Commit graph

108 commits

Author SHA1 Message Date
Jason A. Donenfeld
66ed611bd0 sticky-sockets: do not use SO_REUSEADDR
This makes little sense for unicast UDP sockets.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-12-18 23:40:15 +01:00
Jason A. Donenfeld
b637db4692 embeddable-wg-library: sync latest from netlink.h
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-29 12:44:47 +01:00
Jason A. Donenfeld
7f236c7957 wg-quick: support dns search domains
If DNS= has an IP in it, treat it as a DNS server. If DNS= has a non-IP
in it, treat it as a DNS search domain.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-05-09 00:29:53 -06:00
Jason A. Donenfeld
20e28d2b0f highlighter: insist on 256-bit keys, not 257-bit or 258-bit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-04-03 23:14:07 -06:00
Jason A. Donenfeld
db5cb4f15c embeddable-wg-library: use newer string_list
This ports 1d2d6200b8.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-02-03 16:35:01 +01:00
Jason A. Donenfeld
1ad6b17c35 extract-{handshakes,keys}: rework for upstream kernel
Now that WireGuard has been upstreamed and the repos split, we have to
look elsewhere for these headers.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-02-01 00:53:30 +01:00
Jason A. Donenfeld
d8230ea0dc global: bump copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-01-02 19:52:25 +01:00
Jason A. Donenfeld
d359ead4dc dns-hatchet: adjust path for new repo layout
Reported-by: Joe Doss <joe@solidadmin.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-12-26 18:10:37 +01:00
Josh Soref
a863be0148 global: fix up spelling
Signed-off-by: Josh Soref <jsoref@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-12-12 12:24:05 +01:00
Jason A. Donenfeld
34ea0caf1f reresolve-dns: remove invalid anchors on regex match
Reported-by: Conrad Meyer <cem@freebsd.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-11-27 14:42:34 +01:00
Jason A. Donenfeld
b30e74b595 wg-quick: darwin: support being called from launchd
This causes wg-quick up to wait for the monitor to exit before it exits,
so that launchd can correctly wait on it.

Reported-by: Cameron Palmer <cameron@promon.no>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-24 11:19:18 +02:00
Jason A. Donenfeld
74a6f97b7a wg: genkey: account for short reads of /dev/urandom
Apparently Haiku has a misbehaving /dev/urandom.

While we're at it, simplify the function signature to completely succeed
or completely fail and make sure the caller checks the result.

Reported-by: Alexander von Gluck IV <kallisti5@unixzen.com>
Nitpicked-by: Aaron Jones <aaronmdjones@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-28 23:53:00 +01:00
Jason A. Donenfeld
1e58a0525e highlighter: when subtracting char, cast to unsigned
Windows.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-31 02:03:10 +01:00
Jason A. Donenfeld
a6e4ec487d netlink: use __kernel_timespec for handshake time
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-23 14:29:44 +01:00
Jason A. Donenfeld
ee88038986 contrib: introduce simple highlighter library
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-23 14:29:44 +01:00
Jason A. Donenfeld
777fe674c4 global: normalize -> clamp
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-23 14:29:44 +01:00
Jason A. Donenfeld
3ac679e7a1 keygen-html: bring back pure javascript implementation
This reverts commit 9d5baf7d1d14ca7eb0852b41566330259229d489.

Benoît Viguier has proofs that values will stay well within 2^53. We
also have an improved carry function that's much simpler.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-23 14:29:44 +01:00
Jason A. Donenfeld
b8e89f3a09 global: update copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-07 19:26:10 -05:00
Jason A. Donenfeld
89662178c6 makefile: use immediate expansion and use correct template patterns
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-18 14:41:48 +01:00
Jason A. Donenfeld
586b466394 embeddable-wg-library: do not warn on unrecognized netlink attributes
This is a follow up of bcf8684c9ec90fe0d283a67d1654d05fb3eae019.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-07 06:07:35 +01:00
Jason A. Donenfeld
4de77e0646 global: various formatting tweeks
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-13 00:34:16 -08:00
Jason A. Donenfeld
1aa8364b17 keygen-html: add missing glue macro
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-06 03:30:06 +01:00
Jason A. Donenfeld
599b84fbd1 wg: don't fail if a netlink interface dump is inconsistent
Netlink returns NLM_F_DUMP_INTR if the set of all tunnels changed
during the dump. That's unfortunate, but is pretty common on busy
systems that are adding and removing tunnels all the time. Rather
than retrying, potentially indefinitely, we just work with the
partial results.

