diff --git a/.github/workflows/windows-build.yml b/.github/workflows/windows-build.yml new file mode 100644 index 00000000..4390a042 --- /dev/null +++ b/.github/workflows/windows-build.yml @@ -0,0 +1,69 @@ +name: windows-wg + +on: [push] + + +jobs: + + Build-Libs-WireGuard-Windows: + name: 'Build-Libs-WireGuard-Windows' + runs-on: windows-latest + + steps: + + - name: 'Setup ccache' + uses: hendrikmuhs/ccache-action@v1.2 + + - name: 'Get sources' + uses: actions/checkout@v3 + + - name: 'Get Wireguard-Tools' + uses: actions/checkout@v3 + with: + repository: amnezia-vpn/amnezia-wg-tools + ref: master + path: windows/wireguard-tools-windows + + - name: 'Build WireGuard Tools binary' + working-directory: windows/wireguard-tools-windows + run: | + cmd /c build.cmd + mkdir build + move x64 build\x64 + move x86 build\x86 + move arm64 build\arm64 + + - name: Archive WG Windows + uses: actions/upload-artifact@v3 + with: + retention-days: 1 + name: windows-wireguard-tools + path: windows/wireguard-tools-windows/build + + github-release: + name: GitHub Release + needs: Build-Libs-WireGuard-Windows + runs-on: ubuntu-latest + if: startsWith(github.ref, 'refs/tags/') + + steps: + - name: Setup | Checkout + uses: actions/checkout@v2 + + - name: Setup | Artifacts + uses: actions/download-artifact@v2 + + - name: Setup | Checksums + run: for file in $(find ./ -name '*.exe' ); do openssl dgst -sha256 -r "$file" | awk '{print $1}' > "${file}.sha256"; done + + - name: Zip ALL + run: for file in *; do zip -r ${file%.*}.zip $file; done + + - name: Upload binaries to release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: windows-wireguard-tools.zip + tag: ${{ github.ref }} + overwrite: true + file_glob: true diff --git a/.gitignore b/.gitignore index cb0ae8d7..4f6b998c 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,8 @@ src/wg.exe *.til *.pro.user maint/ +.deps/ +*.syso +x64/ +x86/ +arm64/ \ No newline at end of file diff --git a/build.cmd b/build.cmd new file mode 100644 index 00000000..537c07f3 --- /dev/null +++ b/build.cmd @@ -0,0 +1,56 @@ +@echo off +rem SPDX-License-Identifier: MIT +rem Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved. + +setlocal enabledelayedexpansion +set BUILDDIR=%~dp0 +set PATH=%BUILDDIR%.deps\llvm-mingw\bin;%BUILDDIR%src;%PATH% +set PATHEXT=.exe +cd /d %BUILDDIR% || exit /b 1 + +if exist .deps/prepared goto :build +:installdeps + rmdir /s /q .deps 2> NUL + mkdir .deps || goto :error + cd .deps || goto :error + call :download llvm-mingw-msvcrt.zip https://download.wireguard.com/windows-toolchain/distfiles/llvm-mingw-20201020-msvcrt-x86_64.zip 2e46593245090df96d15e360e092f0b62b97e93866e0162dca7f93b16722b844 || goto :error + call :download wireguard-nt.zip https://download.wireguard.com/wireguard-nt/wireguard-nt-0.10.1.zip 772c0b1463d8d2212716f43f06f4594d880dea4f735165bd68e388fc41b81605 || goto :error + copy /y NUL prepared > NUL || goto :error + cd .. || goto :error + +:build + call :build_plat x64 x86_64 amd64 || goto :error + call :build_plat x86 i686 386 || goto :error + call :build_plat arm64 aarch64 arm64 || goto :error + +:success + echo [+] Success + exit /b 0 + +:download + echo [+] Downloading %1 + curl -#fLo %1 %2 || exit /b 1 + echo [+] Verifying %1 + for /f %%a in ('CertUtil -hashfile %1 SHA256 ^| findstr /r "^[0-9a-f]*$"') do if not "%%a"=="%~3" exit /b 1 + echo [+] Extracting %1 + tar -xf %1 %~4 || exit /b 1 + echo [+] Cleaning up %1 + del %1 || exit /b 1 + goto :eof + +:build_plat + mkdir %1 >NUL 2>&1 + echo [+] Assembling resources %1 + %~2-w64-mingw32-windres -I ".deps\wireguard-nt\bin\%~1" -DWIREGUARD_VERSION_ARRAY=0.5.3 -DWIREGUARD_VERSION_STR=0.5.3 -i src/wincompat/resources.rc -o "src/wincompat/resources_%~3.syso" -O coff -c 65001 || exit /b %errorlevel% + echo [+] Building command line tools %1 + del src\*.exe src\*.o src\wincompat\*.o src\wincompat\*.lib 2> NUL + set LDFLAGS=-s + make --no-print-directory -C src PLATFORM=windows CC=%~2-w64-mingw32-gcc WINDRES=%~2-w64-mingw32-windres V=1 RUNSTATEDIR= SYSTEMDUNITDIR= -j%NUMBER_OF_PROCESSORS% || exit /b 1 + move /Y src\wg.exe "%~1\wg.exe" > NUL || exit /b 1 + goto :eof + +:error + echo [-] Failed with error #%errorlevel%. + cmd /c exit %errorlevel% + + diff --git a/src/Makefile b/src/Makefile index 0533910b..dca6b45b 100644 --- a/src/Makefile +++ b/src/Makefile @@ -38,11 +38,12 @@ endif PLATFORM ?= $(shell uname -s | tr '[:upper:]' '[:lower:]') CFLAGS ?