From: Sergey Matveev Date: Sat, 6 Feb 2016 14:53:08 +0000 (+0300) Subject: Merge branch 'develop' X-Git-Tag: 5.5^0 X-Git-Url: http://www.git.cypherpunks.ru/?p=govpn.git;a=commitdiff_plain;h=5418a3da373c4e87b34babba6cc754b7bd57ed1b;hp=96b730405d6c9468e156a5386ca6b25a3bcdd3ec Merge branch 'develop' Signed-off-by: Sergey Matveev --- diff --git a/THANKS b/THANKS index 740d6b3..38cc203 100644 --- a/THANKS +++ b/THANKS @@ -4,3 +4,4 @@ * Watson Ladd for suggestion of Elligator (http://elligator.cr.yp.to/) encoding. * Password Hashing Competition for Argon2 (https://password-hashing.net/#argon2). * Chaffing and Winnowing: Confidentiality without Encryption (http://people.csail.mit.edu/rivest/chaffing-980701.txt) (C) Ronald L. Rivest +* Zhuoyun Wei for AUR port maintaining and his documentation related fixes. diff --git a/VERSION b/VERSION index 37c2d99..9ad974f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -5.4 +5.5 diff --git a/doc/download.texi b/doc/download.texi index 8547bfa..a8710f0 100644 --- a/doc/download.texi +++ b/doc/download.texi @@ -6,6 +6,10 @@ You can obtain releases source code prepared tarballs from the links below: @multitable {XXXXX} {XXXX KiB} {link sign} {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx} @headitem Version @tab Size @tab Tarball @tab SHA256 checksum +@item @ref{Release 5.4, 5.4} @tab 310 KiB +@tab @url{download/govpn-5.4.tar.xz, link} @url{download/govpn-5.4.tar.xz.sig, sign} +@tab @code{a1a001d9ef899ff6b61872eb7d2425a09eb0161574f50c8da6e4b14beb9b0ff6} + @item @ref{Release 5.3, 5.3} @tab 301 KiB @tab @url{download/govpn-5.3.tar.xz, link} @url{download/govpn-5.3.tar.xz.sig, sign} @tab @code{50955d0a2ea41236682cb5ac245210691fb6ecbe88d138c5873e2362e547da48} diff --git a/doc/example.texi b/doc/example.texi index 1271a02..619e9c6 100644 --- a/doc/example.texi +++ b/doc/example.texi @@ -46,7 +46,7 @@ Alice: @verbatim server% ip addr add 192.168.0.1/24 dev wlan0 -server% tunctl -t tap10 +server% ip tuntap add dev tap10 mode tap server% ip addr add 172.16.0.1/24 dev tap10 server% ip link set up dev tap10 @end verbatim @@ -61,7 +61,7 @@ server% govpn-server -bind 192.168.0.1:1194 @verbatim client% ip addr add 192.168.0.2/24 dev wlan0 -client% tunctl -t tap10 +client% ip tuntap add dev tap10 mode tap client% ip addr add 172.16.0.2/24 dev tap10 client% ip link set up dev tap10 client% ip route add default via 172.16.0.1 diff --git a/doc/faq.texi b/doc/faq.texi index 3574f45..4ecc222 100644 --- a/doc/faq.texi +++ b/doc/faq.texi @@ -140,7 +140,7 @@ identity is known to server and that it is exactly GoVPN server. Timesync option forces adding timestamps to each handshake packet allowing only specified time window of packet validness. If you have got more or less synchronized clocks between your clients and server, then -you can use always use this option. +you can always use this option. @node Can I DoS daemon @section Can I DoS (denial of service) the daemon? diff --git a/doc/index.texi b/doc/index.texi index a2aa99e..e8b91e8 100644 --- a/doc/index.texi +++ b/doc/index.texi @@ -1,5 +1,4 @@ \input texinfo -@setfilename govpn.info @documentencoding UTF-8 @settitle GoVPN diff --git a/doc/installation.texi b/doc/installation.texi index b6cb7d8..dd121db 100644 --- a/doc/installation.texi +++ b/doc/installation.texi @@ -13,10 +13,10 @@ and you have to install Go compiler (1.5+ version is highly recommended, 1.4 is the minimal sufficient): @code{lang/go} port in