aboutsummaryrefslogtreecommitdiffstatshomepage
Commit message (Collapse)AuthorAgeFilesLines
* Makefile: choose newest version of GoHEADmasterJason A. Donenfeld10 days1-1/+1
| | | | | | | | | | | | | Now that these are sorted properly, we can rely on the top one being the newest. Before, we assumed the last one was the newest, which was only true during betas and rcs, which required us to swap back and forth between the first one and the last one. But even then, the last one wouldn't always be the latest beta! So sometimes we had to change it to the second to last one. And on and on with madness. In other words, before the list was basically unsorted. But now that it's sorted, we can just use the top one always, which is what we want. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* dpapi: remove stray test exeJason A. Donenfeld12 days1-0/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conf: do not examine connectivity state at bootJason A. Donenfeld12 days3-65/+4
| | | | | | | | | | | | | It turns out that checking for internet connectivity is not really a reliable way of knowing whether the WSAHOST_NOT_FOUND is legitimate or not. So just give up on that approach, assume WSAHOST_NOT_FOUND is always illegitimate at boot, and loop for a long time. This might induce annoyances for admins who want to kill legitimate WSAHOST_NOT_FOUND services that keep trying again, but they'll just have to wait for two minutes. Reported-by: Simon Rozman <simon@rozman.si> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: bump dateJason A. Donenfeld2022-01-06143-146/+146
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* fetcher: only write 32 bytes to hash outputJason A. Donenfeld2022-01-062-3/+3
| | | | | | | Current binaries overflow into `wchar_t total_bytes_str[22]`, which is not used anywhere after the overflow, so no harm done thankfully. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use strings.Cut where possibleJason A. Donenfeld2021-12-234-12/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: bumpv0.5.3Jason A. Donenfeld2021-12-221-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* docs: new code signing certificateJason A. Donenfeld2021-12-221-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use syscall.SyscallNJason A. Donenfeld2021-12-164-19/+19
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ringlogger: have caller cleanup inherited handle on failureJason A. Donenfeld2021-12-161-4/+1
| | | | | Reported-by: shuaidonga <1181157720@qq.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: interface{} -> anyJason A. Donenfeld2021-12-167-13/+13
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: omit build info from binaryJason A. Donenfeld2021-12-162-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: update to go 1.18 beta1Jason A. Donenfeld2021-12-1623-551/+27
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: remove patcherJason A. Donenfeld2021-12-142-6/+1
| | | | | | This should be easy to revert when we want to add it back. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: apply gofumptJason A. Donenfeld2021-12-0941-125/+140
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: update to go 1.17.4 and drop upstreamed patchesJason A. Donenfeld2021-12-028-288/+7
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui: only set "(out of date)" window title if admin userJason A. Donenfeld2021-11-261-1/+3
| | | | | | | | | Hopefully this scares users less, while keeping the update tab so that they still annoy their sysadmins to update. Reported-by: Bruno Andry <bandry@ut1.org> Discussed-with: Diab Neiroukh <lazerl0rd@thezest.dev> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: switch to go.devJason A. Donenfeld2021-11-252-3/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* go-patches: support non-cooperative preemption on arm and arm64Jason A. Donenfeld2021-11-252-0/+124
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* mod: remove x/sys forkJason A. Donenfeld2021-11-245-20/+20
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: backout AddrFromSlice signature changeJason A. Donenfeld2021-11-114-11/+11
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: bumpv0.5.2Jason A. Donenfeld2021-11-081-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: check for WeakHostSend/Forwarding in pitfallsJason A. Donenfeld2021-11-084-3/+88
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: bump to go 1.17.3Jason A. Donenfeld2021-11-062-2/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* go-patches: return correct nanosec param on arm64Jason A. Donenfeld2021-11-061-0/+81
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* go-patches: read nanotime in 1 instruction on 64bitJason A. Donenfeld2021-11-063-6/+200
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: add routes even when no corresponding addressJason A. Donenfeld2021-11-061-16/+3
| | | | | | | Apparently this works now, but it didn't used to. Reported-by: Christoph Loesch <wireguard-mail@chil.at> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* winipcfg: handle zones and make things use itJason A. Donenfeld2021-11-062-15/+23
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: switch to netipJason A. Donenfeld2021-11-0617-367/+260
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: cleanup legacy wintunJason A. Donenfeld2021-10-295-9/+63
| | | | | | | | | | It's not good to leave cruft around from the upgrade case when people want to uninstall, so we remove wintun in the uninstaller manually (without the help of wintun.dll, which we no longer ship). But also, so that we can eventually drop that code, we also remove it opportunistically when the manager starts. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* fetcher,winhttp: force TLS 1.2 on Win 8.0 and 7Jason A. Donenfeld2021-10-295-1/+38
| | | | | | | | On ancient Windows, we must opt-in to using TLS 1.2. Otherwise it only allows for TLS 1.0. And of course there's no TLS 1.3 support there at all. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* services: mark win7 code the same as elsewhereJason A. Donenfeld2021-10-291-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: use pre-seeded fastrandn instead of math.randJason A. Donenfeld2021-10-282-12/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: delay boottime updates and simplifyJason A. Donenfeld2021-10-272-11/+28
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* embeddable-dll-service: update for new wgnt APIJason A. Donenfeld2021-10-272-8/+4
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: official: remove stutterJason A. Donenfeld2021-10-271-3/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* driver: align 64-bit argument on ARM32Jason A. Donenfeld2021-10-261-1/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: pitfalls: cap virtio check to min 40 for ParallelsJason A. Donenfeld2021-10-261-1/+2
| | | | | | | | It looks like Parallels forked NetKVM from Red Hat and changed the versioning scheme, but kept the same driver name. So we skip the warning for a floor of v40. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: bumpv0.5.1Jason A. Donenfeld2021-10-261-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui: remove GOARCH from about dialogJason A. Donenfeld2021-10-261-1/+1
| | | | | | | | We don't support WOW, so architecture already has this. If we ever do support WOW, we should make architecture in the form of {native}/{runtime}, e.g. amd64/x86. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* mod: bump x/sys to private branchJason A. Donenfeld2021-10-263-6/+5
| | | | | | | Hopefully we can revert this when https://go-review.googlesource.com/c/sys/+/358394 is merged. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* services: use more reliable method of detecting boot-upJason A. Donenfeld2021-10-2610-55/+88
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* services: remove unused pipe path helperJason A. Donenfeld2021-10-261-7/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: cleanup IPs when masks don't matchJason A. Donenfeld2021-10-261-9/+6
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: convert ips to string for hash tableJason A. Donenfeld2021-10-261-14/+12
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: defer startup until tcp configuration is setJason A. Donenfeld2021-10-262-7/+31
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* driver: formatJason A. Donenfeld2021-10-262-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* docs: remove outdated single tunnel mentionJason A. Donenfeld2021-10-261-3/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ringlogger: allow tailing to stdoutJason A. Donenfeld2021-10-263-7/+39
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: add retry loop to certain interface config failuresJason A. Donenfeld2021-10-213-12/+33
| | | | | | | I wish there was another way here, but we have too little control over Windows' boot sequence. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>