Update DAITA to v2 on Windows

.github/workflows/clippy.yml

@@ -63,8 +63,17 @@ jobs:
           sudo apt-get update
           sudo apt-get install libdbus-1-dev
 
+      - name: Install msbuild
+        if: matrix.os == 'windows-latest'
+        uses: microsoft/[email protected]
+        with:
+          vs-version: 16
+
+      - name: Install latest zig
+        if: matrix.os == 'windows-latest'
+        uses: mlugg/setup-zig@v1
+
       - name: Install Go
-        if: matrix.os == 'linux-latest' || matrix.os == 'macos-latest'
         uses: actions/setup-go@v5
         with:
           go-version: 1.21.3

.github/workflows/daemon.yml

@@ -1,6 +1,6 @@
 ---
 name: Daemon+CLI - Build and test
 on:
   pull_request:
     paths:
       - '**'
@@ -130,7 +130,9 @@
         uses: actions/checkout@v4
 
       - name: Checkout submodules
-        run: git submodule update --init --depth=1
+        run: |
+          git submodule update --init --depth=1
+          git submodule update --init --recursive --depth=1 wireguard-go-rs
 
       - name: Install Protoc
         # NOTE: ARM runner already has protoc
@@ -183,6 +185,9 @@
         with:
           vs-version: 16
 
+      - name: Install latest zig
+        uses: mlugg/setup-zig@v1
+
       - name: Build Windows modules
         if: steps.cache-windows-modules.outputs.cache-hit != 'true'
         shell: bash

.github/workflows/desktop-e2e.yml

@@ -7,7 +7,7 @@
 # * compiling the output from the different runners and executed platforms.
 ---
 name: Desktop - End-to-end tests
 on:
   schedule:
     - cron: '0 0 * * *'
   workflow_dispatch:
@@ -147,7 +147,7 @@
       !cancelled() &&
       needs.prepare-matrices.outputs.linux_matrix != '[]' &&
       needs.prepare-matrices.outputs.linux_matrix != ''
     runs-on: [self-hosted, desktop-test, Linux] # app-test-linux
     timeout-minutes: 240
     strategy:
       fail-fast: false
@@ -200,6 +200,8 @@
           toolchain: stable
           target: i686-pc-windows-msvc
           default: true
+      - name: Install latest zig
+        uses: mlugg/setup-zig@v1
       - name: Install msbuild
         uses: microsoft/[email protected]
         with:
@@ -232,7 +234,7 @@
       needs.prepare-matrices.outputs.windows_matrix != '[]' &&
       needs.prepare-matrices.outputs.windows_matrix != ''
     name: Windows end-to-end tests
     runs-on: [self-hosted, desktop-test, Linux] # app-test-linux
     timeout-minutes: 240
     strategy:
       fail-fast: false
@@ -264,7 +266,7 @@
     if: |
       needs.prepare-matrices.outputs.macos_matrix != '[]' &&
       !startsWith(github.ref, 'refs/tags/') && github.ref != 'refs/heads/main'
     runs-on: [self-hosted, desktop-test, macOS] # app-test-macos-arm
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4

.github/workflows/rust-unused-dependencies.yml

@@ -103,11 +103,21 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Checkout wireguard-go submodule
-        if: matrix.os == 'macos-latest'
         run: |
           git config --global --add safe.directory '*'
+          git submodule update --init --depth=1
           git submodule update --init --recursive --depth=1 wireguard-go-rs
 
+      - name: Install msbuild
+        if: matrix.os == 'windows-latest'
+        uses: microsoft/[email protected]
+        with:
+          vs-version: 16
+
+      - name: Install latest zig
+        if: matrix.os == 'windows-latest'
+        uses: mlugg/setup-zig@v1
+
       - name: Install Protoc
         uses: arduino/setup-protoc@v3
         with:

BuildInstructions.md

@@ -23,9 +23,8 @@ on your platform please submit an issue or a pull request.
 
     Install the `msi` hosted here: https://github.com/volta-cli/volta
 
-- (Not Windows) Install Go (ideally version `1.21`) by following the [official
-  instructions](https://golang.org/doc/install).  Newer versions may work
-  too.
+- Install Go (ideally version `1.21`) by following the [official instructions](https://golang.org/doc/install).
+  Newer versions may work too.
 
 - Install a protobuf compiler (version 3.15 and up), it can be installed on most major Linux distros
   via the package name `protobuf-compiler`, `protobuf` on macOS via Homebrew, and on Windows
@@ -96,6 +95,8 @@ The host has to have the following installed:
 - `bash` installed as well as a few base unix utilities, including `sed` and `tail`.
   You are recommended to use [Git for Windows].
 