FreeBSD and @code{golang} package in most GNU/Linux distributions. @emph{Make} (BSD and GNU ones are fine) is recommended for convenient building. -@url{https://www.gnu.org/software/texinfo/, Texinfo} is used for -building documentation. Possibly you also need to install TUN/TAP -interface utilities (depending on your operating system): -@code{uml-utilities} package in most GNU/Linux distributions. +@url{https://www.gnu.org/software/texinfo/, Texinfo} (6.1+ version is +recommended) is used for building documentation. Possibly you also need +to install TUN/TAP interface utilities (depending on your operating +system): @code{uml-utilities} package in most GNU/Linux distributions. Included required libraries: diff --git a/doc/news.ru.texi b/doc/news.ru.texi index 980cace..5e8efbe 100644 --- a/doc/news.ru.texi +++ b/doc/news.ru.texi @@ -1,32 +1,12 @@ @node Новости @section Новости -@menu -* Релиз 5.4:: -* Релиз 5.3:: -* Релиз 5.2:: -* Релиз 5.1:: -* Релиз 5.0:: -* Релиз 4.2:: -* Релиз 4.1:: -* Релиз 4.0:: -* Релиз 3.5:: -* Релиз 3.4:: -* Релиз 3.3:: -* Релиз 3.2:: -* Релиз 3.1:: -* Релиз 3.0:: -* Релиз 2.4:: -* Релиз 2.3:: -* Релиз 2.2:: -* Релиз 2.1:: -* Релиз 2.0:: -* Релиз 1.5:: -* Релиз 1.4:: -* Релиз 1.3:: -* Релиз 1.1:: -* Релиз 1.0:: -@end menu +@node Релиз 5.5 +@subsection Релиз 5.5 +@itemize +@item Возможность работы на 32-х битных платформах. @emph{sync/atomic} +библиотека имеет особенности из-за которых предыдущие версии паниковали. +@end itemize @node Релиз 5.4 @subsection Релиз 5.4 diff --git a/doc/news.texi b/doc/news.texi index c96fdb9..a33f415 100644 --- a/doc/news.texi +++ b/doc/news.texi @@ -3,32 +3,12 @@ See also this page @ref{Новости, on russian}. -@menu -* Release 5.4:: -* Release 5.3:: -* Release 5.2:: -* Release 5.1:: -* Release 5.0:: -* Release 4.2:: -* Release 4.1:: -* Release 4.0:: -* Release 3.5:: -* Release 3.4:: -* Release 3.3:: -* Release 3.2:: -* Release 3.1:: -* Release 3.0:: -* Release 2.4:: -* Release 2.3:: -* Release 2.2:: -* Release 2.1:: -* Release 2.0:: -* Release 1.5:: -* Release 1.4:: -* Release 1.3:: -* Release 1.1:: -* Release 1.0:: -@end menu +@node Release 5.5 +@section Release 5.5 +@itemize +@item Ability to work on 32-bit platforms. @emph{sync/atomic} library +has some specific issues that caused panics on previous versions. +@end itemize @node Release 5.4 @section Release 5.4 diff --git a/doc/thanks.texi b/doc/thanks.texi index 238d2fb..eebdedd 100644 --- a/doc/thanks.texi +++ b/doc/thanks.texi @@ -10,4 +10,5 @@ Thanks for contributions and suggestions to: @item @email{watsonbladd@@gmail.com, Watson Ladd} for suggestion of @url{http://elligator.cr.yp.to/, Elligator} encoding. @item @url{https://password-hashing.net/#argon2, Password Hashing Competition for Argon2}. @item @url{http://people.csail.mit.edu/rivest/chaffing-980701.txt, Chaffing and Winnowing: Confidentiality without Encryption} @copyright{} Ronald L. Rivest +@item @email{wzyboy@@wzyboy.org, Zhuoyun Wei} for @url{https://aur.archlinux.org/packages/govpn/, AUR} port maintaining and his documentation related fixes. @end itemize diff --git a/src/cypherpunks.ru/govpn/cmd/govpn-client/tcp.go b/src/cypherpunks.ru/govpn/cmd/govpn-client/tcp.go index 7e2b1a3..dd35364 100644 --- a/src/cypherpunks.ru/govpn/cmd/govpn-client/tcp.go +++ b/src/cypherpunks.ru/govpn/cmd/govpn-client/tcp.go @@ -151,7 +151,7 @@ TransportCycle: timeouted <- struct{}{} break TransportCycle } - if