diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-06-17 13:08:13 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-06-18 12:08:51 +0200 |
commit | 6e48647318edad7540c4e99be5aed10ac898893f (patch) | |
tree | 13a2d97bcb3ad8e44f288d3220fd9030d9eb968c /tunnel/ifaceconfig.go | |
parent | version: bump (diff) | |
download | wireguard-windows-6e48647318edad7540c4e99be5aed10ac898893f.tar.xz wireguard-windows-6e48647318edad7540c4e99be5aed10ac898893f.zip |
tunnel: wait for IP service to attach to wintun
This helps fix startup races without needing to poll, as well as
reconfiguring interfaces after wintun destroys and re-adds. It also
deals gracefully with IPv6 being disabled.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to '')
-rw-r--r-- | tunnel/addressconfig.go (renamed from tunnel/ifaceconfig.go) | 81 |
1 files changed, 19 insertions, 62 deletions
diff --git a/tunnel/ifaceconfig.go b/tunnel/addressconfig.go index a71b612e..a1e5dc59 100644 --- a/tunnel/ifaceconfig.go +++ b/tunnel/addressconfig.go @@ -10,7 +10,6 @@ import ( "log" "net" "sort" - "time" "golang.org/x/sys/windows" "golang.zx2c4.com/wireguard/tun" @@ -20,7 +19,7 @@ import ( "golang.zx2c4.com/wireguard/windows/tunnel/winipcfg" ) -func cleanupAddressesOnDisconnectedInterfaces(addresses []net.IPNet) { +func cleanupAddressesOnDisconnectedInterfaces(family winipcfg.AddressFamily, addresses []net.IPNet) { if len(addresses) == 0 { return } @@ -39,7 +38,7 @@ func cleanupAddressesOnDisconnectedInterfaces(addresses []net.IPNet) { } return false } - interfaces, err := winipcfg.GetAdaptersAddresses(windows.AF_UNSPEC, winipcfg.GAAFlagDefault) + interfaces, err := winipcfg.GetAdaptersAddresses(family, winipcfg.GAAFlagDefault) if err != nil { return } @@ -58,7 +57,7 @@ func cleanupAddressesOnDisconnectedInterfaces(addresses []net.IPNet) { } } -func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { +func configureInterface(family winipcfg.AddressFamily, conf *conf.Config, tun *tun.NativeTun) error { luid := winipcfg.LUID(tun.LUID()) estimatedRouteCount := len(conf.Interface.Addresses) @@ -114,10 +113,10 @@ func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { } } - err := luid.SetIPAddresses(addresses) + err := luid.SetIPAddressesForFamily(family, addresses) if err == windows.ERROR_OBJECT_ALREADY_EXISTS { - cleanupAddressesOnDisconnectedInterfaces(addresses) - err = luid.SetIPAddresses(addresses) + cleanupAddressesOnDisconnectedInterfaces(family, addresses) + err = luid.SetIPAddressesForFamily(family, addresses) } if err != nil { return err @@ -140,49 +139,38 @@ func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { deduplicatedRoutes = append(deduplicatedRoutes, &routes[i]) } - err = luid.SetRoutes(deduplicatedRoutes) + err = luid.SetRoutesForFamily(family, deduplicatedRoutes) if err != nil { return nil } - ipif, err := luid.IPInterface(windows.AF_INET) + ipif, err := luid.IPInterface(family) if err != nil { return err } - if foundDefault4 { - ipif.UseAutomaticMetric = false - ipif.Metric = 0 - } if conf.Interface.MTU > 0 { ipif.NLMTU = uint32(conf.Interface.MTU) tun.ForceMTU(int(ipif.NLMTU)) } - err = ipif.Set() - if err != nil { - return err - } - - ipif, err = luid.IPInterface(windows.AF_INET6) - if err != nil && firstGateway6 != nil { - log.Printf("Is IPv6 disabled by Windows?") - return err - } else if err == nil { // People seem to like to disable IPv6, so we make this non-fatal. - if foundDefault6 { + if family == windows.AF_INET { + if foundDefault4 { ipif.UseAutomaticMetric = false ipif.Metric = 0 } - if conf.Interface.MTU > 0 { - ipif.NLMTU = uint32(conf.Interface.MTU) + } else if family == windows.AF_INET6 { + if foundDefault6 { + ipif.UseAutomaticMetric = false + ipif.Metric = 0 } ipif.DadTransmits = 0 ipif.RouterDiscoveryBehavior = winipcfg.RouterDiscoveryDisabled - err = ipif.Set() - if err != nil { - return err - } + } + err = ipif.Set() + if err != nil { + return err } - err = luid.SetDNS(conf.Interface.DNS) + err = luid.SetDNSForFamily(family, conf.Interface.DNS) if err != nil { return err } @@ -190,19 +178,6 @@ func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { return nil } -func unconfigureInterface(tun *tun.NativeTun) { - // It seems that the Windows networking stack doesn't like it when we destroy interfaces that have active - // routes, so to be certain, just remove everything before destroying. - luid := winipcfg.LUID(tun.LUID()) - luid.FlushRoutes(windows.AF_INET) - luid.FlushIPAddresses(windows.AF_INET) - luid.FlushRoutes(windows.AF_INET6) - luid.FlushIPAddresses(windows.AF_INET6) - luid.FlushDNS() - - firewall.DisableFirewall() -} - func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { restrictAll := false if len(conf.Peers) == 1 { @@ -224,21 +199,3 @@ func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { } return firewall.EnableFirewall(tun.LUID(), conf.Interface.DNS, restrictAll) } - -func waitForFamilies(tun *tun.NativeTun) { - // TODO: This whole thing is a disgusting hack that shouldn't be neccessary. - - f := func(luid winipcfg.LUID, family winipcfg.AddressFamily, maxRetries int) { - for i := 0; i < maxRetries; i++ { - _, err := luid.IPInterface(family) - if i != maxRetries-1 && err == windows.ERROR_NOT_FOUND { - time.Sleep(time.Millisecond * 50) - continue - } - break - } - } - luid := winipcfg.LUID(tun.LUID()) - f(luid, windows.AF_INET, 100) - f(luid, windows.AF_INET6, 3) -} |