git: 637319fe2cc2 - 2021Q2 - net/wireguard-kmod: Update to 0.0.20210424

Bernhard Froehlich decke at FreeBSD.org
Sun Apr 25 17:30:17 UTC 2021


The branch 2021Q2 has been updated by decke:

URL: https://cgit.FreeBSD.org/ports/commit/?id=637319fe2cc230e50d50812e3ab738d7726d8325

commit 637319fe2cc230e50d50812e3ab738d7726d8325
Author:     Bernhard Froehlich <decke at FreeBSD.org>
AuthorDate: 2021-04-25 11:48:58 +0000
Commit:     Bernhard Froehlich <decke at FreeBSD.org>
CommitDate: 2021-04-25 17:28:57 +0000

    net/wireguard-kmod: Update to 0.0.20210424
    
    (cherry picked from commit 4933972df03262847a7609001138597495cd72d5)
---
 net/wireguard-kmod/Makefile                        |  2 +-
 net/wireguard-kmod/distinfo                        |  6 +-
 .../patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 | 99 ++++++++++++++++++++++
 3 files changed, 103 insertions(+), 4 deletions(-)

diff --git a/net/wireguard-kmod/Makefile b/net/wireguard-kmod/Makefile
index 48a3f97cdf83..938c094e8296 100644
--- a/net/wireguard-kmod/Makefile
+++ b/net/wireguard-kmod/Makefile
@@ -1,6 +1,6 @@
 
 PORTNAME=	wireguard-kmod
-PORTVERSION=	0.0.20210415
+PORTVERSION=	0.0.20210424
 CATEGORIES=	net net-vpn
 MASTER_SITES=	https://git.zx2c4.com/wireguard-freebsd/snapshot/
 DISTNAME=	wireguard-freebsd-${PORTVERSION}
diff --git a/net/wireguard-kmod/distinfo b/net/wireguard-kmod/distinfo
index 7bbd90f99f69..6d488ac7d47f 100644
--- a/net/wireguard-kmod/distinfo
+++ b/net/wireguard-kmod/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1618638847
-SHA256 (wireguard-freebsd-0.0.20210415.tar.xz) = 40dae82e27b37e236f761a2e84f892fe10ee183227287e7affdd5be571a1e612
-SIZE (wireguard-freebsd-0.0.20210415.tar.xz) = 46640
+TIMESTAMP = 1619285662
+SHA256 (wireguard-freebsd-0.0.20210424.tar.xz) = bfa8d3c4854f802567db51a89fdea32e7bf98a3d54a525359bdb240f2e864735
+SIZE (wireguard-freebsd-0.0.20210424.tar.xz) = 49948
diff --git a/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696 b/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696
new file mode 100644
index 000000000000..3aabba31d857
--- /dev/null
+++ b/net/wireguard-kmod/files/patch-dd04bc5aa4a3607fd2277a5d7953a2a20a411696
@@ -0,0 +1,99 @@
+From dd04bc5aa4a3607fd2277a5d7953a2a20a411696 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason at zx2c4.com>
+Date: Sat, 24 Apr 2021 16:12:23 -0400
+Subject: wg_noise: compile on 32-bit
+
+The lack of 64bit atomic helpers on 32bit is an annoyance.
+
+Signed-off-by: Jason A. Donenfeld <Jason at zx2c4.com>
+---
+ src/wg_noise.c | 44 +++++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 37 insertions(+), 7 deletions(-)
+
+diff --git a/src/wg_noise.c b/src/wg_noise.c
+index 5ef7a58c3146..7acf1b6ab7cb 100644
+--- wg_noise.c
++++ wg_noise.c
+@@ -780,11 +780,14 @@ noise_keypair_remote(struct noise_keypair *kp)
+ int
+ noise_keypair_nonce_next(struct noise_keypair *kp, uint64_t *send)
+ {
++	if (!ck_pr_load_bool(&kp->kp_can_send))
++		return (EINVAL);
++
+ #ifdef __LP64__
+-	*send = atomic_fetchadd_64(&kp->kp_nonce_send, 1);
++	*send = ck_pr_faa_64(&kp->kp_nonce_send, 1);
+ #else
+ 	rw_wlock(&kp->kp_nonce_lock);
+-	*send = ctr->c_send++;
++	*send = kp->kp_nonce_send++;
+ 	rw_wunlock(&kp->kp_nonce_lock);
+ #endif
+ 	if (*send < REJECT_AFTER_MESSAGES)
+@@ -821,7 +824,11 @@ noise_keypair_nonce_check(struct noise_keypair *kp, uint64_t recv)
+ 		for (i = 1; i <= top; i++)
+ 			kp->kp_backtrack[
+ 			    (i + index_ctr) & (COUNTER_NUM - 1)] = 0;
++#ifdef __LP64__
+ 		ck_pr_store_64(&kp->kp_nonce_recv, recv);
++#else
++		kp->kp_nonce_recv = recv;
++#endif
+ 	}
+ 
+ 	index_recv %= COUNTER_NUM;
+@@ -844,14 +851,27 @@ noise_keep_key_fresh_send(struct noise_remote *r)
+ 	struct epoch_tracker et;
+ 	struct noise_keypair *current;
+ 	int keep_key_fresh;
++	uint64_t nonce;
+ 
+ 	NET_EPOCH_ENTER(et);
+ 	current = ck_pr_load_ptr(&r->r_current);
+-	keep_key_fresh = current != NULL && ck_pr_load_bool(&current->kp_can_send) && (
+-	    ck_pr_load_64(&current->kp_nonce_send) > REKEY_AFTER_MESSAGES ||
+-	    (current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0)));
+-	NET_EPOCH_EXIT(et);
++	keep_key_fresh = current != NULL && ck_pr_load_bool(&current->kp_can_send);
++	if (!keep_key_fresh)
++		goto out;
++#ifdef __LP64__
++	nonce = ck_pr_load_64(&current->kp_nonce_send);
++#else
++	rw_rlock(&current->kp_nonce_lock);
++	nonce = current->kp_nonce_send;
++	rw_runlock(&current->kp_nonce_lock);
++#endif
++	keep_key_fresh = nonce > REKEY_AFTER_MESSAGES;
++	if (keep_key_fresh)
++		goto out;
++	keep_key_fresh = current->kp_is_initiator && noise_timer_expired(current->kp_birthdate, REKEY_AFTER_TIME, 0);
+ 
++out:
++	NET_EPOCH_EXIT(et);
+ 	return (keep_key_fresh ? ESTALE : 0);
+ }
+ 
+@@ -885,7 +905,17 @@ noise_keypair_encrypt(struct noise_keypair *kp, uint32_t *r_idx, uint64_t nonce,
+ int
+ noise_keypair_decrypt(struct noise_keypair *kp, uint64_t nonce, struct mbuf *m)
+ {
+-	if (ck_pr_load_64(&kp->kp_nonce_recv) >= REJECT_AFTER_MESSAGES ||
++	uint64_t cur_nonce;
++
++#ifdef __LP64__
++	cur_nonce = ck_pr_load_64(&kp->kp_nonce_recv);
++#else
++	rw_rlock(&kp->kp_nonce_lock);
++	cur_nonce = kp->kp_nonce_recv;
++	rw_runlock(&kp->kp_nonce_lock);
++#endif
++
++	if (cur_nonce >= REJECT_AFTER_MESSAGES ||
+ 	    noise_timer_expired(kp->kp_birthdate, REJECT_AFTER_TIME, 0))
+ 		return (EINVAL);
+ 
+-- 
+cgit v1.2.3-11-g984f
+


More information about the dev-commits-ports-all mailing list