version: bump snapshot

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

.gitignore

@@ -1,4 +1 @@
 wireguard-go
-vendor
-.gopath
-ireallywantobuildon_linux.go

COPYING

@@ -1,338 +1,17 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 2, June 1991
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
 
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
 
-                            Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.)  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
-  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
-rights.
-
-  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
-  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
-  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
-  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
-  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
-
-    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
-    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
-
-    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
-
-    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
-  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
-  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
-  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
-
-  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
-  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
-                            NO WARRANTY
-
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License version 2
-    as published by the Free Software Foundation.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
-    Gnomovision version 69, Copyright (C) year name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
-  <signature of Ty Coon>, 1 April 1989
-  Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Gopkg.lock

@@ -1,42 +0,0 @@
-# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
-
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/crypto"
-  packages = [
-    "blake2s",
-    "chacha20poly1305",
-    "curve25519",
-    "internal/chacha20",
-    "poly1305"
-  ]
-  revision = "ab813273cd59e1333f7ae7bff5d027d4aadf528c"
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/net"
-  packages = [
-    "bpf",
-    "internal/iana",
-    "internal/socket",
-    "ipv4",
-    "ipv6"
-  ]
-  revision = "dfa909b99c79129e1100513e5cd36307665e5723"
-
-[[projects]]
-  branch = "master"
-  name = "golang.org/x/sys"
-  packages = [
-    "cpu",
-    "unix"
-  ]
-  revision = "c11f84a56e43e20a78cee75a7c034031ecf57d1f"
-
-[solve-meta]
-  analyzer-name = "dep"
-  analyzer-version = 1
-  inputs-digest = "d85ae9d2b4afafc3d7535505c46368cbbbec350cf876616302c1bcf44f6ec103"
-  solver-name = "gps-cdcl"
-  solver-version = 1

Gopkg.toml

@@ -1,15 +0,0 @@
-[[constraint]]
-  branch = "master"
-  name = "golang.org/x/crypto"
-
-[[constraint]]
-  branch = "master"
-  name = "golang.org/x/net"
-
-[[constraint]]
-  branch = "master"
-  name = "golang.org/x/sys"
-
-[prune]
-  go-tests = true
-  unused-packages = true

Makefile

@@ -1,51 +1,31 @@
 PREFIX ?= /usr
 DESTDIR ?=
 BINDIR ?= $(PREFIX)/bin
+export GO111MODULE := on
 
-ifeq ($(shell go env GOOS),linux)
-ifeq ($(wildcard .git),)
-$(error Do not build this for Linux. Instead use the Linux kernel module. See wireguard.com/install/ for more info.)
-else
-$(shell printf 'package main\nconst UseTheKernelModuleInstead = 0xdeadbabe\n' > ireallywantobuildon_linux.go)
-endif
-endif
+all: generate-version-and-build
 
-all: wireguard-go
+MAKEFLAGS += --no-print-directory
 
-export GOPATH := $(CURDIR)/.gopath
-export PATH := $(PATH):$(CURDIR)/.gopath/bin
-GO_IMPORT_PATH := git.zx2c4.com/wireguard-go
-
-version.go:
+generate-version-and-build:
 	@export GIT_CEILING_DIRECTORIES="$(realpath $(CURDIR)/..)" && \
 	tag="$$(git describe --dirty 2>/dev/null)" && \
-	ver="$$(printf 'package main\nconst WireGuardGoVersion = "%s"\n' "$$tag")" && \
-	[ "$$(cat $@ 2>/dev/null)" != "$$ver" ] && \
-	echo "$$ver" > $@ && \
-	git update-index --assume-unchanged $@ || true
+	ver="$$(printf 'package main\nconst Version = "%s"\n' "$$tag")" && \
+	[ "$$(cat version.go 2>/dev/null)" != "$$ver" ] && \
+	echo "$$ver" > version.go && \
+	git update-index --assume-unchanged version.go || true
+	@$(MAKE) wireguard-go
 
-.gopath/.created:
-	rm -rf .gopath
-	mkdir -p $(dir .gopath/src/$(GO_IMPORT_PATH))
-	ln -s ../../.. .gopath/src/$(GO_IMPORT_PATH)
-	touch $@
-
-vendor/.created: Gopkg.toml Gopkg.lock | .gopath/.created
-	command -v dep >/dev/null || go get -v github.com/golang/dep/cmd/dep
-	export PWD; cd .gopath/src/$(GO_IMPORT_PATH) && dep ensure -vendor-only -v
-	touch $@
-
-wireguard-go: $(wildcard *.go) $(wildcard */*.go) .gopath/.created vendor/.created version.go
-	go build -v $(GO_IMPORT_PATH)
+wireguard-go: $(wildcard *.go) $(wildcard */*.go)
+	go build -v -o "$@"
 
 install: wireguard-go
-	@install -v -d "$(DESTDIR)$(BINDIR)" && install -v -m 0755 wireguard-go "$(DESTDIR)$(BINDIR)/wireguard-go"
+	@install -v -d "$(DESTDIR)$(BINDIR)" && install -v -m 0755 "$<" "$(DESTDIR)$(BINDIR)/wireguard-go"
+
+test:
+	go test -v ./...
 
 clean:
 	rm -f wireguard-go
 
-update-dep: | .gopath/.created
-	command -v dep >/dev/null || go get -v github.com/golang/dep/cmd/dep
-	cd .gopath/src/$(GO_IMPORT_PATH) && dep ensure -update -v
-
-.PHONY: clean install update-dep version.go
+.PHONY: all clean test install generate-version-and-build

README.md

@@ -2,8 +2,6 @@
 
 This is an implementation of WireGuard in Go.
 
-***WARNING:*** This is a work in progress and not ready for prime time, with no official "releases" yet. It is extremely rough around the edges and leaves much to be desired. There are bugs and we are not yet in a position to make claims about its security. Beware.
-
 ## Usage
 
 Most Linux kernel WireGuard users are used to adding an interface with `ip link add wg0 type wireguard`. With wireguard-go, instead simply run:
@@ -20,7 +18,7 @@ To run wireguard-go without forking to the background, pass `-f` or `--foregroun
 $ wireguard-go -f wg0
 ```
 
-When an interface is running, you may use [`wg(8)`](https://git.zx2c4.com/WireGuard/about/src/tools/man/wg.8) to configure it, as well as the usual `ip(8)` and `ifconfig(8)` commands.
+When an interface is running, you may use [`wg(8)`](https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8) to configure it, as well as the usual `ip(8)` and `ifconfig(8)` commands.
 
 To run with more logging you may set the environment variable `LOG_LEVEL=debug`.
 
@@ -28,7 +26,7 @@ To run with more logging you may set the environment variable `LOG_LEVEL=debug`.
 
 ### Linux
 
-This will run on Linux; however **YOU SHOULD NOT RUN THIS ON LINUX**. Instead use the kernel module; see the [installation page](https://www.wireguard.com/install/) for instructions.
+This will run on Linux; however you should instead use the kernel module, which is faster and better integrated into the OS. See the [installation page](https://www.wireguard.com/install/) for instructions.
 
 ### macOS
 
@@ -36,7 +34,7 @@ This runs on macOS using the utun driver. It does not yet support sticky sockets
 
 ### Windows
 
-It is currently a work in progress to strip out the beginnings of an experiment done with the OpenVPN tuntap driver and instead port to the new UWP APIs for tunnels. In other words, this does not *yet* work on Windows.
+This runs on Windows, but you should instead use it from the more [fully featured Windows app](https://git.zx2c4.com/wireguard-windows/about/), which uses this as a module.
 
 ### FreeBSD
 
@@ -48,7 +46,7 @@ This will run on OpenBSD. It does not yet support sticky sockets. Fwmark is mapp
 
 ## Building
 
-This requires an installation of [go](https://golang.org) and of [dep](https://github.com/golang/dep). If dep is not installed, it will be downloaded and built as part of the build process.
+This requires an installation of [go](https://golang.org) ≥ 1.13.
 
 ```
 $ git clone https://git.zx2c4.com/wireguard-go
@@ -58,27 +56,22 @@ $ make
 
 ## License
 
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License version 2 as
-    published by the Free Software Foundation.
+    Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
     
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-    ---------------------------------------------------------------------------
-    Additional Permissions For Submission to Apple App Store: Provided that you
-    are otherwise in compliance with the GPLv2 for each covered work you convey
-    (including without limitation making the Corresponding Source available in
-    compliance with Section 3 of the GPLv2), you are granted the additional
-    permission to convey through the Apple App Store non-source executable
-    versions of the Program as incorporated into each applicable covered work
-    as Executable Versions only under the Mozilla Public License version 2.0
-    (https://www.mozilla.org/en-US/MPL/2.0/).
+    Permission is hereby granted, free of charge, to any person obtaining a copy of
+    this software and associated documentation files (the "Software"), to deal in
+    the Software without restriction, including without limitation the rights to
+    use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+    of the Software, and to permit persons to whom the Software is furnished to do
+    so, subject to the following conditions:
     
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
     
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.

conn.go

@@ -1,181 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"errors"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-	"net"
-)
-
-const (
-	ConnRoutineNumber = 2
-)
-
-/* A Bind handles listening on a port for both IPv6 and IPv4 UDP traffic
- */
-type Bind interface {
-	SetMark(value uint32) error
-	ReceiveIPv6(buff []byte) (int, Endpoint, error)
-	ReceiveIPv4(buff []byte) (int, Endpoint, error)
-	Send(buff []byte, end Endpoint) error
-	Close() error
-}
-
-/* An Endpoint maintains the source/destination caching for a peer
- *
- * dst : the remote address of a peer ("endpoint" in uapi terminology)
- * src : the local address from which datagrams originate going to the peer
- */
-type Endpoint interface {
-	ClearSrc()           // clears the source address
-	SrcToString() string // returns the local source address (ip:port)
-	DstToString() string // returns the destination address (ip:port)
-	DstToBytes() []byte  // used for mac2 cookie calculations
-	DstIP() net.IP
-	SrcIP() net.IP
-}
-
-func parseEndpoint(s string) (*net.UDPAddr, error) {
-
-	// ensure that the host is an IP address
-
-	host, _, err := net.SplitHostPort(s)
-	if err != nil {
-		return nil, err
-	}
-	if ip := net.ParseIP(host); ip == nil {
-		return nil, errors.New("Failed to parse IP address: " + host)
-	}
-
-	// parse address and port
-
-	addr, err := net.ResolveUDPAddr("udp", s)
-	if err != nil {
-		return nil, err
-	}
-	ip4 := addr.IP.To4()
-	if ip4 != nil {
-		addr.IP = ip4
-	}
-	return addr, err
-}
-
-func unsafeCloseBind(device *Device) error {
-	var err error
-	netc := &device.net
-	if netc.bind != nil {
-		err = netc.bind.Close()
-		netc.bind = nil
-	}
-	netc.stopping.Wait()
-	return err
-}
-
-func (device *Device) BindSetMark(mark uint32) error {
-
-	device.net.mutex.Lock()
-	defer device.net.mutex.Unlock()
-
-	// check if modified
-
-	if device.net.fwmark == mark {
-		return nil
-	}
-
-	// update fwmark on existing bind
-
-	device.net.fwmark = mark
-	if device.isUp.Get() && device.net.bind != nil {
-		if err := device.net.bind.SetMark(mark); err != nil {
-			return err
-		}
-	}
-
-	// clear cached source addresses
-
-	device.peers.mutex.RLock()
-	for _, peer := range device.peers.keyMap {
-		peer.mutex.Lock()
-		defer peer.mutex.Unlock()
-		if peer.endpoint != nil {
-			peer.endpoint.ClearSrc()
-		}
-	}
-	device.peers.mutex.RUnlock()
-
-	return nil
-}
-
-func (device *Device) BindUpdate() error {
-
-	device.net.mutex.Lock()
-	defer device.net.mutex.Unlock()
-
-	// close existing sockets
-
-	if err := unsafeCloseBind(device); err != nil {
-		return err
-	}
-
-	// open new sockets
-
-	if device.isUp.Get() {
-
-		// bind to new port
-
-		var err error
-		netc := &device.net
-		netc.bind, netc.port, err = CreateBind(netc.port, device)
-		if err != nil {
-			netc.bind = nil
-			netc.port = 0
-			return err
-		}
-
-		// set fwmark
-
-		if netc.fwmark != 0 {
-			err = netc.bind.SetMark(netc.fwmark)
-			if err != nil {
-				return err
-			}
-		}
-
-		// clear cached source addresses
-
-		device.peers.mutex.RLock()
-		for _, peer := range device.peers.keyMap {
-			peer.mutex.Lock()
-			defer peer.mutex.Unlock()
-			if peer.endpoint != nil {
-				peer.endpoint.ClearSrc()
-			}
-		}
-		device.peers.mutex.RUnlock()
-
-		// start receiving routines
-
-		device.net.starting.Add(ConnRoutineNumber)
-		device.net.stopping.Add(ConnRoutineNumber)
-		go device.RoutineReceiveIncoming(ipv4.Version, netc.bind)
-		go device.RoutineReceiveIncoming(ipv6.Version, netc.bind)
-		device.net.starting.Wait()
-
-		device.log.Debug.Println("UDP bind has been updated")
-	}
-
-	return nil
-}
-
-func (device *Device) BindClose() error {
-	device.net.mutex.Lock()
-	err := unsafeCloseBind(device)
-	device.net.mutex.Unlock()
-	return err
-}

conn/boundif_android.go

@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package conn
+
+func (bind *nativeBind) PeekLookAtSocketFd4() (fd int, err error) {
+	sysconn, err := bind.ipv4.SyscallConn()
+	if err != nil {
+		return -1, err
+	}
+	err = sysconn.Control(func(f uintptr) {
+		fd = int(f)
+	})
+	if err != nil {
+		return -1, err
+	}
+	return
+}
+
+func (bind *nativeBind) PeekLookAtSocketFd6() (fd int, err error) {
+	sysconn, err := bind.ipv6.SyscallConn()
+	if err != nil {
+		return -1, err
+	}
+	err = sysconn.Control(func(f uintptr) {
+		fd = int(f)
+	})
+	if err != nil {
+		return -1, err
+	}
+	return
+}

conn/boundif_windows.go

@@ -0,0 +1,59 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package conn
+
+import (
+	"encoding/binary"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+const (
+	sockoptIP_UNICAST_IF   = 31
+	sockoptIPV6_UNICAST_IF = 31
+)
+
+func (bind *nativeBind) BindSocketToInterface4(interfaceIndex uint32, blackhole bool) error {
+	/* MSDN says for IPv4 this needs to be in net byte order, so that it's like an IP address with leading zeros. */
+	bytes := make([]byte, 4)
+	binary.BigEndian.PutUint32(bytes, interfaceIndex)
+	interfaceIndex = *(*uint32)(unsafe.Pointer(&bytes[0]))
+
+	sysconn, err := bind.ipv4.SyscallConn()
+	if err != nil {
+		return err
+	}
+	err2 := sysconn.Control(func(fd uintptr) {
+		err = windows.SetsockoptInt(windows.Handle(fd), windows.IPPROTO_IP, sockoptIP_UNICAST_IF, int(interfaceIndex))
+	})
+	if err2 != nil {
+		return err2
+	}
+	if err != nil {
+		return err
+	}
+	bind.blackhole4 = blackhole
+	return nil
+}
+
+func (bind *nativeBind) BindSocketToInterface6(interfaceIndex uint32, blackhole bool) error {
+	sysconn, err := bind.ipv6.SyscallConn()
+	if err != nil {
+		return err
+	}
+	err2 := sysconn.Control(func(fd uintptr) {
+		err = windows.SetsockoptInt(windows.Handle(fd), windows.IPPROTO_IPV6, sockoptIPV6_UNICAST_IF, int(interfaceIndex))
+	})
+	if err2 != nil {
+		return err2
+	}
+	if err != nil {
+		return err
+	}
+	bind.blackhole6 = blackhole
+	return nil
+}

conn/conn.go

@@ -0,0 +1,111 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+// Package conn implements WireGuard's network connections.
+package conn
+
+import (
+	"errors"
+	"net"
+	"strings"
+)
+
+// A Bind listens on a port for both IPv6 and IPv4 UDP traffic.
+//
+// A Bind interface may also be a PeekLookAtSocketFd or BindSocketToInterface,
+// depending on the platform-specific implementation.
+type Bind interface {
+	// LastMark reports the last mark set for this Bind.
+	LastMark() uint32
+
+	// SetMark sets the mark for each packet sent through this Bind.
+	// This mark is passed to the kernel as the socket option SO_MARK.
+	SetMark(mark uint32) error
+
+	// ReceiveIPv6 reads an IPv6 UDP packet into b.
+	//
+	// It reports the number of bytes read, n,
+	// the packet source address ep,
+	// and any error.
+	ReceiveIPv6(b []byte) (n int, ep Endpoint, err error)
+
+	// ReceiveIPv4 reads an IPv4 UDP packet into b.
+	//
+	// It reports the number of bytes read, n,
+	// the packet source address ep,
+	// and any error.
+	ReceiveIPv4(b []byte) (n int, ep Endpoint, err error)
+
+	// Send writes a packet b to address ep.
+	Send(b []byte, ep Endpoint) error
+
+	// Close closes the Bind connection.
+	Close() error
+}
+
+// CreateBind creates a Bind bound to a port.
+//
+// The value actualPort reports the actual port number the Bind
+// object gets bound to.
+func CreateBind(port uint16) (b Bind, actualPort uint16, err error) {
+	return createBind(port)
+}
+
+// BindSocketToInterface is implemented by Bind objects that support being
+// tied to a single network interface. Used by wireguard-windows.
+type BindSocketToInterface interface {
+	BindSocketToInterface4(interfaceIndex uint32, blackhole bool) error
+	BindSocketToInterface6(interfaceIndex uint32, blackhole bool) error
+}
+
+// PeekLookAtSocketFd is implemented by Bind objects that support having their
+// file descriptor peeked at. Used by wireguard-android.
+type PeekLookAtSocketFd interface {
+	PeekLookAtSocketFd4() (fd int, err error)
+	PeekLookAtSocketFd6() (fd int, err error)
+}
+
+// An Endpoint maintains the source/destination caching for a peer.
+//
+//	dst : the remote address of a peer ("endpoint" in uapi terminology)
+//	src : the local address from which datagrams originate going to the peer
+type Endpoint interface {
+	ClearSrc()           // clears the source address
+	SrcToString() string // returns the local source address (ip:port)
+	DstToString() string // returns the destination address (ip:port)
+	DstToBytes() []byte  // used for mac2 cookie calculations
+	DstIP() net.IP
+	SrcIP() net.IP
+}
+
+func parseEndpoint(s string) (*net.UDPAddr, error) {
+	// ensure that the host is an IP address
+
+	host, _, err := net.SplitHostPort(s)
+	if err != nil {
+		return nil, err
+	}
+	if i := strings.LastIndexByte(host, '%'); i > 0 && strings.IndexByte(host, ':') >= 0 {
+		// Remove the scope, if any. ResolveUDPAddr below will use it, but here we're just
+		// trying to make sure with a small sanity test that this is a real IP address and
+		// not something that's likely to incur DNS lookups.
+		host = host[:i]
+	}
+	if ip := net.ParseIP(host); ip == nil {
+		return nil, errors.New("Failed to parse IP address: " + host)
+	}
+
+	// parse address and port
+
+	addr, err := net.ResolveUDPAddr("udp", s)
+	if err != nil {
+		return nil, err
+	}
+	ip4 := addr.IP.To4()
+	if ip4 != nil {
+		addr.IP = ip4
+	}
+	return addr, err
+}

conn/conn_default.go

@@ -1,18 +1,15 @@
 // +build !linux android
 
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package conn
 
 import (
-	"golang.org/x/sys/unix"
+	"errors"
 	"net"
-	"os"
-	"runtime"
 	"syscall"
 )
 
@@ -23,14 +20,16 @@ import (
  * See conn_linux.go for an implementation on the linux platform.
  */
 
-type NativeBind struct {
+type nativeBind struct {
 	ipv4       *net.UDPConn
 	ipv6       *net.UDPConn
+	blackhole4 bool
+	blackhole6 bool
 }
 
 type NativeEndpoint net.UDPAddr
 
-var _ Bind = (*NativeBind)(nil)
+var _ Bind = (*nativeBind)(nil)
 var _ Endpoint = (*NativeEndpoint)(nil)
 
 func CreateEndpoint(s string) (Endpoint, error) {
@@ -38,7 +37,7 @@ func CreateEndpoint(s string) (Endpoint, error) {
 	return (*NativeEndpoint)(addr), err
 }
 
-func (_ *NativeEndpoint) ClearSrc() {}
+func (*NativeEndpoint) ClearSrc() {}
 
 func (e *NativeEndpoint) DstIP() net.IP {
 	return (*net.UDPAddr)(e).IP
@@ -68,16 +67,12 @@ func (e *NativeEndpoint) SrcToString() string {
 }
 
 func listenNet(network string, port int) (*net.UDPConn, int, error) {
-
-	// listen
-
 	conn, err := net.ListenUDP(network, &net.UDPAddr{Port: port})
 	if err != nil {
 		return nil, 0, err
 	}
 
-	// retrieve port
-
+	// Retrieve port.
 	laddr := conn.LocalAddr()
 	uaddr, err := net.ResolveUDPAddr(
 		laddr.Network(),
@@ -89,32 +84,26 @@ func listenNet(network string, port int) (*net.UDPConn, int, error) {
 	return conn, uaddr.Port, nil
 }
 
-func extractErrno(err error) error {
-	opErr, ok := err.(*net.OpError)
-	if !ok {
-		return nil
-	}
-	syscallErr, ok := opErr.Err.(*os.SyscallError)
-	if !ok {
-		return nil
-	}
-	return syscallErr.Err
-}
-
-func CreateBind(uport uint16, device *Device) (Bind, uint16, error) {
+func createBind(uport uint16) (Bind, uint16, error) {
 	var err error
-	var bind NativeBind
+	var bind nativeBind
+	var tries int
 
+again:
 	port := int(uport)
 
 	bind.ipv4, port, err = listenNet("udp4", port)
-	if err != nil && extractErrno(err) != syscall.EAFNOSUPPORT {
+	if err != nil && !errors.Is(err, syscall.EAFNOSUPPORT) {
 		return nil, 0, err
 	}
 
 	bind.ipv6, port, err = listenNet("udp6", port)
-	if err != nil && extractErrno(err) != syscall.EAFNOSUPPORT {
-		return nil, 0, err
+	if uport == 0 && err != nil && errors.Is(err, syscall.EADDRINUSE) && tries < 100 {
+		bind.ipv4.Close()
+		tries++
+		goto again
+	}
+	if err != nil && !errors.Is(err, syscall.EAFNOSUPPORT) {
 		bind.ipv4.Close()
 		bind.ipv4 = nil
 		return nil, 0, err
@@ -123,7 +112,7 @@ func CreateBind(uport uint16, device *Device) (Bind, uint16, error) {
 	return &bind, uint16(port), nil
 }
 
-func (bind *NativeBind) Close() error {
+func (bind *nativeBind) Close() error {
 	var err1, err2 error
 	if bind.ipv4 != nil {
 		err1 = bind.ipv4.Close()
@@ -137,7 +126,9 @@ func (bind *NativeBind) Close() error {
 	return err2
 }
 
-func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
+func (bind *nativeBind) LastMark() uint32 { return 0 }
+
+func (bind *nativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 	if bind.ipv4 == nil {
 		return 0, nil, syscall.EAFNOSUPPORT
 	}
@@ -148,7 +139,7 @@ func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 	return n, (*NativeEndpoint)(endpoint), err
 }
 
-func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
+func (bind *nativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 	if bind.ipv6 == nil {
 		return 0, nil, syscall.EAFNOSUPPORT
 	}
@@ -156,63 +147,25 @@ func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 	return n, (*NativeEndpoint)(endpoint), err
 }
 
-func (bind *NativeBind) Send(buff []byte, endpoint Endpoint) error {
+func (bind *nativeBind) Send(buff []byte, endpoint Endpoint) error {
 	var err error
 	nend := endpoint.(*NativeEndpoint)
 	if nend.IP.To4() != nil {
 		if bind.ipv4 == nil {
 			return syscall.EAFNOSUPPORT
 		}
+		if bind.blackhole4 {
+			return nil
+		}
 		_, err = bind.ipv4.WriteToUDP(buff, (*net.UDPAddr)(nend))
 	} else {
 		if bind.ipv6 == nil {
 			return syscall.EAFNOSUPPORT
 		}
+		if bind.blackhole6 {
+			return nil
+		}
 		_, err = bind.ipv6.WriteToUDP(buff, (*net.UDPAddr)(nend))
 	}
 	return err
 }
-
-var fwmarkIoctl int
-
-func init() {
-	switch runtime.GOOS {
-	case "linux", "android":
-		fwmarkIoctl = 36 /* unix.SO_MARK */
-	case "freebsd":
-		fwmarkIoctl = 0x1015 /* unix.SO_USER_COOKIE */
-	case "openbsd":
-		fwmarkIoctl = 0x1021 /* unix.SO_RTABLE */
-	}
-}
-
-func (bind *NativeBind) SetMark(mark uint32) error {
-	if fwmarkIoctl == 0 {
-		return nil
-	}
-	if bind.ipv4 != nil {
-		fd, err := bind.ipv4.SyscallConn()
-		if err != nil {
-			return err
-		}
-		err = fd.Control(func(fd uintptr) {
-			err = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
-		})
-		if err != nil {
-			return err
-		}
-	}
-	if bind.ipv6 != nil {
-		fd, err := bind.ipv6.SyscallConn()
-		if err != nil {
-			return err
-		}
-		err = fd.Control(func(fd uintptr) {
-			err = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
-		})
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}

conn/conn_linux.go

@@ -1,36 +1,26 @@
 // +build !android
 
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- *
- * This implements userspace semantics of "sticky sockets", modeled after
- * WireGuard's kernelspace implementation. This is more or less a straight port
- * of the sticky-sockets.c example code:
- * https://git.zx2c4.com/WireGuard/tree/contrib/examples/sticky-sockets/sticky-sockets.c
- *
- * Currently there is no way to achieve this within the net package:
- * See e.g. https://github.com/golang/go/issues/17930
- * So this code is remains platform dependent.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package conn
 
 import (
 	"errors"
-	"git.zx2c4.com/wireguard-go/rwcancel"
-	"golang.org/x/sys/unix"
 	"net"
 	"strconv"
 	"sync"
 	"syscall"
 	"unsafe"
+
+	"golang.org/x/sys/unix"
 )
 
 type IPv4Source struct {
-	src     [4]byte
-	ifindex int32
+	Src     [4]byte
+	Ifindex int32
 }
 
 type IPv6Source struct {
@@ -39,11 +29,16 @@ type IPv6Source struct {
 }
 
 type NativeEndpoint struct {
+	sync.Mutex
 	dst  [unsafe.Sizeof(unix.SockaddrInet6{})]byte
 	src  [unsafe.Sizeof(IPv6Source{})]byte
 	isV6 bool
 }
 
+func (endpoint *NativeEndpoint) Src4() *IPv4Source         { return endpoint.src4() }
+func (endpoint *NativeEndpoint) Dst4() *unix.SockaddrInet4 { return endpoint.dst4() }
+func (endpoint *NativeEndpoint) IsV6() bool                { return endpoint.isV6 }
+
 func (endpoint *NativeEndpoint) src4() *IPv4Source {
 	return (*IPv4Source)(unsafe.Pointer(&endpoint.src[0]))
 }
@@ -60,16 +55,15 @@ func (endpoint *NativeEndpoint) dst6() *unix.SockaddrInet6 {
 	return (*unix.SockaddrInet6)(unsafe.Pointer(&endpoint.dst[0]))
 }
 
-type NativeBind struct {
+type nativeBind struct {
 	sock4    int
 	sock6    int
-	netlinkSock   int
-	netlinkCancel *rwcancel.RWCancel
 	lastMark uint32
+	closing  sync.RWMutex
 }
 
 var _ Endpoint = (*NativeEndpoint)(nil)
-var _ Bind = (*NativeBind)(nil)
+var _ Bind = (*nativeBind)(nil)
 
 func CreateEndpoint(s string) (Endpoint, error) {
 	var end NativeEndpoint
@@ -106,56 +100,56 @@ func CreateEndpoint(s string) (Endpoint, error) {
 	return nil, errors.New("Invalid IP address")
 }
 
-func createNetlinkRouteSocket() (int, error) {
-	sock, err := unix.Socket(unix.AF_NETLINK, unix.SOCK_RAW, unix.NETLINK_ROUTE)
-	if err != nil {
-		return -1, err
-	}
-	saddr := &unix.SockaddrNetlink{
-		Family: unix.AF_NETLINK,
-		Groups: uint32(1 << (unix.RTNLGRP_IPV4_ROUTE - 1)),
-	}
-	err = unix.Bind(sock, saddr)
-	if err != nil {
-		unix.Close(sock)
-		return -1, err
-	}
-	return sock, nil
-
-}
-
-func CreateBind(port uint16, device *Device) (*NativeBind, uint16, error) {
+func createBind(port uint16) (Bind, uint16, error) {
 	var err error
-	var bind NativeBind
+	var bind nativeBind
+	var newPort uint16
+	var tries int
+	originalPort := port
 
-	bind.netlinkSock, err = createNetlinkRouteSocket()
+again:
+	port = originalPort
+	// Attempt ipv6 bind, update port if successful.
+	bind.sock6, newPort, err = create6(port)
 	if err != nil {
+		if err != syscall.EAFNOSUPPORT {
 			return nil, 0, err
 		}
-	bind.netlinkCancel, err = rwcancel.NewRWCancel(bind.netlinkSock)
+	} else {
+		port = newPort
+	}
+
+	// Attempt ipv4 bind, update port if successful.
+	bind.sock4, newPort, err = create4(port)
 	if err != nil {
-		unix.Close(bind.netlinkSock)
-		return nil, 0, err
+		if originalPort == 0 && err == syscall.EADDRINUSE && tries < 100 {
+			unix.Close(bind.sock6)
+			tries++
+			goto again
 		}
-
-	go bind.routineRouteListener(device)
-
-	bind.sock6, port, err = create6(port)
-	if err != nil && err != syscall.EAFNOSUPPORT {
-		bind.netlinkCancel.Cancel()
-		return nil, 0, err
-	}
-
-	bind.sock4, port, err = create4(port)
-	if err != nil && err != syscall.EAFNOSUPPORT {
-		bind.netlinkCancel.Cancel()
+		if err != syscall.EAFNOSUPPORT {
 			unix.Close(bind.sock6)
 			return nil, 0, err
 		}
+	} else {
+		port = newPort
+	}
+
+	if bind.sock4 == -1 && bind.sock6 == -1 {
+		return nil, 0, errors.New("ipv4 and ipv6 not supported")
+	}
+
 	return &bind, port, nil
 }
 
-func (bind *NativeBind) SetMark(value uint32) error {
+func (bind *nativeBind) LastMark() uint32 {
+	return bind.lastMark
+}
+
+func (bind *nativeBind) SetMark(value uint32) error {
+	bind.closing.RLock()
+	defer bind.closing.RUnlock()
+
 	if bind.sock6 != -1 {
 		err := unix.SetsockoptInt(
 			bind.sock6,
@@ -186,35 +180,40 @@ func (bind *NativeBind) SetMark(value uint32) error {
 	return nil
 }
 
-func closeUnblock(fd int) error {
-	// shutdown to unblock readers and writers
-	unix.Shutdown(fd, unix.SHUT_RDWR)
-	return unix.Close(fd)
-}
-
-func (bind *NativeBind) Close() error {
-	var err1, err2, err3 error
+func (bind *nativeBind) Close() error {
+	var err1, err2 error
+	bind.closing.RLock()
 	if bind.sock6 != -1 {
-		err1 = closeUnblock(bind.sock6)
+		unix.Shutdown(bind.sock6, unix.SHUT_RDWR)
 	}
 	if bind.sock4 != -1 {
-		err2 = closeUnblock(bind.sock4)
+		unix.Shutdown(bind.sock4, unix.SHUT_RDWR)
 	}
-	err3 = bind.netlinkCancel.Cancel()
+	bind.closing.RUnlock()
+	bind.closing.Lock()
+	if bind.sock6 != -1 {
+		err1 = unix.Close(bind.sock6)
+		bind.sock6 = -1
+	}
+	if bind.sock4 != -1 {
+		err2 = unix.Close(bind.sock4)
+		bind.sock4 = -1
+	}
+	bind.closing.Unlock()
 
 	if err1 != nil {
 		return err1
 	}
-	if err2 != nil {
 	return err2
 }
-	return err3
-}
 
-func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
+func (bind *nativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
+	bind.closing.RLock()
+	defer bind.closing.RUnlock()
+
 	var end NativeEndpoint
 	if bind.sock6 == -1 {
-		return 0, nil, syscall.EAFNOSUPPORT
+		return 0, nil, NetErrClosed
 	}
 	n, err := receive6(
 		bind.sock6,
@@ -224,10 +223,13 @@ func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 	return n, &end, err
 }
 
-func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
+func (bind *nativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
+	bind.closing.RLock()
+	defer bind.closing.RUnlock()
+
 	var end NativeEndpoint
 	if bind.sock4 == -1 {
-		return 0, nil, syscall.EAFNOSUPPORT
+		return 0, nil, NetErrClosed
 	}
 	n, err := receive4(
 		bind.sock4,
@@ -237,16 +239,19 @@ func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 	return n, &end, err
 }
 
-func (bind *NativeBind) Send(buff []byte, end Endpoint) error {
+func (bind *nativeBind) Send(buff []byte, end Endpoint) error {
+	bind.closing.RLock()
+	defer bind.closing.RUnlock()
+
 	nend := end.(*NativeEndpoint)
 	if !nend.isV6 {
 		if bind.sock4 == -1 {
-			return syscall.EAFNOSUPPORT
+			return NetErrClosed
 		}
 		return send4(bind.sock4, nend, buff)
 	} else {
 		if bind.sock6 == -1 {
-			return syscall.EAFNOSUPPORT
+			return NetErrClosed
 		}
 		return send6(bind.sock6, nend, buff)
 	}
@@ -255,10 +260,10 @@ func (bind *NativeBind) Send(buff []byte, end Endpoint) error {
 func (end *NativeEndpoint) SrcIP() net.IP {
 	if !end.isV6 {
 		return net.IPv4(
-			end.src4().src[0],
-			end.src4().src[1],
-			end.src4().src[2],
-			end.src4().src[3],
+			end.src4().Src[0],
+			end.src4().Src[1],
+			end.src4().Src[2],
+			end.src4().Src[3],
 		)
 	} else {
 		return end.src6().src[:]
@@ -345,15 +350,6 @@ func create4(port uint16) (int, uint16, error) {
 	// set sockopts and bind
 
 	if err := func() error {
-		if err := unix.SetsockoptInt(
-			fd,
-			unix.SOL_SOCKET,
-			unix.SO_REUSEADDR,
-			1,
-		); err != nil {
-			return err
-		}
-
 		if err := unix.SetsockoptInt(
 			fd,
 			unix.IPPROTO_IP,
@@ -369,6 +365,11 @@ func create4(port uint16) (int, uint16, error) {
 		return -1, 0, err
 	}
 
+	sa, err := unix.Getsockname(fd)
+	if err == nil {
+		addr.Port = sa.(*unix.SockaddrInet4).Port
+	}
+
 	return fd, uint16(addr.Port), err
 }
 
@@ -393,16 +394,6 @@ func create6(port uint16) (int, uint16, error) {
 	}
 
 	if err := func() error {
-
-		if err := unix.SetsockoptInt(
-			fd,
-			unix.SOL_SOCKET,
-			unix.SO_REUSEADDR,
-			1,
-		); err != nil {
-			return err
-		}
-
 		if err := unix.SetsockoptInt(
 			fd,
 			unix.IPPROTO_IPV6,
@@ -428,6 +419,11 @@ func create6(port uint16) (int, uint16, error) {
 		return -1, 0, err
 	}
 
+	sa, err := unix.Getsockname(fd)
+	if err == nil {
+		addr.Port = sa.(*unix.SockaddrInet6).Port
+	}
+
 	return fd, uint16(addr.Port), err
 }
 
@@ -445,12 +441,14 @@ func send4(sock int, end *NativeEndpoint, buff []byte) error {
 			Len:   unix.SizeofInet4Pktinfo + unix.SizeofCmsghdr,
 		},
 		unix.Inet4Pktinfo{
-			Spec_dst: end.src4().src,
-			Ifindex:  end.src4().ifindex,
+			Spec_dst: end.src4().Src,
+			Ifindex:  end.src4().Ifindex,
 		},
 	}
 
+	end.Lock()
 	_, err := unix.SendmsgN(sock, buff, (*[unsafe.Sizeof(cmsg)]byte)(unsafe.Pointer(&cmsg))[:], end.dst4(), 0)
+	end.Unlock()
 
 	if err == nil {
 		return nil
@@ -461,7 +459,9 @@ func send4(sock int, end *NativeEndpoint, buff []byte) error {
 	if err == unix.EINVAL {
 		end.ClearSrc()
 		cmsg.pktinfo = unix.Inet4Pktinfo{}
+		end.Lock()
 		_, err = unix.SendmsgN(sock, buff, (*[unsafe.Sizeof(cmsg)]byte)(unsafe.Pointer(&cmsg))[:], end.dst4(), 0)
+		end.Unlock()
 	}
 
 	return err
@@ -490,7 +490,9 @@ func send6(sock int, end *NativeEndpoint, buff []byte) error {
 		cmsg.pktinfo.Ifindex = 0
 	}
 
+	end.Lock()
 	_, err := unix.SendmsgN(sock, buff, (*[unsafe.Sizeof(cmsg)]byte)(unsafe.Pointer(&cmsg))[:], end.dst6(), 0)
+	end.Unlock()
 
 	if err == nil {
 		return nil
@@ -501,7 +503,9 @@ func send6(sock int, end *NativeEndpoint, buff []byte) error {
 	if err == unix.EINVAL {
 		end.ClearSrc()
 		cmsg.pktinfo = unix.Inet6Pktinfo{}
+		end.Lock()
 		_, err = unix.SendmsgN(sock, buff, (*[unsafe.Sizeof(cmsg)]byte)(unsafe.Pointer(&cmsg))[:], end.dst6(), 0)
+		end.Unlock()
 	}
 
 	return err
@@ -509,7 +513,7 @@ func send6(sock int, end *NativeEndpoint, buff []byte) error {
 
 func receive4(sock int, buff []byte, end *NativeEndpoint) (int, error) {
 
-	// contruct message header
+	// construct message header
 
 	var cmsg struct {
 		cmsghdr unix.Cmsghdr
@@ -532,8 +536,8 @@ func receive4(sock int, buff []byte, end *NativeEndpoint) (int, error) {
 	if cmsg.cmsghdr.Level == unix.IPPROTO_IP &&
 		cmsg.cmsghdr.Type == unix.IP_PKTINFO &&
 		cmsg.cmsghdr.Len >= unix.SizeofInet4Pktinfo {
-		end.src4().src = cmsg.pktinfo.Spec_dst
-		end.src4().ifindex = cmsg.pktinfo.Ifindex
+		end.src4().Src = cmsg.pktinfo.Spec_dst
+		end.src4().Ifindex = cmsg.pktinfo.Ifindex
 	}
 
 	return size, nil
@@ -541,7 +545,7 @@ func receive4(sock int, buff []byte, end *NativeEndpoint) (int, error) {
 
 func receive6(sock int, buff []byte, end *NativeEndpoint) (int, error) {
 
-	// contruct message header
+	// construct message header
 
 	var cmsg struct {
 		cmsghdr unix.Cmsghdr
@@ -570,156 +574,3 @@ func receive6(sock int, buff []byte, end *NativeEndpoint) (int, error) {
 
 	return size, nil
 }
-
-func (bind *NativeBind) routineRouteListener(device *Device) {
-	type peerEndpointPtr struct {
-		peer     *Peer
-		endpoint *Endpoint
-	}
-	var reqPeer map[uint32]peerEndpointPtr
-	var reqPeerLock sync.Mutex
-
-	defer unix.Close(bind.netlinkSock)
-
-	for msg := make([]byte, 1<<16); ; {
-		var err error
-		var msgn int
-		for {
-			msgn, _, _, _, err = unix.Recvmsg(bind.netlinkSock, msg[:], nil, 0)
-			if err == nil || !rwcancel.RetryAfterError(err) {
-				break
-			}
-			if !bind.netlinkCancel.ReadyRead() {
-				return
-			}
-		}
-		if err != nil {
-			return
-		}
-
-		for remain := msg[:msgn]; len(remain) >= unix.SizeofNlMsghdr; {
-
-			hdr := *(*unix.NlMsghdr)(unsafe.Pointer(&remain[0]))
-
-			if uint(hdr.Len) > uint(len(remain)) {
-				break
-			}
-
-			switch hdr.Type {
-			case unix.RTM_NEWROUTE, unix.RTM_DELROUTE:
-				if hdr.Seq <= MaxPeers && hdr.Seq > 0 {
-					if uint(len(remain)) < uint(hdr.Len) {
-						break
-					}
-					if hdr.Len > unix.SizeofNlMsghdr+unix.SizeofRtMsg {
-						attr := remain[unix.SizeofNlMsghdr+unix.SizeofRtMsg:]
-						for {
-							if uint(len(attr)) < uint(unix.SizeofRtAttr) {
-								break
-							}
-							attrhdr := *(*unix.RtAttr)(unsafe.Pointer(&attr[0]))
-							if attrhdr.Len < unix.SizeofRtAttr || uint(len(attr)) < uint(attrhdr.Len) {
-								break
-							}
-							if attrhdr.Type == unix.RTA_OIF && attrhdr.Len == unix.SizeofRtAttr+4 {
-								ifidx := *(*uint32)(unsafe.Pointer(&attr[unix.SizeofRtAttr]))
-								reqPeerLock.Lock()
-								if reqPeer == nil {
-									reqPeerLock.Unlock()
-									break
-								}
-								pePtr, ok := reqPeer[hdr.Seq]
-								reqPeerLock.Unlock()
-								if !ok {
-									break
-								}
-								pePtr.peer.mutex.Lock()
-								if &pePtr.peer.endpoint != pePtr.endpoint {
-									pePtr.peer.mutex.Unlock()
-									break
-								}
-								if uint32(pePtr.peer.endpoint.(*NativeEndpoint).src4().ifindex) == ifidx {
-									pePtr.peer.mutex.Unlock()
-									break
-								}
-								pePtr.peer.endpoint.(*NativeEndpoint).ClearSrc()
-								pePtr.peer.mutex.Unlock()
-							}
-							attr = attr[attrhdr.Len:]
-						}
-					}
-					break
-				}
-				reqPeerLock.Lock()
-				reqPeer = make(map[uint32]peerEndpointPtr)
-				reqPeerLock.Unlock()
-				go func() {
-					device.peers.mutex.RLock()
-					i := uint32(1)
-					for _, peer := range device.peers.keyMap {
-						peer.mutex.RLock()
-						if peer.endpoint == nil || peer.endpoint.(*NativeEndpoint) == nil {
-							peer.mutex.RUnlock()
-							continue
-						}
-						if peer.endpoint.(*NativeEndpoint).isV6 || peer.endpoint.(*NativeEndpoint).src4().ifindex == 0 {
-							peer.mutex.RUnlock()
-							break
-						}
-						nlmsg := struct {
-							hdr     unix.NlMsghdr
-							msg     unix.RtMsg
-							dsthdr  unix.RtAttr
-							dst     [4]byte
-							srchdr  unix.RtAttr
-							src     [4]byte
-							markhdr unix.RtAttr
-							mark    uint32
-						}{
-							unix.NlMsghdr{
-								Type:  uint16(unix.RTM_GETROUTE),
-								Flags: unix.NLM_F_REQUEST,
-								Seq:   i,
-							},
-							unix.RtMsg{
-								Family:  unix.AF_INET,
-								Dst_len: 32,
-								Src_len: 32,
-							},
-							unix.RtAttr{
-								Len:  8,
-								Type: unix.RTA_DST,
-							},
-							peer.endpoint.(*NativeEndpoint).dst4().Addr,
-							unix.RtAttr{
-								Len:  8,
-								Type: unix.RTA_SRC,
-							},
-							peer.endpoint.(*NativeEndpoint).src4().src,
-							unix.RtAttr{
-								Len:  8,
-								Type: 0x10, //unix.RTA_MARK  TODO: add this to x/sys/unix
-							},
-							uint32(bind.lastMark),
-						}
-						nlmsg.hdr.Len = uint32(unsafe.Sizeof(nlmsg))
-						reqPeerLock.Lock()
-						reqPeer[i] = peerEndpointPtr{
-							peer:     peer,
-							endpoint: &peer.endpoint,
-						}
-						reqPeerLock.Unlock()
-						peer.mutex.RUnlock()
-						i++
-						_, err := bind.netlinkCancel.Write((*[unsafe.Sizeof(nlmsg)]byte)(unsafe.Pointer(&nlmsg))[:])
-						if err != nil {
-							break
-						}
-					}
-					device.peers.mutex.RUnlock()
-				}()
-			}
-			remain = remain[hdr.Len:]
-		}
-	}
-}

conn/mark_default.go

@@ -0,0 +1,12 @@
+// +build !linux,!openbsd,!freebsd
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package conn
+
+func (bind *nativeBind) SetMark(mark uint32) error {
+	return nil
+}

conn/mark_unix.go

@@ -0,0 +1,65 @@
+// +build android openbsd freebsd
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package conn
+
+import (
+	"runtime"
+
+	"golang.org/x/sys/unix"
+)
+
+var fwmarkIoctl int
+
+func init() {
+	switch runtime.GOOS {
+	case "linux", "android":
+		fwmarkIoctl = 36 /* unix.SO_MARK */
+	case "freebsd":
+		fwmarkIoctl = 0x1015 /* unix.SO_USER_COOKIE */
+	case "openbsd":
+		fwmarkIoctl = 0x1021 /* unix.SO_RTABLE */
+	}
+}
+
+func (bind *nativeBind) SetMark(mark uint32) error {
+	var operr error
+	if fwmarkIoctl == 0 {
+		return nil
+	}
+	if bind.ipv4 != nil {
+		fd, err := bind.ipv4.SyscallConn()
+		if err != nil {
+			return err
+		}
+		err = fd.Control(func(fd uintptr) {
+			operr = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
+		})
+		if err == nil {
+			err = operr
+		}
+		if err != nil {
+			return err
+		}
+	}
+	if bind.ipv6 != nil {
+		fd, err := bind.ipv6.SyscallConn()
+		if err != nil {
+			return err
+		}
+		err = fd.Control(func(fd uintptr) {
+			operr = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
+		})
+		if err == nil {
+			err = operr
+		}
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}

conn/net_err_closed.go

@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package conn
+
+import _ "unsafe"
+
+//TODO: replace this with net.ErrClosed for Go 1.16
+
+//go:linkname NetErrClosed internal/poll.ErrNetClosing
+var NetErrClosed error

constants.go

@@ -1,46 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"time"
-)
-
-/* Specification constants */
-
-const (
-	RekeyAfterMessages      = (1 << 64) - (1 << 16) - 1
-	RejectAfterMessages     = (1 << 64) - (1 << 4) - 1
-	RekeyAfterTime          = time.Second * 120
-	RekeyAttemptTime        = time.Second * 90
-	RekeyTimeout            = time.Second * 5
-	MaxTimerHandshakes      = 90 / 5 /* RekeyAttemptTime / RekeyTimeout */
-	RekeyTimeoutJitterMaxMs = 334
-	RejectAfterTime         = time.Second * 180
-	KeepaliveTimeout        = time.Second * 10
-	CookieRefreshTime       = time.Second * 120
-	HandshakeInitationRate  = time.Second / 20
-	PaddingMultiple         = 16
-)
-
-/* Implementation specific constants */
-
-const (
-	QueueOutboundSize  = 1024
-	QueueInboundSize   = 1024
-	QueueHandshakeSize = 1024
-	MaxSegmentSize     = (1 << 16) - 1                         // largest possible UDP datagram
-	MinMessageSize     = MessageKeepaliveSize                  // minimum size of transport message (keepalive)
-	MaxMessageSize     = MaxSegmentSize                        // maximum size of transport message
-	MaxContentSize     = MaxSegmentSize - MessageTransportSize // maximum size of transport message content
-)
-
-const (
-	UnderLoadQueueSize = QueueHandshakeSize / 8
-	UnderLoadAfterTime = time.Second // how long does the device remain under load after detected
-	MaxPeers           = 1 << 16     // maximum number of configured peers
-)

