aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/updater (follow)
Commit message (Collapse)AuthorAgeFilesLines
* global: bump dateJason A. Donenfeld2022-01-0611-11/+11
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use strings.Cut where possibleJason A. Donenfeld2021-12-231-4/+4
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: apply gofumptJason A. Donenfeld2021-12-092-1/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* fetcher,winhttp: force TLS 1.2 on Win 8.0 and 7Jason A. Donenfeld2021-10-292-1/+24
| | | | | | | | On ancient Windows, we must opt-in to using TLS 1.2. Otherwise it only allows for TLS 1.0. And of course there's no TLS 1.3 support there at all. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: return to using proper constantJason A. Donenfeld2021-08-031-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use correct constant for authentication verification and freeJason A. Donenfeld2021-07-291-2/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* build: port to arm64Jason A. Donenfeld2021-02-181-1/+1
| | | | | | | | | | We build Go from modified-source with a bootstrap version, rather than shipping so many patches in this repo. This commit also removes the previous WOW hacks, and goes back to strictly forbidding WOW. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: move away from ioutilJason A. Donenfeld2021-02-011-2/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: bump copyright dateJason A. Donenfeld2021-02-0111-11/+11
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* winhttp: use errors.As for unwrappingJason A. Donenfeld2021-01-251-4/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater,version: simplify code locationsJason A. Donenfeld2021-01-256-25/+33
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: another attempt at winhttpJason A. Donenfeld2020-11-308-28/+846
| | | | | | | This reverts commit fbc3ceba56df06a61346f0b873f1e1d85c5b05a9, while reworking it too. This saves 2M in the binary. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: update headersJason A. Donenfeld2020-11-227-7/+7
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: unify architecture string handlingJason A. Donenfeld2020-11-223-61/+1
| | | | | | | Always report native architecture and use "x86" instead of "386" for all identification strings, except when explicitly stating the Go verison. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: allow S-1-5-32-556 users to launch a limited UIJason A. Donenfeld2020-11-221-1/+0
| | | | | | | | | | | | | | | | | I still have serious security reservations about this, both conceptually -- should users be allowed to do this stuff? -- and pratically -- there are issues with this implementation that need some examination. TODO: - Is that registry key a secure path? Should we double check it? - Are we leaking handles to the unpriv'd process from the manager? Audit this too. - IPC notifications are blocking. Should we move this to a go routine to mitigate DoS potential? - Is GOB deserialization secure? Can an NCO user crash or RCE the manager? Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: remove obsolete syscall stubJason A. Donenfeld2020-11-181-8/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: BOOLEAN is a char, whereas BOOL is an intJason A. Donenfeld2020-11-171-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: SetFileInformationByHandle moved into x/sysJason A. Donenfeld2020-11-171-11/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: handle deletion more smoothlyJason A. Donenfeld2020-11-172-21/+50
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* conf: move configuration to C:\Program Files\WireGuard\DataJason A. Donenfeld2020-11-161-3/+5
| | | | | | It doesn't get wiped out on Windows upgrades. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* mod: bump x/sys for IsWow64Process2Jason A. Donenfeld2020-11-163-86/+8
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use constants from debug/peJason A. Donenfeld2020-11-162-40/+5
| | | | | | | These are nice here, but we don't want to use them for memmod, since there we need a more complete linker. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* installer: updater: introduce ARM64 MSI packagesSimon Rozman2020-11-136-12/+180
| | | | | | Windows 10 ARM64 refuses to install ARM MSI. Signed-off-by: Simon Rozman <simon@rozman.si>
* installer: enable ARM MSI buildingSimon Rozman2020-11-131-0/+2
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* updater: allow updating from the command lineJason A. Donenfeld2020-04-051-4/+23
| | | | | | | | | The administrator user may run `wireguard.exe /update`, which will check for updates and install it if available. A log file may be written using `wireguard.exe /update path\to\log\file.txt`. Requested-by: Elliot Saba <staticfloat@gmail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use ed25519 from standard libraryJason A. Donenfeld2019-10-161-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Revert "updater: use winhttp to reduce filesize"Jason A. Donenfeld2019-09-276-684/+21
| | | | | | | | This reverts commit b1a33fd099fdcc25b0edba9c0e3f2ea9f8d0d9c4. We'll revisit this later. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use winhttp to reduce filesizeJason A. Donenfeld2019-09-236-21/+684
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use SECURITY_DESCRIPTOR apis from x/sys/windowsJason A. Donenfeld2019-09-231-3/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use correct length for security attributesJason A. Donenfeld2019-09-231-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: hard code name and version at compile timeJason A. Donenfeld2019-08-301-2/+1
| | | | | | | | | We really do want the true name and version in logs so that external consumers have a good reference point for helping us debug. We can then do the log file directory explicitly. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: use ProductName and ProductVersion as stringsJason A. Donenfeld2019-08-301-1/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: cleanup TODO comment spacingJason A. Donenfeld2019-06-072-6/+6
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use filepath.Join uniformlyJason A. Donenfeld2019-05-251-5/+5
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* manager: use winpipe instead of winioJason A. Donenfeld2019-05-231-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: regroup all importsJason A. Donenfeld2019-05-144-6/+10
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* service: allow go to create correct environment blockJason A. Donenfeld2019-05-132-4/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use hsm key and check header matchJason A. Donenfeld2019-05-072-6/+4
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: move into managerJason A. Donenfeld2019-05-064-50/+88
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use /qb!- instead of /qb-Jason A. Donenfeld2019-05-021-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: dynamically get file versionJason A. Donenfeld2019-05-011-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: don't pass full paths to msiexecJason A. Donenfeld2019-05-011-4/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* installer: stop/uninstall/start all WireGuard servicesJason A. Donenfeld2019-04-301-1/+1
| | | | | | | Also clean up quite a few things. Signed-off-by: Simon Rozman <simon@rozman.si> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui: fix quoting in error stringsJason A. Donenfeld2019-04-301-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: add certificate checking for official versionsJason A. Donenfeld2019-04-301-1/+1
| | | | | | This is an easy circumventable check designed mostly for convenience. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: add beginnings of authenticode checkingJason A. Donenfeld2019-04-301-1/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: use /qb instead of /quietJason A. Donenfeld2019-04-291-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* updater: add initial skeletonJason A. Donenfeld2019-04-297-0/+447
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.