contrib: remove extraneous cruft

We don't want people packaging these or even using these scripts, which are only useful for limited development circumstances, so get rid of them. More widespread development testing techniques still exist in src/debug.mk and src/netns.sh Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-01 23:36:59 +02:00 · 2016-07-01 23:36:59 +02:00 · 1a64438b21
parent abb1128785
commit 1a64438b21
10 changed files with 19 additions and 195 deletions
--- a/contrib/benchmarking/configs/other.conf
+++ b/contrib/benchmarking/configs/other.conf
@ -1,8 +0,0 @@
 [Interface]
 ListenPort = 27183
 PrivateKey = oHilodMrwJSD1UUIkAkyCek2yqy1Frs5XuN47ShGFk0=
 [Peer]
 PublicKey = S8hEvD+dam+PrwG4GrSPtE2Pl3ylO/oiUnUDXw3vnx0=
 AllowedIPs = 192.168.2.2/32
 Endpoint = 10.10.10.100:38292
--- a/contrib/benchmarking/configs/thinkpad.conf
+++ b/contrib/benchmarking/configs/thinkpad.conf
@ -1,8 +0,0 @@
 [Interface]
 ListenPort = 38292
 PrivateKey = MPCo/WSBkm/DCkbEXUhtjc5u//IeD6wEeaw3Q2HxFGw=
 [Peer]
 PublicKey = c5PwaIZcVZFDuoDdQJGnYe+fk+wt0qANARpnZDOvqhw=
 AllowedIPs = 0.0.0.0/0
 Endpoint = 172.16.48.128:27183
--- a/contrib/benchmarking/openvpn-config.txt
+++ b/contrib/benchmarking/openvpn-config.txt
@ -1,2 +0,0 @@
 Server: openvpn --dev tun --ifconfig 192.168.3.1 192.168.3.2 --secret static.key --cipher AES-256-CBC --auth SHA256 --port 61721
 Client: openvpn --dev tun --ifconfig 192.168.3.2 192.168.3.1 --secret static.key --cipher AES-256-CBC --auth SHA256 --port 61721 --remote 10.10.10.1
--- a/contrib/benchmarking/static.key
+++ b/contrib/benchmarking/static.key
@ -1,21 +0,0 @@
 #
 # 2048 bit OpenVPN static key
 #
 -----BEGIN OpenVPN Static key V1-----
 12abb34ac1cb716576642c7e4c9719af
 b311929f6bb5a7b9082c9ac3a02dc77a
 26fc65ba97e67d1dc5b273e72760caba
 6c8a3321acdf89bfd0469528bfc9ed89
 1c9c3762d1e18786c8b6dd590456f158
 d1f625810da1225864c23d7e848ca5d7
 18a49c4b7e640f8e51001ace9222de75
 e05177fd01b32d702bd12b45b085678c
 239e3927d98912174ac648d0e37a3247
 45cabcbea7cf70832f8800a8b863a35a
 933c5921fd65882b050bd1096a0c6c60
 638fb22eafb9f49c13573236d0427441
 c98869ba8de30e597452237527e7dcc6
 519058a919de4432203dc1d7622fb4d0
 f8f20c5350256cdf17bb3b85c5c838fc
 6ddeb4da9dae8b0b882cb043db483a9d
 -----END OpenVPN Static key V1-----
--- a/contrib/client-server-example/README
+++ b/contrib/client-server-example/README
@ -0,0 +1,16 @@
                === IMPORTANT NOTE ===
 Do not use these scripts in production. They are simply a
 demonstration of how easy the `wg(8)` tool is at the command
 line, but by no means should you actually attempt to use
 these. They are horribly insecure and defeat the purpose
 of WireGuard.
                     STAY AWAY!
 Distros: do not distribute these with your packages.
 That all said, this is a pretty cool example of just how
 darn easy WireGuard can be.
--- a/contrib/stress-testing/badpacket.c
+++ b/contrib/stress-testing/badpacket.c
@ -1,27 +0,0 @@
 #include <stdlib.h>
 #include <unistd.h>
 #include <arpa/inet.h>
 #include <sys/socket.h>
 #include <sys/ioctl.h>
 #include <net/if.h>
 #include <netinet/in.h>
 #include <linux/limits.h>
 int main(int argc, char *argv[])
 {
 	static const unsigned char handshake1[143] = { 1, 0 };
 	int fd = socket(AF_INET, SOCK_DGRAM, 0);
 	struct sockaddr_in addr = {
 		.sin_family = AF_INET,
 		.sin_port = htons(atoi(argv[2])),
 		.sin_addr = inet_addr(argv[1])
 	};
 	connect(fd, (struct sockaddr *)&addr, sizeof(addr));
 	for (;;)
 		send(fd, handshake1, sizeof(handshake1), 0);
 	close(fd);
 	return 0;
 }
--- a/contrib/stress-testing/peg.c
+++ b/contrib/stress-testing/peg.c
@ -1,50 +0,0 @@
 #include <sys/socket.h>
 #include <sys/ioctl.h>
 #include <net/if.h>
 #include <netinet/in.h>
 #include <linux/limits.h>
 #include <time.h>
 #include <stdio.h>
 #include <string.h>
 static unsigned long long interface_tx_bytes(const char *interface)
 {
 	char buf[PATH_MAX];
 	FILE *f;
 	unsigned long long ret;
 	snprintf(buf, PATH_MAX - 1, "/sys/class/net/%s/statistics/tx_bytes", interface);
