Development discussion of WireGuard
 help / color / mirror / Atom feed
* wireguard-go on windows
@ 2021-02-25  6:30 Devanath S
  2021-02-25 15:53 ` Jason A. Donenfeld
  2021-09-12 15:07 ` Devanath S
  0 siblings, 2 replies; 7+ messages in thread
From: Devanath S @ 2021-02-25  6:30 UTC (permalink / raw)
  To: wireguard

Hi All,

I am trying to run wireguard-go on windows for debugging purpose only
and seem to get the below error.

Login user is local admin on the box and it is run as administrator. Plz advice.

c:\Go\wire-win\wireguard-go>.\wireguard.exe wg0
Warning: this is a test program for Windows, mainly used for debugging
this Go package. For a real WireGuard for Windows client, the repo you
want is <https://git.zx2c4.com/wireguard-windows/>, which includes
this code as a module.
INFO: (wg0) 2021/02/24 22:09:55 Starting wireguard-go version 0.0.20201118
DEBUG: (wg0) 2021/02/24 22:09:55 Debug log enabled
2021/02/24 22:09:55 [Wintun] CreateAdapter: Creating adapter
DEBUG: (wg0) 2021/02/24 22:09:56 UDP bind has been updated
INFO: (wg0) 2021/02/24 22:09:56 Device started
ERROR: (wg0) 2021/02/24 22:09:56 Failed to listen on uapi socket: open
\\.\pipe\ProtectedPrefix\Administrators\WireGuard\wg0: This security
ID may not be assigned as the owner of this object.


Regards,
srini

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: wireguard-go on windows
  2021-02-25  6:30 wireguard-go on windows Devanath S
@ 2021-02-25 15:53 ` Jason A. Donenfeld
       [not found]   ` <CADjMg7VHCX04+UgCY4AwLub5=otDJ9dTHMLdX16OVDZoDG88xQ@mail.gmail.com>
  2021-09-12 15:07 ` Devanath S
  1 sibling, 1 reply; 7+ messages in thread
From: Jason A. Donenfeld @ 2021-02-25 15:53 UTC (permalink / raw)
  To: Devanath S; +Cc: WireGuard mailing list

I'm curious to learn what you're trying to debug this way; you're
better off using wireguard-windows.

The pipe permissions are too strict internally, it appears. Try
running as Local System.

Jason

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Fwd: wireguard-go on windows
       [not found]   ` <CADjMg7VHCX04+UgCY4AwLub5=otDJ9dTHMLdX16OVDZoDG88xQ@mail.gmail.com>
@ 2021-02-25 16:42     ` Devanath S
  2021-02-25 17:54       ` Jason A. Donenfeld
  0 siblings, 1 reply; 7+ messages in thread
From: Devanath S @ 2021-02-25 16:42 UTC (permalink / raw)
  To: WireGuard mailing list

Hi Jason,

Thank you for your prompt response.

We are trying to use wgctrl way of configuring the wireguard devices
and facing issues while creating/configuring the wireguard device on
windows.

1) First problem was while creating the wintun device using wintun.dll
and using wgctrl for configuring it.  It hangs in
wgclient.ConfigureDevice api()

2) So tried to first create the device through wireguard.exe. And then
used wgctrl way to configure it, but wgClient.Devices() is not able to
get the devices on our test windows boxes (even though it works on my
development machine)

So was trying to investigate how wireguard works on windows.  With
wgctrl package I was able to get it working on linux/mac, but facing
such issues on windows.  The reason for using wgctrl was to make it
configurable through our own APP.

Regard,
Dev

On Thu, Feb 25, 2021 at 7:54 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> I'm curious to learn what you're trying to debug this way; you're
> better off using wireguard-windows.
>
> The pipe permissions are too strict internally, it appears. Try
> running as Local System.
>
> Jason

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: wireguard-go on windows
  2021-02-25 16:42     ` Fwd: " Devanath S
@ 2021-02-25 17:54       ` Jason A. Donenfeld
  2021-02-25 20:14         ` Matt Layher
  0 siblings, 1 reply; 7+ messages in thread
From: Jason A. Donenfeld @ 2021-02-25 17:54 UTC (permalink / raw)
  To: Devanath S, Matt Layher; +Cc: WireGuard mailing list

+ Matt Layher

Hi Davanath,

> We are trying to use wgctrl way of configuring the wireguard devices
> and facing issues while creating/configuring the wireguard device on
> windows.
>
> 1) First problem was while creating the wintun device using wintun.dll
> and using wgctrl for configuring it.  It hangs in
> wgclient.ConfigureDevice api()

wgctrl works with wireguard. wireguard uses wintun, but wireguard is not wintun.

