Commit graph

354 commits

Author SHA1 Message Date
Jason A. Donenfeld a488f1b084 wg: do not use AI_ADDRCONFIG
Some people run wg(8) using hard coded v6 addresses before interfaces
have v6 addresses, causing getaddrinfo to fail. Since AI_ADDRCONFIG
doesn't actualy change the sorting, but just the queries made, we don't
really need AI_ADDRCONFIG anyway, since we're always only taking the
first result.

Reported-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-23 21:09:23 +01:00
Jason A. Donenfeld b5415c0b65 wg: allowed-ips is easier to parse with spaces instead of ", "
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-23 21:09:23 +01:00
Jason A. Donenfeld 50e1f58fde wg-config: cleanup ip parsing
This also sorts routes by cidr.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-23 21:09:23 +01:00
Jason A. Donenfeld 187bf98339 wg: fix latest-handshake typo in documentation
Reported-by: Dan Lüdtke <mail@danrl.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-16 06:35:58 +01:00
Jason A. Donenfeld f03aea7574 contrib: add wg-config
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-09 21:31:11 +01:00
Jason A. Donenfeld 9707e5d6af wg: warn about clock going backward
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-29 20:56:41 +01:00
Jason A. Donenfeld 16a6972bb6 headers: cleanup notices
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-21 01:00:07 +01:00
Jason A. Donenfeld 3338bb11e8 wg: chill modern gcc out
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-05 21:45:12 +01:00
Jason A. Donenfeld ff52c3e3a4 qemu: move build outside of kernel dir to avoid kernel's make clean
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-05 13:22:55 +01:00
Jason A. Donenfeld a97901e4fd wg: abstract pkg-config to PKG_CONFIG
Distros like Exherbo have multitarget setups with toolnames prefixed by
the arch.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-02 11:50:52 +01:00
Jason A. Donenfeld 971c792ba9 wg: everybody hates automatic stripping
I happen to like it, but package managers don't. The GNU standard [1]
says there should be a separate install-strip target. I don't like
duplicating code like that. So, instead, I'll just remove stripping all
together.

[1] https://www.gnu.org/prep/standards/html_node/Standard-Targets.html

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-02 11:49:07 +01:00
Jason A. Donenfeld 17aa3e35c6 git: organize ignore files
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-09-29 19:31:22 +02:00
Jason A. Donenfeld 8a57a2cefb Rework headers and includes
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-09-29 19:25:30 +02:00
Jason A. Donenfeld 967ea8c712 wg: allow multiple AllowedIPs invocations
It turns out this is a somewhat natural thing to do in config files.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-30 04:35:51 +02:00
Jason A. Donenfeld cb8be29c18 examples: add key extractor
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-26 04:52:50 +02:00
Jason A. Donenfeld 62fe72133c examples: add nat-hole-punching
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-24 15:47:31 +02:00
Jason A. Donenfeld aae568937e tests: use makefile and expand greatly
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-08 15:44:42 +02:00
Jason A. Donenfeld 822ae991d8 persistent-keepalive: change range to [1,65535]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-08 14:05:37 +02:00
Jason A. Donenfeld e938263886 wg: use correct headers in ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:43 +02:00
Jason A. Donenfeld db69cc7119 wg: do not show private keys in pretty output
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:43 +02:00
Jason A. Donenfeld 1b9a83c852 c: specify static array size in function params
The C standard states:

  A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to
  type'', where the type qualifiers (if any) are those specified within the [ and ] of the
  array type derivation. If the keyword static also appears within the [ and ] of the
  array type derivation, then for each call to the function, the value of the corresponding
  actual argument shall provide access to the first element of an array with at least as many
  elements as specified by the size expression.

By changing void func(int array[4]) to void func(int array[static 4]),
we automatically get the compiler checking argument sizes for us, which
is quite nice.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02 02:55:42 +02:00
Jason A. Donenfeld d6b3bc6948 wg: use stream instead of seqpacket
To support OS X and Windows, we have to. Ugh.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 21:08:25 +02:00
Jason A. Donenfeld ec890556e4 wg: Use seqpacket instead of dgram
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 20:30:34 +02:00
Jason A. Donenfeld f304bc3199 wg: add -MP to makefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22 14:58:30 +02:00
Jason A. Donenfeld fc72510937 wg: add default cflag
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 16:38:56 +02:00
Jason A. Donenfeld a8baff2ab3 wg: propagate set errno
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 13:33:20 +02:00
Jason A. Donenfeld a773a23c75 wg: abstract sockets are dangerous
They have no permissions, so we're probably better off just creating a
socket file with the umask set, as we do in BSD.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 12:28:37 +02:00
Jason A. Donenfeld b318e81cd0 wg: rename kernel to ipc
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld 9889b42788 wg: support horrible freebsd/osx/unix semantics
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-21 11:26:52 +02:00
Jason A. Donenfeld b16641e30c wg: first additions of userspace integration
This is designed to work with a server that follows this:

  struct sockaddr_un addr = {
      .sun_family = AF_UNIX,
      .sun_path = "/var/run/wireguard/wguserspace0.sock"
  };
  int fd, ret;
  ssize_t len;
  socklen_t socklen;
  struct wgdevice *device;

  fd = socket(AF_UNIX, SOCK_DGRAM, 0);
  if (fd < 0)
      exit(1);
  if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
      exit(1);

  for (;;) {
      /* First we look at how big the next message is, so we know how much to
       * allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
      len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
      if (len < 0) {
          handle_error();
          continue;
      }
      /* Next we allocate a buffer for the received data. */
      device = NULL;
      if (len) {
          device = malloc(len);
          if (!device) {
              handle_error();
              continue;
          }
      }
      /* Finally we receive the data, storing too the return address. */
      socklen = sizeof(addr);
      len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
      if (len < 0) {
          handle_error();
          free(device);
          continue;
      }
      if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
          device = get_current_wireguard_device(&len);
          sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
      } else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
          ret = set_current_wireguard_device(device);
          sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
          free(device);
      }
  }

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-20 22:04:56 +02:00
Jason A. Donenfeld fd14807259 wg: fix numbering in man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-16 04:13:55 +02:00
Jason A. Donenfeld 46a6bf3a52 persistent keepalive: use authenticated keepalives
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-10 03:46:56 +02:00
Jason A. Donenfeld 2fd253ff1f examples: update ncat-client-server readme
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 23:41:57 +02:00
Jason A. Donenfeld e2cc7743d5 persistent keepalive: enable in an example
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 12:36:04 +02:00
Jason A. Donenfeld d81cafde7f persistent keepalive: documentation
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:52:41 +02:00
Jason A. Donenfeld fc743caf3b persistent keepalive: add userspace support
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-08 02:43:33 +02:00
Jonathan Rudenberg 2a9625acf6 go test: don't rely on undefined append behavior
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:59:40 +02:00
Jason A. Donenfeld 49ea3d5cf4 rust test: actually use tai64n
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:48:04 +02:00
Jason A. Donenfeld cb3d5626e0 go test: actually use TAI64N
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:47:32 +02:00
Jason A. Donenfeld 0e583e8770 go test: don't use 1 as icmp ids
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:44:01 +02:00
Jason A. Donenfeld 554d77fbd7 go test: dynamically calculate ip checksum
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 13:42:35 +02:00
Jonathan Rudenberg 35a61c32fa go test: add ICMP ping
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 12:52:42 +02:00
Jason A. Donenfeld 1f349aa101 external-tests: switch to demo server
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 03:52:21 +02:00
Jason A. Donenfeld 5a427c7024 go test: put nonce at correct location
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 02:33:29 +02:00
Jonathan Rudenberg 85a14af6b0 go test: make more idiomatic
- gofmt
- Give config struct one line per field
- Use camel case
- Check errors
- Log invariants with detail
- Use consistent pronouns

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-07 02:33:01 +02:00
Jason A. Donenfeld 7887d8024c wg: use pkg-config in Makefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-06 23:51:00 +02:00
Jason A. Donenfeld 4e04bee915 contrib: organize example scripts and add synergy
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-05 16:01:31 +02:00
Jason A. Donenfeld be4f3cd7c2 wg: always fallback to /dev/urandom
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 742f038fc2 wg: improve error reporting and detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-03 20:45:48 +02:00
Jason A. Donenfeld 1a64438b21 contrib: remove extraneous cruft
We don't want people packaging these or even using these scripts, which
are only useful for limited development circumstances, so get rid of
them. More widespread development testing techniques still exist in
src/debug.mk and src/netns.sh

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 23:40:06 +02:00