Changes for Iphone

build_config.h

@@ -90,6 +90,12 @@
 #define ARCH_CPU_ARMEL 1
 #define ARCH_CPU_32_BITS 1
 #define ARCH_CPU_LITTLE_ENDIAN 1
+#elif defined(__aarch64__)
+#define ARCH_CPU_ARM_FAMILY 1
+#define ARCH_CPU_ARM64 1
+#define ARCH_CPU_64_BITS 1
+#define ARCH_CPU_LITTLE_ENDIAN 1
+#define ARCH_CPU_ALLOW_UNALIGNED 1
 #elif defined(__pnacl__)
 #define ARCH_CPU_32_BITS 1
 #elif defined(__MIPSEL__)

crypto/blake2s.cpp

@@ -22,6 +22,10 @@ https://blake2.net.
 #include "blake2s.h"
 #include "crypto_ops.h"
 
+#ifndef BLAKE2S_WITH_ASM
+#define BLAKE2S_WITH_ASM 1
+#endif  // BLAKE2S_WITH_ASM
+
 void blake2s_compress_sse(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]);
 
 #if !defined(__cplusplus) && (!defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L)
@@ -242,8 +246,8 @@ static void blake2s_compress(blake2s_state *S, const uint8_t in[BLAKE2S_BLOCKBYT
 #undef G
 #undef ROUND
 
-  static inline void blake2s_compress_impl(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]) {
+static inline void blake2s_compress_impl(blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES]) {
-#if defined(ARCH_CPU_X86_64)
+#if defined(ARCH_CPU_X86_64) && BLAKE2S_WITH_ASM
   blake2s_compress_sse(S, block);
 #else
   blake2s_compress(S, block);

crypto/chacha20poly1305.cpp

@@ -30,6 +30,11 @@ enum {
 #define CHACHA20_WITH_AVX512 1
 #endif
 
+#ifndef CHACHA20_WITH_ASM
+#define CHACHA20_WITH_ASM 1
+#endif  // CHACHA20_WITH_ASM
+
+
 extern "C" {
 void _cdecl hchacha20_ssse3(uint8 *derived_key, const uint8 *nonce, const uint8 *key);
 void _cdecl chacha20_ssse3(uint8 *out, const uint8 *in, size_t len, const uint32 key[8], const uint32 counter[4]);
@@ -56,9 +61,6 @@ void poly1305_emit_neon(void *ctx, uint8 mac[16], const uint32 nonce[4]);
 
 }
 
-
-
-
 struct chacha20_ctx {
 	uint32 state[CHACHA20_BLOCK_SIZE / sizeof(uint32)];
 };
@@ -158,7 +160,7 @@ SAFEBUFFERS static void hchacha20_generic(uint8 derived_key[CHACHA20POLY1305_KEY
 
 static inline void hchacha20(uint8 derived_key[CHACHA20POLY1305_KEYLEN], const uint8 nonce[16], const uint8 key[CHACHA20POLY1305_KEYLEN])
 {
-#if defined(ARCH_CPU_X86_64) && defined(COMPILER_MSVC)
+#if defined(ARCH_CPU_X86_64) && defined(COMPILER_MSVC) && CHACHA20_WITH_ASM
 	if (X86_PCAP_SSSE3) {
 		hchacha20_ssse3(derived_key, nonce, key);
 		return;
@@ -181,7 +183,7 @@ SAFEBUFFERS static void chacha20_crypt(struct chacha20_ctx *ctx, uint8 *dst, con
   if (bytes == 0)
     return;
 
-#if defined(ARCH_CPU_X86_64)
+#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
 #if CHACHA20_WITH_AVX512
 	if (X86_PCAP_AVX512F) {
 		chacha20_avx512(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
@@ -207,7 +209,7 @@ SAFEBUFFERS static void chacha20_crypt(struct chacha20_ctx *ctx, uint8 *dst, con
   }
 #endif  // defined(ARCH_CPU_X86_64)
 
-#if defined(ARCH_CPU_ARM_FAMILY)
+#if defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
   if (ARM_PCAP_NEON) {
     chacha20_neon(dst, src, bytes, &ctx->state[4], &ctx->state[12]);
   } else {
@@ -240,7 +242,7 @@ struct poly1305_ctx {
 	size_t num;
 };
 
