Commit Graph

924 Commits

Author SHA1 Message Date
KusakabeSi
34443127b9 parse error for metamessage and allow single network stack 2021-09-23 19:16:45 +00:00
KusakabeSi
2ac7c0547d std bind, http api, hole punching, domain endpoint, faster reaction, psk 2021-09-23 11:31:01 +00:00
KusakabeSi
1fcc1bbfa1 update readme 2021-09-21 20:10:11 +00:00
KusakabeSi
a26376cec5 add/del peer dynamically 2021-09-21 20:03:11 +00:00
KusakabeSi
33b0b5f055 bugfix: p2p route problem 2021-09-21 12:48:50 +00:00
KusakabeSi
29b53884ba shrink header to inc MTU to 1416 2021-09-21 01:31:11 +00:00
KusakabeSi
72e4ebc91d version check in supernode 2021-09-20 21:00:34 +00:00
KusakabeSi
7951ba2f6a fix supernode ipv6 problem, add error message 2021-09-20 16:27:53 +00:00
KusakabeSi
612901c16a MAC address suffix now use NodeID instead of VPPIfaceID 2021-08-30 06:39:34 +00:00
日下部 詩
0cff923ed6 update README.md 2021-08-30 14:24:46 +08:00
KusakabeSi
c27695063d Update README_zh.md 2021-08-27 10:45:19 +00:00
KusakabeSi
d8f7cb1b60 First release 2021-08-26 12:40:53 +00:00
KusakabeSi
9e8e3ddc13 fix bug for vpp close 2021-08-26 11:33:35 +00:00
KusakabeSi
5fbb065897 no-vpp version 2021-08-26 11:20:54 +00:00
KusakabeSi
4443b8bddf Path solver and beta release 2021-08-25 18:20:35 +00:00
KusakabeSi
f8fe962f6a NTP support 2021-08-25 18:20:33 +00:00
KusakabeSi
eae0dc1aa5 Fix bug: remove unnecessary nhTable update 2021-08-25 18:20:30 +00:00
KusakabeSi
89f3069e7f New log option: LogNormal 2021-08-25 18:20:29 +00:00
KusakabeSi
ad196d3f95 http guest api 2021-08-25 18:20:25 +00:00
KusakabeSi
c4183ca924 workaround for bug https://jira.fd.io/projects/GOVPP/issues/GOVPP-22 2021-08-25 18:20:17 +00:00
KusakabeSi
6b563b5ad5 LinuxTap, bugfix 2021-08-24 13:55:42 +00:00
KusakabeSi
d717d35f64 LinuxTap, not test yet 2021-08-24 12:37:37 +00:00
KusakabeSi
26ba4dbe94 VPPTap, not test yet 2021-08-23 20:15:31 +00:00
KusakabeSi
2beb19c224 Bugfix, save peer to file ok 2021-08-23 17:45:09 +00:00
KusakabeSi
8a1126dcbf Bugfix, p2p mode ok 2021-08-23 16:39:04 +00:00
KusakabeSi
88ef721c1d Bugfix, static mode ok 2021-08-23 08:35:17 +00:00
KusakabeSi
19fe84cf0c bunch of bugfix, supermode OK 2021-08-22 14:19:35 +00:00
KusakabeSi
4939f9f0c4 Not test yet 2021-08-21 14:23:27 +00:00
KusakabeSi
87a62f873b TAP and routeing 2021-08-16 19:37:15 +00:00
KusakabeSi
1fa36f77ac delete unused part(tun/allow_ip) 2021-08-16 19:37:08 +00:00
KusakabeSi
7801b56b41 rename module 2021-08-16 19:36:46 +00:00
Jason A. Donenfeld
3957e9b9dd memmod: register exception handler tables
Otherwise recent WDK binaries fail on ARM64, where an exception handler
is used for trapping an illegal instruction when ARMv8.1 atomics are
being tested for functionality.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-08-05 14:56:48 +02:00
Jason A. Donenfeld
bad6caeb82 memmod: fix protected delayed load the right way
The reason this was failing before is that dloadsup.h's
DloadObtainSection was doing a linear search of sections to find which
header corresponds with the IMAGE_DELAYLOAD_DESCRIPTOR section, and we
were stupidly overwriting the VirtualSize field, so the linear search
wound up matching the .text section, which then it found to not be
marked writable and failed with FAST_FAIL_DLOAD_PROTECTION_FAILURE.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-07-29 01:27:40 +02:00
Jason A. Donenfeld
c89f5ca665 memmod: disable protected delayed load for now
Probably a bad idea, but we don't currently support it, and those huge
windows.NewCallback trampolines make juicer targets anyway.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-07-29 01:13:03 +02:00
Jason A. Donenfeld
15b24b6179 ipc: allow admins but require high integrity label
Might be more reasonable.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-24 17:01:02 +02:00
Jason A. Donenfeld
f9b48a961c device: zero out allowedip node pointers when removing
This should make it a bit easier for the garbage collector.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-04 16:33:28 +02:00
Jason A. Donenfeld
d0cf96114f device: limit allowedip fuzzer a to 4 times through
Trying this for every peer winds up being very slow and precludes it
from acceptable runtime in the CI, so reduce this to 4.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-03 18:22:50 +02:00
Jason A. Donenfeld
841756e328 device: simplify allowedips lookup signature
The inliner should handle this for us.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-03 16:29:43 +02:00
Jason A. Donenfeld
c382222eab device: remove nodes by peer in O(1) instead of O(n)
Now that we have parent pointers hooked up, we can simply go right to
the node and remove it in place, rather than having to recursively walk
the entire trie.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-03 16:29:43 +02:00
Jason A. Donenfeld
b41f4cc768 device: remove recursion from insertion and connect parent pointers
This makes the insertion algorithm a bit more efficient, while also now
taking on the additional task of connecting up parent pointers. This
will be handy in the following commit.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-03 15:08:42 +02:00
Jason A. Donenfeld
4a57024b94 device: reduce size of trie struct
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-03 13:51:03 +02:00
Josh Bleecher Snyder
64cb82f2b3 go.mod: bump golang.org/x/sys again
To pick up https://go-review.googlesource.com/c/sys/+/307129.

Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2021-05-25 16:34:54 +02:00
Jason A. Donenfeld
c27ff9b9f6 device: allow reducing queue constants on iOS
Heavier network extensions might require the wireguard-go component to
use less ram, so let users of this reduce these as needed.

At some point we'll put this behind a configuration method of sorts, but
for now, just expose the consts as vars.

Requested-by: Josh Bleecher Snyder <josh@tailscale.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-22 01:00:51 +02:00
Jason A. Donenfeld
99e8b4ba60 tun: linux: account for interface removal from outside
On Linux we can run `ip link del wg0`, in which case the fd becomes
stale, and we should exit. Since this is an intentional action, don't
treat it as an error.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-20 18:26:01 +02:00
Jason A. Donenfeld
bd83f0ac99 conn: linux: protect read fds
The -1 protection was removed and the wrong error was returned, causing
us to read from a bogus fd. As well, remove the useless closures that
aren't doing anything, since this is all synchronized anyway.

Fixes: 10533c3 ("all: make conn.Bind.Open return a slice of receive functions")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-20 18:09:55 +02:00
Jason A. Donenfeld
50d779833e rwcancel: use ordinary os.ErrClosed instead of custom error
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-20 17:56:36 +02:00
Jason A. Donenfeld
a9b377e9e1 rwcancel: use poll instead of select
Suggested-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-20 17:42:34 +02:00
Jason A. Donenfeld
9087e444e6 device: optimize Peer.String even more
This reduces the allocation, branches, and amount of base64 encoding.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-18 17:43:53 +02:00
Josh Bleecher Snyder
25ad08a591 device: optimize Peer.String
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-05-14 00:37:30 +02:00
Jason A. Donenfeld
5846b62283 conn: windows: set count=0 on retry
When retrying, if count is not 0, we forget to dequeue another request,
and so the ring fills up and errors out.

Reported-by: Sascha Dierberg <dierberg@dresearch-fe.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-05-11 16:47:17 +02:00