atomic.LoadInt64(&peer.BytesIn)+atomic.LoadInt64(&peer.BytesOut) > govpn.MaxBytesPerKey { + if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey { log.Println("Need rehandshake") rehandshaking <- struct{}{} break TransportCycle diff --git a/src/cypherpunks.ru/govpn/cmd/govpn-client/udp.go b/src/cypherpunks.ru/govpn/cmd/govpn-client/udp.go index 3d0c421..c70cf46 100644 --- a/src/cypherpunks.ru/govpn/cmd/govpn-client/udp.go +++ b/src/cypherpunks.ru/govpn/cmd/govpn-client/udp.go @@ -70,7 +70,7 @@ MainCycle: log.Println("Unauthenticated packet") timeouts++ } - if atomic.LoadInt64(&peer.BytesIn)+atomic.LoadInt64(&peer.BytesOut) > govpn.MaxBytesPerKey { + if atomic.LoadUint64(&peer.BytesIn)+atomic.LoadUint64(&peer.BytesOut) > govpn.MaxBytesPerKey { log.Println("Need rehandshake") rehandshaking <- struct{}{} break MainCycle diff --git a/src/cypherpunks.ru/govpn/peer.go b/src/cypherpunks.ru/govpn/peer.go index 5ea245b..a9c0aaa 100644 --- a/src/cypherpunks.ru/govpn/peer.go +++ b/src/cypherpunks.ru/govpn/peer.go @@ -39,7 +39,7 @@ const ( // S20BS is Salsa20's internal blocksize in bytes S20BS = 64 // Maximal amount of bytes transfered with single key (4 GiB) - MaxBytesPerKey int64 = 1 << 32 + MaxBytesPerKey uint64 = 1 << 32 // Heartbeat rate, relative to Timeout TimeoutHeartbeat = 4 // Minimal valid packet length @@ -64,6 +64,19 @@ func newNonceCipher(key *[32]byte) *xtea.Cipher { } type Peer struct { + // Statistics (they are at the beginning for correct int64 alignment) + BytesIn uint64 + BytesOut uint64 + BytesPayloadIn uint64 + BytesPayloadOut uint64 + FramesIn uint64 + FramesOut uint64 + FramesUnauth uint64 + FramesDup uint64 + HeartbeatRecv uint64 + HeartbeatSent uint64 + + // Basic Addr string Id *PeerId Conn io.Writer @@ -95,18 +108,6 @@ type Peer struct { LastSent time.Time willSentCycle time.Time - // Statistics - BytesIn int64 - BytesOut int64 - BytesPayloadIn int64 - BytesPayloadOut int64 - FramesIn int - FramesOut int - FramesUnauth int - FramesDup int - HeartbeatRecv int - HeartbeatSent int - // Receiver BusyR sync.Mutex `json:"-"` bufR []byte @@ -241,7 +242,7 @@ func (p *Peer) EthProcess(data []byte) { // accept the next one copy(p.bufT[S20BS:], data) p.bufT[S20BS+len(data)] = PadByte - p.BytesPayloadOut += int64(len(data)) + p.BytesPayloadOut += uint64(len(data)) } if p.NoiseEnable && !p.Encless { @@ -278,7 +279,7 @@ func (p *Peer) EthProcess(data []byte) { ) copy(p.keyAuthT[:], p.bufT[:SSize]) poly1305.Sum(p.tagT, p.frameT, p.keyAuthT) - atomic.AddInt64(&p.BytesOut, int64(len(p.frameT)+TagSize)) + atomic.AddUint64(&p.BytesOut, uint64(len(p.frameT)+TagSize)) out = append(p.tagT[:], p.frameT...) } p.FramesOut++ @@ -376,7 +377,7 @@ func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool { } p.FramesIn++ - atomic.AddInt64(&p.BytesIn, int64(len(data))) + atomic.AddUint64(&p.BytesIn, uint64(len(data))) p.LastPing = time.Now() p.pktSizeR = bytes.LastIndexByte(out, PadByte) if p.pktSizeR == -1 { @@ -396,7 +397,7 @@ func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool { p.BusyR.Unlock() return true } - p.BytesPayloadIn += int64(p.pktSizeR) + p.BytesPayloadIn += uint64(p.pktSizeR) tap.Write(out[:p.pktSizeR]) p.BusyR.Unlock() return true diff --git a/utils/makedist.sh b/utils/makedist.sh index 278ee2d..a024620 100755 --- a/utils/makedist.sh +++ b/utils/makedist.sh @@ -63,7 +63,7 @@ size=$(( $(cat $tarball | wc -c) / 1024 )) hash=$($SHA256 $tarball | sed 's/^.*\([0-9a-f]\{64\}\).*$/\1/') cat <