Browse Source
From upstream's changelog: * timers: queue up killing ephemerals only if not already We fix up a small detail in the timer logic that changed during the last snapshot. * receive: trim incoming packets to IP header length Packets are now trimmed to their actual length, not their length+padding, before handing to the rest of the network subsystem, so that packets look pretty in tcpdump. This doesn't actually affect what userspace sees, since the kernel trims it at a later stage, but it does make pcaps a bit nicer to use. * curve25519: use more standard label convention in asm This ensures that perf(1) shows the function name instead of the label name. * compat: remove padata hotplug code Fixes building on kernels that have HOTPLUG enabled but no PADATA support. * config: add new line for style * device: do-while assignment style * peer: explicitly initialize atomic Style. * noise: fix race when replacing handshake Handle a situation in which three peers, all running on the same system, begin a handshake with all three of each other, at exactly the same time, on a multi-CPU system. * random: wait for random bytes when generating nonces and ephemerals We've been working with upstream to add a new API to the kernel for ensuring that the RNG actually is seeded. Until they merge it for 4.13, we provide a poly-fill to the compat code. This means that WireGuard will block during handshakes until the RNG has enough entropy, so that it's never in a circumstance in which ephemeral keys are generated from bad randomness. * go test: properly pad message * go test: correct tai64n and formatting * external-tests: add keepalive packet * go test: use x/crypto for blake2s now that we have 128-bit mac * external-tests: trim the fat Improvements for the external tests. * wg-quick: make sure we have empty table for both v6 and v4 * wg-quick: match ipv6 default route more broadly Tiny nits with wg-quick, one of which should now allow multiple v6-only wg-quick instances running at the same time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>lilik-openwrt-22.03
Jason A. Donenfeld
8 years ago
committed by
GitHub
GitHub