| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
| |
This is essential for allowing incoming connections.
Reported-by: /u/Julien_Madagascar on Reddit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
| |
While this diverges from wg-quick(8), it's also much more
Windows-friendly, considering that % is the prefix for expanding
environment variables in cmd.exe.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
| |
This lets people use split tunnel DNS for the more common case.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
| |
Otherwise Windows complains.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
| |
Reported-by: Michael Zhou <mzhou@cse.unsw.edu.au>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Simon Rozman <simon@rozman.si>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Simon Rozman <simon@rozman.si>
|
| |
|
|
|
|
|
|
| |
The structs stay the same size for the respective 32bit and 64bit
platforms, so split things into _32 and _64.
Signed-off-by: Simon Rozman <simon@rozman.si>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
| |
Avoids "converted pointer straddles allocation" failures at runtime
when building binaries in race mode with Go 1.15, which enables
checkptr: https://golang.org/doc/go1.15#windows
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
[Jason: Note Go 1.16/1.17 todo item.]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
| |
Prevents cmd.exe window flashes when running binaries in elevated
interactive contexts for debugging.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
| |
Signed-off-by: David Crawshaw <crawshaw@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
| |
This doesn't get automatically cleared in the same way that nameservers
do.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
| |
The administrator user may run `wireguard.exe /update`, which will check
for updates and install it if available. A log file may be written using
`wireguard.exe /update path\to\log\file.txt`.
Requested-by: Elliot Saba <staticfloat@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I had some issues setting up WireGuard behind another VPN. Curiously, it
bound the physical interface instead of the other VPN, which was the
default route. According to MSDN "the actual route metric used to
compute the route preference is the summation of interface metric
specified in the Metric member of the MIB_IPINTERFACE_ROW structure and
the route metric offset specified in this member" (documentation for
MIB_IPFORWARD_ROW2), but the code did not seem to consider this. After I
changed the calculation, I got the expected behaviour.
Signed-off-by: Philipp Czerner <suyjuris.gi@nicze.de>
Link: https://docs.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipforward_row2
[zx2c4: fixed up commit message, removed semicolon]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
| |
Windows doesn't like it when passing these off to its config.
Reported-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
| |
Reported-by: Odd Stranne <odd@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
| |
This prevents against common mishaps when changing from a wifi network
that supports v6 to one that doesn't.
Reported-by: Jonathan Tooker <jonathan.tooker@netprotect.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
| |
This reverts commit cf6f599a4a65e89929ffc12982346c8e9012552c.
It broke people's setups.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Linux, we're used to routes being added after an interface is up, and
routes being removed as a consequence of an interface going down. On
Windows, this isn't always the case, at least not from the perspective
of the route notifiers. In order to work around this and make a
multi-interface model coherent, we search for a new default route not
only whenever the routing table changes but also whenever any interface
link parameters change, such as up/down.
The practical consequence is that now WireGuard connects properly when
wifi is disconnected and then reconnected.
Reported-by: Nenad Kozul <me@nenadkozul.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
| |
The windows-allocated one gets freed.
Reported-by: Odd Stranne <odd@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ret:
setupLock
interfaceChangeLock
trigger:
interfaceChangeLock
setupLock
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We want to enforce the relation between the socket name and the service
name, especially since the wintun adapter name might get a 1 or 2
appended depending on weird Nci duplication detection. So we just stick
with the configuration-given name throughout. Also, the user can change
the adapter name at runtime, which is all the more reason why maybe we
shouldn't care about it so much.
Reported-by: Nenad Kozul <me@nenadkozul.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
| |
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
Jason A. Donenfeld
Simon Rozman
Brad Fitzpatrick
David Crawshaw
Philipp Czerner