Merge pull request #1 from NordSecurity/neptun_renaming

Rename BoringTun to NepTUN

.github/workflows/linters.yml

@@ -21,7 +21,7 @@ jobs:
         - os: macos-12
           packages: ""
         - os: windows-2022
-          packages: "-p boringtun"
+          packages: "-p neptun"
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
@@ -38,7 +38,7 @@ jobs:
         - os: macos-12
           packages: ""
         - os: windows-2022
-          packages: -p boringtun
+          packages: -p neptun
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

.github/workflows/tests.yml

@@ -12,7 +12,7 @@ jobs:
           - os: macos-12
             packages: ""
           - os: windows-2022
-            packages: -p boringtun
+            packages: -p neptun
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
@@ -39,4 +39,4 @@ jobs:
     steps:
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - uses: actions-rs/toolchain@b2417cde72dcf67f306c0ae8e0828a81bf0b189f # v1.0.6
-    - run: cargo bench -p boringtun --no-run
+    - run: cargo bench -p neptun --no-run

CONTRIBUTING.md

@@ -0,0 +1,32 @@
+# Contributing
+We happily accept both issues and pull requests for bug reports, bug fixes, feature requests, features implementations and documentation improvements.
+
+For new features we recommend that you create an issue first so the feature can be discussed and to prevent unnecessary work in case it's not a feature we want to support. Although, we do realize that sometimes code needs to be in place to allow for a meaningful discussion so creating an issue upfront is not a requirement.
+
+## Building and testing
+The steps for how to build and test NepTUN are described in the [README](README.md)
+
+## PR workflow
+We want to get your changes merged as fast as possible, and we know you want that too. To help with this there are a few things you can do to speed up the process:
+
+### Build, test and lint locally
+The local feedback cycle is faster than waiting for the CI. Make sure your changes can be built locally and that tests, rustfmt and clippy all pass locally. A green CI is a happy CI.
+
+### PR Hygiene
+On top of the CI being green, every PR will go through code review, and you can help us speed up the review process by making your PR easier to review. Here are some guidelines:
+
+**Small PRs are easier to review than big PRs**, so try to keep your PRs small and focused. To achieve that, try to make sure you PR doesn't contain multiple unrelated changes and if you are doing some bigger feature work, try to split the work into multiple smaller PRs that solve the problem together.
+
+**A clean history can make things easier**. Some PRs are easier to review commit-by-commit, rather than looking at the full changelist in one go. To enable that, prefer `rebase` over `merge` when updating your branch. Keeping PRs small and short-lived will also help keep your history clean since there's less time for upstream to change that much.
+
+## Licensing
+NepTUN is released under 3-Clause BSD License. For more details please refer to [LICENSE.md](LICENSE.md).
+
+## Contributing Documents
+Before we can accept your pull request we may need you to submit documents (e.g., DCO, CLA) that either be provided automatically or manually by us.
+In any case, we will guide you through and provide you with the support, if needed.
+
+## Code of conduct
+Nord Security and all of it's projects adhere to the [Contributor Covenant Code of Conduct](https://github.com/NordSecurity/.github/blob/master/CODE_OF_CONDUCT.md). When participating, you are expected to honor this code.
+
+## Thank you!

Cargo.toml

@@ -1,6 +1,6 @@
 [workspace]
 resolver = "2"
-members = ["boringtun", "boringtun-cli"]
+members = ["neptun", "neptun-cli"]
 
 [profile.release]
 lto = true        # Enable full link-time optimization.

