Commit graph

241 commits

Author SHA1 Message Date
Jason A. Donenfeld
986feba2ee wg-quick: darwin: reorder functions
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
Jason A. Donenfeld
80ff1f8ded wg-quick: darwin: networksetup does not like missing stdio
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
Jason A. Donenfeld
884f7c50ce wg-quick: darwin: avoid routing loop if no default
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 04:08:53 +02:00
Jason A. Donenfeld
0d9f30246d wg-quick: darwin: sometimes there are no network services
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 03:26:51 +02:00
Jason A. Donenfeld
fe9bc71e40 wg-quick: use invoking shell in auto rooting
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 19:19:48 +02:00
Jason A. Donenfeld
6c407ae27b wg-quick: add intentionally undocumented userspace implementation knob
This knob might disappear at some point, and we don't want to encourage
its use, so it's not being documented, but this should help with
development of new implementations.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:25:42 +02:00
Jason A. Donenfeld
4502350512 wg-quick: darwin: use bash from environment and require bash 4+
For properly configured Homebrew installations /usr/local/bin should be
before /bin, so this should still work. This allows the script to be
used in more than one setting.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:25:42 +02:00
Jason A. Donenfeld
699777da8c wg-quick: darwin: restore DNS on down
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
9c18c70da6 wg-quick: darwin: bash correctness
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
f64f0cc740 wg-quick: darwin: remove v6 routes after shutdown
This works around a Darwin kernel bug regarding interface removal.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
cfa4203be7 wg-quick: darwin: ensure socket directory exists
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:05:04 +02:00
Jason A. Donenfeld
19990e2937 dns-hatchet: update paths
Suggested-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:04:46 +02:00
Jason A. Donenfeld
2f34f3efe7 ncat-client-server: add wg-quick variant
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-15 02:26:55 +02:00
Jason A. Donenfeld
a5412d1056 wg-quick: add darwin implementation
It's pretty rough and leaves much to be desired, but it works.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-15 02:12:13 +02:00
Jason A. Donenfeld
5d9433d73f wg-quick: add wg symlink
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 19:23:17 +02:00
Jason A. Donenfeld
a563ba2cf9 wg-quick: add android implementation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 18:23:52 +02:00
Jason A. Donenfeld
08c78a65af wg: reorganize for multiplatform wg-quick
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-14 18:18:40 +02:00
Jason A. Donenfeld
0b64881c7a wg-quick: preliminary support for go implementation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-10 19:23:02 +02:00
Jason A. Donenfeld
f8a990763a embeddable-wg-library: zero attribute padding
See: http://git.netfilter.org/libmnl/commit/?id=37c876b55a2c00424ccda5a300ab5fdec1d88b22
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-03 19:08:20 +02:00
Jason A. Donenfeld
f36209f588 keygen-html: add zip file example
A little bit more JavaScript for easy copy&pasting.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-02 17:38:07 +02:00
Jason A. Donenfeld
81879fe346 wg-quick: account for specified fwmark in auto routing mode
If we're doing automatic routing with default routes, but the config has
also specified an explicit fwmark, then use that explicit fwmark, even
if it's conflicting, since the administrator has explicitly opted into
using it. Also, when shutting down the interface, we only now remove the
fancy rules if we're in automatic routing mode with default routes.

Suggested-by: Luis Ressel <aranea@aixah.de>
Reported-by: Saeid Akbari <saeidscorp@yahoo.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-04-15 15:41:57 +02:00
Jason A. Donenfeld
cd19f54970 wg-quick.8: fix typo
Reported-by: Mike Pechkin <mike.pechkin@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-04-04 10:53:20 -04:00
Jason A. Donenfeld
81b7e4863c wg-quick: hide errors on save
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-04 19:03:54 +01:00
Jason A. Donenfeld
d4421aea89 contrib: add extract-handshakes kprobe example
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-04 18:50:25 +01:00
Jason A. Donenfeld
e6ce5fd386 wg-quick: if resolvconf/run/iface exists, use it
Some older broken resolvconfs don't support resolvconf -l, but do have a
file in a standard location, so use it.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-04 18:50:25 +01:00
Jason A. Donenfeld
99264cb88f wg-quick: if resolvconf/interface-order exists, use it
Some older broken resolvconf implementations ignore -m, but do have an
interface-order list. It's better to use this list dynamically, in case
it changes, or in case it's not used by the OS's resolvconf
implementation, such as in the case of systemd or openresolv.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-04 18:50:25 +01:00
Jason A. Donenfeld
4574967465 global: in gnu code, use un-underscored asm
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
3314030d57 Revert "contrib: keygen-html: rewrite in pure javascript"
This reverts commit e5203543a674453ce1e0cbbcb234d3308762fe65.

