Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | netlink: use __kernel_timespec for handshake time | Jason A. Donenfeld | 2019-01-23 | 3 | -4/+10 |
| | |||||
* | global: normalize -> clamp | Jason A. Donenfeld | 2019-01-23 | 3 | -3/+3 |
| | |||||
* | global: update copyright | Jason A. Donenfeld | 2019-01-07 | 29 | -29/+29 |
| | |||||
* | tools: curve25519: handle unaligned loads/stores safely | Jason A. Donenfeld | 2018-12-20 | 2 | -5/+19 |
| | | | | Reported-by: Chris Hewitt <chris@chrishewitt.net> | ||||
* | wg-quick: bring interface up while setting MTU | Aaron Jones | 2018-12-18 | 1 | -9/+4 |
| | | | | | | | This avoids another ip(8) invocation for little benefit. Confirmed to work with iproute2 and busybox. Signed-off-by: Aaron Jones <aaronmdjones@gmail.com> | ||||
* | wg-quick: android: do not choke on empty allowed-ips | Jason A. Donenfeld | 2018-11-11 | 1 | -1/+4 |
| | | | | Reported-by: Samuel Holland <samuel@sholland.org> | ||||
* | wg.8: AllowedIPs isn't actually required | Jason A. Donenfeld | 2018-10-19 | 1 | -1/+1 |
| | | | | | | | An empty allowed IPs is totally valid, for folks wishing to move IP addresses between multiple peers atomically. Suggested-by: Comex <comexk@gmail.com> | ||||
* | wg.8: specify that wg(8) shows runtime info too | Jason A. Donenfeld | 2018-10-19 | 1 | -1/+1 |
| | | | | Suggested-by: Comex <comexk@gmail.com> | ||||
* | tools: wg-quick: wait for interface to disappear on freebsd | Jason A. Donenfeld | 2018-10-13 | 1 | -0/+9 |
| | |||||
* | tools: don't fail if a netlink interface dump is inconsistent | Jason A. Donenfeld | 2018-10-13 | 1 | -2/+9 |
| | | | | | | | | | | Netlink returns NLM_F_DUMP_INTR if the set of all tunnels changed during the dump. That's unfortunate, but is pretty common on busy systems that are adding and removing tunnels all the time. Rather than retrying, potentially indefinitely, we just work with the partial results. Reported-by: Robert Gerus <ar@is-a.cat> | ||||
* | tools: compile on gnu99 | Jason A. Donenfeld | 2018-10-09 | 1 | -1/+1 |
| | | | | | | | We don't actually use any C11 features, so we can at least compile with ancient gcc. Reported-by: Aaron M. D. Jones <aaronmdjones@gmail.com> | ||||
* | tools: use libc's endianness macro if no compiler macro | Jason A. Donenfeld | 2018-10-09 | 1 | -0/+10 |
| | | | | | | This lets us be compiled with ancient gcc. Reported-by: Jeff Brandt <jeff@jeffcolo.net> | ||||
* | netlink: do not stuff index into nla type | Jason A. Donenfeld | 2018-10-08 | 1 | -5/+4 |
| | | | | | | | It's not used for anything, and LKML doesn't like the type being used as an index value. Suggested-by: Eugene Syromiatnikov <esyr@redhat.com> | ||||
* | crypto: clean up remaining .h->.c | Jason A. Donenfeld | 2018-10-07 | 1 | -2/+2 |
| | |||||
* | wg-quick.8: add policy routing example | Jason A. Donenfeld | 2018-10-05 | 1 | -0/+26 |
| | | | | | Suggested-by: Toke Høiland-Jørgensen <toke@toke.dk> Suggested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org> | ||||
* | crypto: make constant naming scheme consistent | Jason A. Donenfeld | 2018-09-25 | 2 | -7/+7 |
| | |||||
* | global: put SPDX identifier on its own line | Jason A. Donenfeld | 2018-09-20 | 22 | -44/+44 |
| | | | | | The kernel has very specific rules correlating file type with comment type, and also SPDX identifiers can't be merged with other comments. | ||||
* | global: prefer sizeof(*pointer) when possible | Jason A. Donenfeld | 2018-09-04 | 3 | -13/+13 |
| | | | | Suggested-by: Sultan Alsawaf <sultanxda@gmail.com> | ||||
* | crypto: import zinc | Jason A. Donenfeld | 2018-09-03 | 1 | -2/+2 |
| | |||||
* | tools: ipc: do not warn on unrecognized netlink attributes | Jason A. Donenfeld | 2018-09-02 | 1 | -17/+0 |
| | | | | It makes extending things more difficult. | ||||
* | crypto: use unaligned helpers | Jason A. Donenfeld | 2018-08-28 | 1 | -0/+3 |
| | | | | | | This is not useful for WireGuard, but for the general use case we probably want it this way, and the speed difference is mostly lost in the noise. | ||||
* | wg-quick: check correct variable for route deduplication | Jason A. Donenfeld | 2018-08-21 | 1 | -1/+1 |
| | | | | Reported-by: John Sager <john@sager.me.uk> | ||||
* | wg-quick: darwin: prefer system paths for tools | Jason A. Donenfeld | 2018-08-12 | 1 | -1/+1 |