-#if !(defined(CONFIG_X86_64) || defined(CONFIG_ARM) || defined(CONFIG_ARM64) || (defined(CONFIG_MIPS) && defined(CONFIG_64BIT)))
+#if !(defined(CONFIG_X86_64) || defined(CONFIG_ARM) || defined(CONFIG_ARM64) || (defined(CONFIG_MIPS) && defined(CONFIG_64BIT))) || !CHACHA20_WITH_ASM
 struct poly1305_internal {
 	uint32 h[5];
 	uint32 r[4];
@@ -408,9 +410,9 @@ SAFEBUFFERS static void poly1305_init(struct poly1305_ctx *ctx, const uint8 key[
 	ctx->nonce[2] = ReadLE32(&key[24]);
 	ctx->nonce[3] = ReadLE32(&key[28]);
 
-#if defined(ARCH_CPU_X86_64)
+#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
 	poly1305_init_x86_64(ctx->opaque, key);
-#elif defined(ARCH_CPU_ARM_FAMILY)
+#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
 	poly1305_init_arm(ctx->opaque, key);
 #elif defined(CONFIG_MIPS) && defined(CONFIG_64BIT)
 	poly1305_init_mips(ctx->opaque, key);
@@ -422,7 +424,7 @@ SAFEBUFFERS static void poly1305_init(struct poly1305_ctx *ctx, const uint8 key[
 
 static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint32 padbit)
 {
-#if defined(ARCH_CPU_X86_64)
+#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
 #if CHACHA20_WITH_AVX512
 	if(X86_PCAP_AVX512F)
 		poly1305_blocks_avx512(ctx, inp, len, padbit);
@@ -434,7 +436,7 @@ static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint
     poly1305_blocks_avx(ctx, inp, len, padbit);
   else
 		poly1305_blocks_x86_64(ctx, inp, len, padbit);
-#elif defined(ARCH_CPU_ARM_FAMILY)
+#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
   if (ARM_PCAP_NEON)
     poly1305_blocks_neon(ctx, inp, len, padbit);
   else
@@ -446,12 +448,12 @@ static inline void poly1305_blocks(void *ctx, const uint8 *inp, size_t len, uint
 
 static inline void poly1305_emit(void *ctx, uint8 mac[16], const uint32 nonce[4])
 {
-#if defined(ARCH_CPU_X86_64)
+#if defined(ARCH_CPU_X86_64) && CHACHA20_WITH_ASM
   if (X86_PCAP_AVX)
     poly1305_emit_avx(ctx, mac, nonce);
   else
     poly1305_emit_x86_64(ctx, mac, nonce);
-#elif defined(ARCH_CPU_ARM_FAMILY)
+#elif defined(ARCH_CPU_ARM_FAMILY) && CHACHA20_WITH_ASM
   if (ARM_PCAP_NEON)
     poly1305_emit_neon(ctx, mac, nonce);
   else

util.cpp

@@ -15,8 +15,14 @@
 #include <sys/wait.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
+#include <sys/time.h>
 #endif
 
+
+#if defined(OS_MACOSX)
+#include <mach/mach_time.h>
+#endif  // OS_MACOSX
+
 #include <vector>
 #include <algorithm>
 #include "tunsafe_types.h"
@@ -451,6 +457,8 @@ void InitOsxGetMilliseconds() {
 }
 
 uint64 OsGetMilliseconds() {
+  assert(initclock != 0);
+
   uint64_t clock = mach_absolute_time() - initclock;
   return clock * (uint64_t)timebase.numer / (uint64_t)timebase.denom;
 }

wireguard_config.cpp

@@ -562,7 +562,7 @@ bool WgFileParser::ParseFlag(const char *group, const char *key, char *value) {
       goto err;
     }
   } else {
-err:
+  err:
     return false;
   }
   return true;
@@ -577,25 +577,21 @@ static bool ContainsNonAsciiCharacter(const char *buf, size_t size) {
   return false;
 }
 
-bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver) {
+bool ParseWireGuardConfigString(WireguardProcessor *wg, char *buf, size_t buf_size, DnsResolver *dns_resolver) {
-  char buf[1024];
   char group[32] = {0};
   
