diff options
| author |   Matt Dunwoodie <ncon@noconroy.net> | 2021-04-03 04:05:08 +1100 |
|---|---|---|
| committer | Matt Dunwoodie <ncon@noconroy.net> | 2021-04-13 15:47:30 +1000 |
| commit | acce302ce645ccc1a3f7f46fb2c399c611e623d8 (patch) | |
| tree | 0598e731f3bd5b52f6c00b98353346f1f58594c1 /distrib | |
| parent | Add refcnt_take_if_gt() (diff) | |
| download | wireguard-openbsd-acce302ce645ccc1a3f7f46fb2c399c611e623d8.tar.xz wireguard-openbsd-acce302ce645ccc1a3f7f46fb2c399c611e623d8.zip | |
Use SMR for wg_noise
While the largest change here is to use SMR for wg_noise, this was
motivated by other deficiencies in the module. Primarily, the nonce
operations should be performed in serial (wg_queue_out, wg_deliver_in)
and not parallel (wg_encap, wg_decap). This also brings in a lock-free
encrypt and decrypt path, which is nice.
I suppose other improvements are that local, remote and keypair structs
are opaque, so no more reaching in and fiddling with things.
Unfortunately, these changes make abuse of the API easier (such as
calling noise_keypair_encrypt on a keypair retrieved with
noise_keypair_lookup (instead of noise_keypair_current) as they have
different checks). Additionally, we have to trust that the nonce passed
to noise_keypair_encrypt is non repeating (retrieved with
noise_keypair_nonce_next), and noise_keypair_nonce_check is valid on
received nonces.
One area that could use a little bit more adjustment is the *_free
functions. They are used to call a function once it is safe to free a
parent datastructure (one holding struct noise_{local,remote} *). This
is currently used for lifetimes in the system and allows a consumer of
wg_noise to opaquely manage lifetimes based on the reference counting of
noise, remote and keypair. It is fine for now, but maybe revisit later.
Diffstat (limited to 'distrib')
0 files changed, 0 insertions, 0 deletions