Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | ncat-client-server: do not always call sudo and use env bash | Jason A. Donenfeld | 2018-05-22 | 1 | -2/+3 |
| | |||||
* | version: bump snapshot0.0.20180519 | Jason A. Donenfeld | 2018-05-19 | 2 | -2/+2 |
| | |||||
* | timers: no need to clear keepalive in persistent keepalive | Jason A. Donenfeld | 2018-05-19 | 1 | -4/+1 |
| | | | | | | | | We do this after sending the keepalive anyway. This is something of a regression, though, since before we'd cancel and then send, but now we send and then cancel, so it introduces a potential race, but hopefully that isn't too big of a deal. | ||||
* | timers: clear send_keepalive timer on sending handshake response | Jason A. Donenfeld | 2018-05-19 | 3 | -6/+12 |
| | | | | | | We reorganize this into also doing so on sending keepalives itself, which means the state machine is much more consistent, even if this was already implied. | ||||
* | timers: fix up comment | Jason A. Donenfeld | 2018-05-19 | 1 | -2/+2 |
| | |||||
* | timers: remove slack_time | Jason A. Donenfeld | 2018-05-19 | 1 | -8/+2 |
| | | | | | It's already done implicitly by recent kernels and it's not adding much here. | ||||
* | timers: reinitialize state on init | Jason A. Donenfeld | 2018-05-18 | 1 | -0/+3 |
| | |||||
* | tools: fix errno propagation and messages | Jason A. Donenfeld | 2018-05-18 | 5 | -9/+8 |
| | |||||
* | timers: round up instead of down in slack_time | Jason A. Donenfeld | 2018-05-18 | 1 | -2/+2 |
| | | | | | | | | | On systems with a 100hz tick, this causes handshakes to be retried in slightly less than 5 seconds, which means they aren't sent at all. This has the effect of the handshakes entirely stopping their retry cycle until the next data packet is sent. Reported-by: Andrew He <andrewhe@mit.edu> | ||||
* | chacha20poly1305: add mips32 implementation | René van Dorst | 2018-05-18 | 4 | -5/+913 |
| | | | | Signed-off-by: René van Dorst <opensource@vdorst.com> | ||||
* | device: remove allowedips before individual peers | Jason A. Donenfeld | 2018-05-18 | 1 | -1/+1 |
| | | | | This avoids an O(n^2) traversal in favor of an O(n) one. | ||||
* | wg-quick: darwin: simpler inclusion check | Jason A. Donenfeld | 2018-05-17 | 1 | -1/+1 |
| | |||||
* | wg-quick: darwin: reorder functions | Jason A. Donenfeld | 2018-05-17 | 1 | -19/+19 |
| | |||||
* | wg-quick: darwin: networksetup does not like missing stdio | Jason A. Donenfeld | 2018-05-17 | 1 | -1/+1 |
| | |||||
* | wg-quick: darwin: avoid routing loop if no default | Jason A. Donenfeld | 2018-05-17 | 1 | -6/+16 |
| | |||||
* | wg-quick: darwin: sometimes there are no network services | Jason A. Donenfeld | 2018-05-17 | 1 | -2/+1 |
| | |||||
* | wg-quick: use invoking shell in auto rooting | Jason A. Donenfeld | 2018-05-16 | 2 | -2/+3 |
| | |||||
* | wg-quick: add intentionally undocumented userspace implementation knob | Jason A. Donenfeld | 2018-05-16 | 2 | -3/+3 |
| | | | | | | This knob might disappear at some point, and we don't want to encourage its use, so it's not being documented, but this should help with development of new implementations. | ||||
* | wg-quick: darwin: use bash from environment and require bash 4+ | Jason A. Donenfeld | 2018-05-16 | 2 | -23/+23 |
| | | | | | | For properly configured Homebrew installations /usr/local/bin should be before /bin, so this should still work. This allows the script to be used in more than one setting. | ||||
* | wg-quick: darwin: restore DNS on down | Jason A. Donenfeld | 2018-05-16 | 1 | -13/+25 |
| | |||||
* | wg-quick: darwin: bash correctness | Jason A. Donenfeld | 2018-05-16 | 1 | -5/+4 |
| | |||||
* | wg-quick: darwin: remove v6 routes after shutdown | Jason A. Donenfeld | 2018-05-16 | 1 | -3/+3 |
| | | | | This works around a Darwin kernel bug regarding interface removal. | ||||
* | wg-quick: darwin: ensure socket directory exists | Jason A. Donenfeld | 2018-05-16 | 1 | -5/+1 |
| | |||||
* | dns-hatchet: update paths | Jason A. Donenfeld | 2018-05-16 | 1 | -1/+1 |
| | | | | Suggested-by: Martin Hauke <mardnh@gmx.de> | ||||
* | version: bump snapshot0.0.20180514 | Jason A. Donenfeld | 2018-05-15 | 2 | -2/+2 |
| | |||||
* | ncat-client-server: add wg-quick variant | Jason A. Donenfeld | 2018-05-15 | 2 | -4/+37 |
| | |||||
* | wg-quick: add darwin implementation | Jason A. Donenfeld | 2018-05-15 | 1 | -0/+444 |
| | | | | It's pretty rough and leaves much to be desired, but it works. | ||||
