mirror of
https://github.com/openwrt/packages.git
synced 2025-12-26 11:16:31 +04:00
a9f39cff42
From upstreams changelog: This rather large snapshot touches quite a few sensitive areas, so I'm releasing it now rather than later to receive feedback on any possible issues. It also contains fixes, so everybody should upgrade. * man: fix psk mention in wg-quick man page * man: update wg-quick(8) to show Debian resolvconf braindamage Documentation cleanups. * wg-quick: use src routing for default routes in v6 ip-rule(8) doesn't do the right thing with source addresses, unless we explicitly set it inside the route. This fixes wg-quick on IPv6 systems. * curve25519: actually, do some things on heap sometimes * curve25519: align the basepoint to 32 bytes * curve25519: add NEON versions for ARM * data: enable BH during parallel crypto on ARM/NEON * chacha20poly1305: move constants to rodata * chacha20poly1305: add NEON versions for ARM and ARM64 We now have faster primitives on ARM and ARM64 processors, which should improve performance. * handshake: process in parallel Handshakes are now processed in parallel using all cores, which should improve throughput during a storm. * noise: no need to store ephemeral public key * noise: precompute static-static ECDH operation We can precompute the ECDH(s, s) calculation, which improves handshake initiation message performance by double. * style: spaces after for loops * peer: use iterator macro instead of callback The most unreadable C ever produced. It might be wise to find a sexier-looking alternative at some point. * compat: remove warning for < 4.1 * compat: ship padata if kernel doesn't have it The usual array of annoying compat things. * rust test: convert screech test to snow * rust test: add icmp ping We now use Jake's snow library for Noise in the test, which we've expanded to complete a ping. * config: do not error out when getting if no peers * tools: allow creating device with no peers Fixing some small things in the tool/config interaction. * device: keep going when share_check fails * routingtable: remove unnecessary check in node_placement() * config: it's faster to memcpy than strncpy * timers: fix typo in comment Nits. * debug: print interface name in dmesg For those who compile with `make debug`, you'll be happy to see a bit better information in dmesg. * timers: rework handshake reply control flow * timers: the completion of a handshake also is on key confirmation * timers: reset retry-attempt counter when not retrying Tightening up our timer implementation, which is quite important. Signed-off-by: Dan Luedtke <mail@danrl.com>