 	f = fopen(buf, "r");
 	fscanf(f, "%llu", &ret);
 	fclose(f);
 	return ret;
 }
 int main(int argc, char *argv[])
 {
 	char buf[1500] = { 0 };
 	unsigned long long before, after, i;
 	struct timespec begin, end;
 	double elapsed;
 	struct ifreq req;
 	int fd = socket(AF_INET, SOCK_DGRAM, 0);
 	struct sockaddr_in addr = {
 		.sin_family = AF_INET,
 		.sin_port = htons(7271),
 		.sin_addr = inet_addr(argv[3])
 	};
 	strcpy(req.ifr_name, argv[1]);
 	ioctl(fd, SIOCGIFMTU, &req);
 	connect(fd, (struct sockaddr *)&addr, sizeof(addr));
 	before = interface_tx_bytes(argv[2]);
 	clock_gettime(CLOCK_MONOTONIC, &begin);
 	for (i = 0; i < 10000000; ++i)
 		send(fd, buf, req.ifr_mtu - 28, 0);
 	clock_gettime(CLOCK_MONOTONIC, &end);
 	after = interface_tx_bytes(argv[2]);
 	elapsed = end.tv_sec - begin.tv_sec + (end.tv_nsec - begin.tv_nsec) / 1000000000.0;
 	printf("%.4f mbps\n", ((after - before) * 8) / elapsed / 1000000.0);
 	return 0;
 }
--- a/contrib/stress-testing/self-send.sh
+++ b/contrib/stress-testing/self-send.sh
@ -1,48 +0,0 @@
 #!/bin/bash
 set -e
 PRIVATE_KEYS=("")
 PUBLIC_KEYS=("")
 resetwg() {
 	for i in {1..64}; do
 		ip link delete dev wg${i} 2>/dev/null >/dev/null || true
 	done
 }
 for i in {1..64}; do
 	next_key="$(wg genkey)"
 	PRIVATE_KEYS+=("$next_key")
 	PUBLIC_KEYS+=($(wg pubkey <<<"$next_key"))
 done
 resetwg
 trap resetwg INT TERM EXIT
 for i in {1..64}; do
 	{ echo "[Interface]"
 	  echo "ListenPort = $(( $i + 31222 ))"
 	  echo "PrivateKey = ${PRIVATE_KEYS[$i]}"
 	for j in {1..64}; do
 		[[ $i == $j ]] && continue
 		echo "[Peer]"
 		echo "PublicKey = ${PUBLIC_KEYS[$j]}"
 		echo "AllowedIPs = 192.168.8.${j}/32"
 		echo "Endpoint = 127.0.0.1:$(( $j + 31222 ))"
 	  done
 	} > "/tmp/deviceload.conf"
 	ip link add dev wg${i} type wireguard
 	wg setconf wg${i} "/tmp/deviceload.conf"
 	ip link set up dev wg${i}
 	rm "/tmp/deviceload.conf"
 done
 ip address add dev wg1 192.168.8.1/24
 while true; do
 	for i in {2..64}; do
 		echo hello | ncat -u 192.168.8.${i} 1234
 	done
 done
--- a/contrib/stress-testing/threewayiperf.sh
+++ b/contrib/stress-testing/threewayiperf.sh
@ -1,30 +0,0 @@
 #!/bin/bash
 set -e
 if [[ $(hostname) == "thinkpad" ]]; then
 	make -C "$(dirname "$0")/../../src" remote-run
 	for i in 128 129 130; do
 		scp "$0" root@172.16.48.${i}:
 	done
 	for i in 128 129 130; do
 		konsole --new-tab -e ssh -t root@172.16.48.${i} "./$(basename "$0")"
 	done
 	exit
 fi
 # perf top -U --dsos '[wireguard]'
 tmux new-session -s bigtest -d
 tmux new-window -n "server 6000" -t bigtest "iperf3 -p 6000 -s"
 tmux new-window -n "server 6001" -t bigtest "iperf3 -p 6001 -s"
 sleep 5
 me=$(ip -o -4 address show dev wg0 | sed 's/.*inet \([^ ]*\)\/.*/\1/' | cut -d . -f 4)
 for i in 1 2 3; do
 	[[ $i == $me ]] && continue
 	[[ $me == "1" ]] && port=6000
 	[[ $me == "3" ]] && port=6001
 	[[ $me == "2" && $i == "1" ]] && port=6000
 	[[ $me == "2" && $i == "3" ]] && port=6001
 	tmux new-window -n "client 192.168.2.${i}" -t bigtest "iperf3 -n 300000G -i 1 -p $port -c 192.168.2.${i}"
 done
 tmux attach -t bigtest
--- a/src/wg.8
+++ b/src/wg.8
@ -131,7 +131,9 @@ to which outgoing traffic for this peer is directed. The catch-all
 \fI::/0\fP may be specified for matching all IPv6 addresses. Required.
 .IP \(bu
 Endpoint \(em an endpoint IP or hostname, followed by a colon, and then a
-port number. Optional.
+port number. This endpoint will be updated automatically to the most recent
 source IP address and port of correctly authenticated packets from the peer.
 Optional.
 .SH CONFIGURATION FILE FORMAT EXAMPLE
 This example may be used as a model for writing configuration files.
		`@ -1,2 +0,0 @@`
			`Server: openvpn --dev tun --ifconfig 192.168.3.1 192.168.3.2 --secret static.key --cipher AES-256-CBC --auth SHA256 --port 61721`
			`Client: openvpn --dev tun --ifconfig 192.168.3.2 192.168.3.1 --secret static.key --cipher AES-256-CBC --auth SHA256 --port 61721 --remote 10.10.10.1`