Commit graph

25 commits

Author SHA1 Message Date
Jason A. Donenfeld 967ea8c712 wg: allow multiple AllowedIPs invocations
It turns out this is a somewhat natural thing to do in config files.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-30 04:35:51 +02:00
Jason A. Donenfeld 822ae991d8 persistent-keepalive: change range to [1,65535]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-08 14:05:37 +02:00
Jason A. Donenfeld e938263886 wg: use correct headers in ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:43 +02:00
Jason A. Donenfeld db69cc7119 wg: do not show private keys in pretty output
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:43 +02:00
Jason A. Donenfeld 1b9a83c852 c: specify static array size in function params
The C standard states:

  A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to
  type'', where the type qualifiers (if any) are those specified within the [ and ] of the
  array type derivation. If the keyword static also appears within the [ and ] of the
  array type derivation, then for each call to the function, the value of the corresponding
  actual argument shall provide access to the first element of an array with at least as many
  elements as specified by the size expression.

By changing void func(int array[4]) to void func(int array[static 4]),
we automatically get the compiler checking argument sizes for us, which
is quite nice.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:42 +02:00
Jason A. Donenfeld d6b3bc6948 wg: use stream instead of seqpacket
To support OS X and Windows, we have to. Ugh.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 21:08:25 +02:00
Jason A. Donenfeld ec890556e4 wg: Use seqpacket instead of dgram
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 20:30:34 +02:00
Jason A. Donenfeld f304bc3199 wg: add -MP to makefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 14:58:30 +02:00
Jason A. Donenfeld fc72510937 wg: add default cflag
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 16:38:56 +02:00
Jason A. Donenfeld a8baff2ab3 wg: propagate set errno
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 13:33:20 +02:00
Jason A. Donenfeld a773a23c75 wg: abstract sockets are dangerous
They have no permissions, so we're probably better off just creating a
socket file with the umask set, as we do in BSD.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 12:28:37 +02:00
Jason A. Donenfeld b318e81cd0 wg: rename kernel to ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld 9889b42788 wg: support horrible freebsd/osx/unix semantics
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld b16641e30c wg: first additions of userspace integration
This is designed to work with a server that follows this:

  struct sockaddr_un addr = {
      .sun_family = AF_UNIX,
      .sun_path = "/var/run/wireguard/wguserspace0.sock"
  };
  int fd, ret;
  ssize_t len;
  socklen_t socklen;
  struct wgdevice *device;

  fd = socket(AF_UNIX, SOCK_DGRAM, 0);
  if (fd < 0)
      exit(1);
  if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
      exit(1);

  for (;;) {
      /* First we look at how big the next message is, so we know how much to
       * allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
      len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
      if (len < 0) {
          handle_error();
          continue;
      }
      /* Next we allocate a buffer for the received data. */
      device = NULL;
      if (len) {
          device = malloc(len);
          if (!device) {
              handle_error();
              continue;
          }
      }
      /* Finally we receive the data, storing too the return address. */
      socklen = sizeof(addr);
      len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
      if (len < 0) {
          handle_error();
          free(device);
          continue;
      }
      if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
          device = get_current_wireguard_device(&len);
          sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
      } else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
          ret = set_current_wireguard_device(device);
          sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
          free(device);
      }
  }

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-20 22:04:56 +02:00
Jason A. Donenfeld fd14807259 wg: fix numbering in man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-16 04:13:55 +02:00
Jason A. Donenfeld 46a6bf3a52 persistent keepalive: use authenticated keepalives
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-10 03:46:56 +02:00
Jason A. Donenfeld d81cafde7f persistent keepalive: documentation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:52:41 +02:00
Jason A. Donenfeld fc743caf3b persistent keepalive: add userspace support
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:43:33 +02:00
Jason A. Donenfeld 7887d8024c wg: use pkg-config in Makefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-06 23:51:00 +02:00
Jason A. Donenfeld be4f3cd7c2 wg: always fallback to /dev/urandom
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 742f038fc2 wg: improve error reporting and detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 1a64438b21 contrib: remove extraneous cruft
We don't want people packaging these or even using these scripts, which
are only useful for limited development circumstances, so get rid of
them. More widespread development testing techniques still exist in
src/debug.mk and src/netns.sh

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 23:40:06 +02:00
Jason A. Donenfeld abb1128785 wg.8: wording tweaks
Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 04:08:29 +02:00
Daniel Kahn Gillmor 3970401017 Readme: use https instead of http
For the websites referenced that offer https instead of http, use
https.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-30 20:48:12 +02:00
Jason A. Donenfeld 8132305e54 Initial commit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-25 16:48:39 +02:00