* Watson Ladd <watsonbladd@gmail.com> for suggestion of Elligator (http://elligator.cr.yp.to/) encoding.
* Password Hashing Competition for Argon2 (https://password-hashing.net/#argon2).
* Chaffing and Winnowing: Confidentiality without Encryption (http://people.csail.mit.edu/rivest/chaffing-980701.txt) (C) Ronald L. Rivest
+* Zhuoyun Wei <wzyboy@wzyboy.org> for AUR port maintaining and his documentation related fixes.
@multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
@headitem Version @tab Size @tab Tarball @tab SHA256 checksum
+@item @ref{Release 5.4, 5.4} @tab 310 KiB
+@tab @url{download/govpn-5.4.tar.xz, link} @url{download/govpn-5.4.tar.xz.sig, sign}
+@tab @code{a1a001d9ef899ff6b61872eb7d2425a09eb0161574f50c8da6e4b14beb9b0ff6}
+
@item @ref{Release 5.3, 5.3} @tab 301 KiB
@tab @url{download/govpn-5.3.tar.xz, link} @url{download/govpn-5.3.tar.xz.sig, sign}
@tab @code{50955d0a2ea41236682cb5ac245210691fb6ecbe88d138c5873e2362e547da48}
@verbatim
server% ip addr add 192.168.0.1/24 dev wlan0
-server% tunctl -t tap10
+server% ip tuntap add dev tap10 mode tap
server% ip addr add 172.16.0.1/24 dev tap10
server% ip link set up dev tap10
@end verbatim
@verbatim
client% ip addr add 192.168.0.2/24 dev wlan0
-client% tunctl -t tap10
+client% ip tuntap add dev tap10 mode tap
client% ip addr add 172.16.0.2/24 dev tap10
client% ip link set up dev tap10
client% ip route add default via 172.16.0.1
Timesync option forces adding timestamps to each handshake packet
allowing only specified time window of packet validness. If you have got
more or less synchronized clocks between your clients and server, then
-you can use always use this option.
+you can always use this option.
@node Can I DoS daemon
@section Can I DoS (denial of service) the daemon?
\input texinfo
-@setfilename govpn.info
@documentencoding UTF-8
@settitle GoVPN
1.4 is the minimal sufficient): @code{lang/go} port in FreeBSD and
@code{golang} package in most GNU/Linux distributions. @emph{Make} (BSD
and GNU ones are fine) is recommended for convenient building.
-@url{https://www.gnu.org/software/texinfo/, Texinfo} is used for
-building documentation. Possibly you also need to install TUN/TAP
-interface utilities (depending on your operating system):
-@code{uml-utilities} package in most GNU/Linux distributions.
+@url{https://www.gnu.org/software/texinfo/, Texinfo} (6.1+ version is
+recommended) is used for building documentation. Possibly you also need
+to install TUN/TAP interface utilities (depending on your operating
+system): @code{uml-utilities} package in most GNU/Linux distributions.
Included required libraries:
@node Новости
@section Новости
-@menu
-* Релиз 5.4::
-* Релиз 5.3::
-* Релиз 5.2::
-* Релиз 5.1::
-* Релиз 5.0::
-* Релиз 4.2::
-* Релиз 4.1::
-* Релиз 4.0::
-* Релиз 3.5::
-* Релиз 3.4::
-* Релиз 3.3::
-* Релиз 3.2::
-* Релиз 3.1::
-* Релиз 3.0::
-* Релиз 2.4::
-* Релиз 2.3::
-* Релиз 2.2::
-* Релиз 2.1::
-* Релиз 2.0::
-* Релиз 1.5::
-* Релиз 1.4::
-* Релиз 1.3::
-* Релиз 1.1::
-* Релиз 1.0::
-@end menu
+@node Релиз 5.5
+@subsection Релиз 5.5
+@itemize
+@item Возможность работы на 32-х битных платформах. @emph{sync/atomic}
+библиотека имеет особенности из-за которых предыдущие версии паниковали.
+@end itemize
@node Релиз 5.4
@subsection Релиз 5.4
See also this page @ref{Новости, on russian}.
-@menu
-* Release 5.4::
-* Release 5.3::
-* Release 5.2::
-* Release 5.1::
-* Release 5.0::
-* Release 4.2::
-* Release 4.1::
-* Release 4.0::
-* Release 3.5::
-* Release 3.4::
-* Release 3.3::
-* Release 3.2::
-* Release 3.1::
-* Release 3.0::
-* Release 2.4::
-* Release 2.3::
-* Release 2.2::
-* Release 2.1::
-* Release 2.0::
-* Release 1.5::
-* Release 1.4::
-* Release 1.3::
-* Release 1.1::
-* Release 1.0::
-@end menu
+@node Release 5.5
+@section Release 5.5
+@itemize
+@item Ability to work on 32-bit platforms. @emph{sync/atomic} library
+has some specific issues that caused panics on previous versions.