LICENSE.md

@@ -1,4 +1,5 @@
-Copyright (c) 2019 Cloudflare, Inc. All rights reserved.
+Copyright (c) 2024 Nord Security. All rights reserved.
+Copyright (c) 2019-2024 Cloudflare, Inc. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
 

README.md

@@ -1,50 +1,29 @@
-![boringtun logo banner](./banner.png)
+# NepTUN
 
-# BoringTun
-
-## Warning
-Boringtun is currently undergoing a restructuring. You should probably not rely on or link to 
-the master branch right now. Instead you should use the crates.io page.
-
-- boringtun: [![crates.io](https://img.shields.io/crates/v/boringtun.svg)](https://crates.io/crates/boringtun)
-- boringtun-cli [![crates.io](https://img.shields.io/crates/v/boringtun-cli.svg)](https://crates.io/crates/boringtun-cli)
-
-**BoringTun** is an implementation of the [WireGuard<sup>®</sup>](https://www.wireguard.com/) protocol designed for portability and speed.
-
-**BoringTun** is successfully deployed on millions of [iOS](https://apps.apple.com/us/app/1-1-1-1-faster-internet/id1423538627) and [Android](https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone&hl=en_US) consumer devices as well as thousands of Cloudflare Linux servers. 
+**NepTUN** is an implementation of the [WireGuard<sup>®</sup>](https://www.wireguard.com/) protocol designed for portability and speed.
 
 The project consists of two parts:
-
-* The executable `boringtun-cli`, a [userspace WireGuard](https://www.wireguard.com/xplatform/) 
-  implementation for Linux and macOS.
-* The library `boringtun` that can be used to implement fast and efficient WireGuard client apps on various platforms, including iOS and Android. It implements the underlying WireGuard protocol, without the network or tunnel stacks, those can be implemented in a platform idiomatic way.
-
-### Installation
-
-You can install this project using `cargo`:
-
-```
-cargo install boringtun-cli
-```
+* The executable `neptun-cli`, a [userspace WireGuard](https://www.wireguard.com/xplatform/) implementation for Linux and macOS.
+* The library `neptun` that can be used to implement fast and efficient WireGuard client apps on various platforms, including iOS and Android. It implements the underlying WireGuard protocol, without the network or tunnel stacks, those can be implemented in a platform idiomatic way.
 
 ### Building
 
 - Library only: `cargo build --lib --no-default-features --release [--target $(TARGET_TRIPLE)]`
-- Executable: `cargo build --bin boringtun-cli --release [--target $(TARGET_TRIPLE)]`
+- Executable: `cargo build --bin neptun-cli --release [--target $(TARGET_TRIPLE)]`
 
-By default the executable is placed in the `./target/release` folder. You can copy it to a desired location manually, or install it using `cargo install --bin boringtun --path .`.
+By default the executable is placed in the `./target/release` folder. You can copy it to a desired location manually, or install it using `cargo install --bin neptun --path .`.
 
 ### Running
 
 As per the specification, to start a tunnel use:
 
-`boringtun-cli [-f/--foreground] INTERFACE-NAME`
+`neptun-cli [-f/--foreground] INTERFACE-NAME`
 
 The tunnel can then be configured using [wg](https://git.zx2c4.com/WireGuard/about/src/tools/man/wg.8), as a regular WireGuard tunnel, or any other tool.
 
-It is also possible to use with [wg-quick](https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8) by setting the environment variable `WG_QUICK_USERSPACE_IMPLEMENTATION` to `boringtun`. For example:
+It is also possible to use with [wg-quick](https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8) by setting the environment variable `WG_QUICK_USERSPACE_IMPLEMENTATION` to `neptun`. For example:
 
-`sudo WG_QUICK_USERSPACE_IMPLEMENTATION=boringtun-cli WG_SUDO=1 wg-quick up CONFIGURATION`
+`sudo WG_QUICK_USERSPACE_IMPLEMENTATION=neptun-cli WG_SUDO=1 wg-quick up CONFIGURATION`
 
 ### Testing
 
@@ -74,24 +53,14 @@ arm-linux-androideabi         |      | ✓    |
 
 `x86-64`, `aarch64` and `armv7` architectures are supported. The behaviour should be identical to that of [wireguard-go](https://git.zx2c4.com/wireguard-go/about/), with the following difference:
 
-`boringtun` will drop privileges when started. When privileges are dropped it is not possible to set `fwmark`. If `fwmark` is required, such as when using `wg-quick`, run with `--disable-drop-privileges` or set the environment variable `WG_SUDO=1`.
+`neptun` will drop privileges when started. When privileges are dropped it is not possible to set `fwmark`. If `fwmark` is required, such as when using `wg-quick`, run with `--disable-drop-privileges` or set the environment variable `WG_SUDO=1`.
 
