From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E87E4C43603 for ; Thu, 5 Dec 2019 20:10:54 +0000 (UTC) Received: from krantz.zx2c4.com (krantz.zx2c4.com [192.95.5.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8776C206D9 for ; Thu, 5 Dec 2019 20:10:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=trustiosity.com header.i=@trustiosity.com header.b="UvpzueuJ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8776C206D9 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=trustiosity.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=wireguard-bounces@lists.zx2c4.com Received: from krantz.zx2c4.com (localhost [IPv6:::1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id e38838a0; Thu, 5 Dec 2019 20:10:37 +0000 (UTC) Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 9e91a15f for ; Thu, 5 Dec 2019 20:10:35 +0000 (UTC) Received: from mx.trustiosity.com (mx.trustiosity.com [54.186.28.113]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 854da20d for ; Thu, 5 Dec 2019 20:10:34 +0000 (UTC) Received: from [192.168.212.66] (csm.ldm [192.168.212.66]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: zrm@trustiosity.com) by mx.trustiosity.com (Postfix) with ESMTPSA id 1987B424129 for ; Thu, 5 Dec 2019 15:10:33 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=trustiosity.com; s=mx; t=1575576633; bh=mvTCuS7hB+ayTTeHBxjyUnQwB9Xqi2yDYXZRMGC0Y64=; h=Subject:To:References:From:Date:In-Reply-To:From; b=UvpzueuJ2voOHmCbpgaQzflJYXQEWN0PCNw0Y5OEqVnyyS1guD7fTzlFdfhoJir61 sLZ4Hacs+yLlslf5LB5/Pi2KS9ayobJ81HfBfMwzAegfIZeDkGE+HsARx4vO+3qNrp tbsdLZLAsX4KE+JyVGxZaH4XtzeTKEao8OoPdA3s= Subject: Re: Regarding "Inferring and hijacking VPN-tunneled TCP connections" To: wireguard@lists.zx2c4.com References: <20191205191318.GA44156@zx2c4.com> From: zrm Message-ID: Date: Thu, 5 Dec 2019 15:10:32 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <20191205191318.GA44156@zx2c4.com> Content-Language: en-US X-BeenThere: wireguard@lists.zx2c4.com X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Errors-To: wireguard-bounces@lists.zx2c4.com Sender: "WireGuard" T24gMTIvNS8xOSAxNDoxMywgSmFzb24gQS4gRG9uZW5mZWxkIHdyb3RlOgo+IEhleSBmb2xrcywK