WireGuard
diff --git a/‎conf/config.go‎
Lines changed: 12 additions & 50 deletions b/‎conf/config.go‎
Lines changed: 12 additions & 50 deletions
diff --git a/‎conf/dnsresolver_windows.go‎
Lines changed: 11 additions & 11 deletions b/‎conf/dnsresolver_windows.go‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎conf/parser.go‎
Lines changed: 22 additions & 51 deletions b/‎conf/parser.go‎
Lines changed: 22 additions & 51 deletions
diff --git a/‎conf/parser_test.go‎
Lines changed: 4 additions & 4 deletions b/‎conf/parser_test.go‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎conf/writer.go‎
Lines changed: 13 additions & 16 deletions b/‎conf/writer.go‎
Lines changed: 13 additions & 16 deletions
@@ -10,22 +10,18 @@ import (
 	"crypto/subtle"
 	"encoding/base64"
 	"fmt"
-	"net"
 	"strings"
 	"time"
 
+	"golang.zx2c4.com/go118/netip"
+
 	"golang.org/x/crypto/curve25519"
 
 	"golang.zx2c4.com/wireguard/windows/l18n"
 )
 
 const KeyLength = 32
 
-type IPCidr struct {
-	IP   net.IP
-	Cidr uint8
-}
-
 type Endpoint struct {
 	Host string
 	Port uint16
@@ -43,10 +39,10 @@ type Config struct {
 
 type Interface struct {
 	PrivateKey Key
-	Addresses  []IPCidr
+	Addresses  []netip.Prefix
 	ListenPort uint16
 	MTU        uint16
-	DNS        []net.IP
+	DNS        []netip.Addr
 	DNSSearch  []string
 	PreUp      string
 	PostUp     string
@@ -58,7 +54,7 @@ type Interface struct {
 type Peer struct {
 	PublicKey           Key
 	PresharedKey        Key
-	AllowedIPs          []IPCidr
+	AllowedIPs          []netip.Prefix
 	Endpoint            Endpoint
 	PersistentKeepalive uint16
 
@@ -67,62 +63,28 @@ type Peer struct {
 	LastHandshakeTime HandshakeTime
 }
 
-func (r *IPCidr) String() string {
-	return fmt.Sprintf("%s/%d", r.IP.String(), r.Cidr)
-}
-
-func (r *IPCidr) Bits() uint8 {
-	if r.IP.To4() != nil {
-		return 32
-	}
-	return 128
-}
-
-func (r *IPCidr) IPNet() net.IPNet {
-	return net.IPNet{
-		IP:   r.IP,
-		Mask: net.CIDRMask(int(r.Cidr), int(r.Bits())),
-	}
-}
-
-func (r *IPCidr) MaskSelf() {
-	bits := int(r.Bits())
-	mask := net.CIDRMask(int(r.Cidr), bits)
-	for i := 0; i < bits/8; i++ {
-		r.IP[i] &= mask[i]
-	}
-}
-
 func (conf *Config) IntersectsWith(other *Config) bool {
-	type hashableIPCidr struct {
-		ip   string
-		cidr byte
-	}
-	allRoutes := make(map[hashableIPCidr]bool, len(conf.Interface.Addresses)*2+len(conf.Peers)*3)
+	allRoutes := make(map[netip.Prefix]bool, len(conf.Interface.Addresses)*2+len(conf.Peers)*3)
 	for _, a := range conf.Interface.Addresses {
-		allRoutes[hashableIPCidr{string(a.IP), byte(len(a.IP) * 8)}] = true
-		a.MaskSelf()
-		allRoutes[hashableIPCidr{string(a.IP), a.Cidr}] = true
+		allRoutes[netip.PrefixFrom(a.Addr(), a.Addr().BitLen())] = true
+		allRoutes[a.Masked()] = true
 	}
 	for i := range conf.Peers {
 		for _, a := range conf.Peers[i].AllowedIPs {
-			a.MaskSelf()
-			allRoutes[hashableIPCidr{string(a.IP), a.Cidr}] = true
+			allRoutes[a.Masked()] = true
 		}
 	}
 	for _, a := range other.Interface.Addresses {
-		if allRoutes[hashableIPCidr{string(a.IP), byte(len(a.IP) * 8)}] {
+		if allRoutes[netip.PrefixFrom(a.Addr(), a.Addr().BitLen())] {
 			return true
 		}
-		a.MaskSelf()
-		if allRoutes[hashableIPCidr{string(a.IP), a.Cidr}] {
+		if allRoutes[a.Masked()] {
 			return true
 		}
 	}
 	for i := range other.Peers {
 		for _, a := range other.Peers[i].AllowedIPs {
-			a.MaskSelf()
-			if allRoutes[hashableIPCidr{string(a.IP), a.Cidr}] {
+			if allRoutes[a.Masked()] {
 				return true
 			}
 		}
 
