Skip to content

wireguard: update to 0.0.20180118 #2874

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 19, 2018
Merged

wireguard: update to 0.0.20180118 #2874

merged 1 commit into from
Jan 19, 2018

Conversation

zx2c4
Copy link
Contributor

@zx2c4 zx2c4 commented Jan 19, 2018

  • receive: treat packet checking as irrelevant for timers

Small simplification to the state machine, as discussed with Mathias
Hall-Andersen.

  • socket: check for null socket before fishing out sport
  • wg-quick: ifnames have max len of 15
  • tools: plug memleak in config error path

Important bug fixes.

  • external-tests: add python implementation

Piotr Lizonczyk has contributed a test vector written in Python.

  • poly1305: remove indirect calls

From Samuel Neves, we now are in a better position to mitigate speculative
execution attacks.

  • curve25519: modularize implementation
  • curve25519: import 32-bit fiat-crypto implementation
  • curve25519: import 64-bit hacl-star implementation
  • curve25519: resolve symbol clash between fe types
  • curve25519: wire up new impls and remove donna
  • tools: import new curve25519 implementations
  • contrib: keygen-html: update curve25519 implementation

Two of our Curve25519 implementations now use formally verified C. Read this
mailing list post for more information:
https://lists.zx2c4.com/pipermail/wireguard/2018-January/002304.html

image

@zx2c4
wireguard: update to 0.0.20180118
290d014 
* receive: treat packet checking as irrelevant for timers

Small simplification to the state machine, as discussed with Mathias
Hall-Andersen.

* socket: check for null socket before fishing out sport
* wg-quick: ifnames have max len of 15
* tools: plug memleak in config error path

Important bug fixes.

* external-tests: add python implementation

Piotr Lizonczyk has contributed a test vector written in Python.

* poly1305: remove indirect calls

From Samuel Neves, we now are in a better position to mitigate speculative
execution attacks.

* curve25519: modularize implementation
* curve25519: import 32-bit fiat-crypto implementation
* curve25519: import 64-bit hacl-star implementation
* curve25519: resolve symbol clash between fe types
* curve25519: wire up new impls and remove donna
* tools: import new curve25519 implementations
* contrib: keygen-html: update curve25519 implementation

Two of our Curve25519 implementations now use formally verified C. Read this
mailing list post for more information:
https://lists.zx2c4.com/pipermail/wireguard/2018-January/002304.html

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
rn
rn approved these changes Jan 19, 2018
View reviewed changes
Copy link
Member

@rn rn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I'll pick it up with the next round of kernel updates.

@rn rn merged commit 5aabb31 into linuxkit:master Jan 19, 2018
@zx2c4 zx2c4 deleted the wireguard-bump branch January 19, 2018 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rn rn rn approved these changes

Assignees
No one assigned
Labels
status/0-triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zx2c4 @rn @GordonTheTurtle