[ANNOUNCE] WireGuard Snapshot `0.0.20190702` Available

Jason A. Donenfeld Jason at zx2c4.com
Tue Jul 2 14:38:57 CEST 2019


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

A new snapshot, `0.0.20190702`, has been tagged in the git repository.

Please note that this snapshot is, like the rest of the project at this point
in time, experimental, and does not constitute a real release that would be
considered secure and bug-free. WireGuard is generally thought to be fairly
stable, and most likely will not crash your computer (though it may).
However, as this is a pre-release snapshot, it comes with no guarantees, and
its security is not yet to be depended on; it is not applicable for CVEs.

With all that said, if you'd like to test this snapshot out, there are a
few relevant changes.

== Changes ==

  * curve25519: not all linkers support bmi2 and adx
  
  This should allow WireGuard to build on older toolchains.
  
  * qemu: show signal when failing
  
  This was useful in tracking down upstream armeb bugs such as:
  http://lists.infradead.org/pipermail/linux-arm-kernel/2019-May/655926.html
  
  * wg-quick: darwin: support being called from launchd
  
  We now ship a sample launchd file, for folks who would like to run WireGuard
  on macOS servers with some form of automation. Most users are still advised to
  use the GUI app from the App Store.
  
  * compat: some kernels weirdly backport prandom_u32_max
  * compat: unify custom function prefix/suffix
  * compat: rhel backported list modifications
  
  Usual maintance of our compat layer for existing platforms and kernels.
  
  * compat: support RHEL8's skb_mark_not_on_list backport
  
  We now support RHEL8/CentOS8's kernel.
  
  * global: switch to coarse ktime
  
  Our prior use of fast ktime before meant that sometimes, depending on how
  broken the motherboard was, we'd wind up calling into the HPET slow path. Here
  we move to coarse ktime which is always super speedy. In the process we had to
  fix the resolution of the clock, as well as introduce a new interface for it,
  landing in 5.3. Older kernels fall back to a fast-enough mechanism based on
  jiffies.
  
  https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/
  https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/
  
  * netlink: cast struct over cb->args for type safety
  
  This follow recent upstream changes such as:
  
  https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/
  
  * peer: use LIST_HEAD macro
  
  Style nit.
  
  * receive: queue dead packets to napi queue instead of empty rx_queue
  
  This mitigates a WARN_ON being triggered by the workqueue code. It was quite
  hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an
  extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind
  enough to mail me.

This snapshot contains commits from: Jason A. Donenfeld.

As always, the source is available at https://git.zx2c4.com/WireGuard/ and
information about the project is available at https://www.wireguard.com/ .

This snapshot is available in compressed tarball form here:
  https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.xz
  SHA2-256: 1a1311bc71abd47a72c47d918be3bacc486b3de90734661858af75cc990dbaac
  BLAKE2b-256: 3b8668eed4c11c3d5995f23152c645ee40017ab84c8b15ce5f84015730290c9f

A PGP signature of that file decompressed is available here:
  https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190702.tar.asc
  Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE

If you're a snapshot package maintainer, please bump your package version. If
you're a user, the WireGuard team welcomes any and all feedback on this latest
snapshot.

Finally, WireGuard development thrives on donations. By popular demand, we
have a webpage for this: https://www.wireguard.com/donations/

Thank you,
Jason Donenfeld


-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAl0bUEMQHGphc29uQHp4
MmM0LmNvbQAKCRBJ/HASpd4DrgJjD/kBcJ9f/bemJpiUSJ0a/HIIWMjOPfA4bcDE
r4tRn+Oz+5MEBpDhm4cy3hjzRLbMQn5/c/i2EfByko8m1t3AE+qYaFr81mC4hYsY
OqE/30VHY2lJSnyeAuJTo6rZr/LByTTtXstm9AEjOFuGlV4FdjFvDhFbvPdYVPVv
Tl//w8Eo7ZZ9A39pRTpd4InF6iMSvbF8dG1VXuE8OZnfOkV/u/06KO+AILUXGa0Q
CTlKK/y7LMob1xeO4r0+Cy0qM8Cx9iIPYIu5DMW9QSWU3jpc09rR7uYEcQ4uuQp9
5zmFEYqJLJwbxuK1T5CtKPEUVuF0a/iY1stbw/B2pt8UfweGpMnxNJe1znzBfDLa
J94F5f7PtCMmug8lks1qyozi2S6/uTDAcLxE2mhJWQ/Esrv6Rc/8TyY7O/IWM5Di
xFaLbLdI+VAvkBFLJdA9htQKa3Q1QmdEx2oh0uLkjIS3LRfmiL1f/EdSLKVzn/7t
Q5iCjtmaIDN968tREzZfGAB+yt/QlyeYoE7YxerS9IR0Y2PfkqMYNbKnSTvjF7wY
8bAKq/9D9v4WjRm2b+r1LAQXh/CWDJjy3jfQROHEkhERfKbAAhiivjRNN7SX+TCl
/zOPgBe1dOzXDsDYukS3Afrn270UILQPvQAEuMJoA6fzc37CM2i8Mf+j61Kvjh34
kShuZHlL7g==
=LMh+
-----END PGP SIGNATURE-----


More information about the WireGuard mailing list