+- `zig` installed and available in `%PATH%`. 0.14 or later is recommended: https://ziglang.org/download/.
+
 - `msbuild.exe` available in `%PATH%`. If you installed Visual Studio Community edition, the
   binary can be found under:
 
@@ -153,7 +154,7 @@ In addition to the above requirements:
   the Electron app:
 
   ```
-  pushd gui
+  pushd desktop/packages/mullvad-vpn
   npm install --target_arch=x64 grpc-tools
   popd
   ```

CHANGELOG.md

@@ -25,6 +25,8 @@ Line wrap the file at 100 chars.                                              Th
 ### Added
 #### Windows
 - Add support for Windows ARM64.
+- Add support for DAITA V2.
+- Add back wireguard-go (userspace WireGuard) support.
 
 ### Changed
 - (Linux and macOS only) Update to DAITA v2. The main difference is that many different machines are

build.sh

@@ -265,6 +265,8 @@ function build {
             mullvad-problem-report.exe
             talpid_openvpn_plugin.dll
             mullvad-setup.exe
+            libwg.dll
+            maybenot_ffi.dll
         )
     fi
 

desktop/packages/mullvad-vpn/tasks/distribution.js

@@ -177,7 +177,8 @@ function newConfig() {
           ),
           to: '.',
         },
-        { from: distAssets('maybenot_machines'), to: '.' },
+        { from: distAssets(path.join('${env.DIST_SUBDIR}', 'libwg.dll')), to: '.' },
+        { from: distAssets(path.join('${env.DIST_SUBDIR}', 'maybenot_ffi.dll')), to: '.' },
       ],
     },
 

talpid-tunnel-config-client/proto/ephemeralpeer.proto

@@ -66,6 +66,7 @@ enum DaitaPlatform {
   macos_wg_go = 3;
   ios_wg_go = 4;
   android_wg_go = 5;
+  windows_wg_go = 6;
 }
 
 enum DaitaLevel {

talpid-tunnel-config-client/src/lib.rs

@@ -22,7 +22,6 @@ mod proto {
     tonic::include_proto!("ephemeralpeer");
 }
 
-#[cfg(unix)]
 const DAITA_VERSION: u32 = 2;
 
 #[derive(Debug)]
@@ -88,7 +87,6 @@ pub const CONFIG_SERVICE_PORT: u16 = 1337;
 
 pub struct EphemeralPeer {
     pub psk: Option<PresharedKey>,
-    #[cfg(unix)]
     pub daita: Option<DaitaSettings>,
 }
 
@@ -141,19 +139,15 @@ pub async fn request_ephemeral_peer_with(
             wg_parent_pubkey: parent_pubkey.as_bytes().to_vec(),
             wg_ephemeral_peer_pubkey: ephemeral_pubkey.as_bytes().to_vec(),
             post_quantum: pq_request,
-            #[cfg(windows)]
-            daita: Some(proto::DaitaRequestV1 {
-                activate_daita: enable_daita,
-            }),
-            #[cfg(windows)]
-            daita_v2: None,
-            #[cfg(unix)]
             daita: None,
-            #[cfg(unix)]
-            daita_v2: enable_daita.then(|| proto::DaitaRequestV2 {
-                level: i32::from(proto::DaitaLevel::LevelDefault),
-                platform: i32::from(get_platform()),
-                version: DAITA_VERSION,
+            daita_v2: enable_daita.then(|| {
+                let platform = get_platform();
+                log::trace!("DAITA v2 platform: {platform:?}");
+                proto::DaitaRequestV2 {
+                    level: i32::from(proto::DaitaLevel::LevelDefault),
+                    platform: i32::from(platform),
+                    version: DAITA_VERSION,
+                }
             }),
         })
         .await
@@ -204,30 +198,21 @@ pub async fn request_ephemeral_peer_with(
         None
     };
 
-    #[cfg(unix)]
-    {
-        let daita = response.daita.map(|daita| DaitaSettings {
-            client_machines: daita.client_machines,
-            max_padding_frac: daita.max_padding_frac,
-            max_blocking_frac: daita.max_blocking_frac,
-        });
-        if daita.is_none() && enable_daita {
-            return Err(Error::MissingDaitaResponse);
-        }
-        Ok(EphemeralPeer { psk, daita })
-    }
-
-    #[cfg(windows)]
-    {
-        Ok(EphemeralPeer { psk })
+    let daita = response.daita.map(|daita| DaitaSettings {
+        client_machines: daita.client_machines,
+        max_padding_frac: daita.max_padding_frac,
+        max_blocking_frac: daita.max_blocking_frac,
+    });
+    if daita.is_none() && enable_daita {
+        return Err(Error::MissingDaitaResponse);
     }
+    Ok(EphemeralPeer { psk, daita })
 }
 
