aboutsummaryrefslogtreecommitdiff
path: root/net/wireguard
Commit message (Collapse)AuthorAge
* wireguard: version bumpdanrl2017-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From upstreams changelog: This rather large snapshot touches quite a few sensitive areas, so I'm releasing it now rather than later to receive feedback on any possible issues. It also contains fixes, so everybody should upgrade. * man: fix psk mention in wg-quick man page * man: update wg-quick(8) to show Debian resolvconf braindamage Documentation cleanups. * wg-quick: use src routing for default routes in v6 ip-rule(8) doesn't do the right thing with source addresses, unless we explicitly set it inside the route. This fixes wg-quick on IPv6 systems. * curve25519: actually, do some things on heap sometimes * curve25519: align the basepoint to 32 bytes * curve25519: add NEON versions for ARM * data: enable BH during parallel crypto on ARM/NEON * chacha20poly1305: move constants to rodata * chacha20poly1305: add NEON versions for ARM and ARM64 We now have faster primitives on ARM and ARM64 processors, which should improve performance. * handshake: process in parallel Handshakes are now processed in parallel using all cores, which should improve throughput during a storm. * noise: no need to store ephemeral public key * noise: precompute static-static ECDH operation We can precompute the ECDH(s, s) calculation, which improves handshake initiation message performance by double. * style: spaces after for loops * peer: use iterator macro instead of callback The most unreadable C ever produced. It might be wise to find a sexier-looking alternative at some point. * compat: remove warning for < 4.1 * compat: ship padata if kernel doesn't have it The usual array of annoying compat things. * rust test: convert screech test to snow * rust test: add icmp ping We now use Jake's snow library for Noise in the test, which we've expanded to complete a ping. * config: do not error out when getting if no peers * tools: allow creating device with no peers Fixing some small things in the tool/config interaction. * device: keep going when share_check fails * routingtable: remove unnecessary check in node_placement() * config: it's faster to memcpy than strncpy * timers: fix typo in comment Nits. * debug: print interface name in dmesg For those who compile with `make debug`, you'll be happy to see a bit better information in dmesg. * timers: rework handshake reply control flow * timers: the completion of a handshake also is on key confirmation * timers: reset retry-attempt counter when not retrying Tightening up our timer implementation, which is quite important. Signed-off-by: Dan Luedtke <mail@danrl.com>
* wireguard: version bumpJason A. Donenfeld2017-05-17
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* wireguard: preshared-key is now an attribute of the peerJason A. Donenfeld2017-05-09
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: update to 0.0.20170421Jason A. Donenfeld2017-04-21
| | | | | | Simple version bump. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: version bumpJason A. Donenfeld2017-04-09
| | | | | Simple version bump to 20170409. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: version bumpJason A. Donenfeld2017-03-24
| | | | | Simple version bump to 20170324. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: version bumpJason A. Donenfeld2017-03-20
| | | | | Simple version bump to 20170320. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: add support for fwmark optiondanrl2017-02-27
| | | | | | | | | Adds support for the fwmark option. FwMark is a 32-bit fwmark for outgoing packets. If set to 0 or "off", this option is disabled. Signed-off-by: Dan Luedtke <mail@danrl.com>
* wireguard: version bumpdanrl2017-02-23
| | | | Signed-off-by: Dan Luedtke <mail@danrl.com>
* net/wireguard: add stub install sectionJason A. Donenfeld2017-02-21
| | | | | | This is in response to the metapackage discussion in openwrt/luci#1030. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* wireguard: move into VPN-submenuSven Roederer2017-02-18
| | | | | | | Wireguard is a VPN-implementation and should be located in VPN-submenu Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
* wireguard: simple package bump to 0.0.20170214Jason A. Donenfeld2017-02-14
| | | | | | | While I'm at it, add myself as maintainer, since I'm doing many of the bumps anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* wireguard: new version and usability improvementsdanrl2017-01-16
| | | | Signed-off-by: Dan Luedtke <mail@danrl.com>
* wireguard: version bumpdanrl2017-01-11
| | | | Signed-off-by: Dan Luedtke <mail@danrl.com>
* net/wireguard: update to 0.0.20161230Jason A. Donenfeld2016-12-31
| | | | | | Simple version bump; no changes needed other than filename and hash. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: version bumpJason A. Donenfeld2016-12-24
| | | | | | | Update to a new wireguard version. Simple version bump. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* wireguard: add protocol dependency for endpointsdanrl2016-12-24
| | | | | | | | Endpoint dependency implemented. The actual endpoint is used exclusively. Using this approach we are dual-stack safe (not errors on missing protocol) and create only the dependency that are really necessary. Signed-off-by: Dan Luedtke <mail@danrl.com>
* net/wireguard: version bumpJason A. Donenfeld2016-12-18
| | | | | | | | Update to new snapshot version. We also make IPV6 optional, and conditionally selecting the udptunnel6 module, using the same trick that the strongswan package also uses for this kind of dependency expression. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard: version bumpJason A. Donenfeld2016-11-29
| | | | | | Update to new snapshot version. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* net/wireguard - bump to experimental-0.0.20161116.1viisauksena2016-11-23
| | | | | | use latest tag https://git.zx2c4.com/WireGuard/tag/?h=experimental-0.0.20161116.1 Maintainer @zorun Signed-off-by: Jens Viisauksena <wireguard@viisauksena.de>
* wireguard-tools: Add missing directorydanrl2016-11-16
| | | | | | fixes issue #3515 Signed-off-by: Dan Luedtke <mail@danrl.com>
* wireguard-tools: Add netifd protocol helperdanrl2016-11-15
| | | | Signed-off-by: Dan Luedtke <mail@danrl.com>
* wireguard: Bump to 0.0.20161110Baptiste Jonglez2016-11-14
| | | | Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20161105Baptiste Jonglez2016-11-07
| | | | Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20161103Baptiste Jonglez2016-11-03
| | | | Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20161025Baptiste Jonglez2016-10-29
| | | | Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20161001Baptiste Jonglez2016-10-01
| | | | | | | | | | | | | This should massively improve performance for (at least) MIPS targets: * poly1305: optimize unaligned access This is a very appreciated fix from René van Dorst, adjusting the arithmetic in Poly1305 to work fast on platforms with slow unaligned access, such as MIPS. According to his calculation, this gives a 50% improvement on small MIPS boxes. Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20160722Baptiste Jonglez2016-07-23
| | | | | | | | Also fix a new compilation error, due to upstream changes in the build system. SUBDIRS= is deprecated when building external kernel modules, use M= instead to fix compilation. Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20160711Baptiste Jonglez2016-07-17
| | | | Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Bump to 0.0.20160708.1Baptiste Jonglez2016-07-10
| | | | | | | | Also add the SHA256 checksum, since upstream now publishes it when releasing: https://lists.zx2c4.com/pipermail/wireguard/2016-July/000196.html Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wireguard: Initial uploadBaptiste Jonglez2016-07-02
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>