| | | | | | | | | | | | | The only things wg-quick(8) needs from Homebrew are bash(1) and wg(8). Other than that, it's explicitly coded against the native system utilities. Since wg-quick(8) and bash(1) are invoked in auto_su by their full absolute path (via $SELF and $BASH, respectively), we can simply set the $PATH to be prefixed by the default system binary paths. This way, if users install tools that conflict with system tools -- such as GNU coreutils -- we won't accidently call those. Reported-by: Deirdre Connolly <durumcrustulum@gmail.com> | ||||
* | wg-quick: android: remove compat code | Jason A. Donenfeld | 2018-07-24 | 1 | -10/+0 |
| | |||||
* | wg-quick: android: allow package to be overridden | Jason A. Donenfeld | 2018-07-24 | 1 | -4/+9 |
| | |||||
* | wg-quick: allow link local default gateway | Jason A. Donenfeld | 2018-07-16 | 3 | -3/+0 |
| | | | | | | | It's unclear why it was like this in the first place, but it apparently broke certain IPv6 setups. Reported-by: Jonas Blahut <j@die-blahuts.de> | ||||
* | tools: only error on wg show if all interfaces fail | Jason A. Donenfeld | 2018-07-08 | 1 | -1/+4 |
| | |||||
* | wg-quick: android: support excluding applications | Jason A. Donenfeld | 2018-07-05 | 1 | -9/+102 |
| | |||||
* | wg-quick: android: prevent outgoing handshake packets from being dropped | Jason A. Donenfeld | 2018-06-25 | 1 | -0/+4 |
| | |||||
* | tools: fix misspelling of strchrnul in comment | Jonathan Neuschäfer | 2018-06-22 | 1 | -1/+1 |
| | | | | Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | ||||
* | manpages: eliminate whitespace at the end of the line | Jonathan Neuschäfer | 2018-06-22 | 2 | -26/+26 |
| | | | | | | This eliminates a few style warnings from "mandoc -T lint src/tools/wg*.8". Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> | ||||
* | wg-quick: android: don't forget to free compiled regexes | Jason A. Donenfeld | 2018-06-17 | 1 | -5/+6 |
| | |||||
* | wg-quick: android: disable roaming to v6 networks when v4 is specified | Jason A. Donenfeld | 2018-06-17 | 1 | -1/+54 |
| | | | | This works around an unfortunate bug in 464XLAT transitions. | ||||
* | tools: getentropy requires 10.12 | Jason A. Donenfeld | 2018-06-14 | 1 | -1/+7 |
| | |||||
* | tools: support getentropy(3) | Jason A. Donenfeld | 2018-06-08 | 1 | -0/+11 |
| | |||||
* | tools: encoding: add missing static array constraints | Jason A. Donenfeld | 2018-06-06 | 1 | -2/+2 |
| | |||||
* | wg-quick: android: change name of intent | Jason A. Donenfeld | 2018-06-04 | 1 | -1/+1 |
| | |||||
* | wg-quick: android: delay setting users until end | Jason A. Donenfeld | 2018-05-31 | 1 | -1/+6 |
| | | | | | | | `ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing them to reconnect. By delaying this until after routes are set, we ensure that the sockets reconnect using the tunnel, rather than the old route. | ||||
* | tools: constanter time encoding | Jason A. Donenfeld | 2018-05-31 | 1 | -15/+21 |
| | |||||
* | wg-quick: darwin: set DNS servers after delay on route change | Jason A. Donenfeld | 2018-05-31 | 1 | -2/+6 |
| | | | | | | This works around a race condition in macOS's network daemons, while also adding one in the form of possibly calling kill -ALRM on a stale PID; unfortunately bash can't wait from a trap. | ||||
* | wg-quick: freebsd: configure as p2p link | Jason A. Donenfeld | 2018-05-27 | 1 | -3/+5 |
| | |||||
* | wg-quick: darwin: add multiple IP addresses | Jason A. Donenfeld | 2018-05-27 | 1 | -2/+2 |
| | |||||
* | wg-quick: determine IPs when saving interface | Jason A. Donenfeld | 2018-05-27 | 3 | -12/+14 |
| | |||||
* | wg-quick: freebsd: work around security vulnerabilities in bash | Jason A. Donenfeld | 2018-05-24 | 1 | -7/+29 |
| | |||||
* | wg-quick: allow enumeration of socket files | Jason A. Donenfeld | 2018-05-23 | 2 | -2/+2 |
| | | | | | These OSes have an unpriv'd ifconfig, so this isn't an even larger info leak. | ||||
* | wg-quick: better bash completion for non-renaming OSes | Jason A. Donenfeld | 2018-05-23 | 1 | -5/+14 |
| | |||||
* | wg-quick: support FreeBSD/Darwin search path | Jason A. Donenfeld | 2018-05-23 | 4 | -16/+39 |
| | |||||
* | tools: always pass -v as first argument to install | Jason A. Donenfeld | 2018-05-23 | 1 | -7/+7 |
| | | | | This lets crippled OSes sed out our -v more easily. | ||||
* | wg-quick: openbsd: add new implementation | Jason A. Donenfeld | 2018-05-22 | 1 | -0/+451 |
| | |||||
* | wg-quick: freebsd: add new implementation | Jason A. Donenfeld | 2018-05-22 | 2 | -16/+434 |
| |