diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/device.c | 4 | ||||
-rw-r--r-- | src/peer.h | 2 | ||||
-rw-r--r-- | src/receive.c | 2 | ||||
-rw-r--r-- | src/send.c | 2 | ||||
-rw-r--r-- | src/timers.c | 18 | ||||
-rw-r--r-- | src/timers.h | 2 |
6 files changed, 15 insertions, 15 deletions
diff --git a/src/device.c b/src/device.c index cb5517e..054ab18 100644 --- a/src/device.c +++ b/src/device.c @@ -79,7 +79,7 @@ static int suspending_clear_noise_peers(struct notifier_block *nb, unsigned long noise_handshake_clear(&peer->handshake); noise_keypairs_clear(&peer->keypairs); if (peer->timers_enabled) - del_timer(&peer->timer_kill_ephemerals); + del_timer(&peer->timer_zero_key_material); } } rtnl_unlock(); @@ -99,7 +99,7 @@ static int stop(struct net_device *dev) noise_handshake_clear(&peer->handshake); noise_keypairs_clear(&peer->keypairs); if (peer->timers_enabled) - del_timer(&peer->timer_kill_ephemerals); + del_timer(&peer->timer_zero_key_material); } skb_queue_purge(&wg->incoming_handshakes); socket_uninit(wg); @@ -38,7 +38,7 @@ struct wireguard_peer { struct cookie latest_cookie; struct hlist_node pubkey_hash; u64 rx_bytes, tx_bytes; - struct timer_list timer_retransmit_handshake, timer_send_keepalive, timer_new_handshake, timer_kill_ephemerals, timer_persistent_keepalive; + struct timer_list timer_retransmit_handshake, timer_send_keepalive, timer_new_handshake, timer_zero_key_material, timer_persistent_keepalive; unsigned int timer_handshake_attempts; unsigned long persistent_keepalive_interval; bool timers_enabled; diff --git a/src/receive.c b/src/receive.c index 67ad584..5a6d975 100644 --- a/src/receive.c +++ b/src/receive.c @@ -122,7 +122,7 @@ static void receive_handshake_packet(struct wireguard_device *wg, struct sk_buff update_latest_addr(peer, skb); net_dbg_ratelimited("%s: Receiving handshake response from peer %Lu (%pISpfsc)\n", wg->dev->name, peer->internal_id, &peer->endpoint.addr); if (noise_handshake_begin_session(&peer->handshake, &peer->keypairs, true)) { - timers_ephemeral_key_created(peer); + timers_session_derived(peer); timers_handshake_complete(peer); /* Calling this function will either send any existing packets in the queue * and not send a keepalive, which is the best case, Or, if there's nothing @@ -73,7 +73,7 @@ void packet_send_handshake_response(struct wireguard_peer *peer) if (noise_handshake_create_response(&packet, &peer->handshake)) { cookie_add_mac_to_packet(&packet, sizeof(packet), peer); if (noise_handshake_begin_session(&peer->handshake, &peer->keypairs, false)) { - timers_ephemeral_key_created(peer); + timers_session_derived(peer); timers_any_authenticated_packet_traversal(peer); socket_send_buffer_to_peer(peer, &packet, sizeof(struct message_handshake_response), HANDSHAKE_DSCP); } diff --git a/src/timers.c b/src/timers.c index 9dc4ae0..d515265 100644 --- a/src/timers.c +++ b/src/timers.c @@ -36,8 +36,8 @@ static void expired_retransmit_handshake(unsigned long ptr) skb_queue_purge(&peer->tx_packet_queue); /* We set a timer for destroying any residue that might be left * of a partial exchange. */ - if (likely(peer->timers_enabled) && !timer_pending(&peer->timer_kill_ephemerals)) - mod_timer(&peer->timer_kill_ephemerals, jiffies + (REJECT_AFTER_TIME * 3)); + if (likely(peer->timers_enabled) && !timer_pending(&peer->timer_zero_key_material)) + mod_timer(&peer->timer_zero_key_material, jiffies + (REJECT_AFTER_TIME * 3)); } else { ++peer->timer_handshake_attempts; pr_debug("%s: Handshake for peer %Lu (%pISpfsc) did not complete