>
> 2) So tried to first create the device through wireguard.exe. And then
> used wgctrl way to configure it, but wgClient.Devices() is not able to
> get the devices on our test windows boxes (even though it works on my
> development machine)

This sounds like a potential bug in wgctrl.

Matt -- I wonder if there's a bug in the parser, recently unearthed by
a change in wireguard-go. Specifically, uapi stipulates that requests
and responses end with \n\n. Is it possible that you're relying on the
socket to EOF, instead of looking for the \n\n? Recent wireguard-go
keeps the socket open, in case you want to send one request after
another.

Jason

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: wireguard-go on windows
  2021-02-25 17:54       ` Jason A. Donenfeld
@ 2021-02-25 20:14         ` Matt Layher
  2021-02-25 20:21           ` Devanath S
  0 siblings, 1 reply; 7+ messages in thread
From: Matt Layher @ 2021-02-25 20:14 UTC (permalink / raw)
  To: Jason A. Donenfeld, Devanath S; +Cc: WireGuard mailing list

A glance at 
https://github.com/WireGuard/wgctrl-go/blob/master/internal/wguser/parse.go#L48 
seems to indicate that we treat the first "blank" line produced by 
bufio.Scanner (which strips \n) as a sentinel to stop parsing, which 
would mean something like "errno=0\n\n" would parse the errno and be 
done once it interprets the final line "\n".

The tests seem to indicate this works as expected, but I don't regularly 
develop on Windows and welcome PRs if something has changed.
- Matt

On 2/25/21 12:54 PM, Jason A. Donenfeld wrote:
> + Matt Layher
>
> Hi Davanath,
>
>> We are trying to use wgctrl way of configuring the wireguard devices
>> and facing issues while creating/configuring the wireguard device on
>> windows.
>>
>> 1) First problem was while creating the wintun device using wintun.dll
>> and using wgctrl for configuring it.  It hangs in
>> wgclient.ConfigureDevice api()
> wgctrl works with wireguard. wireguard uses wintun, but wireguard is not wintun.
>
>> 2) So tried to first create the device through wireguard.exe. And then
>> used wgctrl way to configure it, but wgClient.Devices() is not able to
>> get the devices on our test windows boxes (even though it works on my
>> development machine)
> This sounds like a potential bug in wgctrl.
>
> Matt -- I wonder if there's a bug in the parser, recently unearthed by
> a change in wireguard-go. Specifically, uapi stipulates that requests
> and responses end with \n\n. Is it possible that you're relying on the
> socket to EOF, instead of looking for the \n\n? Recent wireguard-go
> keeps the socket open, in case you want to send one request after
> another.
>
> Jason

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: wireguard-go on windows
  2021-02-25 20:14         ` Matt Layher
@ 2021-02-25 20:21           ` Devanath S
  0 siblings, 0 replies; 7+ messages in thread
From: Devanath S @ 2021-02-25 20:21 UTC (permalink / raw)
  To: Matt Layher; +Cc: Jason A. Donenfeld, WireGuard mailing list

Hi  Jason/Matt,

I could try running any debug binaries or debug patches, that you want
to run to troubleshoot the issue. Plz, advice.

