Announcement

Collapse
No announcement yet.

New & Much Improved WireGuard Implementation Comes To FreeBSD

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • New & Much Improved WireGuard Implementation Comes To FreeBSD

    Phoronix: New & Much Improved WireGuard Implementation Comes To FreeBSD

    Towards the end of last year FreeBSD imported a WireGuard kernel module. That initial WireGuard port to FreeBSD was sponsored by firewall company Netgate but the code quality was found to be poor and made without much involvement from upstream WireGuard developers. That FreeBSD WireGuard kernel code is now in the process of being replaced by a much better implementation...

    https://www.phoronix.com/scan.php?pa...-New-WireGuard

  • #2
    Nice to hear about such collaborations. It's only when people co-operate and prioritise a particular project that it's possible to quickly implement something

    Comment


    • #3
      The guy who wrote the buggy code got angry......

      https://lists.zx2c4.com/pipermail/wi...ch/006499.html

      Comment


      • #4
        To be fair, very harsh words were used in the announcement email to describe the previous implementation. The reaction from the commercial company who employs the original developers does not seem unexpected to me...

        Comment


        • #5
          This looks like political and immature behaviour from my point of view.

          WireGuard dev isn't happy because Netgate dev doesn't include WireGuard in the original implementation.
          WireGuard dev then does exactly what Netgate dev was accused of and does not let Netgate know about the problems in the code and develops the new implementation without notifying Netgate.

          Now both are unhappy and have reason to be. Discussion takes a turn towards pfSense vs OPNsense crap from 2017 and "No you started it" rhetoric. Clearly this is not a new thing. The real problem is much worse than it was and could have been avoidable by either one of the parties involved.

          Personally I feel lucky that I have not started to use any WireGuard connections in FreeBSD even though I'm using FreeBSD. You would think that professionals working in security industry would know better. Fixing security issues should not be a frantic drop everything that you are busy with and patch upstream development branch ASAP. There should be procedures in place already. FreeBSD is also to blame for not following industry standard practice. The timing was extremely bad.

          Sadly there's not much to learn from these mistakes because it has happened in so many before in other cases. Professionals have handled much bigger problems much more gracefully in the past. Still there's a tremendous amount of work that was put in by both parties. I do hope that over time they are able to mend the damaged relationships and move on. This is clearly a lose-lose situation.

          Comment


          • #6
            Originally posted by gggeek View Post
            To be fair, very harsh words were used in the announcement email to describe the previous implementation. The reaction from the commercial company who employs the original developers does not seem unexpected to me...
            When NetGate handled things the way they did I'm not surprised Jason said what he did. NetGate has a history of handling things poorly.

            Comment


            • #7
              Originally posted by fabiohl View Post
              The guy who wrote the buggy code got angry......

              https://lists.zx2c4.com/pipermail/wi...ch/006499.html
              Doesn't like being called on their half assed cobbled together code. If they had worked together as a team instead of tossing some crappy code into the tree it wouldn't have happened. The implementation for NetBSD oddly enough was handled in a similar manner.

              Comment

              Working...
              X