An amince da kusan canje-canje 100 da suka shafi aiwatar da tallafin VPN a cikin tsarin aiki na DragonFly BSD. WireGuard. "wg" direba tare da tallafin yarjejeniya WireGuard An ɗauko daga FreeBSD, yayin da ayyukan ɓoye bayanai, hanyar sadarwa, da ioctl API (don sarrafa sararin mai amfani) ana aro su daga OpenBSD. Ana canja canje-canje ga amfanin ifconfig da ake buƙata don saitin VPN daga OpenBSD. Aiwatarwa ya dace da duk abokan ciniki na hukuma. WireGuard to Linux, Windows, macOS, *BSD, iOS da AndroidDragonFly BSD ya zama OS na biyar da aka buɗe bayan OS Linux, OpenBSD, NetBSD da FreeBSD tare da tallafi mai hadewa WireGuard.
В WireGuard Ana amfani da manufar hanyar sadarwa ta maɓallin ɓoyewa, wanda ya haɗa da ɗaure maɓalli na sirri zuwa kowace hanyar sadarwa da amfani da shi don ɗaure maɓalli na jama'a. Don yin shawarwari kan maɓallai da haɗawa ba tare da gudanar da wani daemon daban a cikin sararin mai amfani ba, ana amfani da hanyar sadarwa ta Noise_IK daga Tsarin Tsarin Hayaniya, kamar tsarin authorized_keys a cikin SSH. Ana gudanar da canja wurin bayanai ta hanyar ɓoyewa a cikin fakitin UDP. Ana tallafawa sake sanya adireshin IP. VPN-sabobin (yawo) ba tare da cire haɗin ba tare da sake saita abokin ciniki ta atomatik.
Encryption yana amfani da cipher rafi na ChaCha20 da Poly1305 ingantaccen saƙon algorithm (MAC), wanda Daniel J. Bernstein, Tanja Lange da Peter Schwabe suka haɓaka. ChaCha20 da Poly1305 an sanya su azaman mafi sauri da aminci analogues na AES-256-CTR da HMAC, aiwatar da software wanda ke ba da damar cimma ƙayyadadden lokacin aiwatarwa ba tare da amfani da tallafin kayan aiki na musamman ba. Don samar da maɓallin sirrin da aka raba, ana amfani da ka'idar Diffie-Hellman a cikin aiwatar da Curve25519, wanda Daniel Bernstein ya gabatar. Ana amfani da BLAKE2s algorithm (RFC7693) don hashing.
source: budenet.ru
