wg-quick: darwin: ensure socket directory exists

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

dns-hatchet: update paths

Suggested-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

ncat-client-server: add wg-quick variant

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: add darwin implementation

It's pretty rough and leaves much to be desired, but it works.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: add wg symlink

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: add android implementation

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: reorganize for multiplatform wg-quick

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: preliminary support for go implementation

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

embeddable-wg-library: zero attribute padding

See: http://git.netfilter.org/libmnl/commit/?id=37c876b55a2c00424ccda5a300ab5fdec1d88b22
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

keygen-html: add zip file example

A little bit more JavaScript for easy copy&pasting.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: account for specified fwmark in auto routing mode

If we're doing automatic routing with default routes, but the config has
also specified an explicit fwmark, then use that explicit fwmark, even
if it's conflicting, since the administrator has explicitly opted into
using it. Also, when shutting down the interface, we only now remove the
fancy rules if we're in automatic routing mode with default routes.

Suggested-by: Luis Ressel <aranea@aixah.de>
Reported-by: Saeid Akbari <saeidscorp@yahoo.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick.8: fix typo

Reported-by: Mike Pechkin <mike.pechkin@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: hide errors on save

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: add extract-handshakes kprobe example

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: if resolvconf/run/iface exists, use it

Some older broken resolvconfs don't support resolvconf -l, but do have a
file in a standard location, so use it.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: if resolvconf/interface-order exists, use it

Some older broken resolvconf implementations ignore -m, but do have an
interface-order list. It's better to use this list dynamically, in case
it changes, or in case it's not used by the OS's resolvconf
implementation, such as in the case of systemd or openresolv.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: in gnu code, use un-underscored asm

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Revert "contrib: keygen-html: rewrite in pure javascript"

This reverts commit e5203543a674453ce1e0cbbcb234d3308762fe65.

As swanky as it is to have a really short file, it's hard to justify and
makes me nervous.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: keygen-html: rewrite in pure javascript

Emscripten is too cumbersome. This code here is much slower, but it's
shorter and simpler.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: embedded-wg-library: add key generation functions

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: embedded-wg-library: add ability to add and del interfaces

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: fixup errno handling

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: FreeBSD doesn't have EAI_NODATA

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: do not collide types with libc clashes

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: add embeddable wireguard library

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg(8): clarify phrasing

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: allow in-line comments

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

external-tests: update go version

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: normalize strncpy/snprintf usage

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: match from beginning rather than shift right

Before, this meant that it simply took the last 15 characters, instead
of erroring out when there's more than 15 chars.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: endian.h is not portable

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

keygen-html: fix up copyright

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

curve25519: replace fiat64 with faster hacl64

This reverts commit da4ff396cc5d5e0ff21f9ecbc2f951c048c63fff and adds
some optimizations to hacl64.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

curve25519: replace hacl64 with fiat64

For now, it's faster:

hacl64: 109782 cycles per call
fiat64: 108984 cycles per call

It's quite possible this commit will be reverted with nice changes from
INRIA, though.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: dedup secret normalization

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: fread doesn't change errno

Thus we might be responding to an old errno, which could cause this to
unnecessarily fail.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: keygen-html: share curve25519 implementation with kernel

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: share curve25519 implementations with kernel

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

curve25519-fiat32: uninline certain functions

While this has a negative performance impact on x86_64, it has a
positive performance impact on smaller machines, which is where we're
actually using this code. For example, an A53:

Before: fiat32: 228605 cycles per call
After: fiat32: 188307 cycles per call
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: keygen-html: update curve25519 implementation

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: import new curve25519 implementations

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: plug memleak in config error path

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

external-tests: add python implementation

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: ifnames have max len of 15

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: year bump

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: dumber matching for default routes

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: add the "Table" config option

* Table=auto (default) selects the current behaviour
* Table=off disables creation of routes altogether
* All other values are passed through to "ip route add"'s table option

Signed-off-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

keygen-html: remove prebuilt file

We also reduce the optimization level, just in case, but add closure
compiler into the mix.

Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: add SPDX tags to all files

It's good to have SPDX identifiers in all files as the Linux kernel
developers are working to add these identifiers to all files.

Update all files with the correct SPDX license identifier based on the license
text of the project or based on the license in the file itself.  The SPDX
identifier is a legally binding shorthand, which can be used instead of the
full boiler plate text.

