diff options
author | Jason A. Donenfeld <zx2c4@gentoo.org> | 2017-06-12 17:38:35 +0200 |
---|---|---|
committer | Jason A. Donenfeld <zx2c4@gentoo.org> | 2017-06-12 17:38:43 +0200 |
commit | 6f57db1dafdf1b7e27c90c34e99ecce17bf09739 (patch) | |
tree | 913d11e8fa80001ab80f4490c7433d62aaa71097 /net-vpn/wireguard | |
parent | sys-kernel/git-sources: Version bump (diff) | |
download | gentoo-6f57db1dafdf1b7e27c90c34e99ecce17bf09739.tar.gz gentoo-6f57db1dafdf1b7e27c90c34e99ecce17bf09739.tar.bz2 gentoo-6f57db1dafdf1b7e27c90c34e99ecce17bf09739.zip |
net-vpn/wireguard: more archs, and backport fix
Package-Manager: Portage-2.3.6, Repoman-2.3.2
Diffstat (limited to 'net-vpn/wireguard')
-rw-r--r-- | net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch | 94 | ||||
-rw-r--r-- | net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild (renamed from net-vpn/wireguard/wireguard-0.0.20170612.ebuild) | 4 |
2 files changed, 97 insertions, 1 deletions
diff --git a/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch b/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch new file mode 100644 index 000000000000..0b5803c839d6 --- /dev/null +++ b/net-vpn/wireguard/files/wireguard-0.0.20170612-wait-for-rng.patch @@ -0,0 +1,94 @@ +From 401294f7526de40a15c06997fceae58278807d22 Mon Sep 17 00:00:00 2001 +From: "Jason A. Donenfeld" <Jason@zx2c4.com> +Date: Mon, 12 Jun 2017 16:32:59 +0200 +Subject: [PATCH] random: wait for random bytes when generating nonces and + ephemerals + +We can let userspace configure wireguard interfaces before the RNG is +fully initialized, since what we mostly care about is having good +randomness for ephemerals and xchacha nonces. By deferring the wait to +actually asking for the randomness, we give a lot more opportunity for +gathering entropy. This won't cover entropy for hash table secrets or +cookie secrets (which rotate anyway), but those have far less +catastrophic failure modes, so ensuring good randomness for elliptic +curve points and nonces should be sufficient. +--- + src/compat/compat.h | 10 ++++++++++ + src/config.c | 5 ----- + src/cookie.c | 2 +- + src/crypto/curve25519.c | 2 +- + 4 files changed, 12 insertions(+), 7 deletions(-) + +diff --git a/src/compat/compat.h b/src/compat/compat.h +index 68d62b9..6c1bfa3 100644 +--- a/src/compat/compat.h ++++ b/src/compat/compat.h +@@ -265,6 +265,16 @@ static inline int wait_for_random_bytes(void) + return 0; + } + #endif ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 13, 0) ++static inline int get_random_bytes_wait(void *buf, int nbytes) ++{ ++ int ret = wait_for_random_bytes(); ++ if (unlikely(ret)) ++ return ret; ++ get_random_bytes(buf, nbytes); ++ return 0; ++} ++#endif + + /* https://lkml.org/lkml/2015/6/12/415 */ + #include <linux/netdevice.h> +diff --git a/src/config.c b/src/config.c +index 286c874..d3b6611 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -8,7 +8,6 @@ + #include "hashtables.h" + #include "peer.h" + #include "uapi.h" +-#include <linux/random.h> + + static int set_device_port(struct wireguard_device *wg, u16 port) + { +@@ -135,10 +134,6 @@ int config_set_device(struct wireguard_device *wg, void __user *user_device) + void __user *user_peer; + bool modified_static_identity = false; + +- /* It's important that the Linux RNG is fully seeded before we let the user +- * actually configure the device, so that we're assured to have good ephemerals. */ +- wait_for_random_bytes(); +- + BUILD_BUG_ON(WG_KEY_LEN != NOISE_PUBLIC_KEY_LEN); + BUILD_BUG_ON(WG_KEY_LEN != NOISE_SYMMETRIC_KEY_LEN); + +diff --git a/src/cookie.c b/src/cookie.c +index 21b7c7b..ce22b53 100644 +--- a/src/cookie.c ++++ b/src/cookie.c +@@ -161,7 +161,7 @@ void cookie_message_create(struct message_handshake_cookie *dst, struct sk_buff + + dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_COOKIE); + dst->receiver_index = index; +- get_random_bytes(dst->nonce, COOKIE_NONCE_LEN); ++ get_random_bytes_wait(dst->nonce, COOKIE_NONCE_LEN); + + make_cookie(cookie, skb, checker); + xchacha20poly1305_encrypt(dst->encrypted_cookie, cookie, COOKIE_LEN, macs->mac1, COOKIE_LEN, dst->nonce, checker->cookie_encryption_key); +diff --git a/src/crypto/curve25519.c b/src/crypto/curve25519.c +index f0e045e..119d41a 100644 +--- a/src/crypto/curve25519.c ++++ b/src/crypto/curve25519.c +@@ -1545,7 +1545,7 @@ bool curve25519_generate_public(u8 pub[CURVE25519_POINT_SIZE], const u8 secret[C + + void curve25519_generate_secret(u8 secret[CURVE25519_POINT_SIZE]) + { +- get_random_bytes(secret, CURVE25519_POINT_SIZE); ++ get_random_bytes_wait(secret, CURVE25519_POINT_SIZE); + normalize_secret(secret); + } + +-- +2.13.1 + diff --git a/net-vpn/wireguard/wireguard-0.0.20170612.ebuild b/net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild index 1406c6d3ade9..c4df19fc775d 100644 --- a/net-vpn/wireguard/wireguard-0.0.20170612.ebuild +++ b/net-vpn/wireguard/wireguard-0.0.20170612-r1.ebuild @@ -15,7 +15,7 @@ if [[ ${PV} == 9999 ]]; then else SRC_URI="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${PV}.tar.xz" S="${WORKDIR}/WireGuard-${PV}" - KEYWORDS="~amd64 ~x86 ~mips ~arm ~arm64" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" fi LICENSE="GPL-2" @@ -32,6 +32,8 @@ CONFIG_CHECK="NET INET NET_UDP_TUNNEL NF_CONNTRACK NETFILTER_XT_MATCH_HASHLIMIT WARNING_PADATA="If you're running a multicore system you likely should enable CONFIG_PADATA for improved performance and parallel crypto." WARNING_IP6_NF_IPTABLES="If your kernel has CONFIG_IPV6, you need CONFIG_IP6_NF_IPTABLES; otherwise WireGuard will not insert." +PATCHES=( "${FILESDIR}/${P}-wait-for-rng.patch" ) + pkg_setup() { if use module; then linux-mod_pkg_setup |