Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2019-12-06 | chacha20poly1305: double check the sgmiter logic with test | Jason A. Donenfeld | 1 | -8/+59 | |
2019-12-06 | wg-quick: linux: ignore save warnings for iptables-nft | Jason A. Donenfeld | 1 | -1/+1 | |
2019-12-06 | wg-quick: linux: suppress more warnings on weird kernels | Jason A. Donenfeld | 1 | -4/+4 | |
2019-12-05 | wg-quick: linux: some iptables don't like empty lines | Jason A. Donenfeld | 1 | -6/+6 | |
Reported-by: Kenneth R. Crudup <kenny@panix.com> | |||||
2019-12-05 | crypto: use new assembler macros for 5.5 | Jason A. Donenfeld | 6 | -14/+19 | |
2019-12-05 | chacha20poly1305: port to sgmitter for 5.5 | Jason A. Donenfeld | 6 | -122/+151 | |
I'm not totally comfortable with these changes yet, and it'll require some more scrutiny. But it's a start. | |||||
2019-12-05 | netlink: prepare for removal of genl_family_attrbuf in 5.5 | Jason A. Donenfeld | 2 | -8/+20 | |
2019-12-05 | version: bump snapshot0.0.20191205 | Jason A. Donenfeld | 2 | -2/+2 | |
2019-12-05 | wg-quick: linux: iptables-* -w is not widely supported | Jason A. Donenfeld | 1 | -2/+2 | |
2019-12-05 | ipc: make sure userspace communication frees wgdevice | Jason A. Donenfeld | 2 | -11/+16 | |
2019-12-05 | send: avoid touching skb->{next,prev} directly | Jason A. Donenfeld | 1 | -2/+2 | |
This isn't quite the same, since mark_not_on_list doesn't touch skb->prev, but hopefully it doesn't matter. | |||||
2019-12-05 | device: prepare skb_list_walk_safe for upstreaming | Jason A. Donenfeld | 3 | -9/+13 | |
2019-12-05 | send: use kfree_skb_list | Jason A. Donenfeld | 1 | -9/+2 | |
2019-12-05 | wg-quick: linux: have remove_iptables return true | Jason A. Donenfeld | 1 | -1/+1 | |
Reported-by: Thomas Sattler <sattler@med.uni-frankfurt.de> | |||||
2019-12-05 | wg-quick: linux: ensure postdown hooks execute | Jason A. Donenfeld | 1 | -2/+2 | |
Reported-by: Thomas Sattler <sattler@med.uni-frankfurt.de> | |||||
2019-11-27 | wg-quick: linux: suppress error when finding unused table | Jason A. Donenfeld | 1 | -1/+1 | |
2019-11-27 | version: bump snapshot0.0.20191127 | Jason A. Donenfeld | 2 | -2/+2 | |
2019-11-27 | tools: add syncconf command | Jason A. Donenfeld | 3 | -0/+97 | |
2019-11-27 | reresolve-dns: remove invalid anchors on regex match | Jason A. Donenfeld | 1 | -1/+1 | |
Reported-by: Conrad Meyer <cem@freebsd.org> | |||||
2019-11-27 | qemu: bump version | Jason A. Donenfeld | 1 | -1/+1 | |
2019-11-27 | qemu: respect PATH when finding CBUILD | Jason A. Donenfeld | 1 | -1/+1 | |
2019-11-27 | qemu: work around build bug with powerpc64le | Jason A. Donenfeld | 1 | -0/+1 | |
2019-11-27 | wg-quick: linux: filter bogus injected packets and don't disable rpfilter | Jason A. Donenfeld | 1 | -8/+29 | |
2019-11-26 | wg-quick: linux: only touch net.ipv4 for v4 | Jason A. Donenfeld | 1 | -3/+5 | |
2019-11-26 | allowedips: avoid double lock in selftest error case | Jason A. Donenfeld | 1 | -8/+9 | |
2019-11-26 | socket: remove redundant check of new4 | Jason A. Donenfeld | 1 | -1/+1 | |
2019-11-26 | allowedips: safely dereference rcu roots | Jason A. Donenfeld | 1 | -6/+10 | |
2019-10-30 | messages: recalculate rekey max based on a one minute flood | Jason A. Donenfeld | 1 | -1/+1 | |
Discussed-with: Mathias Hall-Andersen <mathias@hall-andersen.dk> | |||||
2019-10-16 | wg-quick: android: check for null in binder cleanup functions | Jason A. Donenfeld | 1 | -3/+6 | |
2019-10-12 | version: bump snapshot0.0.20191012 | Jason A. Donenfeld | 2 | -2/+2 | |
2019-10-12 | wg-quick: android: use Binder for setting DNS on Android 10 | Nicolas Douma | 1 | -7/+429 | |