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Modified-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: no need to put this on the stack

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: remove undocumented unused syntax

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: keygen-html for generating keys in the browser

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: fix removing preshared keys

Also clean up related logic quite a bit and add unit tests.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: switch from timeval to timespec

This gets us nanoseconds instead of microseconds, which is better, and
we can do this pretty much without freaking out existing userspace,
which doesn't actually make use of the nano/micro seconds field:

zx2c4@thinkpad ~ $ cat a.c
void main()
{
        puts(sizeof(struct timeval) == sizeof(struct timespec) ? "success" : "failure");
}
zx2c4@thinkpad ~ $ gcc a.c -m64 && ./a.out
success
zx2c4@thinkpad ~ $ gcc a.c -m32 && ./a.out
success

This doesn't solve y2038 problem, but timespec64 isn't yet a thing in
userspace.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: tighten up strtoul parsing

Reported-by: Cedric Buxin <cedric.buxin@izri.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: document localhost exception and v6 rule

Reported-by: Hermann Lienstromberg <nurtic-vibe@grmml.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: allow for NULL keys everywhere

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: remove ioctl cruft

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: allow for tabs in keys

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: stat the correct enclosing folder of config file

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: save all hooks on save

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: fsync the temporary file before renaming

This ensures that on an unclean shutdown, we either see the old content
or the new content, but not empty content.

Suggested-by: Ka Ho Ng <ngkaho1234@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: allow for saving existing interface

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: add reresolve-dns

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: correct type for CTRL_ATTR_FAMILY_ID

Suggested-by: Jörg Thalheim <joerg@thalheim.io>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: allow for the hatchet, but not by default

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: remember to rewind DNS settings on failure

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: allow specifiying multiple hooks

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: style nits

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: infuriating kernel iterator style

One types:

   for (i = 0 ...

So one should also type:

  for_each_obj (obj ...

But the upstream kernel style guidelines are insane, and so we must
instead do:

  for_each_obj(obj ...

Ugly, but one must choose his battles wisely.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: account for padding being in zero attribute

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: newline after warning

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: style

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: add pass example to wg-quick man page

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: don't insist on having a private key

This lets us do flexible things from wg-quick such as:

PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)

It also was never a very sensible policy to enforce.

Suggested-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: retry resolution except when fatal

The reference to this is <https://sourceware.org/glibc/wiki/NameResolver>,
which mentions:

"From the perspective of the application that calls getaddrinfo() it
perhaps doesn't matter that much since EAI_FAIL, EAI_NONAME and
EAI_NODATA are all permanent failure codes and the causes are all
permanent failures in the sense that there is no point in retrying
later."

This should cover more early-boot situations.

While we're at it, we clean up the logic a bit so that we don't have a
retry message on the final non-retrying attempt. We also peer into errno
when receiving EAI_SYSTEM, to report to the user what actually happened.

Also, fix the quoting back tick front tick mess.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: encoding: be more paranoid

Needless, but overkill can be fun.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Makefile: even prettier output

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: man: include kill-switch documentation using fwmark

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: store tail pointer to make coalescing peers fast

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: warn once on unrecognized items

DaveM suggests we do in fact do this. Others on the same thread weren't
happy about the length of the proposed message, so we also give a bit of
a less dramatic warning.

This reverts commit a2cc976a3b572cf308cc2d97c080eacac60416fe.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: try again if dump is interrupted

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Makefile: clang now builds the kernel, so use scan-build

Also add little stub for coccinelle and clean up semicolon issue it
found.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Makefile: add non-verbose mode to tools

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

global: satisfy bitshift pedantry

Suggested-by: Sultan Alsawaf <sultanxda@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: remove worthless build artifact

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: compile on non-Linux

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: simmer down silly compilers

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: do not warn on unrecognized items

Upstream advice is to simply be silent.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: check permissions of parent directory

Also prefix octal 0, in case these files are actually of modes that
don't start with 0 by accident (such as SUID or sticky bit).

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: verify wireguard interface in more clever way

This helps with old Debian which has ancient iproute2, as well as paving
the path toward this script supporting userspace implementations.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: anchor sysctl regex to start and end

This doesn't actually fix a real problem, but it is more correct than
not having it.

Suggested-by: Aaron Sigel <aaron@vtty.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

netlink: switch from ioctl to netlink for configuration

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: uapi: only make sure socket file is socket

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: use key_is_zero for comparing to zeros

Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: add sticky sockets example code

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg-quick: only bash complete existing interfaces for down

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: fix removal of psk

This is an attribute of the peer, not the device.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: stricter userspace ipc parsing

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: move Android tools to wireguard-android repo

https: //git.zx2c4.com/wireguard-android/
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>