It's good to have SPDX identifiers in all files as the Linux kernel
developers are working to add these identifiers to all files.
Update all files with the correct SPDX license identifier based on the license
text of the project or based on the license in the file itself. The SPDX
identifier is a legally binding shorthand, which can be used instead of the
full boiler plate text.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
One types:
for (i = 0 ...
So one should also type:
for_each_obj (obj ...
But the upstream kernel style guidelines are insane, and so we must
instead do:
for_each_obj(obj ...
Ugly, but one must choose his battles wisely.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This lets us do flexible things from wg-quick such as:
PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)
It also was never a very sensible policy to enforce.
Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
The reference to this is <https://sourceware.org/glibc/wiki/NameResolver>,
which mentions:
"From the perspective of the application that calls getaddrinfo() it
perhaps doesn't matter that much since EAI_FAIL, EAI_NONAME and
EAI_NODATA are all permanent failure codes and the causes are all
permanent failures in the sense that there is no point in retrying
later."
This should cover more early-boot situations.
While we're at it, we clean up the logic a bit so that we don't have a
retry message on the final non-retrying attempt. We also peer into errno
when receiving EAI_SYSTEM, to report to the user what actually happened.
Also, fix the quoting back tick front tick mess.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Rather than just using /dev/null to mean key removal, match on any empty
file, so that this interface is cross platform.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Some people run wg(8) using hard coded v6 addresses before interfaces
have v6 addresses, causing getaddrinfo to fail. Since AI_ADDRCONFIG
doesn't actualy change the sorting, but just the queries made, we don't
really need AI_ADDRCONFIG anyway, since we're always only taking the
first result.
Reported-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
The C standard states:
A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to
type'', where the type qualifiers (if any) are those specified within the [ and ] of the
array type derivation. If the keyword static also appears within the [ and ] of the
array type derivation, then for each call to the function, the value of the corresponding
actual argument shall provide access to the first element of an array with at least as many
elements as specified by the size expression.
By changing void func(int array[4]) to void func(int array[static 4]),
we automatically get the compiler checking argument sizes for us, which
is quite nice.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>