Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | service: split into tunnel and manager | Jason A. Donenfeld | 2019-05-20 | 1 | -329/+0 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: silently ignore routes that won't have a gateway | Jason A. Donenfeld | 2019-05-16 | 1 | -1/+7 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: print useragent in log | Jason A. Donenfeld | 2019-05-16 | 1 | -0/+3 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: token elevation stuff is upstream | Jason A. Donenfeld | 2019-05-16 | 1 | -7/+14 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: move WTS upstream | Jason A. Donenfeld | 2019-05-15 | 1 | -12/+12 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: clean up token mangling | Jason A. Donenfeld | 2019-05-14 | 1 | -1/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: account for loggedon but disconnected sessions | Jason A. Donenfeld | 2019-05-14 | 1 | -1/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | global: regroup all imports | Jason A. Donenfeld | 2019-05-14 | 1 | -4/+5 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: use more standard naming scheme for syscalls | Jason A. Donenfeld | 2019-05-13 | 1 | -20/+20 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: allow go to create correct environment block | Jason A. Donenfeld | 2019-05-13 | 1 | -12/+6 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: run UI with elevated token | Jason A. Donenfeld | 2019-05-12 | 1 | -23/+10 |
| | | | | | | | There are too many attacks possible when starting this with a non-elevated token. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: run UI at high integrity | Jason A. Donenfeld | 2019-05-11 | 1 | -0/+5 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: fix user logout | Jason A. Donenfeld | 2019-05-10 | 1 | -17/+50 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: prevent against multiple routines per session | Jason A. Donenfeld | 2019-05-08 | 1 | -4/+18 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: print in log after UI exits | Jason A. Donenfeld | 2019-05-08 | 1 | -3/+10 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: require elevated token | Jason A. Donenfeld | 2019-05-08 | 1 | -0/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: local system's token is a bit more locked down than elevated | Jason A. Donenfeld | 2019-05-08 | 1 | -2/+3 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: give process elevated security attributes plus logon session ID with minimal permissions | Jason A. Donenfeld | 2019-05-08 | 1 | -19/+8 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: delay restart for one second | Jason A. Donenfeld | 2019-05-07 | 1 | -0/+5 |
| | | | | | | | | This prevents a thundering herd. Also, we can now use the restart manager in the MSI because our walk fork handles the right window messages. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | ringlogger: export R/O handle for UI process | Jason A. Donenfeld | 2019-05-07 | 1 | -1/+2 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | updater: move into manager | Jason A. Donenfeld | 2019-05-06 | 1 | -137/+45 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: temporarily disable security attributes | Jason A. Donenfeld | 2019-05-04 | 1 | -1/+11 |
| | | | | | | This must be reverted before we release! See big source code comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: wire up firewall | Jason A. Donenfeld | 2019-05-03 | 1 | -2/+0 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: lock OS thread before making inheritable handles | Jason A. Donenfeld | 2019-05-02 | 1 | -0/+7 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: wtf->wts | Jason A. Donenfeld | 2019-05-02 | 1 | -2/+2 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: set security attributes on new process | Jason A. Donenfeld | 2019-05-02 | 1 | -1/+29 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: correct sid bounds | Jason A. Donenfeld | 2019-05-02 | 1 | -2/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: fix ooo | Jason A. Donenfeld | 2019-05-02 | 1 | -1/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: inform UIs it is time to quit so they can kill tray | Jason A. Donenfeld | 2019-04-30 | 1 | -0/+6 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: create environment for user | Jason A. Donenfeld | 2019-04-27 | 1 | -0/+36 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | ringlogger: give unprivd access via inheritable mapping handle | Jason A. Donenfeld | 2019-04-02 | 1 | -1/+6 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | ringlogger: introduce basic file ring logging | Jason A. Donenfeld | 2019-03-21 | 1 | -36/+15 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | manager: CreateWellKnownSid is upstreamed now | Jason A. Donenfeld | 2019-03-16 | 1 | -25/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: keep track of proper errors | Jason A. Donenfeld | 2019-03-10 | 1 | -21/+35 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | conf: validate tunnel name | Jason A. Donenfeld | 2019-03-05 | 1 | -1/+0 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | tunnel: log the builtin go log to elog | Jason A. Donenfeld | 2019-02-28 | 1 | -1/+2 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: track tunnel service status | Jason A. Donenfeld | 2019-02-28 | 1 | -0/+8 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | manager: wire up config migrator | Jason A. Donenfeld | 2019-02-28 | 1 | -0/+1 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | manager: wire up tunnels changed notifier | Jason A. Donenfeld | 2019-02-28 | 1 | -0/+3 |
| | | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | ipc: implement event system with pipes | Jason A. Donenfeld | 2019-02-28 | 1 | -2/+5 |
| | | | | | | Also use Go 1.12's Sysconn Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> | ||||
* | service: introduce base of services | Jason A. Donenfeld | 2019-02-28 | 1 | -0/+294 |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> |