-You will need to give the executable the `CAP_NET_ADMIN` capability using: `sudo setcap cap_net_admin+epi boringtun`. sudo is not needed.
+You will need to give the executable the `CAP_NET_ADMIN` capability using: `sudo setcap cap_net_admin+epi neptun`. sudo is not needed.
 
 #### macOS
 
 The behaviour is similar to that of [wireguard-go](https://git.zx2c4.com/wireguard-go/about/). Specifically the interface name must be `utun[0-9]+` for an explicit interface name or `utun` to have the kernel select the lowest available. If you choose `utun` as the interface name, and the environment variable `WG_TUN_NAME_FILE` is defined, then the actual name of the interface chosen by the kernel is written to the file specified by that variable.
 
----
-
-#### FFI bindings
-
-The library exposes a set of C ABI bindings, those are defined in the `wireguard_ffi.h` header file. The C bindings can be used with C/C++, Swift (using a bridging header) or C# (using [DLLImport](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.dllimportattribute?view=netcore-2.2) with [CallingConvention](https://docs.microsoft.com/en-us/dotnet/api/system.runtime.interopservices.dllimportattribute.callingconvention?view=netcore-2.2) set to `Cdecl`).
-
-#### JNI bindings
-
-The library exposes a set of Java Native Interface bindings, those are defined in `src/jni.rs`.
-
 ## License
 
 The project is licensed under the [3-Clause BSD License](https://opensource.org/licenses/BSD-3-Clause).
@@ -104,5 +73,9 @@ If you want to contribute to this project, please read our [`CONTRIBUTING.md`].
 
 [`CONTRIBUTING.md`]: https://github.com/cloudflare/.github/blob/master/CONTRIBUTING.md
 
+## Acknowledgements
+
+This project is based on the [BoringTun](https://github.com/cloudflare/boringtun) project by Cloudflare.
+
 ---
-<sub><sub><sub><sub>WireGuard is a registered trademark of Jason A. Donenfeld. BoringTun is not sponsored or endorsed by Jason A. Donenfeld.</sub></sub></sub></sub>
+<sub><sub><sub><sub>WireGuard is a registered trademark of Jason A. Donenfeld. NepTUN is not sponsored or endorsed by Jason A. Donenfeld.</sub></sub></sub></sub>

boringtun-cli/Cargo.toml → neptun-cli/Cargo.toml

@@ -1,11 +1,10 @@
 [package]
-name = "boringtun-cli"
+name = "neptun-cli"
 description = "an implementation of the WireGuard® protocol designed for portability and speed"
 version = "0.6.0"
 authors = ["Noah Kennedy <nkennedy@cloudflare.com>", "Andy Grover <agrover@cloudflare.com>", "Jeff Hiner <jhiner@cloudflare.com>"]
 license = "BSD-3-Clause"
-repository = "https://github.com/cloudflare/boringtun"
-documentation = "https://docs.rs/boringtun/0.5.2/boringtun/"
+repository = "https://github.com/nordsecurity/neptun"
 edition = "2021"
 
 [dependencies]
@@ -15,7 +14,7 @@ tracing = "0.1.31"
 tracing-subscriber = "0.3.18"
 tracing-appender = "0.2.1"
 
-[dependencies.boringtun]
+[dependencies.neptun]
 version = "0.6.0"
-path = "../boringtun"
+path = "../neptun"
 features = ["device"]

boringtun-cli/src/main.rs → neptun-cli/src/main.rs

@@ -1,10 +1,11 @@
-// Copyright (c) 2019 Cloudflare, Inc. All rights reserved.
+// Copyright (c) 2024 Nord Security. All rights reserved.
+// Copyright (c) 2019-2024 Cloudflare, Inc. All rights reserved.
 // SPDX-License-Identifier: BSD-3-Clause
 