device.go

@@ -1,400 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"git.zx2c4.com/wireguard-go/ratelimiter"
-	"git.zx2c4.com/wireguard-go/tun"
-	"runtime"
-	"sync"
-	"sync/atomic"
-	"time"
-)
-
-const (
-	DeviceRoutineNumberPerCPU     = 3
-	DeviceRoutineNumberAdditional = 2
-)
-
-type Device struct {
-	isUp     AtomicBool // device is (going) up
-	isClosed AtomicBool // device is closed? (acting as guard)
-	log      *Logger
-
-	// synchronized resources (locks acquired in order)
-
-	state struct {
-		starting sync.WaitGroup
-		stopping sync.WaitGroup
-		mutex    sync.Mutex
-		changing AtomicBool
-		current  bool
-	}
-
-	net struct {
-		starting sync.WaitGroup
-		stopping sync.WaitGroup
-		mutex    sync.RWMutex
-		bind     Bind   // bind interface
-		port     uint16 // listening port
-		fwmark   uint32 // mark value (0 = disabled)
-	}
-
-	staticIdentity struct {
-		mutex      sync.RWMutex
-		privateKey NoisePrivateKey
-		publicKey  NoisePublicKey
-	}
-
-	peers struct {
-		mutex  sync.RWMutex
-		keyMap map[NoisePublicKey]*Peer
-	}
-
-	// unprotected / "self-synchronising resources"
-
-	allowedips    AllowedIPs
-	indexTable    IndexTable
-	cookieChecker CookieChecker
-
-	rate struct {
-		underLoadUntil atomic.Value
-		limiter        ratelimiter.Ratelimiter
-	}
-
-	pool struct {
-		messageBuffers sync.Pool
-	}
-
-	queue struct {
-		encryption chan *QueueOutboundElement
-		decryption chan *QueueInboundElement
-		handshake  chan QueueHandshakeElement
-	}
-
-	signals struct {
-		stop chan struct{}
-	}
-
-	tun struct {
-		device tun.TUNDevice
-		mtu    int32
-	}
-}
-
-/* Converts the peer into a "zombie", which remains in the peer map,
- * but processes no packets and does not exists in the routing table.
- *
- * Must hold device.peers.mutex.
- */
-func unsafeRemovePeer(device *Device, peer *Peer, key NoisePublicKey) {
-
-	// stop routing and processing of packets
-
-	device.allowedips.RemoveByPeer(peer)
-	peer.Stop()
-
-	// remove from peer map
-
-	delete(device.peers.keyMap, key)
-}
-
-func deviceUpdateState(device *Device) {
-
-	// check if state already being updated (guard)
-
-	if device.state.changing.Swap(true) {
-		return
-	}
-
-	// compare to current state of device
-
-	device.state.mutex.Lock()
-
-	newIsUp := device.isUp.Get()
-
-	if newIsUp == device.state.current {
-		device.state.changing.Set(false)
-		device.state.mutex.Unlock()
-		return
-	}
-
-	// change state of device
-
-	switch newIsUp {
-	case true:
-		if err := device.BindUpdate(); err != nil {
-			device.isUp.Set(false)
-			break
-		}
-		device.peers.mutex.RLock()
-		for _, peer := range device.peers.keyMap {
-			peer.Start()
-		}
-		device.peers.mutex.RUnlock()
-
-	case false:
-		device.BindClose()
-		device.peers.mutex.RLock()
-		for _, peer := range device.peers.keyMap {
-			peer.Stop()
-		}
-		device.peers.mutex.RUnlock()
-	}
-
-	// update state variables
-
-	device.state.current = newIsUp
-	device.state.changing.Set(false)
-	device.state.mutex.Unlock()
-
-	// check for state change in the mean time
-
-	deviceUpdateState(device)
-}
-
-func (device *Device) Up() {
-
-	// closed device cannot be brought up
-
-	if device.isClosed.Get() {
-		return
-	}
-
-	device.isUp.Set(true)
-	deviceUpdateState(device)
-}
-
-func (device *Device) Down() {
-	device.isUp.Set(false)
-	deviceUpdateState(device)
-}
-
-func (device *Device) IsUnderLoad() bool {
-
-	// check if currently under load
-
-	now := time.Now()
-	underLoad := len(device.queue.handshake) >= UnderLoadQueueSize
-	if underLoad {
-		device.rate.underLoadUntil.Store(now.Add(UnderLoadAfterTime))
-		return true
-	}
-
-	// check if recently under load
-
-	until := device.rate.underLoadUntil.Load().(time.Time)
-	return until.After(now)
-}
-
-func (device *Device) SetPrivateKey(sk NoisePrivateKey) error {
-
-	// lock required resources
-
-	device.staticIdentity.mutex.Lock()
-	defer device.staticIdentity.mutex.Unlock()
-
-	device.peers.mutex.Lock()
-	defer device.peers.mutex.Unlock()
-
-	for _, peer := range device.peers.keyMap {
-		peer.handshake.mutex.RLock()
-		defer peer.handshake.mutex.RUnlock()
-	}
-
-	// remove peers with matching public keys
-
-	publicKey := sk.publicKey()
-	for key, peer := range device.peers.keyMap {
-		if peer.handshake.remoteStatic.Equals(publicKey) {
-			unsafeRemovePeer(device, peer, key)
-		}
-	}
-
-	// update key material
-
-	device.staticIdentity.privateKey = sk
-	device.staticIdentity.publicKey = publicKey
-	device.cookieChecker.Init(publicKey)
-
-	// do static-static DH pre-computations
-
-	rmKey := device.staticIdentity.privateKey.IsZero()
-
-	for key, peer := range device.peers.keyMap {
-
-		handshake := &peer.handshake
-
-		if rmKey {
-			handshake.precomputedStaticStatic = [NoisePublicKeySize]byte{}
-		} else {
-			handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(handshake.remoteStatic)
-		}
-
-		if isZero(handshake.precomputedStaticStatic[:]) {
-			unsafeRemovePeer(device, peer, key)
-		}
-	}
-
-	return nil
-}
-
-func (device *Device) GetMessageBuffer() *[MaxMessageSize]byte {
-	return device.pool.messageBuffers.Get().(*[MaxMessageSize]byte)
-}
-
-func (device *Device) PutMessageBuffer(msg *[MaxMessageSize]byte) {
-	device.pool.messageBuffers.Put(msg)
-}
-
-func NewDevice(tunDevice tun.TUNDevice, logger *Logger) *Device {
-	device := new(Device)
-
-	device.isUp.Set(false)
-	device.isClosed.Set(false)
-
-	device.log = logger
-
-	device.tun.device = tunDevice
-	mtu, err := device.tun.device.MTU()
-	if err != nil {
-		logger.Error.Println("Trouble determining MTU, assuming default:", err)
-		mtu = DefaultMTU
-	}
-	device.tun.mtu = int32(mtu)
-
-	device.peers.keyMap = make(map[NoisePublicKey]*Peer)
-
-	device.rate.limiter.Init()
-	device.rate.underLoadUntil.Store(time.Time{})
-
-	device.indexTable.Init()
-	device.allowedips.Reset()
-
-	device.pool.messageBuffers = sync.Pool{
-		New: func() interface{} {
-			return new([MaxMessageSize]byte)
-		},
-	}
-
-	// create queues
-
-	device.queue.handshake = make(chan QueueHandshakeElement, QueueHandshakeSize)
-	device.queue.encryption = make(chan *QueueOutboundElement, QueueOutboundSize)
-	device.queue.decryption = make(chan *QueueInboundElement, QueueInboundSize)
-
-	// prepare signals
-
-	device.signals.stop = make(chan struct{})
-
-	// prepare net
-
-	device.net.port = 0
-	device.net.bind = nil
-
-	// start workers
-
-	cpus := runtime.NumCPU()
-	device.state.starting.Wait()
-	device.state.stopping.Wait()
-	device.state.stopping.Add(DeviceRoutineNumberPerCPU*cpus + DeviceRoutineNumberAdditional)
-	device.state.starting.Add(DeviceRoutineNumberPerCPU*cpus + DeviceRoutineNumberAdditional)
-	for i := 0; i < cpus; i += 1 {
-		go device.RoutineEncryption()
-		go device.RoutineDecryption()
-		go device.RoutineHandshake()
-	}
-
-	go device.RoutineReadFromTUN()
-	go device.RoutineTUNEventReader()
-
-	device.state.starting.Wait()
-
-	return device
-}
-
-func (device *Device) LookupPeer(pk NoisePublicKey) *Peer {
-	device.peers.mutex.RLock()
-	defer device.peers.mutex.RUnlock()
-
-	return device.peers.keyMap[pk]
-}
-
-func (device *Device) RemovePeer(key NoisePublicKey) {
-	device.peers.mutex.Lock()
-	defer device.peers.mutex.Unlock()
-
-	// stop peer and remove from routing
-
-	peer, ok := device.peers.keyMap[key]
-	if ok {
-		unsafeRemovePeer(device, peer, key)
-	}
-}
-
-func (device *Device) RemoveAllPeers() {
-	device.peers.mutex.Lock()
-	defer device.peers.mutex.Unlock()
-
-	for key, peer := range device.peers.keyMap {
-		unsafeRemovePeer(device, peer, key)
-	}
-
-	device.peers.keyMap = make(map[NoisePublicKey]*Peer)
-}
-
-func (device *Device) FlushPacketQueues() {
-	for {
-		select {
-		case elem, ok := <-device.queue.decryption:
-			if ok {
-				elem.Drop()
-			}
-		case elem, ok := <-device.queue.encryption:
-			if ok {
-				elem.Drop()
-			}
-		case <-device.queue.handshake:
-		default:
-			return
-		}
-	}
-
-}
-
-func (device *Device) Close() {
-	if device.isClosed.Swap(true) {
-		return
-	}
-
-	device.state.starting.Wait()
-
-	device.log.Info.Println("Device closing")
-	device.state.changing.Set(true)
-	device.state.mutex.Lock()
-	defer device.state.mutex.Unlock()
-
-	device.tun.device.Close()
-	device.BindClose()
-
-	device.isUp.Set(false)
-
-	close(device.signals.stop)
-
-	device.state.stopping.Wait()
-	device.FlushPacketQueues()
-
-	device.RemoveAllPeers()
-	device.rate.limiter.Close()
-
-	device.state.changing.Set(false)
-	device.log.Info.Println("Interface closed")
-}
-
-func (device *Device) Wait() chan struct{} {
-	return device.signals.stop
-}

device/alignment_test.go

@@ -0,0 +1,65 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"reflect"
+	"testing"
+	"unsafe"
+)
+
+func checkAlignment(t *testing.T, name string, offset uintptr) {
+	t.Helper()
+	if offset%8 != 0 {
+		t.Errorf("offset of %q within struct is %d bytes, which does not align to 64-bit word boundaries (missing %d bytes). Atomic operations will crash on 32-bit systems.", name, offset, 8-(offset%8))
+	}
+}
+
+// TestPeerAlignment checks that atomically-accessed fields are
+// aligned to 64-bit boundaries, as required by the atomic package.
+//
+// Unfortunately, violating this rule on 32-bit platforms results in a
+// hard segfault at runtime.
+func TestPeerAlignment(t *testing.T) {
+	var p Peer
+
+	typ := reflect.TypeOf(&p).Elem()
+	t.Logf("Peer type size: %d, with fields:", typ.Size())
+	for i := 0; i < typ.NumField(); i++ {
+		field := typ.Field(i)
+		t.Logf("\t%30s\toffset=%3v\t(type size=%3d, align=%d)",
+			field.Name,
+			field.Offset,
+			field.Type.Size(),
+			field.Type.Align(),
+		)
+	}
+
+	checkAlignment(t, "Peer.stats", unsafe.Offsetof(p.stats))
+	checkAlignment(t, "Peer.isRunning", unsafe.Offsetof(p.isRunning))
+}
+
+// TestDeviceAlignment checks that atomically-accessed fields are
+// aligned to 64-bit boundaries, as required by the atomic package.
+//
+// Unfortunately, violating this rule on 32-bit platforms results in a
+// hard segfault at runtime.
+func TestDeviceAlignment(t *testing.T) {
+	var d Device
+
+	typ := reflect.TypeOf(&d).Elem()
+	t.Logf("Device type size: %d, with fields:", typ.Size())
+	for i := 0; i < typ.NumField(); i++ {
+		field := typ.Field(i)
+		t.Logf("\t%30s\toffset=%3v\t(type size=%3d, align=%d)",
+			field.Name,
+			field.Offset,
+			field.Type.Size(),
+			field.Type.Align(),
+		)
+	}
+	checkAlignment(t, "Device.rate.underLoadUntil", unsafe.Offsetof(d.rate)+unsafe.Offsetof(d.rate.underLoadUntil))
+}

device/allowedips.go

@@ -1,12 +1,12 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
+	"container/list"
 	"errors"
 	"math/bits"
 	"net"
@@ -15,15 +15,13 @@ import (
 )
 
 type trieEntry struct {
-	cidr  uint
 	child        [2]*trieEntry
-	bits  net.IP
 	peer         *Peer
-
-	// index of "branching" bit
-
+	bits         net.IP
+	cidr         uint
 	bit_at_byte  uint
 	bit_at_shift uint
+	perPeerElem  *list.Element
 }
 
 func isLittleEndian() bool {
@@ -70,6 +68,17 @@ func commonBits(ip1 net.IP, ip2 net.IP) uint {
 	}
 }
 
+func (node *trieEntry) addToPeerEntries() {
+	node.perPeerElem = node.peer.trieEntries.PushBack(node)
+}
+
+func (node *trieEntry) removeFromPeerEntries() {
+	if node.perPeerElem != nil {
+		node.peer.trieEntries.Remove(node.perPeerElem)
+		node.perPeerElem = nil
+	}
+}
+
 func (node *trieEntry) removeByPeer(p *Peer) *trieEntry {
 	if node == nil {
 		return node
@@ -86,6 +95,7 @@ func (node *trieEntry) removeByPeer(p *Peer) *trieEntry {
 
 	// remove peer & merge
 
+	node.removeFromPeerEntries()
 	node.peer = nil
 	if node.child[0] == nil {
 		return node.child[1]
@@ -97,18 +107,28 @@ func (node *trieEntry) choose(ip net.IP) byte {
 	return (ip[node.bit_at_byte] >> node.bit_at_shift) & 1
 }
 
+func (node *trieEntry) maskSelf() {
+	mask := net.CIDRMask(int(node.cidr), len(node.bits)*8)
+	for i := 0; i < len(mask); i++ {
+		node.bits[i] &= mask[i]
+	}
+}
+
 func (node *trieEntry) insert(ip net.IP, cidr uint, peer *Peer) *trieEntry {
 
 	// at leaf
 
 	if node == nil {
-		return &trieEntry{
+		node := &trieEntry{
 			bits:         ip,
 			peer:         peer,
 			cidr:         cidr,
 			bit_at_byte:  cidr / 8,
 			bit_at_shift: 7 - (cidr % 8),
 		}
+		node.maskSelf()
+		node.addToPeerEntries()
+		return node
 	}
 
 	// traverse deeper
@@ -116,7 +136,9 @@ func (node *trieEntry) insert(ip net.IP, cidr uint, peer *Peer) *trieEntry {
 	common := commonBits(node.bits, ip)
 	if node.cidr <= cidr && common >= node.cidr {
 		if node.cidr == cidr {
+			node.removeFromPeerEntries()
 			node.peer = peer
+			node.addToPeerEntries()
 			return node
 		}
 		bit := node.choose(ip)
@@ -133,6 +155,8 @@ func (node *trieEntry) insert(ip net.IP, cidr uint, peer *Peer) *trieEntry {
 		bit_at_byte:  cidr / 8,
 		bit_at_shift: 7 - (cidr % 8),
 	}
+	newNode.maskSelf()
+	newNode.addToPeerEntries()
 
 	cidr = min(cidr, common)
 
@@ -147,12 +171,13 @@ func (node *trieEntry) insert(ip net.IP, cidr uint, peer *Peer) *trieEntry {
 	// create new parent for node & newNode
 
 	parent := &trieEntry{
-		bits:         ip,
+		bits:         append([]byte{}, ip...),
 		peer:         nil,
 		cidr:         cidr,
 		bit_at_byte:  cidr / 8,
 		bit_at_shift: 7 - (cidr % 8),
 	}
+	parent.maskSelf()
 
 	bit := parent.choose(ip)
 	parent.child[bit] = newNode
@@ -177,44 +202,22 @@ func (node *trieEntry) lookup(ip net.IP) *Peer {
 	return found
 }
 
-func (node *trieEntry) entriesForPeer(p *Peer, results []net.IPNet) []net.IPNet {
-	if node == nil {
-		return results
-	}
-	if node.peer == p {
-		mask := net.CIDRMask(int(node.cidr), len(node.bits)*8)
-		results = append(results, net.IPNet{
-			Mask: mask,
-			IP:   node.bits.Mask(mask),
-		})
-	}
-	results = node.child[0].entriesForPeer(p, results)
-	results = node.child[1].entriesForPeer(p, results)
-	return results
-}
-
 type AllowedIPs struct {
 	IPv4  *trieEntry
 	IPv6  *trieEntry
 	mutex sync.RWMutex
 }
 
-func (table *AllowedIPs) EntriesForPeer(peer *Peer) []net.IPNet {
+func (table *AllowedIPs) EntriesForPeer(peer *Peer, cb func(ip net.IP, cidr uint) bool) {
 	table.mutex.RLock()
 	defer table.mutex.RUnlock()
 
-	allowed := make([]net.IPNet, 0, 10)
-	allowed = table.IPv4.entriesForPeer(peer, allowed)
-	allowed = table.IPv6.entriesForPeer(peer, allowed)
-	return allowed
+	for elem := peer.trieEntries.Front(); elem != nil; elem = elem.Next() {
+		node := elem.Value.(*trieEntry)
+		if !cb(node.bits, node.cidr) {
+			return
+		}
 	}
-
-func (table *AllowedIPs) Reset() {
-	table.mutex.Lock()
-	defer table.mutex.Unlock()
-
-	table.IPv4 = nil
-	table.IPv6 = nil
 }
 
 func (table *AllowedIPs) RemoveByPeer(peer *Peer) {

device/allowedips_rand_test.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"math/rand"
@@ -74,11 +73,11 @@ func TestTrieRandomIPv4(t *testing.T) {
 
 	const AddressLength = 4
 
-	for n := 0; n < NumberOfPeers; n += 1 {
+	for n := 0; n < NumberOfPeers; n++ {
 		peers = append(peers, &Peer{})
 	}
 
-	for n := 0; n < NumberOfAddresses; n += 1 {
+	for n := 0; n < NumberOfAddresses; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		cidr := uint(rand.Uint32() % (AddressLength * 8))
@@ -87,7 +86,7 @@ func TestTrieRandomIPv4(t *testing.T) {
 		slow = slow.Insert(addr[:], cidr, peers[index])
 	}
 
-	for n := 0; n < NumberOfTests; n += 1 {
+	for n := 0; n < NumberOfTests; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		peer1 := slow.Lookup(addr[:])
@@ -107,11 +106,11 @@ func TestTrieRandomIPv6(t *testing.T) {
 
 	const AddressLength = 16
 
-	for n := 0; n < NumberOfPeers; n += 1 {
+	for n := 0; n < NumberOfPeers; n++ {
 		peers = append(peers, &Peer{})
 	}
 
-	for n := 0; n < NumberOfAddresses; n += 1 {
+	for n := 0; n < NumberOfAddresses; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		cidr := uint(rand.Uint32() % (AddressLength * 8))
@@ -120,7 +119,7 @@ func TestTrieRandomIPv6(t *testing.T) {
 		slow = slow.Insert(addr[:], cidr, peers[index])
 	}
 
-	for n := 0; n < NumberOfTests; n += 1 {
+	for n := 0; n < NumberOfTests; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		peer1 := slow.Lookup(addr[:])

device/allowedips_test.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"math/rand"
@@ -21,26 +20,6 @@ type testPairCommonBits struct {
 	match uint
 }
 
-type testPairTrieInsert struct {
-	key  []byte
-	cidr uint
-	peer *Peer
-}
-
-type testPairTrieLookup struct {
-	key  []byte
-	peer *Peer
-}
-
-func printTrie(t *testing.T, p *trieEntry) {
-	if p == nil {
-		return
-	}
-	t.Log(p)
-	printTrie(t, p.child[0])
-	printTrie(t, p.child[1])
-}
-
 func TestCommonBits(t *testing.T) {
 
 	tests := []testPairCommonBits{
@@ -71,11 +50,11 @@ func benchmarkTrie(peerNumber int, addressNumber int, addressLength int, b *test
 
 	const AddressLength = 4
 
-	for n := 0; n < peerNumber; n += 1 {
+	for n := 0; n < peerNumber; n++ {
 		peers = append(peers, &Peer{})
 	}
 
-	for n := 0; n < addressNumber; n += 1 {
+	for n := 0; n < addressNumber; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		cidr := uint(rand.Uint32() % (AddressLength * 8))
@@ -83,7 +62,7 @@ func benchmarkTrie(peerNumber int, addressNumber int, addressLength int, b *test
 		trie = trie.insert(addr[:], cidr, peers[index])
 	}
 
-	for n := 0; n < b.N; n += 1 {
+	for n := 0; n < b.N; n++ {
 		var addr [AddressLength]byte
 		rand.Read(addr[:])
 		trie.lookup(addr[:])

device/bind_test.go

@@ -1,24 +1,24 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
-import "errors"
+import (
+	"errors"
+
+	"golang.zx2c4.com/wireguard/conn"
+)
 
 type DummyDatagram struct {
 	msg      []byte
-	endpoint Endpoint
-	world    bool // better type
+	endpoint conn.Endpoint
 }
 
 type DummyBind struct {
 	in6    chan DummyDatagram
-	ou6    chan DummyDatagram
 	in4    chan DummyDatagram
-	ou4    chan DummyDatagram
 	closed bool
 }
 
@@ -26,7 +26,7 @@ func (b *DummyBind) SetMark(v uint32) error {
 	return nil
 }
 
-func (b *DummyBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
+func (b *DummyBind) ReceiveIPv6(buff []byte) (int, conn.Endpoint, error) {
 	datagram, ok := <-b.in6
 	if !ok {
 		return 0, nil, errors.New("closed")
@@ -35,7 +35,7 @@ func (b *DummyBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 	return len(datagram.msg), datagram.endpoint, nil
 }
 
-func (b *DummyBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
+func (b *DummyBind) ReceiveIPv4(buff []byte) (int, conn.Endpoint, error) {
 	datagram, ok := <-b.in4
 	if !ok {
 		return 0, nil, errors.New("closed")
@@ -51,6 +51,6 @@ func (b *DummyBind) Close() error {
 	return nil
 }
 
-func (b *DummyBind) Send(buff []byte, end Endpoint) error {
+func (b *DummyBind) Send(buff []byte, end conn.Endpoint) error {
 	return nil
 }

device/channels.go

@@ -0,0 +1,131 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"runtime"
+	"sync"
+)
+
+// An outboundQueue is a channel of QueueOutboundElements awaiting encryption.
+// An outboundQueue is ref-counted using its wg field.
+// An outboundQueue created with newOutboundQueue has one reference.
+// Every additional writer must call wg.Add(1).
+// Every completed writer must call wg.Done().
+// When no further writers will be added,
+// call wg.Done to remove the initial reference.
+// When the refcount hits 0, the queue's channel is closed.
+type outboundQueue struct {
+	c  chan *QueueOutboundElement
+	wg sync.WaitGroup
+}
+
+func newOutboundQueue() *outboundQueue {
+	q := &outboundQueue{
+		c: make(chan *QueueOutboundElement, QueueOutboundSize),
+	}
+	q.wg.Add(1)
+	go func() {
+		q.wg.Wait()
+		close(q.c)
+	}()
+	return q
+}
+
+// A inboundQueue is similar to an outboundQueue; see those docs.
+type inboundQueue struct {
+	c  chan *QueueInboundElement
+	wg sync.WaitGroup
+}
+
+func newInboundQueue() *inboundQueue {
+	q := &inboundQueue{
+		c: make(chan *QueueInboundElement, QueueInboundSize),
+	}
+	q.wg.Add(1)
+	go func() {
+		q.wg.Wait()
+		close(q.c)
+	}()
+	return q
+}
+
+// A handshakeQueue is similar to an outboundQueue; see those docs.
+type handshakeQueue struct {
+	c  chan QueueHandshakeElement
+	wg sync.WaitGroup
+}
+
+func newHandshakeQueue() *handshakeQueue {
+	q := &handshakeQueue{
+		c: make(chan QueueHandshakeElement, QueueHandshakeSize),
+	}
+	q.wg.Add(1)
+	go func() {
+		q.wg.Wait()
+		close(q.c)
+	}()
+	return q
+}
+
+type autodrainingInboundQueue struct {
+	c chan *QueueInboundElement
+}
+
+// newAutodrainingInboundQueue returns a channel that will be drained when it gets GC'd.
+// It is useful in cases in which is it hard to manage the lifetime of the channel.
+// The returned channel must not be closed. Senders should signal shutdown using
+// some other means, such as sending a sentinel nil values.
+func newAutodrainingInboundQueue(device *Device) *autodrainingInboundQueue {
+	q := &autodrainingInboundQueue{
+		c: make(chan *QueueInboundElement, QueueInboundSize),
+	}
+	runtime.SetFinalizer(q, device.flushInboundQueue)
+	return q
+}
+
+func (device *Device) flushInboundQueue(q *autodrainingInboundQueue) {
+	for {
+		select {
+		case elem := <-q.c:
+			elem.Lock()
+			device.PutMessageBuffer(elem.buffer)
+			device.PutInboundElement(elem)
+		default:
+			return
+		}
+	}
+}
+
+type autodrainingOutboundQueue struct {
+	c chan *QueueOutboundElement
+}
+
+// newAutodrainingOutboundQueue returns a channel that will be drained when it gets GC'd.
+// It is useful in cases in which is it hard to manage the lifetime of the channel.
+// The returned channel must not be closed. Senders should signal shutdown using
+// some other means, such as sending a sentinel nil values.
+// All sends to the channel must be best-effort, because there may be no receivers.
+func newAutodrainingOutboundQueue(device *Device) *autodrainingOutboundQueue {
+	q := &autodrainingOutboundQueue{
+		c: make(chan *QueueOutboundElement, QueueOutboundSize),
+	}
+	runtime.SetFinalizer(q, device.flushOutboundQueue)
+	return q
+}
+
+func (device *Device) flushOutboundQueue(q *autodrainingOutboundQueue) {
+	for {
+		select {
+		case elem := <-q.c:
+			elem.Lock()
+			device.PutMessageBuffer(elem.buffer)
+			device.PutOutboundElement(elem)
+		default:
+			return
+		}
+	}
+}

device/constants.go

@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"time"
+)
+
+/* Specification constants */
+
+const (
+	RekeyAfterMessages      = (1 << 60)
+	RejectAfterMessages     = (1 << 64) - (1 << 13) - 1
+	RekeyAfterTime          = time.Second * 120
+	RekeyAttemptTime        = time.Second * 90
+	RekeyTimeout            = time.Second * 5
+	MaxTimerHandshakes      = 90 / 5 /* RekeyAttemptTime / RekeyTimeout */
+	RekeyTimeoutJitterMaxMs = 334
+	RejectAfterTime         = time.Second * 180
+	KeepaliveTimeout        = time.Second * 10
+	CookieRefreshTime       = time.Second * 120
+	HandshakeInitationRate  = time.Second / 50
+	PaddingMultiple         = 16
+)
+
+const (
+	MinMessageSize = MessageKeepaliveSize                  // minimum size of transport message (keepalive)
+	MaxMessageSize = MaxSegmentSize                        // maximum size of transport message
+	MaxContentSize = MaxSegmentSize - MessageTransportSize // maximum size of transport message content
+)
+
+/* Implementation constants */
+
+const (
+	UnderLoadQueueSize = QueueHandshakeSize / 8
+	UnderLoadAfterTime = time.Second // how long does the device remain under load after detected
+	MaxPeers           = 1 << 16     // maximum number of configured peers
+)

device/cookie.go

@@ -1,23 +1,22 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"crypto/hmac"
 	"crypto/rand"
-	"git.zx2c4.com/wireguard-go/xchacha20poly1305"
-	"golang.org/x/crypto/blake2s"
-	"golang.org/x/crypto/chacha20poly1305"
 	"sync"
 	"time"
+
+	"golang.org/x/crypto/blake2s"
+	"golang.org/x/crypto/chacha20poly1305"
 )
 
 type CookieChecker struct {
-	mutex sync.RWMutex
+	sync.RWMutex
 	mac1 struct {
 		key [blake2s.Size]byte
 	}
@@ -29,7 +28,7 @@ type CookieChecker struct {
 }
 
 type CookieGenerator struct {
-	mutex sync.RWMutex
+	sync.RWMutex
 	mac1 struct {
 		key [blake2s.Size]byte
 	}
@@ -43,8 +42,8 @@ type CookieGenerator struct {
 }
 
 func (st *CookieChecker) Init(pk NoisePublicKey) {
-	st.mutex.Lock()
-	defer st.mutex.Unlock()
+	st.Lock()
+	defer st.Unlock()
 
 	// mac1 state
 
@@ -68,8 +67,8 @@ func (st *CookieChecker) Init(pk NoisePublicKey) {
 }
 
 func (st *CookieChecker) CheckMAC1(msg []byte) bool {
-	st.mutex.RLock()
-	defer st.mutex.RUnlock()
+	st.RLock()
+	defer st.RUnlock()
 
 	size := len(msg)
 	smac2 := size - blake2s.Size128
@@ -85,10 +84,10 @@ func (st *CookieChecker) CheckMAC1(msg []byte) bool {
 }
 
 func (st *CookieChecker) CheckMAC2(msg []byte, src []byte) bool {
-	st.mutex.RLock()
-	defer st.mutex.RUnlock()
+	st.RLock()
+	defer st.RUnlock()
 
-	if time.Now().Sub(st.mac2.secretSet) > CookieRefreshTime {
+	if time.Since(st.mac2.secretSet) > CookieRefreshTime {
 		return false
 	}
 
@@ -121,21 +120,21 @@ func (st *CookieChecker) CreateReply(
 	src []byte,
 ) (*MessageCookieReply, error) {
 
-	st.mutex.RLock()
+	st.RLock()
 
 	// refresh cookie secret
 
-	if time.Now().Sub(st.mac2.secretSet) > CookieRefreshTime {
-		st.mutex.RUnlock()
-		st.mutex.Lock()
+	if time.Since(st.mac2.secretSet) > CookieRefreshTime {
+		st.RUnlock()
+		st.Lock()
 		_, err := rand.Read(st.mac2.secret[:])
 		if err != nil {
-			st.mutex.Unlock()
+			st.Unlock()
 			return nil, err
 		}
 		st.mac2.secretSet = time.Now()
-		st.mutex.Unlock()
-		st.mutex.RLock()
+		st.Unlock()
+		st.RLock()
 	}
 
 	// derive cookie
@@ -160,26 +159,21 @@ func (st *CookieChecker) CreateReply(
 
 	_, err := rand.Read(reply.Nonce[:])
 	if err != nil {
-		st.mutex.RUnlock()
+		st.RUnlock()
 		return nil, err
 	}
 
-	xchacha20poly1305.Encrypt(
-		reply.Cookie[:0],
-		&reply.Nonce,
-		cookie[:],
-		msg[smac1:smac2],
-		&st.mac2.encryptionKey,
-	)
+	xchapoly, _ := chacha20poly1305.NewX(st.mac2.encryptionKey[:])
+	xchapoly.Seal(reply.Cookie[:0], reply.Nonce[:], cookie[:], msg[smac1:smac2])
 
-	st.mutex.RUnlock()
+	st.RUnlock()
 
 	return reply, nil
 }
 
 func (st *CookieGenerator) Init(pk NoisePublicKey) {
-	st.mutex.Lock()
-	defer st.mutex.Unlock()
+	st.Lock()
+	defer st.Unlock()
 
 	func() {
 		hash, _ := blake2s.New256(nil)
@@ -199,8 +193,8 @@ func (st *CookieGenerator) Init(pk NoisePublicKey) {
 }
 
 func (st *CookieGenerator) ConsumeReply(msg *MessageCookieReply) bool {
-	st.mutex.Lock()
-	defer st.mutex.Unlock()
+	st.Lock()
+	defer st.Unlock()
 
 	if !st.mac2.hasLastMAC1 {
 		return false
@@ -208,13 +202,8 @@ func (st *CookieGenerator) ConsumeReply(msg *MessageCookieReply) bool {
 
 	var cookie [blake2s.Size128]byte
 
-	_, err := xchacha20poly1305.Decrypt(
-		cookie[:0],
-		&msg.Nonce,
-		msg.Cookie[:],
-		st.mac2.lastMAC1[:],
-		&st.mac2.encryptionKey,
-	)
+	xchapoly, _ := chacha20poly1305.NewX(st.mac2.encryptionKey[:])
+	_, err := xchapoly.Open(cookie[:0], msg.Nonce[:], msg.Cookie[:], st.mac2.lastMAC1[:])
 
 	if err != nil {
 		return false
@@ -235,8 +224,8 @@ func (st *CookieGenerator) AddMacs(msg []byte) {
 	mac1 := msg[smac1:smac2]
 	mac2 := msg[smac2:]
 
-	st.mutex.Lock()
-	defer st.mutex.Unlock()
+	st.Lock()
+	defer st.Unlock()
 
 	// set mac1
 
@@ -250,7 +239,7 @@ func (st *CookieGenerator) AddMacs(msg []byte) {
 
 	// set mac2
 
-	if time.Now().Sub(st.mac2.cookieSet) > CookieRefreshTime {
+	if time.Since(st.mac2.cookieSet) > CookieRefreshTime {
 		return
 	}
 

device/cookie_test.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"testing"

device/device.go

@@ -0,0 +1,526 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"runtime"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.org/x/net/ipv4"
+	"golang.org/x/net/ipv6"
+
+	"golang.zx2c4.com/wireguard/conn"
+	"golang.zx2c4.com/wireguard/ratelimiter"
+	"golang.zx2c4.com/wireguard/rwcancel"
+	"golang.zx2c4.com/wireguard/tun"
+)
+
+type Device struct {
+	state struct {
+		// state holds the device's state. It is accessed atomically.
+		// Use the device.deviceState method to read it.
+		// device.deviceState does not acquire the mutex, so it captures only a snapshot.
+		// During state transitions, the state variable is updated before the device itself.
+		// The state is thus either the current state of the device or
+		// the intended future state of the device.
+		// For example, while executing a call to Up, state will be deviceStateUp.
+		// There is no guarantee that that intended future state of the device
+		// will become the actual state; Up can fail.
+		// The device can also change state multiple times between time of check and time of use.
+		// Unsynchronized uses of state must therefore be advisory/best-effort only.
+		state uint32 // actually a deviceState, but typed uint32 for convenience
+		// stopping blocks until all inputs to Device have been closed.
+		stopping sync.WaitGroup
+		// mu protects state changes.
+		sync.Mutex
+	}
+
+	net struct {
+		stopping sync.WaitGroup
+		sync.RWMutex
+		bind          conn.Bind // bind interface
+		netlinkCancel *rwcancel.RWCancel
+		port          uint16 // listening port
+		fwmark        uint32 // mark value (0 = disabled)
+	}
+
+	staticIdentity struct {
+		sync.RWMutex
+		privateKey NoisePrivateKey
+		publicKey  NoisePublicKey
+	}
+
+	peers struct {
+		empty        AtomicBool // empty reports whether len(keyMap) == 0
+		sync.RWMutex            // protects keyMap
+		keyMap       map[NoisePublicKey]*Peer
+	}
+
+	allowedips    AllowedIPs
+	indexTable    IndexTable
+	cookieChecker CookieChecker
+
+	rate struct {
+		underLoadUntil int64
+		limiter        ratelimiter.Ratelimiter
+	}
+
+	pool struct {
+		messageBuffers   *WaitPool
+		inboundElements  *WaitPool
+		outboundElements *WaitPool
+	}
+
+	queue struct {
+		encryption *outboundQueue
+		decryption *inboundQueue
+		handshake  *handshakeQueue
+	}
+
+	tun struct {
+		device tun.Device
+		mtu    int32
+	}
+
+	ipcMutex sync.RWMutex
+	closed   chan struct{}
+	log      *Logger
+}
+
+// deviceState represents the state of a Device.
+// There are three states: down, up, closed.
+// Transitions:
+//
+//   down -----+
+//     ↑↓      ↓
+//     up -> closed
+//
+type deviceState uint32
+
+//go:generate go run golang.org/x/tools/cmd/stringer -type deviceState -trimprefix=deviceState
+const (
+	deviceStateDown deviceState = iota
+	deviceStateUp
+	deviceStateClosed
+)
+
+// deviceState returns device.state.state as a deviceState
+// See those docs for how to interpret this value.
+func (device *Device) deviceState() deviceState {
+	return deviceState(atomic.LoadUint32(&device.state.state))
+}
+
+// isClosed reports whether the device is closed (or is closing).
+// See device.state.state comments for how to interpret this value.
+func (device *Device) isClosed() bool {
+	return device.deviceState() == deviceStateClosed
+}
+
+// isUp reports whether the device is up (or is attempting to come up).
+// See device.state.state comments for how to interpret this value.
+func (device *Device) isUp() bool {
+	return device.deviceState() == deviceStateUp
+}
+
+// Must hold device.peers.Lock()
+func removePeerLocked(device *Device, peer *Peer, key NoisePublicKey) {
+	// stop routing and processing of packets
+	device.allowedips.RemoveByPeer(peer)
+	peer.Stop()
+
+	// remove from peer map
+	delete(device.peers.keyMap, key)
+	device.peers.empty.Set(len(device.peers.keyMap) == 0)
+}
+
+// changeState attempts to change the device state to match want.
+func (device *Device) changeState(want deviceState) (err error) {
+	device.state.Lock()
+	defer device.state.Unlock()
+	old := device.deviceState()
+	if old == deviceStateClosed {
+		// once closed, always closed
+		device.log.Verbosef("Interface closed, ignored requested state %s", want)
+		return nil
+	}
+	switch want {
+	case old:
+		return nil
+	case deviceStateUp:
+		atomic.StoreUint32(&device.state.state, uint32(deviceStateUp))
+		err = device.upLocked()
+		if err == nil {
+			break
+		}
+		fallthrough // up failed; bring the device all the way back down
+	case deviceStateDown:
+		atomic.StoreUint32(&device.state.state, uint32(deviceStateDown))
+		errDown := device.downLocked()
+		if err == nil {
+			err = errDown
+		}
+	}
+	device.log.Verbosef("Interface state was %s, requested %s, now %s", old, want, device.deviceState())
+	return
+}
+
+// upLocked attempts to bring the device up and reports whether it succeeded.
+// The caller must hold device.state.mu and is responsible for updating device.state.state.
+func (device *Device) upLocked() error {
+	if err := device.BindUpdate(); err != nil {
+		device.log.Errorf("Unable to update bind: %v", err)
+		return err
+	}
+
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.Start()
+		if atomic.LoadUint32(&peer.persistentKeepaliveInterval) > 0 {
+			peer.SendKeepalive()
+		}
+	}
+	device.peers.RUnlock()
+	return nil
+}
+
+// downLocked attempts to bring the device down.
+// The caller must hold device.state.mu and is responsible for updating device.state.state.
+func (device *Device) downLocked() error {
+	err := device.BindClose()
+	if err != nil {
+		device.log.Errorf("Bind close failed: %v", err)
+	}
+
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.Stop()
+	}
+	device.peers.RUnlock()
+	return err
+}
+
+func (device *Device) Up() error {
+	return device.changeState(deviceStateUp)
+}
+
+func (device *Device) Down() error {
+	return device.changeState(deviceStateDown)
+}
+
+func (device *Device) IsUnderLoad() bool {
+	// check if currently under load
+	now := time.Now()
+	underLoad := len(device.queue.handshake.c) >= UnderLoadQueueSize
+	if underLoad {
+		atomic.StoreInt64(&device.rate.underLoadUntil, now.Add(UnderLoadAfterTime).UnixNano())
+		return true
+	}
+	// check if recently under load
+	return atomic.LoadInt64(&device.rate.underLoadUntil) > now.UnixNano()
+}
+
+func (device *Device) SetPrivateKey(sk NoisePrivateKey) error {
+	// lock required resources
+
+	device.staticIdentity.Lock()
+	defer device.staticIdentity.Unlock()
+
+	if sk.Equals(device.staticIdentity.privateKey) {
+		return nil
+	}
+
+	device.peers.Lock()
+	defer device.peers.Unlock()
+
+	lockedPeers := make([]*Peer, 0, len(device.peers.keyMap))
+	for _, peer := range device.peers.keyMap {
+		peer.handshake.mutex.RLock()
+		lockedPeers = append(lockedPeers, peer)
+	}
+
+	// remove peers with matching public keys
+
+	publicKey := sk.publicKey()
+	for key, peer := range device.peers.keyMap {
+		if peer.handshake.remoteStatic.Equals(publicKey) {
+			peer.handshake.mutex.RUnlock()
+			removePeerLocked(device, peer, key)
+			peer.handshake.mutex.RLock()
+		}
+	}
+
+	// update key material
+
+	device.staticIdentity.privateKey = sk
+	device.staticIdentity.publicKey = publicKey
+	device.cookieChecker.Init(publicKey)
+
+	// do static-static DH pre-computations
+
+	expiredPeers := make([]*Peer, 0, len(device.peers.keyMap))
+	for _, peer := range device.peers.keyMap {
+		handshake := &peer.handshake
+		handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(handshake.remoteStatic)
+		expiredPeers = append(expiredPeers, peer)
+	}
+
+	for _, peer := range lockedPeers {
+		peer.handshake.mutex.RUnlock()
+	}
+	for _, peer := range expiredPeers {
+		peer.ExpireCurrentKeypairs()
+	}
+
+	return nil
+}
+
+func NewDevice(tunDevice tun.Device, logger *Logger) *Device {
+	device := new(Device)
+	device.state.state = uint32(deviceStateDown)
+	device.closed = make(chan struct{})
+	device.log = logger
+	device.tun.device = tunDevice
+	mtu, err := device.tun.device.MTU()
+	if err != nil {
+		device.log.Errorf("Trouble determining MTU, assuming default: %v", err)
+		mtu = DefaultMTU
+	}
+	device.tun.mtu = int32(mtu)
+	device.peers.keyMap = make(map[NoisePublicKey]*Peer)
+	device.rate.limiter.Init()
+	device.indexTable.Init()
+	device.PopulatePools()
+
+	// create queues
+
+	device.queue.handshake = newHandshakeQueue()
+	device.queue.encryption = newOutboundQueue()
+	device.queue.decryption = newInboundQueue()
+
+	// prepare net
+
+	device.net.port = 0
+	device.net.bind = nil
+
+	// start workers
+
+	cpus := runtime.NumCPU()
+	device.state.stopping.Wait()
+	device.queue.encryption.wg.Add(cpus) // One for each RoutineHandshake
+	for i := 0; i < cpus; i++ {
+		go device.RoutineEncryption()
+		go device.RoutineDecryption()
+		go device.RoutineHandshake()
+	}
+
+	device.state.stopping.Add(1)      // RoutineReadFromTUN
+	device.queue.encryption.wg.Add(1) // RoutineReadFromTUN
+	go device.RoutineReadFromTUN()
+	go device.RoutineTUNEventReader()
+
+	return device
+}
+
+func (device *Device) LookupPeer(pk NoisePublicKey) *Peer {
+	device.peers.RLock()
+	defer device.peers.RUnlock()
+
+	return device.peers.keyMap[pk]
+}
+
+func (device *Device) RemovePeer(key NoisePublicKey) {
+	device.peers.Lock()
+	defer device.peers.Unlock()
+	// stop peer and remove from routing
+
+	peer, ok := device.peers.keyMap[key]
+	if ok {
+		removePeerLocked(device, peer, key)
+	}
+}
+
+func (device *Device) RemoveAllPeers() {
+	device.peers.Lock()
+	defer device.peers.Unlock()
+
+	for key, peer := range device.peers.keyMap {
+		removePeerLocked(device, peer, key)
+	}
+
+	device.peers.keyMap = make(map[NoisePublicKey]*Peer)
+}
+
+func (device *Device) Close() {
+	device.state.Lock()
+	defer device.state.Unlock()
+	if device.isClosed() {
+		return
+	}
+	atomic.StoreUint32(&device.state.state, uint32(deviceStateClosed))
+	device.log.Verbosef("Device closing")
+
+	device.tun.device.Close()
+	device.downLocked()
+
+	// Remove peers before closing queues,
+	// because peers assume that queues are active.
+	device.RemoveAllPeers()
+
+	// We kept a reference to the encryption and decryption queues,
+	// in case we started any new peers that might write to them.
+	// No new peers are coming; we are done with these queues.
+	device.queue.encryption.wg.Done()
+	device.queue.decryption.wg.Done()
+	device.queue.handshake.wg.Done()
+	device.state.stopping.Wait()
+
+	device.rate.limiter.Close()
+
+	device.log.Verbosef("Device closed")
+	close(device.closed)
+}
+
+func (device *Device) Wait() chan struct{} {
+	return device.closed
+}
+
+func (device *Device) SendKeepalivesToPeersWithCurrentKeypair() {
+	if !device.isUp() {
+		return
+	}
+
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.keypairs.RLock()
+		sendKeepalive := peer.keypairs.current != nil && !peer.keypairs.current.created.Add(RejectAfterTime).Before(time.Now())
+		peer.keypairs.RUnlock()
+		if sendKeepalive {
+			peer.SendKeepalive()
+		}
+	}
+	device.peers.RUnlock()
+}
+
+func unsafeCloseBind(device *Device) error {
+	var err error
+	netc := &device.net
+	if netc.netlinkCancel != nil {
+		netc.netlinkCancel.Cancel()
+	}
+	if netc.bind != nil {
+		err = netc.bind.Close()
+		netc.bind = nil
+	}
+	netc.stopping.Wait()
+	return err
+}
+
+func (device *Device) Bind() conn.Bind {
+	device.net.Lock()
+	defer device.net.Unlock()
+	return device.net.bind
+}
+
+func (device *Device) BindSetMark(mark uint32) error {
+	device.net.Lock()
+	defer device.net.Unlock()
+
+	// check if modified
+	if device.net.fwmark == mark {
+		return nil
+	}
+
+	// update fwmark on existing bind
+	device.net.fwmark = mark
+	if device.isUp() && device.net.bind != nil {
+		if err := device.net.bind.SetMark(mark); err != nil {
+			return err
+		}
+	}
+
+	// clear cached source addresses
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.Lock()
+		defer peer.Unlock()
+		if peer.endpoint != nil {
+			peer.endpoint.ClearSrc()
+		}
+	}
+	device.peers.RUnlock()
+
+	return nil
+}
+
+func (device *Device) BindUpdate() error {
+	device.net.Lock()
+	defer device.net.Unlock()
+
+	// close existing sockets
+	if err := unsafeCloseBind(device); err != nil {
+		return err
+	}
+
+	// open new sockets
+	if !device.isUp() {
+		return nil
+	}
+
+	// bind to new port
+	var err error
+	netc := &device.net
+	netc.bind, netc.port, err = conn.CreateBind(netc.port)
+	if err != nil {
+		netc.bind = nil
+		netc.port = 0
+		return err
+	}
+	netc.netlinkCancel, err = device.startRouteListener(netc.bind)
+	if err != nil {
+		netc.bind.Close()
+		netc.bind = nil
+		netc.port = 0
+		return err
+	}
+
+	// set fwmark
+	if netc.fwmark != 0 {
+		err = netc.bind.SetMark(netc.fwmark)
+		if err != nil {
+			return err
+		}
+	}
+
+	// clear cached source addresses
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.Lock()
+		defer peer.Unlock()
+		if peer.endpoint != nil {
+			peer.endpoint.ClearSrc()
+		}
+	}
+	device.peers.RUnlock()
+
+	// start receiving routines
+	device.net.stopping.Add(2)
+	device.queue.decryption.wg.Add(2) // each RoutineReceiveIncoming goroutine writes to device.queue.decryption
+	device.queue.handshake.wg.Add(2)  // each RoutineReceiveIncoming goroutine writes to device.queue.handshake
+	go device.RoutineReceiveIncoming(ipv4.Version, netc.bind)
+	go device.RoutineReceiveIncoming(ipv6.Version, netc.bind)
+
+	device.log.Verbosef("UDP bind has been updated")
+	return nil
+}
+
+func (device *Device) BindClose() error {
+	device.net.Lock()
+	err := unsafeCloseBind(device)
+	device.net.Unlock()
+	return err
+}

