summaryrefslogtreecommitdiffstatshomepage
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* version: bump snapshot0.0.20170531Jason A. Donenfeld2017-05-312-2/+2
|
* timers: reset retry-attempt counter when not retryingJason A. Donenfeld2017-05-314-7/+10
|
* timers: the completion of a handshake also is on key confirmationJason A. Donenfeld2017-05-312-2/+3
|
* timers: rework handshake reply control flowJason A. Donenfeld2017-05-311-9/+8
|
* debug: print interface name in dmesgJason A. Donenfeld2017-05-3111-50/+52
|
* compat: remove warning for < 4.1Jason A. Donenfeld2017-05-311-2/+0
| | | | | | | | | | | | It still is sort of experimental, I suppose, especially this part in the udp_tunnel drop-in: skb_orphan(skb); sk_mem_reclaim(sk); It seems like sometimes this won't do what we want, but it's hard to diagnose exactly what's happening. In any case, nobody paid attention to that warning anyway, so let's just get rid of it.
* config: it's faster to memcpy than strncpyJason A. Donenfeld2017-05-311-2/+1
| | | | IFNAMSIZ is 16, so this is two instructions on 64-bit.
* routingtable: Remove unnecessary check in node_placement()Sultan Alsawaf2017-05-311-2/+1
| | | | | | | node_placement() is always given the address of a stack variable for rnode, so there's no need to check if rnode is null. Signed-off-by: Sultan Alsawaf <sultanxda@gmail.com>
* data: enable BH during parallel crypto on ARM/NEONJason A. Donenfeld2017-05-311-0/+12
| | | | | | padata disables it, but in order to use SIMD on ARM, we can't be in an interrupt. We only do this on ARM since it adds jitter to the performance.
* curve25519: add NEON versions for ARMJason A. Donenfeld2017-05-313-29/+2160
|
* curve25519: align the basepoint to 32 bytesJason A. Donenfeld2017-05-311-2/+2
|
* curve25519: actually, do some things on heap sometimesJason A. Donenfeld2017-05-311-0/+170
| | | | This reverts commit 42dd5bd87e418275203dd6644b6b6b0cc310d4d9.
* tools: allow creating device with no peersJason A. Donenfeld2017-05-311-4/+0
|
* config: do not error out when getting if no peersJason A. Donenfeld2017-05-311-0/+1
|
* device: keep going when share_check failsJason A. Donenfeld2017-05-301-4/+4
| | | | Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
* timers: fix typo in commentJason A. Donenfeld2017-05-301-1/+1
| | | | Suggested-by: Peter Wu <peter@lekensteyn.nl>
* style: spaces after for loopsJason A. Donenfeld2017-05-307-15/+15
|
* peer: use iterator macro instead of callbackJason A. Donenfeld2017-05-306-77/+73
|
* noise: precompute static-static ECDH operationJason A. Donenfeld2017-05-304-15/+30
|
* noise: no need to store ephemeral public keyJason A. Donenfeld2017-05-302-7/+6
|
* handshake: process in parallelJason A. Donenfeld2017-05-307-35/+61
|
* compat: ship padata if kernel doesn't have itJason A. Donenfeld2017-05-303-11/+1055
|
* man: update wg-quick(8) to show Debian resolvconf braindamageJason A. Donenfeld2017-05-301-2/+2
| | | | | | | | | | | | | | | | | | | | While OpenResolv supports explicit ordering directives such as `-m` and exclusivity directives such as `-x`, Debian's own resolvconf supports none of this, instead using a hard coded list of interface name templates for determining ordering. While trying to emulate `-x` is difficult [*], we can at least try to mostly emulate `-m 0` by masquerading as a `tun*` interface to resolvconf. Ugly, but it works. [*] One heavy handed way of emulating `-x` would be something like: # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf # rm -f /etc/resolv.conf.wg0-exclusive This in practice works quite well, but is a bit heavy to put in a man page. It also doesn't "stack" well. For example, if we simply run `umount /etc/resolv.conf`, how do we know which resolv.conf entry we're unmounting?
* chacha20poly1305: add NEON versions for ARM and ARM64Jason A. Donenfeld2017-05-306-12/+1048
|
* chacha20poly1305: move constants to rodataJason A. Donenfeld2017-05-215-14/+27
|
* wg-quick: use src routing for default routes in v6Jason A. Donenfeld2017-05-181-3/+11
| | | | | Otherwise, traffic is sent with the IP address of a different interface, and then packets don't actually get delivered.
* man: fix psk mention in wg-quick man pageJason A. Donenfeld2017-05-181-2/+2
|
* version: bump snapshot0.0.20170517Jason A. Donenfeld2017-05-172-2/+2
|
* tools: opt-in globally to GNU-isms to keep the BSDs happyJason A. Donenfeld2017-05-172-2/+1
|
* tools: support text-based ipcJason A. Donenfeld2017-05-178-131/+321
|
* tools: check for proto error on set tooJason A. Donenfeld2017-05-171-3/+4
|
* Kbuild: optimize debug builds tooJason A. Donenfeld2017-05-171-1/+1
|
* tests: check for stats counter increasesJason A. Donenfeld2017-05-171-0/+4
| | | | | The kernel API for this has changed a lot, so this test is important to ensure our compat layer is doing the right thing.
* qemu: new location for test kernelsJason A. Donenfeld2017-05-171-3/+3
|
* tools: stricter key file readingJason A. Donenfeld2017-05-171-31/+40
|
* jerry-rig: symlinks are better for tree patchingJason A. Donenfeld2017-05-171-1/+1
| | | | | | Use a symlink instead of lots of ../../.. Suggested-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
* noise: redesign preshared key modeJason A. Donenfeld2017-05-1715-210/+203
|
* chacha20poly1305: implement vectorized hchacha20Jason A. Donenfeld2017-05-172-21/+157
|
* qemu: new packages and better debuggingJason A. Donenfeld2017-05-172-12/+13
|
* tools: wg-quick: auto MTU discoveryJason A. Donenfeld2017-05-172-1/+28
|
* tools: retry name resolution on temporary failureJason A. Donenfeld2017-05-171-1/+10
| | | | This should solve many problems at init time.
* compat: remember to call iptunnel_xmit_statsJason A. Donenfeld2017-05-171-4/+13
| | | | Upstream's 039f50629b7f860f36644ed1f34b27da9aa62f43 only came in 4.5
* compat: use real crypto_memneqJason A. Donenfeld2017-05-174-14/+181
|
* compat: work around ubnt offloadingJason A. Donenfeld2017-05-171-0/+4
|
* compat: ssse3 supportJason A. Donenfeld2017-05-041-0/+4
|
* compat: use existing iptunnel_xmit function for statsJason A. Donenfeld2017-04-241-7/+2
|
* version: bump snapshot0.0.20170421Jason A. Donenfeld2017-04-212-2/+2
|
* routingtable: rewrite core functionsJason A. Donenfeld2017-04-215-439/+634
| | | | | | | | | | | | | | | | | | | | | When removing by peer, prev needs to be set to *nptr in order to traverse that part of the trie. The other remove by IP function can simply be removed, as it's not in use. The root freeing function can use pre-order traversal instead of post-order. The pre-order traversal code in general is now a nice iterator macro. The common bits function can use the fast fls instructions and the match function can be rewritten to simply compare common bits. While we're at it, let's add tons of new tests, randomized checking against a dumb implementation, and graphviz output. And in general, it's nice to clean things up.
* compat: work on old 3.10Jason A. Donenfeld2017-04-212-0/+35
|
* config: don't allow no-privatekey to mask presharedJason A. Donenfeld2017-04-211-1/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.