As swanky as it is to have a really short file, it's hard to justify and
makes me nervous.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
3749b29b1f contrib: keygen-html: rewrite in pure javascript
Emscripten is too cumbersome. This code here is much slower, but it's
shorter and simpler.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
0e6fe9a548 contrib: embedded-wg-library: add key generation functions
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-03-02 16:42:29 +01:00
Jason A. Donenfeld
295c9ff274 contrib: embedded-wg-library: add ability to add and del interfaces
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-21 02:53:06 +01:00
Jason A. Donenfeld
d29e0bad7d wg: fixup errno handling
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 20:15:49 +01:00
Jason A. Donenfeld
ca5d2708e0 wg: FreeBSD doesn't have EAI_NODATA
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 19:30:05 +01:00
Jason A. Donenfeld
5ecc49a62f wg: do not collide types with libc clashes
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 18:58:31 +01:00
Jason A. Donenfeld
2f42abeb56 contrib: add embeddable wireguard library
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
186df55998 wg(8): clarify phrasing
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
437116f238 wg: allow in-line comments
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-17 05:55:03 +01:00
Jason A. Donenfeld
cc8a25e2f6 external-tests: update go version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-15 13:12:28 +01:00
Jason A. Donenfeld
186272048d wg: normalize strncpy/snprintf usage
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-14 23:21:11 +01:00
Jason A. Donenfeld
725258b9e3 wg-quick: match from beginning rather than shift right
Before, this meant that it simply took the last 15 characters, instead
of erroring out when there's more than 15 chars.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-06 12:52:09 +01:00
Jason A. Donenfeld
5be1ce2aab wg: endian.h is not portable
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-05 12:26:28 +01:00
Jason A. Donenfeld
7b0fc75a17 keygen-html: fix up copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-02 22:03:11 +01:00
Jason A. Donenfeld
bee5bbb6f3 curve25519: replace fiat64 with faster hacl64
This reverts commit da4ff396cc5d5e0ff21f9ecbc2f951c048c63fff and adds
some optimizations to hacl64.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-01 19:51:50 +01:00
Jason A. Donenfeld
40ae0e0bba curve25519: replace hacl64 with fiat64
For now, it's faster:

hacl64: 109782 cycles per call
fiat64: 108984 cycles per call

It's quite possible this commit will be reverted with nice changes from
INRIA, though.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-02-01 19:51:50 +01:00
Jason A. Donenfeld
bc3f283148 wg: dedup secret normalization
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-31 15:58:17 +01:00
Jason A. Donenfeld
1e5d6b9a66 wg: fread doesn't change errno
Thus we might be responding to an old errno, which could cause this to
unnecessarily fail.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-30 14:46:34 +01:00
Jason A. Donenfeld
17e7c34d38 contrib: keygen-html: share curve25519 implementation with kernel
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-23 11:55:44 +01:00
Jason A. Donenfeld
b0d41e8b10 wg: share curve25519 implementations with kernel
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-23 11:55:44 +01:00
Jason A. Donenfeld
5306604aa5 curve25519-fiat32: uninline certain functions
While this has a negative performance impact on x86_64, it has a
positive performance impact on smaller machines, which is where we're
actually using this code. For example, an A53:

Before: fiat32: 228605 cycles per call
After: fiat32: 188307 cycles per call
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-18 20:14:27 +01:00
Jason A. Donenfeld
d68293b8a3 contrib: keygen-html: update curve25519 implementation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-01-18 13:28:16 +01:00