Jason A. Donenfeld, munyori weVPN WireGuard, ΠΎ inosanganisirwa mune huru OpenBSD kernel mutyairi "wg" yeWireGuard protocol, chaiyo network interface uye Toolkit inoshanda munzvimbo yemushandisi. OpenBSD yakava yechipiri OS mushure ine yakazara uye yakabatanidzwa WireGuard rutsigiro. WireGuard inotarisirwa kuverengerwa mukuburitswa kweOpenBSD 6.8.
Iwo mapeche anosanganisira mutyairi weOpenBSD kernel, shanduko kune ifconfig uye tcpdump zvinoshandiswa kutsigira WireGuard mashandiro, zvinyorwa, uye shanduko diki kubatanidza WireGuard neimwe system. Mutyairi anoshandisa ega kuita kwayo algorithms , ΠΈ , pamwe nekuitwa kweSipHash kwatovepo muOpenBSD kernel.
Kuitwa kwacho kunoenderana nevatengi vese veWireGuard veLinux, Windows, macOS, * BSD, iOS uye Android. Kuyedzwa kwekuita palaptop yemugadziri (Lenovo x230) yakaratidza kubuda kwe750mbit/s. Kuenzanisa, isakmpd ine basic ike psk marongero inopa kubuda kwe380mbit/s.
Pakugadzira mutyairi weOpenBSD kernel, mamwe magadzirirwo ezvivakwa akasarudzwa aive akafanana nemutyairi weLinux, asi mutyairi akagadzirirwa zvakanyanya kuOpenBSD, achifunga nezve chaiyo sisitimu iyi uye achifunga nezve chiitiko chakawanikwa pakugadzira iyo. mutyairi weLinux. Nemvumo yemunyori wekutanga weWireGuard, kodhi yese yemutyairi mutsva inogoverwa pasi perezinesi reISC remahara.
Mutyairi anobatanidza zvakasimba neOpenBSD networking stack uye anoshandisa ma subsystems aripo, izvo zvinoita kuti kodhi yacho inyatso compact (inenge 3000 mitsara yekodhi). Pakati pemisiyano, kupatsanurwa kwemidziyo yemutyairi kwakasiyanawo neiyo yeLinux: OpenBSD-specific interfaces inoiswa mu "if_wg.*" mafaera, kodhi yekudzivirira yeDoS iri mu "wg_cookie.*", uye nhaurirano yekubatanidza uye encryption. logic iri muβwg_noise.*β "
Source: opennet.ru