aboutsummaryrefslogtreecommitdiff
path: root/device (follow)
Commit message (Collapse)AuthorAgeFilesLines
* device: use atomic access for unlocked keypair.nextJason A. Donenfeld2020-05-024-11/+26
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* device: add nil check before convert typed error backWenxuan Zhao2020-05-021-2/+2
| | | | | | | Since errors.As(err, target) returns false when err is nil, which cause status set to 1 when no error occurs for Ipc{Get,Set}Operation. Signed-off-by: Wenxuan Zhao <viz@linux.com>
* device: move stats fields back down and add test diagnosticsDavid Crawshaw2020-04-072-8/+22
| | | | | | | | | This reverts the movement of fields from d49f4e9. That commit was cherry-picked from another branch where a field had changed and misaligned the atomic fields. After cherry-picking, moving the fields was no longer necessary but got dragged along. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* Revert "device: use wgcfg key types"David Crawshaw2020-04-0710-68/+190
| | | | | | More cleanup work of wgcfg to do before bringing this in. This reverts commit 83ca9b47b63b4d07630c4d579faf1111e42537d3.
* device: remove racey read in session key rotation.David Anderson2020-04-031-3/+0
| | | | | | | | | | | | This code was attempting to use the "compare racily, then lock and compare again" idiom to try and reduce lock contention. However, that idiom is not safe to use unless the comparison uses atomic operations, which this does not. This change simply deletes the racy read. This makes the code correct, but potentially increases lock contention. Signed-off-by: David Anderson <danderson@tailscale.com>
* device: add debug logs describing handshake rejectionAvery Pennarun2020-04-021-4/+8
| | | | | | | Useful in testing when bad network stacks repeat or batch large numbers of packets. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
* device: use wgcfg key typesDavid Crawshaw2020-04-0210-190/+68
| | | | Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* device: return generic error from Ipc{Get,Set}Operation.David Anderson2020-04-021-4/+15
| | | | | | | This makes uapi.go's public API conform to Go style in terms of error types. Signed-off-by: David Anderson <danderson@tailscale.com>
* device: give handshake state a typeDavid Crawshaw2020-04-021-17/+38
| | | | | | And unexport handshake constants. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* tuntest: split out testing packageDavid Crawshaw2020-04-011-141/+5
| | | | | | This code is useful to other packages writing tests. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* conn: new package that splits out the Bind and Endpoint typesDavid Crawshaw2020-03-3014-1294/+419
| | | | | | | | | | The sticky socket code stays in the device package for now, as it reaches deeply into the peer list. This is the first step in an effort to split some code out of the very busy device package. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* device: make Peer fields safe for atomic access on 32-bit.David Anderson2020-03-302-9/+45
| | | | | | | | | | | | | | | | | | All atomic access must be aligned to 64 bits, even on 32-bit platforms. Go promises that the start of allocated structs is aligned to 64 bits. So, place the atomically-accessed things first in the struct so that they benefit from that alignment. As a side bonus, it cleanly separates fields that are accessed by atomic ops, and those that should be accessed under mu. Also adds a test that will fail consistently on 32-bit platforms if the struct ever changes again to violate the rules. This is likely not needed because unaligned access crashes reliably, but this will reliably fail even if tests accidentally pass due to lucky alignment. Signed-Off-By: David Anderson <danderson@tailscale.com>
* version: bump snapshot0.0.20200320Jason A. Donenfeld2020-03-201-1/+1
|
* noise: unify zero checking of ecdhJason A. Donenfeld2020-03-173-63/+49
|
* global: use RTMGRP_* consts from x/sys/unixTobias Klauser2020-03-171-1/+1
| | | | | | | | Update the golang.org/x/sys/unix dependency and use the newly introduced RTMGRP_* consts instead of using the corresponding RTNLGRP_* const to create a mask. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
* send: account for zero mtuJason A. Donenfeld2020-02-141-4/+12
| | | | Don't divide by zero.
* device: fix private key removal logicJason A. Donenfeld2020-02-041-13/+4
|
* uapi: allow unsetting device private key with /dev/nullJason A. Donenfeld2020-02-042-1/+10
|
* version: bump snapshot0.0.20200121Jason A. Donenfeld2020-01-211-1/+1
|
* README: update repo urlsJason A. Donenfeld2019-12-301-1/+1
|
* device: SendmsgN mutates the input sockaddrJason A. Donenfeld2019-11-281-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So we take a new granular lock to prevent concurrent writes from racing. WARNING: DATA RACE Write at 0x00c0011f2740 by goroutine 27: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.(*Device).RoutineReadFromTUN() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:318 +0x4b8 Previous write at 0x00c0011f2740 by goroutine 386: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.expiredRetransmitHandshake() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:110 +0x40c golang.zx2c4.com/wireguard/device.(*Peer).NewTimer.func1() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:42 +0xd8 Goroutine 27 (running) created at: golang.zx2c4.com/wireguard/device.NewDevice() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/device.go:322 +0x5e8 main.main() /go/src/x/main.go:102 +0x58e Goroutine 386 (finished) created at: time.goFunc() /usr/local/go/src/time/sleep.go:168 +0x51 Reported-by: Ben Burkert <ben@benburkert.com>
* constants: recalculate rekey max based on a one minute floodJason A. Donenfeld2019-10-301-1/+1
| | | | Discussed-with: Mathias Hall-Andersen <mathias@hall-andersen.dk>
* global: fix a few typos courtesy of codespellJonathan Tooker2019-10-222-7/+7
| | | | Signed-off-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
* device: allow blackholing socketsJason A. Donenfeld2019-10-212-4/+14
|
* device: remove dead error reporting codeJason A. Donenfeld2019-10-211-4/+1
|
* device: recheck counters while holding write lockJason A. Donenfeld2019-10-171-2/+7
|
* device: test packets between two fake devicesDavid Crawshaw2019-10-161-29/+199
| | | | Signed-off-by: David Crawshaw <crawshaw@tailscale.io>
* version: bump snapshot0.0.20191012Jason A. Donenfeld2019-10-121-1/+1
|
* uapi: allow preventing creation of new peers when updatingJason A. Donenfeld2019-10-041-1/+17
| | | | | | This enables race-free updates for wg-dynamic and similar tools. Suggested-by: Thomas Gschwantner <tharre3@gmail.com>
* version: bump snapshot0.0.20190908Jason A. Donenfeld2019-09-081-1/+1
|
* device: getsockname on linux to determine portJason A. Donenfeld2019-08-251-0/+10
| | | | | It turns out Go isn't passing the pointer properly so we wound up with a zero port every time.
