* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-11-02 17:27 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-11-02 17:27 UTC (permalink / raw
To: gentoo-commits
commit: c06fba038a7fd27ef6bc684af127936bbd419b64
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Thu Nov 2 17:27:35 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Thu Nov 2 17:27:45 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c06fba03
net-vpn/wireguard: fix compilation on LOCKDEP machines
Package-Manager: Portage-2.3.11, Repoman-2.3.3
.../files/wireguard-0.0.20171101-funcfix.patch | 40 ++++++++++++++++++++++
net-vpn/wireguard/wireguard-0.0.20171101.ebuild | 2 ++
2 files changed, 42 insertions(+)
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch b/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch
new file mode 100644
index 00000000000..fe74e48b5dd
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch
@@ -0,0 +1,40 @@
+From cc310a5dd1899417971e993d61d1230b14fe4f87 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Thu, 2 Nov 2017 16:07:26 +0100
+Subject: global: revert checkpatch.pl changes
+
+These changes were suggested by checkpatch.pl, but actually cause big
+problems depending on the options. Revert.
+---
+ src/noise.c | 2 +-
+ src/peer.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/noise.c b/src/noise.c
+index a0bea29..6ce9b78 100644
+--- a/src/noise.c
++++ b/src/noise.c
+@@ -118,7 +118,7 @@ void noise_keypair_put(struct noise_keypair *keypair)
+
+ struct noise_keypair *noise_keypair_get(struct noise_keypair *keypair)
+ {
+- RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Calling " __func__ " without holding the RCU BH read lock");
++ RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Taking noise keypair reference without holding the RCU BH read lock");
+ if (unlikely(!keypair || !kref_get_unless_zero(&keypair->refcount)))
+ return NULL;
+ return keypair;
+diff --git a/src/peer.c b/src/peer.c
+index 1580262..81b71d4 100644
+--- a/src/peer.c
++++ b/src/peer.c
+@@ -58,7 +58,7 @@ struct wireguard_peer *peer_create(struct wireguard_device *wg, const u8 public_
+
+ struct wireguard_peer *peer_get(struct wireguard_peer *peer)
+ {
+- RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Calling " __func__ " without holding the RCU read lock");
++ RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Taking peer reference without holding the RCU read lock");
+ if (unlikely(!peer || !kref_get_unless_zero(&peer->refcount)))
+ return NULL;
+ return peer;
+--
+cgit v1.1-33-gc3c0
diff --git a/net-vpn/wireguard/wireguard-0.0.20171101.ebuild b/net-vpn/wireguard/wireguard-0.0.20171101.ebuild
index fdc71975143..579c9736f07 100644
--- a/net-vpn/wireguard/wireguard-0.0.20171101.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20171101.ebuild
@@ -30,6 +30,8 @@ MODULE_NAMES="wireguard(kernel/drivers/net:src)"
BUILD_TARGETS="module"
CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
+PATCHES=( "${FILESDIR}/${P}-funcfix.patch" )
+
pkg_setup() {
if use module; then
linux-mod_pkg_setup
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-11-11 3:41 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-11-11 3:41 UTC (permalink / raw
To: gentoo-commits
commit: eae80f7e0beb8630ed88f1aa24aabdd8ac8fec9c
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 11 03:40:54 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Sat Nov 11 03:41:21 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae80f7e
net-vpn/wireguard: bump
Package-Manager: Portage-2.3.13, Repoman-2.3.4
net-vpn/wireguard/Manifest | 2 +-
.../files/wireguard-0.0.20171101-funcfix.patch | 40 ----------------------
...171101.ebuild => wireguard-0.0.20171111.ebuild} | 2 --
3 files changed, 1 insertion(+), 43 deletions(-)
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
index e491b077f64..56ec1e0032e 100644
--- a/net-vpn/wireguard/Manifest
+++ b/net-vpn/wireguard/Manifest
@@ -1 +1 @@
-DIST WireGuard-0.0.20171101.tar.xz 173952 SHA256 096b6482a65e566c7bf8c059f5ee6aadb2de565b04b6d810c685f1c377540325 SHA512 c3a394256cf3cc2dce75dcb299f54969f74d4076a351b61972f10fb3e69191756c0c32552a5acc7e0cd5919c248f12035e6a33f15e43fdad64c6cf1230511ee3 WHIRLPOOL 0166c6e2c03a979719798332c8f6f0bae9f9586368d7d0f8cc9c3ee2ae7d6b15133caff1f665d1e99ab7e568a41dc1c64f94887f1461a1660a3c87b0d8a1f4a5
+DIST WireGuard-0.0.20171111.tar.xz 174184 SHA256 d9347786a9406ac276d86321ca64aadb1f0639cb0582c6e0519c634cf6e81157 SHA512 2424c3923555d72a0b5910fc86071b2554934267d4c6521bc40076770984173b2cef55f4276dd4b5a446ea62f7c52424cd89b046f205314cff2919ff7de30e6b WHIRLPOOL d484d92a76382bb52f71d4a589887bfb73d8a27f313a775da3ba2f0bd406f95cda80894c574ad1f0a9e73d3fe220f67393158f33b7cc86947882ec2eb4fe6533
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch b/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch
deleted file mode 100644
index fe74e48b5dd..00000000000
--- a/net-vpn/wireguard/files/wireguard-0.0.20171101-funcfix.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From cc310a5dd1899417971e993d61d1230b14fe4f87 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Thu, 2 Nov 2017 16:07:26 +0100
-Subject: global: revert checkpatch.pl changes
-
-These changes were suggested by checkpatch.pl, but actually cause big
-problems depending on the options. Revert.