device/device_test.go

@@ -0,0 +1,434 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"bytes"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"math/rand"
+	"net"
+	"runtime"
+	"runtime/pprof"
+	"sync"
+	"sync/atomic"
+	"syscall"
+	"testing"
+	"time"
+
+	"golang.zx2c4.com/wireguard/tun/tuntest"
+)
+
+// uapiCfg returns a string that contains cfg formatted use with IpcSet.
+// cfg is a series of alternating key/value strings.
+// uapiCfg exists because editors and humans like to insert
+// whitespace into configs, which can cause failures, some of which are silent.
+// For example, a leading blank newline causes the remainder
+// of the config to be silently ignored.
+func uapiCfg(cfg ...string) string {
+	if len(cfg)%2 != 0 {
+		panic("odd number of args to uapiReader")
+	}
+	buf := new(bytes.Buffer)
+	for i, s := range cfg {
+		buf.WriteString(s)
+		sep := byte('\n')
+		if i%2 == 0 {
+			sep = '='
+		}
+		buf.WriteByte(sep)
+	}
+	return buf.String()
+}
+
+// genConfigs generates a pair of configs that connect to each other.
+// The configs use distinct, probably-usable ports.
+func genConfigs(tb testing.TB) (cfgs [2]string, endpointCfgs [2]string) {
+	var key1, key2 NoisePrivateKey
+	_, err := rand.Read(key1[:])
+	if err != nil {
+		tb.Errorf("unable to generate private key random bytes: %v", err)
+	}
+	_, err = rand.Read(key2[:])
+	if err != nil {
+		tb.Errorf("unable to generate private key random bytes: %v", err)
+	}
+	pub1, pub2 := key1.publicKey(), key2.publicKey()
+
+	cfgs[0] = uapiCfg(
+		"private_key", hex.EncodeToString(key1[:]),
+		"listen_port", "0",
+		"replace_peers", "true",
+		"public_key", hex.EncodeToString(pub2[:]),
+		"protocol_version", "1",
+		"replace_allowed_ips", "true",
+		"allowed_ip", "1.0.0.2/32",
+	)
+	endpointCfgs[0] = uapiCfg(
+		"public_key", hex.EncodeToString(pub2[:]),
+		"endpoint", "127.0.0.1:%d",
+	)
+	cfgs[1] = uapiCfg(
+		"private_key", hex.EncodeToString(key2[:]),
+		"listen_port", "0",
+		"replace_peers", "true",
+		"public_key", hex.EncodeToString(pub1[:]),
+		"protocol_version", "1",
+		"replace_allowed_ips", "true",
+		"allowed_ip", "1.0.0.1/32",
+	)
+	endpointCfgs[1] = uapiCfg(
+		"public_key", hex.EncodeToString(pub1[:]),
+		"endpoint", "127.0.0.1:%d",
+	)
+	return
+}
+
+// A testPair is a pair of testPeers.
+type testPair [2]testPeer
+
+// A testPeer is a peer used for testing.
+type testPeer struct {
+	tun *tuntest.ChannelTUN
+	dev *Device
+	ip  net.IP
+}
+
+type SendDirection bool
+
+const (
+	Ping SendDirection = true
+	Pong SendDirection = false
+)
+
+func (d SendDirection) String() string {
+	if d == Ping {
+		return "ping"
+	}
+	return "pong"
+}
+
+func (pair *testPair) Send(tb testing.TB, ping SendDirection, done chan struct{}) {
+	tb.Helper()
+	p0, p1 := pair[0], pair[1]
+	if !ping {
+		// pong is the new ping
+		p0, p1 = p1, p0
+	}
+	msg := tuntest.Ping(p0.ip, p1.ip)
+	p1.tun.Outbound <- msg
+	timer := time.NewTimer(5 * time.Second)
+	defer timer.Stop()
+	var err error
+	select {
+	case msgRecv := <-p0.tun.Inbound:
+		if !bytes.Equal(msg, msgRecv) {
+			err = fmt.Errorf("%s did not transit correctly", ping)
+		}
+	case <-timer.C:
+		err = fmt.Errorf("%s did not transit", ping)
+	case <-done:
+	}
+	if err != nil {
+		// The error may have occurred because the test is done.
+		select {
+		case <-done:
+			return
+		default:
+		}
+		// Real error.
+		tb.Error(err)
+	}
+}
+
+// genTestPair creates a testPair.
+func genTestPair(tb testing.TB) (pair testPair) {
+	cfg, endpointCfg := genConfigs(tb)
+	// Bring up a ChannelTun for each config.
+	for i := range pair {
+		p := &pair[i]
+		p.tun = tuntest.NewChannelTUN()
+		p.ip = net.IPv4(1, 0, 0, byte(i+1))
+		level := LogLevelVerbose
+		if _, ok := tb.(*testing.B); ok && !testing.Verbose() {
+			level = LogLevelError
+		}
+		p.dev = NewDevice(p.tun.TUN(), NewLogger(level, fmt.Sprintf("dev%d: ", i)))
+		if err := p.dev.IpcSet(cfg[i]); err != nil {
+			tb.Errorf("failed to configure device %d: %v", i, err)
+			p.dev.Close()
+			continue
+		}
+		if err := p.dev.Up(); err != nil {
+			tb.Errorf("failed to bring up device %d: %v", i, err)
+			p.dev.Close()
+			continue
+		}
+		endpointCfg[i^1] = fmt.Sprintf(endpointCfg[i^1], p.dev.net.port)
+	}
+	for i := range pair {
+		p := &pair[i]
+		if err := p.dev.IpcSet(endpointCfg[i]); err != nil {
+			tb.Errorf("failed to configure device endpoint %d: %v", i, err)
+			p.dev.Close()
+			continue
+		}
+		// The device is ready. Close it when the test completes.
+		tb.Cleanup(p.dev.Close)
+	}
+	return
+}
+
+func TestTwoDevicePing(t *testing.T) {
+	goroutineLeakCheck(t)
+	pair := genTestPair(t)
+	t.Run("ping 1.0.0.1", func(t *testing.T) {
+		pair.Send(t, Ping, nil)
+	})
+	t.Run("ping 1.0.0.2", func(t *testing.T) {
+		pair.Send(t, Pong, nil)
+	})
+}
+
+func TestUpDown(t *testing.T) {
+	goroutineLeakCheck(t)
+	const itrials = 20
+	const otrials = 1
+
+	for n := 0; n < otrials; n++ {
+		pair := genTestPair(t)
+		for i := range pair {
+			for k := range pair[i].dev.peers.keyMap {
+				pair[i].dev.IpcSet(fmt.Sprintf("public_key=%s\npersistent_keepalive_interval=1\n", hex.EncodeToString(k[:])))
+			}
+		}
+		var wg sync.WaitGroup
+		wg.Add(len(pair))
+		for i := range pair {
+			go func(d *Device) {
+				defer wg.Done()
+				for i := 0; i < itrials; i++ {
+					start := time.Now()
+					for {
+						if err := d.Up(); err != nil {
+							if errors.Is(err, syscall.EADDRINUSE) && time.Now().Sub(start) < time.Second*4 {
+								// Some other test process is racing with us, so try again.
+								time.Sleep(time.Millisecond * 10)
+								continue
+							}
+							t.Errorf("failed up bring up device: %v", err)
+						}
+						break
+					}
+					time.Sleep(time.Duration(rand.Intn(int(time.Nanosecond * (0x10000 - 1)))))
+					if err := d.Down(); err != nil {
+						t.Errorf("failed to bring down device: %v", err)
+					}
+					time.Sleep(time.Duration(rand.Intn(int(time.Nanosecond * (0x10000 - 1)))))
+				}
+			}(pair[i].dev)
+		}
+		wg.Wait()
+		for i := range pair {
+			pair[i].dev.Up()
+			pair[i].dev.Close()
+		}
+	}
+}
+
+// TestConcurrencySafety does other things concurrently with tunnel use.
+// It is intended to be used with the race detector to catch data races.
+func TestConcurrencySafety(t *testing.T) {
+	pair := genTestPair(t)
+	done := make(chan struct{})
+
+	const warmupIters = 10
+	var warmup sync.WaitGroup
+	warmup.Add(warmupIters)
+	go func() {
+		// Send data continuously back and forth until we're done.
+		// Note that we may continue to attempt to send data
+		// even after done is closed.
+		i := warmupIters
+		for ping := Ping; ; ping = !ping {
+			pair.Send(t, ping, done)
+			select {
+			case <-done:
+				return
+			default:
+			}
+			if i > 0 {
+				warmup.Done()
+				i--
+			}
+		}
+	}()
+	warmup.Wait()
+
+	applyCfg := func(cfg string) {
+		err := pair[0].dev.IpcSet(cfg)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	// Change persistent_keepalive_interval concurrently with tunnel use.
+	t.Run("persistentKeepaliveInterval", func(t *testing.T) {
+		var pub NoisePublicKey
+		for key := range pair[0].dev.peers.keyMap {
+			pub = key
+			break
+		}
+		cfg := uapiCfg(
+			"public_key", hex.EncodeToString(pub[:]),
+			"persistent_keepalive_interval", "1",
+		)
+		for i := 0; i < 1000; i++ {
+			applyCfg(cfg)
+		}
+	})
+
+	// Change private keys concurrently with tunnel use.
+	t.Run("privateKey", func(t *testing.T) {
+		bad := uapiCfg("private_key", "7777777777777777777777777777777777777777777777777777777777777777")
+		good := uapiCfg("private_key", hex.EncodeToString(pair[0].dev.staticIdentity.privateKey[:]))
+		// Set iters to a large number like 1000 to flush out data races quickly.
+		// Don't leave it large. That can cause logical races
+		// in which the handshake is interleaved with key changes
+		// such that the private key appears to be unchanging but
+		// other state gets reset, which can cause handshake failures like
+		// "Received packet with invalid mac1".
+		const iters = 1
+		for i := 0; i < iters; i++ {
+			applyCfg(bad)
+			applyCfg(good)
+		}
+	})
+
+	close(done)
+}
+
+func assertNil(t *testing.T, err error) {
+	if err != nil {
+		t.Fatal(err)
+	}
+}
+
+func assertEqual(t *testing.T, a, b []byte) {
+	if !bytes.Equal(a, b) {
+		t.Fatal(a, "!=", b)
+	}
+}
+
+func randDevice(t *testing.T) *Device {
+	sk, err := newPrivateKey()
+	if err != nil {
+		t.Fatal(err)
+	}
+	tun := newDummyTUN("dummy")
+	logger := NewLogger(LogLevelError, "")
+	device := NewDevice(tun, logger)
+	device.SetPrivateKey(sk)
+	return device
+}
+
+func BenchmarkLatency(b *testing.B) {
+	pair := genTestPair(b)
+
+	// Establish a connection.
+	pair.Send(b, Ping, nil)
+	pair.Send(b, Pong, nil)
+
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		pair.Send(b, Ping, nil)
+		pair.Send(b, Pong, nil)
+	}
+}
+
+func BenchmarkThroughput(b *testing.B) {
+	pair := genTestPair(b)
+
+	// Establish a connection.
+	pair.Send(b, Ping, nil)
+	pair.Send(b, Pong, nil)
+
+	// Measure how long it takes to receive b.N packets,
+	// starting when we receive the first packet.
+	var recv uint64
+	var elapsed time.Duration
+	var wg sync.WaitGroup
+	wg.Add(1)
+	go func() {
+		defer wg.Done()
+		var start time.Time
+		for {
+			<-pair[0].tun.Inbound
+			new := atomic.AddUint64(&recv, 1)
+			if new == 1 {
+				start = time.Now()
+			}
+			// Careful! Don't change this to else if; b.N can be equal to 1.
+			if new == uint64(b.N) {
+				elapsed = time.Since(start)
+				return
+			}
+		}
+	}()
+
+	// Send packets as fast as we can until we've received enough.
+	ping := tuntest.Ping(pair[0].ip, pair[1].ip)
+	pingc := pair[1].tun.Outbound
+	var sent uint64
+	for atomic.LoadUint64(&recv) != uint64(b.N) {
+		sent++
+		pingc <- ping
+	}
+	wg.Wait()
+
+	b.ReportMetric(float64(elapsed)/float64(b.N), "ns/op")
+	b.ReportMetric(1-float64(b.N)/float64(sent), "packet-loss")
+}
+
+func BenchmarkUAPIGet(b *testing.B) {
+	pair := genTestPair(b)
+	pair.Send(b, Ping, nil)
+	pair.Send(b, Pong, nil)
+	b.ReportAllocs()
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		pair[0].dev.IpcGetOperation(ioutil.Discard)
+	}
+}
+
+func goroutineLeakCheck(t *testing.T) {
+	goroutines := func() (int, []byte) {
+		p := pprof.Lookup("goroutine")
+		b := new(bytes.Buffer)
+		p.WriteTo(b, 1)
+		return p.Count(), b.Bytes()
+	}
+
+	startGoroutines, startStacks := goroutines()
+	t.Cleanup(func() {
+		if t.Failed() {
+			return
+		}
+		// Give goroutines time to exit, if they need it.
+		for i := 0; i < 10000; i++ {
+			if runtime.NumGoroutine() <= startGoroutines {
+				return
+			}
+			time.Sleep(1 * time.Millisecond)
+		}
+		endGoroutines, endStacks := goroutines()
+		t.Logf("starting stacks:\n%s\n", startStacks)
+		t.Logf("ending stacks:\n%s\n", endStacks)
+		t.Fatalf("expected %d goroutines, got %d, leak?", startGoroutines, endGoroutines)
+	})
+}

device/devicestate_string.go

@@ -0,0 +1,16 @@
+// Code generated by "stringer -type deviceState -trimprefix=deviceState"; DO NOT EDIT.
+
+package device
+
+import "strconv"
+
+const _deviceState_name = "DownUpClosed"
+
+var _deviceState_index = [...]uint8{0, 4, 6, 12}
+
+func (i deviceState) String() string {
+	if i >= deviceState(len(_deviceState_index)-1) {
+		return "deviceState(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _deviceState_name[_deviceState_index[i]:_deviceState_index[i+1]]
+}

device/endpoint_test.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"math/rand"

device/indextable.go

@@ -1,15 +1,14 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"crypto/rand"
+	"encoding/binary"
 	"sync"
-	"unsafe"
 )
 
 type IndexTableEntry struct {
@@ -19,31 +18,32 @@ type IndexTableEntry struct {
 }
 
 type IndexTable struct {
-	mutex sync.RWMutex
+	sync.RWMutex
 	table map[uint32]IndexTableEntry
 }
 
 func randUint32() (uint32, error) {
 	var integer [4]byte
 	_, err := rand.Read(integer[:])
-	return *(*uint32)(unsafe.Pointer(&integer[0])), err
+	// Arbitrary endianness; both are intrinsified by the Go compiler.
+	return binary.LittleEndian.Uint32(integer[:]), err
 }
 
 func (table *IndexTable) Init() {
-	table.mutex.Lock()
-	defer table.mutex.Unlock()
+	table.Lock()
+	defer table.Unlock()
 	table.table = make(map[uint32]IndexTableEntry)
 }
 
 func (table *IndexTable) Delete(index uint32) {
-	table.mutex.Lock()
-	defer table.mutex.Unlock()
+	table.Lock()
+	defer table.Unlock()
 	delete(table.table, index)
 }
 
 func (table *IndexTable) SwapIndexForKeypair(index uint32, keypair *Keypair) {
-	table.mutex.Lock()
-	defer table.mutex.Unlock()
+	table.Lock()
+	defer table.Unlock()
 	entry, ok := table.table[index]
 	if !ok {
 		return
@@ -66,19 +66,19 @@ func (table *IndexTable) NewIndexForHandshake(peer *Peer, handshake *Handshake)
 
 		// check if index used
 
-		table.mutex.RLock()
+		table.RLock()
 		_, ok := table.table[index]
-		table.mutex.RUnlock()
+		table.RUnlock()
 		if ok {
 			continue
 		}
 
 		// check again while locked
 
-		table.mutex.Lock()
+		table.Lock()
 		_, found := table.table[index]
 		if found {
-			table.mutex.Unlock()
+			table.Unlock()
 			continue
 		}
 		table.table[index] = IndexTableEntry{
@@ -86,13 +86,13 @@ func (table *IndexTable) NewIndexForHandshake(peer *Peer, handshake *Handshake)
 			handshake: handshake,
 			keypair:   nil,
 		}
-		table.mutex.Unlock()
+		table.Unlock()
 		return index, nil
 	}
 }
 
 func (table *IndexTable) Lookup(id uint32) IndexTableEntry {
-	table.mutex.RLock()
-	defer table.mutex.RUnlock()
+	table.RLock()
+	defer table.RUnlock()
 	return table.table[id]
 }

device/ip.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"net"

device/kdf_test.go

@@ -1,15 +1,15 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"encoding/hex"
-	"golang.org/x/crypto/blake2s"
 	"testing"
+
+	"golang.org/x/crypto/blake2s"
 )
 
 type KDFTest struct {

device/keypair.go

@@ -1,16 +1,18 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"crypto/cipher"
-	"git.zx2c4.com/wireguard-go/replay"
 	"sync"
+	"sync/atomic"
 	"time"
+	"unsafe"
+
+	"golang.zx2c4.com/wireguard/replay"
 )
 
 /* Due to limitations in Go and /x/crypto there is currently
@@ -21,10 +23,10 @@ import (
  */
 
 type Keypair struct {
-	sendNonce    uint64
+	sendNonce    uint64 // accessed atomically
 	send         cipher.AEAD
 	receive      cipher.AEAD
-	replayFilter replay.ReplayFilter
+	replayFilter replay.Filter
 	isInitiator  bool
 	created      time.Time
 	localIndex   uint32
@@ -32,15 +34,23 @@ type Keypair struct {
 }
 
 type Keypairs struct {
-	mutex    sync.RWMutex
+	sync.RWMutex
 	current  *Keypair
 	previous *Keypair
 	next     *Keypair
 }
 
+func (kp *Keypairs) storeNext(next *Keypair) {
+	atomic.StorePointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next)), (unsafe.Pointer)(next))
+}
+
+func (kp *Keypairs) loadNext() *Keypair {
+	return (*Keypair)(atomic.LoadPointer((*unsafe.Pointer)((unsafe.Pointer)(&kp.next))))
+}
+
 func (kp *Keypairs) Current() *Keypair {
-	kp.mutex.RLock()
-	defer kp.mutex.RUnlock()
+	kp.RLock()
+	defer kp.RUnlock()
 	return kp.current
 }
 

device/logger.go

@@ -0,0 +1,48 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"log"
+	"os"
+)
+
+// A Logger provides logging for a Device.
+// The functions are Printf-style functions.
+// They must be safe for concurrent use.
+// They do not require a trailing newline in the format.
+// If nil, that level of logging will be silent.
+type Logger struct {
+	Verbosef func(format string, args ...interface{})
+	Errorf   func(format string, args ...interface{})
+}
+
+// Log levels for use with NewLogger.
+const (
+	LogLevelSilent = iota
+	LogLevelError
+	LogLevelVerbose
+)
+
+// Function for use in Logger for discarding logged lines.
+func DiscardLogf(format string, args ...interface{}) {}
+
+// NewLogger constructs a Logger that writes to stdout.
+// It logs at the specified log level and above.
+// It decorates log lines with the log level, date, time, and prepend.
+func NewLogger(level int, prepend string) *Logger {
+	logger := &Logger{DiscardLogf, DiscardLogf}
+	logf := func(prefix string) func(string, ...interface{}) {
+		return log.New(os.Stdout, prefix+": "+prepend, log.Ldate|log.Ltime).Printf
+	}
+	if level >= LogLevelVerbose {
+		logger.Verbosef = logf("DEBUG")
+	}
+	if level >= LogLevelError {
+		logger.Errorf = logf("ERROR")
+	}
+	return logger
+}

device/misc.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"sync/atomic"
@@ -18,11 +17,11 @@ const (
 )
 
 type AtomicBool struct {
-	flag int32
+	int32
 }
 
 func (a *AtomicBool) Get() bool {
-	return atomic.LoadInt32(&a.flag) == AtomicTrue
+	return atomic.LoadInt32(&a.int32) == AtomicTrue
 }
 
 func (a *AtomicBool) Swap(val bool) bool {
@@ -30,7 +29,7 @@ func (a *AtomicBool) Swap(val bool) bool {
 	if val {
 		flag = AtomicTrue
 	}
-	return atomic.SwapInt32(&a.flag, flag) == AtomicTrue
+	return atomic.SwapInt32(&a.int32, flag) == AtomicTrue
 }
 
 func (a *AtomicBool) Set(val bool) {
@@ -38,7 +37,7 @@ func (a *AtomicBool) Set(val bool) {
 	if val {
 		flag = AtomicTrue
 	}
-	atomic.StoreInt32(&a.flag, flag)
+	atomic.StoreInt32(&a.int32, flag)
 }
 
 func min(a, b uint) uint {

device/mobilequirks.go

@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+func (device *Device) DisableSomeRoamingForBrokenMobileSemantics() {
+	device.peers.RLock()
+	for _, peer := range device.peers.keyMap {
+		peer.Lock()
+		defer peer.Unlock()
+		peer.disableRoaming = peer.endpoint != nil
+	}
+	device.peers.RUnlock()
+}

device/noise-helpers.go

@@ -1,18 +1,18 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"crypto/hmac"
 	"crypto/rand"
 	"crypto/subtle"
+	"hash"
+
 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/curve25519"
-	"hash"
 )
 
 /* KDF related functions.
@@ -42,7 +42,6 @@ func HMAC2(sum *[blake2s.Size]byte, key, in0, in1 []byte) {
 func KDF1(t0 *[blake2s.Size]byte, key, input []byte) {
 	HMAC1(t0, key, input)
 	HMAC1(t0, t0[:], []byte{0x1})
-	return
 }
 
 func KDF2(t0, t1 *[blake2s.Size]byte, key, input []byte) {
@@ -51,7 +50,6 @@ func KDF2(t0, t1 *[blake2s.Size]byte, key, input []byte) {
 	HMAC1(t0, prk[:], []byte{0x1})
 	HMAC2(t1, prk[:], t0[:], []byte{0x2})
 	setZero(prk[:])
-	return
 }
 
 func KDF3(t0, t1, t2 *[blake2s.Size]byte, key, input []byte) {
@@ -61,7 +59,6 @@ func KDF3(t0, t1, t2 *[blake2s.Size]byte, key, input []byte) {
 	HMAC2(t1, prk[:], t0[:], []byte{0x2})
 	HMAC2(t2, prk[:], t1[:], []byte{0x3})
 	setZero(prk[:])
-	return
 }
 
 func isZero(val []byte) bool {
@@ -79,12 +76,14 @@ func setZero(arr []byte) {
 	}
 }
 
-func newPrivateKey() (sk NoisePrivateKey, err error) {
-	// clamping: https://cr.yp.to/ecdh.html
-	_, err = rand.Read(sk[:])
+func (sk *NoisePrivateKey) clamp() {
 	sk[0] &= 248
-	sk[31] &= 127
-	sk[31] |= 64
+	sk[31] = (sk[31] & 127) | 64
+}
+
+func newPrivateKey() (sk NoisePrivateKey, err error) {
+	_, err = rand.Read(sk[:])
+	sk.clamp()
 	return
 }
 

device/noise-protocol.go

@@ -1,29 +1,51 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"errors"
-	"git.zx2c4.com/wireguard-go/tai64n"
+	"fmt"
+	"sync"
+	"time"
+
 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/poly1305"
-	"sync"
-	"time"
+
+	"golang.zx2c4.com/wireguard/tai64n"
 )
 
+type handshakeState int
+
+// TODO(crawshaw): add commentary describing each state and the transitions
 const (
-	HandshakeZeroed = iota
-	HandshakeInitiationCreated
-	HandshakeInitiationConsumed
-	HandshakeResponseCreated
-	HandshakeResponseConsumed
+	handshakeZeroed = handshakeState(iota)
+	handshakeInitiationCreated
+	handshakeInitiationConsumed
+	handshakeResponseCreated
+	handshakeResponseConsumed
 )
 
+func (hs handshakeState) String() string {
+	switch hs {
+	case handshakeZeroed:
+		return "handshakeZeroed"
+	case handshakeInitiationCreated:
+		return "handshakeInitiationCreated"
+	case handshakeInitiationConsumed:
+		return "handshakeInitiationConsumed"
+	case handshakeResponseCreated:
+		return "handshakeResponseCreated"
+	case handshakeResponseConsumed:
+		return "handshakeResponseConsumed"
+	default:
+		return fmt.Sprintf("Handshake(UNKNOWN:%d)", int(hs))
+	}
+}
+
 const (
 	NoiseConstruction = "Noise_IKpsk2_25519_ChaChaPoly_BLAKE2s"
 	WGIdentifier      = "WireGuard v1 zx2c4 Jason@zx2c4.com"
@@ -39,13 +61,13 @@ const (
 )
 
 const (
-	MessageInitiationSize      = 148                                           // size of handshake initation message
+	MessageInitiationSize      = 148                                           // size of handshake initiation message
 	MessageResponseSize        = 92                                            // size of response message
 	MessageCookieReplySize     = 64                                            // size of cookie reply message
-	MessageTransportHeaderSize = 16                                            // size of data preceeding content in transport message
+	MessageTransportHeaderSize = 16                                            // size of data preceding content in transport message
 	MessageTransportSize       = MessageTransportHeaderSize + poly1305.TagSize // size of empty transport
 	MessageKeepaliveSize       = MessageTransportSize                          // size of keepalive
-	MessageHandshakeSize       = MessageInitiationSize                         // size of largest handshake releated message
+	MessageHandshakeSize       = MessageInitiationSize                         // size of largest handshake related message
 )
 
 const (
@@ -90,16 +112,16 @@ type MessageTransport struct {
 type MessageCookieReply struct {
 	Type     uint32
 	Receiver uint32
-	Nonce    [24]byte
+	Nonce    [chacha20poly1305.NonceSizeX]byte
 	Cookie   [blake2s.Size128 + poly1305.TagSize]byte
 }
 
 type Handshake struct {
-	state                     int
+	state                     handshakeState
 	mutex                     sync.RWMutex
 	hash                      [blake2s.Size]byte       // hash value
 	chainKey                  [blake2s.Size]byte       // chain key
-	presharedKey              NoiseSymmetricKey        // psk
+	presharedKey              NoisePresharedKey        // psk
 	localEphemeral            NoisePrivateKey          // ephemeral secret key
 	localIndex                uint32                   // used to clear hash-table
 	remoteIndex               uint32                   // index for sending
@@ -135,7 +157,7 @@ func (h *Handshake) Clear() {
 	setZero(h.chainKey[:])
 	setZero(h.hash[:])
 	h.localIndex = 0
-	h.state = HandshakeZeroed
+	h.state = handshakeZeroed
 }
 
 func (h *Handshake) mixHash(data []byte) {
@@ -154,20 +176,16 @@ func init() {
 }
 
 func (device *Device) CreateMessageInitiation(peer *Peer) (*MessageInitiation, error) {
+	var errZeroECDHResult = errors.New("ECDH returned all zeros")
 
-	device.staticIdentity.mutex.RLock()
-	defer device.staticIdentity.mutex.RUnlock()
+	device.staticIdentity.RLock()
+	defer device.staticIdentity.RUnlock()
 
 	handshake := &peer.handshake
 	handshake.mutex.Lock()
 	defer handshake.mutex.Unlock()
 
-	if isZero(handshake.precomputedStaticStatic[:]) {
-		return nil, errors.New("static shared secret is zero")
-	}
-
 	// create ephemeral key
-
 	var err error
 	handshake.hash = InitialHash
 	handshake.chainKey = InitialChainKey
@@ -176,31 +194,22 @@ func (device *Device) CreateMessageInitiation(peer *Peer) (*MessageInitiation, e
 		return nil, err
 	}
 
-	// assign index
-
-	device.indexTable.Delete(handshake.localIndex)
-	handshake.localIndex, err = device.indexTable.NewIndexForHandshake(peer, handshake)
-
-	if err != nil {
-		return nil, err
-	}
-
 	handshake.mixHash(handshake.remoteStatic[:])
 
 	msg := MessageInitiation{
 		Type:      MessageInitiationType,
 		Ephemeral: handshake.localEphemeral.publicKey(),
-		Sender:    handshake.localIndex,
 	}
 
 	handshake.mixKey(msg.Ephemeral[:])
 	handshake.mixHash(msg.Ephemeral[:])
 
 	// encrypt static key
-
-	func() {
-		var key [chacha20poly1305.KeySize]byte
 	ss := handshake.localEphemeral.sharedSecret(handshake.remoteStatic)
+	if isZero(ss[:]) {
+		return nil, errZeroECDHResult
+	}
+	var key [chacha20poly1305.KeySize]byte
 	KDF2(
 		&handshake.chainKey,
 		&key,
@@ -209,26 +218,32 @@ func (device *Device) CreateMessageInitiation(peer *Peer) (*MessageInitiation, e
 	)
 	aead, _ := chacha20poly1305.New(key[:])
 	aead.Seal(msg.Static[:0], ZeroNonce[:], device.staticIdentity.publicKey[:], handshake.hash[:])
-	}()
 	handshake.mixHash(msg.Static[:])
 
 	// encrypt timestamp
-
-	timestamp := tai64n.Now()
-	func() {
-		var key [chacha20poly1305.KeySize]byte
+	if isZero(handshake.precomputedStaticStatic[:]) {
+		return nil, errZeroECDHResult
+	}
 	KDF2(
 		&handshake.chainKey,
 		&key,
 		handshake.chainKey[:],
 		handshake.precomputedStaticStatic[:],
 	)
-		aead, _ := chacha20poly1305.New(key[:])
+	timestamp := tai64n.Now()
+	aead, _ = chacha20poly1305.New(key[:])
 	aead.Seal(msg.Timestamp[:0], ZeroNonce[:], timestamp[:], handshake.hash[:])
-	}()
+
+	// assign index
+	device.indexTable.Delete(handshake.localIndex)
+	msg.Sender, err = device.indexTable.NewIndexForHandshake(peer, handshake)
+	if err != nil {
+		return nil, err
+	}
+	handshake.localIndex = msg.Sender
 
 	handshake.mixHash(msg.Timestamp[:])
-	handshake.state = HandshakeInitiationCreated
+	handshake.state = handshakeInitiationCreated
 	return &msg, nil
 }
 
@@ -242,24 +257,24 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
 		return nil
 	}
 
-	device.staticIdentity.mutex.RLock()
-	defer device.staticIdentity.mutex.RUnlock()
+	device.staticIdentity.RLock()
+	defer device.staticIdentity.RUnlock()
 
 	mixHash(&hash, &InitialHash, device.staticIdentity.publicKey[:])
 	mixHash(&hash, &hash, msg.Ephemeral[:])
 	mixKey(&chainKey, &InitialChainKey, msg.Ephemeral[:])
 
 	// decrypt static key
-
 	var err error
 	var peerPK NoisePublicKey
-	func() {
 	var key [chacha20poly1305.KeySize]byte
 	ss := device.staticIdentity.privateKey.sharedSecret(msg.Ephemeral)
+	if isZero(ss[:]) {
+		return nil
+	}
 	KDF2(&chainKey, &key, chainKey[:], ss[:])
 	aead, _ := chacha20poly1305.New(key[:])
 	_, err = aead.Open(peerPK[:0], ZeroNonce[:], msg.Static[:], hash[:])
-	}()
 	if err != nil {
 		return nil
 	}
@@ -273,23 +288,24 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
 	}
 
 	handshake := &peer.handshake
-	if isZero(handshake.precomputedStaticStatic[:]) {
-		return nil
-	}
 
 	// verify identity
 
 	var timestamp tai64n.Timestamp
-	var key [chacha20poly1305.KeySize]byte
 
 	handshake.mutex.RLock()
+
+	if isZero(handshake.precomputedStaticStatic[:]) {
+		handshake.mutex.RUnlock()
+		return nil
+	}
 	KDF2(
 		&chainKey,
 		&key,
 		chainKey[:],
 		handshake.precomputedStaticStatic[:],
 	)
-	aead, _ := chacha20poly1305.New(key[:])
+	aead, _ = chacha20poly1305.New(key[:])
 	_, err = aead.Open(timestamp[:0], ZeroNonce[:], msg.Timestamp[:], hash[:])
 	if err != nil {
 		handshake.mutex.RUnlock()
@@ -299,11 +315,15 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
 
 	// protect against replay & flood
 
-	var ok bool
-	ok = timestamp.After(handshake.lastTimestamp)
-	ok = ok && time.Now().Sub(handshake.lastInitiationConsumption) > HandshakeInitationRate
+	replay := !timestamp.After(handshake.lastTimestamp)
+	flood := time.Since(handshake.lastInitiationConsumption) <= HandshakeInitationRate
 	handshake.mutex.RUnlock()
-	if !ok {
+	if replay {
+		device.log.Verbosef("%v - ConsumeMessageInitiation: handshake replay @ %v", peer, timestamp)
+		return nil
+	}
+	if flood {
+		device.log.Verbosef("%v - ConsumeMessageInitiation: handshake flood", peer)
 		return nil
 	}
 
@@ -315,9 +335,14 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
 	handshake.chainKey = chainKey
 	handshake.remoteIndex = msg.Sender
 	handshake.remoteEphemeral = msg.Ephemeral
+	if timestamp.After(handshake.lastTimestamp) {
 		handshake.lastTimestamp = timestamp
-	handshake.lastInitiationConsumption = time.Now()
-	handshake.state = HandshakeInitiationConsumed
+	}
+	now := time.Now()
+	if now.After(handshake.lastInitiationConsumption) {
+		handshake.lastInitiationConsumption = now
+	}
+	handshake.state = handshakeInitiationConsumed
 
 	handshake.mutex.Unlock()
 
@@ -332,7 +357,7 @@ func (device *Device) CreateMessageResponse(peer *Peer) (*MessageResponse, error
 	handshake.mutex.Lock()
 	defer handshake.mutex.Unlock()
 
-	if handshake.state != HandshakeInitiationConsumed {
+	if handshake.state != handshakeInitiationConsumed {
 		return nil, errors.New("handshake initiation must be consumed first")
 	}
 
@@ -388,7 +413,7 @@ func (device *Device) CreateMessageResponse(peer *Peer) (*MessageResponse, error
 		handshake.mixHash(msg.Empty[:])
 	}()
 
-	handshake.state = HandshakeResponseCreated
+	handshake.state = handshakeResponseCreated
 
 	return &msg, nil
 }
@@ -418,14 +443,14 @@ func (device *Device) ConsumeMessageResponse(msg *MessageResponse) *Peer {
 		handshake.mutex.RLock()
 		defer handshake.mutex.RUnlock()
 
-		if handshake.state != HandshakeInitiationCreated {
+		if handshake.state != handshakeInitiationCreated {
 			return false
 		}
 
 		// lock private key for reading
 
-		device.staticIdentity.mutex.RLock()
-		defer device.staticIdentity.mutex.RUnlock()
+		device.staticIdentity.RLock()
+		defer device.staticIdentity.RUnlock()
 
 		// finish 3-way DH
 
@@ -479,7 +504,7 @@ func (device *Device) ConsumeMessageResponse(msg *MessageResponse) *Peer {
 	handshake.hash = hash
 	handshake.chainKey = chainKey
 	handshake.remoteIndex = msg.Sender
-	handshake.state = HandshakeResponseConsumed
+	handshake.state = handshakeResponseConsumed
 
 	handshake.mutex.Unlock()
 
@@ -504,7 +529,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 	var sendKey [chacha20poly1305.KeySize]byte
 	var recvKey [chacha20poly1305.KeySize]byte
 
-	if handshake.state == HandshakeResponseConsumed {
+	if handshake.state == handshakeResponseConsumed {
 		KDF2(
 			&sendKey,
 			&recvKey,
@@ -512,7 +537,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 			nil,
 		)
 		isInitiator = true
-	} else if handshake.state == HandshakeResponseCreated {
+	} else if handshake.state == handshakeResponseCreated {
 		KDF2(
 			&recvKey,
 			&sendKey,
@@ -521,7 +546,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 		)
 		isInitiator = false
 	} else {
-		return errors.New("invalid state for keypair derivation")
+		return fmt.Errorf("invalid state for keypair derivation: %v", handshake.state)
 	}
 
 	// zero handshake
@@ -529,7 +554,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 	setZero(handshake.chainKey[:])
 	setZero(handshake.hash[:]) // Doesn't necessarily need to be zeroed. Could be used for something interesting down the line.
 	setZero(handshake.localEphemeral[:])
-	peer.handshake.state = HandshakeZeroed
+	peer.handshake.state = handshakeZeroed
 
 	// create AEAD instances
 
@@ -541,8 +566,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 	setZero(recvKey[:])
 
 	keypair.created = time.Now()
-	keypair.sendNonce = 0
-	keypair.replayFilter.Init()
+	keypair.replayFilter.Reset()
 	keypair.isInitiator = isInitiator
 	keypair.localIndex = peer.handshake.localIndex
 	keypair.remoteIndex = peer.handshake.remoteIndex
@@ -555,16 +579,16 @@ func (peer *Peer) BeginSymmetricSession() error {
 	// rotate key pairs
 
 	keypairs := &peer.keypairs
-	keypairs.mutex.Lock()
-	defer keypairs.mutex.Unlock()
+	keypairs.Lock()
+	defer keypairs.Unlock()
 
 	previous := keypairs.previous
-	next := keypairs.next
+	next := keypairs.loadNext()
 	current := keypairs.current
 
 	if isInitiator {
 		if next != nil {
-			keypairs.next = nil
+			keypairs.storeNext(nil)
 			keypairs.previous = next
 			device.DeleteKeypair(current)
 		} else {
@@ -573,7 +597,7 @@ func (peer *Peer) BeginSymmetricSession() error {
 		device.DeleteKeypair(previous)
 		keypairs.current = keypair
 	} else {
-		keypairs.next = keypair
+		keypairs.storeNext(keypair)
 		device.DeleteKeypair(next)
 		keypairs.previous = nil
 		device.DeleteKeypair(previous)
@@ -584,18 +608,19 @@ func (peer *Peer) BeginSymmetricSession() error {
 
 func (peer *Peer) ReceivedWithKeypair(receivedKeypair *Keypair) bool {
 	keypairs := &peer.keypairs
-	if keypairs.next != receivedKeypair {
+
+	if keypairs.loadNext() != receivedKeypair {
 		return false
 	}
-	keypairs.mutex.Lock()
-	defer keypairs.mutex.Unlock()
-	if keypairs.next != receivedKeypair {
+	keypairs.Lock()
+	defer keypairs.Unlock()
+	if keypairs.loadNext() != receivedKeypair {
 		return false
 	}
 	old := keypairs.previous
 	keypairs.previous = keypairs.current
 	peer.device.DeleteKeypair(old)
-	keypairs.current = keypairs.next
-	keypairs.next = nil
+	keypairs.current = keypairs.loadNext()
+	keypairs.storeNext(nil)
 	return true
 }

device/noise-types.go

@@ -1,27 +1,26 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"crypto/subtle"
 	"encoding/hex"
 	"errors"
-	"golang.org/x/crypto/chacha20poly1305"
 )
 
 const (
 	NoisePublicKeySize    = 32
 	NoisePrivateKeySize   = 32
+	NoisePresharedKeySize = 32
 )
 
 type (
 	NoisePublicKey    [NoisePublicKeySize]byte
 	NoisePrivateKey   [NoisePrivateKeySize]byte
-	NoiseSymmetricKey [chacha20poly1305.KeySize]byte
+	NoisePresharedKey [NoisePresharedKeySize]byte
 	NoiseNonce        uint64 // padded to 12-bytes
 )
 
@@ -46,22 +45,25 @@ func (key NoisePrivateKey) Equals(tar NoisePrivateKey) bool {
 	return subtle.ConstantTimeCompare(key[:], tar[:]) == 1
 }
 
-func (key *NoisePrivateKey) FromHex(src string) error {
-	return loadExactHex(key[:], src)
+func (key *NoisePrivateKey) FromHex(src string) (err error) {
+	err = loadExactHex(key[:], src)
+	key.clamp()
+	return
 }
 
-func (key NoisePrivateKey) ToHex() string {
-	return hex.EncodeToString(key[:])
+func (key *NoisePrivateKey) FromMaybeZeroHex(src string) (err error) {
+	err = loadExactHex(key[:], src)
+	if key.IsZero() {
+		return
+	}
+	key.clamp()
+	return
 }
 
 func (key *NoisePublicKey) FromHex(src string) error {
 	return loadExactHex(key[:], src)
 }
 
-func (key NoisePublicKey) ToHex() string {
-	return hex.EncodeToString(key[:])
-}
-
 func (key NoisePublicKey) IsZero() bool {
 	var zero NoisePublicKey
 	return key.Equals(zero)
@@ -71,10 +73,6 @@ func (key NoisePublicKey) Equals(tar NoisePublicKey) bool {
 	return subtle.ConstantTimeCompare(key[:], tar[:]) == 1
 }
 
-func (key *NoiseSymmetricKey) FromHex(src string) error {
+func (key *NoisePresharedKey) FromHex(src string) error {
 	return loadExactHex(key[:], src)
 }
-
-func (key NoiseSymmetricKey) ToHex() string {
-	return hex.EncodeToString(key[:])
-}

device/noise_test.go

@@ -1,10 +1,9 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package device
 
 import (
 	"bytes"
@@ -37,8 +36,14 @@ func TestNoiseHandshake(t *testing.T) {
 	defer dev1.Close()
 	defer dev2.Close()
 
-	peer1, _ := dev2.NewPeer(dev1.staticIdentity.privateKey.publicKey())
-	peer2, _ := dev1.NewPeer(dev2.staticIdentity.privateKey.publicKey())
+	peer1, err := dev2.NewPeer(dev1.staticIdentity.privateKey.publicKey())
+	if err != nil {
+		t.Fatal(err)
+	}
+	peer2, err := dev1.NewPeer(dev2.staticIdentity.privateKey.publicKey())
+	if err != nil {
+		t.Fatal(err)
+	}
 
 	assertEqual(
 		t,
@@ -114,7 +119,7 @@ func TestNoiseHandshake(t *testing.T) {
 		t.Fatal("failed to derive keypair for peer 2", err)
 	}
 
-	key1 := peer1.keypairs.next
+	key1 := peer1.keypairs.loadNext()
 	key2 := peer2.keypairs.current
 
 	// encrypting / decryption test

device/peer.go

@@ -0,0 +1,271 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"container/list"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.zx2c4.com/wireguard/conn"
+)
+
+type Peer struct {
+	isRunning    AtomicBool
+	sync.RWMutex // Mostly protects endpoint, but is generally taken whenever we modify peer
+	keypairs     Keypairs
+	handshake    Handshake
+	device       *Device
+	endpoint     conn.Endpoint
+	stopping     sync.WaitGroup // routines pending stop
+
+	// These fields are accessed with atomic operations, which must be
+	// 64-bit aligned even on 32-bit platforms. Go guarantees that an
+	// allocated struct will be 64-bit aligned. So we place
+	// atomically-accessed fields up front, so that they can share in
+	// this alignment before smaller fields throw it off.
+	stats struct {
+		txBytes           uint64 // bytes send to peer (endpoint)
+		rxBytes           uint64 // bytes received from peer
+		lastHandshakeNano int64  // nano seconds since epoch
+	}
+
+	disableRoaming bool
+
+	timers struct {
+		retransmitHandshake     *Timer
+		sendKeepalive           *Timer
+		newHandshake            *Timer
+		zeroKeyMaterial         *Timer
+		persistentKeepalive     *Timer
+		handshakeAttempts       uint32
+		needAnotherKeepalive    AtomicBool
+		sentLastMinuteHandshake AtomicBool
+	}
+
+	state struct {
+		sync.Mutex // protects against concurrent Start/Stop
+	}
+
+	queue struct {
+		staged   chan *QueueOutboundElement // staged packets before a handshake is available
+		outbound *autodrainingOutboundQueue // sequential ordering of udp transmission
+		inbound  *autodrainingInboundQueue  // sequential ordering of tun writing
+	}
+
+	cookieGenerator             CookieGenerator
+	trieEntries                 list.List
+	persistentKeepaliveInterval uint32 // accessed atomically
+}
+
+func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
+	if device.isClosed() {
+		return nil, errors.New("device closed")
+	}
+
+	// lock resources
+	device.staticIdentity.RLock()
+	defer device.staticIdentity.RUnlock()
+
+	device.peers.Lock()
+	defer device.peers.Unlock()
+
+	// check if over limit
+	if len(device.peers.keyMap) >= MaxPeers {
+		return nil, errors.New("too many peers")
+	}
+
+	// create peer
+	peer := new(Peer)
+	peer.Lock()
+	defer peer.Unlock()
+
+	peer.cookieGenerator.Init(pk)
+	peer.device = device
+	peer.queue.outbound = newAutodrainingOutboundQueue(device)
+	peer.queue.inbound = newAutodrainingInboundQueue(device)
+	peer.queue.staged = make(chan *QueueOutboundElement, QueueStagedSize)
+
+	// map public key
+	_, ok := device.peers.keyMap[pk]
+	if ok {
+		return nil, errors.New("adding existing peer")
+	}
+
+	// pre-compute DH
+	handshake := &peer.handshake
+	handshake.mutex.Lock()
+	handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
+	handshake.remoteStatic = pk
+	handshake.mutex.Unlock()
+
+	// reset endpoint
+	peer.endpoint = nil
+
+	// add
+	device.peers.keyMap[pk] = peer
+	device.peers.empty.Set(false)
+
+	// start peer
+	peer.timersInit()
+	if peer.device.isUp() {
+		peer.Start()
+	}
+
+	return peer, nil
+}
+
+func (peer *Peer) SendBuffer(buffer []byte) error {
+	peer.device.net.RLock()
+	defer peer.device.net.RUnlock()
+
+	if peer.device.net.bind == nil {
+		// Packets can leak through to SendBuffer while the device is closing.
+		// When that happens, drop them silently to avoid spurious errors.
+		if peer.device.isClosed() {
+			return nil
+		}
+		return errors.New("no bind")
+	}
+
+	peer.RLock()
+	defer peer.RUnlock()
+
+	if peer.endpoint == nil {
+		return errors.New("no known endpoint for peer")
+	}
+
+	err := peer.device.net.bind.Send(buffer, peer.endpoint)
+	if err == nil {
+		atomic.AddUint64(&peer.stats.txBytes, uint64(len(buffer)))
+	}
+	return err
+}
+
+func (peer *Peer) String() string {
+	base64Key := base64.StdEncoding.EncodeToString(peer.handshake.remoteStatic[:])
+	abbreviatedKey := "invalid"
+	if len(base64Key) == 44 {
+		abbreviatedKey = base64Key[0:4] + "…" + base64Key[39:43]
+	}
+	return fmt.Sprintf("peer(%s)", abbreviatedKey)
+}
+
+func (peer *Peer) Start() {
+	// should never start a peer on a closed device
+	if peer.device.isClosed() {
+		return
+	}
+
+	// prevent simultaneous start/stop operations
+	peer.state.Lock()
+	defer peer.state.Unlock()
+
+	if peer.isRunning.Get() {
+		return
+	}
+
+	device := peer.device
+	device.log.Verbosef("%v - Starting...", peer)
+
+	// reset routine state
+	peer.stopping.Wait()
+	peer.stopping.Add(2)
+
+	peer.handshake.mutex.Lock()
+	peer.handshake.lastSentHandshake = time.Now().Add(-(RekeyTimeout + time.Second))
+	peer.handshake.mutex.Unlock()
+
+	peer.device.queue.encryption.wg.Add(1) // keep encryption queue open for our writes
+
+	peer.timersStart()
+
+	device.flushInboundQueue(peer.queue.inbound)
+	device.flushOutboundQueue(peer.queue.outbound)
+	go peer.RoutineSequentialSender()
+	go peer.RoutineSequentialReceiver()
+
+	peer.isRunning.Set(true)
+}
+
+func (peer *Peer) ZeroAndFlushAll() {
+	device := peer.device
+
+	// clear key pairs
+
+	keypairs := &peer.keypairs
+	keypairs.Lock()
+	device.DeleteKeypair(keypairs.previous)
+	device.DeleteKeypair(keypairs.current)
+	device.DeleteKeypair(keypairs.loadNext())
+	keypairs.previous = nil
+	keypairs.current = nil
+	keypairs.storeNext(nil)
+	keypairs.Unlock()
+
+	// clear handshake state
+
+	handshake := &peer.handshake
+	handshake.mutex.Lock()
+	device.indexTable.Delete(handshake.localIndex)
+	handshake.Clear()
+	handshake.mutex.Unlock()
+
+	peer.FlushStagedPackets()
+}
+
+func (peer *Peer) ExpireCurrentKeypairs() {
+	handshake := &peer.handshake
+	handshake.mutex.Lock()
+	peer.device.indexTable.Delete(handshake.localIndex)
+	handshake.Clear()
+	peer.handshake.lastSentHandshake = time.Now().Add(-(RekeyTimeout + time.Second))
+	handshake.mutex.Unlock()
+
+	keypairs := &peer.keypairs
+	keypairs.Lock()
+	if keypairs.current != nil {
+		atomic.StoreUint64(&keypairs.current.sendNonce, RejectAfterMessages)
+	}
+	if keypairs.next != nil {
+		next := keypairs.loadNext()
+		atomic.StoreUint64(&next.sendNonce, RejectAfterMessages)
+	}
+	keypairs.Unlock()
+}
+
+func (peer *Peer) Stop() {
+	peer.state.Lock()
+	defer peer.state.Unlock()
+
+	if !peer.isRunning.Swap(false) {
+		return
+	}
+
+	peer.device.log.Verbosef("%v - Stopping...", peer)
+
+	peer.timersStop()
+	// Signal that RoutineSequentialSender and RoutineSequentialReceiver should exit.
+	peer.queue.inbound.c <- nil
+	peer.queue.outbound.c <- nil
+	peer.stopping.Wait()
+	peer.device.queue.encryption.wg.Done() // no more writes to encryption queue from us
+
+	peer.ZeroAndFlushAll()
+}
+
+func (peer *Peer) SetEndpointFromPacket(endpoint conn.Endpoint) {
+	if peer.disableRoaming {
+		return
+	}
+	peer.Lock()
+	peer.endpoint = endpoint
+	peer.Unlock()
+}

device/pools.go

@@ -0,0 +1,84 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"sync"
+	"sync/atomic"
+)
+
+type WaitPool struct {
+	pool  sync.Pool
+	cond  sync.Cond
+	lock  sync.Mutex
+	count uint32
+	max   uint32
+}
+
+func NewWaitPool(max uint32, new func() interface{}) *WaitPool {
+	p := &WaitPool{pool: sync.Pool{New: new}, max: max}
+	p.cond = sync.Cond{L: &p.lock}
+	return p
+}
+
+func (p *WaitPool) Get() interface{} {
+	if p.max != 0 {
+		p.lock.Lock()
+		for atomic.LoadUint32(&p.count) >= p.max {
+			p.cond.Wait()
+		}
+		atomic.AddUint32(&p.count, 1)
+		p.lock.Unlock()
+	}
+	return p.pool.Get()
+}
+
+func (p *WaitPool) Put(x interface{}) {
+	p.pool.Put(x)
+	if p.max == 0 {
+		return
+	}
+	atomic.AddUint32(&p.count, ^uint32(0))
+	p.cond.Signal()
+}
+
+func (device *Device) PopulatePools() {
+	device.pool.messageBuffers = NewWaitPool(PreallocatedBuffersPerPool, func() interface{} {
+		return new([MaxMessageSize]byte)
+	})
+	device.pool.inboundElements = NewWaitPool(PreallocatedBuffersPerPool, func() interface{} {
+		return new(QueueInboundElement)
+	})
+	device.pool.outboundElements = NewWaitPool(PreallocatedBuffersPerPool, func() interface{} {
+		return new(QueueOutboundElement)
+	})
+}
+
+func (device *Device) GetMessageBuffer() *[MaxMessageSize]byte {
+	return device.pool.messageBuffers.Get().(*[MaxMessageSize]byte)
+}
+
+func (device *Device) PutMessageBuffer(msg *[MaxMessageSize]byte) {
+	device.pool.messageBuffers.Put(msg)
+}
+
+func (device *Device) GetInboundElement() *QueueInboundElement {
+	return device.pool.inboundElements.Get().(*QueueInboundElement)
+}
+
+func (device *Device) PutInboundElement(elem *QueueInboundElement) {
+	elem.clearPointers()
+	device.pool.inboundElements.Put(elem)
+}
+
+func (device *Device) GetOutboundElement() *QueueOutboundElement {
+	return device.pool.outboundElements.Get().(*QueueOutboundElement)
+}
+
+func (device *Device) PutOutboundElement(elem *QueueOutboundElement) {
+	elem.clearPointers()
+	device.pool.outboundElements.Put(elem)
+}

device/pools_test.go

@@ -0,0 +1,87 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"math/rand"
+	"runtime"
+	"sync"
+	"sync/atomic"
+	"testing"
+	"time"
+)
+
+func TestWaitPool(t *testing.T) {
+	var wg sync.WaitGroup
+	trials := int32(100000)
+	if raceEnabled {
+		// This test can be very slow with -race.
+		trials /= 10
+	}
+	workers := runtime.NumCPU() + 2
+	if workers-4 <= 0 {
+		t.Skip("Not enough cores")
+	}
+	p := NewWaitPool(uint32(workers-4), func() interface{} { return make([]byte, 16) })
+	wg.Add(workers)
+	max := uint32(0)
+	updateMax := func() {
+		count := atomic.LoadUint32(&p.count)
+		if count > p.max {
+			t.Errorf("count (%d) > max (%d)", count, p.max)
+		}
+		for {
+			old := atomic.LoadUint32(&max)
+			if count <= old {
+				break
+			}
+			if atomic.CompareAndSwapUint32(&max, old, count) {
+				break
+			}
+		}
+	}
+	for i := 0; i < workers; i++ {
+		go func() {
+			defer wg.Done()
+			for atomic.AddInt32(&trials, -1) > 0 {
+				updateMax()
+				x := p.Get()
+				updateMax()
+				time.Sleep(time.Duration(rand.Intn(100)) * time.Microsecond)
+				updateMax()
+				p.Put(x)
+				updateMax()
+			}
+		}()
+	}
+	wg.Wait()
+	if max != p.max {
+		t.Errorf("Actual maximum count (%d) != ideal maximum count (%d)", max, p.max)
+	}
+}
+
+func BenchmarkWaitPool(b *testing.B) {
+	var wg sync.WaitGroup
+	trials := int32(b.N)
+	workers := runtime.NumCPU() + 2
+	if workers-4 <= 0 {
+		b.Skip("Not enough cores")
+	}
+	p := NewWaitPool(uint32(workers-4), func() interface{} { return make([]byte, 16) })
+	wg.Add(workers)
+	b.ResetTimer()
+	for i := 0; i < workers; i++ {
+		go func() {
+			defer wg.Done()
+			for atomic.AddInt32(&trials, -1) > 0 {
+				x := p.Get()
+				time.Sleep(time.Duration(rand.Intn(100)) * time.Microsecond)
+				p.Put(x)
+			}
+		}()
+	}
+	wg.Wait()
+}

