LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8009 Commits
1 Branch
46 MiB
Tree: 6a5e477c72
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6a5e477c72'
${ noResults }
openwrt-packages-dist/net/wireguard/Makefile

116 lines
3.3 KiB
Raw Normal View History

wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: simple package bump to 0.0.20170214 While I'm at it, add myself as maintainer, since I'm doing many of the bumps anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: new version and usability improvements Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: version bump From upstream's changelog: * timers: queue up killing ephemerals only if not already We fix up a small detail in the timer logic that changed during the last snapshot. * receive: trim incoming packets to IP header length Packets are now trimmed to their actual length, not their length+padding, before handing to the rest of the network subsystem, so that packets look pretty in tcpdump. This doesn't actually affect what userspace sees, since the kernel trims it at a later stage, but it does make pcaps a bit nicer to use. * curve25519: use more standard label convention in asm This ensures that perf(1) shows the function name instead of the label name. * compat: remove padata hotplug code Fixes building on kernels that have HOTPLUG enabled but no PADATA support. * config: add new line for style * device: do-while assignment style * peer: explicitly initialize atomic Style. * noise: fix race when replacing handshake Handle a situation in which three peers, all running on the same system, begin a handshake with all three of each other, at exactly the same time, on a multi-CPU system. * random: wait for random bytes when generating nonces and ephemerals We've been working with upstream to add a new API to the kernel for ensuring that the RNG actually is seeded. Until they merge it for 4.13, we provide a poly-fill to the compat code. This means that WireGuard will block during handshakes until the RNG has enough entropy, so that it's never in a circumstance in which ephemeral keys are generated from bad randomness. * go test: properly pad message * go test: correct tai64n and formatting * external-tests: add keepalive packet * go test: use x/crypto for blake2s now that we have 128-bit mac * external-tests: trim the fat Improvements for the external tests. * wg-quick: make sure we have empty table for both v6 and v4 * wg-quick: match ipv6 default route more broadly Tiny nits with wg-quick, one of which should now allow multiple v6-only wg-quick instances running at the same time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
7 years ago
net/wireguard: version bump Simple version bump to 20170320. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
net/wireguard: version bump Update to new snapshot version. We also make IPV6 optional, and conditionally selecting the udptunnel6 module, using the same trick that the strongswan package also uses for this kind of dependency expression. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: version bump From upstream's changelog: * timers: queue up killing ephemerals only if not already We fix up a small detail in the timer logic that changed during the last snapshot. * receive: trim incoming packets to IP header length Packets are now trimmed to their actual length, not their length+padding, before handing to the rest of the network subsystem, so that packets look pretty in tcpdump. This doesn't actually affect what userspace sees, since the kernel trims it at a later stage, but it does make pcaps a bit nicer to use. * curve25519: use more standard label convention in asm This ensures that perf(1) shows the function name instead of the label name. * compat: remove padata hotplug code Fixes building on kernels that have HOTPLUG enabled but no PADATA support. * config: add new line for style * device: do-while assignment style * peer: explicitly initialize atomic Style. * noise: fix race when replacing handshake Handle a situation in which three peers, all running on the same system, begin a handshake with all three of each other, at exactly the same time, on a multi-CPU system. * random: wait for random bytes when generating nonces and ephemerals We've been working with upstream to add a new API to the kernel for ensuring that the RNG actually is seeded. Until they merge it for 4.13, we provide a poly-fill to the compat code. This means that WireGuard will block during handshakes until the RNG has enough entropy, so that it's never in a circumstance in which ephemeral keys are generated from bad randomness. * go test: properly pad message * go test: correct tai64n and formatting * external-tests: add keepalive packet * go test: use x/crypto for blake2s now that we have 128-bit mac * external-tests: trim the fat Improvements for the external tests. * wg-quick: make sure we have empty table for both v6 and v4 * wg-quick: match ipv6 default route more broadly Tiny nits with wg-quick, one of which should now allow multiple v6-only wg-quick instances running at the same time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
7 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: new version and usability improvements Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: new version and usability improvements Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: move into VPN-submenu Wireguard is a VPN-implementation and should be located in VPN-submenu Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: add protocol dependency for endpoints Endpoint dependency implemented. The actual endpoint is used exclusively. Using this approach we are dual-stack safe (not errors on missing protocol) and create only the dependency that are really necessary. Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: simple package bump to 0.0.20170214 While I'm at it, add myself as maintainer, since I'm doing many of the bumps anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: Bump to 0.0.20160722 Also fix a new compilation error, due to upstream changes in the build system. SUBDIRS= is deprecated when building external kernel modules, use M= instead to fix compilation. Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
net/wireguard: add stub install section This is in response to the metapackage discussion in openwrt/luci#1030. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: add protocol dependency for endpoints Endpoint dependency implemented. The actual endpoint is used exclusively. Using this approach we are dual-stack safe (not errors on missing protocol) and create only the dependency that are really necessary. Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard-tools: Add netifd protocol helper Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard-tools: Add missing directory fixes issue #3515 Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard-tools: Add netifd protocol helper Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
net/wireguard: version bump Update to new snapshot version. We also make IPV6 optional, and conditionally selecting the udptunnel6 module, using the same trick that the strongswan package also uses for this kind of dependency expression. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
wireguard: version bump Signed-off-by: Dan Luedtke <mail@danrl.com>
8 years ago
wireguard: Initial upload Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
8 years ago
 
  1. #

  2. # Copyright (C) 2016-2017 Jason A. Donenfeld <Jason@zx2c4.com>

  3. # Copyright (C) 2016 Baptiste Jonglez <openwrt@bitsofnetworks.org>

  4. # Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com>

  5. #

  6. # This is free software, licensed under the GNU General Public License v2.