-#[cfg(unix)]
 const fn get_platform() -> proto::DaitaPlatform {
     use proto::DaitaPlatform;
     const PLATFORM: DaitaPlatform = if cfg!(target_os = "windows") {
-        DaitaPlatform::WindowsNative
+        DaitaPlatform::WindowsWgGo
     } else if cfg!(target_os = "linux") {
         DaitaPlatform::LinuxWgGo
     } else if cfg!(target_os = "macos") {

talpid-wireguard/Cargo.toml

@@ -29,8 +29,6 @@ tunnel-obfuscation = { path = "../tunnel-obfuscation" }
 rand = "0.8.5"
 surge-ping = "0.8.0"
 rand_chacha = "0.3.1"
-
-[target.'cfg(not(windows))'.dependencies]
 wireguard-go-rs = { path = "../wireguard-go-rs"}
 
 [target.'cfg(target_os="android")'.dependencies]

talpid-wireguard/build.rs

@@ -6,11 +6,10 @@ fn main() {
     if target_os == "windows" {
         declare_libs_dir("../dist-assets/binaries");
     }
-    // Wireguard-Go can be used on all platforms except Windows
+    // Wireguard-Go can be used on all platforms
     println!("cargo::rustc-check-cfg=cfg(wireguard_go)");
-    if matches!(target_os.as_str(), "linux" | "macos" | "android") {
-        println!("cargo::rustc-cfg=wireguard_go");
-    }
+    println!("cargo::rustc-cfg=wireguard_go");
+
     // Enable DAITA by default on desktop and android
     println!("cargo::rustc-check-cfg=cfg(daita)");
     println!("cargo::rustc-cfg=daita");

talpid-wireguard/src/connectivity/mock.rs

@@ -120,7 +120,7 @@ impl Tunnel for MockTunnel {
     #[cfg(daita)]
     fn start_daita(
         &mut self,
-        #[cfg(not(target_os = "windows"))] _: talpid_tunnel_config_client::DaitaSettings,
+        _: talpid_tunnel_config_client::DaitaSettings,
     ) -> std::result::Result<(), TunnelError> {
         Ok(())
     }

talpid-wireguard/src/ephemeral.rs

@@ -110,7 +110,6 @@ async fn config_ephemeral_peers_inner(
     )
     .await?;
 
-    #[cfg(not(target_os = "windows"))]
     let mut daita = exit_ephemeral_peer.daita;
 
     log::debug!("Retrieved ephemeral peer");
@@ -145,14 +144,10 @@ async fn config_ephemeral_peers_inner(
         log::debug!("Successfully exchanged PSK with entry peer");
 
         config.entry_peer.psk = entry_ephemeral_peer.psk;
-        #[cfg(not(target_os = "windows"))]
-        {
-            daita = entry_ephemeral_peer.daita;
-        }
+        daita = entry_ephemeral_peer.daita;
     }
 
     config.exit_peer_mut().psk = exit_ephemeral_peer.psk;
-    #[cfg(daita)]
     if config.daita {
         log::trace!("Enabling constant packet size for entry peer");
         config.entry_peer.constant_packet_size = true;
@@ -170,28 +165,18 @@ async fn config_ephemeral_peers_inner(
     )
     .await?;
 
-    #[cfg(daita)]
     if config.daita {
-        #[cfg(not(target_os = "windows"))]
-        let Some(daita) = daita
-        else {
+        let Some(daita) = daita else {
             unreachable!("missing DAITA settings");
         };
 
         // Start local DAITA machines
         let mut tunnel = tunnel.lock().await;
         if let Some(tunnel) = tunnel.as_mut() {
-            #[cfg(not(target_os = "windows"))]
             tunnel
                 .start_daita(daita)
                 .map_err(Error::TunnelError)
                 .map_err(CloseMsg::SetupError)?;
-
-            #[cfg(target_os = "windows")]
-            tunnel
-                .start_daita()
-                .map_err(Error::TunnelError)
-                .map_err(CloseMsg::SetupError)?;
         }
     }