aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/cookie.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* global: give if statements brackets and other cleanupsJason A. Donenfeld2018-10-091-1/+2
|
* global: more nitsJason A. Donenfeld2018-10-081-1/+1
|
* global: rename struct wireguard_ to struct wg_Jason A. Donenfeld2018-10-081-5/+5
| | | | | | This required a bit of pruning of our christmas trees. Suggested-by: Jiri Pirko <jiri@resnulli.us>
* global: prefix all functions with wg_Jason A. Donenfeld2018-10-021-20/+21
| | | | | | | | | | | | | I understand why this must be done, though I'm not so happy about having to do it. In some places, it puts us over 80 chars and we have to break lines up in further ugly ways. And in general, I think this makes things harder to read. Yet another thing we must do to please upstream. Maybe this can be replaced in the future by some kind of automatic module namespacing logic in the linker, or even combined with LTO and aggressive symbol stripping. Suggested-by: Andrew Lunn <andrew@lunn.ch>
* global: put SPDX identifier on its own lineJason A. Donenfeld2018-09-201-2/+2
| | | | | The kernel has very specific rules correlating file type with comment type, and also SPDX identifiers can't be merged with other comments.
* global: prefer sizeof(*pointer) when possibleJason A. Donenfeld2018-09-041-4/+4
| | | | Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
* crypto: import zincJason A. Donenfeld2018-09-031-2/+3
|
* global: run through clang-formatJason A. Donenfeld2018-08-281-31/+71
| | | | | | | This is the worst commit in the whole repo, making the code much less readable, but so it goes with upstream maintainers. We are now woefully wrapped at 80 columns.
* peer: ensure destruction doesn't raceJason A. Donenfeld2018-08-031-7/+1
| | | | | Completely rework peer removal to ensure peers don't jump between contexts and create races.
* cookie: returned keypair might disappear if rcu lock not heldJason A. Donenfeld2018-08-021-13/+18
| | | | | | And in general it's good to prefer dereferencing entry.peer from a handshake object rather than a keypair object, when possible, since keypairs could disappear before their underlying peer.
* global: use fast boottime instead of normal boottimeJason A. Donenfeld2018-06-231-3/+3
| | | | Generally if we're inaccurate by a few nanoseconds, it doesn't matter.
* global: use ktime boottime instead of jiffiesJason A. Donenfeld2018-06-231-6/+6
| | | | | | | | Since this is a network protocol, expirations need to be accounted for, even across system suspend. On real systems, this isn't a problem, since we're clearing all keys before suspend. But on Android, where we don't do that, this is something of a problem. So, we switch to using boottime instead of jiffies.
* netlink: maintain static_identity lock over entire private key updateJason A. Donenfeld2018-06-181-2/+1
| | | | | We don't want the local private key to not correspond with a precomputed ss or precomputed cookie hash at any intermediate point.
* global: year bumpJason A. Donenfeld2018-01-031-1/+1
|
* global: add SPDX tags to all filesGreg Kroah-Hartman2017-12-091-1/+4
| | | | | | | | | | | | | It's good to have SPDX identifiers in all files as the Linux kernel developers are working to add these identifiers to all files. Update all files with the correct SPDX license identifier based on the license text of the project or based on the license in the file itself. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: accept decent check_patch.pl suggestionsJason A. Donenfeld2017-10-311-2/+1
|
* global: add space around variable declarationsJason A. Donenfeld2017-10-031-0/+1
|
* global: use pointer to net_deviceJason A. Donenfeld2017-07-201-2/+2
| | | | | | DaveM prefers it to be this way per [1]. [1] http://www.spinics.net/lists/netdev/msg443992.html
* global: cleanup IP header checkingJason A. Donenfeld2017-06-261-2/+2
| | | | This way is more correct and ensures we're within the skb head.
* ratelimiter: rewrite from scratchJason A. Donenfeld2017-06-261-11/+3
| | | | | | | This not only removes the depenency on x_tables, but it also gives us much better performance and memory usage. Now, systems are able to have millions of WireGuard interfaces, without having to worry about a thundering herd of garbage collection.
* random: wait for random bytes when generating nonces and ephemeralsJason A. Donenfeld2017-06-121-1/+1
| | | | | | | | | | | We can let userspace configure wireguard interfaces before the RNG is fully initialized, since what we mostly care about is having good randomness for ephemerals and xchacha nonces. By deferring the wait to actually asking for the randomness, we give a lot more opportunity for gathering entropy. This won't cover entropy for hash table secrets or cookie secrets (which rotate anyway), but those have far less catastrophic failure modes, so ensuring good randomness for elliptic curve points and nonces should be sufficient.
* debug: print interface name in dmesgJason A. Donenfeld2017-05-311-1/+1
|
* noise: redesign preshared key modeJason A. Donenfeld2017-05-171-40/+26
|
* cookie: move the bangsJason A. Donenfeld2017-04-211-2/+2
|
* data: big refactoringJason A. Donenfeld2017-03-201-6/+6
|
* cookie: no need to hash rngJason A. Donenfeld2017-03-191-1/+0
| | | | | | | Since 4.8 or so, the RNG uses chacha, so we feel less scared about exposing its output directly. (Older kernels will simply suffer the paranoia.)
* Update copyrightJason A. Donenfeld2017-01-101-1/+1
|
* cookie: optimizeJason A. Donenfeld2016-12-261-29/+11
|
* cookies: use xchacha20poly1305 instead of chacha20poly1305Jason A. Donenfeld2016-12-231-36/+29
| | | | | This allows us to precompute the blake2s calls and save cycles, since hchacha is fast.
* messages: increase header by 3 bytes for alignmentJason A. Donenfeld2016-12-161-1/+1
|
* headers: cleanup noticesJason A. Donenfeld2016-11-211-1/+1
|
* cookie: avoid void pointer arithmaticJason A. Donenfeld2016-11-061-3/+3
|
* c89: the static keyword is okay in c99, but not in c89Jason A. Donenfeld2016-11-051-3/+3
|
* Rework headers and includesJason A. Donenfeld2016-09-291-1/+3
|
* c: specify static array size in function paramsJason A. Donenfeld2016-08-021-3/+3
| | | | | | | | | | | | | | | The C standard states: A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to type'', where the type qualifiers (if any) are those specified within the [ and ] of the array type derivation. If the keyword static also appears within the [ and ] of the array type derivation, then for each call to the function, the value of the corresponding actual argument shall provide access to the first element of an array with at least as many elements as specified by the size expression. By changing void func(int array[4]) to void func(int array[static 4]), we automatically get the compiler checking argument sizes for us, which is quite nice.
* cookie: do not expose csprng directlyJason A. Donenfeld2016-07-221-0/+1
| | | | | It may not be wise to directly publish the output of the CSPRNG, so we run the output through a round of Blake2s first.
* Initial commitJason A. Donenfeld2016-06-251-0/+237
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.