@@ -6,13 +6,13 @@
 package conf
 
 import (
-	"fmt"
 	"log"
-	"net"
-	"syscall"
+	"strconv"
 	"time"
 	"unsafe"
 
+	"golang.zx2c4.com/go118/netip"
+
 	"golang.org/x/sys/windows"
 	"golang.zx2c4.com/wireguard/windows/services"
 )
@@ -66,24 +66,24 @@ func resolveHostnameOnce(name string) (resolvedIPString string, err error) {
 		return
 	}
 	defer windows.FreeAddrInfoW(result)
-	ipv6 := ""
+	var v6 netip.Addr
 	for ; result != nil; result = result.Next {
 		switch result.Family {
 		case windows.AF_INET:
-			return (net.IP)((*syscall.RawSockaddrInet4)(unsafe.Pointer(result.Addr)).Addr[:]).String(), nil
+			return netip.AddrFrom4((*windows.RawSockaddrInet4)(unsafe.Pointer(result.Addr)).Addr).String(), nil
 		case windows.AF_INET6:
-			if len(ipv6) != 0 {
+			if v6.IsValid() {
 				continue
 			}
-			a := (*syscall.RawSockaddrInet6)(unsafe.Pointer(result.Addr))
-			ipv6 = (net.IP)(a.Addr[:]).String()
+			a := (*windows.RawSockaddrInet6)(unsafe.Pointer(result.Addr))
+			v6 = netip.AddrFrom16(a.Addr)
 			if a.Scope_id != 0 {
-				ipv6 += fmt.Sprintf("%%%d", a.Scope_id)
+				v6 = v6.WithZone(strconv.FormatUint(uint64(a.Scope_id), 10))
 			}
 		}
 	}
-	if len(ipv6) != 0 {
-		return ipv6, nil
+	if v6.IsValid() {
+		return v6.String(), nil
 	}
 	err = windows.WSAHOST_NOT_FOUND
 	return
 
@@ -7,10 +7,11 @@ package conf
 
 import (
 	"encoding/base64"
-	"net"
 	"strconv"
 	"strings"
 
+	"golang.zx2c4.com/go118/netip"
+
 	"golang.org/x/sys/windows"
 	"golang.org/x/text/encoding/unicode"
 
@@ -27,43 +28,16 @@ func (e *ParseError) Error() string {
 	return l18n.Sprintf("%s: %q", e.why, e.offender)
 }
 
-func parseIPCidr(s string) (ipcidr *IPCidr, err error) {
-	var addrStr, cidrStr string
-	var cidr int
-
-	i := strings.IndexByte(s, '/')
-	if i < 0 {
-		addrStr = s
-	} else {
-		addrStr, cidrStr = s[:i], s[i+1:]
-	}
-
-	err = &ParseError{l18n.Sprintf("Invalid IP address"), s}
-	addr := net.ParseIP(addrStr)
-	if addr == nil {
-		return
-	}
-	maybeV4 := addr.To4()
-	if maybeV4 != nil {
-		addr = maybeV4
+func parseIPCidr(s string) (netip.Prefix, error) {
+	ipcidr, err := netip.ParsePrefix(s)
+	if err == nil {
+		return ipcidr, nil
 	}
-	if len(cidrStr) > 0 {
-		err = &ParseError{l18n.Sprintf("Invalid network prefix length"), s}
-		cidr, err = strconv.Atoi(cidrStr)
-		if err != nil || cidr < 0 || cidr > 128 {
-			return
-		}
-		if cidr > 32 && maybeV4 != nil {
-			return
-		}
-	} else {
-		if maybeV4 != nil {
-			cidr = 32
-		} else {
-			cidr = 128
-		}
+	addr, err := netip.ParseAddr(s)
+	if err != nil {
+		return netip.Prefix{}, &ParseError{l18n.Sprintf("Invalid IP address: "), s}
 	}
-	return &IPCidr{addr, uint8(cidr)}, nil
+	return netip.PrefixFrom(addr, addr.BitLen()), nil
 }
 