PiAKPiBXaWxsaWFtIHVuZW1iYXJnb2VkIGhpcyBuaWNlIHZ1bG4gdGhpcyB3ZWVrOiBodHRwczov L3NlY2xpc3RzLm9yZy9vc3Mtc2VjLzIwMTkvcTQvMTIyCj4gCj4gSXQgYXBwZWFycyB0byBhZmZl Y3QgYmFzaWNhbGx5IG1vc3QgY29tbW9uIHVuaXggbmV0d29yayBzdGFja3MuIFRoaXMKPiBpc24n dCBhIFdpcmVHdWFyZCB2dWxuZXJhYmlsaXR5LCBidXQgcmF0aGVyIHNvbWV0aGluZyBpbiB0aGUg cm91dGluZwo+IHRhYmxlIGNvZGUgYW5kL29yIFRDUCBjb2RlIG9uIGFmZmVjdGVkIG9wZXJhdGlu ZyBzeXN0ZW1zLiBIb3dldmVyLCBpdAo+IGRvZXMgYWZmZWN0IHVzLCBzaW5jZSBXaXJlR3VhcmQg ZXhpc3RzIG9uIHRob3NlIGFmZmVjdGVkIE9TZXMuCj4gCj4gU29tZSBtaWdodCBjaGFsayBpdCB1 cCB0byBqdXN0IGEgY29uZmlndXJhdGlvbiBlcnJvciwgZGlzbWlzc2luZyBpdCBhcywKPiAid2Vs bCwgaWYgeW91IGNvbmZpZ3VyZSB5b3VyIG5ldHdvcmtpbmcgc3RhY2sgcG9vcmx5LCBiYWQgdGhp bmdzIHdpbGwKPiBoYXBwZW4sIiBidXQgSSBkb24ndCByZWFsbHkgYnV5IHRoYXQ6IHRoZSBuZXR3 b3JrIHNldHVwcyBhZmZlY3RlZCBieQo+IHRoaXMgdnVsbmVyYWJpbGl0eSBhcmUgcHJldHR5IG11 Y2ggdGhlIG5vcm0gZXZlcnl3aGVyZS4KPiAKPiBBbmQgaXQgdHVybnMgb3V0IHRoYXQgd2UgYWN0 dWFsbHkgYXJlIGluIHRoZSBidXNpbmVzcyBvZiBwcm9wZXJseQo+IGNvbmZpZ3VyaW5nIHBlb3Bs ZSdzIG5ldHdvcmtpbmcgc3RhY2tzLiBTcGVjaWZpY2FsbHksIHRoZSB0b29scyB3ZSBzaGlwCj4g Y29tZSB3aXRoIHRoZSBsaXR0bGUgYmFzaCBzY3JpcHQsIHdnLXF1aWNrKDgpLCB3aGljaCBpcyBh IHBvcHVsYXIgd2F5IG9mCj4gYXV0b21hdGluZyBzb21lIGNvbW1vbiB0YXNrcy4gV2UndmUgc3Rh cnRlZCBsb29raW5nIGF0IGtlcm5lbC1sZXZlbAo+IG1pdGlnYXRpb25zIHdpdGhpbiB0aGUgTGlu dXggbmV0d29ya2luZyBzdGFjaywgYnV0IGJlZm9yZSB0aG9zZSBhcmUKPiByZWFkeSwgSSB0aG91 Z2h0IGl0IHdvdWxkIGJlIHBydWRlbnQgdG8gcHV0IHNvbWUgZmlyc3QtbGV2ZWwgZGVmZW5zZXMK PiBpbnRvIHdnLXF1aWNrKDgpIGl0c2VsZi4KPiAKPiBGb3IgdGhhdCByZWFzb24sIHNpbmNlIE5v dmVtYmVyLCB3Zy1xdWljayg4KSBoYXMgYWRkZWQgYSBmZXcgaXB0YWJsZXMoOCkKPiBydWxlcy4g SSByZWFsbHkgZGlzbGlrZSBoYXZpbmcgd2ctcXVpY2soOCkgZ3JvdyBhbnkgc29ydCBvZiBkZXBl bmRlbmN5Cj4gb24gaXB0YWJsZXMoOCkgKGFuZCBldmVudHVhbGx5IG9uIG5mdGFibGVzKDgpKSwg YnV0IGF0IHRoZSBtb21lbnQsIEkKPiBkb24ndCBzZWUgYSB2aWFibGUgYWx0ZXJuYXRpdmUuIFN1 Z2dlc3Rpb25zIGFyZSB3ZWxjb21lLiBJbiBwYXJ0aWN1bGFyLAo+IHdlJ3JlIGFkZGluZyBhIHJ1 bGUgdGhhdCBpcyBzb21ldGhpbmcgbGlrZToKPiAKPiAgwqAgwqAgaXB0YWJsZXMgLXQgcmF3IC1J IFBSRVJPVVRJTkcgISAtaSB3ZzAgLWQgMTAuMTgyLjEyLjggLW0gYWRkcnR5cGUgISAtLXNyYy10 eXBlIExPQ0FMIC1qIERST1AKPiAKPiB3aGVyZSB3ZzAgaXMgdGhlIFdpcmVHdWFyZCBpbnRlcmZh Y2UgYW5kIDEwLjE4Mi4xMi44IGlzIHRoZSBsb2NhbCBJUCBvZgo+IHRoZSBpbnRlcmZhY2UuCj4g