after %d seconds, retrying (try %d)\n", peer->device->dev->name, peer->internal_id, &peer->endpoint.addr, REKEY_TIMEOUT / HZ, peer->timer_handshake_attempts + 1); @@ -72,13 +72,13 @@ static void expired_new_handshake(unsigned long ptr) peer_put(peer); } -static void expired_kill_ephemerals(unsigned long ptr) +static void expired_zero_key_material (unsigned long ptr) { peer_get_from_ptr(ptr); if (!queue_work(peer->device->peer_wq, &peer->clear_peer_work)) /* Takes our reference. */ peer_put(peer); /* If the work was already on the queue, we want to drop the extra reference */ } -static void queued_expired_kill_ephemerals(struct work_struct *work) +static void queued_expired_zero_key_material(struct work_struct *work) { struct wireguard_peer *peer = container_of(work, struct wireguard_peer, clear_peer_work); pr_debug("%s: Zeroing out all keys for peer %Lu (%pISpfsc), since we haven't received a new one in %d seconds\n", peer->device->dev->name, peer->internal_id, &peer->endpoint.addr, (REJECT_AFTER_TIME * 3) / HZ); @@ -141,10 +141,10 @@ void timers_handshake_complete(struct wireguard_peer *peer) } /* Should be called after an ephemeral key is created, which is before sending a handshake response or after receiving a handshake response. */ -void timers_ephemeral_key_created(struct wireguard_peer *peer) +void timers_session_derived(struct wireguard_peer *peer) { if (likely(peer->timers_enabled)) - mod_timer(&peer->timer_kill_ephemerals, jiffies + (REJECT_AFTER_TIME * 3)); + mod_timer(&peer->timer_zero_key_material, jiffies + (REJECT_AFTER_TIME * 3)); } /* Should be called before a packet with authentication -- data, keepalive, either handshake -- is sent, or after one is received. */ @@ -160,9 +160,9 @@ void timers_init_peer(struct wireguard_peer *peer) setup_timer(&peer->timer_retransmit_handshake, expired_retransmit_handshake, (unsigned long)peer); setup_timer(&peer->timer_send_keepalive, expired_send_keepalive, (unsigned long)peer); setup_timer(&peer->timer_new_handshake, expired_new_handshake, (unsigned long)peer); - setup_timer(&peer->timer_kill_ephemerals, expired_kill_ephemerals, (unsigned long)peer); + setup_timer(&peer->timer_zero_key_material, expired_zero_key_material, (unsigned long)peer); setup_timer(&peer->timer_persistent_keepalive, expired_send_persistent_keepalive, (unsigned long)peer); - INIT_WORK(&peer->clear_peer_work, queued_expired_kill_ephemerals); + INIT_WORK(&peer->clear_peer_work, queued_expired_zero_key_material); } void timers_uninit_peer(struct wireguard_peer *peer) @@ -174,7 +174,7 @@ void timers_uninit_peer(struct wireguard_peer *peer) del_timer_sync(&peer->timer_retransmit_handshake); del_timer_sync(&peer->timer_send_keepalive); del_timer_sync(&peer->timer_new_handshake); - del_timer_sync(&peer->timer_kill_ephemerals); + del_timer_sync(&peer->timer_zero_key_material); del_timer_sync(&peer->timer_persistent_keepalive); flush_work(&peer->clear_peer_work); } diff --git a/src/timers.h b/src/timers.h index 50f81a1..4bfc00e 100644 --- a/src/timers.h +++ b/src/timers.h @@ -13,7 +13,7 @@ void timers_data_received(struct wireguard_peer *peer); void timers_any_authenticated_packet_received(struct wireguard_peer *peer); void timers_handshake_initiated(struct wireguard_peer *peer); void timers_handshake_complete(struct wireguard_peer *peer); -void timers_ephemeral_key_created(struct wireguard_peer *peer); +void timers_session_derived(struct wireguard_peer *peer); void timers_any_authenticated_packet_traversal(struct wireguard_peer *peer); #endif |