aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* conn: new package that splits out the Bind and Endpoint typesdc/branchDavid Crawshaw2019-12-0813-424/+481
| | | | | | | The sticky socket code stays in the device package for now, as it reaches deeply into the peer list. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* rwcancel: fix build on macOSDavid Crawshaw2019-12-081-1/+2
| | | | Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* ratelimiter: unembed mutexesDavid Crawshaw2019-12-081-19/+19
| | | | | | | | Embeding the mutex exports the Lock/Unlock methods to other packages using ratelimiter. Users don't need them so don't do that. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* ratelimiter: use a fake clock in testsDavid Crawshaw2019-12-082-33/+50
| | | | | | | | | | | | | The existing test would occasionally flake out with: --- FAIL: TestRatelimiter (0.12s) ratelimiter_test.go:99: Test failed for 127.0.0.1 , on: 7 ( not having refilled enough ) expected: false got: true FAIL FAIL golang.zx2c4.com/wireguard/ratelimiter 0.171s As a bonus, a fake clock runs the test in one tenth the time. Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
* device: SendmsgN mutates the input sockaddrJason A. Donenfeld2019-11-281-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So we take a new granular lock to prevent concurrent writes from racing. WARNING: DATA RACE Write at 0x00c0011f2740 by goroutine 27: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.(*Device).RoutineReadFromTUN() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:318 +0x4b8 Previous write at 0x00c0011f2740 by goroutine 386: golang.org/x/sys/unix.(*SockaddrInet4).sockaddr() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:384 +0x114 golang.org/x/sys/unix.SendmsgN() /go/pkg/mod/golang.org/x/sys@v0.0.0-20191105231009-c1f44814a5cd/unix/syscall_linux.go:1304 +0x288 golang.zx2c4.com/wireguard/device.send4() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:485 +0x11f golang.zx2c4.com/wireguard/device.(*nativeBind).Send() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/conn_linux.go:268 +0x1d6 golang.zx2c4.com/wireguard/device.(*Peer).SendBuffer() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/peer.go:151 +0x285 golang.zx2c4.com/wireguard/device.(*Peer).SendHandshakeInitiation() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/send.go:163 +0x692 golang.zx2c4.com/wireguard/device.expiredRetransmitHandshake() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:110 +0x40c golang.zx2c4.com/wireguard/device.(*Peer).NewTimer.func1() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/timers.go:42 +0xd8 Goroutine 27 (running) created at: golang.zx2c4.com/wireguard/device.NewDevice() /go/pkg/mod/golang.zx2c4.com/wireguard@v0.0.20191012/device/device.go:322 +0x5e8 main.main() /go/src/x/main.go:102 +0x58e Goroutine 386 (finished) created at: time.goFunc() /usr/local/go/src/time/sleep.go:168 +0x51 Reported-by: Ben Burkert <ben@benburkert.com>
* wintun: manage ring memory manuallyJason A. Donenfeld2019-11-222-7/+27
| | | | | It's large and Go's garbage collector doesn't deal with it especially well.
* constants: recalculate rekey max based on a one minute floodJason A. Donenfeld2019-10-301-1/+1
| | | | Discussed-with: Mathias Hall-Andersen <mathias@hall-andersen.dk>
* global: fix a few typos courtesy of codespellJonathan Tooker2019-10-225-10/+10
| | | | Signed-off-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
* device: allow blackholing socketsJason A. Donenfeld2019-10-212-4/+14
|
* device: remove dead error reporting codeJason A. Donenfeld2019-10-211-4/+1
|
* namespaceapi: remove tasteless commentJason A. Donenfeld2019-10-211-1/+1
|
* device: recheck counters while holding write lockJason A. Donenfeld2019-10-171-2/+7
|
* wintun: normalize variable names for their typesJason A. Donenfeld2019-10-171-72/+72
|
* wintun: quickly ignore non-Wintun devicesAvery Pennarun2019-10-171-0/+18
| | | | | | | | | Some devices take ~2 seconds to enumerate on Windows if we try to get their instance name. The hardware id property, on the other hand, is available right away. Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: inlined this to where it makes sense, reused setupapi const]
* tun: match windows CreateTUN signature to the Linux variantAvery Pennarun2019-10-172-5/+10
| | | | | Signed-off-by: Avery Pennarun <apenwarr@gmail.com> [zx2c4: fix default value]