Cj4gVGhpcyBzYXlzIHRvIGRyb3AgYWxsIHBhY2tldHMgdGhhdCBhcmUgc2VudCB0byB0aGF0IElQ IGFkZHJlc3MgdGhhdAo+IGFyZW4ndCBjb21pbmcgZnJvbSB0aGUgV2lyZUd1YXJkIGludGVyZmFj ZS4gQW5kIGl0J3MgZG9uZSB2ZXJ5IGVhcmx5IGluCj4gTmV0ZmlsdGVyLCBpbiB0aGUgInJhdyIg dGFibGUuIFRoZSByZXNlYXJjaGVycyBoYXZlIGNvbmZpcm1lZCB0aGF0IHRoaXMKPiBtaXRpZ2F0 ZXMgdGhlIGlzc3VlLgo+IAo+IEFkZGluZyBpcHRhYmxlcyg4KSBpbnRvIHdnLXF1aWNrKDgpIGhh cyBiZWVuIHByZWRpY3RhYmx5IHByb2JsZW1hdGljLAo+IGFuZCBpdCdsbCBwcm9iYWJseSBiZSBh dCBsZWFzdCBhbm90aGVyIHNuYXBzaG90IHVudGlsIHdlIGdldCB0aGluZ3MKPiBidWctZnJlZSBv biBhbGwgdGhlIGRpZmZlcmVudCB2YXJpYXRpb25zIG9mIHRoZSB1dGlsaXR5IHRoYXQgZGlzdHJv cwo+IHNoaXAsIGJ1dCB3ZSdsbCBnZXQgdGhlcmUuIEluIHRoZSBtZWFudGltZSwgSSdkIGNlcnRh aW5seSBhcHByZWNpYXRlCj4gcGF0Y2hlcyB0byBkbyB0aGUgc2FtZSB3aXRoIG5mdGFibGVzKDgp LCBhcyB3ZWxsIGFzIHNvbWUgZnJlc2ggdGhvdWdodHMKPiBvbiBob3cgdG8gYWNjb21wbGlzaCB0 aGlzIHNhbWUgdGhpbmcgX3dpdGhvdXRfIHRoZSBmaXJld2FsbC4gKEluIHRoZQo+IHByb2Nlc3Mg b2Ygd3JpdGluZyB0aGlzIGVtYWlsLCBmb3IgZXhhbXBsZSwgSSBoYWQgYW4gaWRlYSByZWdhcmRp bmcKPiBpcC1ydWxlKDgpIHRoYXQgbWlnaHQgd29yayBvdXQsIGJ1dCBJIGhhdmVuJ3QgdHJpZWQg eWV0LikgV2UgYWxzbyBoYXZlCj4gc29tZSBub24tTGludXggb3BlcmF0aW5nIHN5c3RlbXMgdG8g Y29uc2lkZXIuCj4gCj4gCj4gRmVlZGJhY2sgd2VsY29tZS4KPiAKPiBSZWdhcmRzLAo+IEphc29u Cj4gX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KPiBXaXJl R3VhcmQgbWFpbGluZyBsaXN0Cj4gV2lyZUd1YXJkQGxpc3RzLnp4MmM0LmNvbQo+IGh0dHBzOi8v bGlzdHMuengyYzQuY29tL21haWxtYW4vbGlzdGluZm8vd2lyZWd1YXJkCj4gCgpPbmUgcG9zc2li aWxpdHkgdGhhdCBjb21lcyB0byBtaW5kIGlzIHRvIGFkZCBhIG5ldyBycGZpbHRlciBtb2RlIGJl dHdlZW4gCmxvb3NlIGFuZCBzdHJpY3QgdGhhdCBhY2NlcHRzIHBhY2tldHMgZnJvbSBhbnkgaW50 ZXJmYWNlIHdpdGggYSByb3V0ZSB0byAKdGhhdCBkZXN0aW5hdGlvbiAobGlrZSAibG9vc2UiKSwg YnV0IG9ubHkgaWYgdGhlIHJvdXRlIHByZWZpeCBpcyB0aGUgCnNhbWUgYXMgdGhlIHJvdXRlIHRo YXQgd291bGQgYmUgdXNlZCBmb3Igb3V0Z29pbmcgcGFja2V0cy4gVGhhdCBjYXB0dXJlcyAKbmVh cmx5IHRoZSBlbnRpcmUgdXNlIGNhc2UgZm9yICJsb29zZSIgKHNwZWNpZmljYWxseSB0aGUgbWFq b3IgY2FzZSBvZiAKbXVsdGlwbGUgZGVmYXVsdCByb3V0ZXMpIGJ1dCB0aGVuIGlmIHlvdSBoYXZl IGEgbW9yZSBzcGVjaWZpYyByb3V0ZSB0byBhIApkZXN0aW5hdGlvbiB2aWEgYSBWUE4gaW50ZXJm YWNlLCBwYWNrZXRzIGZyb20gdGhhdCBzdWJuZXQgYXJlIG5vdCAKYWNjZXB0ZWQgdmlhIGEgZGlm