-use boringtun::device::drop_privileges::drop_privileges;
-use boringtun::device::{DeviceConfig, DeviceHandle};
 use clap::{value_parser, Arg, Command};
 use daemonize::{Daemonize, Outcome, Parent};
+use neptun::device::drop_privileges::drop_privileges;
+use neptun::device::{DeviceConfig, DeviceHandle};
 use std::fs::File;
 use std::os::unix::net::UnixDatagram;
 use std::path::PathBuf;
@@ -15,7 +16,7 @@ use tracing::Level;
 fn check_tun_name(name: &str) -> Result<String, String> {
     #[cfg(any(target_os = "macos", target_os = "ios"))]
     {
-        if boringtun::device::tun::parse_utun_name(name).is_ok() {
+        if neptun::device::tun::parse_utun_name(name).is_ok() {
             Ok(name.to_owned())
         } else {
             Err("Tunnel name must have the format 'utun[0-9]+', use 'utun' for automatic assignment".to_owned())
@@ -28,7 +29,7 @@ fn check_tun_name(name: &str) -> Result<String, String> {
 }
 
 fn main() {
-    let matches = Command::new("boringtun")
+    let matches = Command::new("neptun")
         .version(env!("CARGO_PKG_VERSION"))
         .author("Vlad Krasnov <vlad@cloudflare.com>")
         .args(&[
@@ -77,7 +78,7 @@ fn main() {
                 .env("WG_LOG_FILE")
                 .value_parser(value_parser!(PathBuf))
                 .help("Log file")
-                .default_value("/tmp/boringtun.out"),
+                .default_value("/tmp/neptun.out"),
             Arg::new("disable-drop-privileges")
                 .long("disable-drop-privileges")
                 .env("WG_SUDO")
@@ -136,18 +137,18 @@ fn main() {
             })) => {
                 let mut b = [0u8; 1];
                 if sock2.recv(&mut b).is_ok() && b[0] == 1 {
-                    println!("BoringTun started successfully");
+                    println!("NepTUN started successfully");
                     exit(first_child_exit_code)
                 } else {
-                    eprintln!("BoringTun failed to start");
+                    eprintln!("NepTUN failed to start");
                     exit(1);
                 };
             }
             Outcome::Parent(Err(err)) => {
                 eprintln!("Failed to fork process: {err}");
                 exit(1);
             }
-            Outcome::Child(Ok(_)) => tracing::info!("BoringTun started successfully"),
+            Outcome::Child(Ok(_)) => tracing::info!("NepTUN started successfully"),
             Outcome::Child(Err(err)) => {
                 tracing::error!(error = ?err);
                 exit(1);
@@ -168,7 +169,7 @@ fn main() {
         #[cfg(target_os = "linux")]
         use_multi_queue: !matches.get_flag("disable-multi-queue"),
         open_uapi_socket: false,
-        protect: Arc::new(boringtun::device::MakeExternalBoringtunNoop),
+        protect: Arc::new(neptun::device::MakeExternalNeptunNoop),
         firewall_process_inbound_callback: None,
         firewall_process_outbound_callback: None,
     };
@@ -195,7 +196,7 @@ fn main() {
     sock1.send(&[1]).unwrap();
     drop(sock1);
 
-    tracing::info!("BoringTun started successfully");
+    tracing::info!("NepTUN started successfully");
 
     device_handle.wait();
 }

boringtun/Cargo.toml → neptun/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "boringtun"
+name = "neptun"
 description = "an implementation of the WireGuard® protocol designed for portability and speed"
 version = "0.6.0"
 authors = [
@@ -8,7 +8,6 @@ authors = [
     "Jeff Hiner <jhiner@cloudflare.com>",
 ]
 license = "BSD-3-Clause"
-documentation = "https://docs.rs/boringtun/0.5.2/boringtun/"
 edition = "2018"
 
 [features]