Go to file

Matt Dunwoodie fbf76929c0 wg_noise: ensure non-zero'd handshakes have a valid local index As reported by: https://marc.info/?l=openbsd-bugs&m=161618496905444&w=2 In particular, when consuming an initiation, we don't generate the index until creating the response (which is incorrect). If we attempt to create an initiation between these processes, we drop any outstanding handshake which in this case has index 0 as set when consuming the initiation. The fix attached is to generate the index when consuming the initiation so that any spurious initiation creation can drop a valid index. The patch also consolidates setting fields on the handshake. Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>		2021-03-22 11:46:02 -06:00
src	wg_noise: ensure non-zero'd handshakes have a valid local index	2021-03-22 11:46:02 -06:00
tests	Initial import	2021-03-17 09:35:54 -06:00
COPYING	Initial import	2021-03-17 09:35:54 -06:00
MISSING.md	compat: backport to FreeBSD 12.2	2021-03-18 09:00:52 -06:00
README.md	compat: backport to FreeBSD 12.2	2021-03-18 09:00:52 -06:00

WireGuard for FreeBSD

This is a kernel module for FreeBSD to support WireGuard. It is being developed here before its eventual submission to FreeBSD 13.1 or 14.

First make sure you have the latest net/wireguard package installed, version ≥1.0.20210315.

Then, on FreeBSD 12 & 13:

# git clone https://git.zx2c4.com/wireguard-freebsd
# make -C wireguard-freebsd/src load install

After that, it should be possible to use wg(8) and wg-quick(8) like usual, but with the faster kernel implementation.