  7. # See /LICENSE for more information.

  8. 

  9. include $(TOPDIR)/rules.mk
  10. include $(INCLUDE_DIR)/kernel.mk
  11. 

  12. PKG_NAME:=wireguard
  13. 

  14. PKG_VERSION:=0.0.20170613
  15. PKG_RELEASE:=1
  16. 

  17. PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz
  18. PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/
  19. PKG_HASH:=88ac77569eeb79c517318d58a0954caa0a4d2a6a1694e74c2a3b1c14438ac941
  20. 

  21. PKG_LICENSE:=GPL-2.0
  22. PKG_LICENSE_FILES:=COPYING
  23. 

  24. PKG_BUILD_DIR:=$(BUILD_DIR)/WireGuard-$(PKG_VERSION)
  25. PKG_BUILD_PARALLEL:=1
  26. PKG_USE_MIPS16:=0
  27. 

  28. # Wireguard's makefile needs this to know where to build the kernel module

  29. export KERNELDIR:=$(LINUX_DIR)
  30. 

  31. include $(INCLUDE_DIR)/package.mk
  32. 

  33. define Package/wireguard/Default
  34.   SECTION:=net
  35.   CATEGORY:=Network
  36.   SUBMENU:=VPN
  37.   URL:=https://www.wireguard.io
  38.   MAINTAINER:=Baptiste Jonglez <openwrt@bitsofnetworks.org>, \

  39.               Dan Luedtke <mail@danrl.com>, \

  40.               Jason A. Donenfeld <Jason@zx2c4.com>
  41. endef
  42. 

  43. define Package/wireguard/Default/description
  44.   WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
  45.   state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
  46.   more useful than IPSec, while avoiding the massive headache. It intends to
  47.   be considerably more performant than OpenVPN.  WireGuard is designed as a
  48.   general purpose VPN for running on embedded interfaces and super computers
  49.   alike, fit for many different circumstances.
  50.   It runs over UDP.
  51. endef
  52. 

  53. define Package/wireguard
  54.   $(call Package/wireguard/Default)
  55.   TITLE:=Wireguard meta-package
  56.   DEPENDS:=+wireguard-tools +kmod-wireguard
  57. endef
  58. 

  59. include $(INCLUDE_DIR)/kernel-defaults.mk
  60. include $(INCLUDE_DIR)/package-defaults.mk
  61. 

  62. # Used by Build/Compile/Default

  63. MAKE_PATH:=src/tools
  64. 

  65. define Build/Compile
  66. 	$(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules
  67. 	$(call Build/Compile/Default)
  68. endef
  69. 

  70. define Package/wireguard/install
  71.   true
  72. endef
  73. 

  74. define Package/wireguard/description
  75.   $(call Package/wireguard/Default/description)
  76. endef
  77. 

  78. define Package/wireguard-tools
  79.   $(call Package/wireguard/Default)
  80.   TITLE:=Wireguard userspace control program (wg)
  81.   DEPENDS:=+libmnl
  82. endef
  83. 

  84. define Package/wireguard-tools/description
  85.   $(call Package/wireguard/Default/description)
  86. 

  87.   This package provides the userspace control program for wireguard, `wg`,
  88.   and a netifd protocol helper.
  89. endef
  90. 

  91. define Package/wireguard-tools/install
  92. 	$(INSTALL_DIR) $(1)/usr/bin/
  93. 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/
  94. 	$(INSTALL_DIR) $(1)/lib/netifd/proto/
  95. 	$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
  96. endef
  97. 

  98. define KernelPackage/wireguard
  99.   SECTION:=kernel
  100.   CATEGORY:=Kernel modules
  101.   SUBMENU:=Network Support
  102.   TITLE:=Wireguard kernel module
  103.   DEPENDS:=+IPV6:kmod-udptunnel6 +kmod-udptunnel4 +kmod-ipt-hashlimit
  104.   FILES:= $(PKG_BUILD_DIR)/src/wireguard.$(LINUX_KMOD_SUFFIX)
  105.   AUTOLOAD:=$(call AutoProbe,wireguard)
  106. endef
  107. 

  108. define KernelPackage/wireguard/description
  109.   $(call Package/wireguard/Default/description)
  110. 

  111.   This package provides the kernel module for wireguard.
  112. endef
  113. 

  114. $(eval $(call BuildPackage,wireguard))
  115. $(eval $(call BuildPackage,wireguard-tools))
  116. $(eval $(call KernelPackage,wireguard))