031-0/+4
| | | | See: http://git.netfilter.org/libmnl/commit/?id=37c876b55a2c00424ccda5a300ab5fdec1d88b22
* keygen-html: add zip file exampleJason A. Donenfeld2018-05-021-3/+127
| | | | A little bit more JavaScript for easy copy&pasting.
* qemu: retry on 404 in wget for kernel.org raceJason A. Donenfeld2018-04-231-3/+1
|
* version: bump snapshot0.0.20180420Jason A. Donenfeld2018-04-202-2/+2
|
* poly1305: do not place constants in different sectionsJason A. Donenfeld2018-04-181-14/+1
| | | | | | | We're referencing these constants as one contiguous blob, so if there's any merging that goes on with other constants elsewhere (such as the kernel's current poly1305 implementation that we hope to replace), then these will be reordered and have the wrong values.
* compat: remove unused dev_recursion_level backportJason A. Donenfeld2018-04-161-7/+0
|
* blake2s: remove unused helperJason A. Donenfeld2018-04-161-5/+0
|
* send: simplify skb_padding with nice macroJason A. Donenfeld2018-04-161-4/+3
|
* send: account for route-based MTUJason A. Donenfeld2018-04-155-3/+26
| | | | | | | | | | It might be that a particular route has a different MTU than the interface, via `ip route add ... dev wg0 mtu 1281`, for example. In this case, it's important that we don't accidently pad beyond the end of the MTU. We accomplish that in this patch by carrying forward the MTU from the dst if it exists. We also add a unit test for this issue. Reported-by: Roman Mamedov <rm.wg@romanrm.net>
* wg-quick: account for specified fwmark in auto routing modeJason A. Donenfeld2018-04-151-19/+23
| | | | | | | | | | | If we're doing automatic routing with default routes, but the config has also specified an explicit fwmark, then use that explicit fwmark, even if it's conflicting, since the administrator has explicitly opted into using it. Also, when shutting down the interface, we only now remove the fancy rules if we're in automatic routing mode with default routes. Suggested-by: Luis Ressel <aranea@aixah.de> Reported-by: Saeid Akbari <saeidscorp@yahoo.com>
* qemu: bump default versionJason A. Donenfeld2018-04-151-1/+1
|
* version: bump snapshot0.0.20180413Jason A. Donenfeld2018-04-132-2/+2
|
* chacha20poly1305: put magic constant behind macroJason A. Donenfeld2018-04-052-3/+5
|
* chacha20poly1305: add self tests from wycheproofJason A. Donenfeld2018-04-051-3/+1026
|
* curve25519: add self tests from wycheproofJason A. Donenfeld2018-04-041-0/+504
|
* wg-quick.8: fix typoJason A. Donenfeld2018-04-041-1/+1
| | | | Reported-by: Mike Pechkin <mike.pechkin@gmail.com>
* curve25519: precomp const correctnessJason A. Donenfeld2018-03-091-24/+22
|
* curve25519: memzero in batchesJason A. Donenfeld2018-03-091-140/+124
|
* curve25519: use cmov instead of xor for cswapJason A. Donenfeld2018-03-091-12/+39
| | | | Also add cselect optimization.
* curve25519: use precomp implementation instead of sandy2xJason A. Donenfeld2018-03-094-3438/+2071
| | | | It's faster and doesn't use the FPU.
* compat: support OpenSUSE 15Jason A. Donenfeld2018-03-091-3/+6
|
* compat: silence warning on frankenkernelsJason A. Donenfeld2018-03-091-0/+3
| | | | Some Android 3.18 devices backport this macro.
* compat: stable kernels are now receiving b87b619Jason A. Donenfeld2018-03-071-1/+1
|
* wg-quick: hide errors on saveJason A. Donenfeld2018-03-041-1/+1
|
* version: bump snapshot0.0.20180304Jason A. Donenfeld2018-03-042-2/+2
|
* contrib: add extract-handshakes kprobe exampleJason A. Donenfeld2018-03-046-0/+176
|
* wg-quick: if resolvconf/run/iface exists, use itJason A. Donenfeld2018-03-041-1/+1
| | | | | Some older broken resolvconfs don't support resolvconf -l, but do have a file in a standard location, so use it.
* wg-quick: if resolvconf/interface-order exists, use itJason A. Donenfeld2018-03-041-3/+12
| | | | | | | Some older broken resolvconf implementations ignore -m, but do have an interface-order list. It's better to use this list dynamically, in case it changes, or in case it's not used by the OS's resolvconf implementation, such as in the case of systemd or openresolv.
* noise: align static_identity keysJason A. Donenfeld2018-03-021-1/+1
|
* compat: use correct -include pathJason A. Donenfeld2018-03-021-5/+6
|
* noise: fix function prototypeJason A. Donenfeld2018-03-021-1/+1
|
* global: in gnu code, use un-underscored asmJason A. Donenfeld2018-03-023-3/+3
|
* messages: MESSAGE_TOTAL is unusedJason A. Donenfeld2018-03-021-2/+1
|
* crypto: read only after initJason A. Donenfeld2018-03-024-10/+11
|
* Kconfig: require DST_CACHE explicitlyJason A. Donenfeld2018-03-021-0/+1
|
* Revert "contrib: keygen-html: rewrite in pure javascript"Jason A. Donenfeld2018-03-025-187/+129
| | | | | | | This reverts commit e5203543a674453ce1e0cbbcb234d3308762fe65. As swanky as it is to have a really short file, it's hard to justify and makes me nervous.
* contrib: keygen-html: rewrite in pure javascriptJason A. Donenfeld2018-03-025-129/+187
| | | | | Emscripten is too cumbersome. This code here is much slower, but it's shorter and simpler.
* compat: workaround netlink refcount bugJason A. Donenfeld2018-03-021-1/+1
| | | | | | | For now it looks like only 4.16 has this, but we'll keep track in case others add it too. Upstream-fix: b87b6194be63 ("netlink: put module reference if dump start fails")
* contrib: embedded-wg-library: add key generation functionsJason A. Donenfeld2018-03-023-2/+205
|
* allowedips: fix comment styleJason A. Donenfeld2018-02-211-1/+2
|
* contrib: embedded-wg-library: add ability to add and del interfacesJason A. Donenfeld2018-02-213-3/+109
|
* queueing: skb_reset: mark as xnetJason A. Donenfeld2018-02-201-1/+1
| | | | | | | | This was avoided for a long time, because I wanted the packet to be charged to the original socket for as long as possible. However, this broke net_cls, which looks at skb->sk for additional late-stage routing decisions. So we had no choice but to ensure that skb->sk is NULL by the time of xmit, and this means calling the skb destructor.
* version: bump snapshot0.0.20180218Jason A. Donenfeld2018-02-182-2/+2
|
* tools: fixup errno handlingJason A. Donenfeld2018-02-172-8/+8
|
* tools: FreeBSD doesn't have EAI_NODATAJason A. Donenfeld2018-02-171-2/+15
|
* tools: do not collide types with libc clashesJason A. Donenfeld2018-02-171-4/+10
|
* contrib: add embeddable wireguard libraryJason A. Donenfeld2018-02-176-0/+1671
|
* wg(8): clarify phrasingJason A. Donenfeld2018-02-171-3/+3
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.