Add WireGuard support

[jerbmega]

WireGuard is a fairly new VPN protocol which is faster and more secure than OpenVPN. The VPN I use on a daily basis has WireGuard servers in testing, which work quite well on my desktop- but starting today WireGuard now has official Android support as well, and from the looks of things, it's quite easy to integrate into existing ROMs.

https://forum.xda-developers.com/android/development/wireguard-rom-integration-t3711635

[lambdadroid]

According to the thread, it should be also working (with slightly reduced performance) without any changes to the kernel using a separate user space implementation. Have you tried if it is working? Just curious.

[jerbmega]

Said userspace implementation hasn't been released yet, unfortunately.

[lambdadroid]

Don't worry! The project looks promising, I will check how much effort is required to integrate it into the kernel for the next version.

[lambdadroid]

@jerbear64 I've compiled a test build with WireGuard support included. Could you test if it is working correctly? I don't have any VPN to test with right now. To test it:

• Make a backup of your data.
• Make a factory reset.
• Install the ZIP from https://drive.google.com/uc?id=1dC8OQnyEaLfELlHIH4zOixbmTxfzOTDS&export=downloads

Since it's a development build you cannot flash it over your main installation, so make sure you make a backup and a factory reset. I don't recommend you stay on this build after testing, if everything is working I'll release a proper build with WireGuard support within the next 2 weeks.

[jerbmega]

Success! I took the configuration file from my PC and modified it a bit to use the public/private SSH keys for my tablet. After that, I used the Mullvad provided shell script to assign a local IP to the new public key, which I then placed in the configuration file, and imported the configuration in the app. It works just fine.

Keep in mind that the screenshot says "at risk" due to WebRTC being enabled in the Lineage stock browser. It appears Wireguard is immune to WebRTC leaks anyways as the test website grabbed the VPN's IP as the external one, and the VPN's local IP assigned to my tablet as the internal one.