Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | tools: allow for NULL keys everywhere | Jason A. Donenfeld | 2017-11-11 | 1 | -2/+2 |
| | |||||
* | global: style nits | Jason A. Donenfeld | 2017-10-31 | 1 | -0/+1 |
| | |||||
* | global: infuriating kernel iterator style | Jason A. Donenfeld | 2017-10-31 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | One types: for (i = 0 ... So one should also type: for_each_obj (obj ... But the upstream kernel style guidelines are insane, and so we must instead do: for_each_obj(obj ... Ugly, but one must choose his battles wisely. | ||||
* | netlink: switch from ioctl to netlink for configuration | Jason A. Donenfeld | 2017-10-02 | 1 | -24/+17 |
| | |||||
* | tools: use key_is_zero for comparing to zeros | Jason A. Donenfeld | 2017-09-24 | 1 | -3/+2 |
| | | | | | | | Maybe an attacker on the system could use the infoleak in /proc to gauge how long a wg(8) process takes to complete and determine the number of leading zeros. This is somewhat ridiculous, but it's possible somebody somewhere might at somepoint care in the future, so alright. | ||||
* | tools: support text-based ipc | Jason A. Donenfeld | 2017-05-17 | 1 | -5/+5 |
| | |||||
* | noise: redesign preshared key mode | Jason A. Donenfeld | 2017-05-17 | 1 | -4/+4 |
| | |||||
* | tools: side channel resistant base64 | Jason A. Donenfeld | 2017-04-19 | 1 | -8/+7 |
| | |||||
* | socket: enable setting of fwmark | Jason A. Donenfeld | 2017-02-13 | 1 | -1/+3 |
| | |||||
* | Update copyright | Jason A. Donenfeld | 2017-01-10 | 1 | -1/+1 |
| | |||||
* | uapi: use sockaddr union instead of sockaddr_storage | Jason A. Donenfeld | 2017-01-10 | 1 | -5/+5 |
| | |||||
* | headers: cleanup notices | Jason A. Donenfeld | 2016-11-21 | 1 | -1/+1 |
| | |||||
* | tools: rename kernel to ipc | Jason A. Donenfeld | 2016-07-21 | 1 | -3/+3 |
| | |||||
* | tools: first additions of userspace integration | Jason A. Donenfeld | 2016-07-20 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is designed to work with a server that follows this: struct sockaddr_un addr = { .sun_family = AF_UNIX, .sun_path = "/var/run/wireguard/wguserspace0.sock" }; int fd, ret; ssize_t len; socklen_t socklen; struct wgdevice *device; fd = socket(AF_UNIX, SOCK_DGRAM, 0); if (fd < 0) exit(1); if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) exit(1); for (;;) { /* First we look at how big the next message is, so we know how much to * allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */ len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC); if (len < 0) { handle_error(); continue; } /* Next we allocate a buffer for the received data. */ device = NULL; if (len) { device = malloc(len); if (!device) { handle_error(); continue; } } /* Finally we receive the data, storing too the return address. */ socklen = sizeof(addr); len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen); if (len < 0) { handle_error(); free(device); continue; } if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */ device = get_current_wireguard_device(&len); sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen); } else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */ ret = set_current_wireguard_device(device); sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen); free(device); } } | ||||
* | persistent keepalive: add userspace support | Jason A. Donenfeld | 2016-07-08 | 1 | -0/+3 |
| | |||||
* | Initial commit | Jason A. Donenfeld | 2016-06-25 | 1 | -0/+102 |