 func parseEndpoint(s string) (*Endpoint, error) {
@@ -87,16 +61,16 @@ func parseEndpoint(s string) (*Endpoint, error) {
 			if i := strings.LastIndexByte(host, '%'); i > 1 {
 				end = i
 			}
-			maybeV6 := net.ParseIP(host[1:end])
-			if maybeV6 == nil || len(maybeV6) != net.IPv6len {
+			maybeV6, err2 := netip.ParseAddr(host[1:end])
+			if err2 != nil || !maybeV6.Is6() {
 				return nil, err
 			}
 		} else {
 			return nil, err
 		}
 		host = host[1 : len(host)-1]
 	}
-	return &Endpoint{host, uint16(port)}, nil
+	return &Endpoint{host, port}, nil
 }
 
 func parseMTU(s string) (uint16, error) {
@@ -256,16 +230,16 @@ func FromWgQuick(s string, name string) (*Config, error) {
 					if err != nil {
 						return nil, err
 					}
-					conf.Interface.Addresses = append(conf.Interface.Addresses, *a)
+					conf.Interface.Addresses = append(conf.Interface.Addresses, a)
 				}
 			case "dns":
 				addresses, err := splitList(val)
 				if err != nil {
 					return nil, err
 				}
 				for _, address := range addresses {
-					a := net.ParseIP(address)
-					if a == nil {
+					a, err := netip.ParseAddr(address)
+					if err != nil {
 						conf.Interface.DNSSearch = append(conf.Interface.DNSSearch, address)
 					} else {
 						conf.Interface.DNS = append(conf.Interface.DNS, a)
@@ -312,7 +286,7 @@ func FromWgQuick(s string, name string) (*Config, error) {
 					if err != nil {
 						return nil, err
 					}
-					peer.AllowedIPs = append(peer.AllowedIPs, *a)
+					peer.AllowedIPs = append(peer.AllowedIPs, a)
 				}
 			case "persistentkeepalive":
 				p, err := parsePersistentKeepalive(val)
@@ -399,7 +373,7 @@ func FromDriverConfiguration(interfaze *driver.Interface, existingConfig *Config
 		}
 		if p.Flags&driver.PeerHasEndpoint != 0 {
 			peer.Endpoint.Port = p.Endpoint.Port()
-			peer.Endpoint.Host = p.Endpoint.IP().String()
+			peer.Endpoint.Host = p.Endpoint.Addr().String()
 		}
 		if p.Flags&driver.PeerHasPersistentKeepalive != 0 {
 			peer.PersistentKeepalive = p.PersistentKeepalive
@@ -416,16 +390,13 @@ func FromDriverConfiguration(interfaze *driver.Interface, existingConfig *Config
 			} else {
 				a = a.NextAllowedIP()
 			}
-			var ip net.IP
+			var ip netip.Addr
 			if a.AddressFamily == windows.AF_INET {
-				ip = a.Address[:4]
+				ip = netip.AddrFrom4(*(*[4]byte)(a.Address[:4]))
 			} else if a.AddressFamily == windows.AF_INET6 {
-				ip = a.Address[:16]
+				ip = netip.AddrFrom16(*(*[16]byte)(a.Address[:16]))
 			}
-			peer.AllowedIPs = append(peer.AllowedIPs, IPCidr{
-				IP:   ip,
-				Cidr: a.Cidr,
-			})
+			peer.AllowedIPs = append(peer.AllowedIPs, netip.PrefixFrom(ip, int(a.Cidr)))
 		}
 		conf.Peers = append(conf.Peers, peer)
 	}
 