   WgFileParser file_parser(wg, dns_resolver);
   
-  RINFO("Loading file: %s", filename);
+  const char *buf_end = buf + buf_size;
+  for (;;) {
+    char *nl = (char*)memchr(buf, '\n', buf_end - buf);
+    if (nl)
+      *nl = 0;
     
-  FILE *f = fopen(filename, "r");
+    size_t len = (nl ? nl : buf_end) - buf;	
-  if (!f) {
-    RERROR("Unable to open: %s", filename);
-    return false;
-  }
-
-  while (fgets(buf, sizeof(buf), f)) {
-    size_t len = strlen(buf);
     
     if (ContainsNonAsciiCharacter(buf, len)) {
-      RERROR("File is not a config file: %s", filename);
+      RERROR("File is not a config file");
       return false;
     }
     
@@ -607,44 +603,71 @@ bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsR
     while (len && is_space(buf[len - 1]))
       buf[--len] = 0;
     
-    if (buf[0] == '\0')
-      continue;
-
     if (buf[0] == '[') {
       if (len < sizeof(group)) {
         memcpy(group, buf, len + 1);
         if (!file_parser.ParseFlag(group, NULL, NULL)) {
           RERROR("Error parsing %s", group);
-          fclose(f);
           return false;
         }
       }
-      continue;
+    } else if (buf[0] != '\0') {
-    }
+      char *sep = strchr(buf, '=');
-    char *sep = strchr(buf, '=');
+      if (!sep) {
-    if (!sep) {
+        RERROR("Missing = on line: %s", buf);
-      RERROR("Missing = on line: %s", buf);
+        return false;
-      continue;
+      }
-    }
+      char *sepe = sep;
-    char *sepe = sep;
+      while (sepe > buf && is_space(sepe[-1]))
-    while (sepe > buf && is_space(sepe[-1]))
+        sepe--;
-      sepe--;
+      *sepe = 0;
-    *sepe = 0;
       
-    // trim space after =
+      // trim space after =
-    do sep++; while (is_space(*sep));
+      do sep++; while (is_space(*sep));
       
-    if (!file_parser.ParseFlag(group, buf, sep)) {
+      if (!file_parser.ParseFlag(group, buf, sep)) {
-      RERROR("Error parsing %s.%s = %s", group, buf, sep);
+        RERROR("Error parsing %s.%s = %s", group, buf, sep);
-      fclose(f);
+        return false;
-      return false;
+      }
     }
+    if (!nl)
+      break;
+    buf = nl + 1;
   }
   file_parser.FinishGroup();
-  fclose(f);
   return true;
 }
 
+static bool LoadFileWithMaximumSize(const char *filename, std::string *result, size_t max_size) {
+  FILE *f = fopen(filename, "rb");
+  if (!f) return false;
+  fseek(f, 0, SEEK_END);
+  size_t n;
+  long x = ftell(f);
+  fseek(f, 0, SEEK_SET);
+  if (x < 0 || x > max_size) goto error;
+  result->resize((size_t)x);
+  n = fread(&(*result)[0], 1, x, f);
+  if (n != x) goto error;
+  fclose(f);
+  return true;
+error:
+  fclose(f);
+  return false;
+}
+
+
+bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver) {
+  std::string temp;
+  RINFO("Loading file: %s", filename);
+  if (!LoadFileWithMaximumSize(filename, &temp, 1024 * 1024)) {
+    RERROR("Unable to open: %s", filename);
+    return false;
+  }
+  return ParseWireGuardConfigString(wg, &temp[0], temp.size(), dns_resolver);
+}
+
+
 
 static void CmsgAppendFmt(std::string *result, const char *fmt, ...) {
   va_list va;

wireguard_config.h

@@ -49,6 +49,7 @@ private:
   static void HandleConfigurationProtocolGet(WireguardProcessor *proc, std::string *result);
 };
 
+bool ParseWireGuardConfigString(WireguardProcessor *wg, char *buf, size_t buf_size, DnsResolver *dns_resolver);
 bool ParseWireGuardConfigFile(WireguardProcessor *wg, const char *filename, DnsResolver *dns_resolver);
 
 #define kSizeOfAddress 64