Signed-off-by: Nicolas Douma <nicolas@serveur.io> | |||||
2019-10-11 | noise: recompare stamps after taking write lock | Jason A. Donenfeld | 1 | -2/+6 | |
2019-10-11 | netlink: allow preventing creation of new peers when updating | Jason A. Donenfeld | 2 | -9/+12 | |
This enables race-free updates for wg-dynamic and similar tools. Suggested-by: Thomas Gschwantner <tharre3@gmail.com> | |||||
2019-10-11 | netns: add test for failing 5.3 FIB changes | Jason A. Donenfeld | 2 | -1/+24 | |
Reference: https://lore.kernel.org/netdev/20190924073615.31704-1-Jason@zx2c4.com/ | |||||
2019-10-11 | qemu: bump default version | Jason A. Donenfeld | 1 | -1/+1 | |
2019-09-13 | version: bump snapshot0.0.20190913 | Jason A. Donenfeld | 2 | -2/+2 | |
2019-09-13 | compat: support rhel/centos 7.7 | Jason A. Donenfeld | 1 | -1/+1 | |
2019-09-13 | Kbuild: squelch warnings for stack limit on broken kernel configs | Jason A. Donenfeld | 1 | -0/+1 | |
1280 is considered the absolute minimum for 64bit archs. | |||||
2019-09-13 | compat: don't rewrite siphash when it's from compat | Jason A. Donenfeld | 1 | -0/+2 | |
2019-09-11 | compat: support newer PaX | Jason A. Donenfeld | 1 | -0/+1 | |
Reported-by: PaX Team <pageexec@freemail.hu> | |||||
2019-09-05 | version: bump snapshot0.0.20190905 | Jason A. Donenfeld | 2 | -2/+2 | |
2019-09-05 | compat: work around ubuntu breakage | Jason A. Donenfeld | 1 | -0/+9 | |
They forgot to backport hsiphash. | |||||
2019-08-31 | tools: windows: enforce named pipe ownership and use protected prefix | Jason A. Donenfeld | 2 | -22/+40 | |
2019-08-28 | Makefile: allow specifying kernel release | Mikk Mar | 1 | -2/+3 | |
This makes depmod work when building/installing the module for a kernel other than the currently running one. Signed-off-by: Mikk Mar <mikkmar@airmail.cc> | |||||
2019-08-27 | wg-quick: linux: don't fail down when using systemd-resolved | Ronan Pigott | 1 | -1/+1 | |
systemd-resolved has a compatibility interface for use with resolvconf scripts when resolvectl is called from a symlink from resolvconf. However, when tearing down the interface, cmd_down calls del_if and then unset_dns. In the case of systemd-resolved, deleting the interface also removes the systemd-resolved entry and causes resolvconf -d to fail when resolvconf really is a symlink to resolvectl. This causes `wg-quick down` and 'wg-quick@.service' to exit with failure. Instead we use the resolvconf '-f' flag to ignore non-existent interfaces, supported by both openresolv and sd-resolved resolvconf. Signed-off-by: Ronan Pigott <rpigott@berkeley.edu> [zx2c4: moved -f argument to end to remain compatible with Debian's resolvconf] | |||||
2019-08-25 | compat: account for android-4.9 backport of addr_gen_mode | Nathan Chancellor | 2 | -4/+4 | |
Android kernels backported d35a00b8e33dab7385f724e713ae71c8be0a49f4, so now we need to do feature detection. Link: https://android-review.googlesource.com/c/kernel/common/+/1103831 Signed-off-by: Nathan Chancellor <natechancellor@gmail.com> | |||||
2019-08-07 | wg-quick: openbsd: fix alternate routing table syntax | Ankur Kothari | 1 | -1/+1 | |
route(8) has always used the `-T` option to specify the routing table; there is no `rdomain` option. Signed-off-by: Ankur Kothari <ankur@lipidity.com> | |||||
2019-08-07 | Kbuild: account for upstream configuration maze changes | Jason A. Donenfeld | 1 | -0/+2 | |
2019-08-05 | netlink: skip peers with invalid keys | Jason A. Donenfeld | 2 | -6/+15 | |
2019-08-03 | compat: do not run bc on clean target | Jason A. Donenfeld | 1 | -0/+2 | |
Certain targets don't define CONFIG_*, which means this bc command was previously failing. |