Commit graph

47 commits

Author SHA1 Message Date
Jason A. Donenfeld
b8e89f3a09 global: update copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-07 19:26:10 -05:00
Jason A. Donenfeld
cef7ac9ef9 global: put SPDX identifier on its own line
The kernel has very specific rules correlating file type with comment
type, and also SPDX identifiers can't be merged with other comments.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20 19:41:22 +02:00
Jason A. Donenfeld
17546fcd75 global: prefer sizeof(*pointer) when possible
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-04 11:08:29 -06:00
Jonathan Neuschäfer
a54a133500 wg: fix misspelling of strchrnul in comment
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-22 04:09:39 +02:00
Jason A. Donenfeld
ca5d2708e0 wg: FreeBSD doesn't have EAI_NODATA
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 19:30:05 +01:00
Jason A. Donenfeld
437116f238 wg: allow in-line comments
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
1e5d6b9a66 wg: fread doesn't change errno
Thus we might be responding to an old errno, which could cause this to
unnecessarily fail.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-30 14:46:34 +01:00
Jason A. Donenfeld
723abc5098 wg: plug memleak in config error path
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-18 11:26:09 +01:00
Jason A. Donenfeld
9207dec08f global: year bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-03 21:58:00 +01:00
Greg Kroah-Hartman
01d00bc035 global: add SPDX tags to all files
It's good to have SPDX identifiers in all files as the Linux kernel
developers are working to add these identifiers to all files.

Update all files with the correct SPDX license identifier based on the license
text of the project or based on the license in the file itself.  The SPDX
identifier is a legally binding shorthand, which can be used instead of the
full boiler plate text.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-12-09 22:29:28 +01:00
Jason A. Donenfeld
30cf5eb883 wg: fix removing preshared keys
Also clean up related logic quite a bit and add unit tests.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-23 11:09:12 +01:00
Jason A. Donenfeld
08ce3b2426 wg: tighten up strtoul parsing
Reported-by: Cedric Buxin <cedric.buxin@izri.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-17 14:06:18 +01:00
Jason A. Donenfeld
e77a77a805 wg: allow for NULL keys everywhere
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-11 12:30:49 +09:00
Jason A. Donenfeld
b1dd8d711e global: style nits
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld
d9d0a2cbed global: infuriating kernel iterator style
One types:

   for (i = 0 ...

So one should also type:

  for_each_obj (obj ...

But the upstream kernel style guidelines are insane, and so we must
instead do:

  for_each_obj(obj ...

Ugly, but one must choose his battles wisely.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld
65db14706b wg: don't insist on having a private key
This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld
085796b210 wg: retry resolution except when fatal
The reference to this is <https://sourceware.org/glibc/wiki/NameResolver>,
which mentions:

"From the perspective of the application that calls getaddrinfo() it
perhaps doesn't matter that much since EAI_FAIL, EAI_NONAME and
EAI_NODATA are all permanent failure codes and the causes are all
permanent failures in the sense that there is no point in retrying
later."

This should cover more early-boot situations.

While we're at it, we clean up the logic a bit so that we don't have a
retry message on the final non-retrying attempt. We also peer into errno
when receiving EAI_SYSTEM, to report to the user what actually happened.

Also, fix the quoting back tick front tick mess.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld
38ac0ff08e Makefile: clang now builds the kernel, so use scan-build
Also add little stub for coccinelle and clean up semicolon issue it
found.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-05 22:21:53 +02:00
Jason A. Donenfeld
5b65f87e9f netlink: switch from ioctl to netlink for configuration
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-02 02:45:53 +02:00
Jason A. Donenfeld
9ef84af8c0 wg: use key_is_zero for comparing to zeros
Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-09-24 23:10:15 +02:00
Jason A. Donenfeld
34337b0906 wg: fix removal of psk
This is an attribute of the peer, not the device.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-08-23 12:51:52 -06:00
Jason A. Donenfeld
32afe0e220 wg: allow creating device with no peers
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31 05:35:34 +02:00
Jason A. Donenfeld
945fae0c7c wg: support text-based ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:13:14 +02:00
Jason A. Donenfeld
067ebe2cb9 wg: stricter key file reading
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld
fabb6eca2b noise: redesign preshared key mode
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld
83223f8e4c wg: retry name resolution on temporary failure
This should solve many problems at init time.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld
6a967c63a7 wg: check for malloc failure
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19 18:26:32 +02:00
Jason A. Donenfeld
755217bd85 wg: side channel resistant base64
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-19 18:26:32 +02:00
Jason A. Donenfeld
d42dd68add wg: do not use addrconfig with port in gai
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-28 10:46:31 +02:00
Jason A. Donenfeld
6d20c647d0 uapi: add version magic
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-24 04:44:27 +01:00
Jason A. Donenfeld
d4edc7baa8 wg: give "off" value for fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-23 07:09:49 +01:00
Jason A. Donenfeld
c8472e2dab socket: enable setting of fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-13 21:55:18 +01:00
Jason A. Donenfeld
3606898d23 wg: remove key for any empty file
Rather than just using /dev/null to mean key removal, match on any empty
file, so that this interface is cross platform.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-07 12:21:22 +01:00
Jason A. Donenfeld
666623a82e wg: setconf should remove existing psk
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-02-07 12:21:22 +01:00
Jason A. Donenfeld
396dc76a04 Update copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 06:36:19 +01:00
Jason A. Donenfeld
f43b43376b uapi: use sockaddr union instead of sockaddr_storage
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 06:29:24 +01:00
Jason A. Donenfeld
48f7c3522a uapi: use flag instead of C bitfield for portability
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10 05:36:43 +01:00
Jason A. Donenfeld
a488f1b084 wg: do not use AI_ADDRCONFIG
Some people run wg(8) using hard coded v6 addresses before interfaces
have v6 addresses, causing getaddrinfo to fail. Since AI_ADDRCONFIG
doesn't actualy change the sorting, but just the queries made, we don't
really need AI_ADDRCONFIG anyway, since we're always only taking the
first result.

Reported-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-23 21:09:23 +01:00
Jason A. Donenfeld
16a6972bb6 headers: cleanup notices
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-21 01:00:07 +01:00
Jason A. Donenfeld
3338bb11e8 wg: chill modern gcc out
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-05 21:45:12 +01:00
Jason A. Donenfeld
967ea8c712 wg: allow multiple AllowedIPs invocations
It turns out this is a somewhat natural thing to do in config files.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-30 04:35:51 +02:00
Jason A. Donenfeld
822ae991d8 persistent-keepalive: change range to [1,65535]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-08 14:05:37 +02:00
Jason A. Donenfeld
1b9a83c852 c: specify static array size in function params
The C standard states:

  A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to
  type'', where the type qualifiers (if any) are those specified within the [ and ] of the
  array type derivation. If the keyword static also appears within the [ and ] of the
  array type derivation, then for each call to the function, the value of the corresponding
  actual argument shall provide access to the first element of an array with at least as many
  elements as specified by the size expression.

By changing void func(int array[4]) to void func(int array[static 4]),
we automatically get the compiler checking argument sizes for us, which
is quite nice.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:42 +02:00
Jason A. Donenfeld
b318e81cd0 wg: rename kernel to ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld
fc743caf3b persistent keepalive: add userspace support
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:43:33 +02:00
Jason A. Donenfeld
742f038fc2 wg: improve error reporting and detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld
8132305e54 Initial commit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-25 16:48:39 +02:00