----
- src/noise.c | 2 +-
- src/peer.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/noise.c b/src/noise.c
-index a0bea29..6ce9b78 100644
---- a/src/noise.c
-+++ b/src/noise.c
-@@ -118,7 +118,7 @@ void noise_keypair_put(struct noise_keypair *keypair)
-
- struct noise_keypair *noise_keypair_get(struct noise_keypair *keypair)
- {
-- RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Calling " __func__ " without holding the RCU BH read lock");
-+ RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Taking noise keypair reference without holding the RCU BH read lock");
- if (unlikely(!keypair || !kref_get_unless_zero(&keypair->refcount)))
- return NULL;
- return keypair;
-diff --git a/src/peer.c b/src/peer.c
-index 1580262..81b71d4 100644
---- a/src/peer.c
-+++ b/src/peer.c
-@@ -58,7 +58,7 @@ struct wireguard_peer *peer_create(struct wireguard_device *wg, const u8 public_
-
- struct wireguard_peer *peer_get(struct wireguard_peer *peer)
- {
-- RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Calling " __func__ " without holding the RCU read lock");
-+ RCU_LOCKDEP_WARN(!rcu_read_lock_bh_held(), "Taking peer reference without holding the RCU read lock");
- if (unlikely(!peer || !kref_get_unless_zero(&peer->refcount)))
- return NULL;
- return peer;
---
-cgit v1.1-33-gc3c0
diff --git a/net-vpn/wireguard/wireguard-0.0.20171101.ebuild b/net-vpn/wireguard/wireguard-0.0.20171111.ebuild
similarity index 99%
rename from net-vpn/wireguard/wireguard-0.0.20171101.ebuild
rename to net-vpn/wireguard/wireguard-0.0.20171111.ebuild
index 579c9736f07..fdc71975143 100644
--- a/net-vpn/wireguard/wireguard-0.0.20171101.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20171111.ebuild
@@ -30,8 +30,6 @@ MODULE_NAMES="wireguard(kernel/drivers/net:src)"
BUILD_TARGETS="module"
CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
-PATCHES=( "${FILESDIR}/${P}-funcfix.patch" )
-
pkg_setup() {
if use module; then
linux-mod_pkg_setup
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-10-31 17:35 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-10-31 17:35 UTC (permalink / raw
To: gentoo-commits
commit: 3b32a8f48a799318b5c06e42de40599dd71d0618
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 31 17:35:03 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Tue Oct 31 17:35:39 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3b32a8f4
net-vpn/wireguard: version bump
Package-Manager: Portage-2.3.11, Repoman-2.3.3
net-vpn/wireguard/Manifest | 2 +-
| 25 ----------------------
...171017.ebuild => wireguard-0.0.20171031.ebuild} | 2 --
3 files changed, 1 insertion(+), 28 deletions(-)
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
index 2c365f899da..10c32c496ce 100644
--- a/net-vpn/wireguard/Manifest
+++ b/net-vpn/wireguard/Manifest
@@ -1 +1 @@
-DIST WireGuard-0.0.20171017.tar.xz 171724 SHA256 57b79a62874d9b99659a744513d4f6f9d88cb772deaa99e485b6fed3004a35cd SHA512 134a1cbcdae6f3fa56e2c557f08eaae89e14f6b8455ffb818e1bb4113905298f26c170b3ee73129f895089407e86809047ae6813cd7a31db55b6b9a89f361edb WHIRLPOOL 255c9b91aa80d0e92d92249665c995331c17d7ff1e3574184464c70a784aa21d837b2bf4d63997c777e3abd584715f7676f65e51243e8a2a41b1f2453df2f961
+DIST WireGuard-0.0.20171031.tar.xz 173560 SHA256 69b9787b7ae2c681532a7a346e170471f1a651359ed53ff9e6fb8b2c60b9f96a SHA512 08c0a584403ce5e210b928b8b459f3f99d16d949cbb2c5be1d8eae488a6f14c627b8004d9ec23ad3d38f1cc83115706e9328d382cb1fef4f18a22d589296bd19 WHIRLPOOL 0857e46461977c7faa66b65a39481bb7ccedd575cdd3fa2e1f33ee1491ad43e2e8cf9d1a79a269f67cd76179833ff19932255e84bcc7f59cf1573356f6c4aeee
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch b/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch
deleted file mode 100644
index d083a80fb5b..00000000000
--- a/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From cf21875fe39d21bff2028a78921e03d96dc56e5a Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Sat, 21 Oct 2017 01:30:45 +0200
-Subject: blake2: include headers for macros
-
----
- src/crypto/blake2s.h | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/crypto/blake2s.h b/src/crypto/blake2s.h
-index 615010f..99de9f9 100644
---- a/src/crypto/blake2s.h
-+++ b/src/crypto/blake2s.h
-@@ -4,6 +4,8 @@
- #define _WG_BLAKE2S_H
-
- #include <linux/types.h>
-+#include <linux/kernel.h>
-+#include <crypto/algapi.h>
-
- enum blake2s_lengths {
- BLAKE2S_BLOCKBYTES = 64,
---
-cgit v1.1-31-g4243
-
diff --git a/net-vpn/wireguard/wireguard-0.0.20171017.ebuild b/net-vpn/wireguard/wireguard-0.0.20171031.ebuild
similarity index 98%
rename from net-vpn/wireguard/wireguard-0.0.20171017.ebuild
rename to net-vpn/wireguard/wireguard-0.0.20171031.ebuild
index 64a7738a1b8..fdc71975143 100644
--- a/net-vpn/wireguard/wireguard-0.0.20171017.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20171031.ebuild
@@ -30,8 +30,6 @@ MODULE_NAMES="wireguard(kernel/drivers/net:src)"
BUILD_TARGETS="module"
CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
-PATCHES=( "${FILESDIR}/${P}-blake-headers.patch" )
-
pkg_setup() {
if use module; then
linux-mod_pkg_setup
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-10-21 0:11 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-10-21 0:11 UTC (permalink / raw
To: gentoo-commits
commit: 544a669875539c09fa3702310a6ecbb1abf2d6d7
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 21 00:10:40 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Sat Oct 21 00:11:13 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=544a6698
net-vpn/wireguard: include headers for happy building
Package-Manager: Portage-2.3.11, Repoman-2.3.3
| 25 ++++++++++++++++++++++
net-vpn/wireguard/wireguard-0.0.20171017.ebuild | 2 ++
2 files changed, 27 insertions(+)
--git a/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch b/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch
new file mode 100644
index 00000000000..d083a80fb5b
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-0.0.20171017-blake-headers.patch
@@ -0,0 +1,25 @@
+From cf21875fe39d21bff2028a78921e03d96dc56e5a Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Sat, 21 Oct 2017 01:30:45 +0200
+Subject: blake2: include headers for macros
+
+---
+ src/crypto/blake2s.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/crypto/blake2s.h b/src/crypto/blake2s.h
+index 615010f..99de9f9 100644
+--- a/src/crypto/blake2s.h
++++ b/src/crypto/blake2s.h
+@@ -4,6 +4,8 @@
+ #define _WG_BLAKE2S_H
+
+ #include <linux/types.h>
++#include <linux/kernel.h>
++#include <crypto/algapi.h>
+
+ enum blake2s_lengths {
+ BLAKE2S_BLOCKBYTES = 64,
+--
+cgit v1.1-31-g4243
+
diff --git a/net-vpn/wireguard/wireguard-0.0.20171017.ebuild b/net-vpn/wireguard/wireguard-0.0.20171017.ebuild
index fdc71975143..64a7738a1b8 100644
--- a/net-vpn/wireguard/wireguard-0.0.20171017.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20171017.ebuild
@@ -30,6 +30,8 @@ MODULE_NAMES="wireguard(kernel/drivers/net:src)"
BUILD_TARGETS="module"
CONFIG_CHECK="NET INET NET_UDP_TUNNEL CRYPTO_BLKCIPHER"
+PATCHES=( "${FILESDIR}/${P}-blake-headers.patch" )
+
pkg_setup() {
if use module; then
linux-mod_pkg_setup
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-06-12 22:27 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-06-12 22:27 UTC (permalink / raw
To: gentoo-commits
commit: c58b1895381f1fc0686da6770137bd48ba163392
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 12 22:26:57 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Mon Jun 12 22:27:05 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c58b1895
net-vpn/wireguard: version bump
Package-Manager: Portage-2.3.6, Repoman-2.3.2
net-vpn/wireguard/Manifest | 2 +-
.../wireguard-0.0.20170612-wait-for-rng.patch | 94 ----------------------
...612-r1.ebuild => wireguard-0.0.20170613.ebuild} | 2 -
3 files changed, 1 insertion(+), 97 deletions(-)
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
index 207265f427a..581050e5fb7 100644
--- a/net-vpn/wireguard/Manifest
+++ b/net-vpn/wireguard/Manifest
@@ -1 +1 @@
-DIST WireGuard-0.0.20170612.tar.xz 160712 SHA256 34efc70703f2b1ae38fd2bcc4c6031b4acc3f303c6e182a1958b7cf236a529ab SHA512 152642f7d1169947ec4c2619930f2e3756ab219113be15fc8f462edd234d1df4a50c297792e9fdef041b5e7729c2e3e72ceb80dfd1d0a7309dde16a13b3da99b WHIRLPOOL 8293879180a538279426dcfca3efb328f380413d1601997752e15ff8049bbe1d0f4112fe49fde0995695853e6e062c0fe7847e9db3d6bee9ba1ab5e4e1d71e28
+DIST WireGuard-0.0.20170613.tar.xz 160496 SHA256 88ac77569eeb79c517318d58a0954caa0a4d2a6a1694e74c2a3b1c14438ac941 SHA512 71b31900f8064415b54a023042a199f77ba212466ffa4f6fb13428f8acc592873e6f8d75063d6777464c6b13bfa86949be2036ff62179aaae2f63c0a99937987 WHIRLPOOL f10ed8c01b349ecd2a76db8022f3bf1ef0e2895382ee01f85b748cab3d99f3cd4546dd15eea695aa1e08aa34ad7856821df6039630f7569e14d64c3476a80aed
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch b/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch
deleted file mode 100644
index 0b5803c839d..00000000000
--- a/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-From 401294f7526de40a15c06997fceae58278807d22 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Mon, 12 Jun 2017 16:32:59 +0200
-Subject: [PATCH] random: wait for random bytes when generating nonces and
- ephemerals
-
-We can let userspace configure wireguard interfaces before the RNG is
-fully initialized, since what we mostly care about is having good
-randomness for ephemerals and xchacha nonces. By deferring the wait to
-actually asking for the randomness, we give a lot more opportunity for
-gathering entropy. This won't cover entropy for hash table secrets or
-cookie secrets (which rotate anyway), but those have far less
-catastrophic failure modes, so ensuring good randomness for elliptic
-curve points and nonces should be sufficient.
