wg: add -MP to makefile

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: add default cflag

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: propagate set errno

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: abstract sockets are dangerous

They have no permissions, so we're probably better off just creating a
socket file with the umask set, as we do in BSD.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: rename kernel to ipc

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: support horrible freebsd/osx/unix semantics

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: first additions of userspace integration

This is designed to work with a server that follows this:

  struct sockaddr_un addr = {
      .sun_family = AF_UNIX,
      .sun_path = "/var/run/wireguard/wguserspace0.sock"
  };
  int fd, ret;
  ssize_t len;
  socklen_t socklen;
  struct wgdevice *device;

  fd = socket(AF_UNIX, SOCK_DGRAM, 0);
  if (fd < 0)
      exit(1);
  if (bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
      exit(1);

  for (;;) {
      /* First we look at how big the next message is, so we know how much to
       * allocate. Note on BSD you can instead use ioctl(fd, FIONREAD, &len). */
      len = recv(fd, NULL, 0, MSG_PEEK | MSG_TRUNC);
      if (len < 0) {
          handle_error();
          continue;
      }
      /* Next we allocate a buffer for the received data. */
      device = NULL;
      if (len) {
          device = malloc(len);
          if (!device) {
              handle_error();
              continue;
          }
      }
      /* Finally we receive the data, storing too the return address. */
      socklen = sizeof(addr);
      len = recvfrom(fd, device, len, 0, (struct sockaddr *)&addr, (socklen_t *)&socklen);
      if (len < 0) {
          handle_error();
          free(device);
          continue;
      }
      if (!len) { /* If len is zero, it's a "get" request, so we send our device back. */
          device = get_current_wireguard_device(&len);
          sendto(fd, device, len, 0, (struct sockaddr *)&addr, socklen);
      } else { /* Otherwise, we just received a wgdevice, so we should "set" and send back the return status. */
          ret = set_current_wireguard_device(device);
          sendto(fd, &ret, sizeof(ret), 0, (struct sockaddr *)&addr, socklen);
          free(device);
      }
  }

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: fix numbering in man page

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

persistent keepalive: use authenticated keepalives

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

examples: update ncat-client-server readme

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

persistent keepalive: enable in an example

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

persistent keepalive: documentation

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

persistent keepalive: add userspace support

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: don't rely on undefined append behavior

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

rust test: actually use tai64n

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: actually use TAI64N

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: don't use 1 as icmp ids

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: dynamically calculate ip checksum

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: add ICMP ping

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

external-tests: switch to demo server

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: put nonce at correct location

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

go test: make more idiomatic

- gofmt
- Give config struct one line per field
- Use camel case
- Check errors
- Log invariants with detail
- Use consistent pronouns

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: use pkg-config in Makefile

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: organize example scripts and add synergy

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: always fallback to /dev/urandom

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg: improve error reporting and detection

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib: remove extraneous cruft

We don't want people packaging these or even using these scripts, which
are only useful for limited development circumstances, so get rid of
them. More widespread development testing techniques still exist in
src/debug.mk and src/netns.sh

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

wg.8: wording tweaks

Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Readme: the documentation moved to .io

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Readme: use https instead of http

For the websites referenced that offer https instead of http, use
https.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Initial commit

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>