Make the interface metric configurable #4
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Simon Rozman <[email protected]>
Signed-off-by: Odd Stranne <[email protected]>
This helps fix startup races without needing to poll, as well as reconfiguring interfaces after wintun destroys and re-adds. It also deals gracefully with IPv6 being disabled.
We'll need some changes for the recent translation work.
Otherwise we wind up in \Windows\System32 in the import dialog's default directory. Reported-by: Kai Haberzettl <[email protected]>
Revise the messages to make them localizable. Note: The log messages are not marked for localization. Probably, we want to keep log files in English for easier global troubleshooting. Having a user run `go generate` requires a valid and up-to-date Go environment. Rather than instructing users how to setup the environment correctly, the `go generate` was integrated into build.bat. This reuses the Go building environment downloaded and prepared by build.bat to provide controllable and consistent result. Use `make generate` on Linux. As the zgotext.go output varies for GOARCH=386 and amd64, one had to be chosen to provide stable output. The former is the first one to build in build.bat. Signed-off-by: Simon Rozman <[email protected]>
Signed-off-by: Simon Rozman <[email protected]>
Signed-off-by: Simon Rozman <[email protected]>
Signed-off-by: Eiji Tanioka <[email protected]>
Signed-off-by: Eiji Tanioka <[email protected]>
Signed-off-by: Simon Rozman <[email protected]>
In Japanese, "1分、5秒 前" is a little strange. It should be "1分 5秒 前". After consulting Slovenian linguist, I've learned the same applies to Slovenian as well. Reported-by: Eiji Tanioka <[email protected]> Signed-off-by: Simon Rozman <[email protected]>
I grepped source tree and found that 'EnumerationSeparator' is used
for multiple IP addresses separation. In these situation, comma is
better than "、" in Japanese.
("、" is used for Japanese sentence separator, but separation by comma
is more preferable to enumerate ASCII values.)
Signed-off-by: Eiji Tanioka <[email protected]>
Signed-off-by: Simon Rozman <[email protected]>
Translated-by: Taja Gorjan <[email protected]> Signed-off-by: Simon Rozman <[email protected]>
Adds Config option in [Interface] section Metric = <uint32>
Is this parameter supported by the current version? |
RomikB
referenced
this pull request
in RomikB/amneziawg-windows-client-old
May 7, 2024
Unsafe rebranding
zx2c4-bot
pushed a commit
that referenced
this pull request
Mar 19, 2025
The most recent versions that compile with Go 1.20 were picked. The govulncheck report follows with my ">" comments inline. C:\Users\Simon\Projekti\wireguard-windows>govulncheck -show verbose ./... Fetching vulnerabilities from the database... Checking the code against the vulnerabilities... The package pattern matched the following 19 root packages: golang.zx2c4.com/wireguard/windows/conf/dpapi golang.zx2c4.com/wireguard/windows/tunnel/winipcfg golang.zx2c4.com/wireguard/windows/driver golang.zx2c4.com/wireguard/windows/l18n golang.zx2c4.com/wireguard/windows/version golang.zx2c4.com/wireguard/windows/services golang.zx2c4.com/wireguard/windows/conf golang.zx2c4.com/wireguard/windows/elevate golang.zx2c4.com/wireguard/windows/ringlogger golang.zx2c4.com/wireguard/windows/updater/winhttp golang.zx2c4.com/wireguard/windows/updater golang.zx2c4.com/wireguard/windows/manager golang.zx2c4.com/wireguard/windows/tunnel/firewall golang.zx2c4.com/wireguard/windows/tunnel golang.zx2c4.com/wireguard/windows/ui/syntax golang.zx2c4.com/wireguard/windows/ui golang.zx2c4.com/wireguard/windows golang.zx2c4.com/wireguard/windows/driver/memmod golang.zx2c4.com/wireguard/windows/embeddable-dll-service Govulncheck scanned the following 4 modules and the go1.20.14 standard library: golang.zx2c4.com/wireguard/windows golang.org/x/[email protected] golang.org/x/[email protected] golang.org/x/[email protected] === Symbol Results === Vulnerability #1: GO-2024-3106 Stack exhaustion in Decoder.Decode in encoding/gob More info: https://pkg.go.dev/vuln/GO-2024-3106 Standard library Found in: encoding/[email protected] Fixed in: encoding/[email protected] Example traces found: #1: manager/ipc_client.go:420:25: manager.IPCClientUpdateState calls gob.Decoder.Decode > The most complex struct, our IPC is passing around, is conf.Config. It does not contain deeply nested structures, so we should be fine. The config may be huge, but it is not deep. Vulnerability #2: GO-2024-2888 Mishandling of corrupt central directory record in archive/zip More info: https://pkg.go.dev/vuln/GO-2024-2888 Standard library Found in: archive/[email protected] Fixed in: archive/[email protected] Example traces found: #1: ui/tunnelspage.go:309:29: ui.importFiles calls zip.OpenReader > Securing Zip config file exchange is beyond WireGuard scope. === Package Results === Vulnerability #1: GO-2025-3447 Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec More info: https://pkg.go.dev/vuln/GO-2025-3447 Standard library Found in: crypto/internal/[email protected] Fixed in: crypto/internal/[email protected] Platforms: ppc64le > There are no Windows on ppc64le platform we'd support. Vulnerability #2: GO-2024-2887 Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip More info: https://pkg.go.dev/vuln/GO-2024-2887 Standard library Found in: net/[email protected] Fixed in: net/[email protected] > Not using any of the affected net/netip functions. === Module Results === Vulnerability #1: GO-2025-3487 Potential denial of service in golang.org/x/crypto More info: https://pkg.go.dev/vuln/GO-2025-3487 Module: golang.org/x/crypto Found in: golang.org/x/[email protected] Fixed in: golang.org/x/[email protected] Vulnerability #2: GO-2025-3420 Sensitive headers incorrectly sent after cross-domain redirect in net/http More info: https://pkg.go.dev/vuln/GO-2025-3420 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #3: GO-2025-3373 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2025-3373 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #4: GO-2024-3107 Stack exhaustion in Parse in go/build/constraint More info: https://pkg.go.dev/vuln/GO-2024-3107 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #5: GO-2024-3105 Stack exhaustion in all Parse functions in go/parser More info: https://pkg.go.dev/vuln/GO-2024-3105 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #6: GO-2024-2963 Denial of service due to improper 100-continue handling in net/http More info: https://pkg.go.dev/vuln/GO-2024-2963 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #7: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #8: GO-2024-2610 Errors returned from JSON marshaling may break template escaping in html/template More info: https://pkg.go.dev/vuln/GO-2024-2610 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #9: GO-2024-2609 Comments in display names are incorrectly handled in net/mail More info: https://pkg.go.dev/vuln/GO-2024-2609 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #10: GO-2024-2600 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http More info: https://pkg.go.dev/vuln/GO-2024-2600 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #11: GO-2024-2599 Memory exhaustion in multipart form parsing in net/textproto and net/http More info: https://pkg.go.dev/vuln/GO-2024-2599 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #12: GO-2024-2598 Verify panics on certificates with an unknown public key algorithm in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2024-2598 Standard library Found in: [email protected] Fixed in: [email protected] Your code is affected by 2 vulnerabilities from the Go standard library. This scan also found 2 vulnerabilities in packages you import and 12 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Signed-off-by: Simon Rozman <[email protected]>
zx2c4-bot
pushed a commit
that referenced
this pull request
Mar 19, 2025
The most recent versions that compile with Go 1.20 were picked. The govulncheck report follows with my ">" comments inline. C:\Users\Simon\Projekti\wireguard-windows>govulncheck -show verbose ./... Fetching vulnerabilities from the database... Checking the code against the vulnerabilities... The package pattern matched the following 19 root packages: golang.zx2c4.com/wireguard/windows/conf/dpapi golang.zx2c4.com/wireguard/windows/tunnel/winipcfg golang.zx2c4.com/wireguard/windows/driver golang.zx2c4.com/wireguard/windows/l18n golang.zx2c4.com/wireguard/windows/version golang.zx2c4.com/wireguard/windows/services golang.zx2c4.com/wireguard/windows/conf golang.zx2c4.com/wireguard/windows/elevate golang.zx2c4.com/wireguard/windows/ringlogger golang.zx2c4.com/wireguard/windows/updater/winhttp golang.zx2c4.com/wireguard/windows/updater golang.zx2c4.com/wireguard/windows/manager golang.zx2c4.com/wireguard/windows/tunnel/firewall golang.zx2c4.com/wireguard/windows/tunnel golang.zx2c4.com/wireguard/windows/ui/syntax golang.zx2c4.com/wireguard/windows/ui golang.zx2c4.com/wireguard/windows golang.zx2c4.com/wireguard/windows/driver/memmod golang.zx2c4.com/wireguard/windows/embeddable-dll-service Govulncheck scanned the following 4 modules and the go1.20.14 standard library: golang.zx2c4.com/wireguard/windows golang.org/x/[email protected] golang.org/x/[email protected] golang.org/x/[email protected] === Symbol Results === Vulnerability #1: GO-2024-3106 Stack exhaustion in Decoder.Decode in encoding/gob More info: https://pkg.go.dev/vuln/GO-2024-3106 Standard library Found in: encoding/[email protected] Fixed in: encoding/[email protected] Example traces found: #1: manager/ipc_client.go:420:25: manager.IPCClientUpdateState calls gob.Decoder.Decode > The most complex struct, our IPC is passing around, is conf.Config. It does not contain deeply nested structures, so we should be fine. The config may be huge, but it is not deep. Vulnerability #2: GO-2024-2888 Mishandling of corrupt central directory record in archive/zip More info: https://pkg.go.dev/vuln/GO-2024-2888 Standard library Found in: archive/[email protected] Fixed in: archive/[email protected] Example traces found: #1: ui/tunnelspage.go:309:29: ui.importFiles calls zip.OpenReader > Securing Zip config file exchange is beyond WireGuard scope. === Package Results === Vulnerability #1: GO-2025-3447 Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec More info: https://pkg.go.dev/vuln/GO-2025-3447 Standard library Found in: crypto/internal/[email protected] Fixed in: crypto/internal/[email protected] Platforms: ppc64le > There are no Windows on ppc64le platform we'd support. Vulnerability #2: GO-2024-2887 Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip More info: https://pkg.go.dev/vuln/GO-2024-2887 Standard library Found in: net/[email protected] Fixed in: net/[email protected] > Not using any of the affected net/netip functions. === Module Results === Vulnerability #1: GO-2025-3487 Potential denial of service in golang.org/x/crypto More info: https://pkg.go.dev/vuln/GO-2025-3487 Module: golang.org/x/crypto Found in: golang.org/x/[email protected] Fixed in: golang.org/x/[email protected] Vulnerability #2: GO-2025-3420 Sensitive headers incorrectly sent after cross-domain redirect in net/http More info: https://pkg.go.dev/vuln/GO-2025-3420 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #3: GO-2025-3373 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2025-3373 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #4: GO-2024-3107 Stack exhaustion in Parse in go/build/constraint More info: https://pkg.go.dev/vuln/GO-2024-3107 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #5: GO-2024-3105 Stack exhaustion in all Parse functions in go/parser More info: https://pkg.go.dev/vuln/GO-2024-3105 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #6: GO-2024-2963 Denial of service due to improper 100-continue handling in net/http More info: https://pkg.go.dev/vuln/GO-2024-2963 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #7: GO-2024-2687 HTTP/2 CONTINUATION flood in net/http More info: https://pkg.go.dev/vuln/GO-2024-2687 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #8: GO-2024-2610 Errors returned from JSON marshaling may break template escaping in html/template More info: https://pkg.go.dev/vuln/GO-2024-2610 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #9: GO-2024-2609 Comments in display names are incorrectly handled in net/mail More info: https://pkg.go.dev/vuln/GO-2024-2609 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #10: GO-2024-2600 Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http More info: https://pkg.go.dev/vuln/GO-2024-2600 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #11: GO-2024-2599 Memory exhaustion in multipart form parsing in net/textproto and net/http More info: https://pkg.go.dev/vuln/GO-2024-2599 Standard library Found in: [email protected] Fixed in: [email protected] Vulnerability #12: GO-2024-2598 Verify panics on certificates with an unknown public key algorithm in crypto/x509 More info: https://pkg.go.dev/vuln/GO-2024-2598 Standard library Found in: [email protected] Fixed in: [email protected] Your code is affected by 2 vulnerabilities from the Go standard library. This scan also found 2 vulnerabilities in packages you import and 12 vulnerabilities in modules you require, but your code doesn't appear to call these vulnerabilities. Signed-off-by: Simon Rozman <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a new config option to set a metric on the interface, e.g.
I'm currently using this to manage multiple VPNs in a failover scenario.