----
- src/compat/compat.h | 10 ++++++++++
- src/config.c | 5 -----
- src/cookie.c | 2 +-
- src/crypto/curve25519.c | 2 +-
- 4 files changed, 12 insertions(+), 7 deletions(-)
-
-diff --git a/src/compat/compat.h b/src/compat/compat.h
-index 68d62b9..6c1bfa3 100644
---- a/src/compat/compat.h
-+++ b/src/compat/compat.h
-@@ -265,6 +265,16 @@ static inline int wait_for_random_bytes(void)
- return 0;
- }
- #endif
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 13, 0)
-+static inline int get_random_bytes_wait(void *buf, int nbytes)
-+{
-+ int ret = wait_for_random_bytes();
-+ if (unlikely(ret))
-+ return ret;
-+ get_random_bytes(buf, nbytes);
-+ return 0;
-+}
-+#endif
-
- /* https://lkml.org/lkml/2015/6/12/415 */
- #include <linux/netdevice.h>
-diff --git a/src/config.c b/src/config.c
-index 286c874..d3b6611 100644
---- a/src/config.c
-+++ b/src/config.c
-@@ -8,7 +8,6 @@
- #include "hashtables.h"
- #include "peer.h"
- #include "uapi.h"
--#include <linux/random.h>
-
- static int set_device_port(struct wireguard_device *wg, u16 port)
- {
-@@ -135,10 +134,6 @@ int config_set_device(struct wireguard_device *wg, void __user *user_device)
- void __user *user_peer;
- bool modified_static_identity = false;
-
-- /* It's important that the Linux RNG is fully seeded before we let the user
-- * actually configure the device, so that we're assured to have good ephemerals. */
-- wait_for_random_bytes();
--
- BUILD_BUG_ON(WG_KEY_LEN != NOISE_PUBLIC_KEY_LEN);
- BUILD_BUG_ON(WG_KEY_LEN != NOISE_SYMMETRIC_KEY_LEN);
-
-diff --git a/src/cookie.c b/src/cookie.c
-index 21b7c7b..ce22b53 100644
---- a/src/cookie.c
-+++ b/src/cookie.c
-@@ -161,7 +161,7 @@ void cookie_message_create(struct message_handshake_cookie *dst, struct sk_buff
-
- dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_COOKIE);
- dst->receiver_index = index;
-- get_random_bytes(dst->nonce, COOKIE_NONCE_LEN);
-+ get_random_bytes_wait(dst->nonce, COOKIE_NONCE_LEN);
-
- make_cookie(cookie, skb, checker);
- xchacha20poly1305_encrypt(dst->encrypted_cookie, cookie, COOKIE_LEN, macs->mac1, COOKIE_LEN, dst->nonce, checker->cookie_encryption_key);
-diff --git a/src/crypto/curve25519.c b/src/crypto/curve25519.c
-index f0e045e..119d41a 100644
---- a/src/crypto/curve25519.c
-+++ b/src/crypto/curve25519.c
-@@ -1545,7 +1545,7 @@ bool curve25519_generate_public(u8 pub[CURVE25519_POINT_SIZE], const u8 secret[C
-
- void curve25519_generate_secret(u8 secret[CURVE25519_POINT_SIZE])
- {
-- get_random_bytes(secret, CURVE25519_POINT_SIZE);
-+ get_random_bytes_wait(secret, CURVE25519_POINT_SIZE);
- normalize_secret(secret);
- }
-
---
-2.13.1
-
diff --git a/net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild b/net-vpn/wireguard/wireguard-0.0.20170613.ebuild
similarity index 98%
rename from net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild
rename to net-vpn/wireguard/wireguard-0.0.20170613.ebuild
index c4df19fc775..2bc281b63b0 100644
--- a/net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20170613.ebuild
@@ -32,8 +32,6 @@ CONFIG_CHECK="NET INET NET_UDP_TUNNEL NF_CONNTRACK NETFILTER_XT_MATCH_HASHLIMIT
WARNING_PADATA="If you're running a multicore system you likely should enable CONFIG_PADATA for improved performance and parallel crypto."
WARNING_IP6_NF_IPTABLES="If your kernel has CONFIG_IPV6, you need CONFIG_IP6_NF_IPTABLES; otherwise WireGuard will not insert."
-PATCHES=( "${FILESDIR}/${P}-wait-for-rng.patch" )
-
pkg_setup() {
if use module; then
linux-mod_pkg_setup
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-06-12 3:45 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-06-12 3:45 UTC (permalink / raw
To: gentoo-commits
commit: 568950c856a4855cb371b0c52fe63356a39ce3f6
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 12 03:45:34 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Mon Jun 12 03:45:46 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=568950c8
net-vpn/wireguard: version bump
Package-Manager: Portage-2.3.6, Repoman-2.3.2
net-vpn/wireguard/Manifest | 2 +-
...eguard-0.0.20170531-remove-padata-hotplug.patch | 188 ---------------------
...wireguard-0.0.20170531-simultaneous-start.patch | 135 ---------------
...531-r2.ebuild => wireguard-0.0.20170612.ebuild} | 5 -
4 files changed, 1 insertion(+), 329 deletions(-)
diff --git a/net-vpn/wireguard/Manifest b/net-vpn/wireguard/Manifest
index 57562cde968..989d1ae06fd 100644
--- a/net-vpn/wireguard/Manifest
+++ b/net-vpn/wireguard/Manifest
@@ -1 +1 @@
-DIST WireGuard-0.0.20170531.tar.xz 162816 SHA256 2eb7d9aaf11dcb35e5066837bb1c768398ad3655744fdeb656bd7e7c7ad7cacc SHA512 82ad68e61ccd2844837f817065f7576839cb19e278d28c140d168620fe257f41f201de069105f3b4e2a104d9390460409e831581f2dc02a1bfda18c13c410bed WHIRLPOOL eabf39acf06ec88baa1ddbab31929bc48a48876cb26afe6129bb7dd30a712ed5230220c1bd832d43a546ccbb2b8229d4127af4767656c42d0e0a5e63c026bf73
+DIST WireGuard-0.0.20170612.tar.xz 160484 SHA256 842f338b0e8c3e79adb7a2b27a2c59fd73875d8bc1d6a9111e09a93538ed6f75 SHA512 9aecfcc5c3ef3987f8e9cf0350bd0522c8828ba2a07ced220da80cd93fc87d6b5d783ed788a4c882e1b70e64807e5e422d7dc8a90a8987a92c6bbfc98974eec6 WHIRLPOOL 63381926dc9556971ec3cd80fa4a176692a650aa7caaa08a4377f7910d5f818f0a582f127735a5a164a49ce5697d2db8889b61257b2b0f2b25fa60f725df052e
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch b/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
deleted file mode 100644
index a1f4b80d01d..00000000000
--- a/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
+++ /dev/null
@@ -1,188 +0,0 @@
-From 1e0405942cecfd6de2a7707f3027f326d6f2fdb4 Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Thu, 1 Jun 2017 16:55:20 +0200
-Subject: compat: remove padata hotplug code
-
-It's different on different kernel versions, and we're not using it
-anyway, so it's easiest to just get rid of it, rather than having
-another ifdef maze.
