Commit graph

278 commits

Author SHA1 Message Date
Jason A. Donenfeld a773a23c75 wg: abstract sockets are dangerous
They have no permissions, so we're probably better off just creating a
socket file with the umask set, as we do in BSD.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 12:28:37 +02:00
Jason A. Donenfeld b318e81cd0 wg: rename kernel to ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld 9889b42788 wg: support horrible freebsd/osx/unix semantics
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld b16641e30c wg: first additions of userspace integration
This is designed to work with a server that follows this:

  struct sockaddr_un addr = {
      .sun_family = AF_UNIX,
      .sun_path = "/var/run/wireguard/wguserspace0.sock"
  };
  int fd, ret;
  ssize_t len;
  socklen_t socklen;
  struct wgdevice *device;

  fd = socket(AF_UNIX, SOCK_DGRAM, 0);
  if (fd < 0)
      exit(1);
  if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
      exit(1);

  for (;;) {
      /* First we look at how big the next message is, so we know how much to
       * allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
      len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
      if (len < 0) {
          handle_error();
          continue;
      }
      /* Next we allocate a buffer for the received data. */
      device = NULL;
      if (len) {
          device = malloc(len);
          if (!device) {
              handle_error();
              continue;
          }
      }
      /* Finally we receive the data, storing too the return address. */
      socklen = sizeof(addr);
      len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
      if (len < 0) {
          handle_error();
          free(device);
          continue;
      }
      if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
          device = get_current_wireguard_device(&len);
          sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
      } else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
          ret = set_current_wireguard_device(device);
          sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
          free(device);
      }
  }

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-20 22:04:56 +02:00
Jason A. Donenfeld fd14807259 wg: fix numbering in man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-16 04:13:55 +02:00
Jason A. Donenfeld 46a6bf3a52 persistent keepalive: use authenticated keepalives
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-10 03:46:56 +02:00
Jason A. Donenfeld 2fd253ff1f examples: update ncat-client-server readme
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 23:41:57 +02:00
Jason A. Donenfeld e2cc7743d5 persistent keepalive: enable in an example
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 12:36:04 +02:00
Jason A. Donenfeld d81cafde7f persistent keepalive: documentation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:52:41 +02:00
Jason A. Donenfeld fc743caf3b persistent keepalive: add userspace support
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:43:33 +02:00
Jonathan Rudenberg 2a9625acf6 go test: don't rely on undefined append behavior
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:59:40 +02:00
Jason A. Donenfeld 49ea3d5cf4 rust test: actually use tai64n
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:48:04 +02:00
Jason A. Donenfeld cb3d5626e0 go test: actually use TAI64N
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:47:32 +02:00
Jason A. Donenfeld 0e583e8770 go test: don't use 1 as icmp ids
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:44:01 +02:00
Jason A. Donenfeld 554d77fbd7 go test: dynamically calculate ip checksum
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:42:35 +02:00
Jonathan Rudenberg 35a61c32fa go test: add ICMP ping
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 12:52:42 +02:00
Jason A. Donenfeld 1f349aa101 external-tests: switch to demo server
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 03:52:21 +02:00
Jason A. Donenfeld 5a427c7024 go test: put nonce at correct location
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 02:33:29 +02:00
Jonathan Rudenberg 85a14af6b0 go test: make more idiomatic
- gofmt
- Give config struct one line per field
- Use camel case
- Check errors
- Log invariants with detail
- Use consistent pronouns

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 02:33:01 +02:00
Jason A. Donenfeld 7887d8024c wg: use pkg-config in Makefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-06 23:51:00 +02:00
Jason A. Donenfeld 4e04bee915 contrib: organize example scripts and add synergy
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-05 16:01:31 +02:00
Jason A. Donenfeld be4f3cd7c2 wg: always fallback to /dev/urandom
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 742f038fc2 wg: improve error reporting and detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 1a64438b21 contrib: remove extraneous cruft
We don't want people packaging these or even using these scripts, which
are only useful for limited development circumstances, so get rid of
them. More widespread development testing techniques still exist in
src/debug.mk and src/netns.sh

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 23:40:06 +02:00
Jason A. Donenfeld abb1128785 wg.8: wording tweaks
Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 04:08:29 +02:00
Jason A. Donenfeld 3b900f17b9 Readme: the documentation moved to .io
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-30 21:45:42 +02:00
Daniel Kahn Gillmor 3970401017 Readme: use https instead of http
For the websites referenced that offer https instead of http, use
https.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-30 20:48:12 +02:00
Jason A. Donenfeld 8132305e54 Initial commit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-25 16:48:39 +02:00