* rwcancel: handle EINTR and EAGAIN in unixSelect()Avery Pennarun2019-10-171-2/+14
| | | | | | | | | | | | On my Chromebook (Linux 4.19.44 in a VM) and on an AWS EC2 machine, select() was sometimes returning EINTR. This is harmless and just means you should try again. So let's try again. This eliminates a problem where the tunnel fails to come up correctly and the program needs to be restarted. Signed-off-by: Avery Pennarun <apenwarr@gmail.com>
* device: test packets between two fake devicesDavid Crawshaw2019-10-161-29/+199
| | | | Signed-off-by: David Crawshaw <crawshaw@tailscale.io>
* version: bump snapshotv0.0.20191012Jason A. Donenfeld2019-10-121-1/+1
|
* Makefile: remove v prefixJason A. Donenfeld2019-10-081-1/+1
|
* wintun: expose versionJason A. Donenfeld2019-10-082-1/+34
|
* uapi: allow preventing creation of new peers when updatingJason A. Donenfeld2019-10-041-1/+17
| | | | | | This enables race-free updates for wg-dynamic and similar tools. Suggested-by: Thomas Gschwantner <tharre3@gmail.com>
* mod: bump versionsJason A. Donenfeld2019-10-049-16/+16
|
* winpipe: use x/sys/windows instead of syscallJason A. Donenfeld2019-09-167-229/+128
|
* wintun: use correct length for security attributesJason A. Donenfeld2019-09-161-1/+1
|
* tun: windows: unify error message formatJason A. Donenfeld2019-09-081-2/+2
|
* version: bump snapshotv0.0.20190908Jason A. Donenfeld2019-09-081-1/+1
|
* main: simplify warningsJason A. Donenfeld2019-09-083-44/+1
|
* tun: openbsd: check for interface already being upJason A. Donenfeld2019-09-071-23/+31
| | | | | | | | | | | | In some cases, we operate on an already-up interface, or the user brings up the interface before we start monitoring. For those situations, we should first check if the interface is already up. This still technically races between the initial check and the start of the route loop, but fixing that is a bit ugly and probably not worth it at the moment. Reported-by: Theo Buehler <tb@theobuehler.org>
* namespaceapi: AddSIDToBoundaryDescriptor modifies the handleJason A. Donenfeld2019-09-051-2/+2
|
* wintun: take mutex first alwaysJason A. Donenfeld2019-09-011-9/+9
| | | | This prevents an ABA deadlock with setupapi's internal locks.
* wintun: consider abandoned mutexes as releasedJason A. Donenfeld2019-09-011-1/+1
|
* ipc: windows: use protected prefixJason A. Donenfeld2019-08-312-2/+2
|
* winpipe: enforce ownership of client connectionJason A. Donenfeld2019-08-303-7/+46
|
* wintun: put mutex into private namespaceJason A. Donenfeld2019-08-303-26/+99
|
* namespaceapi: fix mistakeJason A. Donenfeld2019-08-302-4/+4
|
* namespaceapi: initial versionSimon Rozman2019-08-303-0/+207
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* wintun: take mutex so that deletion uses the right nameJason A. Donenfeld2019-08-304-25/+84
|
* wintun: move ring constants into moduleJason A. Donenfeld2019-08-293-96/+133
|
* wintun: delete all interfaces is not used anymoreJason A. Donenfeld2019-08-291-9/+0
|
* wintun: Wintun->InterfaceJason A. Donenfeld2019-08-292-37/+36
|
* wintun: keep reference to pool in wintun objectJason A. Donenfeld2019-08-291-7/+9
|
* wintun: introduce adapter poolsSimon Rozman2019-08-292-26/+50
| | | | | | This makes wintun package reusable for non-WireGuard applications. Signed-off-by: Simon Rozman <simon@rozman.si>
* wintun: simplify rename logicJason A. Donenfeld2019-08-281-5/+4
|
* wintun: give better errors when ndis interface listing failsJason A. Donenfeld2019-08-281-2/+2
|
* wintun: also check for numbered suffix and friendly nameJason A. Donenfeld2019-08-281-9/+22
|
* wintun: upgrade deleting all interfaces and make it reusableSimon Rozman2019-08-281-4/+29
| | | | | | | | | | | DeleteAllInterfaces() didn't check if SPDRP_DEVICEDESC == "WireGuard Tunnel". It deleted _all_ Wintun adapters, not just WireGuard's. Furthermore, the DeleteAllInterfaces() was upgraded into a new function called DeleteMatchingInterfaces() for selectively deletion. This will be used by WireGuard to clean stale Wintun adapters. Signed-off-by: Simon Rozman <simon@rozman.si>
* wintun: cleanup earlierJason A. Donenfeld2019-08-271-19/+20
|
* wintun: rename duplicate adapters instead of ourselvesJason A. Donenfeld2019-08-274-0/+118
|
* wintun: match suffix numbersJason A. Donenfeld2019-08-261-1/+8
|
* device: getsockname on linux to determine portJason A. Donenfeld2019-08-251-0/+10
| | | | | It turns out Go isn't passing the pointer properly so we wound up with a zero port every time.