----
- src/compat/padata/padata.c | 149 ---------------------------------------------
- 1 file changed, 149 deletions(-)
-
-diff --git a/src/compat/padata/padata.c b/src/compat/padata/padata.c
-index 480c43f..25836db 100644
---- a/src/compat/padata/padata.c
-+++ b/src/compat/padata/padata.c
-@@ -677,131 +677,8 @@ void padata_stop(struct padata_instance *pinst)
- mutex_unlock(&pinst->lock);
- }
-
--#ifdef CONFIG_HOTPLUG_CPU
--
--static int __padata_add_cpu(struct padata_instance *pinst, int cpu)
--{
-- struct parallel_data *pd;
--
-- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
-- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
-- pinst->cpumask.cbcpu);
-- if (!pd)
-- return -ENOMEM;
--
-- padata_replace(pinst, pd);
--
-- if (padata_validate_cpumask(pinst, pinst->cpumask.pcpu) &&
-- padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
-- __padata_start(pinst);
-- }
--
-- return 0;
--}
--
--static int __padata_remove_cpu(struct padata_instance *pinst, int cpu)
--{
-- struct parallel_data *pd = NULL;
--
-- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
--
-- if (!padata_validate_cpumask(pinst, pinst->cpumask.pcpu) ||
-- !padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
-- __padata_stop(pinst);
--
-- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
-- pinst->cpumask.cbcpu);
-- if (!pd)
-- return -ENOMEM;
--
-- padata_replace(pinst, pd);
--
-- cpumask_clear_cpu(cpu, pd->cpumask.cbcpu);
-- cpumask_clear_cpu(cpu, pd->cpumask.pcpu);
-- }
--
-- return 0;
--}
--
-- /**
-- * padata_remove_cpu - remove a cpu from the one or both(serial and parallel)
-- * padata cpumasks.
-- *
-- * @pinst: padata instance
-- * @cpu: cpu to remove
-- * @mask: bitmask specifying from which cpumask @cpu should be removed
-- * The @mask may be any combination of the following flags:
-- * PADATA_CPU_SERIAL - serial cpumask
-- * PADATA_CPU_PARALLEL - parallel cpumask
-- */
--int padata_remove_cpu(struct padata_instance *pinst, int cpu, int mask)
--{
-- int err;
--
-- if (!(mask & (PADATA_CPU_SERIAL | PADATA_CPU_PARALLEL)))
-- return -EINVAL;
--
-- mutex_lock(&pinst->lock);
--
-- get_online_cpus();
-- if (mask & PADATA_CPU_SERIAL)
-- cpumask_clear_cpu(cpu, pinst->cpumask.cbcpu);
-- if (mask & PADATA_CPU_PARALLEL)
-- cpumask_clear_cpu(cpu, pinst->cpumask.pcpu);
--
-- err = __padata_remove_cpu(pinst, cpu);
-- put_online_cpus();
--
-- mutex_unlock(&pinst->lock);
--
-- return err;
--}
--
--static inline int pinst_has_cpu(struct padata_instance *pinst, int cpu)
--{
-- return cpumask_test_cpu(cpu, pinst->cpumask.pcpu) ||
-- cpumask_test_cpu(cpu, pinst->cpumask.cbcpu);
--}
--
--static int padata_cpu_online(unsigned int cpu, struct hlist_node *node)
--{
-- struct padata_instance *pinst;
-- int ret;
--
-- pinst = hlist_entry_safe(node, struct padata_instance, node);
-- if (!pinst_has_cpu(pinst, cpu))
-- return 0;
--
-- mutex_lock(&pinst->lock);
-- ret = __padata_add_cpu(pinst, cpu);
-- mutex_unlock(&pinst->lock);
-- return ret;
--}
--
--static int padata_cpu_prep_down(unsigned int cpu, struct hlist_node *node)
--{
-- struct padata_instance *pinst;
-- int ret;
--
-- pinst = hlist_entry_safe(node, struct padata_instance, node);
-- if (!pinst_has_cpu(pinst, cpu))
-- return 0;
--
-- mutex_lock(&pinst->lock);
-- ret = __padata_remove_cpu(pinst, cpu);
-- mutex_unlock(&pinst->lock);
-- return ret;
--}
--
--static enum cpuhp_state hp_online;
--#endif
--
- static void __padata_free(struct padata_instance *pinst)
- {
--#ifdef CONFIG_HOTPLUG_CPU
-- cpuhp_state_remove_instance_nocalls(hp_online, &pinst->node);
--#endif
--
- padata_stop(pinst);
- padata_free_pd(pinst->pd);
- free_cpumask_var(pinst->cpumask.pcpu);
-@@ -995,9 +872,6 @@ struct padata_instance *padata_alloc(struct workqueue_struct *wq,
- kobject_init(&pinst->kobj, &padata_attr_type);
- mutex_init(&pinst->lock);
-
--#ifdef CONFIG_HOTPLUG_CPU
-- cpuhp_state_add_instance_nocalls(hp_online, &pinst->node);
--#endif
- return pinst;
-
- err_free_masks:
-@@ -1019,26 +893,3 @@ void padata_free(struct padata_instance *pinst)
- {
- kobject_put(&pinst->kobj);
- }
--
--#ifdef CONFIG_HOTPLUG_CPU
--
--static __init int padata_driver_init(void)
--{
-- int ret;
--
-- ret = cpuhp_setup_state_multi(CPUHP_AP_ONLINE_DYN, "padata:online",
-- padata_cpu_online,
-- padata_cpu_prep_down);
-- if (ret < 0)
-- return ret;
-- hp_online = ret;
-- return 0;
--}
--module_init(padata_driver_init);
--
--static __exit void padata_driver_exit(void)
--{
-- cpuhp_remove_multi_state(hp_online);
--}
--module_exit(padata_driver_exit);
--#endif
---
-cgit v1.1-9-ge9c1d
-
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch b/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch
deleted file mode 100644
index 5d5ef64333d..00000000000
--- a/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 156280bcb881915701b25ad57e1efe2dcef73c6b Mon Sep 17 00:00:00 2001
-From: "Jason A. Donenfeld" <Jason@zx2c4.com>
-Date: Tue, 6 Jun 2017 21:49:29 +0200
-Subject: noise: fix race when replacing handshake
-
-Replacing an entry that's already been replaced is something that could
-happen when processing handshake messages in parallel, when starting up
-multiple instances on the same machine.
