summaryrefslogtreecommitdiffhomepage
path: root/tun
AgeCommit message (Collapse)Author
2021-01-13tun: add tcpip stack tunnel abstractionJason A. Donenfeld
This allows people to initiate connections over WireGuard without any underlying operating system support. I'm not crazy about the trash it adds to go.sum, but the code this actually adds to the binaries seems contained to the gvisor repo. For the TCP/IP implementation, it uses gvisor. And it borrows some internals from the Go standard library's resolver in order to bring Dial and DialContext to tun_net, along with the LookupHost helper function. This allows for things like HTTP2-over-TLS to work quite well: package main import ( "io" "log" "net" "net/http" "golang.zx2c4.com/wireguard/device" "golang.zx2c4.com/wireguard/tun" ) func main() { tun, tnet, err := tun.CreateNetTUN([]net.IP{net.ParseIP("192.168.4.29")}, []net.IP{net.ParseIP("8.8.8.8"), net.ParseIP("8.8.4.4")}, 1420) if err != nil { log.Panic(err) } dev := device.NewDevice(tun, &device.Logger{log.Default(), log.Default(), log.Default()}) dev.IpcSet(`private_key=a8dac1d8a70a751f0f699fb14ba1cff7b79cf4fbd8f09f44c6e6a90d0369604f public_key=25123c5dcd3328ff645e4f2a3fce0d754400d3887a0cb7c56f0267e20fbf3c5b endpoint=163.172.161.0:12912 allowed_ip=0.0.0.0/0 `) dev.Up() client := http.Client{ Transport: &http.Transport{ DialContext: tnet.DialContext, }, } resp, err := client.Get("https://www.zx2c4.com/ip") if err != nil { log.Panic(err) } body, err := io.ReadAll(resp.Body) if err != nil { log.Panic(err) } log.Println(string(body)) } Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-01-07memmod: apply explicit build tags to _32 and _64 filesJason A. Donenfeld
Since _32 and _64 aren't valid goarchs, they don't match _GOOS_GOARCH, and so the existing tags wind up not being restricted to windows-only. This fixes the problem by adding windows to the tags explicitly. We could also fix it by calling the files _32_windows or _64_windows, but that changes the convention with the other single-arch files. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-01-07tun: make customization of WintunPool and requested GUID more obviousJason A. Donenfeld
Persnickety consumers can now do: func init() { tun.WintunPool, _ = wintun.MakePool("Flurp") tun.WintunStaticRequestedGUID, _ = windows.GUIDFromString("{5ae2716f-0b3e-4dc4-a8b5-48eba11a6e16}") } Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-01-07all: use ++ to incrementJosh Bleecher Snyder
Make the code slightly more idiomatic. No functional changes. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-01-07wintun: do not load dll in init()Jason A. Donenfeld
This prevents linking to wintun.dll until it's actually needed, which should improve startup time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-01-07tun/tuntest: make genICMPv4 allocate lessJosh Bleecher Snyder
It doesn't really matter, because it is only used in tests, but it does remove some noise from pprof profiles. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2020-11-27memmod: fix import loading function usageJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-11-25wintun: log when reboot is suggested by WindowsSimon Rozman
Which really shouldn't happen. But it is a useful information for troubleshooting. Signed-off-by: Simon Rozman <simon@rozman.si>
2020-11-25wintun: keep original error when Wintun session start failsSimon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-11-11wintun: load from filesystem by defaultJason A. Donenfeld
We let people loading this from resources opt in via: go build -tags load_wintun_from_rsrc Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-11-07global: switch to using %w instead of %v for ErrorfJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-11-07wintun: ring management moved to wintun.dllSimon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-11-07wintun: load wintun.dll from RCDATA resourceSimon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-11-07wintun: migrate to wintun.dll APISimon Rozman
Rather than having every application using Wintun driver reinvent the wheel, the Wintun device/adapter/interface management has been moved from wireguard-go to wintun.dll deployed with Wintun itself. Signed-off-by: Simon Rozman <simon@rozman.si>
2020-10-27tun: use SockaddrCtl from golang.org/x/sys/unix on macOSTobias Klauser
Direct syscalls using unix.Syscall(unix.SYS_*, ...) are discouraged on macOS and might not be supported in future versions. Switch to use unix.Connect with unix.SockaddrCtl instead. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-27tun: use Ioctl{Get,Set}IfreqMTU from golang.org/x/sys/unix on macOSTobias Klauser
Direct syscalls using unix.Syscall(unix.SYS_*, ...) are discouraged on macOS and might not be supported in future versions. Switch to use unix.Ioctl{Get,Set}IfreqMTU to get and set an interface's MTU. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-27tun: use IoctlCtlInfo from golang.org/x/sys/unix on macOSTobias Klauser
Direct syscalls using unix.Syscall(unix.SYS_*, ...) are discouraged on macOS and might not be supported in future versions. Switch to use unix.IoctlCtlInfo to get the kernel control info. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-27tun: use GetsockoptString in (*NativeTun).Name on macOSTobias Klauser
Direct syscalls using unix.Syscall(unix.SYS_*, ...) are discouraged on macOS and might not be supported in future versions. Instead, use the existing unix.GetsockoptString wrapper to get the interface name. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-21tun/wintun/registry: fix Go 1.15 race/checkptr failureBrad Fitzpatrick