Reported-by: Robert Gerus <ar@is-a.cat>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-13 01:55:31 +02:00
Jason A. Donenfeld
846d2514c5 global: rename struct wireguard_ to struct wg_
This required a bit of pruning of our christmas trees.

Suggested-by: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08 03:38:12 +02:00
Jason A. Donenfeld
54569b7999 netlink: do not stuff index into nla type
It's not used for anything, and LKML doesn't like the type being used as
an index value.

Suggested-by: Eugene Syromiatnikov <esyr@redhat.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-08 03:14:52 +02:00
Jason A. Donenfeld
6790b07868 crypto: clean up remaining .h->.c
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-07 16:35:54 +02:00
Jason A. Donenfeld
646d7a5c78 crypto: make constant naming scheme consistent
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25 03:01:21 +02:00
Jason A. Donenfeld
cef7ac9ef9 global: put SPDX identifier on its own line
The kernel has very specific rules correlating file type with comment
type, and also SPDX identifiers can't be merged with other comments.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20 19:41:22 +02:00
Jason A. Donenfeld
4d59d1f2c5 crypto: import zinc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-03 23:52:11 -06:00
Jason A. Donenfeld
c61c5a03ee embeddable-wg-library: do not left shift negative numbers
Otherwise we incur undefined behavior.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
Jason A. Donenfeld
2ce4680bd3 dns-hatchet: apply resolv.conf's selinux context to new resolv.conf
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
Jason A. Donenfeld
d90e49599b wg: encoding: add missing static array constraints
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-06 00:05:58 +02:00
Jason A. Donenfeld
2bca99893f wg: constanter time encoding
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 01:24:51 +02:00
Jason A. Donenfeld
550119bb08 ncat-client-server: do not always call sudo and use env bash
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
Jason A. Donenfeld
19990e2937 dns-hatchet: update paths
Suggested-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:04:46 +02:00
Jason A. Donenfeld
2f34f3efe7 ncat-client-server: add wg-quick variant
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-15 02:26:55 +02:00
Jason A. Donenfeld
f8a990763a embeddable-wg-library: zero attribute padding
See: http://git.netfilter.org/libmnl/commit/?id=37c876b55a2c00424ccda5a300ab5fdec1d88b22
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-03 19:08:20 +02:00
Jason A. Donenfeld
f36209f588 keygen-html: add zip file example
A little bit more JavaScript for easy copy&pasting.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-02 17:38:07 +02:00
Jason A. Donenfeld
d4421aea89 contrib: add extract-handshakes kprobe example
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-04 18:50:25 +01:00
Jason A. Donenfeld
3314030d57 Revert "contrib: keygen-html: rewrite in pure javascript"
This reverts commit e5203543a674453ce1e0cbbcb234d3308762fe65.

As swanky as it is to have a really short file, it's hard to justify and
makes me nervous.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
3749b29b1f contrib: keygen-html: rewrite in pure javascript
Emscripten is too cumbersome. This code here is much slower, but it's
shorter and simpler.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
0e6fe9a548 contrib: embedded-wg-library: add key generation functions
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
295c9ff274 contrib: embedded-wg-library: add ability to add and del interfaces
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-21 02:53:06 +01:00
Jason A. Donenfeld
2f42abeb56 contrib: add embeddable wireguard library
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
437116f238 wg: allow in-line comments
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
cc8a25e2f6 external-tests: update go version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-15 13:12:28 +01:00
Jason A. Donenfeld
7b0fc75a17 keygen-html: fix up copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-02 22:03:11 +01:00
Jason A. Donenfeld
bee5bbb6f3 curve25519: replace fiat64 with faster hacl64
This reverts commit da4ff396cc5d5e0ff21f9ecbc2f951c048c63fff and adds
some optimizations to hacl64.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-01 19:51:50 +01:00
Jason A. Donenfeld
40ae0e0bba curve25519: replace hacl64 with fiat64
For now, it's faster:

hacl64: 109782 cycles per call
fiat64: 108984 cycles per call

It's quite possible this commit will be reverted with nice changes from
INRIA, though.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-01 19:51:50 +01:00
Jason A. Donenfeld
17e7c34d38 contrib: keygen-html: share curve25519 implementation with kernel
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-23 11:55:44 +01:00