-
-Reported-by: Hubert Goisern <zweizweizwoelf@gmail.com>
----
- src/hashtables.c | 5 ++++-
- src/hashtables.h | 2 +-
- src/noise.c | 28 +++++++++++++++++++---------
- 3 files changed, 24 insertions(+), 11 deletions(-)
-
-diff --git a/src/hashtables.c b/src/hashtables.c
-index db97f7e..a01a899 100644
---- a/src/hashtables.c
-+++ b/src/hashtables.c
-@@ -97,13 +97,16 @@ search_unused_slot:
- return entry->index;
- }
-
--void index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new)
-+bool index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new)
- {
-+ if (unlikely(hlist_unhashed(&old->index_hash)))
-+ return false;
- spin_lock_bh(&table->lock);
- new->index = old->index;
- hlist_replace_rcu(&old->index_hash, &new->index_hash);
- INIT_HLIST_NODE(&old->index_hash);
- spin_unlock_bh(&table->lock);
-+ return true;
- }
-
- void index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry *entry)
-diff --git a/src/hashtables.h b/src/hashtables.h
-index 9fa47d5..08a2a5d 100644
---- a/src/hashtables.h
-+++ b/src/hashtables.h
-@@ -40,7 +40,7 @@ struct index_hashtable_entry {
- };
- void index_hashtable_init(struct index_hashtable *table);
- __le32 index_hashtable_insert(struct index_hashtable *table, struct index_hashtable_entry *entry);
--void index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new);
-+bool index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new);
- void index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry *entry);
- struct index_hashtable_entry *index_hashtable_lookup(struct index_hashtable *table, const enum index_hashtable_type type_mask, const __le32 index);
-
-diff --git a/src/noise.c b/src/noise.c
-index 7ca2a67..9583ab1 100644
---- a/src/noise.c
-+++ b/src/noise.c
-@@ -59,16 +59,21 @@ bool noise_handshake_init(struct noise_handshake *handshake, struct noise_static
- return noise_precompute_static_static(peer);
- }
-
--void noise_handshake_clear(struct noise_handshake *handshake)
-+static void handshake_zero(struct noise_handshake *handshake)
- {
-- index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
-- down_write(&handshake->lock);
- memset(&handshake->ephemeral_private, 0, NOISE_PUBLIC_KEY_LEN);
- memset(&handshake->remote_ephemeral, 0, NOISE_PUBLIC_KEY_LEN);
- memset(&handshake->hash, 0, NOISE_HASH_LEN);
- memset(&handshake->chaining_key, 0, NOISE_HASH_LEN);
- handshake->remote_index = 0;
- handshake->state = HANDSHAKE_ZEROED;
-+}
-+
-+void noise_handshake_clear(struct noise_handshake *handshake)
-+{
-+ index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
-+ down_write(&handshake->lock);
-+ handshake_zero(handshake);
- up_write(&handshake->lock);
- index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
- }
-@@ -371,8 +376,8 @@ bool noise_handshake_create_initiation(struct message_handshake_initiation *dst,
-
- dst->sender_index = index_hashtable_insert(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
-
-- ret = true;
- handshake->state = HANDSHAKE_CREATED_INITIATION;
-+ ret = true;
-
- out:
- up_write(&handshake->lock);
-@@ -548,6 +553,11 @@ struct wireguard_peer *noise_handshake_consume_response(struct message_handshake
-
- /* Success! Copy everything to peer */
- down_write(&handshake->lock);
-+ /* It's important to check that the state is still the same, while we have an exclusive lock */
-+ if (handshake->state != state) {
-+ up_write(&handshake->lock);
-+ goto fail;
-+ }
- memcpy(handshake->remote_ephemeral, e, NOISE_PUBLIC_KEY_LEN);
- memcpy(handshake->hash, hash, NOISE_HASH_LEN);
- memcpy(handshake->chaining_key, chaining_key, NOISE_HASH_LEN);
-@@ -573,7 +583,7 @@ bool noise_handshake_begin_session(struct noise_handshake *handshake, struct noi
- {
- struct noise_keypair *new_keypair;
-
-- down_read(&handshake->lock);
-+ down_write(&handshake->lock);
- if (handshake->state != HANDSHAKE_CREATED_RESPONSE && handshake->state != HANDSHAKE_CONSUMED_RESPONSE)
- goto fail;
-
-@@ -587,16 +597,16 @@ bool noise_handshake_begin_session(struct noise_handshake *handshake, struct noi
- derive_keys(&new_keypair->sending, &new_keypair->receiving, handshake->chaining_key);
- else
- derive_keys(&new_keypair->receiving, &new_keypair->sending, handshake->chaining_key);
-- up_read(&handshake->lock);
-
-+ handshake_zero(handshake);
- add_new_keypair(keypairs, new_keypair);
-- index_hashtable_replace(&handshake->entry.peer->device->index_hashtable, &handshake->entry, &new_keypair->entry);
-- noise_handshake_clear(handshake);
- net_dbg_ratelimited("%s: Keypair %Lu created for peer %Lu\n", netdev_pub(new_keypair->entry.peer->device)->name, new_keypair->internal_id, new_keypair->entry.peer->internal_id);
-+ WARN_ON(!index_hashtable_replace(&handshake->entry.peer->device->index_hashtable, &handshake->entry, &new_keypair->entry));
-+ up_write(&handshake->lock);
-
- return true;
-
- fail:
-- up_read(&handshake->lock);
-+ up_write(&handshake->lock);
- return false;
- }
---
-cgit v1.1-9-ge9c1d
-
diff --git a/net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild b/net-vpn/wireguard/wireguard-0.0.20170612.ebuild
similarity index 97%
rename from net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild
rename to net-vpn/wireguard/wireguard-0.0.20170612.ebuild
index db171b012c3..1406c6d3ade 100644
--- a/net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20170612.ebuild
@@ -39,11 +39,6 @@ pkg_setup() {
fi
}
-PATCHES=(
- "${FILESDIR}/${P}-remove-padata-hotplug.patch"
- "${FILESDIR}/${P}-simultaneous-start.patch"
-)
-
src_compile() {
use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
use module && linux-mod_src_compile
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-06-07 12:26 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-06-07 12:26 UTC (permalink / raw
To: gentoo-commits
commit: e57c17cb57dd02782bf241f0acfad80a4ff30854
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Wed Jun 7 12:26:10 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Jun 7 12:26:43 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e57c17cb
net-vpn/wireguard: backport stability fix for lxd users
Package-Manager: Portage-2.3.6, Repoman-2.3.2
...wireguard-0.0.20170531-simultaneous-start.patch | 135 +++++++++++++++++++++
...-r1.ebuild => wireguard-0.0.20170531-r2.ebuild} | 8 +-
net-vpn/wireguard/wireguard-0.0.20170531.ebuild | 110 -----------------
3 files changed, 139 insertions(+), 114 deletions(-)
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch b/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch
new file mode 100644
index 00000000000..5d5ef64333d
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-0.0.20170531-simultaneous-start.patch
@@ -0,0 +1,135 @@
+From 156280bcb881915701b25ad57e1efe2dcef73c6b Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Tue, 6 Jun 2017 21:49:29 +0200
+Subject: noise: fix race when replacing handshake
+
+Replacing an entry that's already been replaced is something that could
+happen when processing handshake messages in parallel, when starting up
+multiple instances on the same machine.
