aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* peerlookup: fall back to get_random_bytes for Ryzen 3000 bugjd/ryzen-bugJason A. Donenfeld2019-10-281-1/+5
| | | | | | | In case get_random_u32() fails after 32 tries -- something that should only happen on the Ryzen 3000 which returns -1 everytime if you have the wrong CPU microcode -- we fall back to get_random_bytes(), which is slower, but at least works.
* wg-quick: android: check for null in binder cleanup functionsJason A. Donenfeld2019-10-161-3/+6
|
* version: bump snapshot0.0.20191012Jason A. Donenfeld2019-10-122-2/+2
|
* wg-quick: android: use Binder for setting DNS on Android 10Nicolas Douma2019-10-121-7/+429
| | | | Signed-off-by: Nicolas Douma <nicolas@serveur.io>
* noise: recompare stamps after taking write lockJason A. Donenfeld2019-10-111-2/+6
|
* netlink: allow preventing creation of new peers when updatingJason A. Donenfeld2019-10-112-9/+12
| | | | | | This enables race-free updates for wg-dynamic and similar tools. Suggested-by: Thomas Gschwantner <tharre3@gmail.com>
* netns: add test for failing 5.3 FIB changesJason A. Donenfeld2019-10-112-1/+24
| | | | Reference: https://lore.kernel.org/netdev/20190924073615.31704-1-Jason@zx2c4.com/
* qemu: bump default versionJason A. Donenfeld2019-10-111-1/+1
|
* version: bump snapshot0.0.20190913Jason A. Donenfeld2019-09-132-2/+2
|
* compat: support rhel/centos 7.7Jason A. Donenfeld2019-09-131-1/+1
|
* Kbuild: squelch warnings for stack limit on broken kernel configsJason A. Donenfeld2019-09-131-0/+1
| | | | 1280 is considered the absolute minimum for 64bit archs.
* compat: don't rewrite siphash when it's from compatJason A. Donenfeld2019-09-131-0/+2
|
* compat: support newer PaXJason A. Donenfeld2019-09-111-0/+1
| | | | Reported-by: PaX Team <pageexec@freemail.hu>
* version: bump snapshot0.0.20190905Jason A. Donenfeld2019-09-052-2/+2
|
* compat: work around ubuntu breakageJason A. Donenfeld2019-09-051-0/+9
| | | | They forgot to backport hsiphash.
* tools: windows: enforce named pipe ownership and use protected prefixJason A. Donenfeld2019-08-312-22/+40
|
* Makefile: allow specifying kernel releaseMikk Mar2019-08-281-2/+3
| | | | | | | This makes depmod work when building/installing the module for a kernel other than the currently running one. Signed-off-by: Mikk Mar <mikkmar@airmail.cc>
* wg-quick: linux: don't fail down when using systemd-resolvedRonan Pigott2019-08-271-1/+1
| | | | | | | | | | | | | | | | systemd-resolved has a compatibility interface for use with resolvconf scripts when resolvectl is called from a symlink from resolvconf. However, when tearing down the interface, cmd_down calls del_if and then unset_dns. In the case of systemd-resolved, deleting the interface also removes the systemd-resolved entry and causes resolvconf -d to fail when resolvconf really is a symlink to resolvectl. This causes `wg-quick down` and 'wg-quick@.service' to exit with failure. Instead we use the resolvconf '-f' flag to ignore non-existent interfaces, supported by both openresolv and sd-resolved resolvconf. Signed-off-by: Ronan Pigott <rpigott@berkeley.edu> [zx2c4: moved -f argument to end to remain compatible with Debian's resolvconf]
* compat: account for android-4.9 backport of addr_gen_modeNathan Chancellor2019-08-252-4/+4
| | | | | | | | Android kernels backported d35a00b8e33dab7385f724e713ae71c8be0a49f4, so now we need to do feature detection. Link: https://android-review.googlesource.com/c/kernel/common/+/1103831 Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
* wg-quick: openbsd: fix alternate routing table syntaxAnkur Kothari2019-08-071-1/+1
| | | | | | | route(8) has always used the `-T` option to specify the routing table; there is no `rdomain` option. Signed-off-by: Ankur Kothari <ankur@lipidity.com>
* Kbuild: account for upstream configuration maze changesJason A. Donenfeld2019-08-071-0/+2
|
* netlink: skip peers with invalid keysJason A. Donenfeld2019-08-052-6/+15
|
* compat: do not run bc on clean targetJason A. Donenfeld2019-08-031-0/+2
| | | | | Certain targets don't define CONFIG_*, which means this bc command was previously failing.