device/queueconstants_android.go

@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+/* Reduce memory consumption for Android */
+
+const (
+	QueueStagedSize            = 128
+	QueueOutboundSize          = 1024
+	QueueInboundSize           = 1024
+	QueueHandshakeSize         = 1024
+	MaxSegmentSize             = 2200
+	PreallocatedBuffersPerPool = 4096
+)

device/queueconstants_default.go

@@ -0,0 +1,17 @@
+// +build !android,!ios
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+const (
+	QueueStagedSize            = 128
+	QueueOutboundSize          = 1024
+	QueueInboundSize           = 1024
+	QueueHandshakeSize         = 1024
+	MaxSegmentSize             = (1 << 16) - 1 // largest possible UDP datagram
+	PreallocatedBuffersPerPool = 0             // Disable and allow for infinite memory growth
+)

device/queueconstants_ios.go

@@ -0,0 +1,19 @@
+// +build ios
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+/* Fit within memory limits for iOS's Network Extension API, which has stricter requirements */
+
+const (
+	QueueStagedSize            = 128
+	QueueOutboundSize          = 1024
+	QueueInboundSize           = 1024
+	QueueHandshakeSize         = 1024
+	MaxSegmentSize             = 1700
+	PreallocatedBuffersPerPool = 1024
+)

device/race_disabled_test.go

@@ -0,0 +1,10 @@
+//+build !race
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+const raceEnabled = false

device/race_enabled_test.go

@@ -0,0 +1,10 @@
+//+build race
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+const raceEnabled = true

device/receive.go

@@ -0,0 +1,493 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.org/x/crypto/chacha20poly1305"
+	"golang.org/x/net/ipv4"
+	"golang.org/x/net/ipv6"
+
+	"golang.zx2c4.com/wireguard/conn"
+)
+
+type QueueHandshakeElement struct {
+	msgType  uint32
+	packet   []byte
+	endpoint conn.Endpoint
+	buffer   *[MaxMessageSize]byte
+}
+
+type QueueInboundElement struct {
+	sync.Mutex
+	buffer   *[MaxMessageSize]byte
+	packet   []byte
+	counter  uint64
+	keypair  *Keypair
+	endpoint conn.Endpoint
+}
+
+// clearPointers clears elem fields that contain pointers.
+// This makes the garbage collector's life easier and
+// avoids accidentally keeping other objects around unnecessarily.
+// It also reduces the possible collateral damage from use-after-free bugs.
+func (elem *QueueInboundElement) clearPointers() {
+	elem.buffer = nil
+	elem.packet = nil
+	elem.keypair = nil
+	elem.endpoint = nil
+}
+
+/* Called when a new authenticated message has been received
+ *
+ * NOTE: Not thread safe, but called by sequential receiver!
+ */
+func (peer *Peer) keepKeyFreshReceiving() {
+	if peer.timers.sentLastMinuteHandshake.Get() {
+		return
+	}
+	keypair := peer.keypairs.Current()
+	if keypair != nil && keypair.isInitiator && time.Since(keypair.created) > (RejectAfterTime-KeepaliveTimeout-RekeyTimeout) {
+		peer.timers.sentLastMinuteHandshake.Set(true)
+		peer.SendHandshakeInitiation(false)
+	}
+}
+
+/* Receives incoming datagrams for the device
+ *
+ * Every time the bind is updated a new routine is started for
+ * IPv4 and IPv6 (separately)
+ */
+func (device *Device) RoutineReceiveIncoming(IP int, bind conn.Bind) {
+	defer func() {
+		device.log.Verbosef("Routine: receive incoming IPv%d - stopped", IP)
+		device.queue.decryption.wg.Done()
+		device.queue.handshake.wg.Done()
+		device.net.stopping.Done()
+	}()
+
+	device.log.Verbosef("Routine: receive incoming IPv%d - started", IP)
+
+	// receive datagrams until conn is closed
+
+	buffer := device.GetMessageBuffer()
+
+	var (
+		err         error
+		size        int
+		endpoint    conn.Endpoint
+		deathSpiral int
+	)
+
+	for {
+		switch IP {
+		case ipv4.Version:
+			size, endpoint, err = bind.ReceiveIPv4(buffer[:])
+		case ipv6.Version:
+			size, endpoint, err = bind.ReceiveIPv6(buffer[:])
+		default:
+			panic("invalid IP version")
+		}
+
+		if err != nil {
+			device.PutMessageBuffer(buffer)
+			if errors.Is(err, conn.NetErrClosed) {
+				return
+			}
+			device.log.Errorf("Failed to receive packet: %v", err)
+			if deathSpiral < 10 {
+				deathSpiral++
+				time.Sleep(time.Second / 3)
+				continue
+			}
+			return
+		}
+		deathSpiral = 0
+
+		if size < MinMessageSize {
+			continue
+		}
+
+		// check size of packet
+
+		packet := buffer[:size]
+		msgType := binary.LittleEndian.Uint32(packet[:4])
+
+		var okay bool
+
+		switch msgType {
+
+		// check if transport
+
+		case MessageTransportType:
+
+			// check size
+
+			if len(packet) < MessageTransportSize {
+				continue
+			}
+
+			// lookup key pair
+
+			receiver := binary.LittleEndian.Uint32(
+				packet[MessageTransportOffsetReceiver:MessageTransportOffsetCounter],
+			)
+			value := device.indexTable.Lookup(receiver)
+			keypair := value.keypair
+			if keypair == nil {
+				continue
+			}
+
+			// check keypair expiry
+
+			if keypair.created.Add(RejectAfterTime).Before(time.Now()) {
+				continue
+			}
+
+			// create work element
+			peer := value.peer
+			elem := device.GetInboundElement()
+			elem.packet = packet
+			elem.buffer = buffer
+			elem.keypair = keypair
+			elem.endpoint = endpoint
+			elem.counter = 0
+			elem.Mutex = sync.Mutex{}
+			elem.Lock()
+
+			// add to decryption queues
+			if peer.isRunning.Get() {
+				peer.queue.inbound.c <- elem
+				device.queue.decryption.c <- elem
+				buffer = device.GetMessageBuffer()
+			} else {
+				device.PutInboundElement(elem)
+			}
+			continue
+
+		// otherwise it is a fixed size & handshake related packet
+
+		case MessageInitiationType:
+			okay = len(packet) == MessageInitiationSize
+
+		case MessageResponseType:
+			okay = len(packet) == MessageResponseSize
+
+		case MessageCookieReplyType:
+			okay = len(packet) == MessageCookieReplySize
+
+		default:
+			device.log.Verbosef("Received message with unknown type")
+		}
+
+		if okay {
+			select {
+			case device.queue.handshake.c <- QueueHandshakeElement{
+				msgType:  msgType,
+				buffer:   buffer,
+				packet:   packet,
+				endpoint: endpoint,
+			}:
+				buffer = device.GetMessageBuffer()
+			default:
+			}
+		}
+	}
+}
+
+func (device *Device) RoutineDecryption() {
+	var nonce [chacha20poly1305.NonceSize]byte
+
+	defer device.log.Verbosef("Routine: decryption worker - stopped")
+	device.log.Verbosef("Routine: decryption worker - started")
+
+	for elem := range device.queue.decryption.c {
+		// split message into fields
+		counter := elem.packet[MessageTransportOffsetCounter:MessageTransportOffsetContent]
+		content := elem.packet[MessageTransportOffsetContent:]
+
+		// decrypt and release to consumer
+		var err error
+		elem.counter = binary.LittleEndian.Uint64(counter)
+		// copy counter to nonce
+		binary.LittleEndian.PutUint64(nonce[0x4:0xc], elem.counter)
+		elem.packet, err = elem.keypair.receive.Open(
+			content[:0],
+			nonce[:],
+			content,
+			nil,
+		)
+		if err != nil {
+			elem.packet = nil
+		}
+		elem.Unlock()
+	}
+}
+
+/* Handles incoming packets related to handshake
+ */
+func (device *Device) RoutineHandshake() {
+	defer func() {
+		device.log.Verbosef("Routine: handshake worker - stopped")
+		device.queue.encryption.wg.Done()
+	}()
+	device.log.Verbosef("Routine: handshake worker - started")
+
+	for elem := range device.queue.handshake.c {
+
+		// handle cookie fields and ratelimiting
+
+		switch elem.msgType {
+
+		case MessageCookieReplyType:
+
+			// unmarshal packet
+
+			var reply MessageCookieReply
+			reader := bytes.NewReader(elem.packet)
+			err := binary.Read(reader, binary.LittleEndian, &reply)
+			if err != nil {
+				device.log.Verbosef("Failed to decode cookie reply")
+				goto skip
+			}
+
+			// lookup peer from index
+
+			entry := device.indexTable.Lookup(reply.Receiver)
+
+			if entry.peer == nil {
+				goto skip
+			}
+
+			// consume reply
+
+			if peer := entry.peer; peer.isRunning.Get() {
+				device.log.Verbosef("Receiving cookie response from %s", elem.endpoint.DstToString())
+				if !peer.cookieGenerator.ConsumeReply(&reply) {
+					device.log.Verbosef("Could not decrypt invalid cookie response")
+				}
+			}
+
+			goto skip
+
+		case MessageInitiationType, MessageResponseType:
+
+			// check mac fields and maybe ratelimit
+
+			if !device.cookieChecker.CheckMAC1(elem.packet) {
+				device.log.Verbosef("Received packet with invalid mac1")
+				goto skip
+			}
+
+			// endpoints destination address is the source of the datagram
+
+			if device.IsUnderLoad() {
+
+				// verify MAC2 field
+
+				if !device.cookieChecker.CheckMAC2(elem.packet, elem.endpoint.DstToBytes()) {
+					device.SendHandshakeCookie(&elem)
+					goto skip
+				}
+
+				// check ratelimiter
+
+				if !device.rate.limiter.Allow(elem.endpoint.DstIP()) {
+					goto skip
+				}
+			}
+
+		default:
+			device.log.Errorf("Invalid packet ended up in the handshake queue")
+			goto skip
+		}
+
+		// handle handshake initiation/response content
+
+		switch elem.msgType {
+		case MessageInitiationType:
+
+			// unmarshal
+
+			var msg MessageInitiation
+			reader := bytes.NewReader(elem.packet)
+			err := binary.Read(reader, binary.LittleEndian, &msg)
+			if err != nil {
+				device.log.Errorf("Failed to decode initiation message")
+				goto skip
+			}
+
+			// consume initiation
+
+			peer := device.ConsumeMessageInitiation(&msg)
+			if peer == nil {
+				device.log.Verbosef("Received invalid initiation message from %s", elem.endpoint.DstToString())
+				goto skip
+			}
+
+			// update timers
+
+			peer.timersAnyAuthenticatedPacketTraversal()
+			peer.timersAnyAuthenticatedPacketReceived()
+
+			// update endpoint
+			peer.SetEndpointFromPacket(elem.endpoint)
+
+			device.log.Verbosef("%v - Received handshake initiation", peer)
+			atomic.AddUint64(&peer.stats.rxBytes, uint64(len(elem.packet)))
+
+			peer.SendHandshakeResponse()
+
+		case MessageResponseType:
+
+			// unmarshal
+
+			var msg MessageResponse
+			reader := bytes.NewReader(elem.packet)
+			err := binary.Read(reader, binary.LittleEndian, &msg)
+			if err != nil {
+				device.log.Errorf("Failed to decode response message")
+				goto skip
+			}
+
+			// consume response
+
+			peer := device.ConsumeMessageResponse(&msg)
+			if peer == nil {
+				device.log.Verbosef("Received invalid response message from %s", elem.endpoint.DstToString())
+				goto skip
+			}
+
+			// update endpoint
+			peer.SetEndpointFromPacket(elem.endpoint)
+
+			device.log.Verbosef("%v - Received handshake response", peer)
+			atomic.AddUint64(&peer.stats.rxBytes, uint64(len(elem.packet)))
+
+			// update timers
+
+			peer.timersAnyAuthenticatedPacketTraversal()
+			peer.timersAnyAuthenticatedPacketReceived()
+
+			// derive keypair
+
+			err = peer.BeginSymmetricSession()
+
+			if err != nil {
+				device.log.Errorf("%v - Failed to derive keypair: %v", peer, err)
+				goto skip
+			}
+
+			peer.timersSessionDerived()
+			peer.timersHandshakeComplete()
+			peer.SendKeepalive()
+		}
+	skip:
+		device.PutMessageBuffer(elem.buffer)
+	}
+}
+
+func (peer *Peer) RoutineSequentialReceiver() {
+	device := peer.device
+	defer func() {
+		device.log.Verbosef("%v - Routine: sequential receiver - stopped", peer)
+		peer.stopping.Done()
+	}()
+	device.log.Verbosef("%v - Routine: sequential receiver - started", peer)
+
+	for elem := range peer.queue.inbound.c {
+		if elem == nil {
+			return
+		}
+		var err error
+		elem.Lock()
+		if elem.packet == nil {
+			// decryption failed
+			goto skip
+		}
+
+		if !elem.keypair.replayFilter.ValidateCounter(elem.counter, RejectAfterMessages) {
+			goto skip
+		}
+
+		peer.SetEndpointFromPacket(elem.endpoint)
+		if peer.ReceivedWithKeypair(elem.keypair) {
+			peer.timersHandshakeComplete()
+			peer.SendStagedPackets()
+		}
+
+		peer.keepKeyFreshReceiving()
+		peer.timersAnyAuthenticatedPacketTraversal()
+		peer.timersAnyAuthenticatedPacketReceived()
+		atomic.AddUint64(&peer.stats.rxBytes, uint64(len(elem.packet)+MinMessageSize))
+
+		if len(elem.packet) == 0 {
+			device.log.Verbosef("%v - Receiving keepalive packet", peer)
+			goto skip
+		}
+		peer.timersDataReceived()
+
+		switch elem.packet[0] >> 4 {
+		case ipv4.Version:
+			if len(elem.packet) < ipv4.HeaderLen {
+				goto skip
+			}
+			field := elem.packet[IPv4offsetTotalLength : IPv4offsetTotalLength+2]
+			length := binary.BigEndian.Uint16(field)
+			if int(length) > len(elem.packet) || int(length) < ipv4.HeaderLen {
+				goto skip
+			}
+			elem.packet = elem.packet[:length]
+			src := elem.packet[IPv4offsetSrc : IPv4offsetSrc+net.IPv4len]
+			if device.allowedips.LookupIPv4(src) != peer {
+				device.log.Verbosef("IPv4 packet with disallowed source address from %v", peer)
+				goto skip
+			}
+
+		case ipv6.Version:
+			if len(elem.packet) < ipv6.HeaderLen {
+				goto skip
+			}
+			field := elem.packet[IPv6offsetPayloadLength : IPv6offsetPayloadLength+2]
+			length := binary.BigEndian.Uint16(field)
+			length += ipv6.HeaderLen
+			if int(length) > len(elem.packet) {
+				goto skip
+			}
+			elem.packet = elem.packet[:length]
+			src := elem.packet[IPv6offsetSrc : IPv6offsetSrc+net.IPv6len]
+			if device.allowedips.LookupIPv6(src) != peer {
+				device.log.Verbosef("IPv6 packet with disallowed source address from %v", peer)
+				goto skip
+			}
+
+		default:
+			device.log.Verbosef("Packet with invalid IP version from %v", peer)
+			goto skip
+		}
+
+		_, err = device.tun.device.Write(elem.buffer[:MessageTransportOffsetContent+len(elem.packet)], MessageTransportOffsetContent)
+		if err != nil && !device.isClosed() {
+			device.log.Errorf("Failed to write packet to TUN device: %v", err)
+		}
+		if len(peer.queue.inbound.c) == 0 {
+			err = device.tun.device.Flush()
+			if err != nil {
+				peer.device.log.Errorf("Unable to flush packets: %v", err)
+			}
+		}
+	skip:
+		device.PutMessageBuffer(elem.buffer)
+		device.PutInboundElement(elem)
+	}
+}

device/send.go

@@ -0,0 +1,449 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"bytes"
+	"encoding/binary"
+	"net"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.org/x/crypto/chacha20poly1305"
+	"golang.org/x/net/ipv4"
+	"golang.org/x/net/ipv6"
+)
+
+/* Outbound flow
+ *
+ * 1. TUN queue
+ * 2. Routing (sequential)
+ * 3. Nonce assignment (sequential)
+ * 4. Encryption (parallel)
+ * 5. Transmission (sequential)
+ *
+ * The functions in this file occur (roughly) in the order in
+ * which the packets are processed.
+ *
+ * Locking, Producers and Consumers
+ *
+ * The order of packets (per peer) must be maintained,
+ * but encryption of packets happen out-of-order:
+ *
+ * The sequential consumers will attempt to take the lock,
+ * workers release lock when they have completed work (encryption) on the packet.
+ *
+ * If the element is inserted into the "encryption queue",
+ * the content is preceded by enough "junk" to contain the transport header
+ * (to allow the construction of transport messages in-place)
+ */
+
+type QueueOutboundElement struct {
+	sync.Mutex
+	buffer  *[MaxMessageSize]byte // slice holding the packet data
+	packet  []byte                // slice of "buffer" (always!)
+	nonce   uint64                // nonce for encryption
+	keypair *Keypair              // keypair for encryption
+	peer    *Peer                 // related peer
+}
+
+func (device *Device) NewOutboundElement() *QueueOutboundElement {
+	elem := device.GetOutboundElement()
+	elem.buffer = device.GetMessageBuffer()
+	elem.Mutex = sync.Mutex{}
+	elem.nonce = 0
+	// keypair and peer were cleared (if necessary) by clearPointers.
+	return elem
+}
+
+// clearPointers clears elem fields that contain pointers.
+// This makes the garbage collector's life easier and
+// avoids accidentally keeping other objects around unnecessarily.
+// It also reduces the possible collateral damage from use-after-free bugs.
+func (elem *QueueOutboundElement) clearPointers() {
+	elem.buffer = nil
+	elem.packet = nil
+	elem.keypair = nil
+	elem.peer = nil
+}
+
+/* Queues a keepalive if no packets are queued for peer
+ */
+func (peer *Peer) SendKeepalive() {
+	if len(peer.queue.staged) == 0 && peer.isRunning.Get() {
+		elem := peer.device.NewOutboundElement()
+		select {
+		case peer.queue.staged <- elem:
+			peer.device.log.Verbosef("%v - Sending keepalive packet", peer)
+		default:
+			peer.device.PutMessageBuffer(elem.buffer)
+			peer.device.PutOutboundElement(elem)
+		}
+	}
+	peer.SendStagedPackets()
+}
+
+func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
+	if !isRetry {
+		atomic.StoreUint32(&peer.timers.handshakeAttempts, 0)
+	}
+
+	peer.handshake.mutex.RLock()
+	if time.Since(peer.handshake.lastSentHandshake) < RekeyTimeout {
+		peer.handshake.mutex.RUnlock()
+		return nil
+	}
+	peer.handshake.mutex.RUnlock()
+
+	peer.handshake.mutex.Lock()
+	if time.Since(peer.handshake.lastSentHandshake) < RekeyTimeout {
+		peer.handshake.mutex.Unlock()
+		return nil
+	}
+	peer.handshake.lastSentHandshake = time.Now()
+	peer.handshake.mutex.Unlock()
+
+	peer.device.log.Verbosef("%v - Sending handshake initiation", peer)
+
+	msg, err := peer.device.CreateMessageInitiation(peer)
+	if err != nil {
+		peer.device.log.Errorf("%v - Failed to create initiation message: %v", peer, err)
+		return err
+	}
+
+	var buff [MessageInitiationSize]byte
+	writer := bytes.NewBuffer(buff[:0])
+	binary.Write(writer, binary.LittleEndian, msg)
+	packet := writer.Bytes()
+	peer.cookieGenerator.AddMacs(packet)
+
+	peer.timersAnyAuthenticatedPacketTraversal()
+	peer.timersAnyAuthenticatedPacketSent()
+
+	err = peer.SendBuffer(packet)
+	if err != nil {
+		peer.device.log.Errorf("%v - Failed to send handshake initiation: %v", peer, err)
+	}
+	peer.timersHandshakeInitiated()
+
+	return err
+}
+
+func (peer *Peer) SendHandshakeResponse() error {
+	peer.handshake.mutex.Lock()
+	peer.handshake.lastSentHandshake = time.Now()
+	peer.handshake.mutex.Unlock()
+
+	peer.device.log.Verbosef("%v - Sending handshake response", peer)
+
+	response, err := peer.device.CreateMessageResponse(peer)
+	if err != nil {
+		peer.device.log.Errorf("%v - Failed to create response message: %v", peer, err)
+		return err
+	}
+
+	var buff [MessageResponseSize]byte
+	writer := bytes.NewBuffer(buff[:0])
+	binary.Write(writer, binary.LittleEndian, response)
+	packet := writer.Bytes()
+	peer.cookieGenerator.AddMacs(packet)
+
+	err = peer.BeginSymmetricSession()
+	if err != nil {
+		peer.device.log.Errorf("%v - Failed to derive keypair: %v", peer, err)
+		return err
+	}
+
+	peer.timersSessionDerived()
+	peer.timersAnyAuthenticatedPacketTraversal()
+	peer.timersAnyAuthenticatedPacketSent()
+
+	err = peer.SendBuffer(packet)
+	if err != nil {
+		peer.device.log.Errorf("%v - Failed to send handshake response: %v", peer, err)
+	}
+	return err
+}
+
+func (device *Device) SendHandshakeCookie(initiatingElem *QueueHandshakeElement) error {
+	device.log.Verbosef("Sending cookie response for denied handshake message for %v", initiatingElem.endpoint.DstToString())
+
+	sender := binary.LittleEndian.Uint32(initiatingElem.packet[4:8])
+	reply, err := device.cookieChecker.CreateReply(initiatingElem.packet, sender, initiatingElem.endpoint.DstToBytes())
+	if err != nil {
+		device.log.Errorf("Failed to create cookie reply: %v", err)
+		return err
+	}
+
+	var buff [MessageCookieReplySize]byte
+	writer := bytes.NewBuffer(buff[:0])
+	binary.Write(writer, binary.LittleEndian, reply)
+	device.net.bind.Send(writer.Bytes(), initiatingElem.endpoint)
+	return nil
+}
+
+func (peer *Peer) keepKeyFreshSending() {
+	keypair := peer.keypairs.Current()
+	if keypair == nil {
+		return
+	}
+	nonce := atomic.LoadUint64(&keypair.sendNonce)
+	if nonce > RekeyAfterMessages || (keypair.isInitiator && time.Since(keypair.created) > RekeyAfterTime) {
+		peer.SendHandshakeInitiation(false)
+	}
+}
+
+/* Reads packets from the TUN and inserts
+ * into staged queue for peer
+ *
+ * Obs. Single instance per TUN device
+ */
+func (device *Device) RoutineReadFromTUN() {
+	defer func() {
+		device.log.Verbosef("Routine: TUN reader - stopped")
+		device.state.stopping.Done()
+		device.queue.encryption.wg.Done()
+	}()
+
+	device.log.Verbosef("Routine: TUN reader - started")
+
+	var elem *QueueOutboundElement
+
+	for {
+		if elem != nil {
+			device.PutMessageBuffer(elem.buffer)
+			device.PutOutboundElement(elem)
+		}
+		elem = device.NewOutboundElement()
+
+		// read packet
+
+		offset := MessageTransportHeaderSize
+		size, err := device.tun.device.Read(elem.buffer[:], offset)
+
+		if err != nil {
+			if !device.isClosed() {
+				device.log.Errorf("Failed to read packet from TUN device: %v", err)
+				device.Close()
+			}
+			device.PutMessageBuffer(elem.buffer)
+			device.PutOutboundElement(elem)
+			return
+		}
+
+		if size == 0 || size > MaxContentSize {
+			continue
+		}
+
+		elem.packet = elem.buffer[offset : offset+size]
+
+		// lookup peer
+
+		var peer *Peer
+		switch elem.packet[0] >> 4 {
+		case ipv4.Version:
+			if len(elem.packet) < ipv4.HeaderLen {
+				continue
+			}
+			dst := elem.packet[IPv4offsetDst : IPv4offsetDst+net.IPv4len]
+			peer = device.allowedips.LookupIPv4(dst)
+
+		case ipv6.Version:
+			if len(elem.packet) < ipv6.HeaderLen {
+				continue
+			}
+			dst := elem.packet[IPv6offsetDst : IPv6offsetDst+net.IPv6len]
+			peer = device.allowedips.LookupIPv6(dst)
+
+		default:
+			device.log.Verbosef("Received packet with unknown IP version")
+		}
+
+		if peer == nil {
+			continue
+		}
+		if peer.isRunning.Get() {
+			peer.StagePacket(elem)
+			elem = nil
+			peer.SendStagedPackets()
+		}
+	}
+}
+
+func (peer *Peer) StagePacket(elem *QueueOutboundElement) {
+	for {
+		select {
+		case peer.queue.staged <- elem:
+			return
+		default:
+		}
+		select {
+		case tooOld := <-peer.queue.staged:
+			peer.device.PutMessageBuffer(tooOld.buffer)
+			peer.device.PutOutboundElement(tooOld)
+		default:
+		}
+	}
+}
+
+func (peer *Peer) SendStagedPackets() {
+top:
+	if len(peer.queue.staged) == 0 || !peer.device.isUp() {
+		return
+	}
+
+	keypair := peer.keypairs.Current()
+	if keypair == nil || atomic.LoadUint64(&keypair.sendNonce) >= RejectAfterMessages || time.Since(keypair.created) >= RejectAfterTime {
+		peer.SendHandshakeInitiation(false)
+		return
+	}
+
+	for {
+		select {
+		case elem := <-peer.queue.staged:
+			elem.peer = peer
+			elem.nonce = atomic.AddUint64(&keypair.sendNonce, 1) - 1
+			if elem.nonce >= RejectAfterMessages {
+				atomic.StoreUint64(&keypair.sendNonce, RejectAfterMessages)
+				peer.StagePacket(elem) // XXX: Out of order, but we can't front-load go chans
+				goto top
+			}
+
+			elem.keypair = keypair
+			elem.Lock()
+
+			// add to parallel and sequential queue
+			if peer.isRunning.Get() {
+				peer.queue.outbound.c <- elem
+				peer.device.queue.encryption.c <- elem
+			} else {
+				peer.device.PutMessageBuffer(elem.buffer)
+				peer.device.PutOutboundElement(elem)
+			}
+		default:
+			return
+		}
+	}
+}
+
+func (peer *Peer) FlushStagedPackets() {
+	for {
+		select {
+		case elem := <-peer.queue.staged:
+			peer.device.PutMessageBuffer(elem.buffer)
+			peer.device.PutOutboundElement(elem)
+		default:
+			return
+		}
+	}
+}
+
+func calculatePaddingSize(packetSize, mtu int) int {
+	lastUnit := packetSize
+	if mtu == 0 {
+		return ((lastUnit + PaddingMultiple - 1) & ^(PaddingMultiple - 1)) - lastUnit
+	}
+	if lastUnit > mtu {
+		lastUnit %= mtu
+	}
+	paddedSize := ((lastUnit + PaddingMultiple - 1) & ^(PaddingMultiple - 1))
+	if paddedSize > mtu {
+		paddedSize = mtu
+	}
+	return paddedSize - lastUnit
+}
+
+/* Encrypts the elements in the queue
+ * and marks them for sequential consumption (by releasing the mutex)
+ *
+ * Obs. One instance per core
+ */
+func (device *Device) RoutineEncryption() {
+	var paddingZeros [PaddingMultiple]byte
+	var nonce [chacha20poly1305.NonceSize]byte
+
+	defer device.log.Verbosef("Routine: encryption worker - stopped")
+	device.log.Verbosef("Routine: encryption worker - started")
+
+	for elem := range device.queue.encryption.c {
+		// populate header fields
+		header := elem.buffer[:MessageTransportHeaderSize]
+
+		fieldType := header[0:4]
+		fieldReceiver := header[4:8]
+		fieldNonce := header[8:16]
+
+		binary.LittleEndian.PutUint32(fieldType, MessageTransportType)
+		binary.LittleEndian.PutUint32(fieldReceiver, elem.keypair.remoteIndex)
+		binary.LittleEndian.PutUint64(fieldNonce, elem.nonce)
+
+		// pad content to multiple of 16
+		paddingSize := calculatePaddingSize(len(elem.packet), int(atomic.LoadInt32(&device.tun.mtu)))
+		elem.packet = append(elem.packet, paddingZeros[:paddingSize]...)
+
+		// encrypt content and release to consumer
+
+		binary.LittleEndian.PutUint64(nonce[4:], elem.nonce)
+		elem.packet = elem.keypair.send.Seal(
+			header,
+			nonce[:],
+			elem.packet,
+			nil,
+		)
+		elem.Unlock()
+	}
+}
+
+/* Sequentially reads packets from queue and sends to endpoint
+ *
+ * Obs. Single instance per peer.
+ * The routine terminates then the outbound queue is closed.
+ */
+func (peer *Peer) RoutineSequentialSender() {
+	device := peer.device
+	defer func() {
+		defer device.log.Verbosef("%v - Routine: sequential sender - stopped", peer)
+		peer.stopping.Done()
+	}()
+	device.log.Verbosef("%v - Routine: sequential sender - started", peer)
+
+	for elem := range peer.queue.outbound.c {
+		if elem == nil {
+			return
+		}
+		elem.Lock()
+		if !peer.isRunning.Get() {
+			// peer has been stopped; return re-usable elems to the shared pool.
+			// This is an optimization only. It is possible for the peer to be stopped
+			// immediately after this check, in which case, elem will get processed.
+			// The timers and SendBuffer code are resilient to a few stragglers.
+			// TODO(josharian): rework peer shutdown order to ensure
+			// that we never accidentally keep timers alive longer than necessary.
+			device.PutMessageBuffer(elem.buffer)
+			device.PutOutboundElement(elem)
+			continue
+		}
+
+		peer.timersAnyAuthenticatedPacketTraversal()
+		peer.timersAnyAuthenticatedPacketSent()
+
+		// send message and return buffer to pool
+
+		err := peer.SendBuffer(elem.packet)
+		if len(elem.packet) != MessageKeepaliveSize {
+			peer.timersDataSent()
+		}
+		device.PutMessageBuffer(elem.buffer)
+		device.PutOutboundElement(elem)
+		if err != nil {
+			device.log.Errorf("%v - Failed to send data packet: %v", peer, err)
+			continue
+		}
+
+		peer.keepKeyFreshSending()
+	}
+}

device/sticky_default.go

@@ -0,0 +1,12 @@
+// +build !linux android
+
+package device
+
+import (
+	"golang.zx2c4.com/wireguard/conn"
+	"golang.zx2c4.com/wireguard/rwcancel"
+)
+
+func (device *Device) startRouteListener(bind conn.Bind) (*rwcancel.RWCancel, error) {
+	return nil, nil
+}

device/sticky_linux.go

@@ -0,0 +1,218 @@
+// +build !android
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ *
+ * This implements userspace semantics of "sticky sockets", modeled after
+ * WireGuard's kernelspace implementation. This is more or less a straight port
+ * of the sticky-sockets.c example code:
+ * https://git.zx2c4.com/WireGuard/tree/contrib/examples/sticky-sockets/sticky-sockets.c
+ *
+ * Currently there is no way to achieve this within the net package:
+ * See e.g. https://github.com/golang/go/issues/17930
+ * So this code is remains platform dependent.
+ */
+
+package device
+
+import (
+	"sync"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+	"golang.zx2c4.com/wireguard/conn"
+	"golang.zx2c4.com/wireguard/rwcancel"
+)
+
+func (device *Device) startRouteListener(bind conn.Bind) (*rwcancel.RWCancel, error) {
+	netlinkSock, err := createNetlinkRouteSocket()
+	if err != nil {
+		return nil, err
+	}
+	netlinkCancel, err := rwcancel.NewRWCancel(netlinkSock)
+	if err != nil {
+		unix.Close(netlinkSock)
+		return nil, err
+	}
+
+	go device.routineRouteListener(bind, netlinkSock, netlinkCancel)
+
+	return netlinkCancel, nil
+}
+
+func (device *Device) routineRouteListener(bind conn.Bind, netlinkSock int, netlinkCancel *rwcancel.RWCancel) {
+	type peerEndpointPtr struct {
+		peer     *Peer
+		endpoint *conn.Endpoint
+	}
+	var reqPeer map[uint32]peerEndpointPtr
+	var reqPeerLock sync.Mutex
+
+	defer netlinkCancel.Close()
+	defer unix.Close(netlinkSock)
+
+	for msg := make([]byte, 1<<16); ; {
+		var err error
+		var msgn int
+		for {
+			msgn, _, _, _, err = unix.Recvmsg(netlinkSock, msg[:], nil, 0)
+			if err == nil || !rwcancel.RetryAfterError(err) {
+				break
+			}
+			if !netlinkCancel.ReadyRead() {
+				return
+			}
+		}
+		if err != nil {
+			return
+		}
+
+		for remain := msg[:msgn]; len(remain) >= unix.SizeofNlMsghdr; {
+
+			hdr := *(*unix.NlMsghdr)(unsafe.Pointer(&remain[0]))
+
+			if uint(hdr.Len) > uint(len(remain)) {
+				break
+			}
+
+			switch hdr.Type {
+			case unix.RTM_NEWROUTE, unix.RTM_DELROUTE:
+				if hdr.Seq <= MaxPeers && hdr.Seq > 0 {
+					if uint(len(remain)) < uint(hdr.Len) {
+						break
+					}
+					if hdr.Len > unix.SizeofNlMsghdr+unix.SizeofRtMsg {
+						attr := remain[unix.SizeofNlMsghdr+unix.SizeofRtMsg:]
+						for {
+							if uint(len(attr)) < uint(unix.SizeofRtAttr) {
+								break
+							}
+							attrhdr := *(*unix.RtAttr)(unsafe.Pointer(&attr[0]))
+							if attrhdr.Len < unix.SizeofRtAttr || uint(len(attr)) < uint(attrhdr.Len) {
+								break
+							}
+							if attrhdr.Type == unix.RTA_OIF && attrhdr.Len == unix.SizeofRtAttr+4 {
+								ifidx := *(*uint32)(unsafe.Pointer(&attr[unix.SizeofRtAttr]))
+								reqPeerLock.Lock()
+								if reqPeer == nil {
+									reqPeerLock.Unlock()
+									break
+								}
+								pePtr, ok := reqPeer[hdr.Seq]
+								reqPeerLock.Unlock()
+								if !ok {
+									break
+								}
+								pePtr.peer.Lock()
+								if &pePtr.peer.endpoint != pePtr.endpoint {
+									pePtr.peer.Unlock()
+									break
+								}
+								if uint32(pePtr.peer.endpoint.(*conn.NativeEndpoint).Src4().Ifindex) == ifidx {
+									pePtr.peer.Unlock()
+									break
+								}
+								pePtr.peer.endpoint.(*conn.NativeEndpoint).ClearSrc()
+								pePtr.peer.Unlock()
+							}
+							attr = attr[attrhdr.Len:]
+						}
+					}
+					break
+				}
+				reqPeerLock.Lock()
+				reqPeer = make(map[uint32]peerEndpointPtr)
+				reqPeerLock.Unlock()
+				go func() {
+					device.peers.RLock()
+					i := uint32(1)
+					for _, peer := range device.peers.keyMap {
+						peer.RLock()
+						if peer.endpoint == nil {
+							peer.RUnlock()
+							continue
+						}
+						nativeEP, _ := peer.endpoint.(*conn.NativeEndpoint)
+						if nativeEP == nil {
+							peer.RUnlock()
+							continue
+						}
+						if nativeEP.IsV6() || nativeEP.Src4().Ifindex == 0 {
+							peer.RUnlock()
+							break
+						}
+						nlmsg := struct {
+							hdr     unix.NlMsghdr
+							msg     unix.RtMsg
+							dsthdr  unix.RtAttr
+							dst     [4]byte
+							srchdr  unix.RtAttr
+							src     [4]byte
+							markhdr unix.RtAttr
+							mark    uint32
+						}{
+							unix.NlMsghdr{
+								Type:  uint16(unix.RTM_GETROUTE),
+								Flags: unix.NLM_F_REQUEST,
+								Seq:   i,
+							},
+							unix.RtMsg{
+								Family:  unix.AF_INET,
+								Dst_len: 32,
+								Src_len: 32,
+							},
+							unix.RtAttr{
+								Len:  8,
+								Type: unix.RTA_DST,
+							},
+							nativeEP.Dst4().Addr,
+							unix.RtAttr{
+								Len:  8,
+								Type: unix.RTA_SRC,
+							},
+							nativeEP.Src4().Src,
+							unix.RtAttr{
+								Len:  8,
+								Type: unix.RTA_MARK,
+							},
+							uint32(bind.LastMark()),
+						}
+						nlmsg.hdr.Len = uint32(unsafe.Sizeof(nlmsg))
+						reqPeerLock.Lock()
+						reqPeer[i] = peerEndpointPtr{
+							peer:     peer,
+							endpoint: &peer.endpoint,
+						}
+						reqPeerLock.Unlock()
+						peer.RUnlock()
+						i++
+						_, err := netlinkCancel.Write((*[unsafe.Sizeof(nlmsg)]byte)(unsafe.Pointer(&nlmsg))[:])
+						if err != nil {
+							break
+						}
+					}
+					device.peers.RUnlock()
+				}()
+			}
+			remain = remain[hdr.Len:]
+		}
+	}
+}
+
+func createNetlinkRouteSocket() (int, error) {
+	sock, err := unix.Socket(unix.AF_NETLINK, unix.SOCK_RAW, unix.NETLINK_ROUTE)
+	if err != nil {
+		return -1, err
+	}
+	saddr := &unix.SockaddrNetlink{
+		Family: unix.AF_NETLINK,
+		Groups: unix.RTMGRP_IPV4_ROUTE,
+	}
+	err = unix.Bind(sock, saddr)
+	if err != nil {
+		unix.Close(sock)
+		return -1, err
+	}
+	return sock, nil
+}

device/timers.go

@@ -1,11 +1,11 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  *
  * This is based heavily on timers.c from the kernel implementation.
  */
 
-package main
+package device
 
 import (
 	"math/rand"
@@ -14,12 +14,10 @@ import (
 	"time"
 )
 
-/* This Timer structure and related functions should roughly copy the interface of
- * the Linux kernel's struct timer_list.
- */
-
+// A Timer manages time-based aspects of the WireGuard protocol.
+// Timer roughly copies the interface of the Linux kernel's struct timer_list.
 type Timer struct {
-	timer         *time.Timer
+	*time.Timer
 	modifyingLock sync.RWMutex
 	runningLock   sync.Mutex
 	isPending     bool
@@ -27,36 +25,35 @@ type Timer struct {
 
 func (peer *Peer) NewTimer(expirationFunction func(*Peer)) *Timer {
 	timer := &Timer{}
-	timer.timer = time.AfterFunc(time.Hour, func() {
+	timer.Timer = time.AfterFunc(time.Hour, func() {
 		timer.runningLock.Lock()
+		defer timer.runningLock.Unlock()
 
 		timer.modifyingLock.Lock()
 		if !timer.isPending {
 			timer.modifyingLock.Unlock()
-			timer.runningLock.Unlock()
 			return
 		}
 		timer.isPending = false
 		timer.modifyingLock.Unlock()
 
 		expirationFunction(peer)
-		timer.runningLock.Unlock()
 	})
-	timer.timer.Stop()
+	timer.Stop()
 	return timer
 }
 
 func (timer *Timer) Mod(d time.Duration) {
 	timer.modifyingLock.Lock()
 	timer.isPending = true
-	timer.timer.Reset(d)
+	timer.Reset(d)
 	timer.modifyingLock.Unlock()
 }
 
 func (timer *Timer) Del() {
 	timer.modifyingLock.Lock()
 	timer.isPending = false
-	timer.timer.Stop()
+	timer.Stop()
 	timer.modifyingLock.Unlock()
 }
 
@@ -74,12 +71,12 @@ func (timer *Timer) IsPending() bool {
 }
 
 func (peer *Peer) timersActive() bool {
-	return peer.isRunning.Get() && peer.device != nil && peer.device.isUp.Get() && len(peer.device.peers.keyMap) > 0
+	return peer.isRunning.Get() && peer.device != nil && peer.device.isUp() && !peer.device.peers.empty.Get()
 }
 
 func expiredRetransmitHandshake(peer *Peer) {
 	if atomic.LoadUint32(&peer.timers.handshakeAttempts) > MaxTimerHandshakes {
-		peer.device.log.Debug.Printf("%s: Handshake did not complete after %d attempts, giving up\n", peer, MaxTimerHandshakes+2)
+		peer.device.log.Verbosef("%s - Handshake did not complete after %d attempts, giving up", peer, MaxTimerHandshakes+2)
 
 		if peer.timersActive() {
 			peer.timers.sendKeepalive.Del()
@@ -88,7 +85,7 @@ func expiredRetransmitHandshake(peer *Peer) {
 		/* We drop all packets without a keypair and don't try again,
 		 * if we try unsuccessfully for too long to make a handshake.
 		 */
-		peer.FlushNonceQueue()
+		peer.FlushStagedPackets()
 
 		/* We set a timer for destroying any residue that might be left
 		 * of a partial exchange.
@@ -98,14 +95,14 @@ func expiredRetransmitHandshake(peer *Peer) {
 		}
 	} else {
 		atomic.AddUint32(&peer.timers.handshakeAttempts, 1)
-		peer.device.log.Debug.Printf("%s: Handshake did not complete after %d seconds, retrying (try %d)\n", peer, int(RekeyTimeout.Seconds()), atomic.LoadUint32(&peer.timers.handshakeAttempts)+1)
+		peer.device.log.Verbosef("%s - Handshake did not complete after %d seconds, retrying (try %d)", peer, int(RekeyTimeout.Seconds()), atomic.LoadUint32(&peer.timers.handshakeAttempts)+1)
 
 		/* We clear the endpoint address src address, in case this is the cause of trouble. */
-		peer.mutex.Lock()
+		peer.Lock()
 		if peer.endpoint != nil {
 			peer.endpoint.ClearSrc()
 		}
-		peer.mutex.Unlock()
+		peer.Unlock()
 
 		peer.SendHandshakeInitiation(true)
 	}
@@ -122,24 +119,24 @@ func expiredSendKeepalive(peer *Peer) {
 }
 
 func expiredNewHandshake(peer *Peer) {
-	peer.device.log.Debug.Printf("%s: Retrying handshake because we stopped hearing back after %d seconds\n", peer, int((KeepaliveTimeout + RekeyTimeout).Seconds()))
+	peer.device.log.Verbosef("%s - Retrying handshake because we stopped hearing back after %d seconds", peer, int((KeepaliveTimeout + RekeyTimeout).Seconds()))
 	/* We clear the endpoint address src address, in case this is the cause of trouble. */
-	peer.mutex.Lock()
+	peer.Lock()
 	if peer.endpoint != nil {
 		peer.endpoint.ClearSrc()
 	}
-	peer.mutex.Unlock()
+	peer.Unlock()
 	peer.SendHandshakeInitiation(false)
 
 }
 
 func expiredZeroKeyMaterial(peer *Peer) {
-	peer.device.log.Debug.Printf("%s: Removing all keys, since we haven't received a new one in %d seconds\n", peer, int((RejectAfterTime * 3).Seconds()))
+	peer.device.log.Verbosef("%s - Removing all keys, since we haven't received a new one in %d seconds", peer, int((RejectAfterTime * 3).Seconds()))
 	peer.ZeroAndFlushAll()
 }
 
 func expiredPersistentKeepalive(peer *Peer) {
-	if peer.persistentKeepaliveInterval > 0 {
+	if atomic.LoadUint32(&peer.persistentKeepaliveInterval) > 0 {
 		peer.SendKeepalive()
 	}
 }
@@ -147,7 +144,7 @@ func expiredPersistentKeepalive(peer *Peer) {
 /* Should be called after an authenticated data packet is sent. */
 func (peer *Peer) timersDataSent() {
 	if peer.timersActive() && !peer.timers.newHandshake.IsPending() {
-		peer.timers.newHandshake.Mod(KeepaliveTimeout + RekeyTimeout)
+		peer.timers.newHandshake.Mod(KeepaliveTimeout + RekeyTimeout + time.Millisecond*time.Duration(rand.Int31n(RekeyTimeoutJitterMaxMs)))
 	}
 }
 
@@ -202,8 +199,9 @@ func (peer *Peer) timersSessionDerived() {
 
 /* Should be called before a packet with authentication -- keepalive, data, or handshake -- is sent, or after one is received. */
 func (peer *Peer) timersAnyAuthenticatedPacketTraversal() {
-	if peer.persistentKeepaliveInterval > 0 && peer.timersActive() {
-		peer.timers.persistentKeepalive.Mod(time.Duration(peer.persistentKeepaliveInterval) * time.Second)
+	keepalive := atomic.LoadUint32(&peer.persistentKeepaliveInterval)
+	if keepalive > 0 && peer.timersActive() {
+		peer.timers.persistentKeepalive.Mod(time.Duration(keepalive) * time.Second)
 	}
 }
 
