openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-26 13:26:17 +04:00
Code Issues Packages Projects Releases Wiki Activity
Files
a9f39cff42f1cdcf010cc4157c74657c5e5ceecb
packages/net/wireguard/Makefile
danrl a9f39cff42 wireguard: version bump 
From upstreams changelog:
 This rather large snapshot touches quite a few sensitive areas, so I'm
  releasing it now rather than later to receive feedback on any possible issues.
  It also contains fixes, so everybody should upgrade.

  * man: fix psk mention in wg-quick man page
  * man: update wg-quick(8) to show Debian resolvconf braindamage

  Documentation cleanups.

  * wg-quick: use src routing for default routes in v6

  ip-rule(8) doesn't do the right thing with source addresses, unless we
  explicitly set it inside the route. This fixes wg-quick on IPv6 systems.

  * curve25519: actually, do some things on heap sometimes
  * curve25519: align the basepoint to 32 bytes
  * curve25519: add NEON versions for ARM
  * data: enable BH during parallel crypto on ARM/NEON
  * chacha20poly1305: move constants to rodata
  * chacha20poly1305: add NEON versions for ARM and ARM64

  We now have faster primitives on ARM and ARM64 processors, which should
  improve performance.

  * handshake: process in parallel

  Handshakes are now processed in parallel using all cores, which should improve
  throughput during a storm.

  * noise: no need to store ephemeral public key
  * noise: precompute static-static ECDH operation

  We can precompute the ECDH(s, s) calculation, which improves handshake
  initiation message performance by double.

  * style: spaces after for loops
  * peer: use iterator macro instead of callback

  The most unreadable C ever produced. It might be wise to find a sexier-looking
  alternative at some point.

  * compat: remove warning for < 4.1
  * compat: ship padata if kernel doesn't have it

  The usual array of annoying compat things.

  * rust test: convert screech test to snow
  * rust test: add icmp ping

  We now use Jake's snow library for Noise in the test, which we've expanded to
  complete a ping.

  * config: do not error out when getting if no peers
  * tools: allow creating device with no peers

  Fixing some small things in the tool/config interaction.

  * device: keep going when share_check fails
  * routingtable: remove unnecessary check in node_placement()
  * config: it's faster to memcpy than strncpy
  * timers: fix typo in comment

  Nits.

  * debug: print interface name in dmesg

  For those who compile with `make debug`, you'll be happy to see a bit better
  information in dmesg.

  * timers: rework handshake reply control flow
  * timers: the completion of a handshake also is on key confirmation
  * timers: reset retry-attempt counter when not retrying

  Tightening up our timer implementation, which is quite important.

Signed-off-by: Dan Luedtke <mail@danrl.com>
2017-06-01 10:54:25 +02:00

117 lines
3.3 KiB
Makefile
Raw Blame History

#
# Copyright (C) 2016-2017 Jason A. Donenfeld <Jason@zx2c4.com>
# Copyright (C) 2016 Baptiste Jonglez <openwrt@bitsofnetworks.org>
# Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com>
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=wireguard
PKG_VERSION:=0.0.20170531
PKG_RELEASE:=1
PKG_SOURCE:=WireGuard-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://git.zx2c4.com/WireGuard/snapshot/
PKG_HASH:=2eb7d9aaf11dcb35e5066837bb1c768398ad3655744fdeb656bd7e7c7ad7cacc
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_BUILD_DIR:=$(BUILD_DIR)/WireGuard-$(PKG_VERSION)
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
# Wireguard's makefile needs this to know where to build the kernel module
export KERNELDIR:=$(LINUX_DIR)
include $(INCLUDE_DIR)/package.mk
define Package/wireguard/Default
SECTION:=net
CATEGORY:=Network
SUBMENU:=VPN
URL:=https://www.wireguard.io
MAINTAINER:=Baptiste Jonglez <openwrt@bitsofnetworks.org>, \
Dan Luedtke <mail@danrl.com>, \
Jason A. Donenfeld <Jason@zx2c4.com>
endef
define Package/wireguard/Default/description
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN. WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.
endef
define Package/wireguard
$(call Package/wireguard/Default)
TITLE:=Wireguard meta-package
DEPENDS:=+wireguard-tools +kmod-wireguard
endef
include $(INCLUDE_DIR)/kernel-defaults.mk
include $(INCLUDE_DIR)/package-defaults.mk
# Used by Build/Compile/Default
MAKE_PATH:=src/tools
define Build/Compile
$(MAKE) $(KERNEL_MAKEOPTS) M="$(PKG_BUILD_DIR)/src" modules
$(call Build/Compile/Default)
endef
define Package/wireguard/install
true
endef
define Package/wireguard/description
$(call Package/wireguard/Default/description)
endef
define Package/wireguard-tools
$(call Package/wireguard/Default)
TITLE:=Wireguard userspace control program (wg)
DEPENDS:=+libmnl
endef
define Package/wireguard-tools/description
$(call Package/wireguard/Default/description)
This package provides the userspace control program for wireguard, `wg`,
and a netifd protocol helper.
endef
define Package/wireguard-tools/install
$(INSTALL_DIR) $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/tools/wg $(1)/usr/bin/
$(INSTALL_DIR) $(1)/lib/netifd/proto/
$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
endef
define KernelPackage/wireguard
SECTION:=kernel
CATEGORY:=Kernel modules
SUBMENU:=Network Support
TITLE:=Wireguard kernel module
DEPENDS:=+IPV6:kmod-udptunnel6 +kmod-udptunnel4 +kmod-ipt-hashlimit
FILES:= $(PKG_BUILD_DIR)/src/wireguard.$(LINUX_KMOD_SUFFIX)
AUTOLOAD:=$(call AutoProbe,wireguard)
endef
define KernelPackage/wireguard/description
$(call Package/wireguard/Default/description)
This package provides the kernel module for wireguard.
endef
$(eval $(call BuildPackage,wireguard))
$(eval $(call BuildPackage,wireguard-tools))
$(eval $(call KernelPackage,wireguard))
Reference in New Issue View Git Blame Copy Permalink