* compat: support running in OpenVZ environmentsJason A. Donenfeld2019-07-191-0/+8
| | | | | | | Overriding LLTX like this is pretty ugly, but at least it means we don't have to let OpenVZ infect the real source tree. Requested-by: Benedikt Braunger <b.braunger@syseleven.de>
* noise: immediately rekey all peers after changing device private keyJason A. Donenfeld2019-07-116-7/+47
| | | | Reported-by: Derrick Pallas <derrick@pallas.us>
* netlink: enforce that unused bits of flags are zeroJason A. Donenfeld2019-07-082-5/+16
| | | | Reported-by: Toke Høiland-Jørgensen <toke@toke.dk>
* wg-quick: android: refactor and add incoming allow rulesJason A. Donenfeld2019-07-081-65/+73
| | | | Suggested-by: Yağmur Oymak <yagmur.oymak@gmail.com>
* compat: define conversion constants for ancient kernelsJason A. Donenfeld2019-07-042-1/+5
|
* version: bump snapshot0.0.20190702Jason A. Donenfeld2019-07-022-2/+2
|
* receive: queue dead packets to napi queue instead of empty rx_queueJason A. Donenfeld2019-07-022-5/+3
|
* peer: use LIST_HEAD macroJason A. Donenfeld2019-06-281-1/+1
| | | | Suggested-by: Sultan Alsawaf <sultan@kerneltoast.com>
* netlink: cast struct over cb->args for type safetyJason A. Donenfeld2019-06-281-29/+34
| | | | | | This eliminates the headache of managing cb->args[??]. Suggested-by: Johannes Berg <johannes@sipsolutions.net>
* compat: support RHEL8's skb_mark_not_on_list backportJason A. Donenfeld2019-06-281-1/+3
|
* compat: rhel backported list modificationsJason A. Donenfeld2019-06-251-1/+1
|
* global: switch to coarse ktimeJason A. Donenfeld2019-06-2511-36/+43
| | | | | | | | | | | | | Coarse ktime is broken until [1] in 5.2 and kernels without the backport, so we use fallback code there. The fallback code has also been improved significantly. It now only uses slower clocks on kernels < 3.17, at the expense of some accuracy we're not overly concerned about. [1] https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/ Suggested-by: Arnd Bergmann <arnd@arndb.de>
* compat: unify custom function prefix/suffixJason A. Donenfeld2019-06-243-48/+48
|
* compat: some kernels weirdly backport prandom_u32_maxJason A. Donenfeld2019-06-241-2/+3
|
* wg-quick: darwin: support being called from launchdJason A. Donenfeld2019-06-241-1/+16
| | | | | | | This causes wg-quick up to wait for the monitor to exit before it exits, so that launchd can correctly wait on it. Reported-by: Cameron Palmer <cameron@promon.no>
* qemu: show signal when failingJason A. Donenfeld2019-06-181-3/+14
|
* blake2s: spacingJason A. Donenfeld2019-06-032-123/+123
|
* curve25519: not all linkers support bmi2 and adxJason A. Donenfeld2019-06-023-6/+58
|
* version: bump snapshot0.0.20190601Jason A. Donenfeld2019-06-012-2/+2
|
* compat: don't call xgetbv on cpus with no XSAVEJason A. Donenfeld2019-05-311-1/+1
|
* blake2s: add ssse3 to nobsJason A. Donenfeld2019-05-311-1/+2
|
* blake2s: do not use xgetbv for ssse3 detectionJason A. Donenfeld2019-05-311-3/+1
|
* tools: pass WG_ENDPOINT_RESOLUTION_RETRIES=infinity to systemd unitJason A. Donenfeld2019-05-311-0/+1
|
* version: bump snapshot0.0.20190531Jason A. Donenfeld2019-05-312-2/+2
|
* tools: add wincompat layer to wg(8)Jason A. Donenfeld2019-05-3115-0/+321
|
* tools: allow setting WG_ENDPOINT_RESOLUTION_RETRIESJason A. Donenfeld2019-05-292-4/+25
|
* zinc: update copyrightJason A. Donenfeld2019-05-292-2/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.