Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | tunnel: wait for IP service to attach to wintun | Jason A. Donenfeld | 2019-06-18 | 6 | -125/+268 |
| | | | | | | This helps fix startup races without needing to poll, as well as reconfiguring interfaces after wintun destroys and re-adds. It also deals gracefully with IPv6 being disabled. | ||||
* | firewall: adjust loopback rule for better matching | Odd Stranne | 2019-06-13 | 2 | -17/+14 |
| | | | | Signed-off-by: Odd Stranne <odd@mullvad.net> | ||||
* | tunnel: clearer GUID encoding scheme | Jason A. Donenfeld | 2019-06-13 | 1 | -24/+38 |
| | |||||
* | winipcfg: prefer own methods over direct API calls | Simon Rozman | 2019-06-11 | 1 | -2/+2 |
| | | | | Signed-off-by: Simon Rozman <simon@rozman.si> | ||||
* | tunnel: generate GUIDs deterministically | Jason A. Donenfeld | 2019-06-10 | 2 | -1/+74 |
| | | | | | | This allows NLA profiles to securely bind public keys to firewall profiles, a considerable improvement on the usual insecure Windows situation. | ||||
* | tunnel: SCM lock status is upstream now | Jason A. Donenfeld | 2019-06-09 | 1 | -32/+11 |
| | |||||
* | tunnel: release SCM locks by faking an early start before wintun init | Jason A. Donenfeld | 2019-06-07 | 1 | -0/+35 |
| | | | | | Otherwise creating the wintun service deadlocks the entire SCM on Windows 8.1. | ||||
* | firewall: GUID generation is now upstream | Jason A. Donenfeld | 2019-06-07 | 2 | -16/+2 |
| | |||||
* | global: cleanup TODO comment spacing | Jason A. Donenfeld | 2019-06-07 | 5 | -6/+6 |
| | |||||
* | tunnel: perform full stop on shutdown | Simon Rozman | 2019-06-07 | 1 | -2/+2 |
| | | | | | | | | | | | The services which do not advertise they accept shutdown signal from SCM are killed on shutdown. This commit establishes a full tunnel cleanup (i.e. delete the adapter) on shutdown. Otherwise, the Wintun adapter is deleted on next boot as a part of the regular sanitation procedure. Signed-off-by: Simon Rozman <simon@rozman.si> | ||||
* | tunnel: retain SeLoadDriverPrivilege | Jason A. Donenfeld | 2019-06-07 | 1 | -2/+2 |
| | | | | This is a big loss. We'll need to revisit this. | ||||
* | tunnel: don't fail on v6 family lookup unless using v6 | Jason A. Donenfeld | 2019-06-07 | 1 | -14/+16 |
| | |||||
* | services: iterate through groups using helper | Jason A. Donenfeld | 2019-06-07 | 1 | -2/+1 |
| | |||||
* | tunnel: fix formatting | Jason A. Donenfeld | 2019-06-07 | 2 | -3/+3 |
| | |||||
* | tunnel: make tcp/ip waiting explicit | Jason A. Donenfeld | 2019-05-31 | 3 | -18/+27 |
| | |||||
* | firewall: use random GUIDs | Jason A. Donenfeld | 2019-05-31 | 2 | -20/+27 |
| | |||||
* | tunnel: logical simplification | Jason A. Donenfeld | 2019-05-29 | 1 | -1/+1 |
| | |||||
* | tunnel: allow for disabled ipv6 | Jason A. Donenfeld | 2019-05-29 | 1 | -14/+12 |
| | |||||
* | global: several helpers are now upstream | Jason A. Donenfeld | 2019-05-27 | 1 | -11/+1 |
| | |||||
* | winipcfg: make LUID.DeleteIPAddress accept IPNet | Simon Rozman | 2019-05-27 | 3 | -4/+10 |
| | | | | | | Thou DeleteUnicastIpAddressEntry() cares about the IP only. Signed-off-by: Simon Rozman <simon@rozman.si> | ||||
* | global: use filepath.Join uniformly | Jason A. Donenfeld | 2019-05-25 | 1 | -1/+2 |
| | |||||
* | winipcfg: SocketAddressToIP was upstreamed | Jason A. Donenfeld | 2019-05-25 | 3 | -30/+4 |
| | |||||
* | winipcfg: switch to windows.GetAdaptersAddresses | Simon Rozman | 2019-05-24 | 2 | -11/+1 |
| | | | | Signed-off-by: Simon Rozman <simon@rozman.si> | ||||
* | winipcfg: add note describing how to setup winipcfg testing environment | Simon Rozman | 2019-05-23 | 1 | -0/+16 |
| | | | | | | | ...to save us head-scratching time when trying to run the tests again few months later. Signed-off-by: Simon Rozman <simon@rozman.si> | ||||
* | winipcfg: import | Jason A. Donenfeld | 2019-05-22 | 19 | -63/+4479 |
| | | | | | | | | We'll maintain this as part of the same repo here. Later maybe we'll push it into x/sys/windows. Signed-off-by: Simon Rozman <simon@rozman.si> Signed-off-by: Aleksandar Pesic <peske.nis@gmail.com> | ||||
* | tunnel: disable firewall before destroying wintun | Jason A. Donenfeld | 2019-05-22 | 1 | -0/+2 |
| | | | | Otherwise there's a tiny race. | ||||
* | tunnel: remove routes before destroying interface | Jason A. Donenfeld | 2019-05-22 | 2 | -1/+17 |
| | |||||
* | firewall: use service-specific SID | Jason A. Donenfeld | 2019-05-22 | 6 | -46/+146 |
| | |||||
* | service: split into tunnel and manager | Jason A. Donenfeld | 2019-05-20 | 13 | -0/+3505 |