@@ -213,6 +211,9 @@ func (peer *Peer) timersInit() {
 	peer.timers.newHandshake = peer.NewTimer(expiredNewHandshake)
 	peer.timers.zeroKeyMaterial = peer.NewTimer(expiredZeroKeyMaterial)
 	peer.timers.persistentKeepalive = peer.NewTimer(expiredPersistentKeepalive)
+}
+
+func (peer *Peer) timersStart() {
 	atomic.StoreUint32(&peer.timers.handshakeAttempts, 0)
 	peer.timers.sentLastMinuteHandshake.Set(false)
 	peer.timers.needAnotherKeepalive.Set(false)

device/tun.go

@@ -0,0 +1,54 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"fmt"
+	"sync/atomic"
+
+	"golang.zx2c4.com/wireguard/tun"
+)
+
+const DefaultMTU = 1420
+
+func (device *Device) RoutineTUNEventReader() {
+	device.log.Verbosef("Routine: event worker - started")
+
+	for event := range device.tun.device.Events() {
+		if event&tun.EventMTUUpdate != 0 {
+			mtu, err := device.tun.device.MTU()
+			if err != nil {
+				device.log.Errorf("Failed to load updated MTU of device: %v", err)
+				continue
+			}
+			if mtu < 0 {
+				device.log.Errorf("MTU not updated to negative value: %v", mtu)
+				continue
+			}
+			var tooLarge string
+			if mtu > MaxContentSize {
+				tooLarge = fmt.Sprintf(" (too large, capped at %v)", MaxContentSize)
+				mtu = MaxContentSize
+			}
+			old := atomic.SwapInt32(&device.tun.mtu, int32(mtu))
+			if int(old) != mtu {
+				device.log.Verbosef("MTU updated: %v%s", mtu, tooLarge)
+			}
+		}
+
+		if event&tun.EventUp != 0 {
+			device.log.Verbosef("Interface up requested")
+			device.Up()
+		}
+
+		if event&tun.EventDown != 0 {
+			device.log.Verbosef("Interface down requested")
+			device.Down()
+		}
+	}
+
+	device.log.Verbosef("Routine: event worker - stopped")
+}

device/tun_test.go

@@ -0,0 +1,56 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"errors"
+	"os"
+
+	"golang.zx2c4.com/wireguard/tun"
+)
+
+// newDummyTUN creates a dummy TUN device with the specified name.
+func newDummyTUN(name string) tun.Device {
+	return &dummyTUN{
+		name:    name,
+		packets: make(chan []byte, 100),
+		events:  make(chan tun.Event, 10),
+	}
+}
+
+// A dummyTUN is a tun.Device which is used in unit tests.
+type dummyTUN struct {
+	name    string
+	mtu     int
+	packets chan []byte
+	events  chan tun.Event
+}
+
+func (d *dummyTUN) Events() chan tun.Event { return d.events }
+func (*dummyTUN) File() *os.File           { return nil }
+func (*dummyTUN) Flush() error             { return nil }
+func (d *dummyTUN) MTU() (int, error)      { return d.mtu, nil }
+func (d *dummyTUN) Name() (string, error)  { return d.name, nil }
+
+func (d *dummyTUN) Close() error {
+	close(d.events)
+	close(d.packets)
+	return nil
+}
+
+func (d *dummyTUN) Read(b []byte, offset int) (int, error) {
+	buf, ok := <-d.packets
+	if !ok {
+		return 0, errors.New("device closed")
+	}
+	copy(b[offset:], buf)
+	return len(buf), nil
+}
+
+func (d *dummyTUN) Write(b []byte, offset int) (int, error) {
+	d.packets <- b[offset:]
+	return len(b), nil
+}

device/uapi.go

@@ -0,0 +1,458 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package device
+
+import (
+	"bufio"
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"strconv"
+	"strings"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.zx2c4.com/wireguard/conn"
+	"golang.zx2c4.com/wireguard/ipc"
+)
+
+type IPCError struct {
+	code int64 // error code
+	err  error // underlying/wrapped error
+}
+
+func (s IPCError) Error() string {
+	return fmt.Sprintf("IPC error %d: %v", s.code, s.err)
+}
+
+func (s IPCError) Unwrap() error {
+	return s.err
+}
+
+func (s IPCError) ErrorCode() int64 {
+	return s.code
+}
+
+func ipcErrorf(code int64, msg string, args ...interface{}) *IPCError {
+	return &IPCError{code: code, err: fmt.Errorf(msg, args...)}
+}
+
+var byteBufferPool = &sync.Pool{
+	New: func() interface{} { return new(bytes.Buffer) },
+}
+
+// IpcGetOperation implements the WireGuard configuration protocol "get" operation.
+// See https://www.wireguard.com/xplatform/#configuration-protocol for details.
+func (device *Device) IpcGetOperation(w io.Writer) error {
+	device.ipcMutex.RLock()
+	defer device.ipcMutex.RUnlock()
+
+	buf := byteBufferPool.Get().(*bytes.Buffer)
+	buf.Reset()
+	defer byteBufferPool.Put(buf)
+	sendf := func(format string, args ...interface{}) {
+		fmt.Fprintf(buf, format, args...)
+		buf.WriteByte('\n')
+	}
+	keyf := func(prefix string, key *[32]byte) {
+		buf.Grow(len(key)*2 + 2 + len(prefix))
+		buf.WriteString(prefix)
+		buf.WriteByte('=')
+		const hex = "0123456789abcdef"
+		for i := 0; i < len(key); i++ {
+			buf.WriteByte(hex[key[i]>>4])
+			buf.WriteByte(hex[key[i]&0xf])
+		}
+		buf.WriteByte('\n')
+	}
+
+	func() {
+
+		// lock required resources
+
+		device.net.RLock()
+		defer device.net.RUnlock()
+
+		device.staticIdentity.RLock()
+		defer device.staticIdentity.RUnlock()
+
+		device.peers.RLock()
+		defer device.peers.RUnlock()
+
+		// serialize device related values
+
+		if !device.staticIdentity.privateKey.IsZero() {
+			keyf("private_key", (*[32]byte)(&device.staticIdentity.privateKey))
+		}
+
+		if device.net.port != 0 {
+			sendf("listen_port=%d", device.net.port)
+		}
+
+		if device.net.fwmark != 0 {
+			sendf("fwmark=%d", device.net.fwmark)
+		}
+
+		// serialize each peer state
+
+		for _, peer := range device.peers.keyMap {
+			peer.RLock()
+			defer peer.RUnlock()
+
+			keyf("public_key", (*[32]byte)(&peer.handshake.remoteStatic))
+			keyf("preshared_key", (*[32]byte)(&peer.handshake.presharedKey))
+			sendf("protocol_version=1")
+			if peer.endpoint != nil {
+				sendf("endpoint=%s", peer.endpoint.DstToString())
+			}
+
+			nano := atomic.LoadInt64(&peer.stats.lastHandshakeNano)
+			secs := nano / time.Second.Nanoseconds()
+			nano %= time.Second.Nanoseconds()
+
+			sendf("last_handshake_time_sec=%d", secs)
+			sendf("last_handshake_time_nsec=%d", nano)
+			sendf("tx_bytes=%d", atomic.LoadUint64(&peer.stats.txBytes))
+			sendf("rx_bytes=%d", atomic.LoadUint64(&peer.stats.rxBytes))
+			sendf("persistent_keepalive_interval=%d", atomic.LoadUint32(&peer.persistentKeepaliveInterval))
+
+			device.allowedips.EntriesForPeer(peer, func(ip net.IP, cidr uint) bool {
+				sendf("allowed_ip=%s/%d", ip.String(), cidr)
+				return true
+			})
+		}
+	}()
+
+	// send lines (does not require resource locks)
+	if _, err := w.Write(buf.Bytes()); err != nil {
+		return ipcErrorf(ipc.IpcErrorIO, "failed to write output: %w", err)
+	}
+
+	return nil
+}
+
+// IpcSetOperation implements the WireGuard configuration protocol "set" operation.
+// See https://www.wireguard.com/xplatform/#configuration-protocol for details.
+func (device *Device) IpcSetOperation(r io.Reader) (err error) {
+	device.ipcMutex.Lock()
+	defer device.ipcMutex.Unlock()
+
+	defer func() {
+		if err != nil {
+			device.log.Errorf("%v", err)
+		}
+	}()
+
+	peer := new(ipcSetPeer)
+	deviceConfig := true
+
+	scanner := bufio.NewScanner(r)
+	for scanner.Scan() {
+		line := scanner.Text()
+		if line == "" {
+			// Blank line means terminate operation.
+			return nil
+		}
+		parts := strings.Split(line, "=")
+		if len(parts) != 2 {
+			return ipcErrorf(ipc.IpcErrorProtocol, "failed to parse line %q, found %d =-separated parts, want 2", line, len(parts))
+		}
+		key := parts[0]
+		value := parts[1]
+
+		if key == "public_key" {
+			if deviceConfig {
+				deviceConfig = false
+			}
+			peer.handlePostConfig()
+			// Load/create the peer we are now configuring.
+			err := device.handlePublicKeyLine(peer, value)
+			if err != nil {
+				return err
+			}
+			continue
+		}
+
+		var err error
+		if deviceConfig {
+			err = device.handleDeviceLine(key, value)
+		} else {
+			err = device.handlePeerLine(peer, key, value)
+		}
+		if err != nil {
+			return err
+		}
+	}
+	peer.handlePostConfig()
+
+	if err := scanner.Err(); err != nil {
+		return ipcErrorf(ipc.IpcErrorIO, "failed to read input: %w", err)
+	}
+	return nil
+}
+
+func (device *Device) handleDeviceLine(key, value string) error {
+	switch key {
+	case "private_key":
+		var sk NoisePrivateKey
+		err := sk.FromMaybeZeroHex(value)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set private_key: %w", err)
+		}
+		device.log.Verbosef("UAPI: Updating private key")
+		device.SetPrivateKey(sk)
+
+	case "listen_port":
+		port, err := strconv.ParseUint(value, 10, 16)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to parse listen_port: %w", err)
+		}
+
+		// update port and rebind
+		device.log.Verbosef("UAPI: Updating listen port")
+
+		device.net.Lock()
+		device.net.port = uint16(port)
+		device.net.Unlock()
+
+		if err := device.BindUpdate(); err != nil {
+			return ipcErrorf(ipc.IpcErrorPortInUse, "failed to set listen_port: %w", err)
+		}
+
+	case "fwmark":
+		mark, err := strconv.ParseUint(value, 10, 32)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "invalid fwmark: %w", err)
+		}
+
+		device.log.Verbosef("UAPI: Updating fwmark")
+		if err := device.BindSetMark(uint32(mark)); err != nil {
+			return ipcErrorf(ipc.IpcErrorPortInUse, "failed to update fwmark: %w", err)
+		}
+
+	case "replace_peers":
+		if value != "true" {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set replace_peers, invalid value: %v", value)
+		}
+		device.log.Verbosef("UAPI: Removing all peers")
+		device.RemoveAllPeers()
+
+	default:
+		return ipcErrorf(ipc.IpcErrorInvalid, "invalid UAPI device key: %v", key)
+	}
+
+	return nil
+}
+
+// An ipcSetPeer is the current state of an IPC set operation on a peer.
+type ipcSetPeer struct {
+	*Peer        // Peer is the current peer being operated on
+	dummy   bool // dummy reports whether this peer is a temporary, placeholder peer
+	created bool // new reports whether this is a newly created peer
+}
+
+func (peer *ipcSetPeer) handlePostConfig() {
+	if peer.Peer != nil && !peer.dummy && peer.Peer.device.isUp() {
+		peer.SendStagedPackets()
+	}
+}
+
+func (device *Device) handlePublicKeyLine(peer *ipcSetPeer, value string) error {
+	// Load/create the peer we are configuring.
+	var publicKey NoisePublicKey
+	err := publicKey.FromHex(value)
+	if err != nil {
+		return ipcErrorf(ipc.IpcErrorInvalid, "failed to get peer by public key: %w", err)
+	}
+
+	// Ignore peer with the same public key as this device.
+	device.staticIdentity.RLock()
+	peer.dummy = device.staticIdentity.publicKey.Equals(publicKey)
+	device.staticIdentity.RUnlock()
+
+	if peer.dummy {
+		peer.Peer = &Peer{}
+	} else {
+		peer.Peer = device.LookupPeer(publicKey)
+	}
+
+	peer.created = peer.Peer == nil
+	if peer.created {
+		peer.Peer, err = device.NewPeer(publicKey)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to create new peer: %w", err)
+		}
+		device.log.Verbosef("%v - UAPI: Created", peer.Peer)
+	}
+	return nil
+}
+
+func (device *Device) handlePeerLine(peer *ipcSetPeer, key, value string) error {
+	switch key {
+	case "update_only":
+		// allow disabling of creation
+		if value != "true" {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set update only, invalid value: %v", value)
+		}
+		if peer.created && !peer.dummy {
+			device.RemovePeer(peer.handshake.remoteStatic)
+			peer.Peer = &Peer{}
+			peer.dummy = true
+		}
+
+	case "remove":
+		// remove currently selected peer from device
+		if value != "true" {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set remove, invalid value: %v", value)
+		}
+		if !peer.dummy {
+			device.log.Verbosef("%v - UAPI: Removing", peer.Peer)
+			device.RemovePeer(peer.handshake.remoteStatic)
+		}
+		peer.Peer = &Peer{}
+		peer.dummy = true
+
+	case "preshared_key":
+		device.log.Verbosef("%v - UAPI: Updating preshared key", peer.Peer)
+
+		peer.handshake.mutex.Lock()
+		err := peer.handshake.presharedKey.FromHex(value)
+		peer.handshake.mutex.Unlock()
+
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set preshared key: %w", err)
+		}
+
+	case "endpoint":
+		device.log.Verbosef("%v - UAPI: Updating endpoint", peer.Peer)
+		endpoint, err := conn.CreateEndpoint(value)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set endpoint %v: %w", value, err)
+		}
+		peer.Lock()
+		defer peer.Unlock()
+		peer.endpoint = endpoint
+
+	case "persistent_keepalive_interval":
+		device.log.Verbosef("%v - UAPI: Updating persistent keepalive interval", peer.Peer)
+
+		secs, err := strconv.ParseUint(value, 10, 16)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set persistent keepalive interval: %w", err)
+		}
+
+		old := atomic.SwapUint32(&peer.persistentKeepaliveInterval, uint32(secs))
+
+		// Send immediate keepalive if we're turning it on and before it wasn't on.
+		if old == 0 && secs != 0 {
+			if err != nil {
+				return ipcErrorf(ipc.IpcErrorIO, "failed to get tun device status: %w", err)
+			}
+			if device.isUp() && !peer.dummy {
+				peer.SendKeepalive()
+			}
+		}
+
+	case "replace_allowed_ips":
+		device.log.Verbosef("%v - UAPI: Removing all allowedips", peer.Peer)
+		if value != "true" {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to replace allowedips, invalid value: %v", value)
+		}
+		if peer.dummy {
+			return nil
+		}
+		device.allowedips.RemoveByPeer(peer.Peer)
+
+	case "allowed_ip":
+		device.log.Verbosef("%v - UAPI: Adding allowedip", peer.Peer)
+
+		_, network, err := net.ParseCIDR(value)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "failed to set allowed ip: %w", err)
+		}
+		if peer.dummy {
+			return nil
+		}
+		ones, _ := network.Mask.Size()
+		device.allowedips.Insert(network.IP, uint(ones), peer.Peer)
+
+	case "protocol_version":
+		if value != "1" {
+			return ipcErrorf(ipc.IpcErrorInvalid, "invalid protocol version: %v", value)
+		}
+
+	default:
+		return ipcErrorf(ipc.IpcErrorInvalid, "invalid UAPI peer key: %v", key)
+	}
+
+	return nil
+}
+
+func (device *Device) IpcGet() (string, error) {
+	buf := new(strings.Builder)
+	if err := device.IpcGetOperation(buf); err != nil {
+		return "", err
+	}
+	return buf.String(), nil
+}
+
+func (device *Device) IpcSet(uapiConf string) error {
+	return device.IpcSetOperation(strings.NewReader(uapiConf))
+}
+
+func (device *Device) IpcHandle(socket net.Conn) {
+	defer socket.Close()
+
+	buffered := func(s io.ReadWriter) *bufio.ReadWriter {
+		reader := bufio.NewReader(s)
+		writer := bufio.NewWriter(s)
+		return bufio.NewReadWriter(reader, writer)
+	}(socket)
+
+	for {
+		op, err := buffered.ReadString('\n')
+		if err != nil {
+			return
+		}
+
+		// handle operation
+		switch op {
+		case "set=1\n":
+			err = device.IpcSetOperation(buffered.Reader)
+		case "get=1\n":
+			var nextByte byte
+			nextByte, err = buffered.ReadByte()
+			if err != nil {
+				return
+			}
+			if nextByte != '\n' {
+				err = ipcErrorf(ipc.IpcErrorInvalid, "trailing character in UAPI get: %q", nextByte)
+				break
+			}
+			err = device.IpcGetOperation(buffered.Writer)
+		default:
+			device.log.Errorf("invalid UAPI operation: %v", op)
+			return
+		}
+
+		// write status
+		var status *IPCError
+		if err != nil && !errors.As(err, &status) {
+			// shouldn't happen
+			status = ipcErrorf(ipc.IpcErrorUnknown, "other UAPI error: %w", err)
+		}
+		if status != nil {
+			device.log.Errorf("%v", status)
+			fmt.Fprintf(buffered, "errno=%d\n\n", status.ErrorCode())
+		} else {
+			fmt.Fprintf(buffered, "errno=0\n\n")
+		}
+		buffered.Flush()
+	}
+}

device_test.go

@@ -1,49 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-/* Create two device instances and simulate full WireGuard interaction
- * without network dependencies
- */
-
-import "testing"
-
-func TestDevice(t *testing.T) {
-
-	// prepare tun devices for generating traffic
-
-	tun1, err := CreateDummyTUN("tun1")
-	if err != nil {
-		t.Error("failed to create tun:", err.Error())
-	}
-
-	tun2, err := CreateDummyTUN("tun2")
-	if err != nil {
-		t.Error("failed to create tun:", err.Error())
-	}
-
-	_ = tun1
-	_ = tun2
-
-	// prepare endpoints
-
-	end1, err := CreateDummyEndpoint()
-	if err != nil {
-		t.Error("failed to create endpoint:", err.Error())
-	}
-
-	end2, err := CreateDummyEndpoint()
-	if err != nil {
-		t.Error("failed to create endpoint:", err.Error())
-	}
-
-	_ = end1
-	_ = end2
-
-	// create binds
-
-}

donotuseon_linux.go

@@ -1,15 +0,0 @@
-// +build !android
-
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- */
-
-package main
-
-const DoNotUseThisProgramOnLinux = UseTheKernelModuleInstead
-
-// --------------------------------------------------------
-// Do not use this on Linux. Instead use the kernel module.
-// See wireguard.com/install for more information.
-// --------------------------------------------------------

go.mod

@@ -0,0 +1,9 @@
+module golang.zx2c4.com/wireguard
+
+go 1.15
+
+require (
+	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
+	golang.org/x/net v0.0.0-20201224014010-6772e930b67b
+	golang.org/x/sys v0.0.0-20210105210732-16f7687f5001
+)

go.sum

@@ -0,0 +1,17 @@
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad h1:DN0cp81fZ3njFcrLCytUHRSUkqBjfTo4Tx9RJTWs0EY=
+golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20201224014010-6772e930b67b h1:iFwSg7t5GZmB/Q5TjiEAsdoLDrdJRC1RiF2WhuV29Qw=
+golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210105210732-16f7687f5001 h1:/dSxr6gT0FNI1MO5WLJo8mTmItROeOKTkDn+7OwWBos=
+golang.org/x/sys v0.0.0-20210105210732-16f7687f5001/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e h1:FDhOuMEY4JVRztM/gsbk+IKUQ8kj74bxZrgw87eMMVc=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

helper_test.go

@@ -1,93 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"bytes"
-	"errors"
-	"git.zx2c4.com/wireguard-go/tun"
-	"os"
-	"testing"
-)
-
-/* Helpers for writing unit tests
- */
-
-type DummyTUN struct {
-	name    string
-	mtu     int
-	packets chan []byte
-	events  chan tun.TUNEvent
-}
-
-func (tun *DummyTUN) File() *os.File {
-	return nil
-}
-
-func (tun *DummyTUN) Name() (string, error) {
-	return tun.name, nil
-}
-
-func (tun *DummyTUN) MTU() (int, error) {
-	return tun.mtu, nil
-}
-
-func (tun *DummyTUN) Write(d []byte, offset int) (int, error) {
-	tun.packets <- d[offset:]
-	return len(d), nil
-}
-
-func (tun *DummyTUN) Close() error {
-	close(tun.events)
-	close(tun.packets)
-	return nil
-}
-
-func (tun *DummyTUN) Events() chan tun.TUNEvent {
-	return tun.events
-}
-
-func (tun *DummyTUN) Read(d []byte, offset int) (int, error) {
-	t, ok := <-tun.packets
-	if !ok {
-		return 0, errors.New("device closed")
-	}
-	copy(d[offset:], t)
-	return len(t), nil
-}
-
-func CreateDummyTUN(name string) (tun.TUNDevice, error) {
-	var dummy DummyTUN
-	dummy.mtu = 0
-	dummy.packets = make(chan []byte, 100)
-	dummy.events = make(chan tun.TUNEvent, 10)
-	return &dummy, nil
-}
-
-func assertNil(t *testing.T, err error) {
-	if err != nil {
-		t.Fatal(err)
-	}
-}
-
-func assertEqual(t *testing.T, a []byte, b []byte) {
-	if bytes.Compare(a, b) != 0 {
-		t.Fatal(a, "!=", b)
-	}
-}
-
-func randDevice(t *testing.T) *Device {
-	sk, err := newPrivateKey()
-	if err != nil {
-		t.Fatal(err)
-	}
-	tun, _ := CreateDummyTUN("dummy")
-	logger := NewLogger(LogLevelError, "")
-	device := NewDevice(tun, logger)
-	device.SetPrivateKey(sk)
-	return device
-}

ipc/uapi_bsd.go

@@ -1,30 +1,19 @@
 // +build darwin freebsd openbsd
 
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package ipc
 
 import (
 	"errors"
-	"fmt"
-	"golang.org/x/sys/unix"
 	"net"
 	"os"
-	"path"
 	"unsafe"
-)
 
-const (
-	ipcErrorIO        = -int64(unix.EIO)
-	ipcErrorProtocol  = -int64(unix.EPROTO)
-	ipcErrorInvalid   = -int64(unix.EINVAL)
-	ipcErrorPortInUse = -int64(unix.EADDRINUSE)
-	socketDirectory   = "/var/run/wireguard"
-	socketName        = "%s.sock"
+	"golang.org/x/sys/unix"
 )
 
 type UAPIListener struct {
@@ -83,10 +72,7 @@ func UAPIListen(name string, file *os.File) (net.Listener, error) {
 		unixListener.SetUnlinkOnClose(true)
 	}
 
-	socketPath := path.Join(
-		socketDirectory,
-		fmt.Sprintf(socketName, name),
-	)
+	socketPath := sockPath(name)
 
 	// watch for deletion of socket
 
@@ -145,58 +131,3 @@ func UAPIListen(name string, file *os.File) (net.Listener, error) {
 
 	return uapi, nil
 }
-
-func UAPIOpen(name string) (*os.File, error) {
-
-	// check if path exist
-
-	err := os.MkdirAll(socketDirectory, 0755)
-	if err != nil && !os.IsExist(err) {
-		return nil, err
-	}
-
-	// open UNIX socket
-
-	socketPath := path.Join(
-		socketDirectory,
-		fmt.Sprintf(socketName, name),
-	)
-
-	addr, err := net.ResolveUnixAddr("unix", socketPath)
-	if err != nil {
-		return nil, err
-	}
-
-	oldUmask := unix.Umask(0077)
-	listener, err := func() (*net.UnixListener, error) {
-
-		// initial connection attempt
-
-		listener, err := net.ListenUnix("unix", addr)
-		if err == nil {
-			return listener, nil
-		}
-
-		// check if socket already active
-
-		_, err = net.Dial("unix", socketPath)
-		if err == nil {
-			return nil, errors.New("unix socket in use")
-		}
-
-		// cleanup & attempt again
-
-		err = os.Remove(socketPath)
-		if err != nil {
-			return nil, err
-		}
-		return net.ListenUnix("unix", addr)
-	}()
-	unix.Umask(oldUmask)
-
-	if err != nil {
-		return nil, err
-	}
-
-	return listener.File()
-}

ipc/uapi_linux.go

@@ -1,28 +1,16 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
-package main
+package ipc
 
 import (
-	"errors"
-	"fmt"
-	"git.zx2c4.com/wireguard-go/rwcancel"
-	"golang.org/x/sys/unix"
 	"net"
 	"os"
-	"path"
-)
 
-const (
-	ipcErrorIO        = -int64(unix.EIO)
-	ipcErrorProtocol  = -int64(unix.EPROTO)
-	ipcErrorInvalid   = -int64(unix.EINVAL)
-	ipcErrorPortInUse = -int64(unix.EADDRINUSE)
-	socketDirectory   = "/var/run/wireguard"
-	socketName        = "%s.sock"
+	"golang.org/x/sys/unix"
+	"golang.zx2c4.com/wireguard/rwcancel"
 )
 
 type UAPIListener struct {
@@ -83,10 +71,7 @@ func UAPIListen(name string, file *os.File) (net.Listener, error) {
 
 	// watch for deletion of socket
 
-	socketPath := path.Join(
-		socketDirectory,
-		fmt.Sprintf(socketName, name),
-	)
+	socketPath := sockPath(name)
 
 	uapi.inotifyFd, err = unix.InotifyInit()
 	if err != nil {
@@ -114,6 +99,7 @@ func UAPIListen(name string, file *os.File) (net.Listener, error) {
 	go func(l *UAPIListener) {
 		var buff [0]byte
 		for {
+			defer uapi.inotifyRWCancel.Close()
 			// start with lstat to avoid race condition
 			if _, err := os.Lstat(socketPath); os.IsNotExist(err) {
 				l.connErr <- err
@@ -142,58 +128,3 @@ func UAPIListen(name string, file *os.File) (net.Listener, error) {
 
 	return uapi, nil
 }
-
-func UAPIOpen(name string) (*os.File, error) {
-
-	// check if path exist
-
-	err := os.MkdirAll(socketDirectory, 0755)
-	if err != nil && !os.IsExist(err) {
-		return nil, err
-	}
-
-	// open UNIX socket
-
-	socketPath := path.Join(
-		socketDirectory,
-		fmt.Sprintf(socketName, name),
-	)
-
-	addr, err := net.ResolveUnixAddr("unix", socketPath)
-	if err != nil {
-		return nil, err
-	}
-
-	oldUmask := unix.Umask(0077)
-	listener, err := func() (*net.UnixListener, error) {
-
-		// initial connection attempt
-
-		listener, err := net.ListenUnix("unix", addr)
-		if err == nil {
-			return listener, nil
-		}
-
-		// check if socket already active
-
-		_, err = net.Dial("unix", socketPath)
-		if err == nil {
-			return nil, errors.New("unix socket in use")
-		}
-
-		// cleanup & attempt again
-
-		err = os.Remove(socketPath)
-		if err != nil {
-			return nil, err
-		}
-		return net.ListenUnix("unix", addr)
-	}()
-	unix.Umask(oldUmask)
-
-	if err != nil {
-		return nil, err
-	}
-
-	return listener.File()
-}

ipc/uapi_unix.go

@@ -0,0 +1,66 @@
+// +build linux darwin freebsd openbsd
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package ipc
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"os"
+
+	"golang.org/x/sys/unix"
+)
+
+const (
+	IpcErrorIO        = -int64(unix.EIO)
+	IpcErrorProtocol  = -int64(unix.EPROTO)
+	IpcErrorInvalid   = -int64(unix.EINVAL)
+	IpcErrorPortInUse = -int64(unix.EADDRINUSE)
+	IpcErrorUnknown   = -55 // ENOANO
+)
+
+// socketDirectory is variable because it is modified by a linker
+// flag in wireguard-android.
+var socketDirectory = "/var/run/wireguard"
+
+func sockPath(iface string) string {
+	return fmt.Sprintf("%s/%s.sock", socketDirectory, iface)
+}
+
+func UAPIOpen(name string) (*os.File, error) {
+	if err := os.MkdirAll(socketDirectory, 0755); err != nil {
+		return nil, err
+	}
+
+	socketPath := sockPath(name)
+	addr, err := net.ResolveUnixAddr("unix", socketPath)
+	if err != nil {
+		return nil, err
+	}
+
+	oldUmask := unix.Umask(0077)
+	defer unix.Umask(oldUmask)
+
+	listener, err := net.ListenUnix("unix", addr)
+	if err == nil {
+		return listener.File()
+	}
+
+	// Test socket, if not in use cleanup and try again.
+	if _, err := net.Dial("unix", socketPath); err == nil {
+		return nil, errors.New("unix socket in use")
+	}
+	if err := os.Remove(socketPath); err != nil {
+		return nil, err
+	}
+	listener, err = net.ListenUnix("unix", addr)
+	if err != nil {
+		return nil, err
+	}
+	return listener.File()
+}

ipc/uapi_windows.go

@@ -0,0 +1,91 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package ipc
+
+import (
+	"net"
+
+	"golang.org/x/sys/windows"
+
+	"golang.zx2c4.com/wireguard/ipc/winpipe"
+)
+
+// TODO: replace these with actual standard windows error numbers from the win package
+const (
+	IpcErrorIO        = -int64(5)
+	IpcErrorProtocol  = -int64(71)
+	IpcErrorInvalid   = -int64(22)
+	IpcErrorPortInUse = -int64(98)
+	IpcErrorUnknown   = -int64(55)
+)
+
+type UAPIListener struct {
+	listener net.Listener // unix socket listener
+	connNew  chan net.Conn
+	connErr  chan error
+	kqueueFd int
+	keventFd int
+}
+
+func (l *UAPIListener) Accept() (net.Conn, error) {
+	for {
+		select {
+		case conn := <-l.connNew:
+			return conn, nil
+
+		case err := <-l.connErr:
+			return nil, err
+		}
+	}
+}
+
+func (l *UAPIListener) Close() error {
+	return l.listener.Close()
+}
+
+func (l *UAPIListener) Addr() net.Addr {
+	return l.listener.Addr()
+}
+
+var UAPISecurityDescriptor *windows.SECURITY_DESCRIPTOR
+
+func init() {
+	var err error
+	/* SDDL_DEVOBJ_SYS_ALL from the WDK */
+	UAPISecurityDescriptor, err = windows.SecurityDescriptorFromString("O:SYD:P(A;;GA;;;SY)")
+	if err != nil {
+		panic(err)
+	}
+}
+
+func UAPIListen(name string) (net.Listener, error) {
+	config := winpipe.PipeConfig{
+		SecurityDescriptor: UAPISecurityDescriptor,
+	}
+	listener, err := winpipe.ListenPipe(`\\.\pipe\ProtectedPrefix\Administrators\WireGuard\`+name, &config)
+	if err != nil {
+		return nil, err
+	}
+
+	uapi := &UAPIListener{
+		listener: listener,
+		connNew:  make(chan net.Conn, 1),
+		connErr:  make(chan error, 1),
+	}
+
+	go func(l *UAPIListener) {
+		for {
+			conn, err := l.listener.Accept()
+			if err != nil {
+				l.connErr <- err
+				break
+			}
+			l.connNew <- conn
+		}
+	}(uapi)
+
+	return uapi, nil
+}

ipc/winpipe/file.go

@@ -0,0 +1,323 @@
+// +build windows
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2005 Microsoft
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+package winpipe
+
+import (
+	"errors"
+	"io"
+	"runtime"
+	"sync"
+	"sync/atomic"
+	"time"
+
+	"golang.org/x/sys/windows"
+)
+
+//sys cancelIoEx(file windows.Handle, o *windows.Overlapped) (err error) = CancelIoEx
+//sys createIoCompletionPort(file windows.Handle, port windows.Handle, key uintptr, threadCount uint32) (newport windows.Handle, err error) = CreateIoCompletionPort
+//sys getQueuedCompletionStatus(port windows.Handle, bytes *uint32, key *uintptr, o **ioOperation, timeout uint32) (err error) = GetQueuedCompletionStatus
+//sys setFileCompletionNotificationModes(h windows.Handle, flags uint8) (err error) = SetFileCompletionNotificationModes
+//sys wsaGetOverlappedResult(h windows.Handle, o *windows.Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) = ws2_32.WSAGetOverlappedResult
+
+type atomicBool int32
+
+func (b *atomicBool) isSet() bool { return atomic.LoadInt32((*int32)(b)) != 0 }
+func (b *atomicBool) setFalse()   { atomic.StoreInt32((*int32)(b), 0) }
+func (b *atomicBool) setTrue()    { atomic.StoreInt32((*int32)(b), 1) }
+func (b *atomicBool) swap(new bool) bool {
+	var newInt int32
+	if new {
+		newInt = 1
+	}
+	return atomic.SwapInt32((*int32)(b), newInt) == 1
+}
+
+const (
+	cFILE_SKIP_COMPLETION_PORT_ON_SUCCESS = 1
+	cFILE_SKIP_SET_EVENT_ON_HANDLE        = 2
+)
+
+var (
+	ErrFileClosed = errors.New("file has already been closed")
+	ErrTimeout    = &timeoutError{}
+)
+
+type timeoutError struct{}
+
+func (e *timeoutError) Error() string   { return "i/o timeout" }
+func (e *timeoutError) Timeout() bool   { return true }
+func (e *timeoutError) Temporary() bool { return true }
+
+type timeoutChan chan struct{}
+
+var ioInitOnce sync.Once
+var ioCompletionPort windows.Handle
+
+// ioResult contains the result of an asynchronous IO operation
+type ioResult struct {
+	bytes uint32
+	err   error
+}
+
+// ioOperation represents an outstanding asynchronous Win32 IO
+type ioOperation struct {
+	o  windows.Overlapped
+	ch chan ioResult
+}
+
+func initIo() {
+	h, err := createIoCompletionPort(windows.InvalidHandle, 0, 0, 0xffffffff)
+	if err != nil {
+		panic(err)
+	}
+	ioCompletionPort = h
+	go ioCompletionProcessor(h)
+}
+
+// win32File implements Reader, Writer, and Closer on a Win32 handle without blocking in a syscall.
+// It takes ownership of this handle and will close it if it is garbage collected.
+type win32File struct {
+	handle        windows.Handle
+	wg            sync.WaitGroup
+	wgLock        sync.RWMutex
+	closing       atomicBool
+	socket        bool
+	readDeadline  deadlineHandler
+	writeDeadline deadlineHandler
+}
+
+type deadlineHandler struct {
+	setLock     sync.Mutex
+	channel     timeoutChan
+	channelLock sync.RWMutex
+	timer       *time.Timer
+	timedout    atomicBool
+}
+
+// makeWin32File makes a new win32File from an existing file handle
+func makeWin32File(h windows.Handle) (*win32File, error) {
+	f := &win32File{handle: h}
+	ioInitOnce.Do(initIo)
+	_, err := createIoCompletionPort(h, ioCompletionPort, 0, 0xffffffff)
+	if err != nil {
+		return nil, err
+	}
+	err = setFileCompletionNotificationModes(h, cFILE_SKIP_COMPLETION_PORT_ON_SUCCESS|cFILE_SKIP_SET_EVENT_ON_HANDLE)
+	if err != nil {
+		return nil, err
+	}
+	f.readDeadline.channel = make(timeoutChan)
+	f.writeDeadline.channel = make(timeoutChan)
+	return f, nil
+}
+
+func MakeOpenFile(h windows.Handle) (io.ReadWriteCloser, error) {
+	return makeWin32File(h)
+}
+
+// closeHandle closes the resources associated with a Win32 handle
+func (f *win32File) closeHandle() {
+	f.wgLock.Lock()
+	// Atomically set that we are closing, releasing the resources only once.
+	if !f.closing.swap(true) {
+		f.wgLock.Unlock()
+		// cancel all IO and wait for it to complete
+		cancelIoEx(f.handle, nil)
+		f.wg.Wait()
+		// at this point, no new IO can start
+		windows.Close(f.handle)
+		f.handle = 0
+	} else {
+		f.wgLock.Unlock()
+	}
+}
+
+// Close closes a win32File.
+func (f *win32File) Close() error {
+	f.closeHandle()
+	return nil
+}
+
+// prepareIo prepares for a new IO operation.
+// The caller must call f.wg.Done() when the IO is finished, prior to Close() returning.
+func (f *win32File) prepareIo() (*ioOperation, error) {
+	f.wgLock.RLock()
+	if f.closing.isSet() {
+		f.wgLock.RUnlock()
+		return nil, ErrFileClosed
+	}
+	f.wg.Add(1)
+	f.wgLock.RUnlock()
+	c := &ioOperation{}
+	c.ch = make(chan ioResult)
+	return c, nil
+}
+
+// ioCompletionProcessor processes completed async IOs forever
+func ioCompletionProcessor(h windows.Handle) {
+	for {
+		var bytes uint32
+		var key uintptr
+		var op *ioOperation
+		err := getQueuedCompletionStatus(h, &bytes, &key, &op, windows.INFINITE)
+		if op == nil {
+			panic(err)
+		}
+		op.ch <- ioResult{bytes, err}
+	}
+}
+
+// asyncIo processes the return value from ReadFile or WriteFile, blocking until
+// the operation has actually completed.
+func (f *win32File) asyncIo(c *ioOperation, d *deadlineHandler, bytes uint32, err error) (int, error) {
+	if err != windows.ERROR_IO_PENDING {
+		return int(bytes), err
+	}
+
+	if f.closing.isSet() {
+		cancelIoEx(f.handle, &c.o)
+	}
+
+	var timeout timeoutChan
+	if d != nil {
+		d.channelLock.Lock()
+		timeout = d.channel
+		d.channelLock.Unlock()
+	}
+
+	var r ioResult
+	select {
+	case r = <-c.ch:
+		err = r.err
+		if err == windows.ERROR_OPERATION_ABORTED {
+			if f.closing.isSet() {
+				err = ErrFileClosed
+			}
+		} else if err != nil && f.socket {
+			// err is from Win32. Query the overlapped structure to get the winsock error.
+			var bytes, flags uint32
+			err = wsaGetOverlappedResult(f.handle, &c.o, &bytes, false, &flags)
+		}
+	case <-timeout:
+		cancelIoEx(f.handle, &c.o)
+		r = <-c.ch
+		err = r.err
+		if err == windows.ERROR_OPERATION_ABORTED {
+			err = ErrTimeout
+		}
+	}
+
+	// runtime.KeepAlive is needed, as c is passed via native
+	// code to ioCompletionProcessor, c must remain alive
+	// until the channel read is complete.
+	runtime.KeepAlive(c)
+	return int(r.bytes), err
+}
+
+// Read reads from a file handle.
+func (f *win32File) Read(b []byte) (int, error) {
+	c, err := f.prepareIo()
+	if err != nil {
+		return 0, err
+	}
+	defer f.wg.Done()
+
+	if f.readDeadline.timedout.isSet() {
+		return 0, ErrTimeout
+	}
+
+	var bytes uint32
+	err = windows.ReadFile(f.handle, b, &bytes, &c.o)
+	n, err := f.asyncIo(c, &f.readDeadline, bytes, err)
+	runtime.KeepAlive(b)
+
+	// Handle EOF conditions.
+	if err == nil && n == 0 && len(b) != 0 {
+		return 0, io.EOF
+	} else if err == windows.ERROR_BROKEN_PIPE {
+		return 0, io.EOF
+	} else {
+		return n, err
+	}
+}
+
+// Write writes to a file handle.
+func (f *win32File) Write(b []byte) (int, error) {
+	c, err := f.prepareIo()
+	if err != nil {
+		return 0, err
+	}
+	defer f.wg.Done()
+
+	if f.writeDeadline.timedout.isSet() {
+		return 0, ErrTimeout
+	}
+
+	var bytes uint32
+	err = windows.WriteFile(f.handle, b, &bytes, &c.o)
+	n, err := f.asyncIo(c, &f.writeDeadline, bytes, err)
+	runtime.KeepAlive(b)
+	return n, err
+}
+
+func (f *win32File) SetReadDeadline(deadline time.Time) error {
+	return f.readDeadline.set(deadline)
+}
+
+func (f *win32File) SetWriteDeadline(deadline time.Time) error {
+	return f.writeDeadline.set(deadline)
+}
+
+func (f *win32File) Flush() error {
+	return windows.FlushFileBuffers(f.handle)
+}
+
+func (f *win32File) Fd() uintptr {
+	return uintptr(f.handle)
+}
+
+func (d *deadlineHandler) set(deadline time.Time) error {
+	d.setLock.Lock()
+	defer d.setLock.Unlock()
+
+	if d.timer != nil {
+		if !d.timer.Stop() {
+			<-d.channel
+		}
+		d.timer = nil
+	}
+	d.timedout.setFalse()
+
+	select {
+	case <-d.channel:
+		d.channelLock.Lock()
+		d.channel = make(chan struct{})
+		d.channelLock.Unlock()
+	default:
+	}
+
+	if deadline.IsZero() {
+		return nil
+	}
+
+	timeoutIO := func() {
+		d.timedout.setTrue()
+		close(d.channel)
+	}
+
+	now := time.Now()
+	duration := deadline.Sub(now)
+	if deadline.After(now) {
+		// Deadline is in the future, set a timer to wait
+		d.timer = time.AfterFunc(duration, timeoutIO)
+	} else {
+		// Deadline is in the past. Cancel all pending IO now.
+		timeoutIO()
+	}
+	return nil
+}

ipc/winpipe/mksyscall.go

@@ -0,0 +1,9 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2005 Microsoft
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package winpipe
+
+//go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go pipe.go file.go

ipc/winpipe/pipe.go

@@ -0,0 +1,509 @@
+// +build windows
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2005 Microsoft
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package winpipe
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"runtime"
+	"time"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+//sys connectNamedPipe(pipe windows.Handle, o *windows.Overlapped) (err error) = ConnectNamedPipe
+//sys createNamedPipe(name string, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *windows.SecurityAttributes) (handle windows.Handle, err error)  [failretval==windows.InvalidHandle] = CreateNamedPipeW
+//sys createFile(name string, access uint32, mode uint32, sa *windows.SecurityAttributes, createmode uint32, attrs uint32, templatefile windows.Handle) (handle windows.Handle, err error) [failretval==windows.InvalidHandle] = CreateFileW
+//sys getNamedPipeInfo(pipe windows.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) = GetNamedPipeInfo
+//sys getNamedPipeHandleState(pipe windows.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
+//sys localAlloc(uFlags uint32, length uint32) (ptr uintptr) = LocalAlloc
+//sys ntCreateNamedPipeFile(pipe *windows.Handle, access uint32, oa *objectAttributes, iosb *ioStatusBlock, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (status ntstatus) = ntdll.NtCreateNamedPipeFile
+//sys rtlNtStatusToDosError(status ntstatus) (winerr error) = ntdll.RtlNtStatusToDosErrorNoTeb
+//sys rtlDosPathNameToNtPathName(name *uint16, ntName *unicodeString, filePart uintptr, reserved uintptr) (status ntstatus) = ntdll.RtlDosPathNameToNtPathName_U
+//sys rtlDefaultNpAcl(dacl *uintptr) (status ntstatus) = ntdll.RtlDefaultNpAcl
+
+type ioStatusBlock struct {
+	Status, Information uintptr
+}
+
+type objectAttributes struct {
+	Length             uintptr
+	RootDirectory      uintptr
+	ObjectName         *unicodeString
+	Attributes         uintptr
+	SecurityDescriptor *windows.SECURITY_DESCRIPTOR
+	SecurityQoS        uintptr
+}
+
+type unicodeString struct {
+	Length        uint16
+	MaximumLength uint16
+	Buffer        uintptr
+}
+
+type ntstatus int32
+
+func (status ntstatus) Err() error {
+	if status >= 0 {
+		return nil
+	}
+	return rtlNtStatusToDosError(status)
+}
+
+const (
+	cSECURITY_SQOS_PRESENT = 0x100000
+	cSECURITY_ANONYMOUS    = 0
+
+	cPIPE_TYPE_MESSAGE = 4
+
+	cPIPE_READMODE_MESSAGE = 2
+
+	cFILE_OPEN   = 1
+	cFILE_CREATE = 2
+
+	cFILE_PIPE_MESSAGE_TYPE          = 1
+	cFILE_PIPE_REJECT_REMOTE_CLIENTS = 2
+)
+
+var (
+	// ErrPipeListenerClosed is returned for pipe operations on listeners that have been closed.
+	// This error should match net.errClosing since docker takes a dependency on its text.
+	ErrPipeListenerClosed = errors.New("use of closed network connection")
+
+	errPipeWriteClosed = errors.New("pipe has been closed for write")
+)
+
+type win32Pipe struct {
+	*win32File
+	path string
+}
+
+type win32MessageBytePipe struct {
+	win32Pipe
+	writeClosed bool
+	readEOF     bool
+}
+
+type pipeAddress string
+
+func (f *win32Pipe) LocalAddr() net.Addr {
+	return pipeAddress(f.path)
+}
+
+func (f *win32Pipe) RemoteAddr() net.Addr {
+	return pipeAddress(f.path)
+}
+
+func (f *win32Pipe) SetDeadline(t time.Time) error {
+	f.SetReadDeadline(t)
+	f.SetWriteDeadline(t)
+	return nil
+}
+
+// CloseWrite closes the write side of a message pipe in byte mode.
+func (f *win32MessageBytePipe) CloseWrite() error {
+	if f.writeClosed {
+		return errPipeWriteClosed
+	}
+	err := f.win32File.Flush()
+	if err != nil {
+		return err
+	}
+	_, err = f.win32File.Write(nil)
+	if err != nil {
+		return err
+	}
+	f.writeClosed = true
+	return nil
+}
+
+// Write writes bytes to a message pipe in byte mode. Zero-byte writes are ignored, since
+// they are used to implement CloseWrite().
+func (f *win32MessageBytePipe) Write(b []byte) (int, error) {
+	if f.writeClosed {
+		return 0, errPipeWriteClosed
+	}
+	if len(b) == 0 {
+		return 0, nil
+	}
+	return f.win32File.Write(b)
+}
+
+// Read reads bytes from a message pipe in byte mode. A read of a zero-byte message on a message
+// mode pipe will return io.EOF, as will all subsequent reads.
+func (f *win32MessageBytePipe) Read(b []byte) (int, error) {
+	if f.readEOF {
+		return 0, io.EOF
+	}
+	n, err := f.win32File.Read(b)
+	if err == io.EOF {
+		// If this was the result of a zero-byte read, then
+		// it is possible that the read was due to a zero-size
+		// message. Since we are simulating CloseWrite with a
+		// zero-byte message, ensure that all future Read() calls
+		// also return EOF.
+		f.readEOF = true
+	} else if err == windows.ERROR_MORE_DATA {
+		// ERROR_MORE_DATA indicates that the pipe's read mode is message mode
+		// and the message still has more bytes. Treat this as a success, since
+		// this package presents all named pipes as byte streams.
+		err = nil
+	}
+	return n, err
+}
+
+func (s pipeAddress) Network() string {
+	return "pipe"
+}
+
+func (s pipeAddress) String() string {
+	return string(s)
+}
+
+// tryDialPipe attempts to dial the pipe at `path` until `ctx` cancellation or timeout.
+func tryDialPipe(ctx context.Context, path *string) (windows.Handle, error) {
+	for {
+		select {
+		case <-ctx.Done():
+			return windows.Handle(0), ctx.Err()
+		default:
+			h, err := createFile(*path, windows.GENERIC_READ|windows.GENERIC_WRITE, 0, nil, windows.OPEN_EXISTING, windows.FILE_FLAG_OVERLAPPED|cSECURITY_SQOS_PRESENT|cSECURITY_ANONYMOUS, 0)
+			if err == nil {
+				return h, nil
+			}
+			if err != windows.ERROR_PIPE_BUSY {
+				return h, &os.PathError{Err: err, Op: "open", Path: *path}
+			}
+			// Wait 10 msec and try again. This is a rather simplistic
+			// view, as we always try each 10 milliseconds.
+			time.Sleep(time.Millisecond * 10)
+		}
+	}
+}
+
+// DialPipe connects to a named pipe by path, timing out if the connection
+// takes longer than the specified duration. If timeout is nil, then we use
+// a default timeout of 2 seconds.  (We do not use WaitNamedPipe.)
+func DialPipe(path string, timeout *time.Duration, expectedOwner *windows.SID) (net.Conn, error) {
+	var absTimeout time.Time
+	if timeout != nil {
+		absTimeout = time.Now().Add(*timeout)
+	} else {
+		absTimeout = time.Now().Add(time.Second * 2)
+	}
+	ctx, _ := context.WithDeadline(context.Background(), absTimeout)
+	conn, err := DialPipeContext(ctx, path, expectedOwner)
+	if err == context.DeadlineExceeded {
+		return nil, ErrTimeout
+	}
+	return conn, err
+}
+
+// DialPipeContext attempts to connect to a named pipe by `path` until `ctx`
+// cancellation or timeout.
+func DialPipeContext(ctx context.Context, path string, expectedOwner *windows.SID) (net.Conn, error) {
+	var err error
+	var h windows.Handle
+	h, err = tryDialPipe(ctx, &path)
+	if err != nil {
+		return nil, err
+	}
+
+	if expectedOwner != nil {
+		sd, err := windows.GetSecurityInfo(h, windows.SE_FILE_OBJECT, windows.OWNER_SECURITY_INFORMATION)
+		if err != nil {
+			windows.Close(h)
+			return nil, err
+		}
+		realOwner, _, err := sd.Owner()
+		if err != nil {
+			windows.Close(h)
+			return nil, err
+		}
+		if !realOwner.Equals(expectedOwner) {
+			windows.Close(h)
+			return nil, windows.ERROR_ACCESS_DENIED
+		}
+	}
+
+	var flags uint32
+	err = getNamedPipeInfo(h, &flags, nil, nil, nil)
+	if err != nil {
+		windows.Close(h)
+		return nil, err
+	}
+
+	f, err := makeWin32File(h)
+	if err != nil {
+		windows.Close(h)
+		return nil, err
+	}
+
+	// If the pipe is in message mode, return a message byte pipe, which
+	// supports CloseWrite().
+	if flags&cPIPE_TYPE_MESSAGE != 0 {
+		return &win32MessageBytePipe{
+			win32Pipe: win32Pipe{win32File: f, path: path},
+		}, nil
+	}
+	return &win32Pipe{win32File: f, path: path}, nil
+}
+
+type acceptResponse struct {
+	f   *win32File
+	err error
+}
+
+type win32PipeListener struct {
+	firstHandle windows.Handle
+	path        string
+	config      PipeConfig
+	acceptCh    chan (chan acceptResponse)
+	closeCh     chan int
+	doneCh      chan int
+}
+
+func makeServerPipeHandle(path string, sd *windows.SECURITY_DESCRIPTOR, c *PipeConfig, first bool) (windows.Handle, error) {
+	path16, err := windows.UTF16FromString(path)
+	if err != nil {
+		return 0, &os.PathError{Op: "open", Path: path, Err: err}
+	}
+
+	var oa objectAttributes
+	oa.Length = unsafe.Sizeof(oa)
+
+	var ntPath unicodeString
+	if err := rtlDosPathNameToNtPathName(&path16[0], &ntPath, 0, 0).Err(); err != nil {
+		return 0, &os.PathError{Op: "open", Path: path, Err: err}
+	}
+	defer windows.LocalFree(windows.Handle(ntPath.Buffer))
+	oa.ObjectName = &ntPath
+
+	// The security descriptor is only needed for the first pipe.
+	if first {
+		if sd != nil {
+			oa.SecurityDescriptor = sd
+		} else {
+			// Construct the default named pipe security descriptor.
+			var dacl uintptr
+			if err := rtlDefaultNpAcl(&dacl).Err(); err != nil {
+				return 0, fmt.Errorf("getting default named pipe ACL: %s", err)
+			}
+			defer windows.LocalFree(windows.Handle(dacl))
+			sd, err := windows.NewSecurityDescriptor()
+			if err != nil {
+				return 0, fmt.Errorf("creating new security descriptor: %s", err)
+			}
+			if err = sd.SetDACL((*windows.ACL)(unsafe.Pointer(dacl)), true, false); err != nil {
+				return 0, fmt.Errorf("assigning dacl: %s", err)
+			}
+			sd, err = sd.ToSelfRelative()
+			if err != nil {
+				return 0, fmt.Errorf("converting to self-relative: %s", err)
+			}
+			oa.SecurityDescriptor = sd
+		}
+	}
+
+	typ := uint32(cFILE_PIPE_REJECT_REMOTE_CLIENTS)
+	if c.MessageMode {
+		typ |= cFILE_PIPE_MESSAGE_TYPE
+	}
+
+	disposition := uint32(cFILE_OPEN)
+	access := uint32(windows.GENERIC_READ | windows.GENERIC_WRITE | windows.SYNCHRONIZE)
+	if first {
+		disposition = cFILE_CREATE
+		// By not asking for read or write access, the named pipe file system
+		// will put this pipe into an initially disconnected state, blocking
+		// client connections until the next call with first == false.
+		access = windows.SYNCHRONIZE
+	}
+
+	timeout := int64(-50 * 10000) // 50ms
+
+	var (
+		h    windows.Handle
+		iosb ioStatusBlock
+	)
+	err = ntCreateNamedPipeFile(&h, access, &oa, &iosb, windows.FILE_SHARE_READ|windows.FILE_SHARE_WRITE, disposition, 0, typ, 0, 0, 0xffffffff, uint32(c.InputBufferSize), uint32(c.OutputBufferSize), &timeout).Err()
+	if err != nil {
+		return 0, &os.PathError{Op: "open", Path: path, Err: err}
+	}
+
+	runtime.KeepAlive(ntPath)
+	return h, nil
+}
+
+func (l *win32PipeListener) makeServerPipe() (*win32File, error) {
+	h, err := makeServerPipeHandle(l.path, nil, &l.config, false)
+	if err != nil {
+		return nil, err
+	}
+	f, err := makeWin32File(h)
+	if err != nil {
+		windows.Close(h)
+		return nil, err
+	}
+	return f, nil
+}
+
+func (l *win32PipeListener) makeConnectedServerPipe() (*win32File, error) {
+	p, err := l.makeServerPipe()
+	if err != nil {
+		return nil, err
+	}
+
+	// Wait for the client to connect.
+	ch := make(chan error)
+	go func(p *win32File) {
+		ch <- connectPipe(p)
+	}(p)
+
+	select {
+	case err = <-ch:
+		if err != nil {
+			p.Close()
+			p = nil
+		}
+	case <-l.closeCh:
+		// Abort the connect request by closing the handle.
+		p.Close()
+		p = nil
+		err = <-ch
+		if err == nil || err == ErrFileClosed {
+			err = ErrPipeListenerClosed
+		}
+	}
+	return p, err
+}
+
+func (l *win32PipeListener) listenerRoutine() {
+	closed := false
+	for !closed {
+		select {
+		case <-l.closeCh:
+			closed = true
+		case responseCh := <-l.acceptCh:
+			var (
+				p   *win32File
+				err error
+			)
+			for {
+				p, err = l.makeConnectedServerPipe()
+				// If the connection was immediately closed by the client, try
+				// again.
+				if err != windows.ERROR_NO_DATA {
+					break
+				}
+			}
+			responseCh <- acceptResponse{p, err}
+			closed = err == ErrPipeListenerClosed
+		}
+	}
+	windows.Close(l.firstHandle)
+	l.firstHandle = 0
+	// Notify Close() and Accept() callers that the handle has been closed.
+	close(l.doneCh)
+}
+
+// PipeConfig contain configuration for the pipe listener.
+type PipeConfig struct {
+	// SecurityDescriptor contains a Windows security descriptor.
+	SecurityDescriptor *windows.SECURITY_DESCRIPTOR
+
+	// MessageMode determines whether the pipe is in byte or message mode. In either
+	// case the pipe is read in byte mode by default. The only practical difference in
+	// this implementation is that CloseWrite() is only supported for message mode pipes;
+	// CloseWrite() is implemented as a zero-byte write, but zero-byte writes are only
+	// transferred to the reader (and returned as io.EOF in this implementation)
+	// when the pipe is in message mode.
+	MessageMode bool
+
+	// InputBufferSize specifies the size the input buffer, in bytes.
+	InputBufferSize int32
+
+	// OutputBufferSize specifies the size the input buffer, in bytes.
+	OutputBufferSize int32
+}
+
+// ListenPipe creates a listener on a Windows named pipe path, e.g. \\.\pipe\mypipe.
+// The pipe must not already exist.
+func ListenPipe(path string, c *PipeConfig) (net.Listener, error) {
+	if c == nil {
+		c = &PipeConfig{}
+	}
+	h, err := makeServerPipeHandle(path, c.SecurityDescriptor, c, true)
+	if err != nil {
+		return nil, err
+	}
+	l := &win32PipeListener{
+		firstHandle: h,
+		path:        path,
+		config:      *c,
+		acceptCh:    make(chan (chan acceptResponse)),
+		closeCh:     make(chan int),
+		doneCh:      make(chan int),
+	}
+	go l.listenerRoutine()
+	return l, nil
+}
+
+func connectPipe(p *win32File) error {
+	c, err := p.prepareIo()
+	if err != nil {
+		return err
+	}
+	defer p.wg.Done()
+
+	err = connectNamedPipe(p.handle, &c.o)
+	_, err = p.asyncIo(c, nil, 0, err)
+	if err != nil && err != windows.ERROR_PIPE_CONNECTED {
+		return err
+	}
+	return nil
+}
+
+func (l *win32PipeListener) Accept() (net.Conn, error) {
+	ch := make(chan acceptResponse)
+	select {
+	case l.acceptCh <- ch:
+		response := <-ch
+		err := response.err
+		if err != nil {
+			return nil, err
+		}
+		if l.config.MessageMode {
+			return &win32MessageBytePipe{
+				win32Pipe: win32Pipe{win32File: response.f, path: l.path},
+			}, nil
+		}
+		return &win32Pipe{win32File: response.f, path: l.path}, nil
+	case <-l.doneCh:
+		return nil, ErrPipeListenerClosed
+	}
+}
+
+func (l *win32PipeListener) Close() error {
+	select {
+	case l.closeCh <- 1:
+		<-l.doneCh
+	case <-l.doneCh:
+	}
+	return nil
+}
+
+func (l *win32PipeListener) Addr() net.Addr {
+	return pipeAddress(l.path)
+}