+
+Reported-by: Hubert Goisern <zweizweizwoelf@gmail.com>
+---
+ src/hashtables.c | 5 ++++-
+ src/hashtables.h | 2 +-
+ src/noise.c | 28 +++++++++++++++++++---------
+ 3 files changed, 24 insertions(+), 11 deletions(-)
+
+diff --git a/src/hashtables.c b/src/hashtables.c
+index db97f7e..a01a899 100644
+--- a/src/hashtables.c
++++ b/src/hashtables.c
+@@ -97,13 +97,16 @@ search_unused_slot:
+ return entry->index;
+ }
+
+-void index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new)
++bool index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new)
+ {
++ if (unlikely(hlist_unhashed(&old->index_hash)))
++ return false;
+ spin_lock_bh(&table->lock);
+ new->index = old->index;
+ hlist_replace_rcu(&old->index_hash, &new->index_hash);
+ INIT_HLIST_NODE(&old->index_hash);
+ spin_unlock_bh(&table->lock);
++ return true;
+ }
+
+ void index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry *entry)
+diff --git a/src/hashtables.h b/src/hashtables.h
+index 9fa47d5..08a2a5d 100644
+--- a/src/hashtables.h
++++ b/src/hashtables.h
+@@ -40,7 +40,7 @@ struct index_hashtable_entry {
+ };
+ void index_hashtable_init(struct index_hashtable *table);
+ __le32 index_hashtable_insert(struct index_hashtable *table, struct index_hashtable_entry *entry);
+-void index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new);
++bool index_hashtable_replace(struct index_hashtable *table, struct index_hashtable_entry *old, struct index_hashtable_entry *new);
+ void index_hashtable_remove(struct index_hashtable *table, struct index_hashtable_entry *entry);
+ struct index_hashtable_entry *index_hashtable_lookup(struct index_hashtable *table, const enum index_hashtable_type type_mask, const __le32 index);
+
+diff --git a/src/noise.c b/src/noise.c
+index 7ca2a67..9583ab1 100644
+--- a/src/noise.c
++++ b/src/noise.c
+@@ -59,16 +59,21 @@ bool noise_handshake_init(struct noise_handshake *handshake, struct noise_static
+ return noise_precompute_static_static(peer);
+ }
+
+-void noise_handshake_clear(struct noise_handshake *handshake)
++static void handshake_zero(struct noise_handshake *handshake)
+ {
+- index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
+- down_write(&handshake->lock);
+ memset(&handshake->ephemeral_private, 0, NOISE_PUBLIC_KEY_LEN);
+ memset(&handshake->remote_ephemeral, 0, NOISE_PUBLIC_KEY_LEN);
+ memset(&handshake->hash, 0, NOISE_HASH_LEN);
+ memset(&handshake->chaining_key, 0, NOISE_HASH_LEN);
+ handshake->remote_index = 0;
+ handshake->state = HANDSHAKE_ZEROED;
++}
++
++void noise_handshake_clear(struct noise_handshake *handshake)
++{
++ index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
++ down_write(&handshake->lock);
++ handshake_zero(handshake);
+ up_write(&handshake->lock);
+ index_hashtable_remove(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
+ }
+@@ -371,8 +376,8 @@ bool noise_handshake_create_initiation(struct message_handshake_initiation *dst,
+
+ dst->sender_index = index_hashtable_insert(&handshake->entry.peer->device->index_hashtable, &handshake->entry);
+
+- ret = true;
+ handshake->state = HANDSHAKE_CREATED_INITIATION;
++ ret = true;
+
+ out:
+ up_write(&handshake->lock);
+@@ -548,6 +553,11 @@ struct wireguard_peer *noise_handshake_consume_response(struct message_handshake
+
+ /* Success! Copy everything to peer */
+ down_write(&handshake->lock);
++ /* It's important to check that the state is still the same, while we have an exclusive lock */
++ if (handshake->state != state) {
++ up_write(&handshake->lock);
++ goto fail;
++ }
+ memcpy(handshake->remote_ephemeral, e, NOISE_PUBLIC_KEY_LEN);
+ memcpy(handshake->hash, hash, NOISE_HASH_LEN);
+ memcpy(handshake->chaining_key, chaining_key, NOISE_HASH_LEN);
+@@ -573,7 +583,7 @@ bool noise_handshake_begin_session(struct noise_handshake *handshake, struct noi
+ {
+ struct noise_keypair *new_keypair;
+
+- down_read(&handshake->lock);
++ down_write(&handshake->lock);
+ if (handshake->state != HANDSHAKE_CREATED_RESPONSE && handshake->state != HANDSHAKE_CONSUMED_RESPONSE)
+ goto fail;
+
+@@ -587,16 +597,16 @@ bool noise_handshake_begin_session(struct noise_handshake *handshake, struct noi
+ derive_keys(&new_keypair->sending, &new_keypair->receiving, handshake->chaining_key);
+ else
+ derive_keys(&new_keypair->receiving, &new_keypair->sending, handshake->chaining_key);
+- up_read(&handshake->lock);
+
++ handshake_zero(handshake);
+ add_new_keypair(keypairs, new_keypair);
+- index_hashtable_replace(&handshake->entry.peer->device->index_hashtable, &handshake->entry, &new_keypair->entry);
+- noise_handshake_clear(handshake);
+ net_dbg_ratelimited("%s: Keypair %Lu created for peer %Lu\n", netdev_pub(new_keypair->entry.peer->device)->name, new_keypair->internal_id, new_keypair->entry.peer->internal_id);
++ WARN_ON(!index_hashtable_replace(&handshake->entry.peer->device->index_hashtable, &handshake->entry, &new_keypair->entry));
++ up_write(&handshake->lock);
+
+ return true;
+
+ fail:
+- up_read(&handshake->lock);
++ up_write(&handshake->lock);
+ return false;
+ }
+--
+cgit v1.1-9-ge9c1d
+
diff --git a/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild b/net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild
similarity index 97%
rename from net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
rename to net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild
index 3d5b1b746f0..db171b012c3 100644
--- a/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
+++ b/net-vpn/wireguard/wireguard-0.0.20170531-r2.ebuild
@@ -39,10 +39,10 @@ pkg_setup() {
fi
}
-src_prepare() {
- epatch "${FILESDIR}/${P}-remove-padata-hotplug.patch"
- default
-}
+PATCHES=(
+ "${FILESDIR}/${P}-remove-padata-hotplug.patch"
+ "${FILESDIR}/${P}-simultaneous-start.patch"
+)
src_compile() {
use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
diff --git a/net-vpn/wireguard/wireguard-0.0.20170531.ebuild b/net-vpn/wireguard/wireguard-0.0.20170531.ebuild
deleted file mode 100644
index 1406c6d3ade..00000000000
--- a/net-vpn/wireguard/wireguard-0.0.20170531.ebuild
+++ /dev/null
@@ -1,110 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-inherit linux-mod bash-completion-r1
-
-DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
-HOMEPAGE="https://www.wireguard.io/"
-
-if [[ ${PV} == 9999 ]]; then
- inherit git-r3
- EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
- KEYWORDS=""
-else
- SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
- S="${WORKDIR}/WireGuard-${PV}"
- KEYWORDS="~amd64 ~x86 ~mips ~arm ~arm64"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="debug +module +tools module-src"
-
-DEPEND="tools? ( net-libs/libmnl )"
-RDEPEND="${DEPEND}"
-
-MODULE_NAMES="wireguard(net:src)"
-BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1"
-BUILD_TARGETS="module"
-CONFIG_CHECK="NET INET NET_UDP_TUNNEL NF_CONNTRACK NETFILTER_XT_MATCH_HASHLIMIT CRYPTO_BLKCIPHER ~PADATA ~IP6_NF_IPTABLES"
-WARNING_PADATA="If you're running a multicore system you likely should enable CONFIG_PADATA for improved performance and parallel crypto."
-WARNING_IP6_NF_IPTABLES="If your kernel has CONFIG_IPV6, you need CONFIG_IP6_NF_IPTABLES; otherwise WireGuard will not insert."