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> [Jason: ran go mod tidy.] Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-05-02global: update header comments and modulesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-05-02wintun: make remaining HWID comparisons case insensitiveSimon Rozman
c85e4a410f27986a2967a49c0155633c716bf3ca introduced preliminary HWID checking to speed up Wintun adapter enumeration. However, all HWID are case insensitive by Windows convention. Furthermore, a device might have multiple HWIDs. When DevInfo's DeviceRegistryProperty(SPDRP_HARDWAREID) method returns []string, all strings returned should be checked against given hardware ID. This issue was discovered when researching Wintun and wireguard-go on Windows 10 ARM64. The Wintun adapter was created using devcon.exe utility with "wintun" hardware ID, causing wireguard-go fail to enumerate the adapter properly. Signed-off-by: Simon Rozman <simon@rozman.si>
2020-05-02setupapi: extend struct size constant definitions for arm(64)Simon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si>
2020-05-02tun: return a better error message if /dev/net/tun doesn't existBrad Fitzpatrick
It was just returning "no such file or directory" (the String of the syscall.Errno returned by CreateTUN). Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-02tun: NetlinkListener: don't send EventDown before sending EventUpAvery Pennarun
This works around a startup race condition when competing with HackListener, which is trying to do the same job. If HackListener detects that the tundev is running while there is still an event in the netlink queue that says it isn't running, then the device receives a string of events like EventUp (HackListener) EventDown (NetlinkListener) EventUp (NetlinkListener) Unfortunately, after the first EventDown, the device stops itself, thinking incorrectly that the administrator has downed its tundev. The device is ignoring the initial EventDown anyway, so just don't emit it. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
2020-05-02tuntest: split out testing packageDavid Crawshaw
This code is useful to other packages writing tests. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
2020-05-02tun: fix data race on name fieldBrad Fitzpatrick
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-02tun: remove unused isUp methodBrad Fitzpatrick
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2020-05-02wintun: split error message for create vs open namespace.Avery Pennarun
Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
2020-03-17global: use RTMGRP_* consts from x/sys/unixTobias Klauser
Update the golang.org/x/sys/unix dependency and use the newly introduced RTMGRP_* consts instead of using the corresponding RTNLGRP_* const to create a mask. Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
2020-01-15tun: darwin: ignore ENOMEM errorsJason A. Donenfeld
Coauthored-by: Andrej Mihajlov <and@mullvad.net>
2020-01-07tun: windows: serialize write callsJason A. Donenfeld
2019-11-22wintun: manage ring memory manuallyJason A. Donenfeld
It's large and Go's garbage collector doesn't deal with it especially well.
2019-10-22global: fix a few typos courtesy of codespellJonathan Tooker
Signed-off-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
2019-10-21namespaceapi: remove tasteless commentJason A. Donenfeld
2019-10-17wintun: normalize variable names for their typesJason A. Donenfeld
2019-10-17wintun: quickly ignore non-Wintun devicesAvery Pennarun
Some devices take ~2 seconds to enumerate on Windows if we try to get their instance name. The hardware id property, on the other hand, is available right away. Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: inlined this to where it makes sense, reused setupapi const]
2019-10-17tun: match windows CreateTUN signature to the Linux variantAvery Pennarun
Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: fix default value]
2019-10-08wintun: expose versionJason A. Donenfeld
2019-10-04mod: bump versionsJason A. Donenfeld
2019-09-16winpipe: use x/sys/windows instead of syscallJason A. Donenfeld
2019-09-16wintun: use correct length for security attributesJason A. Donenfeld
2019-09-08tun: windows: unify error message formatJason A. Donenfeld
2019-09-07tun: openbsd: check for interface already being upJason A. Donenfeld
In some cases, we operate on an already-up interface, or the user brings up the interface before we start monitoring. For those situations, we should first check if the interface is already up. This still technically races between the initial check and the start of the route loop, but fixing that is a bit ugly and probably not worth it at the moment. Reported-by: Theo Buehler <tb@theobuehler.org>
2019-09-05namespaceapi: AddSIDToBoundaryDescriptor modifies the handleJason A. Donenfeld
2019-09-01wintun: take mutex first alwaysJason A. Donenfeld
This prevents an ABA deadlock with setupapi's internal locks.
2019-09-01wintun: consider abandoned mutexes as releasedJason A. Donenfeld
2019-08-30wintun: put mutex into private namespaceJason A. Donenfeld
2019-08-30namespaceapi: fix mistakeJason A. Donenfeld
2019-08-30namespaceapi: initial versionSimon Rozman
Signed-off-by: Simon Rozman <simon@rozman.si>
2019-08-30wintun: take mutex so that deletion uses the right nameJason A. Donenfeld