@@ -6,10 +6,11 @@
 package conf
 
 import (
-	"net"
 	"reflect"
 	"runtime"
 	"testing"
+
+	"golang.zx2c4.com/go118/netip"
 )
 
 const testInput = `
@@ -77,10 +78,9 @@ func contains(t *testing.T, list, element interface{}) bool {
 func TestFromWgQuick(t *testing.T) {
 	conf, err := FromWgQuick(testInput, "test")
 	if noError(t, err) {
-
 		lenTest(t, conf.Interface.Addresses, 2)
-		contains(t, conf.Interface.Addresses, IPCidr{net.IPv4(10, 10, 0, 1), uint8(16)})
-		contains(t, conf.Interface.Addresses, IPCidr{net.IPv4(10, 192, 122, 1), uint8(24)})
+		contains(t, conf.Interface.Addresses, netip.PrefixFrom(netip.AddrFrom4([4]byte{0, 10, 0, 1}), 16))
+		contains(t, conf.Interface.Addresses, netip.PrefixFrom(netip.AddrFrom4([4]byte{10, 192, 122, 1}), 24))
 		equal(t, "yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=", conf.Interface.PrivateKey.String())
 		equal(t, uint16(51820), conf.Interface.ListenPort)
 
 
@@ -7,10 +7,11 @@ package conf
 
 import (
 	"fmt"
-	"net"
 	"strings"
 	"unsafe"
 
+	"golang.zx2c4.com/go118/netip"
+
 	"golang.org/x/sys/windows"
 	"golang.zx2c4.com/wireguard/windows/driver"
 	"golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"
@@ -111,8 +112,11 @@ func (config *Config) ToDriverConfiguration() (*driver.Interface, uint32) {
 		}
 		var endpoint winipcfg.RawSockaddrInet
 		if !config.Peers[i].Endpoint.IsEmpty() {
-			flags |= driver.PeerHasEndpoint
-			endpoint.SetIP(net.ParseIP(config.Peers[i].Endpoint.Host), config.Peers[i].Endpoint.Port)
+			addr, err := netip.ParseAddr(config.Peers[i].Endpoint.Host)
+			if err == nil {
+				flags |= driver.PeerHasEndpoint
+				endpoint.SetAddrPort(netip.AddrPortFrom(addr, config.Peers[i].Endpoint.Port))
+			}
 		}
 		c.AppendPeer(&driver.Peer{
 			Flags:               flags,
@@ -123,20 +127,13 @@ func (config *Config) ToDriverConfiguration() (*driver.Interface, uint32) {
 			AllowedIPsCount:     uint32(len(config.Peers[i].AllowedIPs)),
 		})
 		for j := range config.Peers[i].AllowedIPs {
-			var family winipcfg.AddressFamily
-			var ip net.IP
-			if ip = config.Peers[i].AllowedIPs[j].IP.To4(); ip != nil {
-				family = windows.AF_INET
-			} else if ip = config.Peers[i].AllowedIPs[j].IP.To16(); ip != nil {
-				family = windows.AF_INET6
-			} else {
-				ip = config.Peers[i].AllowedIPs[j].IP
-			}
-			a := &driver.AllowedIP{
-				AddressFamily: family,
-				Cidr:          config.Peers[i].AllowedIPs[j].Cidr,
+			a := &driver.AllowedIP{Cidr: uint8(config.Peers[i].AllowedIPs[j].Bits())}
+			copy(a.Address[:], config.Peers[i].AllowedIPs[j].Addr().AsSlice())
+			if config.Peers[i].AllowedIPs[j].Addr().Is4() {
+				a.AddressFamily = windows.AF_INET
+			} else if config.Peers[i].AllowedIPs[j].Addr().Is6() {
+				a.AddressFamily = windows.AF_INET6
 			}
-			copy(a.Address[:], ip)
 			c.AppendAllowedIP(a)
 		}
 	}