ZmVyZW50IGludGVyZmFjZSBqdXN0IGJlY2F1c2UgdGhhdCBpbnRlcmZhY2UgaGFzIGEgCmRlZmF1 bHQgcm91dGUuCgpUaGF0IGxlYXZlcyB0aGUgY2FzZSB3aGVyZSB0aGUgcm91dGUgdGhyb3VnaCB0 aGUgVlBOIGludGVyZmFjZSAqaXMqIGEgCmRlZmF1bHQgcm91dGUsIGJ1dCB0aGF0IGNvdWxkIGJl IHNvbHZlZCBieSBtYWtpbmcgaXQgdGhlICpvbmx5KiBkZWZhdWx0IApyb3V0ZSwgd2hpY2ggaXMg ZGVzaXJhYmxlIGluIGdlbmVyYWwgc28gdGhhdCBpZiB0aGUgVlBOIGludGVyZmFjZSBpcyAKdGVt cG9yYXJpbHkgb2ZmbGluZSBwYWNrZXRzIG1lYW50IHRvIGJlIHNlbnQgdmlhIHRoZSBWUE4gZG9u J3QgdXNlIHNvbWUgCm90aGVyIGludGVyZmFjZS4KCldoYXQncyBsZWZ0IG9mIHRoZSBhdHRhY2sg YWZ0ZXIgdGhhdCBpcyBiZWluZyBhYmxlIHRvIGRldGVybWluZSB0aGUgSVAgCmFkZHJlc3MgYXNz aWduZWQgdG8gYW5vdGhlciBpbnRlcmZhY2UgbGlrZSB0aGUgVlBOIGludGVyZmFjZS4gVGhhdCBv bmUncyAKaGFyZCBiZWNhdXNlIGl0J3Mgb2Z0ZW4gbGVnaXRpbWF0ZSAtLSBpZiB5b3UgaGF2ZSBh IG11bHRpLWhvbWVkIHJvdXRlciAKYW5kIGFuIGludGVybmFsIGhvc3QgdHJpZXMgdG8gY29ubmVj dCB0byB0aGUgcHVibGljIGFkZHJlc3Mgb2YgdGhlIApleHRlcm5hbCBpbnRlcmZhY2UsIHlvdSBn ZW5lcmFsbHkgd2FudCBpdCB0byBhY3R1YWxseSB3b3JrLiBJdCdzIGFsc28gCm5vdCBjbGVhciBp ZiBpdCdzIGEgaHVnZSBwcm9ibGVtIG9uIGl0cyBvd24sIHBhcnRpY3VsYXJseSBzaW5jZSB5b3Ug Y2FuIApzdGlsbCBzb2x2ZSBpdCB3aXRoIGEgZmlyZXdhbGwgcnVsZSBpbiBjYXNlcyB3aGVyZSBp dCdzIGNvbnNpZGVyZWQgCnByb2JsZW1hdGljLgoKQWx0aG91Z2ggd2UgZG8gaGF2ZSB0aGlzIHRl eHQgZnJvbSB0aGUgYW5ub3VuY2VtZW50OiAiQWxzbywKZXZlbiB3aXRoIHJldmVyc2UgcGF0aCBm aWx0ZXJpbmcgb24gc3RyaWN0IG1vZGUsIHRoZSBmaXJzdCB0d28gcGFydHMgb2YKdGhlIGF0dGFj ayBjYW4gYmUgY29tcGxldGVkLCBhbGxvd2luZyB0aGUgQVAgdG8gbWFrZSBpbmZlcmVuY2VzIGFi b3V0CmFjdGl2ZSBjb25uZWN0aW9ucywgYW5kIHdlIGJlbGlldmUgaXQgbWF5IGJlIHBvc3NpYmxl IHRvIGNhcnJ5IG91dCB0aGUKZW50aXJlIGF0dGFjaywgYnV0IGhhdmVu4oCZdCBhY2NvbXBsaXNo ZWQgdGhpcyB5ZXQuIiBEb2VzIGFueWJvZHkgc2VlIGhvdyAKdGhhdCB3b3VsZCB3b3JrPyBJbiBy cGZpbHRlciBzdHJpY3QgbW9kZSBhIHNwb29mZWQgcGFja2V0IGZvciBhIApjb25uZWN0aW9uIHJv dXRlZCB2aWEgdGhlIFZQTiBpbnRlcmZhY2Ugd2hpY2ggaXMgcmVjZWl2ZWQgdmlhIHNvbWUgb3Ro ZXIgCmludGVyZmFjZSBzaG91bGQgYmUgZHJvcHBlZCBiZWZvcmUgZ2l2aW5nIGFueSBpbmRpY2F0 aW9uIHdoZXRoZXIgaXQncyAKZm9yIGFuIGFjdGl2ZSBjb25uZWN0aW9uLCBzaG91bGRuJ3QgaXQ/ Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCldpcmVHdWFy ZCBtYWlsaW5nIGxpc3QKV2lyZUd1YXJkQGxpc3RzLnp4MmM0LmNvbQpodHRwczovL2xpc3RzLnp4 MmM0LmNvbS9tYWlsbWFuL2xpc3RpbmZvL3dpcmVndWFyZAo=