-
-pkg_setup() {
- if use module; then
- linux-mod_pkg_setup
- kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
- fi
-}
-
-src_compile() {
- use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
- use module && linux-mod_src_compile
- use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools
-}
-
-src_install() {
- use module && linux-mod_src_install
- if use tools; then
- dodoc README.md
- dodoc -r contrib/examples
- emake \
- WITH_BASHCOMPLETION=yes \
- WITH_SYSTEMDUNITS=yes \
- WITH_WGQUICK=yes \
- DESTDIR="${D}" \
- BASHCOMPDIR="$(get_bashcompdir)" \
- PREFIX="${EPREFIX}/usr" \
- -C src/tools install
- insinto /$(get_libdir)/netifrc/net
- newins "${FILESDIR}"/wireguard-openrc.sh wireguard.sh
- fi
- use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
-}
-
-pkg_postinst() {
- if use module-src && ! use module; then
- einfo
- einfo "You have enabled the module-src USE flag without the module USE"
- einfo "flag. This means that sources are installed to"
- einfo "${ROOT}usr/src/wireguard instead of having the"
- einfo "kernel module compiled. You will need to compile the module"
- einfo "yourself. Most likely, you don't want this USE flag, and should"
- einfo "rather use USE=module"
- einfo
- fi
- use module && linux-mod_pkg_postinst
-
- ewarn
- ewarn "This software is experimental and has not yet been released."
- ewarn "As such, it may contain significant issues. Please do not file"
- ewarn "bug reports with Gentoo, but rather direct them upstream to:"
- ewarn
- ewarn " team@wireguard.io security@wireguard.io"
- ewarn
-
- if use tools; then
- einfo
- einfo "After installing WireGuard, if you'd like to try sending some packets through"
- einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
- einfo "test example script:"
- einfo
- einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
- einfo
- einfo "This will automatically setup interface wg0, through a very insecure transport"
- einfo "that is only suitable for demonstration purposes. You can then try loading the"
- einfo "hidden website or sending pings:"
- einfo
- einfo " \$ chromium http://192.168.4.1"
- einfo " \$ ping 192.168.4.1"
- einfo
- einfo "If you'd like to redirect your internet traffic, you can run it with the"
- einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
- einfo "purposes. It is for quick testing only."
- einfo
- einfo "More info on getting started can be found at: https://www.wireguard.io/quickstart/"
- einfo
- fi
-}
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/
@ 2017-06-01 18:15 Jason Donenfeld
0 siblings, 0 replies; 8+ messages in thread
From: Jason Donenfeld @ 2017-06-01 18:15 UTC (permalink / raw
To: gentoo-commits
commit: 98de0b375822da3d946004d292a03c050dfaa72d
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Thu Jun 1 18:14:43 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Thu Jun 1 18:14:56 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98de0b37
net-vpn/wireguard: work around hotplug+!padata
Package-Manager: Portage-2.3.6, Repoman-2.3.2
...eguard-0.0.20170531-remove-padata-hotplug.patch | 188 +++++++++++++++++++++
net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild | 115 +++++++++++++
2 files changed, 303 insertions(+)
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch b/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
new file mode 100644
index 00000000000..a1f4b80d01d
--- /dev/null
+++ b/net-vpn/wireguard/files/wireguard-0.0.20170531-remove-padata-hotplug.patch
@@ -0,0 +1,188 @@
+From 1e0405942cecfd6de2a7707f3027f326d6f2fdb4 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Thu, 1 Jun 2017 16:55:20 +0200
+Subject: compat: remove padata hotplug code
+
+It's different on different kernel versions, and we're not using it
+anyway, so it's easiest to just get rid of it, rather than having
+another ifdef maze.
+---
+ src/compat/padata/padata.c | 149 ---------------------------------------------
+ 1 file changed, 149 deletions(-)
+
+diff --git a/src/compat/padata/padata.c b/src/compat/padata/padata.c
+index 480c43f..25836db 100644
+--- a/src/compat/padata/padata.c
++++ b/src/compat/padata/padata.c
+@@ -677,131 +677,8 @@ void padata_stop(struct padata_instance *pinst)
+ mutex_unlock(&pinst->lock);
+ }
+
+-#ifdef CONFIG_HOTPLUG_CPU
+-
+-static int __padata_add_cpu(struct padata_instance *pinst, int cpu)
+-{
+- struct parallel_data *pd;
+-
+- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
+- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
+- pinst->cpumask.cbcpu);
+- if (!pd)
+- return -ENOMEM;
+-
+- padata_replace(pinst, pd);
+-
+- if (padata_validate_cpumask(pinst, pinst->cpumask.pcpu) &&
+- padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
+- __padata_start(pinst);
+- }
+-
+- return 0;
+-}
+-
+-static int __padata_remove_cpu(struct padata_instance *pinst, int cpu)
+-{
+- struct parallel_data *pd = NULL;
+-
+- if (cpumask_test_cpu(cpu, cpu_online_mask)) {
+-
+- if (!padata_validate_cpumask(pinst, pinst->cpumask.pcpu) ||
+- !padata_validate_cpumask(pinst, pinst->cpumask.cbcpu))
+- __padata_stop(pinst);
+-
+- pd = padata_alloc_pd(pinst, pinst->cpumask.pcpu,
+- pinst->cpumask.cbcpu);
+- if (!pd)
+- return -ENOMEM;
+-
+- padata_replace(pinst, pd);
+-
+- cpumask_clear_cpu(cpu, pd->cpumask.cbcpu);
+- cpumask_clear_cpu(cpu, pd->cpumask.pcpu);
+- }
+-
+- return 0;
+-}
+-
+- /**
+- * padata_remove_cpu - remove a cpu from the one or both(serial and parallel)
+- * padata cpumasks.