= -O3 + ifneq ($(wildcard uapi/$(PLATFORM)/.),) -CFLAGS += -idirafter uapi/$(PLATFORM) +CFLAGS += -I uapi/$(PLATFORM) endif CFLAGS += -std=gnu99 -D_GNU_SOURCE -CFLAGS += -Wall -Wextra +CFLAGS += -Wall -Wextra CFLAGS += -MMD -MP CFLAGS += -DRUNSTATEDIR="\"$(RUNSTATEDIR)\"" ifeq ($(DEBUG),yes) diff --git a/src/config.c b/src/config.c index 81ccb479..43b8f4a4 100644 --- a/src/config.c +++ b/src/config.c @@ -410,6 +410,43 @@ static inline bool parse_allowedips(struct wgpeer *peer, struct wgallowedip **la return false; } +static inline bool parse_uint16(uint16_t *device_value, const char *name, const char *value) { + + if (!strlen(value)) { + fprintf(stderr, "Unable to parse empty string\n"); + return false; + } + + char *end; + uint32_t ret; + ret = strtoul(value, &end, 10); + + if (*end || ret > UINT16_MAX) { + fprintf(stderr, "Unable to parse %s: `%s'\n", name, value); + exit(1); + } + *device_value = (uint16_t)ret; + return true; +} + +static inline bool parse_uint32(uint32_t *device_value, const char *name, const char *value) { + + if (!strlen(value)) { + fprintf(stderr, "Unable to parse empty string\n"); + return false; + } + + char *end; + uint64_t ret; + ret = strtoul(value, &end, 10); + if (*end || ret > UINT32_MAX) { + fprintf(stderr, "Unable to parse %s: `%s'\n", name, value); + exit(1); + } + *device_value = (uint32_t)ret; + return true; +} + static bool process_line(struct config_ctx *ctx, const char *line) { const char *value; @@ -450,6 +487,42 @@ static bool process_line(struct config_ctx *ctx, const char *line) ret = parse_key(ctx->device->private_key, value); if (ret) ctx->device->flags |= WGDEVICE_HAS_PRIVATE_KEY; + } else if (key_match("Jc")) { + ret = parse_uint16(&ctx->device->junk_packet_count, "Jc", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_JC; + } else if (key_match("Jmin")) { + ret = parse_uint16(&ctx->device->junk_packet_min_size, "Jmin", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_JMIN; + } else if (key_match("Jmax")) { + ret = parse_uint16(&ctx->device->junk_packet_max_size, "Jmax", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_JMAX; + } else if (key_match("S1")) { + ret = parse_uint16(&ctx->device->init_packet_junk_size, "S1", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_S1; + } else if (key_match("S2")) { + ret = parse_uint16(&ctx->device->response_packet_junk_size, "S2", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_S2; + } else if (key_match("H1")) { + ret = parse_uint32(&ctx->device->init_packet_magic_header, "H1", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_H1; + } else if (key_match("H2")) { + ret = parse_uint32(&ctx->device->response_packet_magic_header, "H2", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_H2; + } else if (key_match("H3")) { + ret = parse_uint32(&ctx->device->underload_packet_magic_header, "H3", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_H3; + } else if (key_match("H4")) { + ret = parse_uint32(&ctx->device->transport_packet_magic_header, "H4", value); + if (ret) + ctx->device->flags |= WGDEVICE_HAS_H4; } else goto error; } else if (ctx->is_peer_section) { @@ -523,7 +596,7 @@ bool config_read_init(struct config_ctx *ctx, bool append) return false; } if (!append) - ctx->device->flags |= WGDEVICE_REPLACE_PEERS | WGDEVICE_HAS_PRIVATE_KEY | WGDEVICE_HAS_FWMARK | WGDEVICE_HAS_LISTEN_PORT; + ctx->device->flags |= WGDEVICE_REPLACE_PEERS | WGDEVICE_HAS_PRIVATE_KEY | WGDEVICE_HAS_FWMARK; return true; } @@ -588,6 +661,69 @@ struct wgdevice *config_read_cmd(const char *argv[], int argc) device->flags |= WGDEVICE_HAS_PRIVATE_KEY; argv += 2; argc -= 2; + } else if (!strcmp(argv[0], "jc") && argc >= 2 && !peer) { + if (!parse_uint16(&device->junk_packet_count, "jc", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_JC; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "jmin") && argc >= 2 && !peer) { + if (!parse_uint16(&device->junk_packet_min_size, "jmin", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_JMIN; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "jmax") && argc >= 2 && !peer) { + if (!parse_uint16(&device->junk_packet_max_size, "jmax", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_JMAX; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "s1") && argc >= 2 && !peer) { + if (!parse_uint16(&device->init_packet_junk_size, "s1", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_S1; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "s2") && argc >= 2 && !peer) { + if (!parse_uint16(&device->response_packet_junk_size, "s2", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_S2; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "h1") && argc >= 2 && !peer) { + if (!parse_uint32(&device->init_packet_magic_header, "h1", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_H1; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "h2") && argc >= 2 && !peer) { + if (!parse_uint32(&device->response_packet_magic_header, "h2", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_H2; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "h3") && argc >= 2 && !peer) { + if (!parse_uint32(&device->underload_packet_magic_header, "h3", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_H3; + argv += 2; + argc -= 2; + } else if (!strcmp(argv[0], "h4") && argc >= 2 && !peer) { + if (!parse_uint32(&device->transport_packet_magic_header, "h4", argv[1])) + goto error; + + device->flags |= WGDEVICE_HAS_H4; + argv += 2; + argc -= 2; } else if (!strcmp(argv[0], "peer") && argc >= 2) { struct wgpeer *new_peer = calloc(1, sizeof(*new_peer)); diff --git a/src/containers.h b/src/containers.h index a82e8dde..20f87813 100644 --- a/src/containers.h +++ b/src/containers.h @@ -71,7 +71,16 @@ enum { WGDEVICE_HAS_PRIVATE_KEY = 1U << 1, WGDEVICE_HAS_PUBLIC_KEY = 1U << 2, WGDEVICE_HAS_LISTEN_PORT = 1U << 3, - WGDEVICE_HAS_FWMARK = 1U << 4 + WGDEVICE_HAS_FWMARK = 1U << 4, + WGDEVICE_HAS_JC = 1U << 5, + WGDEVICE_HAS_JMIN = 1U << 6, + WGDEVICE_HAS_JMAX = 1U << 7, + WGDEVICE_HAS_S1 = 1U << 8, + WGDEVICE_HAS_S2 = 1U << 9, + WGDEVICE_HAS_H1 = 1U << 10, + WGDEVICE_HAS_H2 = 1U << 11, + WGDEVICE_HAS_H3 = 1U << 12, + WGDEVICE_HAS_H4 = 1U << 13 }; struct wgdevice { @@ -87,6 +96,16 @@ struct wgdevice { uint16_t listen_port; struct wgpeer *first_peer, *last_peer; + + uint16_t junk_packet_count; + uint16_t junk_packet_min_size; + uint16_t junk_packet_max_size; + uint16_t init_packet_junk_size; + uint16_t response_packet_junk_size; + uint32_t init_packet_magic_header; + uint32_t response_packet_magic_header; + uint32_t underload_packet_magic_header; + uint32_t transport_packet_magic_header; }; #define for_each_wgpeer(__dev, __peer) for ((__peer) = (__dev)->first_peer; (__peer); (__peer) = (__peer)->next_peer) diff --git a/src/ipc-freebsd.h b/src/ipc-freebsd.h index fa74edda..2c4f7cc4 100644 --- a/src/ipc-freebsd.h +++ b/src/ipc-freebsd.h @@ -91,6 +91,70 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname) dev->flags |= WGDEVICE_HAS_LISTEN_PORT; } } + if (nvlist_exists_number(nvl_device, "junk_packet_count")) { + number = nvlist_get_number(nvl_device, "junk_packet_count"); + if (number <= UINT16_MAX){ + dev->junk_packet_count = number; + dev->flags |= WGDEVICE_HAS_JC; + } + } + if (nvlist_exists_number(nvl_device, "junk_packet_min_size")) { + number = nvlist_get_number(nvl_device, "junk_packet_min_size"); + if (number <= UINT16_MAX){ + dev->junk_packet_min_size = number; + dev->flags |= WGDEVICE_HAS_JMIN; + } + } + if (nvlist_exists_number(nvl_device, "junk_packet_max_size")) { + number = nvlist_get_number(nvl_device, "junk_packet_max_size"); + if (number <= UINT16_MAX){ + dev->junk_packet_max_size = number; + dev->flags |= WGDEVICE_HAS_JMAX; + } + } + if (nvlist_exists_number(nvl_device, "init_packet_junk_size")) { + number = nvlist_get_number(nvl_device, "init_packet_junk_size"); + if (number <= UINT16_MAX){ + dev->init_packet_junk_size = number; + dev->flags |= WGDEVICE_HAS_S1; + } + } + if (nvlist_exists_number(nvl_device, "response_packet_junk_size")) { + number = nvlist_get_number(nvl_device, "response_packet_junk_size"); + if (number <= UINT16_MAX){ + dev->response_packet_junk_size = number; + dev->flags |= WGDEVICE_HAS_S2; + } + } + if (nvlist_exists_number(nvl_device, "init_packet_magic_header")) { + number = nvlist_get_number(nvl_device, "init_packet_magic_header"); + if (number <= UINT32_MAX){ + dev->init_packet_magic_header = number; + dev->flags |= WGDEVICE_HAS_H1; + } + } + if (nvlist_exists_number(nvl_device, "response_packet_magic_header")) { + number = nvlist_get_number(nvl_device, "response_packet_magic_header"); + if (number <= UINT32_MAX){ + dev->response_packet_magic_header = number; + dev->flags |= WGDEVICE_HAS_H2; + } + } + if (nvlist_exists_number(nvl_device, "underload_packet_magic_header")) { + number = nvlist_get_number(nvl_device, "underload_packet_magic_header"); + if (number <= UINT32_MAX){ + dev->underload_packet_magic_header = number; + dev->flags |= WGDEVICE_HAS_H3; + } + } + if (nvlist_exists_number(nvl_device, "transport_packet_magic_header")) { + number = nvlist_get_number(nvl_device, "transport_packet_magic_header"); + if (number <= UINT32_MAX){ + dev->transport_packet_magic_header = number; + dev->flags |= WGDEVICE_HAS_H4; + } + } + if (nvlist_exists_number(nvl_device, "user-cookie")) { number = nvlist_get_number(nvl_device, "user-cookie"); if (number <= UINT32_MAX) { @@ -272,6 +336,24 @@ static int kernel_set_device(struct wgdevice *dev) nvlist_add_binary(nvl_device, "private-key", dev->private_key, sizeof(dev->private_key)); if (dev->flags & WGDEVICE_HAS_LISTEN_PORT) nvlist_add_number(nvl_device, "listen-port", dev->listen_port); + if (dev->flags & WGDEVICE_HAS_JC) + nvlist_add_number(nvl_device, "junk_packet_count", dev->junk_packet_count); + if (dev->flags & WGDEVICE_HAS_JMIN) + nvlist_add_number(nvl_device, "junk_packet_min_size", dev->junk_packet_min_size); + if (dev->flags & WGDEVICE_HAS_JMAX) + nvlist_add_number(nvl_device, "junk_packet_max_size", dev->junk_packet_max_size); + if (dev->flags & WGDEVICE_HAS_S1) + nvlist_add_number(nvl_device, "init_packet_junk_size", dev->init_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_S2) + nvlist_add_number(nvl_device, "response_packet_junk_size", dev->response_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_H1) + nvlist_add_number(nvl_device, "init_packet_magic_header", dev->init_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H2) + nvlist_add_number(nvl_device, "response_packet_magic_header", dev->response_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H3) + nvlist_add_number(nvl_device, "underload_packet_magic_header", dev->underload_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H4) + nvlist_add_number(nvl_device, "transport_packet_magic_header", dev->transport_packet_magic_header); if (dev->flags & WGDEVICE_HAS_FWMARK) nvlist_add_number(nvl_device, "user-cookie", dev->fwmark); if (dev->flags & WGDEVICE_REPLACE_PEERS) diff --git a/src/ipc-linux.h b/src/ipc-linux.h index d29c0c5d..21cf205d 100644 --- a/src/ipc-linux.h +++ b/src/ipc-linux.h @@ -163,6 +163,24 @@ static int kernel_set_device(struct wgdevice *dev) mnl_attr_put(nlh, WGDEVICE_A_PRIVATE_KEY, sizeof(dev->private_key), dev->private_key); if (dev->flags & WGDEVICE_HAS_LISTEN_PORT) mnl_attr_put_u16(nlh, WGDEVICE_A_LISTEN_PORT, dev->listen_port); + if (dev->flags & WGDEVICE_HAS_JC) + mnl_attr_put_u16(nlh, WGDEVICE_A_JC, dev->junk_packet_count); + if (dev->flags & WGDEVICE_HAS_JMIN) + mnl_attr_put_u16(nlh, WGDEVICE_A_JMIN, dev->junk_packet_min_size); + if (dev->flags & WGDEVICE_HAS_JMAX) + mnl_attr_put_u16(nlh, WGDEVICE_A_JMAX, dev->junk_packet_max_size); + if (dev->flags & WGDEVICE_HAS_S1) + mnl_attr_put_u16(nlh, WGDEVICE_A_S1, dev->init_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_S2) + mnl_attr_put_u16(nlh, WGDEVICE_A_S2, dev->response_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_H1) + mnl_attr_put_u32(nlh, WGDEVICE_A_H1, dev->init_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H2) + mnl_attr_put_u32(nlh, WGDEVICE_A_H2, dev->response_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H3) + mnl_attr_put_u32(nlh, WGDEVICE_A_H3, dev->underload_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H4) + mnl_attr_put_u32(nlh, WGDEVICE_A_H4, dev->transport_packet_magic_header); if (dev->flags & WGDEVICE_HAS_FWMARK) mnl_attr_put_u32(nlh, WGDEVICE_A_FWMARK, dev->fwmark); if (dev->flags & WGDEVICE_REPLACE_PEERS) @@ -441,6 +459,42 @@ static int parse_device(const struct nlattr *attr, void *data) break; case WGDEVICE_A_PEERS: return mnl_attr_parse_nested(attr, parse_peers, device); + case WGDEVICE_HAS_JC: + if (!mnl_attr_validate(attr, MNL_TYPE_U16)) + device->junk_packet_count = mnl_attr_get_u16(attr); + break; + case WGDEVICE_HAS_JMIN: + if (!mnl_attr_validate(attr, MNL_TYPE_U16)) + device->junk_packet_min_size = mnl_attr_get_u16(attr); + break; + case WGDEVICE_HAS_JMAX: + if (!mnl_attr_validate(attr, MNL_TYPE_U16)) + device->junk_packet_max_size = mnl_attr_get_u16(attr); + break; + case WGDEVICE_HAS_S1: + if (!mnl_attr_validate(attr, MNL_TYPE_U16)) + device->init_packet_junk_size = mnl_attr_get_u16(attr); + break; + case WGDEVICE_HAS_S2: + if (!mnl_attr_validate(attr, MNL_TYPE_U16)) + device->response_packet_junk_size = mnl_attr_get_u16(attr); + break; + case WGDEVICE_HAS_H1: + if (!mnl_attr_validate(attr, MNL_TYPE_U32)) + device->init_packet_magic_header = mnl_attr_get_u32(attr); + break; + case WGDEVICE_HAS_H2: + if (!mnl_attr_validate(attr, MNL_TYPE_U32)) + device->response_packet_magic_header = mnl_attr_get_u32(attr); + break; + case WGDEVICE_HAS_H3: + if (!mnl_attr_validate(attr, MNL_TYPE_U32)) + device->underload_packet_magic_header = mnl_attr_get_u32(attr); + break; + case WGDEVICE_HAS_H4: + if (!mnl_attr_validate(attr, MNL_TYPE_U32)) + device->transport_packet_magic_header = mnl_attr_get_u32(attr); + break; } return MNL_CB_OK; diff --git a/src/ipc-openbsd.h b/src/ipc-openbsd.h index 03fbdb5c..1b0955d9 100644 --- a/src/ipc-openbsd.h +++ b/src/ipc-openbsd.h @@ -110,6 +110,51 @@ static int kernel_get_device(struct wgdevice **device, const char *iface) dev->flags |= WGDEVICE_HAS_PRIVATE_KEY; } + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_JC) { + dev->junk_packet_count = wg_iface->i_junk_packet_count; + dev->flags |= WGDEVICE_HAS_JC; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_JMIN) { + dev->junk_packet_min_size = wg_iface->i_junk_packet_min_size; + dev->flags |= WGDEVICE_HAS_JMIN; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_JMAX) { + dev->junk_packet_max_size = wg_iface->i_junk_packet_max_size; + dev->flags |= WGDEVICE_HAS_JMAX; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_S1) { + dev->init_packet_junk_size = wg_iface->i_init_packet_junk_size; + dev->flags |= WGDEVICE_HAS_S1; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_S2) { + dev->response_packet_junk_size = wg_iface->i_response_packet_junk_size; + dev->flags |= WGDEVICE_HAS_S2; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_H1) { + dev->init_packet_magic_header = wg_iface->i_init_packet_magic_header; + dev->flags |= WGDEVICE_HAS_H1; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_H2) { + dev->response_packet_magic_header = wg_iface->i_response_packet_magic_header; + dev->flags |= WGDEVICE_HAS_H2; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_H3) { + dev->underload_packet_magic_header = wg_iface->i_underload_packet_magic_header; + dev->flags |= WGDEVICE_HAS_H3; + } + + if (wg_iface->i_flags & WG_INTERFACE_DEVICE_HAS_H4) { + dev->transport_packet_magic_header = wg_iface->i_transport_packet_magic_header; + dev->flags |= WGDEVICE_HAS_H4; + } + wg_peer = &wg_iface->i_peers[0]; for (size_t i = 0; i < wg_iface->i_peers_count; ++i) { peer = calloc(1, sizeof(*peer)); @@ -221,6 +266,52 @@ static int kernel_set_device(struct wgdevice *dev) if (dev->flags & WGDEVICE_REPLACE_PEERS) wg_iface->i_flags |= WG_INTERFACE_REPLACE_PEERS; + + if (dev->flags & WGDEVICE_HAS_JC) { + wg_iface->i_junk_packet_count = dev->junk_packet_count; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_JC; + } + + if (dev->flags & WGDEVICE_HAS_JMIN) { + wg_iface->i_junk_packet_min_size = dev->junk_packet_min_size; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_JMIN; + } + + if (dev->flags & WGDEVICE_HAS_JMAX) { + wg_iface->i_junk_packet_max_size = dev->junk_packet_max_size; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_JMAX; + } + + if (dev->flags & WGDEVICE_HAS_S1) { + wg_iface->i_init_packet_junk_size = dev->init_packet_junk_size; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_S1; + } + + if (dev->flags & WGDEVICE_HAS_S2) { + wg_iface->i_response_packet_junk_size = dev->response_packet_junk_size; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_S2; + } + + if (dev->flags & WGDEVICE_HAS_H1) { + wg_iface->i_init_packet_magic_header = dev->init_packet_magic_header; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_H1; + } + + if (dev->flags & WGDEVICE_HAS_H2) { + wg_iface->i_response_packet_magic_header = dev->response_packet_magic_header; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_H2; + } + + if (dev->flags & WGDEVICE_HAS_H3) { + wg_iface->i_underload_packet_magic_header = dev->underload_packet_magic_header; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_H3; + } + + if (dev->flags & WGDEVICE_HAS_H4) { + wg_iface->i_transport_packet_magic_header = dev->transport_packet_magic_header; + wg_iface->i_flags |= WG_INTERFACE_DEVICE_HAS_H4; + } + peer_count = 0; wg_peer = &wg_iface->i_peers[0]; for_each_wgpeer(dev, peer) { diff --git a/src/ipc-uapi.h b/src/ipc-uapi.h index f582916e..4322160c 100644 --- a/src/ipc-uapi.h +++ b/src/ipc-uapi.h @@ -51,6 +51,24 @@ static int userspace_set_device(struct wgdevice *dev) fprintf(f, "fwmark=%u\n", dev->fwmark); if (dev->flags & WGDEVICE_REPLACE_PEERS) fprintf(f, "replace_peers=true\n"); + if (dev->flags & WGDEVICE_HAS_JC) + fprintf(f, "jc=%u\n", dev->junk_packet_count); + if (dev->flags & WGDEVICE_HAS_JMIN) + fprintf(f, "jmin=%u\n", dev->junk_packet_min_size); + if (dev->flags & WGDEVICE_HAS_JMAX) + fprintf(f, "jmax=%u\n", dev->junk_packet_max_size); + if (dev->flags & WGDEVICE_HAS_S1) + fprintf(f, "s1=%u\n", dev->init_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_S2) + fprintf(f, "s2=%u\n", dev->response_packet_junk_size); + if (dev->flags & WGDEVICE_HAS_H1) + fprintf(f, "h1=%u\n", dev->init_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H2) + fprintf(f, "h2=%u\n", dev->response_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H3) + fprintf(f, "h3=%u\n", dev->underload_packet_magic_header); + if (dev->flags & WGDEVICE_HAS_H4) + fprintf(f, "h4=%u\n", dev->transport_packet_magic_header); for_each_wgpeer(dev, peer) { key_to_hex(hex, peer->public_key); @@ -183,6 +201,33 @@ static int userspace_get_device(struct wgdevice **out, const char *iface) } else if (!peer && !strcmp(key, "fwmark")) { dev->fwmark = NUM(0xffffffffU); dev->flags |= WGDEVICE_HAS_FWMARK; + } else if(!peer && !strcmp(key, "jc")) { + dev->junk_packet_count = NUM(0xffffU); + dev->flags |= WGDEVICE_HAS_JC; + } else if(!peer && !strcmp(key, "jmin")) { + dev->junk_packet_min_size = NUM(0xffffU); + dev->flags |= WGDEVICE_HAS_JMIN; + } else if(!peer && !strcmp(key, "jmax")) { + dev->junk_packet_max_size = NUM(0xffffU); + dev->flags |= WGDEVICE_HAS_JMAX; + } else if(!peer && !strcmp(key, "s1")) { + dev->init_packet_junk_size = NUM(0xffffU); + dev->flags |= WGDEVICE_HAS_S1; + } else if(!peer && !strcmp(key, "s2")) { + dev->response_packet_junk_size = NUM(0xffffU); + dev->flags |= WGDEVICE_HAS_S2; + } else if(!peer && !strcmp(key, "h1")) { + dev->init_packet_magic_header = NUM(0xffffffffU); + dev->flags |= WGDEVICE_HAS_H1; + } else if(!peer && !strcmp(key, "h2")) { + dev->response_packet_magic_header = NUM(0xffffffffU); + dev->flags |= WGDEVICE_HAS_H2; + } else if(!peer && !strcmp(key, "h3")) { + dev->underload_packet_magic_header = NUM(0xffffffffU); + dev->flags |= WGDEVICE_HAS_H3; + } else if(!peer && !strcmp(key, "h4")) { + dev->transport_packet_magic_header = NUM(0xffffffffU); + dev->flags |= WGDEVICE_HAS_H4; } else if (!strcmp(key, "public_key")) { struct wgpeer *new_peer = calloc(1, sizeof(*new_peer)); diff --git a/src/ipc-windows.h b/src/ipc-windows.h index d237fc9d..7925cf07 100644 --- a/src/ipc-windows.h +++ b/src/ipc-windows.h @@ -263,6 +263,43 @@ static int kernel_get_device(struct wgdevice **device, const char *iface) dev->flags |= WGDEVICE_HAS_PRIVATE_KEY; } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_JC) { + dev->junk_packet_count = wg_iface->JunkPacketCount; + dev->flags |= WGDEVICE_HAS_JC; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_JMIN) { + dev->junk_packet_min_size = wg_iface->JunkPacketMinSize; + dev->flags |= WGDEVICE_HAS_JMIN; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_JMAX) { + dev->junk_packet_max_size = wg_iface->JunkPacketMaxSize; + dev->flags |= WGDEVICE_HAS_JMAX; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_S1) { + dev->init_packet_junk_size = wg_iface->InitPacketJunkSize; + dev->flags |= WGDEVICE_HAS_S1; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_S2) { + dev->response_packet_junk_size = wg_iface->ResponsePacketJunkSize; + dev->flags |= WGDEVICE_HAS_S2; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_H1) { + dev->init_packet_magic_header = wg_iface->InitPacketMagicHeader; + dev->flags |= WGDEVICE_HAS_H1; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_H2) { + dev->response_packet_magic_header = wg_iface->ResponsePacketMagicHeader; + dev->flags |= WGDEVICE_HAS_H2; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_H3) { + dev->underload_packet_magic_header = wg_iface->UnderloadPacketMagicHeader; + dev->flags |= WGDEVICE_HAS_H3; + } + if (wg_iface->Flags & WG_IOCTL_INTERFACE_H4) { + dev->transport_packet_magic_header = wg_iface->TransportPacketMagicHeader; + dev->flags |= WGDEVICE_HAS_H4; + } + wg_peer = buf + sizeof(WG_IOCTL_INTERFACE); for (ULONG i = 0; i < wg_iface->PeersCount; ++i) { peer = calloc(1, sizeof(*peer)); @@ -385,6 +422,51 @@ static int kernel_set_device(struct wgdevice *dev) if (dev->flags & WGDEVICE_REPLACE_PEERS) wg_iface->Flags |= WG_IOCTL_INTERFACE_REPLACE_PEERS; + if (dev->flags & WGDEVICE_HAS_JC) { + wg_iface->JunkPacketCount = dev->junk_packet_count; + wg_iface->Flags |= WG_IOCTL_INTERFACE_JC; + } + + if (dev->flags & WGDEVICE_HAS_JMIN) { + wg_iface->JunkPacketMinSize = dev->junk_packet_min_size; + wg_iface->Flags |= WG_IOCTL_INTERFACE_JMIN; + } + + if (dev->flags & WGDEVICE_HAS_JMAX) { + wg_iface->JunkPacketMaxSize = dev->junk_packet_max_size; + wg_iface->Flags |= WG_IOCTL_INTERFACE_JMAX; + } + + if (dev->flags & WGDEVICE_HAS_S1) { + wg_iface->InitPacketJunkSize = dev->init_packet_junk_size; + wg_iface->Flags |= WG_IOCTL_INTERFACE_S1; + } + + if (dev->flags & WGDEVICE_HAS_S2) { + wg_iface->ResponsePacketJunkSize = dev->response_packet_junk_size; + wg_iface->Flags |= WG_IOCTL_INTERFACE_S2; + } + + if (dev->flags & WGDEVICE_HAS_H1) { + wg_iface->InitPacketMagicHeader = dev->init_packet_magic_header; + wg_iface->Flags |= WG_IOCTL_INTERFACE_H1; + } + + if (dev->flags & WGDEVICE_HAS_H2) { + wg_iface->ResponsePacketMagicHeader = dev->response_packet_magic_header; + wg_iface->Flags |= WG_IOCTL_INTERFACE_H2; + } + + if (dev->flags & WGDEVICE_HAS_H3) { + wg_iface->UnderloadPacketMagicHeader = dev->underload_packet_magic_header; + wg_iface->Flags |= WG_IOCTL_INTERFACE_H3; + } + + if (dev->flags & WGDEVICE_HAS_H4) { + wg_iface->TransportPacketMagicHeader = dev->transport_packet_magic_header; + wg_iface->Flags |= WG_IOCTL_INTERFACE_H4; + } + peer_count = 0; wg_peer = (void *)wg_iface + sizeof(WG_IOCTL_INTERFACE); for_each_wgpeer(dev, peer) { diff --git a/src/show.c b/src/show.c index 13777cf0..001ca1d2 100644 --- a/src/show.c +++ b/src/show.c @@ -220,6 +220,24 @@ static void pretty_print(struct wgdevice *device) terminal_printf(" " TERMINAL_BOLD "listening port" TERMINAL_RESET ": %u\n", device->listen_port); if (device->fwmark) terminal_printf(" " TERMINAL_BOLD "fwmark" TERMINAL_RESET ": 0x%x\n", device->fwmark); + if (device->junk_packet_count) + terminal_printf(" " TERMINAL_BOLD "jc" TERMINAL_RESET ": %u\n", device->junk_packet_count); + if (device->junk_packet_min_size) + terminal_printf(" " TERMINAL_BOLD "jmin" TERMINAL_RESET ": %u\n", device->junk_packet_min_size); + if (device->junk_packet_max_size) + terminal_printf(" " TERMINAL_BOLD "jmax" TERMINAL_RESET ": %u\n", device->junk_packet_max_size); + if (device->init_packet_junk_size) + terminal_printf(" " TERMINAL_BOLD "s1" TERMINAL_RESET ": %u\n", device->init_packet_junk_size); + if (device->response_packet_junk_size) + terminal_printf(" " TERMINAL_BOLD "s2" TERMINAL_RESET ": %u\n", device->response_packet_junk_size); + if (device->init_packet_magic_header) + terminal_printf(" " TERMINAL_BOLD "h1" TERMINAL_RESET ": %u\n", device->init_packet_magic_header); + if (device->response_packet_magic_header) + terminal_printf(" " TERMINAL_BOLD "h2" TERMINAL_RESET ": %u\n", device->response_packet_magic_header); + if (device->underload_packet_magic_header) + terminal_printf(" " TERMINAL_BOLD "h3" TERMINAL_RESET ": %u\n", device->underload_packet_magic_header); + if (device->transport_packet_magic_header) + terminal_printf(" " TERMINAL_BOLD "h4" TERMINAL_RESET ": %u\n", device->transport_packet_magic_header); if (device->first_peer) { sort_peers(device); terminal_printf("\n"); @@ -260,6 +278,15 @@ static void dump_print(struct wgdevice *device, bool with_interface) printf("%s\t", maybe_key(device->private_key, device->flags & WGDEVICE_HAS_PRIVATE_KEY)); printf("%s\t", maybe_key(device->public_key, device->flags & WGDEVICE_HAS_PUBLIC_KEY)); printf("%u\t", device->listen_port); + printf("%u\t", device->junk_packet_count); + printf("%u\t", device->junk_packet_min_size); + printf("%u\t", device->junk_packet_max_size); + printf("%u\t", device->init_packet_junk_size); + printf("%u\t", device->response_packet_junk_size); + printf("%u\t", device->init_packet_magic_header); + printf("%u\t", device->response_packet_magic_header); + printf("%u\t", device->underload_packet_magic_header); + printf("%u\t", device->transport_packet_magic_header); if (device->fwmark) printf("0x%x\n", device->fwmark); else @@ -311,7 +338,43 @@ static bool ugly_print(struct wgdevice *device, const char *param, bool with_int printf("0x%x\n", device->fwmark); else printf("off\n"); - } else if (!strcmp(param, "endpoints")) { + } else if(!strcmp(param, "jc")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->junk_packet_count); + } else if(!strcmp(param, "jmin")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->junk_packet_min_size); + } else if(!strcmp(param, "jmax")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->junk_packet_max_size); + } else if(!strcmp(param, "s1")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->init_packet_junk_size); + } else if(!strcmp(param, "s2")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->response_packet_junk_size); + } else if(!strcmp(param, "h1")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->init_packet_magic_header); + } else if(!strcmp(param, "h2")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->response_packet_magic_header); + } else if(!strcmp(param, "h3")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->underload_packet_magic_header); + } else if(!strcmp(param, "h4")) { + if (with_interface) + printf("%s\t", device->name); + printf("%u\n", device->transport_packet_magic_header); + } else if (!strcmp(param, "endpoints")) { for_each_wgpeer(device, peer) { if (with_interface) printf("%s\t", device->name); diff --git a/src/showconf.c b/src/showconf.c index 62070dc2..a66b6eb3 100644 --- a/src/showconf.c +++ b/src/showconf.c @@ -46,6 +46,25 @@ int showconf_main(int argc, const char *argv[]) key_to_base64(base64, device->private_key); printf("PrivateKey = %s\n", base64); } + if (device->flags & WGDEVICE_HAS_JC) + printf("Jc = %u\n", device->junk_packet_count); + if (device->flags & WGDEVICE_HAS_JMIN) + printf("Jmin = %u\n", device->junk_packet_min_size); + if (device->flags & WGDEVICE_HAS_JMAX) + printf("Jmax = %u\n", device->junk_packet_max_size); + if (device->flags & WGDEVICE_HAS_S1) + printf("S1 = %u\n", device->init_packet_junk_size); + if (device->flags & WGDEVICE_HAS_S2) + printf("S2 = %u\n", device->response_packet_junk_size); + if (device->flags & WGDEVICE_HAS_H1) + printf("H1 = %u\n", device->init_packet_magic_header); + if (device->flags & WGDEVICE_HAS_H2) + printf("H2 = %u\n", device->response_packet_magic_header); + if (device->flags & WGDEVICE_HAS_H3) + printf("H3 = %u\n", device->underload_packet_magic_header); + if (device->flags & WGDEVICE_HAS_H4) + printf("H4 = %u\n", device->transport_packet_magic_header); + printf("\n"); for_each_wgpeer(device, peer) { key_to_base64(base64, peer->public_key); diff --git a/src/uapi/linux/linux/wireguard.h b/src/uapi/linux/linux/wireguard.h index 0efd52c3..33d9d660 100644 --- a/src/uapi/linux/linux/wireguard.h +++ b/src/uapi/linux/linux/wireguard.h @@ -157,6 +157,15 @@ enum wgdevice_attribute { WGDEVICE_A_LISTEN_PORT, WGDEVICE_A_FWMARK, WGDEVICE_A_PEERS, + WGDEVICE_A_JC, + WGDEVICE_A_JMIN, + WGDEVICE_A_JMAX, + WGDEVICE_A_S1, + WGDEVICE_A_S2, + WGDEVICE_A_H1, + WGDEVICE_A_H2, + WGDEVICE_A_H3, + WGDEVICE_A_H4, __WGDEVICE_A_LAST }; #define WGDEVICE_A_MAX (__WGDEVICE_A_LAST - 1) diff --git a/src/uapi/openbsd/net/if_wg.h b/src/uapi/openbsd/net/if_wg.h index bd33a889..f768a329 100644 --- a/src/uapi/openbsd/net/if_wg.h +++ b/src/uapi/openbsd/net/if_wg.h @@ -29,19 +29,19 @@ #define a_ipv6 a_addr.addr_ipv6 struct wg_aip_io { - sa_family_t a_af; - int a_cidr; - union wg_aip_addr { - struct in_addr addr_ipv4; - struct in6_addr addr_ipv6; - } a_addr; + sa_family_t a_af; + int a_cidr; + union wg_aip_addr { + struct in_addr addr_ipv4; + struct in6_addr addr_ipv6; + } a_addr; }; #define WG_PEER_HAS_PUBLIC (1 << 0) #define WG_PEER_HAS_PSK (1 << 1) #define WG_PEER_HAS_PKA (1 << 2) -#define WG_PEER_HAS_ENDPOINT (1 << 3) -#define WG_PEER_REPLACE_AIPS (1 << 4) +#define WG_PEER_HAS_ENDPOINT (1 << 3) +#define WG_PEER_REPLACE_AIPS (1 << 4) #define WG_PEER_REMOVE (1 << 5) #define WG_PEER_UPDATE (1 << 6) @@ -50,43 +50,62 @@ struct wg_aip_io { #define p_sin6 p_endpoint.sa_sin6 struct wg_peer_io { - int p_flags; - int p_protocol_version; - uint8_t p_public[WG_KEY_LEN]; - uint8_t p_psk[WG_KEY_LEN]; - uint16_t p_pka; - union wg_peer_endpoint { - struct sockaddr sa_sa; - struct sockaddr_in sa_sin; - struct sockaddr_in6 sa_sin6; - } p_endpoint; - uint64_t p_txbytes; - uint64_t p_rxbytes; - struct timespec p_last_handshake; /* nanotime */ - size_t p_aips_count; - struct wg_aip_io p_aips[]; + int p_flags; + int p_protocol_version; + uint8_t p_public[WG_KEY_LEN]; + uint8_t p_psk[WG_KEY_LEN]; + uint16_t p_pka; + union wg_peer_endpoint { + struct sockaddr sa_sa; + struct sockaddr_in sa_sin; + struct sockaddr_in6 sa_sin6; + } p_endpoint; + uint64_t p_txbytes; + uint64_t p_rxbytes; + struct timespec p_last_handshake; /* nanotime */ + size_t p_aips_count; + struct wg_aip_io p_aips[]; }; -#define WG_INTERFACE_HAS_PUBLIC (1 << 0) -#define WG_INTERFACE_HAS_PRIVATE (1 << 1) -#define WG_INTERFACE_HAS_PORT (1 << 2) -#define WG_INTERFACE_HAS_RTABLE (1 << 3) -#define WG_INTERFACE_REPLACE_PEERS (1 << 4) +#define WG_INTERFACE_HAS_PUBLIC (1 << 0) +#define WG_INTERFACE_HAS_PRIVATE (1 << 1) +#define WG_INTERFACE_HAS_PORT (1 << 2) +#define WG_INTERFACE_HAS_RTABLE (1 << 3) +#define WG_INTERFACE_REPLACE_PEERS (1 << 4) +#define WG_INTERFACE_DEVICE_HAS_JC (1 << 5) +#define WG_INTERFACE_DEVICE_HAS_JMIN (1 << 6) +#define WG_INTERFACE_DEVICE_HAS_JMAX (1 << 7) +#define WG_INTERFACE_DEVICE_HAS_S1 (1 << 8) +#define WG_INTERFACE_DEVICE_HAS_S2 (1 << 9) +#define WG_INTERFACE_DEVICE_HAS_H1 (1 << 10) +#define WG_INTERFACE_DEVICE_HAS_H2 (1 << 11) +#define WG_INTERFACE_DEVICE_HAS_H3 (1 << 12) +#define WG_INTERFACE_DEVICE_HAS_H4 (1 << 13) struct wg_interface_io { - uint8_t i_flags; - in_port_t i_port; - int i_rtable; - uint8_t i_public[WG_KEY_LEN]; - uint8_t i_private[WG_KEY_LEN]; - size_t i_peers_count; - struct wg_peer_io i_peers[]; + uint16_t i_flags; + in_port_t i_port; + int i_rtable; + uint8_t i_public[WG_KEY_LEN]; + uint8_t i_private[WG_KEY_LEN]; + size_t i_peers_count; + struct wg_peer_io i_peers[]; + + uint16_t i_junk_packet_count; + uint16_t i_junk_packet_min_size; + uint16_t i_junk_packet_max_size; + uint16_t i_init_packet_junk_size; + uint16_t i_response_packet_junk_size; + uint32_t i_init_packet_magic_header; + uint32_t i_response_packet_magic_header; + uint32_t i_underload_packet_magic_header; + uint32_t i_transport_packet_magic_header; }; struct wg_data_io { - char wgd_name[IFNAMSIZ]; - size_t wgd_size; /* total size of the memory pointed to by wgd_interface */ - struct wg_interface_io *wgd_interface; + char wgd_name[IFNAMSIZ]; + size_t wgd_size; /* total size of the memory pointed to by wgd_interface */ + struct wg_interface_io *wgd_interface; }; #endif /* __IF_WG_H__ */ diff --git a/src/uapi/windows/wireguard.h b/src/uapi/windows/wireguard.h index 5c5938e1..917d7859 100644 --- a/src/uapi/windows/wireguard.h +++ b/src/uapi/windows/wireguard.h @@ -56,7 +56,17 @@ typedef enum WG_IOCTL_INTERFACE_HAS_PUBLIC_KEY = 1 << 0, WG_IOCTL_INTERFACE_HAS_PRIVATE_KEY = 1 << 1, WG_IOCTL_INTERFACE_HAS_LISTEN_PORT = 1 << 2, - WG_IOCTL_INTERFACE_REPLACE_PEERS = 1 << 3 + WG_IOCTL_INTERFACE_REPLACE_PEERS = 1 << 3, + WG_IOCTL_INTERFACE_PEERS = 1 << 4, + WG_IOCTL_INTERFACE_JC = 1 << 5, + WG_IOCTL_INTERFACE_JMIN = 1 << 6, + WG_IOCTL_INTERFACE_JMAX = 1 << 7, + WG_IOCTL_INTERFACE_S1 = 1 << 8, + WG_IOCTL_INTERFACE_S2 = 1 << 9, + WG_IOCTL_INTERFACE_H1 = 1 << 10, + WG_IOCTL_INTERFACE_H2 = 1 << 11, + WG_IOCTL_INTERFACE_H3 = 1 << 12, + WG_IOCTL_INTERFACE_H4 = 1 << 13 } WG_IOCTL_INTERFACE_FLAG; typedef struct _WG_IOCTL_INTERFACE @@ -66,6 +76,15 @@ typedef struct _WG_IOCTL_INTERFACE UCHAR PrivateKey[WG_KEY_LEN]; UCHAR PublicKey[WG_KEY_LEN]; ULONG PeersCount; + USHORT JunkPacketCount; + USHORT JunkPacketMinSize; + USHORT JunkPacketMaxSize; + USHORT InitPacketJunkSize; + USHORT ResponsePacketJunkSize; + ULONG InitPacketMagicHeader; + ULONG ResponsePacketMagicHeader; + ULONG UnderloadPacketMagicHeader; + ULONG TransportPacketMagicHeader; } __attribute__((aligned(8))) WG_IOCTL_INTERFACE; #define WG_IOCTL_GET CTL_CODE(45208U, 321, METHOD_OUT_DIRECT, FILE_READ_DATA | FILE_WRITE_DATA)