ipc/winpipe/zsyscall_windows.go

@@ -0,0 +1,238 @@
+// Code generated by 'go generate'; DO NOT EDIT.
+
+package winpipe
+
+import (
+	"syscall"
+	"unsafe"
+
+	"golang.org/x/sys/windows"
+)
+
+var _ unsafe.Pointer
+
+// Do the interface allocations only once for common
+// Errno values.
+const (
+	errnoERROR_IO_PENDING = 997
+)
+
+var (
+	errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING)
+)
+
+// errnoErr returns common boxed Errno values, to prevent
+// allocations at runtime.
+func errnoErr(e syscall.Errno) error {
+	switch e {
+	case 0:
+		return nil
+	case errnoERROR_IO_PENDING:
+		return errERROR_IO_PENDING
+	}
+	// TODO: add more here, after collecting data on the common
+	// error values see on Windows. (perhaps when running
+	// all.bat?)
+	return e
+}
+
+var (
+	modkernel32 = windows.NewLazySystemDLL("kernel32.dll")
+	modntdll    = windows.NewLazySystemDLL("ntdll.dll")
+	modws2_32   = windows.NewLazySystemDLL("ws2_32.dll")
+
+	procConnectNamedPipe                   = modkernel32.NewProc("ConnectNamedPipe")
+	procCreateNamedPipeW                   = modkernel32.NewProc("CreateNamedPipeW")
+	procCreateFileW                        = modkernel32.NewProc("CreateFileW")
+	procGetNamedPipeInfo                   = modkernel32.NewProc("GetNamedPipeInfo")
+	procGetNamedPipeHandleStateW           = modkernel32.NewProc("GetNamedPipeHandleStateW")
+	procLocalAlloc                         = modkernel32.NewProc("LocalAlloc")
+	procNtCreateNamedPipeFile              = modntdll.NewProc("NtCreateNamedPipeFile")
+	procRtlNtStatusToDosErrorNoTeb         = modntdll.NewProc("RtlNtStatusToDosErrorNoTeb")
+	procRtlDosPathNameToNtPathName_U       = modntdll.NewProc("RtlDosPathNameToNtPathName_U")
+	procRtlDefaultNpAcl                    = modntdll.NewProc("RtlDefaultNpAcl")
+	procCancelIoEx                         = modkernel32.NewProc("CancelIoEx")
+	procCreateIoCompletionPort             = modkernel32.NewProc("CreateIoCompletionPort")
+	procGetQueuedCompletionStatus          = modkernel32.NewProc("GetQueuedCompletionStatus")
+	procSetFileCompletionNotificationModes = modkernel32.NewProc("SetFileCompletionNotificationModes")
+	procWSAGetOverlappedResult             = modws2_32.NewProc("WSAGetOverlappedResult")
+)
+
+func connectNamedPipe(pipe windows.Handle, o *windows.Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(o)), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func createNamedPipe(name string, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *windows.SecurityAttributes) (handle windows.Handle, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(name)
+	if err != nil {
+		return
+	}
+	return _createNamedPipe(_p0, flags, pipeMode, maxInstances, outSize, inSize, defaultTimeout, sa)
+}
+
+func _createNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *windows.SecurityAttributes) (handle windows.Handle, err error) {
+	r0, _, e1 := syscall.Syscall9(procCreateNamedPipeW.Addr(), 8, uintptr(unsafe.Pointer(name)), uintptr(flags), uintptr(pipeMode), uintptr(maxInstances), uintptr(outSize), uintptr(inSize), uintptr(defaultTimeout), uintptr(unsafe.Pointer(sa)), 0)
+	handle = windows.Handle(r0)
+	if handle == windows.InvalidHandle {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func createFile(name string, access uint32, mode uint32, sa *windows.SecurityAttributes, createmode uint32, attrs uint32, templatefile windows.Handle) (handle windows.Handle, err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(name)
+	if err != nil {
+		return
+	}
+	return _createFile(_p0, access, mode, sa, createmode, attrs, templatefile)
+}
+
+func _createFile(name *uint16, access uint32, mode uint32, sa *windows.SecurityAttributes, createmode uint32, attrs uint32, templatefile windows.Handle) (handle windows.Handle, err error) {
+	r0, _, e1 := syscall.Syscall9(procCreateFileW.Addr(), 7, uintptr(unsafe.Pointer(name)), uintptr(access), uintptr(mode), uintptr(unsafe.Pointer(sa)), uintptr(createmode), uintptr(attrs), uintptr(templatefile), 0, 0)
+	handle = windows.Handle(r0)
+	if handle == windows.InvalidHandle {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func getNamedPipeInfo(pipe windows.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetNamedPipeInfo.Addr(), 5, uintptr(pipe), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(outSize)), uintptr(unsafe.Pointer(inSize)), uintptr(unsafe.Pointer(maxInstances)), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func getNamedPipeHandleState(pipe windows.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) {
+	r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func localAlloc(uFlags uint32, length uint32) (ptr uintptr) {
+	r0, _, _ := syscall.Syscall(procLocalAlloc.Addr(), 2, uintptr(uFlags), uintptr(length), 0)
+	ptr = uintptr(r0)
+	return
+}
+
+func ntCreateNamedPipeFile(pipe *windows.Handle, access uint32, oa *objectAttributes, iosb *ioStatusBlock, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (status ntstatus) {
+	r0, _, _ := syscall.Syscall15(procNtCreateNamedPipeFile.Addr(), 14, uintptr(unsafe.Pointer(pipe)), uintptr(access), uintptr(unsafe.Pointer(oa)), uintptr(unsafe.Pointer(iosb)), uintptr(share), uintptr(disposition), uintptr(options), uintptr(typ), uintptr(readMode), uintptr(completionMode), uintptr(maxInstances), uintptr(inboundQuota), uintptr(outputQuota), uintptr(unsafe.Pointer(timeout)), 0)
+	status = ntstatus(r0)
+	return
+}
+
+func rtlNtStatusToDosError(status ntstatus) (winerr error) {
+	r0, _, _ := syscall.Syscall(procRtlNtStatusToDosErrorNoTeb.Addr(), 1, uintptr(status), 0, 0)
+	if r0 != 0 {
+		winerr = syscall.Errno(r0)
+	}
+	return
+}
+
+func rtlDosPathNameToNtPathName(name *uint16, ntName *unicodeString, filePart uintptr, reserved uintptr) (status ntstatus) {
+	r0, _, _ := syscall.Syscall6(procRtlDosPathNameToNtPathName_U.Addr(), 4, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(ntName)), uintptr(filePart), uintptr(reserved), 0, 0)
+	status = ntstatus(r0)
+	return
+}
+
+func rtlDefaultNpAcl(dacl *uintptr) (status ntstatus) {
+	r0, _, _ := syscall.Syscall(procRtlDefaultNpAcl.Addr(), 1, uintptr(unsafe.Pointer(dacl)), 0, 0)
+	status = ntstatus(r0)
+	return
+}
+
+func cancelIoEx(file windows.Handle, o *windows.Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procCancelIoEx.Addr(), 2, uintptr(file), uintptr(unsafe.Pointer(o)), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func createIoCompletionPort(file windows.Handle, port windows.Handle, key uintptr, threadCount uint32) (newport windows.Handle, err error) {
+	r0, _, e1 := syscall.Syscall6(procCreateIoCompletionPort.Addr(), 4, uintptr(file), uintptr(port), uintptr(key), uintptr(threadCount), 0, 0)
+	newport = windows.Handle(r0)
+	if newport == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func getQueuedCompletionStatus(port windows.Handle, bytes *uint32, key *uintptr, o **ioOperation, timeout uint32) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetQueuedCompletionStatus.Addr(), 5, uintptr(port), uintptr(unsafe.Pointer(bytes)), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(o)), uintptr(timeout), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func setFileCompletionNotificationModes(h windows.Handle, flags uint8) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileCompletionNotificationModes.Addr(), 2, uintptr(h), uintptr(flags), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func wsaGetOverlappedResult(h windows.Handle, o *windows.Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) {
+	var _p0 uint32
+	if wait {
+		_p0 = 1
+	} else {
+		_p0 = 0
+	}
+	r1, _, e1 := syscall.Syscall6(procWSAGetOverlappedResult.Addr(), 5, uintptr(h), uintptr(unsafe.Pointer(o)), uintptr(unsafe.Pointer(bytes)), uintptr(_p0), uintptr(unsafe.Pointer(flags)), 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}

logger.go

@@ -1,60 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"io"
-	"io/ioutil"
-	"log"
-	"os"
-)
-
-const (
-	LogLevelSilent = iota
-	LogLevelError
-	LogLevelInfo
-	LogLevelDebug
-)
-
-type Logger struct {
-	Debug *log.Logger
-	Info  *log.Logger
-	Error *log.Logger
-}
-
-func NewLogger(level int, prepend string) *Logger {
-	output := os.Stdout
-	logger := new(Logger)
-
-	logErr, logInfo, logDebug := func() (io.Writer, io.Writer, io.Writer) {
-		if level >= LogLevelDebug {
-			return output, output, output
-		}
-		if level >= LogLevelInfo {
-			return output, output, ioutil.Discard
-		}
-		if level >= LogLevelError {
-			return output, ioutil.Discard, ioutil.Discard
-		}
-		return ioutil.Discard, ioutil.Discard, ioutil.Discard
-	}()
-
-	logger.Debug = log.New(logDebug,
-		"DEBUG: "+prepend,
-		log.Ldate|log.Ltime,
-	)
-
-	logger.Info = log.New(logInfo,
-		"INFO: "+prepend,
-		log.Ldate|log.Ltime,
-	)
-	logger.Error = log.New(logErr,
-		"ERROR: "+prepend,
-		log.Ldate|log.Ltime,
-	)
-	return logger
-}

main.go

@@ -1,19 +1,23 @@
-/* SPDX-License-Identifier: GPL-2.0
+// +build !windows
+
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package main
 
 import (
 	"fmt"
-	"git.zx2c4.com/wireguard-go/tun"
 	"os"
 	"os/signal"
 	"runtime"
 	"strconv"
 	"syscall"
+
+	"golang.zx2c4.com/wireguard/device"
+	"golang.zx2c4.com/wireguard/ipc"
+	"golang.zx2c4.com/wireguard/tun"
 )
 
 const (
@@ -33,56 +37,30 @@ func printUsage() {
 }
 
 func warning() {
-	if os.Getenv(ENV_WG_PROCESS_FOREGROUND) == "1" {
+	if runtime.GOOS != "linux" || os.Getenv(ENV_WG_PROCESS_FOREGROUND) == "1" {
 		return
 	}
 
-	shouldQuit := false
-
-	fmt.Fprintln(os.Stderr, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING")
-	fmt.Fprintln(os.Stderr, "W                                                     G")
-	fmt.Fprintln(os.Stderr, "W   This is alpha software. It will very likely not   G")
-	fmt.Fprintln(os.Stderr, "W   do what it is supposed to do, and things may go   G")
-	fmt.Fprintln(os.Stderr, "W   horribly wrong. You have been warned. Proceed     G")
-	fmt.Fprintln(os.Stderr, "W   at your own risk.                                 G")
-	if runtime.GOOS == "linux" {
-		shouldQuit = os.Getenv("WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD") != "1"
-
-		fmt.Fprintln(os.Stderr, "W                                                     G")
-		fmt.Fprintln(os.Stderr, "W   Furthermore, you are running this software on a   G")
-		fmt.Fprintln(os.Stderr, "W   Linux kernel, which is probably unnecessary and   G")
-		fmt.Fprintln(os.Stderr, "W   foolish. This is because the Linux kernel has     G")
-		fmt.Fprintln(os.Stderr, "W   built-in first class support for WireGuard, and   G")
-		fmt.Fprintln(os.Stderr, "W   this support is much more refined than this       G")
-		fmt.Fprintln(os.Stderr, "W   program. For more information on installing the   G")
-		fmt.Fprintln(os.Stderr, "W   kernel module, please visit:                      G")
-		fmt.Fprintln(os.Stderr, "W           https://www.wireguard.com/install         G")
-		if shouldQuit {
-			fmt.Fprintln(os.Stderr, "W                                                     G")
-			fmt.Fprintln(os.Stderr, "W   If you still want to use this program, against    G")
-			fmt.Fprintln(os.Stderr, "W   the sage advice here, please first export this    G")
-			fmt.Fprintln(os.Stderr, "W   environment variable:                             G")
-			fmt.Fprintln(os.Stderr, "W   WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1    G")
-		}
-	}
-	fmt.Fprintln(os.Stderr, "W                                                     G")
-	fmt.Fprintln(os.Stderr, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING")
-
-	if shouldQuit {
-		os.Exit(1)
-	}
+	fmt.Fprintln(os.Stderr, "┌───────────────────────────────────────────────────┐")
+	fmt.Fprintln(os.Stderr, "│                                                   │")
+	fmt.Fprintln(os.Stderr, "│   Running this software on Linux is unnecessary,  │")
+	fmt.Fprintln(os.Stderr, "│   because the Linux kernel has built-in first     │")
+	fmt.Fprintln(os.Stderr, "│   class support for WireGuard, which will be      │")
+	fmt.Fprintln(os.Stderr, "│   faster, slicker, and better integrated. For     │")
+	fmt.Fprintln(os.Stderr, "│   information on installing the kernel module,    │")
+	fmt.Fprintln(os.Stderr, "│   please visit: <https://wireguard.com/install>.  │")
+	fmt.Fprintln(os.Stderr, "│                                                   │")
+	fmt.Fprintln(os.Stderr, "└───────────────────────────────────────────────────┘")
 }
 
 func main() {
 	if len(os.Args) == 2 && os.Args[1] == "--version" {
-		fmt.Printf("wireguard-go v%s\n\nUserspace WireGuard daemon for %s-%s.\nInformation available at https://www.wireguard.com.\nCopyright (C) Jason A. Donenfeld <Jason@zx2c4.com>.\n", WireGuardGoVersion, runtime.GOOS, runtime.GOARCH)
+		fmt.Printf("wireguard-go v%s\n\nUserspace WireGuard daemon for %s-%s.\nInformation available at https://www.wireguard.com.\nCopyright (C) Jason A. Donenfeld <Jason@zx2c4.com>.\n", Version, runtime.GOOS, runtime.GOARCH)
 		return
 	}
 
 	warning()
 
-	// parse arguments
-
 	var foreground bool
 	var interfaceName string
 	if len(os.Args) < 2 || len(os.Args) > 3 {
@@ -117,24 +95,22 @@ func main() {
 
 	logLevel := func() int {
 		switch os.Getenv("LOG_LEVEL") {
-		case "debug":
-			return LogLevelDebug
-		case "info":
-			return LogLevelInfo
+		case "verbose", "debug":
+			return device.LogLevelVerbose
 		case "error":
-			return LogLevelError
+			return device.LogLevelError
 		case "silent":
-			return LogLevelSilent
+			return device.LogLevelSilent
 		}
-		return LogLevelInfo
+		return device.LogLevelError
 	}()
 
 	// open TUN device (or use supplied fd)
 
-	tun, err := func() (tun.TUNDevice, error) {
+	tun, err := func() (tun.Device, error) {
 		tunFdStr := os.Getenv(ENV_WG_TUN_FD)
 		if tunFdStr == "" {
-			return tun.CreateTUN(interfaceName, DefaultMTU)
+			return tun.CreateTUN(interfaceName, device.DefaultMTU)
 		}
 
 		// construct tun device from supplied fd
@@ -144,8 +120,13 @@ func main() {
 			return nil, err
 		}
 
+		err = syscall.SetNonblock(int(fd), true)
+		if err != nil {
+			return nil, err
+		}
+
 		file := os.NewFile(uintptr(fd), "")
-		return tun.CreateTUNFromFile(file, DefaultMTU)
+		return tun.CreateTUNFromFile(file, device.DefaultMTU)
 	}()
 
 	if err == nil {
@@ -155,17 +136,15 @@ func main() {
 		}
 	}
 
-	logger := NewLogger(
+	logger := device.NewLogger(
 		logLevel,
 		fmt.Sprintf("(%s) ", interfaceName),
 	)
 
-	logger.Info.Println("Starting wireguard-go version", WireGuardGoVersion)
-
-	logger.Debug.Println("Debug log enabled")
+	logger.Verbosef("Starting wireguard-go version %s", Version)
 
 	if err != nil {
-		logger.Error.Println("Failed to create TUN device:", err)
+		logger.Errorf("Failed to create TUN device: %v", err)
 		os.Exit(ExitSetupFailed)
 	}
 
@@ -174,7 +153,7 @@ func main() {
 	fileUAPI, err := func() (*os.File, error) {
 		uapiFdStr := os.Getenv(ENV_WG_UAPI_FD)
 		if uapiFdStr == "" {
-			return UAPIOpen(interfaceName)
+			return ipc.UAPIOpen(interfaceName)
 		}
 
 		// use supplied fd
@@ -188,7 +167,7 @@ func main() {
 	}()
 
 	if err != nil {
-		logger.Error.Println("UAPI listen error:", err)
+		logger.Errorf("UAPI listen error: %v", err)
 		os.Exit(ExitSetupFailed)
 		return
 	}
@@ -200,7 +179,7 @@ func main() {
 		env = append(env, fmt.Sprintf("%s=4", ENV_WG_UAPI_FD))
 		env = append(env, fmt.Sprintf("%s=1", ENV_WG_PROCESS_FOREGROUND))
 		files := [3]*os.File{}
-		if os.Getenv("LOG_LEVEL") != "" && logLevel != LogLevelSilent {
+		if os.Getenv("LOG_LEVEL") != "" && logLevel != device.LogLevelSilent {
 			files[0], _ = os.Open(os.DevNull)
 			files[1] = os.Stdout
 			files[2] = os.Stderr
@@ -223,7 +202,7 @@ func main() {
 
 		path, err := os.Executable()
 		if err != nil {
-			logger.Error.Println("Failed to determine executable:", err)
+			logger.Errorf("Failed to determine executable: %v", err)
 			os.Exit(ExitSetupFailed)
 		}
 
@@ -233,23 +212,23 @@ func main() {
 			attr,
 		)
 		if err != nil {
-			logger.Error.Println("Failed to daemonize:", err)
+			logger.Errorf("Failed to daemonize: %v", err)
 			os.Exit(ExitSetupFailed)
 		}
 		process.Release()
 		return
 	}
 
-	device := NewDevice(tun, logger)
+	device := device.NewDevice(tun, logger)
 
-	logger.Info.Println("Device started")
+	logger.Verbosef("Device started")
 
 	errs := make(chan error)
 	term := make(chan os.Signal, 1)
 
-	uapi, err := UAPIListen(interfaceName, fileUAPI)
+	uapi, err := ipc.UAPIListen(interfaceName, fileUAPI)
 	if err != nil {
-		logger.Error.Println("Failed to listen on uapi socket:", err)
+		logger.Errorf("Failed to listen on uapi socket: %v", err)
 		os.Exit(ExitSetupFailed)
 	}
 
@@ -260,11 +239,11 @@ func main() {
 				errs <- err
 				return
 			}
-			go ipcHandle(device, conn)
+			go device.IpcHandle(conn)
 		}
 	}()
 
-	logger.Info.Println("UAPI listener started")
+	logger.Verbosef("UAPI listener started")
 
 	// wait for program to terminate
 
@@ -282,5 +261,5 @@ func main() {
 	uapi.Close()
 	device.Close()
 
-	logger.Info.Println("Shutting down")
+	logger.Verbosef("Shutting down")
 }

main_windows.go

@@ -0,0 +1,97 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/signal"
+	"syscall"
+
+	"golang.zx2c4.com/wireguard/device"
+	"golang.zx2c4.com/wireguard/ipc"
+
+	"golang.zx2c4.com/wireguard/tun"
+)
+
+const (
+	ExitSetupSuccess = 0
+	ExitSetupFailed  = 1
+)
+
+func main() {
+	if len(os.Args) != 2 {
+		os.Exit(ExitSetupFailed)
+	}
+	interfaceName := os.Args[1]
+
+	fmt.Fprintln(os.Stderr, "Warning: this is a test program for Windows, mainly used for debugging this Go package. For a real WireGuard for Windows client, the repo you want is <https://git.zx2c4.com/wireguard-windows/>, which includes this code as a module.")
+
+	logger := device.NewLogger(
+		device.LogLevelVerbose,
+		fmt.Sprintf("(%s) ", interfaceName),
+	)
+	logger.Verbosef("Starting wireguard-go version %s", Version)
+
+	tun, err := tun.CreateTUN(interfaceName, 0)
+	if err == nil {
+		realInterfaceName, err2 := tun.Name()
+		if err2 == nil {
+			interfaceName = realInterfaceName
+		}
+	} else {
+		logger.Errorf("Failed to create TUN device: %v", err)
+		os.Exit(ExitSetupFailed)
+	}
+
+	device := device.NewDevice(tun, logger)
+	err = device.Up()
+	if err != nil {
+		logger.Errorf("Failed to bring up device: %v", err)
+		os.Exit(ExitSetupFailed)
+	}
+	logger.Verbosef("Device started")
+
+	uapi, err := ipc.UAPIListen(interfaceName)
+	if err != nil {
+		logger.Errorf("Failed to listen on uapi socket: %v", err)
+		os.Exit(ExitSetupFailed)
+	}
+
+	errs := make(chan error)
+	term := make(chan os.Signal, 1)
+
+	go func() {
+		for {
+			conn, err := uapi.Accept()
+			if err != nil {
+				errs <- err
+				return
+			}
+			go device.IpcHandle(conn)
+		}
+	}()
+	logger.Verbosef("UAPI listener started")
+
+	// wait for program to terminate
+
+	signal.Notify(term, os.Interrupt)
+	signal.Notify(term, os.Kill)
+	signal.Notify(term, syscall.SIGTERM)
+
+	select {
+	case <-term:
+	case <-errs:
+	case <-device.Wait():
+	}
+
+	// clean up
+
+	uapi.Close()
+	device.Close()
+
+	logger.Verbosef("Shutting down")
+}

peer.go

@@ -1,271 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"encoding/base64"
-	"errors"
-	"fmt"
-	"sync"
-	"time"
-)
-
-const (
-	PeerRoutineNumber = 3
-)
-
-type Peer struct {
-	isRunning                   AtomicBool
-	mutex                       sync.RWMutex // Mostly protects endpoint, but is generally taken whenever we modify peer
-	keypairs                    Keypairs
-	handshake                   Handshake
-	device                      *Device
-	endpoint                    Endpoint
-	persistentKeepaliveInterval uint16
-
-	// This must be 64-bit aligned, so make sure the above members come out to even alignment and pad accordingly
-	stats struct {
-		txBytes           uint64 // bytes send to peer (endpoint)
-		rxBytes           uint64 // bytes received from peer
-		lastHandshakeNano int64  // nano seconds since epoch
-	}
-
-	timers struct {
-		retransmitHandshake     *Timer
-		sendKeepalive           *Timer
-		newHandshake            *Timer
-		zeroKeyMaterial         *Timer
-		persistentKeepalive     *Timer
-		handshakeAttempts       uint32
-		needAnotherKeepalive    AtomicBool
-		sentLastMinuteHandshake AtomicBool
-	}
-
-	signals struct {
-		newKeypairArrived chan struct{}
-		flushNonceQueue   chan struct{}
-	}
-
-	queue struct {
-		nonce                           chan *QueueOutboundElement // nonce / pre-handshake queue
-		outbound                        chan *QueueOutboundElement // sequential ordering of work
-		inbound                         chan *QueueInboundElement  // sequential ordering of work
-		packetInNonceQueueIsAwaitingKey AtomicBool
-	}
-
-	routines struct {
-		mutex    sync.Mutex     // held when stopping / starting routines
-		starting sync.WaitGroup // routines pending start
-		stopping sync.WaitGroup // routines pending stop
-		stop     chan struct{}  // size 0, stop all go routines in peer
-	}
-
-	cookieGenerator CookieGenerator
-}
-
-func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
-
-	if device.isClosed.Get() {
-		return nil, errors.New("device closed")
-	}
-
-	// lock resources
-
-	device.staticIdentity.mutex.RLock()
-	defer device.staticIdentity.mutex.RUnlock()
-
-	device.peers.mutex.Lock()
-	defer device.peers.mutex.Unlock()
-
-	// check if over limit
-
-	if len(device.peers.keyMap) >= MaxPeers {
-		return nil, errors.New("too many peers")
-	}
-
-	// create peer
-
-	peer := new(Peer)
-	peer.mutex.Lock()
-	defer peer.mutex.Unlock()
-
-	peer.cookieGenerator.Init(pk)
-	peer.device = device
-	peer.isRunning.Set(false)
-
-	// map public key
-
-	_, ok := device.peers.keyMap[pk]
-	if ok {
-		return nil, errors.New("adding existing peer")
-	}
-	device.peers.keyMap[pk] = peer
-
-	// pre-compute DH
-
-	handshake := &peer.handshake
-	handshake.mutex.Lock()
-	handshake.remoteStatic = pk
-	handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
-	handshake.mutex.Unlock()
-
-	// reset endpoint
-
-	peer.endpoint = nil
-
-	// start peer
-
-	if peer.device.isUp.Get() {
-		peer.Start()
-	}
-
-	return peer, nil
-}
-
-func (peer *Peer) SendBuffer(buffer []byte) error {
-	peer.device.net.mutex.RLock()
-	defer peer.device.net.mutex.RUnlock()
-
-	if peer.device.net.bind == nil {
-		return errors.New("no bind")
-	}
-
-	peer.mutex.RLock()
-	defer peer.mutex.RUnlock()
-
-	if peer.endpoint == nil {
-		return errors.New("no known endpoint for peer")
-	}
-
-	return peer.device.net.bind.Send(buffer, peer.endpoint)
-}
-
-func (peer *Peer) String() string {
-	base64Key := base64.StdEncoding.EncodeToString(peer.handshake.remoteStatic[:])
-	abbreviatedKey := "invalid"
-	if len(base64Key) == 44 {
-		abbreviatedKey = base64Key[0:4] + "…" + base64Key[39:43]
-	}
-	return fmt.Sprintf("peer(%s)", abbreviatedKey)
-}
-
-func (peer *Peer) Start() {
-
-	// should never start a peer on a closed device
-
-	if peer.device.isClosed.Get() {
-		return
-	}
-
-	// prevent simultaneous start/stop operations
-
-	peer.routines.mutex.Lock()
-	defer peer.routines.mutex.Unlock()
-
-	if peer.isRunning.Get() {
-		return
-	}
-
-	device := peer.device
-	device.log.Debug.Println(peer, "- Starting...")
-
-	// reset routine state
-
-	peer.routines.starting.Wait()
-	peer.routines.stopping.Wait()
-	peer.routines.stop = make(chan struct{})
-	peer.routines.starting.Add(PeerRoutineNumber)
-	peer.routines.stopping.Add(PeerRoutineNumber)
-
-	// prepare queues
-
-	peer.queue.nonce = make(chan *QueueOutboundElement, QueueOutboundSize)
-	peer.queue.outbound = make(chan *QueueOutboundElement, QueueOutboundSize)
-	peer.queue.inbound = make(chan *QueueInboundElement, QueueInboundSize)
-
-	peer.timersInit()
-	peer.handshake.lastSentHandshake = time.Now().Add(-(RekeyTimeout + time.Second))
-	peer.signals.newKeypairArrived = make(chan struct{}, 1)
-	peer.signals.flushNonceQueue = make(chan struct{}, 1)
-
-	// wait for routines to start
-
-	go peer.RoutineNonce()
-	go peer.RoutineSequentialSender()
-	go peer.RoutineSequentialReceiver()
-
-	peer.routines.starting.Wait()
-	peer.isRunning.Set(true)
-}
-
-func (peer *Peer) ZeroAndFlushAll() {
-	device := peer.device
-
-	// clear key pairs
-
-	keypairs := &peer.keypairs
-	keypairs.mutex.Lock()
-	device.DeleteKeypair(keypairs.previous)
-	device.DeleteKeypair(keypairs.current)
-	device.DeleteKeypair(keypairs.next)
-	keypairs.previous = nil
-	keypairs.current = nil
-	keypairs.next = nil
-	keypairs.mutex.Unlock()
-
-	// clear handshake state
-
-	handshake := &peer.handshake
-	handshake.mutex.Lock()
-	device.indexTable.Delete(handshake.localIndex)
-	handshake.Clear()
-	handshake.mutex.Unlock()
-
-	peer.FlushNonceQueue()
-}
-
-func (peer *Peer) Stop() {
-
-	// prevent simultaneous start/stop operations
-
-	if !peer.isRunning.Swap(false) {
-		return
-	}
-
-	peer.routines.starting.Wait()
-
-	peer.routines.mutex.Lock()
-	defer peer.routines.mutex.Unlock()
-
-	peer.device.log.Debug.Println(peer, "- Stopping...")
-
-	peer.timersStop()
-
-	// stop & wait for ongoing peer routines
-
-	close(peer.routines.stop)
-	peer.routines.stopping.Wait()
-
-	// close queues
-
-	close(peer.queue.nonce)
-	close(peer.queue.outbound)
-	close(peer.queue.inbound)
-
-	peer.ZeroAndFlushAll()
-}
-
-var roamingDisabled bool
-
-func (peer *Peer) SetEndpointFromPacket(endpoint Endpoint) {
-	if roamingDisabled {
-		return
-	}
-	peer.mutex.Lock()
-	peer.endpoint = endpoint
-	peer.mutex.Unlock()
-}

ratelimiter/ratelimiter.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package ratelimiter
@@ -20,21 +20,23 @@ const (
 )
 
 type RatelimiterEntry struct {
-	mutex    sync.Mutex
+	mu       sync.Mutex
 	lastTime time.Time
 	tokens   int64
 }
 
 type Ratelimiter struct {
-	mutex     sync.RWMutex
-	stopReset chan struct{}
+	mu      sync.RWMutex
+	timeNow func() time.Time
+
+	stopReset chan struct{} // send to reset, close to stop
 	tableIPv4 map[[net.IPv4len]byte]*RatelimiterEntry
 	tableIPv6 map[[net.IPv6len]byte]*RatelimiterEntry
 }
 
 func (rate *Ratelimiter) Close() {
-	rate.mutex.Lock()
-	defer rate.mutex.Unlock()
+	rate.mu.Lock()
+	defer rate.mu.Unlock()
 
 	if rate.stopReset != nil {
 		close(rate.stopReset)
@@ -42,11 +44,14 @@ func (rate *Ratelimiter) Close() {
 }
 
 func (rate *Ratelimiter) Init() {
-	rate.mutex.Lock()
-	defer rate.mutex.Unlock()
+	rate.mu.Lock()
+	defer rate.mu.Unlock()
+
+	if rate.timeNow == nil {
+		rate.timeNow = time.Now
+	}
 
 	// stop any ongoing garbage collection routine
-
 	if rate.stopReset != nil {
 		close(rate.stopReset)
 	}
@@ -55,48 +60,50 @@ func (rate *Ratelimiter) Init() {
 	rate.tableIPv4 = make(map[[net.IPv4len]byte]*RatelimiterEntry)
 	rate.tableIPv6 = make(map[[net.IPv6len]byte]*RatelimiterEntry)
 
-	// start garbage collection routine
+	stopReset := rate.stopReset // store in case Init is called again.
 
+	// Start garbage collection routine.
 	go func() {
 		ticker := time.NewTicker(time.Second)
 		ticker.Stop()
 		for {
 			select {
-			case _, ok := <-rate.stopReset:
+			case _, ok := <-stopReset:
 				ticker.Stop()
-				if ok {
-					ticker = time.NewTicker(time.Second)
-				} else {
+				if !ok {
 					return
 				}
+				ticker = time.NewTicker(time.Second)
 			case <-ticker.C:
-				func() {
-					rate.mutex.Lock()
-					defer rate.mutex.Unlock()
+				if rate.cleanup() {
+					ticker.Stop()
+				}
+			}
+		}
+	}()
+}
+
+func (rate *Ratelimiter) cleanup() (empty bool) {
+	rate.mu.Lock()
+	defer rate.mu.Unlock()
 
 	for key, entry := range rate.tableIPv4 {
-						entry.mutex.Lock()
-						if time.Now().Sub(entry.lastTime) > garbageCollectTime {
+		entry.mu.Lock()
+		if rate.timeNow().Sub(entry.lastTime) > garbageCollectTime {
 			delete(rate.tableIPv4, key)
 		}
-						entry.mutex.Unlock()
+		entry.mu.Unlock()
 	}
 
 	for key, entry := range rate.tableIPv6 {
-						entry.mutex.Lock()
-						if time.Now().Sub(entry.lastTime) > garbageCollectTime {
+		entry.mu.Lock()
+		if rate.timeNow().Sub(entry.lastTime) > garbageCollectTime {
 			delete(rate.tableIPv6, key)
 		}
-						entry.mutex.Unlock()
+		entry.mu.Unlock()
 	}
 
-					if len(rate.tableIPv4) == 0 && len(rate.tableIPv6) == 0 {
-						ticker.Stop()
-					}
-				}()
-			}
-		}
-	}()
+	return len(rate.tableIPv4) == 0 && len(rate.tableIPv6) == 0
 }
 
 func (rate *Ratelimiter) Allow(ip net.IP) bool {
@@ -109,7 +116,7 @@ func (rate *Ratelimiter) Allow(ip net.IP) bool {
 	IPv4 := ip.To4()
 	IPv6 := ip.To16()
 
-	rate.mutex.RLock()
+	rate.mu.RLock()
 
 	if IPv4 != nil {
 		copy(keyIPv4[:], IPv4)
@@ -119,15 +126,15 @@ func (rate *Ratelimiter) Allow(ip net.IP) bool {
 		entry = rate.tableIPv6[keyIPv6]
 	}
 
-	rate.mutex.RUnlock()
+	rate.mu.RUnlock()
 
 	// make new entry if not found
 
 	if entry == nil {
 		entry = new(RatelimiterEntry)
 		entry.tokens = maxTokens - packetCost
-		entry.lastTime = time.Now()
-		rate.mutex.Lock()
+		entry.lastTime = rate.timeNow()
+		rate.mu.Lock()
 		if IPv4 != nil {
 			rate.tableIPv4[keyIPv4] = entry
 			if len(rate.tableIPv4) == 1 && len(rate.tableIPv6) == 0 {
@@ -139,14 +146,14 @@ func (rate *Ratelimiter) Allow(ip net.IP) bool {
 				rate.stopReset <- struct{}{}
 			}
 		}
-		rate.mutex.Unlock()
+		rate.mu.Unlock()
 		return true
 	}
 
 	// add tokens to entry
 
-	entry.mutex.Lock()
-	now := time.Now()
+	entry.mu.Lock()
+	now := rate.timeNow()
 	entry.tokens += now.Sub(entry.lastTime).Nanoseconds()
 	entry.lastTime = now
 	if entry.tokens > maxTokens {
@@ -157,9 +164,9 @@ func (rate *Ratelimiter) Allow(ip net.IP) bool {
 
 	if entry.tokens > packetCost {
 		entry.tokens -= packetCost
-		entry.mutex.Unlock()
+		entry.mu.Unlock()
 		return true
 	}
-	entry.mutex.Unlock()
+	entry.mu.Unlock()
 	return false
 }

ratelimiter/ratelimiter_test.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package ratelimiter
@@ -11,22 +11,21 @@ import (
 	"time"
 )
 
-type RatelimiterResult struct {
+type result struct {
 	allowed bool
 	text    string
 	wait    time.Duration
 }
 
 func TestRatelimiter(t *testing.T) {
+	var rate Ratelimiter
+	var expectedResults []result
 
-	var ratelimiter Ratelimiter
-	var expectedResults []RatelimiterResult
-
-	Nano := func(nano int64) time.Duration {
+	nano := func(nano int64) time.Duration {
 		return time.Nanosecond * time.Duration(nano)
 	}
 
-	Add := func(res RatelimiterResult) {
+	add := func(res result) {
 		expectedResults = append(
 			expectedResults,
 			res,
@@ -34,40 +33,40 @@ func TestRatelimiter(t *testing.T) {
 	}
 
 	for i := 0; i < packetsBurstable; i++ {
-		Add(RatelimiterResult{
+		add(result{
 			allowed: true,
-			text:    "inital burst",
+			text:    "initial burst",
 		})
 	}
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: false,
 		text:    "after burst",
 	})
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: true,
-		wait:    Nano(time.Second.Nanoseconds() / packetsPerSecond),
+		wait:    nano(time.Second.Nanoseconds() / packetsPerSecond),
 		text:    "filling tokens for single packet",
 	})
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: false,
 		text:    "not having refilled enough",
 	})
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: true,
-		wait:    2 * (Nano(time.Second.Nanoseconds() / packetsPerSecond)),
+		wait:    2 * (nano(time.Second.Nanoseconds() / packetsPerSecond)),
 		text:    "filling tokens for two packet burst",
 	})
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: true,
 		text:    "second packet in 2 packet burst",
 	})
 
-	Add(RatelimiterResult{
+	add(result{
 		allowed: false,
 		text:    "packet following 2 packet burst",
 	})
@@ -89,14 +88,31 @@ func TestRatelimiter(t *testing.T) {
 		net.ParseIP("3f0e:54a2:f5b4:cd19:a21d:58e1:3746:84c4"),
 	}
 
-	ratelimiter.Init()
+	now := time.Now()
+	rate.timeNow = func() time.Time {
+		return now
+	}
+	defer func() {
+		// Lock to avoid data race with cleanup goroutine from Init.
+		rate.mu.Lock()
+		defer rate.mu.Unlock()
+
+		rate.timeNow = time.Now
+	}()
+	timeSleep := func(d time.Duration) {
+		now = now.Add(d + 1)
+		rate.cleanup()
+	}
+
+	rate.Init()
+	defer rate.Close()
 
 	for i, res := range expectedResults {
-		time.Sleep(res.wait)
+		timeSleep(res.wait)
 		for _, ip := range ips {
-			allowed := ratelimiter.Allow(ip)
+			allowed := rate.Allow(ip)
 			if allowed != res.allowed {
-				t.Fatal("Test failed for", ip.String(), ", on:", i, "(", res.text, ")", "expected:", res.allowed, "got:", allowed)
+				t.Fatalf("%d: %s: rate.Allow(%q)=%v, want %v", i, res.text, ip, allowed, res.allowed)
 			}
 		}
 	}

receive.go

@@ -1,645 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"bytes"
-	"encoding/binary"
-	"golang.org/x/crypto/chacha20poly1305"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-	"net"
-	"strconv"
-	"sync"
-	"sync/atomic"
-	"time"
-)
-
-type QueueHandshakeElement struct {
-	msgType  uint32
-	packet   []byte
-	endpoint Endpoint
-	buffer   *[MaxMessageSize]byte
-}
-
-type QueueInboundElement struct {
-	dropped  int32
-	mutex    sync.Mutex
-	buffer   *[MaxMessageSize]byte
-	packet   []byte
-	counter  uint64
-	keypair  *Keypair
-	endpoint Endpoint
-}
-
-func (elem *QueueInboundElement) Drop() {
-	atomic.StoreInt32(&elem.dropped, AtomicTrue)
-}
-
-func (elem *QueueInboundElement) IsDropped() bool {
-	return atomic.LoadInt32(&elem.dropped) == AtomicTrue
-}
-
-func (device *Device) addToInboundQueue(
-	queue chan *QueueInboundElement,
-	element *QueueInboundElement,
-) {
-	for {
-		select {
-		case queue <- element:
-			return
-		default:
-			select {
-			case old := <-queue:
-				old.Drop()
-			default:
-			}
-		}
-	}
-}
-
-func (device *Device) addToDecryptionQueue(
-	queue chan *QueueInboundElement,
-	element *QueueInboundElement,
-) {
-	for {
-		select {
-		case queue <- element:
-			return
-		default:
-			select {
-			case old := <-queue:
-				// drop & release to potential consumer
-				old.Drop()
-				old.mutex.Unlock()
-			default:
-			}
-		}
-	}
-}
-
-func (device *Device) addToHandshakeQueue(
-	queue chan QueueHandshakeElement,
-	element QueueHandshakeElement,
-) {
-	for {
-		select {
-		case queue <- element:
-			return
-		default:
-			select {
-			case elem := <-queue:
-				device.PutMessageBuffer(elem.buffer)
-			default:
-			}
-		}
-	}
-}
-
-/* Called when a new authenticated message has been received
- *
- * NOTE: Not thread safe, but called by sequential receiver!
- */
-func (peer *Peer) keepKeyFreshReceiving() {
-	if peer.timers.sentLastMinuteHandshake.Get() {
-		return
-	}
-	keypair := peer.keypairs.Current()
-	if keypair != nil && keypair.isInitiator && time.Now().Sub(keypair.created) > (RejectAfterTime-KeepaliveTimeout-RekeyTimeout) {
-		peer.timers.sentLastMinuteHandshake.Set(true)
-		peer.SendHandshakeInitiation(false)
-	}
-}
-
-/* Receives incoming datagrams for the device
- *
- * Every time the bind is updated a new routine is started for
- * IPv4 and IPv6 (separately)
- */
-func (device *Device) RoutineReceiveIncoming(IP int, bind Bind) {
-
-	logDebug := device.log.Debug
-	defer func() {
-		logDebug.Println("Routine: receive incoming IPv" + strconv.Itoa(IP) + " - stopped")
-		device.net.stopping.Done()
-	}()
-
-	logDebug.Println("Routine: receive incoming IPv" + strconv.Itoa(IP) + " - starting")
-	device.net.starting.Done()
-
-	// receive datagrams until conn is closed
-
-	buffer := device.GetMessageBuffer()
-
-	var (
-		err      error
-		size     int
-		endpoint Endpoint
-	)
-
-	for {
-
-		// read next datagram
-
-		switch IP {
-		case ipv4.Version:
-			size, endpoint, err = bind.ReceiveIPv4(buffer[:])
-		case ipv6.Version:
-			size, endpoint, err = bind.ReceiveIPv6(buffer[:])
-		default:
-			panic("invalid IP version")
-		}
-
-		if err != nil {
-			return
-		}
-
-		if size < MinMessageSize {
-			continue
-		}
-
-		// check size of packet
-
-		packet := buffer[:size]
-		msgType := binary.LittleEndian.Uint32(packet[:4])
-
-		var okay bool
-
-		switch msgType {
-
-		// check if transport
-
-		case MessageTransportType:
-
-			// check size
-
-			if len(packet) < MessageTransportType {
-				continue
-			}
-
-			// lookup key pair
-
-			receiver := binary.LittleEndian.Uint32(
-				packet[MessageTransportOffsetReceiver:MessageTransportOffsetCounter],
-			)
-			value := device.indexTable.Lookup(receiver)
-			keypair := value.keypair
-			if keypair == nil {
-				continue
-			}
-
-			// check keypair expiry
-
-			if keypair.created.Add(RejectAfterTime).Before(time.Now()) {
-				continue
-			}
-
-			// create work element
-
-			peer := value.peer
-			elem := &QueueInboundElement{
-				packet:   packet,
-				buffer:   buffer,
-				keypair:  keypair,
-				dropped:  AtomicFalse,
-				endpoint: endpoint,
-			}
-			elem.mutex.Lock()
-
-			// add to decryption queues
-
-			if peer.isRunning.Get() {
-				device.addToDecryptionQueue(device.queue.decryption, elem)
-				device.addToInboundQueue(peer.queue.inbound, elem)
-				buffer = device.GetMessageBuffer()
-			}
-
-			continue
-
-		// otherwise it is a fixed size & handshake related packet
-
-		case MessageInitiationType:
-			okay = len(packet) == MessageInitiationSize
-
-		case MessageResponseType:
-			okay = len(packet) == MessageResponseSize
-
-		case MessageCookieReplyType:
-			okay = len(packet) == MessageCookieReplySize
-
-		default:
-			logDebug.Println("Received message with unknown type")
-		}
-
-		if okay {
-			device.addToHandshakeQueue(
-				device.queue.handshake,
-				QueueHandshakeElement{
-					msgType:  msgType,
-					buffer:   buffer,
-					packet:   packet,
-					endpoint: endpoint,
-				},
-			)
-			buffer = device.GetMessageBuffer()
-		}
-	}
-}
-
-func (device *Device) RoutineDecryption() {
-
-	var nonce [chacha20poly1305.NonceSize]byte
-
-	logDebug := device.log.Debug
-	defer func() {
-		logDebug.Println("Routine: decryption worker - stopped")
-		device.state.stopping.Done()
-	}()
-	logDebug.Println("Routine: decryption worker - started")
-	device.state.starting.Done()
-
-	for {
-		select {
-		case <-device.signals.stop:
-			return
-
-		case elem, ok := <-device.queue.decryption:
-
-			if !ok {
-				return
-			}
-
-			// check if dropped
-
-			if elem.IsDropped() {
-				continue
-			}
-
-			// split message into fields
-
-			counter := elem.packet[MessageTransportOffsetCounter:MessageTransportOffsetContent]
-			content := elem.packet[MessageTransportOffsetContent:]
-
-			// expand nonce
-
-			nonce[0x4] = counter[0x0]
-			nonce[0x5] = counter[0x1]
-			nonce[0x6] = counter[0x2]
-			nonce[0x7] = counter[0x3]
-
-			nonce[0x8] = counter[0x4]
-			nonce[0x9] = counter[0x5]
-			nonce[0xa] = counter[0x6]
-			nonce[0xb] = counter[0x7]
-
-			// decrypt and release to consumer
-
-			var err error
-			elem.counter = binary.LittleEndian.Uint64(counter)
-			elem.packet, err = elem.keypair.receive.Open(
-				content[:0],
-				nonce[:],
-				content,
-				nil,
-			)
-			if err != nil {
-				elem.Drop()
-			}
-			elem.mutex.Unlock()
-		}
-	}
-}
-
-/* Handles incoming packets related to handshake
- */
-func (device *Device) RoutineHandshake() {
-
-	logInfo := device.log.Info
-	logError := device.log.Error
-	logDebug := device.log.Debug
-
-	defer func() {
-		logDebug.Println("Routine: handshake worker - stopped")
-		device.state.stopping.Done()
-	}()
-
-	logDebug.Println("Routine: handshake worker - started")
-	device.state.starting.Done()
-
-	var elem QueueHandshakeElement
-	var ok bool
-
-	for {
-		select {
-		case elem, ok = <-device.queue.handshake:
-		case <-device.signals.stop:
-			return
-		}
-
-		if !ok {
-			return
-		}
-
-		// handle cookie fields and ratelimiting
-
-		switch elem.msgType {
-
-		case MessageCookieReplyType:
-
-			// unmarshal packet
-
-			var reply MessageCookieReply
-			reader := bytes.NewReader(elem.packet)
-			err := binary.Read(reader, binary.LittleEndian, &reply)
-			if err != nil {
-				logDebug.Println("Failed to decode cookie reply")
-				return
-			}
-
-			// lookup peer from index
-
-			entry := device.indexTable.Lookup(reply.Receiver)
-
-			if entry.peer == nil {
-				continue
-			}
-
-			// consume reply
-
-			if peer := entry.peer; peer.isRunning.Get() {
-				peer.cookieGenerator.ConsumeReply(&reply)
-			}
-
-			continue
-
-		case MessageInitiationType, MessageResponseType:
-
-			// check mac fields and maybe ratelimit
-
-			if !device.cookieChecker.CheckMAC1(elem.packet) {
-				logDebug.Println("Received packet with invalid mac1")
-				continue
-			}
-
-			// endpoints destination address is the source of the datagram
-
-			if device.IsUnderLoad() {
-
-				// verify MAC2 field
-
-				if !device.cookieChecker.CheckMAC2(elem.packet, elem.endpoint.DstToBytes()) {
-					device.SendHandshakeCookie(&elem)
-					continue
-				}
-
-				// check ratelimiter
-
-				if !device.rate.limiter.Allow(elem.endpoint.DstIP()) {
-					continue
-				}
-			}
-
-		default:
-			logError.Println("Invalid packet ended up in the handshake queue")
-			continue
-		}
-
-		// handle handshake initiation/response content
-
-		switch elem.msgType {
-		case MessageInitiationType:
-
-			// unmarshal
-
-			var msg MessageInitiation
-			reader := bytes.NewReader(elem.packet)
-			err := binary.Read(reader, binary.LittleEndian, &msg)
-			if err != nil {
-				logError.Println("Failed to decode initiation message")
-				continue
-			}
-
-			// consume initiation
-
-			peer := device.ConsumeMessageInitiation(&msg)
-			if peer == nil {
-				logInfo.Println(
-					"Received invalid initiation message from",
-					elem.endpoint.DstToString(),
-				)
-				continue
-			}
-
-			// update timers
-
-			peer.timersAnyAuthenticatedPacketTraversal()
-			peer.timersAnyAuthenticatedPacketReceived()
-
-			// update endpoint
-			peer.SetEndpointFromPacket(elem.endpoint)
-
-			logDebug.Println(peer, "- Received handshake initiation")
-
-			peer.SendHandshakeResponse()
-
-		case MessageResponseType:
-
-			// unmarshal
-
-			var msg MessageResponse
-			reader := bytes.NewReader(elem.packet)
-			err := binary.Read(reader, binary.LittleEndian, &msg)
-			if err != nil {
-				logError.Println("Failed to decode response message")
-				continue
-			}
-
-			// consume response
-
-			peer := device.ConsumeMessageResponse(&msg)
-			if peer == nil {
-				logInfo.Println(
-					"Received invalid response message from",
-					elem.endpoint.DstToString(),
-				)
-				continue
-			}
-
-			// update endpoint
-			peer.SetEndpointFromPacket(elem.endpoint)
-
-			logDebug.Println(peer, "- Received handshake response")
-
-			// update timers
-
-			peer.timersAnyAuthenticatedPacketTraversal()
-			peer.timersAnyAuthenticatedPacketReceived()
-
-			// derive keypair
-
-			err = peer.BeginSymmetricSession()
-
-			if err != nil {
-				logError.Println(peer, "- Failed to derive keypair:", err)
-				continue
-			}
-
-			peer.timersSessionDerived()
-			peer.timersHandshakeComplete()
-			peer.SendKeepalive()
-			select {
-			case peer.signals.newKeypairArrived <- struct{}{}:
-			default:
-			}
-		}
-	}
-}
-
-func (peer *Peer) RoutineSequentialReceiver() {
-
-	device := peer.device
-	logInfo := device.log.Info
-	logError := device.log.Error
-	logDebug := device.log.Debug
-
-	defer func() {
-		logDebug.Println(peer, "- Routine: sequential receiver - stopped")
-		peer.routines.stopping.Done()
-	}()
-
-	logDebug.Println(peer, "- Routine: sequential receiver - started")
-
-	peer.routines.starting.Done()
-
-	for {
-
-		select {
-
-		case <-peer.routines.stop:
-			return
-
-		case elem, ok := <-peer.queue.inbound:
-
-			if !ok {
-				return
-			}
-
-			// wait for decryption
-
-			elem.mutex.Lock()
-
-			if elem.IsDropped() {
-				continue
-			}
-
-			// check for replay
-
-			if !elem.keypair.replayFilter.ValidateCounter(elem.counter, RejectAfterMessages) {
-				continue
-			}
-
-			// update endpoint
-			peer.SetEndpointFromPacket(elem.endpoint)
-
-			// check if using new keypair
-			if peer.ReceivedWithKeypair(elem.keypair) {
-				peer.timersHandshakeComplete()
-				select {
-				case peer.signals.newKeypairArrived <- struct{}{}:
-				default:
-				}
-			}
-
-			peer.keepKeyFreshReceiving()
-			peer.timersAnyAuthenticatedPacketTraversal()
-			peer.timersAnyAuthenticatedPacketReceived()
-
-			// check for keepalive
-
-			if len(elem.packet) == 0 {
-				logDebug.Println(peer, "- Receiving keepalive packet")
-				continue
-			}
-			peer.timersDataReceived()
-
-			// verify source and strip padding
-
-			switch elem.packet[0] >> 4 {
-			case ipv4.Version:
-
-				// strip padding
-
-				if len(elem.packet) < ipv4.HeaderLen {
-					continue
-				}
-
-				field := elem.packet[IPv4offsetTotalLength : IPv4offsetTotalLength+2]
-				length := binary.BigEndian.Uint16(field)
-				if int(length) > len(elem.packet) || int(length) < ipv4.HeaderLen {
-					continue
-				}
-
-				elem.packet = elem.packet[:length]
-
-				// verify IPv4 source
-
-				src := elem.packet[IPv4offsetSrc : IPv4offsetSrc+net.IPv4len]
-				if device.allowedips.LookupIPv4(src) != peer {
-					logInfo.Println(
-						"IPv4 packet with disallowed source address from",
-						peer,
-					)
-					continue
-				}
-
-			case ipv6.Version:
-
-				// strip padding
-
-				if len(elem.packet) < ipv6.HeaderLen {
-					continue
-				}
-
-				field := elem.packet[IPv6offsetPayloadLength : IPv6offsetPayloadLength+2]
-				length := binary.BigEndian.Uint16(field)
-				length += ipv6.HeaderLen
-				if int(length) > len(elem.packet) {
-					continue
-				}
-
-				elem.packet = elem.packet[:length]
-
-				// verify IPv6 source
-
-				src := elem.packet[IPv6offsetSrc : IPv6offsetSrc+net.IPv6len]
-				if device.allowedips.LookupIPv6(src) != peer {
-					logInfo.Println(
-						peer,
-						"sent packet with disallowed IPv6 source",
-					)
-					continue
-				}
-
-			default:
-				logInfo.Println("Packet with invalid IP version from", peer)
-				continue
-			}
-
-			// write to tun device
-
-			offset := MessageTransportOffsetContent
-			atomic.AddUint64(&peer.stats.rxBytes, uint64(len(elem.packet)))
-			_, err := device.tun.device.Write(
-				elem.buffer[:offset+len(elem.packet)],
-				offset)
-			device.PutMessageBuffer(elem.buffer)
-			if err != nil {
-				logError.Println("Failed to write packet to TUN device:", err)
-			}
-		}
-	}
-}

replay/replay.go

@@ -1,84 +1,62 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
+// Package replay implements an efficient anti-replay algorithm as specified in RFC 6479.
 package replay
 
-/* Implementation of RFC6479
- * https://tools.ietf.org/html/rfc6479
- *
- * The implementation is not safe for concurrent use!
- */
+type block uint64
 
 const (
-	// See: https://golang.org/src/math/big/arith.go
-	_Wordm       = ^uintptr(0)
-	_WordLogSize = _Wordm>>8&1 + _Wordm>>16&1 + _Wordm>>32&1
-	_WordSize    = 1 << _WordLogSize
+	blockBitLog = 6                // 1<<6 == 64 bits
+	blockBits   = 1 << blockBitLog // must be power of 2
+	ringBlocks  = 1 << 7           // must be power of 2
+	windowSize  = (ringBlocks - 1) * blockBits
+	blockMask   = ringBlocks - 1
+	bitMask     = blockBits - 1
 )
 
-const (
-	CounterRedundantBitsLog = _WordLogSize + 3
-	CounterRedundantBits    = _WordSize * 8
-	CounterBitsTotal        = 2048
-	CounterWindowSize       = uint64(CounterBitsTotal - CounterRedundantBits)
-)
-
-const (
-	BacktrackWords = CounterBitsTotal / _WordSize
-)
-
-func minUint64(a uint64, b uint64) uint64 {
-	if a > b {
-		return b
-	}
-	return a
+// A Filter rejects replayed messages by checking if message counter value is
+// within a sliding window of previously received messages.
+// The zero value for Filter is an empty filter ready to use.
+// Filters are unsafe for concurrent use.
+type Filter struct {
+	last uint64
+	ring [ringBlocks]block
 }
 
-type ReplayFilter struct {
-	counter   uint64
-	backtrack [BacktrackWords]uintptr
+// Reset resets the filter to empty state.
+func (f *Filter) Reset() {
+	f.last = 0
+	f.ring[0] = 0
 }
 
-func (filter *ReplayFilter) Init() {
-	filter.counter = 0
-	filter.backtrack[0] = 0
-}
-
-func (filter *ReplayFilter) ValidateCounter(counter uint64, limit uint64) bool {
+// ValidateCounter checks if the counter should be accepted.
+// Overlimit counters (>= limit) are always rejected.
+func (f *Filter) ValidateCounter(counter uint64, limit uint64) bool {
 	if counter >= limit {
 		return false
 	}
-
-	indexWord := counter >> CounterRedundantBitsLog
-
-	if counter > filter.counter {
-
-		// move window forward
-
-		current := filter.counter >> CounterRedundantBitsLog
-		diff := minUint64(indexWord-current, BacktrackWords)
-		for i := uint64(1); i <= diff; i++ {
-			filter.backtrack[(current+i)%BacktrackWords] = 0
+	indexBlock := counter >> blockBitLog
+	if counter > f.last { // move window forward
+		current := f.last >> blockBitLog
+		diff := indexBlock - current
+		if diff > ringBlocks {
+			diff = ringBlocks // cap diff to clear the whole ring
 		}
-		filter.counter = counter
-
-	} else if filter.counter-counter > CounterWindowSize {
-
-		// behind current window
-
+		for i := current + 1; i <= current+diff; i++ {
+			f.ring[i&blockMask] = 0
+		}
+		f.last = counter
+	} else if f.last-counter > windowSize { // behind current window
 		return false
 	}
-
-	indexWord %= BacktrackWords
-	indexBit := counter & uint64(CounterRedundantBits-1)
-
 	// check and set bit
-
-	oldValue := filter.backtrack[indexWord]
-	newValue := oldValue | (1 << indexBit)
-	filter.backtrack[indexWord] = newValue
-	return oldValue != newValue
+	indexBlock &= blockMask
+	indexBit := counter & bitMask
+	old := f.ring[indexBlock]
+	new := old | 1<<indexBit
+	f.ring[indexBlock] = new
+	return old != new
 }

replay/replay_test.go

@@ -1,7 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package replay
@@ -15,22 +14,22 @@ import (
  *
  */
 
-const RejectAfterMessages = (1 << 64) - (1 << 4) - 1
+const RejectAfterMessages = 1<<64 - 1<<13 - 1
 
 func TestReplay(t *testing.T) {
-	var filter ReplayFilter
+	var filter Filter
 
-	T_LIM := CounterWindowSize + 1
+	const T_LIM = windowSize + 1
 
 	testNumber := 0
-	T := func(n uint64, v bool) {
+	T := func(n uint64, expected bool) {
 		testNumber++
-		if filter.ValidateCounter(n, RejectAfterMessages) != v {
-			t.Fatal("Test", testNumber, "failed", n, v)
+		if filter.ValidateCounter(n, RejectAfterMessages) != expected {
+			t.Fatal("Test", testNumber, "failed", n, expected)
 		}
 	}
 
-	filter.Init()
+	filter.Reset()
 
 	T(0, true)                      /*  1 */
 	T(1, true)                      /*  2 */
@@ -68,53 +67,53 @@ func TestReplay(t *testing.T) {
 	T(0, false)                     /* 34 */
 
 	t.Log("Bulk test 1")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := uint64(1); i <= CounterWindowSize; i++ {
+	for i := uint64(1); i <= windowSize; i++ {
 		T(i, true)
 	}
 	T(0, true)
 	T(0, false)
 
 	t.Log("Bulk test 2")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := uint64(2); i <= CounterWindowSize+1; i++ {
+	for i := uint64(2); i <= windowSize+1; i++ {
 		T(i, true)
 	}
 	T(1, true)
 	T(0, false)
 
 	t.Log("Bulk test 3")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := CounterWindowSize + 1; i > 0; i-- {
+	for i := uint64(windowSize + 1); i > 0; i-- {
 		T(i, true)
 	}
 
 	t.Log("Bulk test 4")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := CounterWindowSize + 2; i > 1; i-- {
+	for i := uint64(windowSize + 2); i > 1; i-- {
 		T(i, true)
 	}
 	T(0, false)
 
 	t.Log("Bulk test 5")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := CounterWindowSize; i > 0; i-- {
+	for i := uint64(windowSize); i > 0; i-- {
 		T(i, true)
 	}
-	T(CounterWindowSize+1, true)
+	T(windowSize+1, true)
 	T(0, false)
 
 	t.Log("Bulk test 6")
-	filter.Init()
+	filter.Reset()
 	testNumber = 0
-	for i := CounterWindowSize; i > 0; i-- {
+	for i := uint64(windowSize); i > 0; i-- {
 		T(i, true)
 	}
 	T(0, true)
-	T(CounterWindowSize+1, true)
+	T(windowSize+1, true)
 }

rwcancel/fdset.go

@@ -0,0 +1,24 @@
+// +build !windows
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package rwcancel
+
+import "golang.org/x/sys/unix"
+
+type fdSet struct {
+	unix.FdSet
+}
+
+func (fdset *fdSet) set(i int) {
+	bits := 32 << (^uint(0) >> 63)
+	fdset.Bits[i/bits] |= 1 << uint(i%bits)
+}
+
+func (fdset *fdSet) check(i int) bool {
+	bits := 32 << (^uint(0) >> 63)
+	return (fdset.Bits[i/bits] & (1 << uint(i%bits))) != 0
+}

rwcancel/fdset_default.go

@@ -1,24 +0,0 @@
-// +build !freebsd
-
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- */
-
-package rwcancel
-
-import "golang.org/x/sys/unix"
-
-type fdSet struct {
-	fdset unix.FdSet
-}
-
-func (fdset *fdSet) set(i int) {
-	bits := 32 << (^uint(0) >> 63)
-	fdset.fdset.Bits[i/bits] |= 1 << uint(i%bits)
-}
-
-func (fdset *fdSet) check(i int) bool {
-	bits := 32 << (^uint(0) >> 63)
-	return (fdset.fdset.Bits[i/bits] & (1 << uint(i%bits))) != 0
-}

rwcancel/fdset_freebsd.go

@@ -1,22 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- */
-
-package rwcancel
-
-import "golang.org/x/sys/unix"
-
-type fdSet struct {
-	fdset unix.FdSet
-}
-
-func (fdset *fdSet) set(i int) {
-	bits := 32 << (^uint(0) >> 63)
-	fdset.fdset.X__fds_bits[i/bits] |= 1 << uint(i%bits)
-}
-
-func (fdset *fdSet) check(i int) bool {
-	bits := 32 << (^uint(0) >> 63)
-	return (fdset.fdset.X__fds_bits[i/bits] & (1 << uint(i%bits))) != 0
-}

rwcancel/rwcancel.go

@@ -1,15 +1,20 @@
-/* SPDX-License-Identifier: GPL-2.0
+// +build !windows
+
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
+// Package rwcancel implements cancelable read/write operations on
+// a file descriptor.
 package rwcancel
 
 import (
 	"errors"
-	"golang.org/x/sys/unix"
 	"os"
 	"syscall"
+
+	"golang.org/x/sys/unix"
 )
 
 func max(a, b int) int {
@@ -41,17 +46,7 @@ func NewRWCancel(fd int) (*RWCancel, error) {
 }
 
 func RetryAfterError(err error) bool {
-	if pe, ok := err.(*os.PathError); ok {
-		err = pe.Err
-	}
-	if errno, ok := err.(syscall.Errno); ok {
-		switch errno {
-		case syscall.EAGAIN, syscall.EINTR:
-			return true
-		}
-
-	}
-	return false
+	return errors.Is(err, syscall.EAGAIN) || errors.Is(err, syscall.EINTR)
 }
 
 func (rw *RWCancel) ReadyRead() bool {
@@ -59,7 +54,13 @@ func (rw *RWCancel) ReadyRead() bool {
 	fdset := fdSet{}
 	fdset.set(rw.fd)
 	fdset.set(closeFd)
-	err := unixSelect(max(rw.fd, closeFd)+1, &fdset.fdset, nil, nil, nil)
+	var err error
+	for {
+		err = unixSelect(max(rw.fd, closeFd)+1, &fdset.FdSet, nil, nil, nil)
+		if err == nil || !RetryAfterError(err) {
+			break
+		}
+	}
 	if err != nil {
 		return false
 	}
@@ -74,7 +75,13 @@ func (rw *RWCancel) ReadyWrite() bool {
 	fdset := fdSet{}
 	fdset.set(rw.fd)
 	fdset.set(closeFd)
-	err := unixSelect(max(rw.fd, closeFd)+1, nil, &fdset.fdset, nil, nil)
+	var err error
+	for {
+		err = unixSelect(max(rw.fd, closeFd)+1, nil, &fdset.FdSet, nil, nil)
+		if err == nil || !RetryAfterError(err) {
+			break
+		}
+	}
 	if err != nil {
 		return false
 	}
@@ -112,3 +119,8 @@ func (rw *RWCancel) Cancel() (err error) {
 	_, err = rw.closingWriter.Write([]byte{0})
 	return
 }
+
+func (rw *RWCancel) Close() {
+	rw.closingReader.Close()
+	rw.closingWriter.Close()
+}

rwcancel/rwcancel_windows.go

@@ -0,0 +1,8 @@
+// SPDX-License-Identifier: MIT
+
+package rwcancel
+
+type RWCancel struct {
+}
+
+func (*RWCancel) Cancel() {}

rwcancel/select_default.go

@@ -1,8 +1,8 @@
-// +build !linux
+// +build !linux,!windows
 
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package rwcancel
@@ -10,5 +10,6 @@ package rwcancel
 import "golang.org/x/sys/unix"
 
 func unixSelect(nfd int, r *unix.FdSet, w *unix.FdSet, e *unix.FdSet, timeout *unix.Timeval) error {
-	return unix.Select(nfd, r, w, e, timeout)
+	_, err := unix.Select(nfd, r, w, e, timeout)
+	return err
 }

rwcancel/select_linux.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package rwcancel

send.go

@@ -1,571 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"bytes"
-	"encoding/binary"
-	"golang.org/x/crypto/chacha20poly1305"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-	"net"
-	"sync"
-	"sync/atomic"
-	"time"
-)
-
-/* Outbound flow
- *
- * 1. TUN queue
- * 2. Routing (sequential)
- * 3. Nonce assignment (sequential)
- * 4. Encryption (parallel)
- * 5. Transmission (sequential)
- *
- * The functions in this file occur (roughly) in the order in
- * which the packets are processed.
- *
- * Locking, Producers and Consumers
- *
- * The order of packets (per peer) must be maintained,
- * but encryption of packets happen out-of-order:
- *
- * The sequential consumers will attempt to take the lock,
- * workers release lock when they have completed work (encryption) on the packet.
- *
- * If the element is inserted into the "encryption queue",
- * the content is preceded by enough "junk" to contain the transport header
- * (to allow the construction of transport messages in-place)
- */
-
-type QueueOutboundElement struct {
-	dropped int32
-	mutex   sync.Mutex
-	buffer  *[MaxMessageSize]byte // slice holding the packet data
-	packet  []byte                // slice of "buffer" (always!)
-	nonce   uint64                // nonce for encryption
-	keypair *Keypair              // keypair for encryption
-	peer    *Peer                 // related peer
-}
-
-func (device *Device) NewOutboundElement() *QueueOutboundElement {
-	return &QueueOutboundElement{
-		dropped: AtomicFalse,
-		buffer:  device.pool.messageBuffers.Get().(*[MaxMessageSize]byte),
-	}
-}
-
-func (elem *QueueOutboundElement) Drop() {
-	atomic.StoreInt32(&elem.dropped, AtomicTrue)
-}
-
-func (elem *QueueOutboundElement) IsDropped() bool {
-	return atomic.LoadInt32(&elem.dropped) == AtomicTrue
-}
-
-func addToOutboundQueue(
-	queue chan *QueueOutboundElement,
-	element *QueueOutboundElement,
-) {
-	for {
-		select {
-		case queue <- element:
-			return
-		default:
-			select {
-			case old := <-queue:
-				old.Drop()
-			default:
-			}
-		}
-	}
-}
-
-func addToEncryptionQueue(
-	queue chan *QueueOutboundElement,
-	element *QueueOutboundElement,
-) {
-	for {
-		select {
-		case queue <- element:
-			return
-		default:
-			select {
-			case old := <-queue:
-				// drop & release to potential consumer
-				old.Drop()
-				old.mutex.Unlock()
-			default:
-			}
-		}
-	}
-}
-
-/* Queues a keepalive if no packets are queued for peer
- */
-func (peer *Peer) SendKeepalive() bool {
-	if len(peer.queue.nonce) != 0 || peer.queue.packetInNonceQueueIsAwaitingKey.Get() || !peer.isRunning.Get() {
-		return false
-	}
-	elem := peer.device.NewOutboundElement()
-	elem.packet = nil
-	select {
-	case peer.queue.nonce <- elem:
-		peer.device.log.Debug.Println(peer, "- Sending keepalive packet")
-		return true
-	default:
-		return false
-	}
-}
-
-func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
-	if !isRetry {
-		atomic.StoreUint32(&peer.timers.handshakeAttempts, 0)
-	}
-
-	peer.handshake.mutex.RLock()
-	if time.Now().Sub(peer.handshake.lastSentHandshake) < RekeyTimeout {
-		peer.handshake.mutex.RUnlock()
-		return nil
-	}
-	peer.handshake.mutex.RUnlock()
-
-	peer.handshake.mutex.Lock()
-	if time.Now().Sub(peer.handshake.lastSentHandshake) < RekeyTimeout {
-		peer.handshake.mutex.Unlock()
-		return nil
-	}
-	peer.handshake.lastSentHandshake = time.Now()
-	peer.handshake.mutex.Unlock()
-
-	peer.device.log.Debug.Println(peer, "- Sending handshake initiation")
-
-	msg, err := peer.device.CreateMessageInitiation(peer)
-	if err != nil {
-		peer.device.log.Error.Println(peer, "- Failed to create initiation message:", err)
-		return err
-	}
-
-	var buff [MessageInitiationSize]byte
-	writer := bytes.NewBuffer(buff[:0])
-	binary.Write(writer, binary.LittleEndian, msg)
-	packet := writer.Bytes()
-	peer.cookieGenerator.AddMacs(packet)
-
-	peer.timersAnyAuthenticatedPacketTraversal()
-	peer.timersAnyAuthenticatedPacketSent()
-
-	err = peer.SendBuffer(packet)
-	if err != nil {
-		peer.device.log.Error.Println(peer, "- Failed to send handshake initiation", err)
-	}
-	peer.timersHandshakeInitiated()
-
-	return err
-}
-
-func (peer *Peer) SendHandshakeResponse() error {
-	peer.handshake.mutex.Lock()
-	peer.handshake.lastSentHandshake = time.Now()
-	peer.handshake.mutex.Unlock()
-
-	peer.device.log.Debug.Println(peer, "- Sending handshake response")
-
-	response, err := peer.device.CreateMessageResponse(peer)
-	if err != nil {
-		peer.device.log.Error.Println(peer, "- Failed to create response message:", err)
-		return err
-	}
-
-	var buff [MessageResponseSize]byte
-	writer := bytes.NewBuffer(buff[:0])
-	binary.Write(writer, binary.LittleEndian, response)
-	packet := writer.Bytes()
-	peer.cookieGenerator.AddMacs(packet)
-
-	err = peer.BeginSymmetricSession()
-	if err != nil {
-		peer.device.log.Error.Println(peer, "- Failed to derive keypair:", err)
-		return err
-	}
-
-	peer.timersSessionDerived()
-	peer.timersAnyAuthenticatedPacketTraversal()
-	peer.timersAnyAuthenticatedPacketSent()
-
-	err = peer.SendBuffer(packet)
-	if err != nil {
-		peer.device.log.Error.Println(peer, "- Failed to send handshake response", err)
-	}
-	return err
-}
-
-func (device *Device) SendHandshakeCookie(initiatingElem *QueueHandshakeElement) error {
-
-	device.log.Debug.Println("Sending cookie reply to:", initiatingElem.endpoint.DstToString())
-
-	sender := binary.LittleEndian.Uint32(initiatingElem.packet[4:8])
-	reply, err := device.cookieChecker.CreateReply(initiatingElem.packet, sender, initiatingElem.endpoint.DstToBytes())
-	if err != nil {
-		device.log.Error.Println("Failed to create cookie reply:", err)
-		return err
-	}
-
-	var buff [MessageCookieReplySize]byte
-	writer := bytes.NewBuffer(buff[:0])
-	binary.Write(writer, binary.LittleEndian, reply)
-	device.net.bind.Send(writer.Bytes(), initiatingElem.endpoint)
-	if err != nil {
-		device.log.Error.Println("Failed to send cookie reply:", err)
-	}
-	return err
-}
-
-func (peer *Peer) keepKeyFreshSending() {
-	keypair := peer.keypairs.Current()
-	if keypair == nil {
-		return
-	}
-	nonce := atomic.LoadUint64(&keypair.sendNonce)
-	if nonce > RekeyAfterMessages || (keypair.isInitiator && time.Now().Sub(keypair.created) > RekeyAfterTime) {
-		peer.SendHandshakeInitiation(false)
-	}
-}
-
-/* Reads packets from the TUN and inserts
- * into nonce queue for peer
- *
- * Obs. Single instance per TUN device
- */
-func (device *Device) RoutineReadFromTUN() {
-
-	elem := device.NewOutboundElement()
-
-	logDebug := device.log.Debug
-	logError := device.log.Error
-
-	defer func() {
-		logDebug.Println("Routine: TUN reader - stopped")
-		device.state.stopping.Done()
-	}()
-
-	logDebug.Println("Routine: TUN reader - started")
-	device.state.starting.Done()
-
-	for {
-
-		// read packet
-
-		offset := MessageTransportHeaderSize
-		size, err := device.tun.device.Read(elem.buffer[:], offset)
-
-		if err != nil {
-			if !device.isClosed.Get() {
-				logError.Println("Failed to read packet from TUN device:", err)
-				device.Close()
-			}
-			return
-		}
-
-		if size == 0 || size > MaxContentSize {
-			continue
-		}
-
-		elem.packet = elem.buffer[offset : offset+size]
-
-		// lookup peer
-
-		var peer *Peer
-		switch elem.packet[0] >> 4 {
-		case ipv4.Version:
-			if len(elem.packet) < ipv4.HeaderLen {
-				continue
-			}
-			dst := elem.packet[IPv4offsetDst : IPv4offsetDst+net.IPv4len]
-			peer = device.allowedips.LookupIPv4(dst)
-
-		case ipv6.Version:
-			if len(elem.packet) < ipv6.HeaderLen {
-				continue
-			}
-			dst := elem.packet[IPv6offsetDst : IPv6offsetDst+net.IPv6len]
-			peer = device.allowedips.LookupIPv6(dst)
-
-		default:
-			logDebug.Println("Received packet with unknown IP version")
-		}
-
-		if peer == nil {
-			continue
-		}
-
-		// insert into nonce/pre-handshake queue
-
-		if peer.isRunning.Get() {
-			if peer.queue.packetInNonceQueueIsAwaitingKey.Get() {
-				peer.SendHandshakeInitiation(false)
-			}
-			addToOutboundQueue(peer.queue.nonce, elem)
-			elem = device.NewOutboundElement()
-		}
-	}
-}
-
-func (peer *Peer) FlushNonceQueue() {
-	select {
-	case peer.signals.flushNonceQueue <- struct{}{}:
-	default:
-	}
-}
-
-/* Queues packets when there is no handshake.
- * Then assigns nonces to packets sequentially
- * and creates "work" structs for workers
- *
- * Obs. A single instance per peer
- */
-func (peer *Peer) RoutineNonce() {
-	var keypair *Keypair
-
-	device := peer.device
-	logDebug := device.log.Debug
-
-	defer func() {
-		logDebug.Println(peer, "- Routine: nonce worker - stopped")
-		peer.queue.packetInNonceQueueIsAwaitingKey.Set(false)
-		peer.routines.stopping.Done()
-	}()
-
-	flush := func() {
-		for {
-			select {
-			case <-peer.queue.nonce:
-			default:
-				return
-			}
-		}
-	}
-
-	peer.routines.starting.Done()
-	logDebug.Println(peer, "- Routine: nonce worker - started")
-
-	for {
-	NextPacket:
-		peer.queue.packetInNonceQueueIsAwaitingKey.Set(false)
-
-		select {
-		case <-peer.routines.stop:
-			return
-
-		case <-peer.signals.flushNonceQueue:
-			flush()
-			goto NextPacket
-
-		case elem, ok := <-peer.queue.nonce:
-
-			if !ok {
-				return
-			}
-
-			// make sure to always pick the newest key
-
-			for {
-
-				// check validity of newest key pair
-
-				keypair = peer.keypairs.Current()
-				if keypair != nil && keypair.sendNonce < RejectAfterMessages {
-					if time.Now().Sub(keypair.created) < RejectAfterTime {
-						break
-					}
-				}
-				peer.queue.packetInNonceQueueIsAwaitingKey.Set(true)
-
-				// no suitable key pair, request for new handshake
-
-				select {
-				case <-peer.signals.newKeypairArrived:
-				default:
-				}
-
-				peer.SendHandshakeInitiation(false)
-
-				// wait for key to be established
-
-				logDebug.Println(peer, "- Awaiting keypair")
-
-				select {
-				case <-peer.signals.newKeypairArrived:
-					logDebug.Println(peer, "- Obtained awaited keypair")
-
-				case <-peer.signals.flushNonceQueue:
-					flush()
-					goto NextPacket
-
-				case <-peer.routines.stop:
-					return
-				}
-			}
-			peer.queue.packetInNonceQueueIsAwaitingKey.Set(false)
-
-			// populate work element
-
-			elem.peer = peer
-			elem.nonce = atomic.AddUint64(&keypair.sendNonce, 1) - 1
-
-			// double check in case of race condition added by future code
-
-			if elem.nonce >= RejectAfterMessages {
-				atomic.StoreUint64(&keypair.sendNonce, RejectAfterMessages)
-				goto NextPacket
-			}
-
-			elem.keypair = keypair
-			elem.dropped = AtomicFalse
-			elem.mutex.Lock()
-
-			// add to parallel and sequential queue
-
-			addToEncryptionQueue(device.queue.encryption, elem)
-			addToOutboundQueue(peer.queue.outbound, elem)
-		}
-	}
-}
-
-/* Encrypts the elements in the queue
- * and marks them for sequential consumption (by releasing the mutex)
- *
- * Obs. One instance per core
- */
-func (device *Device) RoutineEncryption() {
-
-	var nonce [chacha20poly1305.NonceSize]byte
-
-	logDebug := device.log.Debug
-
-	defer func() {
-		logDebug.Println("Routine: encryption worker - stopped")
-		device.state.stopping.Done()
-	}()
-
-	logDebug.Println("Routine: encryption worker - started")
-	device.state.starting.Done()
-
-	for {
-
-		// fetch next element
-
-		select {
-		case <-device.signals.stop:
-			return
-
-		case elem, ok := <-device.queue.encryption:
-
-			if !ok {
-				return
-			}
-
-			// check if dropped
-
-			if elem.IsDropped() {
-				continue
-			}
-
-			// populate header fields
-
-			header := elem.buffer[:MessageTransportHeaderSize]
-
-			fieldType := header[0:4]
-			fieldReceiver := header[4:8]
-			fieldNonce := header[8:16]
-
-			binary.LittleEndian.PutUint32(fieldType, MessageTransportType)
-			binary.LittleEndian.PutUint32(fieldReceiver, elem.keypair.remoteIndex)
-			binary.LittleEndian.PutUint64(fieldNonce, elem.nonce)
-
-			// pad content to multiple of 16
-
-			mtu := int(atomic.LoadInt32(&device.tun.mtu))
-			rem := len(elem.packet) % PaddingMultiple
-			if rem > 0 {
-				for i := 0; i < PaddingMultiple-rem && len(elem.packet) < mtu; i++ {
-					elem.packet = append(elem.packet, 0)
-				}
-			}
-
-			// encrypt content and release to consumer
-
-			binary.LittleEndian.PutUint64(nonce[4:], elem.nonce)
-			elem.packet = elem.keypair.send.Seal(
-				header,
-				nonce[:],
-				elem.packet,
-				nil,
-			)
-			elem.mutex.Unlock()
-		}
-	}
-}
-
-/* Sequentially reads packets from queue and sends to endpoint
- *
- * Obs. Single instance per peer.
- * The routine terminates then the outbound queue is closed.
- */
-func (peer *Peer) RoutineSequentialSender() {
-
-	device := peer.device
-
-	logDebug := device.log.Debug
-
-	defer func() {
-		logDebug.Println(peer, "- Routine: sequential sender - stopped")
-		peer.routines.stopping.Done()
-	}()
-
-	logDebug.Println(peer, "- Routine: sequential sender - started")
-
-	peer.routines.starting.Done()
-
-	for {
-		select {
-
-		case <-peer.routines.stop:
-			return
-
-		case elem, ok := <-peer.queue.outbound:
-
-			if !ok {
-				return
-			}
-
-			elem.mutex.Lock()
-			if elem.IsDropped() {
-				continue
-			}
-
-			peer.timersAnyAuthenticatedPacketTraversal()
-			peer.timersAnyAuthenticatedPacketSent()
-
-			// send message and return buffer to pool
-
-			length := uint64(len(elem.packet))
-			err := peer.SendBuffer(elem.packet)
-			device.PutMessageBuffer(elem.buffer)
-			if err != nil {
-				logDebug.Println("Failed to send authenticated packet to peer", peer)
-				continue
-			}
-			atomic.AddUint64(&peer.stats.txBytes, length)
-
-			if len(elem.packet) != MessageKeepaliveSize {
-				peer.timersDataSent()
-			}
-			peer.keepKeyFreshSending()
-		}
-	}
-}

tai64n/tai64n.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package tai64n
@@ -12,20 +12,28 @@ import (
 )
 
 const TimestampSize = 12
-const base = uint64(4611686018427387914)
+const base = uint64(0x400000000000000a)
+const whitenerMask = uint32(0x1000000 - 1)
 
 type Timestamp [TimestampSize]byte
 
-func Now() Timestamp {
+func stamp(t time.Time) Timestamp {
 	var tai64n Timestamp
-	now := time.Now()
-	secs := base + uint64(now.Unix())
-	nano := uint32(now.UnixNano())
+	secs := base + uint64(t.Unix())
+	nano := uint32(t.Nanosecond()) &^ whitenerMask
 	binary.BigEndian.PutUint64(tai64n[:], secs)
 	binary.BigEndian.PutUint32(tai64n[8:], nano)
 	return tai64n
 }
 
+func Now() Timestamp {
+	return stamp(time.Now())
+}
+
 func (t1 Timestamp) After(t2 Timestamp) bool {
 	return bytes.Compare(t1[:], t2[:]) > 0
 }
+
+func (t Timestamp) String() string {
+	return time.Unix(int64(binary.BigEndian.Uint64(t[:8])-base), int64(binary.BigEndian.Uint32(t[8:12]))).String()
+}

tai64n/tai64n_test.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package tai64n
@@ -10,17 +10,31 @@ import (
 	"time"
 )
 
-/* Testing the essential property of the timestamp
- * as used by WireGuard.
- */
+// Test that timestamps are monotonic as required by Wireguard and that
+// nanosecond-level information is whitened to prevent side channel attacks.
 func TestMonotonic(t *testing.T) {
-	old := Now()
-	for i := 0; i < 10000; i++ {
-		time.Sleep(time.Nanosecond)
-		next := Now()
-		if !next.After(old) {
-			t.Error("TAI64N, not monotonically increasing on nano-second scale")
+	startTime := time.Unix(0, 123456789) // a nontrivial bit pattern
+	// Whitening should reduce timestamp granularity
+	// to more than 10 but fewer than 20 milliseconds.
+	tests := []struct {
+		name      string
+		t1, t2    time.Time
+		wantAfter bool
+	}{
+		{"after_10_ns", startTime, startTime.Add(10 * time.Nanosecond), false},
+		{"after_10_us", startTime, startTime.Add(10 * time.Microsecond), false},
+		{"after_1_ms", startTime, startTime.Add(time.Millisecond), false},
+		{"after_10_ms", startTime, startTime.Add(10 * time.Millisecond), false},
+		{"after_20_ms", startTime, startTime.Add(20 * time.Millisecond), true},
 	}
-		old = next
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			ts1, ts2 := stamp(tt.t1), stamp(tt.t2)
+			got := ts2.After(ts1)
+			if got != tt.wantAfter {
+				t.Errorf("after = %v; want %v", got, tt.wantAfter)
+			}
+		})
 	}
 }

tests/netns.sh

@@ -36,7 +36,7 @@ netns0="wg-test-$$-0"
 netns1="wg-test-$$-1"
 netns2="wg-test-$$-2"
 program=$1
-export LOG_LEVEL="info"
+export LOG_LEVEL="verbose"
 
 pretty() { echo -e "\x1b[32m\x1b[1m[+] ${1:+NS$1: }${2}\x1b[0m" >&3; }
 pp() { pretty "" "$*"; "$@"; }

tun.go

@@ -1,56 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
- */
-
-package main
-
-import (
-	"git.zx2c4.com/wireguard-go/tun"
-	"sync/atomic"
-)
-
-const DefaultMTU = 1420
-
-func (device *Device) RoutineTUNEventReader() {
-	setUp := false
-	logDebug := device.log.Debug
-	logInfo := device.log.Info
-	logError := device.log.Error
-
-	logDebug.Println("Routine: event worker - started")
-	device.state.starting.Done()
-
-	for event := range device.tun.device.Events() {
-		if event&tun.TUNEventMTUUpdate != 0 {
-			mtu, err := device.tun.device.MTU()
-			old := atomic.LoadInt32(&device.tun.mtu)
-			if err != nil {
-				logError.Println("Failed to load updated MTU of device:", err)
-			} else if int(old) != mtu {
-				if mtu+MessageTransportSize > MaxMessageSize {
-					logInfo.Println("MTU updated:", mtu, "(too large)")
-				} else {
-					logInfo.Println("MTU updated:", mtu)
-				}
-				atomic.StoreInt32(&device.tun.mtu, int32(mtu))
-			}
-		}
-
-		if event&tun.TUNEventUp != 0 && !setUp {
-			logInfo.Println("Interface set up")
-			setUp = true
-			device.Up()
-		}
-
-		if event&tun.TUNEventDown != 0 && setUp {
-			logInfo.Println("Interface set down")
-			setUp = false
-			device.Down()
-		}
-	}
-
-	logDebug.Println("Routine: event worker - stopped")
-	device.state.stopping.Done()
-}

tun/netstack/examples/http_client.go

@@ -0,0 +1,53 @@
+// +build ignore
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package main
+
+import (
+	"io"
+	"log"
+	"net"
+	"net/http"
+
+	"golang.zx2c4.com/wireguard/device"
+	"golang.zx2c4.com/wireguard/tun/netstack"
+)
+
+func main() {
+	tun, tnet, err := netstack.CreateNetTUN(
+		[]net.IP{net.ParseIP("192.168.4.29")},
+		[]net.IP{net.ParseIP("8.8.8.8")},
+		1420)
+	if err != nil {
+		log.Panic(err)
+	}
+	dev := device.NewDevice(tun, &device.Logger{log.Default(), log.Default(), log.Default()})
+	dev.IpcSet(`private_key=a8dac1d8a70a751f0f699fb14ba1cff7b79cf4fbd8f09f44c6e6a90d0369604f
+public_key=25123c5dcd3328ff645e4f2a3fce0d754400d3887a0cb7c56f0267e20fbf3c5b
+endpoint=163.172.161.0:12912
+allowed_ip=0.0.0.0/0
+`)
+	err = dev.Up()
+	if err != nil {
+		log.Panic(err)
+	}
+
+	client := http.Client{
+		Transport: &http.Transport{
+			DialContext: tnet.DialContext,
+		},
+	}
+	resp, err := client.Get("https://www.zx2c4.com/ip")
+	if err != nil {
+		log.Panic(err)
+	}
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		log.Panic(err)
+	}
+	log.Println(string(body))
+}

tun/netstack/examples/http_server.go

@@ -0,0 +1,48 @@
+// +build ignore
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package main
+
+import (
+	"golang.zx2c4.com/wireguard/device"
+	"golang.zx2c4.com/wireguard/tun/netstack"
+	"io"
+	"log"
+	"net"
+	"net/http"
+)
+
+func main() {
+	tun, tnet, err := netstack.CreateNetTUN(
+		[]net.IP{net.ParseIP("192.168.4.29")},
+		[]net.IP{net.ParseIP("8.8.8.8"), net.ParseIP("8.8.4.4")},
+		1420,
+	)
+	if err != nil {
+		log.Panic(err)
+	}
+	dev := device.NewDevice(tun, &device.Logger{log.Default(), log.Default(), log.Default()})
+	dev.IpcSet(`private_key=a8dac1d8a70a751f0f699fb14ba1cff7b79cf4fbd8f09f44c6e6a90d0369604f
+public_key=25123c5dcd3328ff645e4f2a3fce0d754400d3887a0cb7c56f0267e20fbf3c5b
+endpoint=163.172.161.0:12912
+allowed_ip=0.0.0.0/0
+persistent_keepalive_interval=25
+    `)
+	dev.Up()
+	listener, err := tnet.ListenTCP(&net.TCPAddr{Port: 80})
+	if err != nil {
+		log.Panicln(err)
+	}
+	http.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
+		log.Printf("> %s - %s - %s", request.RemoteAddr, request.URL.String(), request.UserAgent())
+		io.WriteString(writer, "Hello from userspace TCP!")
+	})
+	err = http.Serve(listener, nil)
+	if err != nil {
+		log.Panicln(err)
+	}
+}

tun/netstack/go.mod

@@ -0,0 +1,9 @@
+module golang.zx2c4.com/wireguard/tun/netstack
+
+go 1.15
+
+require (
+	golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
+	golang.zx2c4.com/wireguard v0.0.20201118
+	gvisor.dev/gvisor v0.0.0-20210109011639-2fb7a49fea98
+)

tun/netstack/go.sum

@@ -0,0 +1,391 @@
+bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8=
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
+cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
+cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
+cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
+cloud.google.com/go v0.52.1-0.20200122224058-0482b626c726/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
+cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
+cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
+cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
+cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
+dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
+github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
+github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
+github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
+github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
+github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
+github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/Microsoft/go-winio v0.4.15-0.20200908182639-5b44b70ab3ab/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw=
+github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
+github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
+github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
+github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
+github.com/cenkalti/backoff v1.1.1-0.20190506075156-2146c9339422/go.mod h1:b6Nc7NRH5C4aCISLry0tLnTjcuTEvoiqcWDdsU0sOGM=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
+github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
+github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
+github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg=
+github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/containerd/cgroups v0.0.0-20201119153540-4cbc285b3327/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE=
+github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE=
+github.com/containerd/containerd v1.3.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
+github.com/containerd/continuity v0.0.0-20200928162600-f2cc35102c2a/go.mod h1:W0qIOTD7mp2He++YVq+kgfXezRYqzP1uDuMVH1bITDY=
+github.com/containerd/fifo v0.0.0-20191213151349-ff969a566b00/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0=
+github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g=
+github.com/containerd/ttrpc v0.0.0-20200121165050-0be804eadb15/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
+github.com/containerd/typeurl v0.0.0-20200205145503-b45ef1f1f737/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg=
+github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
+github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/docker v1.4.2-0.20191028175130-9e7d5ac5ea55/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
+github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
+github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
+github.com/dpjacques/clockwork v0.1.1-0.20200827220843-c1f524b839be/go.mod h1:D8mP2A8vVT2GkXqPorSBmhnshhkFBYgzhA90KmJt25Y=
+github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
+github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
+github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
+github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
+github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
+github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
+github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
+github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gofrs/flock v0.6.1-0.20180915234121-886344bea079/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
+github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
+github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
+github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/btree v1.0.0 h1:0udJVsspx3VBr5FwtLhQQtuAsVc79tTq0ocGIPAU6qo=
+github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.3-0.20201020212313-ab46b8bd0abd/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-github/v28 v28.1.2-0.20191108005307-e555eab49ce8/go.mod h1:g82e6OHbJ0WYrYeOrid1MMfHAtqjxBz+N74tfAt9KrQ=
+github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
+github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/subcommands v1.0.2-0.20190508160503-636abe8753b8/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk=
+github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
+github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
+github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
+github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
+github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
+github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
+github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
+github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.4-0.20190131011033-7dc38fb350b1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/mohae/deepcopy v0.0.0-20170308212314-bb9b5e7adda9/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
+github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
+github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
+github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
+github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
+github.com/opencontainers/runtime-spec v1.0.2-0.20181111125026-1722abf79c2f/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
+github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
+github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
+github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
+github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
+github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
+github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
+github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/vishvananda/netlink v1.0.1-0.20190930145447-2ec5bdc52b86/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
+github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
+go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
+go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
+golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
+golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
+golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
+golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
+golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
+golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b h1:uwuIcX0g4Yl1NC5XAz37xsr2lTtcqevgzYNVt49waME=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201117222635-ba5294a509c7 h1:s330+6z/Ko3J0o6rvOcwXe5nzs7UT9tLKHoOXYn6uE0=
+golang.org/x/sys v0.0.0-20201117222635-ba5294a509c7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
+golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20201021000207-d49c4edd7d96/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.zx2c4.com/wireguard v0.0.20201118 h1:QL8y2C7uO8T6z1GY+UX/hSeWiYEBurQkXjOTRFtCvXU=
+golang.zx2c4.com/wireguard v0.0.20201118/go.mod h1:Dz+cq5bnrai9EpgYj4GDof/+qaGzbRWbeaAOs1bUYa0=
+google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
+google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
+google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
+google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.29.0/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.25.1-0.20201020201750-d3470999428b/go.mod h1:hFxJC2f0epmp1elRCiEGJTKAWbwxZ2nvqZdHl3FQXCY=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
+gvisor.dev/gvisor v0.0.0-20210109011639-2fb7a49fea98 h1:qDiV0V69AVoFfU6AiE1UgpLUorGJrIxSM/P4tgkF8oc=
+gvisor.dev/gvisor v0.0.0-20210109011639-2fb7a49fea98/go.mod h1:5DEMKRjYDiM24fvDUWPjBpABm9ROMcv/kEcox3fHtm0=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+k8s.io/api v0.16.13/go.mod h1:QWu8UWSTiuQZMMeYjwLs6ILu5O74qKSJ0c+4vrchDxs=
+k8s.io/apimachinery v0.16.13/go.mod h1:4HMHS3mDHtVttspuuhrJ1GGr/0S9B6iWYWZ57KnnZqQ=
+k8s.io/apimachinery v0.16.14-rc.0/go.mod h1:4HMHS3mDHtVttspuuhrJ1GGr/0S9B6iWYWZ57KnnZqQ=
+k8s.io/client-go v0.16.13/go.mod h1:UKvVT4cajC2iN7DCjLgT0KVY/cbY6DGdUCyRiIfws5M=
+k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
+k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
+k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
+k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
+k8s.io/kube-openapi v0.0.0-20200410163147-594e756bea31/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
+k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
+rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
+sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
+sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=