+- *
+- * @pinst: padata instance
+- * @cpu: cpu to remove
+- * @mask: bitmask specifying from which cpumask @cpu should be removed
+- * The @mask may be any combination of the following flags:
+- * PADATA_CPU_SERIAL - serial cpumask
+- * PADATA_CPU_PARALLEL - parallel cpumask
+- */
+-int padata_remove_cpu(struct padata_instance *pinst, int cpu, int mask)
+-{
+- int err;
+-
+- if (!(mask & (PADATA_CPU_SERIAL | PADATA_CPU_PARALLEL)))
+- return -EINVAL;
+-
+- mutex_lock(&pinst->lock);
+-
+- get_online_cpus();
+- if (mask & PADATA_CPU_SERIAL)
+- cpumask_clear_cpu(cpu, pinst->cpumask.cbcpu);
+- if (mask & PADATA_CPU_PARALLEL)
+- cpumask_clear_cpu(cpu, pinst->cpumask.pcpu);
+-
+- err = __padata_remove_cpu(pinst, cpu);
+- put_online_cpus();
+-
+- mutex_unlock(&pinst->lock);
+-
+- return err;
+-}
+-
+-static inline int pinst_has_cpu(struct padata_instance *pinst, int cpu)
+-{
+- return cpumask_test_cpu(cpu, pinst->cpumask.pcpu) ||
+- cpumask_test_cpu(cpu, pinst->cpumask.cbcpu);
+-}
+-
+-static int padata_cpu_online(unsigned int cpu, struct hlist_node *node)
+-{
+- struct padata_instance *pinst;
+- int ret;
+-
+- pinst = hlist_entry_safe(node, struct padata_instance, node);
+- if (!pinst_has_cpu(pinst, cpu))
+- return 0;
+-
+- mutex_lock(&pinst->lock);
+- ret = __padata_add_cpu(pinst, cpu);
+- mutex_unlock(&pinst->lock);
+- return ret;
+-}
+-
+-static int padata_cpu_prep_down(unsigned int cpu, struct hlist_node *node)
+-{
+- struct padata_instance *pinst;
+- int ret;
+-
+- pinst = hlist_entry_safe(node, struct padata_instance, node);
+- if (!pinst_has_cpu(pinst, cpu))
+- return 0;
+-
+- mutex_lock(&pinst->lock);
+- ret = __padata_remove_cpu(pinst, cpu);
+- mutex_unlock(&pinst->lock);
+- return ret;
+-}
+-
+-static enum cpuhp_state hp_online;
+-#endif
+-
+ static void __padata_free(struct padata_instance *pinst)
+ {
+-#ifdef CONFIG_HOTPLUG_CPU
+- cpuhp_state_remove_instance_nocalls(hp_online, &pinst->node);
+-#endif
+-
+ padata_stop(pinst);
+ padata_free_pd(pinst->pd);
+ free_cpumask_var(pinst->cpumask.pcpu);
+@@ -995,9 +872,6 @@ struct padata_instance *padata_alloc(struct workqueue_struct *wq,
+ kobject_init(&pinst->kobj, &padata_attr_type);
+ mutex_init(&pinst->lock);
+
+-#ifdef CONFIG_HOTPLUG_CPU
+- cpuhp_state_add_instance_nocalls(hp_online, &pinst->node);
+-#endif
+ return pinst;
+
+ err_free_masks:
+@@ -1019,26 +893,3 @@ void padata_free(struct padata_instance *pinst)
+ {
+ kobject_put(&pinst->kobj);
+ }
+-
+-#ifdef CONFIG_HOTPLUG_CPU
+-
+-static __init int padata_driver_init(void)
+-{
+- int ret;
+-
+- ret = cpuhp_setup_state_multi(CPUHP_AP_ONLINE_DYN, "padata:online",
+- padata_cpu_online,
+- padata_cpu_prep_down);
+- if (ret < 0)
+- return ret;
+- hp_online = ret;
+- return 0;
+-}
+-module_init(padata_driver_init);
+-
+-static __exit void padata_driver_exit(void)
+-{
+- cpuhp_remove_multi_state(hp_online);
+-}
+-module_exit(padata_driver_exit);
+-#endif
+--
+cgit v1.1-9-ge9c1d
+
diff --git a/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild b/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
new file mode 100644
index 00000000000..3d5b1b746f0
--- /dev/null
+++ b/net-vpn/wireguard/wireguard-0.0.20170531-r1.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit linux-mod bash-completion-r1
+
+DESCRIPTION="Simple yet fast and modern VPN that utilizes state-of-the-art cryptography."
+HOMEPAGE="https://www.wireguard.io/"
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://git.zx2c4.com/WireGuard"
+ KEYWORDS=""
+else
+ SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz"
+ S="${WORKDIR}/WireGuard-${PV}"
+ KEYWORDS="~amd64 ~x86 ~mips ~arm ~arm64"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="debug +module +tools module-src"
+
+DEPEND="tools? ( net-libs/libmnl )"
+RDEPEND="${DEPEND}"
+
+MODULE_NAMES="wireguard(net:src)"
+BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1"
+BUILD_TARGETS="module"
+CONFIG_CHECK="NET INET NET_UDP_TUNNEL NF_CONNTRACK NETFILTER_XT_MATCH_HASHLIMIT CRYPTO_BLKCIPHER ~PADATA ~IP6_NF_IPTABLES"
+WARNING_PADATA="If you're running a multicore system you likely should enable CONFIG_PADATA for improved performance and parallel crypto."
+WARNING_IP6_NF_IPTABLES="If your kernel has CONFIG_IPV6, you need CONFIG_IP6_NF_IPTABLES; otherwise WireGuard will not insert."
+
+pkg_setup() {
+ if use module; then
+ linux-mod_pkg_setup
+ kernel_is -lt 3 10 0 && die "This version of ${PN} requires Linux >= 3.10"
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}/${P}-remove-padata-hotplug.patch"
+ default
+}
+
+src_compile() {
+ use debug && BUILD_PARAMS="CONFIG_WIREGUARD_DEBUG=y ${BUILD_PARAMS}"
+ use module && linux-mod_src_compile
+ use tools && emake RUNSTATEDIR="${EPREFIX}/run" -C src/tools
+}
+
+src_install() {
+ use module && linux-mod_src_install
+ if use tools; then
+ dodoc README.md
+ dodoc -r contrib/examples
+ emake \
+ WITH_BASHCOMPLETION=yes \
+ WITH_SYSTEMDUNITS=yes \
+ WITH_WGQUICK=yes \
+ DESTDIR="${D}" \
+ BASHCOMPDIR="$(get_bashcompdir)" \
+ PREFIX="${EPREFIX}/usr" \
+ -C src/tools install
+ insinto /$(get_libdir)/netifrc/net
+ newins "${FILESDIR}"/wireguard-openrc.sh wireguard.sh
+ fi
+ use module-src && emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" -C src dkms-install
+}
+
+pkg_postinst() {
+ if use module-src && ! use module; then
+ einfo
+ einfo "You have enabled the module-src USE flag without the module USE"
+ einfo "flag. This means that sources are installed to"
+ einfo "${ROOT}usr/src/wireguard instead of having the"
+ einfo "kernel module compiled. You will need to compile the module"
+ einfo "yourself. Most likely, you don't want this USE flag, and should"
+ einfo "rather use USE=module"
+ einfo
+ fi
+ use module && linux-mod_pkg_postinst
+
+ ewarn
+ ewarn "This software is experimental and has not yet been released."
+ ewarn "As such, it may contain significant issues. Please do not file"
+ ewarn "bug reports with Gentoo, but rather direct them upstream to:"
+ ewarn
+ ewarn " team@wireguard.io security@wireguard.io"
+ ewarn
+
+ if use tools; then
+ einfo
+ einfo "After installing WireGuard, if you'd like to try sending some packets through"
+ einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
+ einfo "test example script:"
+ einfo
+ einfo " \$ bzcat ${ROOT}usr/share/doc/${PF}/examples/ncat-client-server/client.sh.bz2 | sudo bash -"
+ einfo
+ einfo "This will automatically setup interface wg0, through a very insecure transport"
+ einfo "that is only suitable for demonstration purposes. You can then try loading the"
+ einfo "hidden website or sending pings:"
+ einfo
+ einfo " \$ chromium http://192.168.4.1"
+ einfo " \$ ping 192.168.4.1"
+ einfo
+ einfo "If you'd like to redirect your internet traffic, you can run it with the"
+ einfo "\"default-route\" argument. You may not use this server for any abusive or illegal"
+ einfo "purposes. It is for quick testing only."
+ einfo
+ einfo "More info on getting started can be found at: https://www.wireguard.io/quickstart/"
+ einfo
+ fi
+}
^ permalink raw reply related [flat|nested] 8+ messages in thread
end of thread, other threads:[~2017-11-11 3:41 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-11-02 17:27 [gentoo-commits] repo/gentoo:master commit in: net-vpn/wireguard/files/, net-vpn/wireguard/ Jason Donenfeld
-- strict thread matches above, loose matches on Subject: below --
2017-11-11 3:41 Jason Donenfeld
2017-10-31 17:35 Jason Donenfeld
2017-10-21 0:11 Jason Donenfeld
2017-06-12 22:27 Jason Donenfeld
2017-06-12 3:45 Jason Donenfeld
2017-06-07 12:26 Jason Donenfeld
2017-06-01 18:15 Jason Donenfeld
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox