summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2020-02-04device: fix private key removal logicJason A. Donenfeld
2020-02-04uapi: allow unsetting device private key with /dev/nullJason A. Donenfeld
2020-01-21version: bump snapshotJason A. Donenfeld
2020-01-15tun: darwin: ignore ENOMEM errorsJason A. Donenfeld
Coauthored-by: Andrej Mihajlov <and@mullvad.net>
2020-01-07tun: windows: serialize write callsJason A. Donenfeld
2019-12-30README: update repo urlsJason A. Donenfeld
2019-11-28device: SendmsgN mutates the input sockaddrJason A. Donenfeld
So we take a new granular lock to prevent concurrent writes from racing. WARNING: DATA RACE Write at 0x00c0011f2740 by goroutine 27: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.(*Device).RoutineReadFromTUN() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:318 +0x4b8 Previous write at 0x00c0011f2740 by goroutine 386: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.expiredRetransmitHandshake() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:110 +0x40c golang.zx2c4.com/wireguard/device.(*Peer).NewTimer.func1() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:42 +0xd8 Goroutine 27 (running) created at: golang.zx2c4.com/wireguard/device.NewDevice() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/device.go:322 +0x5e8 main.main() /go/src/x/main.go:102 +0x58e Goroutine 386 (finished) created at: time.goFunc() /usr/local/go/src/time/sleep.go:168 +0x51 Reported-by: Ben Burkert <ben@benburkert.com>
2019-11-22wintun: manage ring memory manuallyJason A. Donenfeld
It's large and Go's garbage collector doesn't deal with it especially well.
2019-10-30constants: recalculate rekey max based on a one minute floodJason A. Donenfeld
Discussed-with: Mathias Hall-Andersen <mathias@hall-andersen.dk>
2019-10-22global: fix a few typos courtesy of codespellJonathan Tooker
Signed-off-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
2019-10-21device: allow blackholing socketsJason A. Donenfeld
2019-10-21device: remove dead error reporting codeJason A. Donenfeld
2019-10-21namespaceapi: remove tasteless commentJason A. Donenfeld
2019-10-17device: recheck counters while holding write lockJason A. Donenfeld
2019-10-17wintun: normalize variable names for their typesJason A. Donenfeld
2019-10-17wintun: quickly ignore non-Wintun devicesAvery Pennarun
Some devices take ~2 seconds to enumerate on Windows if we try to get their instance name. The hardware id property, on the other hand, is available right away. Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: inlined this to where it makes sense, reused setupapi const]
2019-10-17tun: match windows CreateTUN signature to the Linux variantAvery Pennarun
Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: fix default value]
2019-10-17rwcancel: handle EINTR and EAGAIN in unixSelect()Avery Pennarun
On my Chromebook (Linux 4.19.44 in a VM) and on an AWS EC2 machine, select() was sometimes returning EINTR. This is harmless and just means you should try again. So let's try again. This eliminates a problem where the tunnel fails to come up correctly and the program needs to be restarted. Signed-off-by: Avery Pennarun <apenwarr@gmail.com>
2019-10-16device: test packets between two fake devicesDavid Crawshaw
Signed-off-by: David Crawshaw <crawshaw@tailscale.io>
2019-10-12version: bump snapshotJason A. Donenfeld
2019-10-08Makefile: remove v prefixJason A. Donenfeld
2019-10-08wintun: expose versionJason A. Donenfeld
2019-10-04uapi: allow preventing creation of new peers when updatingJason A. Donenfeld
This enables race-free updates for wg-dynamic and similar tools. Suggested-by: Thomas Gschwantner <tharre3@gmail.com>
2019-10-04mod: bump versionsJason A. Donenfeld
2019-09-16winpipe: use x/sys/windows instead of syscallJason A. Donenfeld
2019-09-16wintun: use correct length for security attributesJason A. Donenfeld
2019-09-08tun: windows: unify error message formatJason A. Donenfeld
2019-09-08version: bump snapshotJason A. Donenfeld
2019-09-08main: simplify warningsJason A. Donenfeld
2019-09-07tun: openbsd: check for interface already being upJason A. Donenfeld
In some cases, we operate on an already-up interface, or the user brings up the interface before we start monitoring. For those situations, we should first check if the interface is already up. This still technically races between the initial check and the start of the route loop, but fixing that is a bit ugly and probably not worth it at the moment. Reported-by: Theo Buehler <tb@theobuehler.org>
2019-09-05namespaceapi: AddSIDToBoundaryDescriptor modifies the handleJason A. Donenfeld
2019-09-01wintun: take mutex first alwaysJason A. Donenfeld
This prevents an ABA deadlock with setupapi's internal locks.
2019-09-01wintun: consider abandoned mutexes as releasedJason A. Donenfeld
2019-08-31ipc: windows: use protected prefixJason A. Donenfeld
2019-08-30winpipe: enforce ownership of client connectionJason A. Donenfeld
2019-08-30wintun: put mutex into private namespaceJason A. Donenfeld
2019-08-30namespaceapi: fix mistakeJason A. Donenfeld
2019-08-30namespaceapi: initial versionSimon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-30wintun: take mutex so that deletion uses the right nameJason A. Donenfeld
2019-08-29wintun: move ring constants into moduleJason A. Donenfeld
2019-08-29wintun: delete all interfaces is not used anymoreJason A. Donenfeld
2019-08-29wintun: Wintun->InterfaceJason A. Donenfeld
2019-08-29wintun: keep reference to pool in wintun objectJason A. Donenfeld
2019-08-29wintun: introduce adapter poolsSimon Rozman
This makes wintun package reusable for non-WireGuard applications. Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-28wintun: simplify rename logicJason A. Donenfeld
2019-08-28wintun: give better errors when ndis interface listing failsJason A. Donenfeld
2019-08-28wintun: also check for numbered suffix and friendly nameJason A. Donenfeld
2019-08-28wintun: upgrade deleting all interfaces and make it reusableSimon Rozman
DeleteAllInterfaces() didn't check if SPDRP_DEVICEDESC == "WireGuard Tunnel". It deleted _all_ Wintun adapters, not just WireGuard's. Furthermore, the DeleteAllInterfaces() was upgraded into a new function called DeleteMatchingInterfaces() for selectively deletion. This will be used by WireGuard to clean stale Wintun adapters. Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-27wintun: cleanup earlierJason A. Donenfeld
2019-08-27wintun: rename duplicate adapters instead of ourselvesJason A. Donenfeld