tun/netstack/tun.go

@@ -0,0 +1,818 @@
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package netstack
+
+import (
+	"context"
+	"crypto/rand"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"strconv"
+	"strings"
+	"time"
+
+	"golang.zx2c4.com/wireguard/tun"
+
+	"golang.org/x/net/dns/dnsmessage"
+	"gvisor.dev/gvisor/pkg/tcpip"
+	"gvisor.dev/gvisor/pkg/tcpip/adapters/gonet"
+	"gvisor.dev/gvisor/pkg/tcpip/buffer"
+	"gvisor.dev/gvisor/pkg/tcpip/header"
+	"gvisor.dev/gvisor/pkg/tcpip/network/ipv4"
+	"gvisor.dev/gvisor/pkg/tcpip/network/ipv6"
+	"gvisor.dev/gvisor/pkg/tcpip/stack"
+	"gvisor.dev/gvisor/pkg/tcpip/transport/tcp"
+	"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
+)
+
+type netTun struct {
+	stack          *stack.Stack
+	dispatcher     stack.NetworkDispatcher
+	events         chan tun.Event
+	incomingPacket chan buffer.VectorisedView
+	mtu            int
+	dnsServers     []net.IP
+	hasV4, hasV6   bool
+}
+type endpoint netTun
+type Net netTun
+
+func (e *endpoint) Attach(dispatcher stack.NetworkDispatcher) {
+	e.dispatcher = dispatcher
+}
+
+func (e *endpoint) IsAttached() bool {
+	return e.dispatcher != nil
+}
+
+func (e *endpoint) MTU() uint32 {
+	mtu, err := (*netTun)(e).MTU()
+	if err != nil {
+		panic(err)
+	}
+	return uint32(mtu)
+}
+
+func (*endpoint) Capabilities() stack.LinkEndpointCapabilities {
+	return stack.CapabilityNone
+}
+
+func (*endpoint) MaxHeaderLength() uint16 {
+	return 0
+}
+
+func (*endpoint) LinkAddress() tcpip.LinkAddress {
+	return ""
+}
+
+func (*endpoint) Wait() {}
+
+func (e *endpoint) WritePacket(_ *stack.Route, _ *stack.GSO, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer) *tcpip.Error {
+	e.incomingPacket <- buffer.NewVectorisedView(pkt.Size(), pkt.Views())
+	return nil
+}
+
+func (e *endpoint) WritePackets(*stack.Route, *stack.GSO, stack.PacketBufferList, tcpip.NetworkProtocolNumber) (int, *tcpip.Error) {
+	panic("not implemented")
+}
+
+func (*endpoint) ARPHardwareType() header.ARPHardwareType {
+	return header.ARPHardwareNone
+}
+
+func (e *endpoint) AddHeader(local, remote tcpip.LinkAddress, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer) {
+}
+
+func CreateNetTUN(localAddresses []net.IP, dnsServers []net.IP, mtu int) (tun.Device, *Net, error) {
+	opts := stack.Options{
+		NetworkProtocols:   []stack.NetworkProtocolFactory{ipv4.NewProtocol, ipv6.NewProtocol},
+		TransportProtocols: []stack.TransportProtocolFactory{tcp.NewProtocol, udp.NewProtocol},
+		HandleLocal:        true,
+	}
+	dev := &netTun{
+		stack:          stack.New(opts),
+		events:         make(chan tun.Event, 10),
+		incomingPacket: make(chan buffer.VectorisedView),
+		dnsServers:     dnsServers,
+		mtu:            mtu,
+	}
+	tcpipErr := dev.stack.CreateNIC(1, (*endpoint)(dev))
+	if tcpipErr != nil {
+		return nil, nil, fmt.Errorf("CreateNIC: %v", tcpipErr)
+	}
+	for _, ip := range localAddresses {
+		if ip4 := ip.To4(); ip4 != nil {
+			tcpipErr = dev.stack.AddAddress(1, ipv4.ProtocolNumber, tcpip.Address(ip4))
+			if tcpipErr != nil {
+				return nil, nil, fmt.Errorf("AddAddress(%v): %v", ip4, tcpipErr)
+			}
+			dev.hasV4 = true
+		} else {
+			tcpipErr = dev.stack.AddAddress(1, ipv6.ProtocolNumber, tcpip.Address(ip))
+			if tcpipErr != nil {
+				return nil, nil, fmt.Errorf("AddAddress(%v): %v", ip4, tcpipErr)
+			}
+			dev.hasV6 = true
+		}
+	}
+	if dev.hasV4 {
+		dev.stack.AddRoute(tcpip.Route{Destination: header.IPv4EmptySubnet, NIC: 1})
+	}
+	if dev.hasV6 {
+		dev.stack.AddRoute(tcpip.Route{Destination: header.IPv6EmptySubnet, NIC: 1})
+	}
+
+	dev.events <- tun.EventUp
+	return dev, (*Net)(dev), nil
+}
+
+func (tun *netTun) Name() (string, error) {
+	return "go", nil
+}
+
+func (tun *netTun) File() *os.File {
+	return nil
+}
+
+func (tun *netTun) Events() chan tun.Event {
+	return tun.events
+}
+
+func (tun *netTun) Read(buf []byte, offset int) (int, error) {
+	view, ok := <-tun.incomingPacket
+	if !ok {
+		return 0, os.ErrClosed
+	}
+	return view.Read(buf[offset:])
+}
+
+func (tun *netTun) Write(buf []byte, offset int) (int, error) {
+	packet := buf[offset:]
+	if len(packet) == 0 {
+		return 0, nil
+	}
+
+	pkb := stack.NewPacketBuffer(stack.PacketBufferOptions{Data: buffer.NewVectorisedView(len(packet), []buffer.View{buffer.NewViewFromBytes(packet)})})
+	switch packet[0] >> 4 {
+	case 4:
+		tun.dispatcher.DeliverNetworkPacket("", "", ipv4.ProtocolNumber, pkb)
+	case 6:
+		tun.dispatcher.DeliverNetworkPacket("", "", ipv6.ProtocolNumber, pkb)
+	}
+
+	return len(buf), nil
+}
+
+func (tun *netTun) Flush() error {
+	return nil
+}
+
+func (tun *netTun) Close() error {
+	tun.stack.RemoveNIC(1)
+
+	if tun.events != nil {
+		close(tun.events)
+	}
+	if tun.incomingPacket != nil {
+		close(tun.incomingPacket)
+	}
+	return nil
+}
+
+func (tun *netTun) MTU() (int, error) {
+	return tun.mtu, nil
+}
+
+func convertToFullAddr(ip net.IP, port int) (tcpip.FullAddress, tcpip.NetworkProtocolNumber) {
+	if ip4 := ip.To4(); ip4 != nil {
+		return tcpip.FullAddress{
+			NIC:  1,
+			Addr: tcpip.Address(ip4),
+			Port: uint16(port),
+		}, ipv4.ProtocolNumber
+	} else {
+		return tcpip.FullAddress{
+			NIC:  1,
+			Addr: tcpip.Address(ip),
+			Port: uint16(port),
+		}, ipv6.ProtocolNumber
+	}
+}
+
+func (net *Net) DialContextTCP(ctx context.Context, addr *net.TCPAddr) (*gonet.TCPConn, error) {
+	if addr == nil {
+		panic("todo: deal with auto addr semantics for nil addr")
+	}
+	fa, pn := convertToFullAddr(addr.IP, addr.Port)
+	return gonet.DialContextTCP(ctx, net.stack, fa, pn)
+}
+
+func (net *Net) DialTCP(addr *net.TCPAddr) (*gonet.TCPConn, error) {
+	if addr == nil {
+		panic("todo: deal with auto addr semantics for nil addr")
+	}
+	fa, pn := convertToFullAddr(addr.IP, addr.Port)
+	return gonet.DialTCP(net.stack, fa, pn)
+}
+
+func (net *Net) ListenTCP(addr *net.TCPAddr) (*gonet.TCPListener, error) {
+	if addr == nil {
+		panic("todo: deal with auto addr semantics for nil addr")
+	}
+	fa, pn := convertToFullAddr(addr.IP, addr.Port)
+	return gonet.ListenTCP(net.stack, fa, pn)
+}
+
+func (net *Net) DialUDP(laddr, raddr *net.UDPAddr) (*gonet.UDPConn, error) {
+	var lfa, rfa *tcpip.FullAddress
+	var pn tcpip.NetworkProtocolNumber
+	if laddr != nil {
+		var addr tcpip.FullAddress
+		addr, pn = convertToFullAddr(laddr.IP, laddr.Port)
+		lfa = &addr
+	}
+	if raddr != nil {
+		var addr tcpip.FullAddress
+		addr, pn = convertToFullAddr(raddr.IP, raddr.Port)
+		rfa = &addr
+	}
+	return gonet.DialUDP(net.stack, lfa, rfa, pn)
+}
+
+var (
+	errNoSuchHost                   = errors.New("no such host")
+	errLameReferral                 = errors.New("lame referral")
+	errCannotUnmarshalDNSMessage    = errors.New("cannot unmarshal DNS message")
+	errCannotMarshalDNSMessage      = errors.New("cannot marshal DNS message")
+	errServerMisbehaving            = errors.New("server misbehaving")
+	errInvalidDNSResponse           = errors.New("invalid DNS response")
+	errNoAnswerFromDNSServer        = errors.New("no answer from DNS server")
+	errServerTemporarilyMisbehaving = errors.New("server misbehaving")
+	errCanceled                     = errors.New("operation was canceled")
+	errTimeout                      = errors.New("i/o timeout")
+	errNumericPort                  = errors.New("port must be numeric")
+	errNoSuitableAddress            = errors.New("no suitable address found")
+	errMissingAddress               = errors.New("missing address")
+)
+
+func (net *Net) LookupHost(host string) (addrs []string, err error) {
+	return net.LookupContextHost(context.Background(), host)
+}
+
+func isDomainName(s string) bool {
+	l := len(s)
+	if l == 0 || l > 254 || l == 254 && s[l-1] != '.' {
+		return false
+	}
+	last := byte('.')
+	nonNumeric := false
+	partlen := 0
+	for i := 0; i < len(s); i++ {
+		c := s[i]
+		switch {
+		default:
+			return false
+		case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || c == '_':
+			nonNumeric = true
+			partlen++
+		case '0' <= c && c <= '9':
+			partlen++
+		case c == '-':
+			if last == '.' {
+				return false
+			}
+			partlen++
+			nonNumeric = true
+		case c == '.':
+			if last == '.' || last == '-' {
+				return false
+			}
+			if partlen > 63 || partlen == 0 {
+				return false
+			}
+			partlen = 0
+		}
+		last = c
+	}
+	if last == '-' || partlen > 63 {
+		return false
+	}
+	return nonNumeric
+}
+
+func randU16() uint16 {
+	var b [2]byte
+	_, err := rand.Read(b[:])
+	if err != nil {
+		panic(err)
+	}
+	return binary.LittleEndian.Uint16(b[:])
+}
+
+func newRequest(q dnsmessage.Question) (id uint16, udpReq, tcpReq []byte, err error) {
+	id = randU16()
+	b := dnsmessage.NewBuilder(make([]byte, 2, 514), dnsmessage.Header{ID: id, RecursionDesired: true})
+	b.EnableCompression()
+	if err := b.StartQuestions(); err != nil {
+		return 0, nil, nil, err
+	}
+	if err := b.Question(q); err != nil {
+		return 0, nil, nil, err
+	}
+	tcpReq, err = b.Finish()
+	udpReq = tcpReq[2:]
+	l := len(tcpReq) - 2
+	tcpReq[0] = byte(l >> 8)
+	tcpReq[1] = byte(l)
+	return id, udpReq, tcpReq, err
+}
+
+func equalASCIIName(x, y dnsmessage.Name) bool {
+	if x.Length != y.Length {
+		return false
+	}
+	for i := 0; i < int(x.Length); i++ {
+		a := x.Data[i]
+		b := y.Data[i]
+		if 'A' <= a && a <= 'Z' {
+			a += 0x20
+		}
+		if 'A' <= b && b <= 'Z' {
+			b += 0x20
+		}
+		if a != b {
+			return false
+		}
+	}
+	return true
+}
+
+func checkResponse(reqID uint16, reqQues dnsmessage.Question, respHdr dnsmessage.Header, respQues dnsmessage.Question) bool {
+	if !respHdr.Response {
+		return false
+	}
+	if reqID != respHdr.ID {
+		return false
+	}
+	if reqQues.Type != respQues.Type || reqQues.Class != respQues.Class || !equalASCIIName(reqQues.Name, respQues.Name) {
+		return false
+	}
+	return true
+}
+
+func dnsPacketRoundTrip(c net.Conn, id uint16, query dnsmessage.Question, b []byte) (dnsmessage.Parser, dnsmessage.Header, error) {
+	if _, err := c.Write(b); err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, err
+	}
+	b = make([]byte, 512)
+	for {
+		n, err := c.Read(b)
+		if err != nil {
+			return dnsmessage.Parser{}, dnsmessage.Header{}, err
+		}
+		var p dnsmessage.Parser
+		h, err := p.Start(b[:n])
+		if err != nil {
+			continue
+		}
+		q, err := p.Question()
+		if err != nil || !checkResponse(id, query, h, q) {
+			continue
+		}
+		return p, h, nil
+	}
+}
+
+func dnsStreamRoundTrip(c net.Conn, id uint16, query dnsmessage.Question, b []byte) (dnsmessage.Parser, dnsmessage.Header, error) {
+	if _, err := c.Write(b); err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, err
+	}
+	b = make([]byte, 1280)
+	if _, err := io.ReadFull(c, b[:2]); err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, err
+	}
+	l := int(b[0])<<8 | int(b[1])
+	if l > len(b) {
+		b = make([]byte, l)
+	}
+	n, err := io.ReadFull(c, b[:l])
+	if err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, err
+	}
+	var p dnsmessage.Parser
+	h, err := p.Start(b[:n])
+	if err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, errCannotUnmarshalDNSMessage
+	}
+	q, err := p.Question()
+	if err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, errCannotUnmarshalDNSMessage
+	}
+	if !checkResponse(id, query, h, q) {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, errInvalidDNSResponse
+	}
+	return p, h, nil
+}
+
+func (tnet *Net) exchange(ctx context.Context, server net.IP, q dnsmessage.Question, timeout time.Duration) (dnsmessage.Parser, dnsmessage.Header, error) {
+	q.Class = dnsmessage.ClassINET
+	id, udpReq, tcpReq, err := newRequest(q)
+	if err != nil {
+		return dnsmessage.Parser{}, dnsmessage.Header{}, errCannotMarshalDNSMessage
+	}
+
+	for _, useUDP := range []bool{true, false} {
+		ctx, cancel := context.WithDeadline(ctx, time.Now().Add(timeout))
+		defer cancel()
+
+		var c net.Conn
+		var err error
+		if useUDP {
+			c, err = tnet.DialUDP(nil, &net.UDPAddr{IP: server, Port: 53})
+		} else {
+			c, err = tnet.DialContextTCP(ctx, &net.TCPAddr{IP: server, Port: 53})
+		}
+
+		if err != nil {
+			return dnsmessage.Parser{}, dnsmessage.Header{}, err
+		}
+		if d, ok := ctx.Deadline(); ok && !d.IsZero() {
+			c.SetDeadline(d)
+		}
+		var p dnsmessage.Parser
+		var h dnsmessage.Header
+		if useUDP {
+			p, h, err = dnsPacketRoundTrip(c, id, q, udpReq)
+		} else {
+			p, h, err = dnsStreamRoundTrip(c, id, q, tcpReq)
+		}
+		c.Close()
+		if err != nil {
+			if err == context.Canceled {
+				err = errCanceled
+			} else if err == context.DeadlineExceeded {
+				err = errTimeout
+			}
+			return dnsmessage.Parser{}, dnsmessage.Header{}, err
+		}
+		if err := p.SkipQuestion(); err != dnsmessage.ErrSectionDone {
+			return dnsmessage.Parser{}, dnsmessage.Header{}, errInvalidDNSResponse
+		}
+		if h.Truncated {
+			continue
+		}
+		return p, h, nil
+	}
+	return dnsmessage.Parser{}, dnsmessage.Header{}, errNoAnswerFromDNSServer
+}
+
+func checkHeader(p *dnsmessage.Parser, h dnsmessage.Header) error {
+	if h.RCode == dnsmessage.RCodeNameError {
+		return errNoSuchHost
+	}
+	_, err := p.AnswerHeader()
+	if err != nil && err != dnsmessage.ErrSectionDone {
+		return errCannotUnmarshalDNSMessage
+	}
+	if h.RCode == dnsmessage.RCodeSuccess && !h.Authoritative && !h.RecursionAvailable && err == dnsmessage.ErrSectionDone {
+		return errLameReferral
+	}
+	if h.RCode != dnsmessage.RCodeSuccess && h.RCode != dnsmessage.RCodeNameError {
+		if h.RCode == dnsmessage.RCodeServerFailure {
+			return errServerTemporarilyMisbehaving
+		}
+		return errServerMisbehaving
+	}
+	return nil
+}
+
+func skipToAnswer(p *dnsmessage.Parser, qtype dnsmessage.Type) error {
+	for {
+		h, err := p.AnswerHeader()
+		if err == dnsmessage.ErrSectionDone {
+			return errNoSuchHost
+		}
+		if err != nil {
+			return errCannotUnmarshalDNSMessage
+		}
+		if h.Type == qtype {
+			return nil
+		}
+		if err := p.SkipAnswer(); err != nil {
+			return errCannotUnmarshalDNSMessage
+		}
+	}
+}
+
+func (tnet *Net) tryOneName(ctx context.Context, name string, qtype dnsmessage.Type) (dnsmessage.Parser, string, error) {
+	var lastErr error
+
+	n, err := dnsmessage.NewName(name)
+	if err != nil {
+		return dnsmessage.Parser{}, "", errCannotMarshalDNSMessage
+	}
+	q := dnsmessage.Question{
+		Name:  n,
+		Type:  qtype,
+		Class: dnsmessage.ClassINET,
+	}
+
+	for i := 0; i < 2; i++ {
+		for _, server := range tnet.dnsServers {
+			p, h, err := tnet.exchange(ctx, server, q, time.Second*5)
+			if err != nil {
+				dnsErr := &net.DNSError{
+					Err:    err.Error(),
+					Name:   name,
+					Server: server.String(),
+				}
+				if nerr, ok := err.(net.Error); ok && nerr.Timeout() {
+					dnsErr.IsTimeout = true
+				}
+				if _, ok := err.(*net.OpError); ok {
+					dnsErr.IsTemporary = true
+				}
+				lastErr = dnsErr
+				continue
+			}
+
+			if err := checkHeader(&p, h); err != nil {
+				dnsErr := &net.DNSError{
+					Err:    err.Error(),
+					Name:   name,
+					Server: server.String(),
+				}
+				if err == errServerTemporarilyMisbehaving {
+					dnsErr.IsTemporary = true
+				}
+				if err == errNoSuchHost {
+					dnsErr.IsNotFound = true
+					return p, server.String(), dnsErr
+				}
+				lastErr = dnsErr
+				continue
+			}
+
+			err = skipToAnswer(&p, qtype)
+			if err == nil {
+				return p, server.String(), nil
+			}
+			lastErr = &net.DNSError{
+				Err:    err.Error(),
+				Name:   name,
+				Server: server.String(),
+			}
+			if err == errNoSuchHost {
+				lastErr.(*net.DNSError).IsNotFound = true
+				return p, server.String(), lastErr
+			}
+		}
+	}
+	return dnsmessage.Parser{}, "", lastErr
+}
+
+func (tnet *Net) LookupContextHost(ctx context.Context, host string) ([]string, error) {
+	if host == "" || (!tnet.hasV6 && !tnet.hasV4) {
+		return nil, &net.DNSError{Err: errNoSuchHost.Error(), Name: host, IsNotFound: true}
+	}
+	zlen := len(host)
+	if strings.IndexByte(host, ':') != -1 {
+		if zidx := strings.LastIndexByte(host, '%'); zidx != -1 {
+			zlen = zidx
+		}
+	}
+	if ip := net.ParseIP(host[:zlen]); ip != nil {
+		return []string{host[:zlen]}, nil
+	}
+
+	if !isDomainName(host) {
+		return nil, &net.DNSError{Err: errNoSuchHost.Error(), Name: host, IsNotFound: true}
+	}
+	type result struct {
+		p      dnsmessage.Parser
+		server string
+		error
+	}
+	var addrsV4, addrsV6 []net.IP
+	lanes := 0
+	if tnet.hasV4 {
+		lanes++
+	}
+	if tnet.hasV6 {
+		lanes++
+	}
+	lane := make(chan result, lanes)
+	var lastErr error
+	if tnet.hasV4 {
+		go func() {
+			p, server, err := tnet.tryOneName(ctx, host+".", dnsmessage.TypeA)
+			lane <- result{p, server, err}
+		}()
+	}
+	if tnet.hasV6 {
+		go func() {
+			p, server, err := tnet.tryOneName(ctx, host+".", dnsmessage.TypeAAAA)
+			lane <- result{p, server, err}
+		}()
+	}
+	for l := 0; l < lanes; l++ {
+		result := <-lane
+		if result.error != nil {
+			if lastErr == nil {
+				lastErr = result.error
+			}
+			continue
+		}
+
+	loop:
+		for {
+			h, err := result.p.AnswerHeader()
+			if err != nil && err != dnsmessage.ErrSectionDone {
+				lastErr = &net.DNSError{
+					Err:    errCannotMarshalDNSMessage.Error(),
+					Name:   host,
+					Server: result.server,
+				}
+			}
+			if err != nil {
+				break
+			}
+			switch h.Type {
+			case dnsmessage.TypeA:
+				a, err := result.p.AResource()
+				if err != nil {
+					lastErr = &net.DNSError{
+						Err:    errCannotMarshalDNSMessage.Error(),
+						Name:   host,
+						Server: result.server,
+					}
+					break loop
+				}
+				addrsV4 = append(addrsV4, net.IP(a.A[:]))
+
+			case dnsmessage.TypeAAAA:
+				aaaa, err := result.p.AAAAResource()
+				if err != nil {
+					lastErr = &net.DNSError{
+						Err:    errCannotMarshalDNSMessage.Error(),
+						Name:   host,
+						Server: result.server,
+					}
+					break loop
+				}
+				addrsV6 = append(addrsV6, net.IP(aaaa.AAAA[:]))
+
+			default:
+				if err := result.p.SkipAnswer(); err != nil {
+					lastErr = &net.DNSError{
+						Err:    errCannotMarshalDNSMessage.Error(),
+						Name:   host,
+						Server: result.server,
+					}
+					break loop
+				}
+				continue
+			}
+		}
+	}
+	// We don't do RFC6724. Instead just put V6 addresess first if an IPv6 address is enabled
+	var addrs []net.IP
+	if tnet.hasV6 {
+		addrs = append(addrsV6, addrsV4...)
+	} else {
+		addrs = append(addrsV4, addrsV6...)
+	}
+
+	if len(addrs) == 0 && lastErr != nil {
+		return nil, lastErr
+	}
+	saddrs := make([]string, 0, len(addrs))
+	for _, ip := range addrs {
+		saddrs = append(saddrs, ip.String())
+	}
+	return saddrs, nil
+}
+
+func partialDeadline(now, deadline time.Time, addrsRemaining int) (time.Time, error) {
+	if deadline.IsZero() {
+		return deadline, nil
+	}
+	timeRemaining := deadline.Sub(now)
+	if timeRemaining <= 0 {
+		return time.Time{}, errTimeout
+	}
+	timeout := timeRemaining / time.Duration(addrsRemaining)
+	const saneMinimum = 2 * time.Second
+	if timeout < saneMinimum {
+		if timeRemaining < saneMinimum {
+			timeout = timeRemaining
+		} else {
+			timeout = saneMinimum
+		}
+	}
+	return now.Add(timeout), nil
+}
+
+func (tnet *Net) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+	if ctx == nil {
+		panic("nil context")
+	}
+	var acceptV4, acceptV6, useUDP bool
+	if len(network) == 3 {
+		acceptV4 = true
+		acceptV6 = true
+	} else if len(network) == 4 {
+		acceptV4 = network[3] == '4'
+		acceptV6 = network[3] == '6'
+	}
+	if !acceptV4 && !acceptV6 {
+		return nil, &net.OpError{Op: "dial", Err: net.UnknownNetworkError(network)}
+	}
+	if network[:3] == "udp" {
+		useUDP = true
+	} else if network[:3] != "tcp" {
+		return nil, &net.OpError{Op: "dial", Err: net.UnknownNetworkError(network)}
+	}
+	host, sport, err := net.SplitHostPort(address)
+	if err != nil {
+		return nil, &net.OpError{Op: "dial", Err: err}
+	}
+	port, err := strconv.Atoi(sport)
+	if err != nil || port < 0 || port > 65535 {
+		return nil, &net.OpError{Op: "dial", Err: errNumericPort}
+	}
+	allAddr, err := tnet.LookupContextHost(ctx, host)
+	if err != nil {
+		return nil, &net.OpError{Op: "dial", Err: err}
+	}
+	var addrs []net.IP
+	for _, addr := range allAddr {
+		if strings.IndexByte(addr, ':') != -1 && acceptV6 {
+			addrs = append(addrs, net.ParseIP(addr))
+		} else if strings.IndexByte(addr, '.') != -1 && acceptV4 {
+			addrs = append(addrs, net.ParseIP(addr))
+		}
+	}
+	if len(addrs) == 0 && len(allAddr) != 0 {
+		return nil, &net.OpError{Op: "dial", Err: errNoSuitableAddress}
+	}
+
+	var firstErr error
+	for i, addr := range addrs {
+		select {
+		case <-ctx.Done():
+			err := ctx.Err()
+			if err == context.Canceled {
+				err = errCanceled
+			} else if err == context.DeadlineExceeded {
+				err = errTimeout
+			}
+			return nil, &net.OpError{Op: "dial", Err: err}
+		default:
+		}
+
+		dialCtx := ctx
+		if deadline, hasDeadline := ctx.Deadline(); hasDeadline {
+			partialDeadline, err := partialDeadline(time.Now(), deadline, len(addrs)-i)
+			if err != nil {
+				if firstErr == nil {
+					firstErr = &net.OpError{Op: "dial", Err: err}
+				}
+				break
+			}
+			if partialDeadline.Before(deadline) {
+				var cancel context.CancelFunc
+				dialCtx, cancel = context.WithDeadline(ctx, partialDeadline)
+				defer cancel()
+			}
+		}
+
+		var c net.Conn
+		if useUDP {
+			c, err = tnet.DialUDP(nil, &net.UDPAddr{IP: addr, Port: port})
+		} else {
+			c, err = tnet.DialContextTCP(dialCtx, &net.TCPAddr{IP: addr, Port: port})
+		}
+		if err == nil {
+			return c, nil
+		}
+		if firstErr == nil {
+			firstErr = err
+		}
+	}
+	if firstErr == nil {
+		firstErr = &net.OpError{Op: "dial", Err: errMissingAddress}
+	}
+	return nil, firstErr
+}
+
+func (tnet *Net) Dial(network, address string) (net.Conn, error) {
+	return tnet.DialContext(context.Background(), network, address)
+}

tun/operateonfd.go

@@ -0,0 +1,24 @@
+// +build !windows
+
+/* SPDX-License-Identifier: MIT
+ *
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
+ */
+
+package tun
+
+import (
+	"fmt"
+)
+
+func (tun *NativeTun) operateOnFd(fn func(fd uintptr)) {
+	sysconn, err := tun.tunFile.SyscallConn()
+	if err != nil {
+		tun.errors <- fmt.Errorf("unable to find sysconn for tunfile: %s", err.Error())
+		return
+	}
+	err = sysconn.Control(fn)
+	if err != nil {
+		tun.errors <- fmt.Errorf("unable to control sysconn for tunfile: %s", err.Error())
+	}
+}

tun/tun.go

@@ -1,27 +1,29 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package tun
 
-import "os"
-
-type TUNEvent int
-
-const (
-	TUNEventUp = 1 << iota
-	TUNEventDown
-	TUNEventMTUUpdate
+import (
+	"os"
 )
 
-type TUNDevice interface {
+type Event int
+
+const (
+	EventUp = 1 << iota
+	EventDown
+	EventMTUUpdate
+)
+
+type Device interface {
 	File() *os.File                 // returns the file descriptor of the device
 	Read([]byte, int) (int, error)  // read a packet from the device (without any additional headers)
 	Write([]byte, int) (int, error) // writes a packet to the device (without any additional headers)
+	Flush() error                   // flush all previous writes to the device
 	MTU() (int, error)              // returns the MTU of the device
 	Name() (string, error)          // fetches and returns the current name
-	Events() chan TUNEvent          // returns a constant channel of events related to the device
+	Events() chan Event             // returns a constant channel of events related to the device
 	Close() error                   // stops the device and closes the event channel
 }

tun/tun_darwin.go

@@ -1,9 +1,6 @@
-// +build !ios
-
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
- * Copyright (C) 2017-2018 Mathias N. Hall-Andersen <mathias@hall-andersen.dk>.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package tun
@@ -11,43 +8,40 @@ package tun
 import (
 	"errors"
 	"fmt"
-	"git.zx2c4.com/wireguard-go/rwcancel"
-	"golang.org/x/net/ipv6"
-	"golang.org/x/sys/unix"
 	"io/ioutil"
 	"net"
 	"os"
 	"syscall"
+	"time"
 	"unsafe"
+
+	"golang.org/x/net/ipv6"
+	"golang.org/x/sys/unix"
 )
 
 const utunControlName = "com.apple.net.utun_control"
 
-// _CTLIOCGINFO value derived from /usr/include/sys/{kern_control,ioccom}.h
-const _CTLIOCGINFO = (0x40000000 | 0x80000000) | ((100 & 0x1fff) << 16) | uint32(byte('N'))<<8 | 3
-
-// sockaddr_ctl specifeid in /usr/include/sys/kern_control.h
-type sockaddrCtl struct {
-	scLen      uint8
-	scFamily   uint8
-	ssSysaddr  uint16
-	scID       uint32
-	scUnit     uint32
-	scReserved [5]uint32
-}
-
-type nativeTun struct {
+type NativeTun struct {
 	name        string
-	fd          *os.File
-	rwcancel    *rwcancel.RWCancel
-	events      chan TUNEvent
+	tunFile     *os.File
+	events      chan Event
 	errors      chan error
 	routeSocket int
 }
 
-var sockaddrCtlSize uintptr = 32
+func retryInterfaceByIndex(index int) (iface *net.Interface, err error) {
+	for i := 0; i < 20; i++ {
+		iface, err = net.InterfaceByIndex(index)
+		if err != nil && errors.Is(err, syscall.ENOMEM) {
+			time.Sleep(time.Duration(i) * time.Second / 3)
+			continue
+		}
+		return iface, err
+	}
+	return nil, err
+}
 
-func (tun *nativeTun) routineRouteListener(tunIfindex int) {
+func (tun *NativeTun) routineRouteListener(tunIfindex int) {
 	var (
 		statusUp  bool
 		statusMTU int
@@ -79,7 +73,7 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 			continue
 		}
 
-		iface, err := net.InterfaceByIndex(ifindex)
+		iface, err := retryInterfaceByIndex(ifindex)
 		if err != nil {
 			tun.errors <- err
 			return
@@ -88,22 +82,22 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 		// Up / Down event
 		up := (iface.Flags & net.FlagUp) != 0
 		if up != statusUp && up {
-			tun.events <- TUNEventUp
+			tun.events <- EventUp
 		}
 		if up != statusUp && !up {
-			tun.events <- TUNEventDown
+			tun.events <- EventDown
 		}
 		statusUp = up
 
 		// MTU changes
 		if iface.MTU != statusMTU {
-			tun.events <- TUNEventMTUUpdate
+			tun.events <- EventMTUUpdate
 		}
 		statusMTU = iface.MTU
 	}
 }
 
-func CreateTUN(name string, mtu int) (TUNDevice, error) {
+func CreateTUN(name string, mtu int) (Device, error) {
 	ifIndex := -1
 	if name != "utun" {
 		_, err := fmt.Sscanf(name, "utun%d", &ifIndex)
@@ -118,68 +112,49 @@ func CreateTUN(name string, mtu int) (TUNDevice, error) {
 		return nil, err
 	}
 
-	var ctlInfo = &struct {
-		ctlID   uint32
-		ctlName [96]byte
-	}{}
-
-	copy(ctlInfo.ctlName[:], []byte(utunControlName))
-
-	_, _, errno := unix.Syscall(
-		unix.SYS_IOCTL,
-		uintptr(fd),
-		uintptr(_CTLIOCGINFO),
-		uintptr(unsafe.Pointer(ctlInfo)),
-	)
-
-	if errno != 0 {
-		return nil, fmt.Errorf("_CTLIOCGINFO: %v", errno)
+	ctlInfo := &unix.CtlInfo{}
+	copy(ctlInfo.Name[:], []byte(utunControlName))
+	err = unix.IoctlCtlInfo(fd, ctlInfo)
+	if err != nil {
+		return nil, fmt.Errorf("IoctlGetCtlInfo: %w", err)
 	}
 
-	sc := sockaddrCtl{
-		scLen:     uint8(sockaddrCtlSize),
-		scFamily:  unix.AF_SYSTEM,
-		ssSysaddr: 2,
-		scID:      ctlInfo.ctlID,
-		scUnit:    uint32(ifIndex) + 1,
+	sc := &unix.SockaddrCtl{
+		ID:   ctlInfo.Id,
+		Unit: uint32(ifIndex) + 1,
 	}
 
-	scPointer := unsafe.Pointer(&sc)
-
-	_, _, errno = unix.RawSyscall(
-		unix.SYS_CONNECT,
-		uintptr(fd),
-		uintptr(scPointer),
-		uintptr(sockaddrCtlSize),
-	)
-
-	if errno != 0 {
-		return nil, fmt.Errorf("SYS_CONNECT: %v", errno)
+	err = unix.Connect(fd, sc)
+	if err != nil {
+		return nil, err
 	}
 
+	err = syscall.SetNonblock(fd, true)
+	if err != nil {
+		return nil, err
+	}
 	tun, err := CreateTUNFromFile(os.NewFile(uintptr(fd), ""), mtu)
 
 	if err == nil && name == "utun" {
 		fname := os.Getenv("WG_TUN_NAME_FILE")
 		if fname != "" {
-			ioutil.WriteFile(fname, []byte(tun.(*nativeTun).name+"\n"), 0400)
+			ioutil.WriteFile(fname, []byte(tun.(*NativeTun).name+"\n"), 0400)
 		}
 	}
 
 	return tun, err
 }
 
-func CreateTUNFromFile(file *os.File, mtu int) (TUNDevice, error) {
-
-	tun := &nativeTun{
-		fd:     file,
-		events: make(chan TUNEvent, 10),
-		errors: make(chan error, 1),
+func CreateTUNFromFile(file *os.File, mtu int) (Device, error) {
+	tun := &NativeTun{
+		tunFile: file,
+		events:  make(chan Event, 10),
+		errors:  make(chan error, 5),
 	}
 
 	name, err := tun.Name()
 	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
@@ -191,71 +166,61 @@ func CreateTUNFromFile(file *os.File, mtu int) (TUNDevice, error) {
 		return iface.Index, nil
 	}()
 	if err != nil {
-		tun.fd.Close()
-		return nil, err
-	}
-
-	tun.rwcancel, err = rwcancel.NewRWCancel(int(file.Fd()))
-	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
 	tun.routeSocket, err = unix.Socket(unix.AF_ROUTE, unix.SOCK_RAW, unix.AF_UNSPEC)
 	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
 	go tun.routineRouteListener(tunIfindex)
 
+	if mtu > 0 {
 		err = tun.setMTU(mtu)
 		if err != nil {
 			tun.Close()
 			return nil, err
 		}
+	}
 
 	return tun, nil
 }
 
-func (tun *nativeTun) Name() (string, error) {
-
-	var ifName struct {
-		name [16]byte
-	}
-	ifNameSize := uintptr(16)
-
-	_, _, errno := unix.Syscall6(
-		unix.SYS_GETSOCKOPT,
-		uintptr(tun.fd.Fd()),
+func (tun *NativeTun) Name() (string, error) {
+	var err error
+	tun.operateOnFd(func(fd uintptr) {
+		tun.name, err = unix.GetsockoptString(
+			int(fd),
 			2, /* #define SYSPROTO_CONTROL 2 */
 			2, /* #define UTUN_OPT_IFNAME 2 */
-		uintptr(unsafe.Pointer(&ifName)),
-		uintptr(unsafe.Pointer(&ifNameSize)), 0)
+		)
+	})
 
-	if errno != 0 {
-		return "", fmt.Errorf("SYS_GETSOCKOPT: %v", errno)
+	if err != nil {
+		return "", fmt.Errorf("GetSockoptString: %w", err)
 	}
 
-	tun.name = string(ifName.name[:ifNameSize-1])
 	return tun.name, nil
 }
 
-func (tun *nativeTun) File() *os.File {
-	return tun.fd
+func (tun *NativeTun) File() *os.File {
+	return tun.tunFile
 }
 
-func (tun *nativeTun) Events() chan TUNEvent {
+func (tun *NativeTun) Events() chan Event {
 	return tun.events
 }
 
-func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
+func (tun *NativeTun) Read(buff []byte, offset int) (int, error) {
 	select {
 	case err := <-tun.errors:
 		return 0, err
 	default:
 		buff := buff[offset-4:]
-		n, err := tun.fd.Read(buff[:])
+		n, err := tun.tunFile.Read(buff[:])
 		if n < 4 {
 			return 0, err
 		}
@@ -263,19 +228,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 	}
 }
 
-func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
-	for {
-		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.RetryAfterError(err) {
-			return n, err
-		}
-		if !tun.rwcancel.ReadyRead() {
-			return 0, errors.New("tun device closed")
-		}
-	}
-}
-
-func (tun *nativeTun) Write(buff []byte, offset int) (int, error) {
+func (tun *NativeTun) Write(buff []byte, offset int) (int, error) {
 
 	// reserve space for header
 
@@ -295,35 +248,30 @@ func (tun *nativeTun) Write(buff []byte, offset int) (int, error) {
 
 	// write
 
-	return tun.fd.Write(buff)
+	return tun.tunFile.Write(buff)
 }
 
-func (tun *nativeTun) Close() error {
-	var err3 error
-	err1 := tun.rwcancel.Cancel()
-	err2 := tun.fd.Close()
+func (tun *NativeTun) Flush() error {
+	// TODO: can flushing be implemented by buffering and using sendmmsg?
+	return nil
+}
+
+func (tun *NativeTun) Close() error {
+	var err2 error
+	err1 := tun.tunFile.Close()
 	if tun.routeSocket != -1 {
 		unix.Shutdown(tun.routeSocket, unix.SHUT_RDWR)
-		err3 = unix.Close(tun.routeSocket)
-		tun.routeSocket = -1
+		err2 = unix.Close(tun.routeSocket)
 	} else if tun.events != nil {
 		close(tun.events)
 	}
 	if err1 != nil {
 		return err1
 	}
-	if err2 != nil {
 	return err2
 }
-	return err3
-}
-
-func (tun *nativeTun) setMTU(n int) error {
-
-	// open datagram socket
-
-	var fd int
 
+func (tun *NativeTun) setMTU(n int) error {
 	fd, err := unix.Socket(
 		unix.AF_INET,
 		unix.SOCK_DGRAM,
@@ -336,29 +284,18 @@ func (tun *nativeTun) setMTU(n int) error {
 
 	defer unix.Close(fd)
 
-	// do ioctl call
-
-	var ifr [32]byte
-	copy(ifr[:], tun.name)
-	*(*uint32)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = uint32(n)
-	_, _, errno := unix.Syscall(
-		unix.SYS_IOCTL,
-		uintptr(fd),
-		uintptr(unix.SIOCSIFMTU),
-		uintptr(unsafe.Pointer(&ifr[0])),
-	)
-
-	if errno != 0 {
-		return fmt.Errorf("failed to set MTU on %s", tun.name)
+	var ifr unix.IfreqMTU
+	copy(ifr.Name[:], tun.name)
+	ifr.MTU = int32(n)
+	err = unix.IoctlSetIfreqMTU(fd, &ifr)
+	if err != nil {
+		return fmt.Errorf("failed to set MTU on %s: %w", tun.name, err)
 	}
 
 	return nil
 }
 
-func (tun *nativeTun) MTU() (int, error) {
-
-	// open datagram socket
-
+func (tun *NativeTun) MTU() (int, error) {
 	fd, err := unix.Socket(
 		unix.AF_INET,
 		unix.SOCK_DGRAM,
@@ -371,19 +308,10 @@ func (tun *nativeTun) MTU() (int, error) {
 
 	defer unix.Close(fd)
 
-	// do ioctl call
-
-	var ifr [64]byte
-	copy(ifr[:], tun.name)
-	_, _, errno := unix.Syscall(
-		unix.SYS_IOCTL,
-		uintptr(fd),
-		uintptr(unix.SIOCGIFMTU),
-		uintptr(unsafe.Pointer(&ifr[0])),
-	)
-	if errno != 0 {
-		return 0, fmt.Errorf("failed to get MTU on %s", tun.name)
+	ifr, err := unix.IoctlGetIfreqMTU(fd, tun.name)
+	if err != nil {
+		return 0, fmt.Errorf("failed to get MTU on %s: %w", tun.name, err)
 	}
 
-	return int(*(*int32)(unsafe.Pointer(&ifr[16]))), nil
+	return int(ifr.MTU), nil
 }

tun/tun_freebsd.go

@@ -1,6 +1,6 @@
-/* SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: MIT
  *
- * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
  */
 
 package tun
@@ -9,20 +9,30 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
-	"git.zx2c4.com/wireguard-go/rwcancel"
-	"golang.org/x/net/ipv6"
-	"golang.org/x/sys/unix"
 	"net"
 	"os"
 	"syscall"
 	"unsafe"
+
+	"golang.org/x/net/ipv6"
+	"golang.org/x/sys/unix"
 )
 
 // _TUNSIFHEAD, value derived from sys/net/{if_tun,ioccom}.h
 // const _TUNSIFHEAD = ((0x80000000) | (((4) & ((1 << 13) - 1) ) << 16) | (uint32(byte('t')) << 8) | (96))
-const _TUNSIFHEAD = 0x80047460
-const _TUNSIFMODE = 0x8004745e
-const _TUNSIFPID = 0x2000745f
+const (
+	_TUNSIFHEAD = 0x80047460
+	_TUNSIFMODE = 0x8004745e
+	_TUNSIFPID  = 0x2000745f
+)
+
+// TODO: move into x/sys/unix
+const (
+	SIOCGIFINFO_IN6        = 0xc048696c
+	SIOCSIFINFO_IN6        = 0xc048696d
+	ND6_IFF_AUTO_LINKLOCAL = 0x20
+	ND6_IFF_NO_DAD         = 0x100
+)
 
 // Iface status string max len
 const _IFSTATMAX = 800
@@ -33,7 +43,7 @@ const SIZEOF_UINTPTR = 4 << (^uintptr(0) >> 32 & 1)
 type ifreq_ptr struct {
 	Name [unix.IFNAMSIZ]byte
 	Data uintptr
-	Pad0 [24 - SIZEOF_UINTPTR]byte
+	Pad0 [16 - SIZEOF_UINTPTR]byte
 }
 
 // Structure for iface mtu get/set ioctls
@@ -49,16 +59,32 @@ type ifstat struct {
 	Ascii   [_IFSTATMAX]byte
 }
 
-type nativeTun struct {
+// Structures for nd6 flag manipulation
+type in6_ndireq struct {
+	Name          [unix.IFNAMSIZ]byte
+	Linkmtu       uint32
+	Maxmtu        uint32
+	Basereachable uint32
+	Reachable     uint32
+	Retrans       uint32
+	Flags         uint32
+	Recalctm      int
+	Chlim         uint8
+	Initialized   uint8
+	Randomseed0   [8]byte
+	Randomseed1   [8]byte
+	Randomid      [8]byte
+}
+
+type NativeTun struct {
 	name        string
-	fd          *os.File
-	rwcancel    *rwcancel.RWCancel
-	events      chan TUNEvent
+	tunFile     *os.File
+	events      chan Event
 	errors      chan error
 	routeSocket int
 }
 
-func (tun *nativeTun) routineRouteListener(tunIfindex int) {
+func (tun *NativeTun) routineRouteListener(tunIfindex int) {
 	var (
 		statusUp  bool
 		statusMTU int
@@ -99,16 +125,16 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 		// Up / Down event
 		up := (iface.Flags & net.FlagUp) != 0
 		if up != statusUp && up {
-			tun.events <- TUNEventUp
+			tun.events <- EventUp
 		}
 		if up != statusUp && !up {
-			tun.events <- TUNEventDown
+			tun.events <- EventDown
 		}
 		statusUp = up
 
 		// MTU changes
 		if iface.MTU != statusMTU {
-			tun.events <- TUNEventMTUUpdate
+			tun.events <- EventMTUUpdate
 		}
 		statusMTU = iface.MTU
 	}
@@ -193,23 +219,18 @@ func tunName(fd uintptr) (string, error) {
 
 // Destroy a named system interface
 func tunDestroy(name string) error {
-	// open control socket
+	// Open control socket.
 	var fd int
-
 	fd, err := unix.Socket(
 		unix.AF_INET,
 		unix.SOCK_DGRAM,
 		0,
 	)
-
 	if err != nil {
 		return err
 	}
-
 	defer unix.Close(fd)
 
-	// do ioctl call
-
 	var ifr [32]byte
 	copy(ifr[:], name)
 	_, _, errno := unix.Syscall(
@@ -218,7 +239,6 @@ func tunDestroy(name string) error {
 		uintptr(unix.SIOCIFDESTROY),
 		uintptr(unsafe.Pointer(&ifr[0])),
 	)
-
 	if errno != 0 {
 		return fmt.Errorf("failed to destroy interface %s: %s", name, errno.Error())
 	}
@@ -226,7 +246,7 @@ func tunDestroy(name string) error {
 	return nil
 }
 
-func CreateTUN(name string, mtu int) (TUNDevice, error) {
+func CreateTUN(name string, mtu int) (Device, error) {
 	if len(name) > unix.IFNAMSIZ-1 {
 		return nil, errors.New("interface name too long")
 	}
@@ -237,55 +257,99 @@ func CreateTUN(name string, mtu int) (TUNDevice, error) {
 		return nil, fmt.Errorf("interface %s already exists", name)
 	}
 
-	tunfile, err := os.OpenFile("/dev/tun", unix.O_RDWR, 0)
-
+	tunFile, err := os.OpenFile("/dev/tun", unix.O_RDWR, 0)
 	if err != nil {
 		return nil, err
 	}
-	tunfd := tunfile.Fd()
-	assignedName, err := tunName(tunfd)
+
+	tun := NativeTun{tunFile: tunFile}
+	var assignedName string
+	tun.operateOnFd(func(fd uintptr) {
+		assignedName, err = tunName(fd)
+	})
 	if err != nil {
-		tunfile.Close()
+		tunFile.Close()
 		return nil, err
 	}
 
 	// Enable ifhead mode, otherwise tun will complain if it gets a non-AF_INET packet
 	ifheadmode := 1
-	_, _, errno := unix.Syscall(
+	var errno syscall.Errno
+	tun.operateOnFd(func(fd uintptr) {
+		_, _, errno = unix.Syscall(
 			unix.SYS_IOCTL,
-		uintptr(tunfd),
+			fd,
 			uintptr(_TUNSIFHEAD),
 			uintptr(unsafe.Pointer(&ifheadmode)),
 		)
+	})
 
 	if errno != 0 {
-		return nil, fmt.Errorf("error %s", errno.Error())
+		tunFile.Close()
+		tunDestroy(assignedName)
+		return nil, fmt.Errorf("Unable to put into IFHEAD mode: %w", errno)
 	}
 
-	// Rename tun interface
-
-	// Open control socket
+	// Open control sockets
 	confd, err := unix.Socket(
 		unix.AF_INET,
 		unix.SOCK_DGRAM,
 		0,
 	)
-
 	if err != nil {
+		tunFile.Close()
+		tunDestroy(assignedName)
 		return nil, err
 	}
-
 	defer unix.Close(confd)
+	confd6, err := unix.Socket(
+		unix.AF_INET6,
+		unix.SOCK_DGRAM,
+		0,
+	)
+	if err != nil {
+		tunFile.Close()
+		tunDestroy(assignedName)
+		return nil, err
+	}
+	defer unix.Close(confd6)
 
-	// set up struct for iface rename
+	// Disable link-local v6, not just because WireGuard doesn't do that anyway, but
+	// also because there are serious races with attaching and detaching LLv6 addresses
+	// in relation to interface lifetime within the FreeBSD kernel.
+	var ndireq in6_ndireq
+	copy(ndireq.Name[:], assignedName)
+	_, _, errno = unix.Syscall(
+		unix.SYS_IOCTL,
+		uintptr(confd6),
+		uintptr(SIOCGIFINFO_IN6),
+		uintptr(unsafe.Pointer(&ndireq)),
+	)
+	if errno != 0 {
+		tunFile.Close()
+		tunDestroy(assignedName)
+		return nil, fmt.Errorf("Unable to get nd6 flags for %s: %w", assignedName, errno)
+	}
+	ndireq.Flags = ndireq.Flags &^ ND6_IFF_AUTO_LINKLOCAL
+	ndireq.Flags = ndireq.Flags | ND6_IFF_NO_DAD
+	_, _, errno = unix.Syscall(
+		unix.SYS_IOCTL,
+		uintptr(confd6),
+		uintptr(SIOCSIFINFO_IN6),
+		uintptr(unsafe.Pointer(&ndireq)),
+	)
+	if errno != 0 {
+		tunFile.Close()
+		tunDestroy(assignedName)
+		return nil, fmt.Errorf("Unable to set nd6 flags for %s: %w", assignedName, errno)
+	}
+
+	// Rename the interface
 	var newnp [unix.IFNAMSIZ]byte
 	copy(newnp[:], name)
-
 	var ifr ifreq_ptr
 	copy(ifr.Name[:], assignedName)
 	ifr.Data = uintptr(unsafe.Pointer(&newnp[0]))
-
-	//do actual ioctl to rename iface
 	_, _, errno = unix.Syscall(
 		unix.SYS_IOCTL,
 		uintptr(confd),
@@ -293,25 +357,25 @@ func CreateTUN(name string, mtu int) (TUNDevice, error) {
 		uintptr(unsafe.Pointer(&ifr)),
 	)
 	if errno != 0 {
-		tunfile.Close()
-		tunDestroy(name)
-		return nil, fmt.Errorf("failed to rename %s to %s: %s", assignedName, name, errno.Error())
+		tunFile.Close()
+		tunDestroy(assignedName)
+		return nil, fmt.Errorf("Failed to rename %s to %s: %w", assignedName, name, errno)
 	}
 
-	return CreateTUNFromFile(tunfile, mtu)
+	return CreateTUNFromFile(tunFile, mtu)
 }
 
-func CreateTUNFromFile(file *os.File, mtu int) (TUNDevice, error) {
+func CreateTUNFromFile(file *os.File, mtu int) (Device, error) {
 
-	tun := &nativeTun{
-		fd:     file,
-		events: make(chan TUNEvent, 10),
+	tun := &NativeTun{
+		tunFile: file,
+		events:  make(chan Event, 10),
 		errors:  make(chan error, 1),
 	}
 
 	name, err := tun.Name()
 	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
@@ -323,19 +387,13 @@ func CreateTUNFromFile(file *os.File, mtu int) (TUNDevice, error) {
 		return iface.Index, nil
 	}()
 	if err != nil {
-		tun.fd.Close()
-		return nil, err
-	}
-
-	tun.rwcancel, err = rwcancel.NewRWCancel(int(file.Fd()))
-	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
 	tun.routeSocket, err = unix.Socket(unix.AF_ROUTE, unix.SOCK_RAW, unix.AF_UNSPEC)
 	if err != nil {
-		tun.fd.Close()
+		tun.tunFile.Close()
 		return nil, err
 	}
 
@@ -350,8 +408,12 @@ func CreateTUNFromFile(file *os.File, mtu int) (TUNDevice, error) {
 	return tun, nil
 }
 
-func (tun *nativeTun) Name() (string, error) {
-	name, err := tunName(tun.fd.Fd())
+func (tun *NativeTun) Name() (string, error) {
+	var name string
+	var err error
+	tun.operateOnFd(func(fd uintptr) {
+		name, err = tunName(fd)
+	})
 	if err != nil {
 		return "", err
 	}
@@ -359,21 +421,21 @@ func (tun *nativeTun) Name() (string, error) {
 	return name, nil
 }
 
-func (tun *nativeTun) File() *os.File {
-	return tun.fd
+func (tun *NativeTun) File() *os.File {
+	return tun.tunFile
 }
 
-func (tun *nativeTun) Events() chan TUNEvent {
+func (tun *NativeTun) Events() chan Event {
 	return tun.events
 }
 
-func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
+func (tun *NativeTun) Read(buff []byte, offset int) (int, error) {
 	select {
 	case err := <-tun.errors:
 		return 0, err
 	default:
 		buff := buff[offset-4:]
-		n, err := tun.fd.Read(buff[:])
+		n, err := tun.tunFile.Read(buff[:])
 		if n < 4 {
 			return 0, err
 		}
@@ -381,19 +443,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 	}
 }
 
-func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
-	for {
-		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.RetryAfterError(err) {
-			return n, err
-		}
-		if !tun.rwcancel.ReadyRead() {
-			return 0, errors.New("tun device closed")
-		}
-	}
-}
-
-func (tun *nativeTun) Write(buff []byte, offset int) (int, error) {
+func (tun *NativeTun) Write(buff []byte, offset int) (int, error) {
 
 	// reserve space for header
 
@@ -413,17 +463,21 @@ func (tun *nativeTun) Write(buff []byte, offset int) (int, error) {
 
 	// write
 
-	return tun.fd.Write(buff)
+	return tun.tunFile.Write(buff)
 }
 
-func (tun *nativeTun) Close() error {
-	var err4 error
-	err1 := tun.rwcancel.Cancel()
-	err2 := tun.fd.Close()
-	err3 := tunDestroy(tun.name)
+func (tun *NativeTun) Flush() error {
+	// TODO: can flushing be implemented by buffering and using sendmmsg?
+	return nil
+}
+
+func (tun *NativeTun) Close() error {
+	var err3 error
+	err1 := tun.tunFile.Close()
+	err2 := tunDestroy(tun.name)
 	if tun.routeSocket != -1 {
 		unix.Shutdown(tun.routeSocket, unix.SHUT_RDWR)
-		err4 = unix.Close(tun.routeSocket)
+		err3 = unix.Close(tun.routeSocket)
 		tun.routeSocket = -1
 	} else if tun.events != nil {
 		close(tun.events)
@@ -434,13 +488,10 @@ func (tun *nativeTun) Close() error {
 	if err2 != nil {
 		return err2
 	}
-	if err3 != nil {
 	return err3
 }
-	return err4
-}
 
-func (tun *nativeTun) setMTU(n int) error {
+func (tun *NativeTun) setMTU(n int) error {
 	// open datagram socket
 
 	var fd int
@@ -477,7 +528,7 @@ func (tun *nativeTun) setMTU(n int) error {
 	return nil
 }
 
-func (tun *nativeTun) MTU() (int, error) {
+func (tun *NativeTun) MTU() (int, error) {
 	// open datagram socket
 
 	fd, err := unix.Socket(