* version: bump snapshot0.0.20190805Jason A. Donenfeld2019-08-051-1/+1
|
* device: drop lock before expiring keysJason A. Donenfeld2019-08-051-4/+11
|
* uapi: skip peers with invalid keysJason A. Donenfeld2019-08-052-4/+16
|
* device: do not crash on nil'd bind in windows bindingJason A. Donenfeld2019-07-181-0/+5
|
* device: immediately rekey all peers after changing device private keyJason A. Donenfeld2019-07-112-0/+25
| | | | Reported-by: Derrick Pallas <derrick@pallas.us>
* device: receive: uniform message for source address checkJason A. Donenfeld2019-07-011-1/+1
|
* device: receive: simplify flush loopJason A. Donenfeld2019-07-011-35/+12
|
* tun: remove TUN prefix from types to reduce stutter elsewhereMatt Layher2019-06-143-15/+14
| | | | Signed-off-by: Matt Layher <mdlayher@gmail.com>
* device: update transfer counters correctlyJason A. Donenfeld2019-06-113-4/+9
| | | | | The rule is to always update them to the full packet size minus UDP/IP encapsulation for all authenticated packet types.
* device: remove redundant return statementsMatt Layher2019-06-041-3/+0
| | | | | | | | | | | More staticcheck fixes: $ staticcheck ./... | grep S1023 device/noise-helpers.go:45:2: redundant return statement (S1023) device/noise-helpers.go:54:2: redundant return statement (S1023) device/noise-helpers.go:64:2: redundant return statement (S1023) Signed-off-by: Matt Layher <mdlayher@gmail.com>
* device: use bytes.Equal for equality check, simplify assertEqualMatt Layher2019-06-041-2/+2
| | | | Signed-off-by: Matt Layher <mdlayher@gmail.com>
* device, ratelimiter: replace uses of time.Now().Sub() with time.Since()Matt Layher2019-06-034-9/+9
| | | | | | | | | | | | | | | | | | | | | | | Simplification found by staticcheck: $ staticcheck ./... | grep S1012 device/cookie.go:90:5: should use time.Since instead of time.Now().Sub (S1012) device/cookie.go:127:5: should use time.Since instead of time.Now().Sub (S1012) device/cookie.go:242:5: should use time.Since instead of time.Now().Sub (S1012) device/noise-protocol.go:304:13: should use time.Since instead of time.Now().Sub (S1012) device/receive.go:82:46: should use time.Since instead of time.Now().Sub (S1012) device/send.go:132:5: should use time.Since instead of time.Now().Sub (S1012) device/send.go:139:5: should use time.Since instead of time.Now().Sub (S1012) device/send.go:235:59: should use time.Since instead of time.Now().Sub (S1012) device/send.go:393:9: should use time.Since instead of time.Now().Sub (S1012) ratelimiter/ratelimiter.go:79:10: should use time.Since instead of time.Now().Sub (S1012) ratelimiter/ratelimiter.go:87:10: should use time.Since instead of time.Now().Sub (S1012) Change applied using: $ find . -type f -name "*.go" -exec sed -i "s/Now().Sub(/Since(/g" {} \; Signed-off-by: Matt Layher <mdlayher@gmail.com>
* device: add SendKeepalivesToPeersWithCurrentKeypair for handoverJason A. Donenfeld2019-05-301-0/+17
|
* device, tun: rearrange code and fix device testsMatt Layher2019-05-292-10/+86
| | | | Signed-off-by: Matt Layher <mdlayher@gmail.com>
* device: darwin actually doesn't need bound interfacesJason A. Donenfeld2019-05-251-44/+0
|
* device: make initiations per second match kernel implementationJason A. Donenfeld2019-05-251-1/+1
|
* device: timers: add jitter on ack failure reinitiationJason A. Donenfeld2019-05-241-1/+1
|
* device: fail to give bind if it doesn't existJason A. Donenfeld2019-05-172-2/+13
|
* version: bump snapshot0.0.20190517Jason A. Donenfeld2019-05-171-1/+1
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 01:21:05 +0000