+@end itemize
@node Release 5.4
@section Release 5.4
@item @email{watsonbladd@@gmail.com, Watson Ladd} for suggestion of @url{http://elligator.cr.yp.to/, Elligator} encoding.
@item @url{https://password-hashing.net/#argon2, Password Hashing Competition for Argon2}.
@item @url{http://people.csail.mit.edu/rivest/chaffing-980701.txt, Chaffing and Winnowing: Confidentiality without Encryption} @copyright{} Ronald L. Rivest
+@item @email{wzyboy@@wzyboy.org, Zhuoyun Wei} for @url{https://aur.archlinux.org/packages/govpn/, AUR} port maintaining and his documentation related fixes.
@end itemize
timeouted <- struct{}{}
break TransportCycle
}
- if atomic.LoadInt64(&peer.BytesIn)+atomic.LoadInt64(&peer.BytesOut) > govpn.MaxBytesPerKey {
+ if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey {
log.Println("Need rehandshake")
rehandshaking <- struct{}{}
break TransportCycle
log.Println("Unauthenticated packet")
timeouts++
}
- if atomic.LoadInt64(&peer.BytesIn)+atomic.LoadInt64(&peer.BytesOut) > govpn.MaxBytesPerKey {
+ if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey {
log.Println("Need rehandshake")
rehandshaking <- struct{}{}
break MainCycle
// S20BS is Salsa20's internal blocksize in bytes
S20BS = 64
// Maximal amount of bytes transfered with single key (4 GiB)
- MaxBytesPerKey int64 = 1 << 32
+ MaxBytesPerKey uint64 = 1 << 32
// Heartbeat rate, relative to Timeout
TimeoutHeartbeat = 4
// Minimal valid packet length
}
type Peer struct {
+ // Statistics (they are at the beginning for correct int64 alignment)
+ BytesIn uint64
+ BytesOut uint64
+ BytesPayloadIn uint64
+ BytesPayloadOut uint64
+ FramesIn uint64
+ FramesOut uint64
+ FramesUnauth uint64
+ FramesDup uint64
+ HeartbeatRecv uint64
+ HeartbeatSent uint64
+
+ // Basic
Addr string
Id *PeerId
Conn io.Writer
LastSent time.Time
willSentCycle time.Time
- // Statistics
- BytesIn int64
- BytesOut int64
- BytesPayloadIn int64
- BytesPayloadOut int64
- FramesIn int
- FramesOut int
- FramesUnauth int
- FramesDup int
- HeartbeatRecv int
- HeartbeatSent int
-
// Receiver
BusyR sync.Mutex `json:"-"`
bufR []byte
// accept the next one
copy(p.bufT[S20BS:], data)
p.bufT[S20BS+len(data)] = PadByte
- p.BytesPayloadOut += int64(len(data))
+ p.BytesPayloadOut += uint64(len(data))
}
if p.NoiseEnable && !p.Encless {
)
copy(p.keyAuthT[:], p.bufT[:SSize])
poly1305.Sum(p.tagT, p.frameT, p.keyAuthT)
- atomic.AddInt64(&p.BytesOut, int64(len(p.frameT)+TagSize))
+ atomic.AddUint64(&p.BytesOut, uint64(len(p.frameT)+TagSize))
out = append(p.tagT[:], p.frameT...)
}
p.FramesOut++
}
p.FramesIn++
- atomic.AddInt64(&p.BytesIn, int64(len(data)))
+ atomic.AddUint64(&p.BytesIn, uint64(len(data)))
p.LastPing = time.Now()
p.pktSizeR = bytes.LastIndexByte(out, PadByte)
if p.pktSizeR == -1 {
p.BusyR.Unlock()
return true
}
- p.BytesPayloadIn += int64(p.pktSizeR)
+ p.BytesPayloadIn += uint64(p.pktSizeR)
tap.Write(out[:p.pktSizeR])
p.BusyR.Unlock()
return true
hash=$($SHA256 $tarball | sed 's/^.*\([0-9a-f]\{64\}\).*$/\1/')
cat <<EOF
An entry for documentation:
-@item @ref{Release_$release, $release} @tab $size KiB
+@item @ref{Release $release, $release} @tab $size KiB
@tab @url{download/govpn-${release}.tar.xz, link} @url{download/govpn-${release}.tar.xz.sig, sign}
@tab @code{$hash}
EOF