Commit Graph

756 Commits

Author SHA1 Message Date
JackDoan c4deb5fc1c checkpt 2026-05-14 14:42:17 -05:00
JackDoan 697294a676 size arena to match batch size 2026-05-14 14:39:02 -05:00
JackDoan 13ebc1b343 batched tun interface 2026-05-14 14:37:35 -05:00
JackDoan 0d87e57de3 fixes 2026-05-14 14:31:04 -05:00
JackDoan 2841aea86c fixes 2026-05-14 14:31:04 -05:00
JackDoan 5eb0b1cfd3 snip 2026-05-14 14:31:04 -05:00
JackDoan 7d61303e81 snip 2026-05-14 14:31:04 -05:00
JackDoan d1a24540e6 snip 2026-05-14 14:31:04 -05:00
JackDoan 3b1e658bef change Queue.Read signature 2026-05-14 14:31:02 -05:00
JackDoan 3192e47ff4 flatten tio.Capabilities 2026-05-14 14:28:07 -05:00
JackDoan 37208b1d8f speed 2026-05-14 14:28:06 -05:00
JackDoan 7bb5cd477e new tun interface 2026-05-14 14:27:17 -05:00
JackDoan c08ed7d626 udp setsockopt correctness fixes 2026-05-12 11:41:42 -05:00
JackDoan c256f2cfbb use less ram pls 2026-05-11 17:30:56 -05:00
JackDoan 3be637bade clean up a comment a bit 2026-05-11 17:10:33 -05:00
JackDoan 0ff28504d7 drop in a logger 2026-05-11 17:10:05 -05:00
JackDoan 2a47b47853 go mod tidy 2026-05-11 14:56:26 -05:00
JackDoan 681f5ef5a6 lint 2026-05-11 14:04:23 -05:00
JackDoan 6b6dcda486 fix 2026-05-11 11:32:57 -05:00
JackDoan ed4d17d768 faster
grr heap usage!
2026-05-11 11:32:57 -05:00
JackDoan 67af1edadb no 2026-05-11 11:32:57 -05:00
JackDoan 7924cf0aa8 use clear() 2026-05-11 11:32:57 -05:00
JackDoan b0f139b578 remove udp-level RX reorder buf 2026-05-11 11:32:57 -05:00
JackDoan 1972c73940 make relays take the fast path maybe 2026-05-11 11:32:57 -05:00
JackDoan 5138321491 scoot pinning around 2026-05-11 11:32:57 -05:00
JackDoan 49535ceb6c scoot stuff around for e2e 2026-05-11 11:32:57 -05:00
JackDoan e3e8622b98 disable sort-on-RX, CPU pinning seems to work for now 2026-05-11 11:32:57 -05:00
JackDoan 924268cc1f switch to ASM vector checksum 2026-05-11 11:32:57 -05:00
JackDoan 6a46a2913a GSO/GRO offloads, with TCP+ECN and UDP support 2026-05-11 11:32:57 -05:00
JackDoan 4b4331ba42 better and batched tun interface 2026-05-11 11:32:57 -05:00
Nate Brown 398d67e2da Windows code signing (#1718)
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / freebsd-amd64 (push) Failing after 3s
smoke-extra / linux-amd64-ipv6disable (push) Failing after 3s
smoke-extra / netbsd-amd64 (push) Failing after 3s
smoke-extra / openbsd-amd64 (push) Failing after 2s
smoke-extra / linux-386 (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
smoke-extra / Run windows smoke test (push) Has been cancelled
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-08 14:43:19 -05:00
Nate Brown 696903d6d9 Add a way to set the network type on windows + tests (#1710)
gofmt / Run gofmt (push) Failing after 2s
smoke-extra / freebsd-amd64 (push) Failing after 2s
smoke-extra / linux-amd64-ipv6disable (push) Failing after 3s
smoke-extra / netbsd-amd64 (push) Failing after 3s
smoke-extra / openbsd-amd64 (push) Failing after 3s
smoke-extra / linux-386 (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
smoke-extra / Run windows smoke test (push) Has been cancelled
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-07 20:17:38 -05:00
Nate Brown c82db210ef Change windows unsafe routes to link routes, fix sshd reload bug (#1709)
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / freebsd-amd64 (push) Failing after 3s
smoke-extra / linux-amd64-ipv6disable (push) Failing after 2s
smoke-extra / netbsd-amd64 (push) Failing after 2s
smoke-extra / openbsd-amd64 (push) Failing after 3s
smoke-extra / linux-386 (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Build and test / Build and test on linux with pkcs11 (push) Failing after 3s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-07 11:30:26 -05:00
Nate Brown 1ada3d4dd9 Use DefinedNets fancy new netbsd10 vagrant box for smokes (#1711) 2026-05-07 10:30:29 -05:00
Nate Brown 5f920fdd7d Remove the global noiseEndianness var (#1707)
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 2s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 3s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-06 17:37:03 -05:00
dependabot[bot] cba9ea5b1f Bump github.com/gaissmai/bart from 0.26.0 to 0.26.1 (#1604)
Bumps [github.com/gaissmai/bart](https://github.com/gaissmai/bart) from 0.26.0 to 0.26.1.
- [Release notes](https://github.com/gaissmai/bart/releases)
- [Commits](https://github.com/gaissmai/bart/compare/v0.26.0...v0.26.1)