* | compat: backport for OpenSUSE 15 | Jason A. Donenfeld | 2018-05-14 | 1 | -1/+1 |
| | |||||
* | wg-quick: add wg symlink | Jason A. Donenfeld | 2018-05-14 | 1 | -0/+1 |
| | |||||
* | wg-quick: add android implementation | Jason A. Donenfeld | 2018-05-14 | 1 | -0/+666 |
| | |||||
* | tools: reorganize for multiplatform wg-quick | Jason A. Donenfeld | 2018-05-14 | 5 | -7/+9 |
| | |||||
* | allowedips: Fix graphviz output after endianness patch | Jonathan Neuschäfer | 2018-05-14 | 1 | -3/+16 |
| | | | | | | | | | | | | Commit 5e3532e ("allowedips: use native endian on lookup") did two things: It changed the endianness of (struct allowedips_node).bits to native endian, and it moved the CIDR masking to the output code path (walk_by_peer). Adjust print_node in src/selftest/allowedips.h to deal with these changes. Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | ||||
* | version: bump snapshot0.0.20180513 | Jason A. Donenfeld | 2018-05-13 | 2 | -2/+2 |
| | |||||
* | compat: don't clear header bits on RHEL | Jason A. Donenfeld | 2018-05-13 | 1 | -1/+4 |
| | | | | | | | | | | The 3.10 kernel from Red Hat puts head_frag in between headers_start and headers_end. This is triggered on the latest i40e driver. This results in the packet being freed incorrectly, crashing the system. So, this patch just ensures we don't zero any of the header bits. The whole issue of zeroing header bits probably should be revisited sometime somewhat soon. | ||||
* | compat: handle RHEL 7.5's recent backports | Jason A. Donenfeld | 2018-05-13 | 1 | -5/+5 |
| | |||||
* | queueing: preserve pfmemalloc header bit | Jason A. Donenfeld | 2018-05-13 | 1 | -0/+2 |
| | |||||
* | chacha20poly1305: make gcc 8.1 happy | Samuel Neves | 2018-05-13 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | GCC 8.1 does not know about the invariant `0 <= ctx->num < POLY1305_BLOCK_SIZE`. This results in a warning that `memcpy(ctx->data + num, inp, len);` may overflow the `data` field, which is correct for arbitrary values of `num`. To make the invariant explicit we ensure that `num` is in the required range. An alternative would be to change `ctx->num` to a 4-bit bitfield at the point of declaration. This changes the code from `test ebp, ebp; jz end` to `and ebp, 15; jz end`, which have identical performance characteristics. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> | ||||
* | socket: use skb_put_data | Jason A. Donenfeld | 2018-05-13 | 2 | -3/+12 |
| | |||||
* | wg-quick: preliminary support for go implementation | Jason A. Donenfeld | 2018-05-10 | 1 | -1/+7 |
| | |||||
* | allowedips: simplify arithmetic | Jason A. Donenfeld | 2018-05-10 | 1 | -1/+1 |
| | | | | Suggested-by: Samuel Neves <sneves@dei.uc.pt> | ||||
* | allowedips: produce better assembly with unsigned arithmetic | Jason A. Donenfeld | 2018-05-10 | 1 | -9/+9 |
| | | | | Suggested-by: Samuel Neves <sneves@dei.uc.pt> | ||||
* | allowedips: use native endian on lookup | Jason A. Donenfeld | 2018-05-10 | 1 | -21/+40 |
| | |||||
* | allowedips: add selftest for allowedips_walk_by_peer | Jason A. Donenfeld | 2018-05-10 | 1 | -1/+60 |
| | | | | | | Also we satisfy lockdep here. Suggested-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | ||||
* | embeddable-wg-library: zero attribute padding | Jason A. Donenfeld | 2018-05-03 | 1 | -0/+4 |
| | | | | See: http://git.netfilter.org/libmnl/commit/?id=37c876b55a2c00424ccda5a300ab5fdec1d88b22 | ||||
* | keygen-html: add zip file example | Jason A. Donenfeld | 2018-05-02 | 1 | -3/+127 |
| | | | | A little bit more JavaScript for easy copy&pasting. | ||||
* | qemu: retry on 404 in wget for kernel.org race | Jason A. Donenfeld | 2018-04-23 | 1 | -3/+1 |
| | |||||
* | version: bump snapshot0.0.20180420 | Jason A. Donenfeld | 2018-04-20 | 2 | -2/+2 |
| | |||||
* | poly1305: do not place constants in different sections | Jason A. Donenfeld | 2018-04-18 | 1 | -14/+1 |
| | | | | | | | We're referencing these constants as one contiguous blob, so if there's any merging that goes on with other constants elsewhere (such as the kernel's current poly1305 implementation that we hope to replace), then these will be reordered and have the wrong values. | ||||
* | compat: remove unused dev_recursion_level backport | Jason A. Donenfeld | 2018-04-16 | 1 | -7/+0 |
| | |||||
* | blake2s: remove unused helper | Jason A. Donenfeld | 2018-04-16 | 1 | -5/+0 |
| |