09c7ab77e9
wg-quick.8: add policy routing example
...
Suggested-by: Toke Høiland-Jørgensen <toke@toke.dk>
Suggested-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-10-05 19:20:52 +02:00
646d7a5c78
crypto: make constant naming scheme consistent
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-25 03:01:21 +02:00
cef7ac9ef9
global: put SPDX identifier on its own line
...
The kernel has very specific rules correlating file type with comment
type, and also SPDX identifiers can't be merged with other comments.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-20 19:41:22 +02:00
17546fcd75
global: prefer sizeof(*pointer) when possible
...
Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-04 11:08:29 -06:00
4d59d1f2c5
crypto: import zinc
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-03 23:52:11 -06:00
407b0cb311
wg: ipc: do not warn on unrecognized netlink attributes
...
It makes extending things more difficult.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-09-02 23:59:44 -06:00
66054f3638
crypto: use unaligned helpers
...
This is not useful for WireGuard, but for the general use case we
probably want it this way, and the speed difference is mostly lost in
the noise.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-28 23:20:13 -06:00
b2ec7892c8
wg-quick: check correct variable for route deduplication
...
Reported-by: John Sager <john@sager.me.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-21 15:42:17 -07:00
ffcc09358e
wg-quick: darwin: prefer system paths for tools
...
The only things wg-quick(8) needs from Homebrew are bash(1) and wg(8).
Other than that, it's explicitly coded against the native system
utilities. Since wg-quick(8) and bash(1) are invoked in auto_su by their
full absolute path (via $SELF and $BASH, respectively), we can simply
set the $PATH to be prefixed by the default system binary paths. This
way, if users install tools that conflict with system tools -- such as
GNU coreutils -- we won't accidently call those.
Reported-by: Deirdre Connolly <durumcrustulum@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-12 00:28:28 -07:00
544d965d5f
wg-quick: android: remove compat code
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
f621f36800
wg-quick: android: allow package to be overridden
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
c61c5a03ee
embeddable-wg-library: do not left shift negative numbers
...
Otherwise we incur undefined behavior.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-24 18:15:17 +02:00
4349005f4e
wg-quick: allow link local default gateway
...
It's unclear why it was like this in the first place, but it apparently
broke certain IPv6 setups.
Reported-by: Jonas Blahut <j@die-blahuts.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-16 17:27:00 +02:00
4502f4f2b7
wg: only error on wg show if all interfaces fail
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-08 22:38:34 +02:00
4367cd0d3d
wg-quick: android: support excluding applications
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-05 19:26:13 +02:00
b3b6d97db8
wg-quick: android: prevent outgoing handshake packets from being dropped
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-25 16:15:35 +02:00
a54a133500
wg: fix misspelling of strchrnul in comment
...
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-22 04:09:39 +02:00
ef54cbf568
manpages: eliminate whitespace at the end of the line
...
This eliminates a few style warnings from "mandoc -T lint src/tools/wg*.8".
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-22 04:09:39 +02:00
02733c681b
wg-quick: android: don't forget to free compiled regexes
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
3bbacaaf14
wg-quick: android: disable roaming to v6 networks when v4 is specified
...
This works around an unfortunate bug in 464XLAT transitions.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
2ce4680bd3
dns-hatchet: apply resolv.conf's selinux context to new resolv.conf
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-17 19:36:37 +02:00
6f85449d79
wg: getentropy requires 10.12
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-14 05:25:23 +02:00
0632c8af68
wg: support getentropy(3)
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-08 03:24:46 +02:00
d90e49599b
wg: encoding: add missing static array constraints
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-06 00:05:58 +02:00
8c4cf156d5
wg-quick: android: change name of intent
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-06-04 07:05:58 +02:00
2044bb026d
wg-quick: android: delay setting users until end
...
`ndc users add` eventually invokes SOCK_DESTROY on user sockets, causing
them to reconnect. By delaying this until after routes are set, we
ensure that the sockets reconnect using the tunnel, rather than the old
route.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 16:38:08 +02:00
2bca99893f
wg: constanter time encoding
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 01:24:51 +02:00
206e8f08e2
wg-quick: darwin: set DNS servers after delay on route change
...
This works around a race condition in macOS's network daemons, while
also adding one in the form of possibly calling kill -ALRM on a stale
PID; unfortunately bash can't wait from a trap.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 01:24:51 +02:00
d532074ef5
wg-quick: freebsd: configure as p2p link
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 05:24:07 +02:00
df6c69e98c
wg-quick: darwin: add multiple IP addresses
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 05:22:55 +02:00
19ce650fb6
wg-quick: determine IPs when saving interface
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-27 02:42:31 +02:00
c99e6beecb
wg-quick: freebsd: work around security vulnerabilities in bash
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-24 02:24:02 +02:00
86dd5587a9
wg-quick: allow enumeration of socket files
...
These OSes have an unpriv'd ifconfig, so this isn't an even larger info
leak.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 15:31:47 +02:00
3d089e07e2
wg-quick: better bash completion for non-renaming OSes
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 15:24:07 +02:00
d40231c766
wg-quick: support FreeBSD/Darwin search path
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 15:24:07 +02:00
b818e71ba5
wg: always pass -v as first argument to install
...
This lets crippled OSes sed out our -v more easily.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-23 05:23:59 +02:00
6b7f88aa7d
wg-quick: openbsd: add new implementation
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
333363f77c
wg-quick: freebsd: add new implementation
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
52eb6a187c
wg-quick: darwin: do not remove routes when no real interface
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
59dae33e9a
wg-quick: darwin: rename namefile environment variable
...
This paves the way for an openbsd implementation.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
9d52a812c8
wg: fix OpenBSD build
...
License: MIT
Signed-off-by: Filippo Valsorda <valsorda@google.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
550119bb08
ncat-client-server: do not always call sudo and use env bash
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-22 16:41:59 +02:00
a8654606c2
wg: fix errno propagation and messages
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-18 19:51:51 +02:00
434bc616b2
wg-quick: darwin: simpler inclusion check
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 19:30:34 +02:00
986feba2ee
wg-quick: darwin: reorder functions
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
80ff1f8ded
wg-quick: darwin: networksetup does not like missing stdio
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 05:01:50 +02:00
884f7c50ce
wg-quick: darwin: avoid routing loop if no default
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 04:08:53 +02:00
0d9f30246d
wg-quick: darwin: sometimes there are no network services
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-17 03:26:51 +02:00
fe9bc71e40
wg-quick: use invoking shell in auto rooting
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 19:19:48 +02:00
6c407ae27b
wg-quick: add intentionally undocumented userspace implementation knob
...
This knob might disappear at some point, and we don't want to encourage
its use, so it's not being documented, but this should help with
development of new implementations.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-16 04:25:42 +02:00
Jason A. Donenfeld
Jonathan Neuschäfer
Filippo Valsorda