---
updated-dependencies:
- dependency-name: github.com/gaissmai/bart
  dependency-version: 0.26.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:36:07 -05:00
dependabot[bot] 83809a599a Bump actions/download-artifact from 7 to 8 (#1617)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:34:06 -05:00
dependabot[bot] 23c67bd8d8 Bump actions/upload-artifact from 6 to 7 (#1618)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:33:47 -05:00
dependabot[bot] dd3a7ad03c Bump docker/setup-buildx-action from 3 to 4 (#1627)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:33:16 -05:00
dependabot[bot] dd2ac5d655 Bump docker/login-action from 3 to 4 (#1628)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:32:45 -05:00
dependabot[bot] 76e82a5256 Bump golang.org/x/net (#1664)
Bumps the golang-x-dependencies group with 1 update in the / directory: [golang.org/x/net](https://github.com/golang/net).


Updates `golang.org/x/net` from 0.52.0 to 0.53.0
- [Commits](https://github.com/golang/net/compare/v0.52.0...v0.53.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.53.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-06 17:32:21 -05:00
dependabot[bot] eaf756ea6c Bump Apple-Actions/import-codesign-certs from 6 to 7 (#1697) 2026-05-06 17:31:48 -05:00
Jack Doan a82a8dc547 don't panic on bad ed25519 key lengths (#1601)
gofmt / Run gofmt (push) Failing after 4s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
* don't panic on bad ed25519 key lengths

* don't allow mismatched curves

* add test
2026-05-06 17:00:07 -05:00
Nate Brown 213dd46588 Stop leaking goroutines past Control.Stop, consolidate punching in Punchy (#1708) 2026-05-06 16:21:16 -05:00
Wade Simmons 4fb5cdb4fa refactor readOutsidePackets (#1642)
* refactor readOutsidePackets

They layout of this method is confusing and relys on certain parts to
return early for things to work correctly.

Change the ordering of the logic so that we do this:

- Handle unencrypted packets
- Decrypt packet
- Handle encrypted packets

This way, nothing can sneak through unencrypted to where it shouldn't
be.

* fix comment

* code review comments

* check for expected type/subtype

* check header version

* log header

* need to handle TestReply

* clean roaming / connectionManager

* dont need to roam here now, we do it earlier

* cleanup metrics and errors

* rxInvalid

* debug logger checks

* ErrOutOfWindow
2026-05-06 12:23:27 -04:00
Jack Doan ff91c37529 switch Bits to a packed u64 (#1705) 2026-05-06 10:22:26 -05:00
Nate Brown b7e9939e92 More stable e2e test harness, better for benchmarking (#1702)
gofmt / Run gofmt (push) Failing after 2s
smoke-extra / Run extra smoke tests (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 2s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 3s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-04 10:12:58 -05:00
Nate Brown 33c2d7277c Reduce HandshakeManager complexity a little bit (#1701)
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-01 13:21:38 -05:00
Nate Brown f141cebe8d Run e2e tests in parallel, include a goroutine leak detector test (#1700)
gofmt / Run gofmt (push) Failing after 41s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 3s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-04-30 21:30:56 -05:00
Nate Brown 9ec8cf10f3 Handshake state machine (#1656) 2026-04-30 21:30:27 -05:00