mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 01:11:14 +00:00
42dc0e2594
* send: switch handshake stamp to an atomic Rather than abusing the handshake lock, we're much better off just using a boring atomic64 for this. It's simpler and performs better. Also, while we're at it, we set the handshake stamp both before and after the calculations, in case the calculations block for a really long time waiting for the RNG to initialize. * compat: better atomic acquire/release backport This should fix compilation and correctness on several platforms. * crypto: move simd context to specific type This was a suggestion from Andy Lutomirski on LKML. * chacha20poly1305: selftest: use arrays for test vectors We no longer have lines so long that they're rejected by SMTP servers. * qemu: add easy git harness This makes it a bit easier to use our qemu harness for testing our mainline integration tree. * curve25519-x86_64: avoid use of r12 This causes problems with RAP and KERNEXEC for PaX, as r12 is a reserved register. * chacha20: use memmove in case buffers overlap A small correctness fix that we never actually hit in WireGuard but is important especially for moving this into a general purpose library. * curve25519-hacl64: simplify u64_eq_mask * curve25519-hacl64: correct u64_gte_mask Two bitmath fixes from Samuel, which come complete with a z3 script proving their correctness. * timers: include header in right file This fixes compilation in some environments. * netlink: don't start over iteration on multipart non-first allowedips Matt Layher found a bug where a netlink dump of peers would never terminate in some circumstances, causing wg(8) to keep trying forever. We now have a fix as well as a unit test to mitigate this, and we'll be looking to create a fuzzer out of Matt's nice library. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
117 lines
3.4 KiB
Makefile
117 lines
3.4 KiB
Makefile
#
|
|
# Copyright (C) 2016-2018 Jason A. Donenfeld <Jason@zx2c4.com>
|
|
# Copyright (C) 2016 Baptiste Jonglez <openwrt@bitsofnetworks.org>
|
|
# Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com>
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
include $(INCLUDE_DIR)/kernel.mk
|
|
|
|
PKG_NAME:=wireguard
|
|
|
|
PKG_VERSION:=0.0.20180809
|
|
PKG_RELEASE:=1
|
|
|
|
PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz
|
|
PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/
|
|
PKG_HASH:=3e351c42d22de427713f1da06d21189c5896a694a66cf19233a7c33295676f19
|
|
|
|
PKG_LICENSE:=GPL-2.0 Apache-2.0
|
|
PKG_LICENSE_FILES:=COPYING
|
|
|
|
PKG_BUILD_DIR:=$(KERNEL_BUILD_DIR)/WireGuard-$(PKG_VERSION)
|
|
PKG_BUILD_PARALLEL:=1
|
|
PKG_USE_MIPS16:=0
|
|
|
|
# WireGuard's makefile needs this to know where to build the kernel module
|
|
export KERNELDIR:=$(LINUX_DIR)
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/wireguard/Default
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
SUBMENU:=VPN
|
|
URL:=https://www.wireguard.com
|
|
MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com> \
|
|
Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
endef
|
|
|
|
define Package/wireguard/Default/description
|
|
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
|
|
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
|
|
more useful than IPSec, while avoiding the massive headache. It intends to
|
|
be considerably more performant than OpenVPN. WireGuard is designed as a
|
|
general purpose VPN for running on embedded interfaces and super computers
|
|
alike, fit for many different circumstances. It uses UDP.
|
|
endef
|
|
|
|
define Package/wireguard
|
|
$(call Package/wireguard/Default)
|
|
TITLE:=WireGuard meta-package
|
|
DEPENDS:=+wireguard-tools +kmod-wireguard
|
|
endef
|
|
|
|
include $(INCLUDE_DIR)/kernel-defaults.mk
|
|
include $(INCLUDE_DIR)/package-defaults.mk
|
|
|
|
# Used by Build/Compile/Default
|
|
MAKE_PATH:=src/tools
|
|
MAKE_VARS += PLATFORM=linux
|
|
|
|
define Build/Compile
|
|
$(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules
|
|
$(call Build/Compile/Default)
|
|
endef
|
|
|
|
define Package/wireguard/install
|
|
true
|
|
endef
|
|
|
|
define Package/wireguard/description
|
|
$(call Package/wireguard/Default/description)
|
|
endef
|
|
|
|
define Package/wireguard-tools
|
|
$(call Package/wireguard/Default)
|
|
TITLE:=WireGuard userspace control program (wg)
|
|
DEPENDS:=+libmnl +ip
|
|
endef
|
|
|
|
define Package/wireguard-tools/description
|
|
$(call Package/wireguard/Default/description)
|
|
|
|
This package provides the userspace control program for WireGuard,
|
|
`wg(8)`, a netifd protocol helper, and a re-resolve watchdog script.
|
|
endef
|
|
|
|
define Package/wireguard-tools/install
|
|
$(INSTALL_DIR) $(1)/usr/bin/
|
|
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/
|
|
$(INSTALL_BIN) ./files/wireguard_watchdog $(1)/usr/bin/
|
|
$(INSTALL_DIR) $(1)/lib/netifd/proto/
|
|
$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
|
|
endef
|
|
|
|
define KernelPackage/wireguard
|
|
SECTION:=kernel
|
|
CATEGORY:=Kernel modules
|
|
SUBMENU:=Network Support
|
|
TITLE:=WireGuard kernel module
|
|
DEPENDS:=+IPV6:kmod-udptunnel6 +kmod-udptunnel4
|
|
FILES:= $(PKG_BUILD_DIR)/src/wireguard.$(LINUX_KMOD_SUFFIX)
|
|
AUTOLOAD:=$(call AutoProbe,wireguard)
|
|
endef
|
|
|
|
define KernelPackage/wireguard/description
|
|
$(call Package/wireguard/Default/description)
|
|
|
|
This package provides the kernel module for WireGuard.
|
|
endef
|
|
|
|
$(eval $(call BuildPackage,wireguard))
|
|
$(eval $(call BuildPackage,wireguard-tools))
|
|
$(eval $(call KernelPackage,wireguard))
|