Regards,
Dev

On Thu, Feb 25, 2021 at 12:15 PM Matt Layher <mdlayher@gmail.com> wrote:
>
> A glance at
> https://github.com/WireGuard/wgctrl-go/blob/master/internal/wguser/parse.go#L48
> seems to indicate that we treat the first "blank" line produced by
> bufio.Scanner (which strips \n) as a sentinel to stop parsing, which
> would mean something like "errno=0\n\n" would parse the errno and be
> done once it interprets the final line "\n".
>
> The tests seem to indicate this works as expected, but I don't regularly
> develop on Windows and welcome PRs if something has changed.
> - Matt
>
> On 2/25/21 12:54 PM, Jason A. Donenfeld wrote:
> > + Matt Layher
> >
> > Hi Davanath,
> >
> >> We are trying to use wgctrl way of configuring the wireguard devices
> >> and facing issues while creating/configuring the wireguard device on
> >> windows.
> >>
> >> 1) First problem was while creating the wintun device using wintun.dll
> >> and using wgctrl for configuring it.  It hangs in
> >> wgclient.ConfigureDevice api()
> > wgctrl works with wireguard. wireguard uses wintun, but wireguard is not wintun.
> >
> >> 2) So tried to first create the device through wireguard.exe. And then
> >> used wgctrl way to configure it, but wgClient.Devices() is not able to
> >> get the devices on our test windows boxes (even though it works on my
> >> development machine)
> > This sounds like a potential bug in wgctrl.
> >
> > Matt -- I wonder if there's a bug in the parser, recently unearthed by
> > a change in wireguard-go. Specifically, uapi stipulates that requests
> > and responses end with \n\n. Is it possible that you're relying on the
> > socket to EOF, instead of looking for the \n\n? Recent wireguard-go
> > keeps the socket open, in case you want to send one request after
> > another.
> >
> > Jason

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: wireguard-go on windows
  2021-02-25  6:30 wireguard-go on windows Devanath S
  2021-02-25 15:53 ` Jason A. Donenfeld
@ 2021-09-12 15:07 ` Devanath S
  1 sibling, 0 replies; 7+ messages in thread
From: Devanath S @ 2021-09-12 15:07 UTC (permalink / raw)
  To: WireGuard mailing list

Hi All,,

I am trying to run wireguard-go (using
"golang.zx2c4.com/wireguard/wgctrl" for configure) on
container-optimized os on GCP and I am facing the below issue. The
same works on ubuntu/centos etc

1) Wireguard device creation and tunnel gets created as required. It
works as expected
2) When the admin wants to delete the wg tunnel interface and recreate
the wg interface.  It gives error "err device or resource busy"

=> To create the tunnel device
tun.CreateTUN(deviceName, mtu).
device.NewDevice(tun, deviceLogger)
=>To delete the tunnel device
func (device *Device) Close()  which is probably calling
tun.tunFile.Close(), to close the FD

----Snippet of the logs, while closing the device and creating again

^[[0m^[[1;33m[22:04:47 2021/09/09 +0000] [WARN] LIsten_WG_API:
userspace wireguard device API interface closed, error while accepting
connection, err:fd closed

^[[0m[22:04:47 2021/09/09 +0000] [INFO] .Close: closed userspace
wireguard API interface and device

^[[0m[22:04:47 2021/09/09 +0000] [INFO] CreateWg: create userspace
wireguard device wg1

^[[0m^[[0;31m[22:04:47 2021/09/09 +0000] [EROR] CreateUSWG: userspace
tunnel interface creation failed, device name wg1, err device or
resource busy

^[[0m^[[0;31m[22:04:47 2021/09/09 +0000] [EROR] CreateWgfailed to
create wg1: device or resource busy

^[[0m^[[0;31m[22:04:47 2021/09/09 +0000] [EROR]new Config:device or
resource busy


Plz let me know if I am missing something.

Regards,
Dev

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2021-09-12 15:10 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-25  6:30 wireguard-go on windows Devanath S
2021-02-25 15:53 ` Jason A. Donenfeld
     [not found]   ` <CADjMg7VHCX04+UgCY4AwLub5=otDJ9dTHMLdX16OVDZoDG88xQ@mail.gmail.com>
2021-02-25 16:42     ` Fwd: " Devanath S
2021-02-25 17:54       ` Jason A. Donenfeld
2021-02-25 20:14         ` Matt Layher
2021-02-25 20:21           ` Devanath S
2021-09-12 15:07 ` Devanath S

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).