Kubukeka sengathi izinto zihamba kahle impela ngaphakathi kwephrojekthi ye-WireGuard, njengoJason A. Donenfeld, umbhali we-VPN WireGuard, wethule iphrojekthi ye-WireGuardNT okuyi ichweba elisebenza kahle le-WireGuard VPN le-Windows kernel ehambisana nayo Windows 7, 8, 8.1, no-10, futhi isekela izakhiwo ze-AMD64, x86, ARM64, kanye ne-ARM.
Kubalulekile ukukhumbula ukuthi kwisemester yokugcina ka-2019 ama-patches enziwa ngokusetshenziswa kwe-VPN interface yephrojekthi egatsheni elilandelayo, lokhu kungenxa yokuthi abathuthukisi be-WireGuard bazibophezele futhi bavuma ukudlulisela ingxenye yekhodi kernel, hhayi njenge-API ehlukile, kodwa njengengxenye yohlelo olungaphansi lwe-Crypto API.
Ngemuva kwalokho ezinyangeni ezimbalwa kamuva iphrojekthi yeza kuzinguquko ze-OpenBSD zezinsiza ze-ifconfig ne-tcpdump ngokusekelwa kokusebenza kwe-WireGuard, imibhalo kanye nezinguquko ezincane zokuhlanganisa i-WireGuard nalo lonke uhlelo futhi ngemuva kwalokho iphrojekthi yahanjiswa ukuhambisana ne-Android .
I-WireGuard VPN isetshenziswa ngesisekelo sezindlela zokubethela zanamuhla, ihlinzeka ngokusebenza okuphezulu kakhulu, kulula ukuyisebenzisa, ngaphandle kokuhlupheka, futhi izibonakalisile ezinhlakeni eziningi zokuhambisa okuphethe amanani aphezulu ezimoto.
Le phrojekthi ibilokhu ithuthuka kusukela ngo-2015, uphase ukuhlolwa okuhlelekile nokuqinisekiswa kwezindlela zokubethela ezisetshenzisiwe. I-WireGuard isebenzisa umqondo wokhiye wokubethela, okubandakanya ukubopha ukhiye oyimfihlo kusixhumi esibonakalayo senethiwekhi ngayinye nokusebenzisa izinkinobho zomphakathi ukubopha.
Ukushintshaniswa kokhiye bomphakathi ukusungula ukuxhumana kwenziwa ngokufaniswa ne-SSH. Ukuxoxisana ngokhiye nokuxhuma ngaphandle kokusebenzisa i-daemon ehlukile esikhaleni somsebenzisi, kusetshenziswa indlela yeNoise_IK yeNoise Protocol Framework, efanayo nokugcina amakhekhe agunyaziwe ku-SSH. Ukudluliswa kwedatha kwenziwa ngokufakwa kumaphakethe we-UDP. Isekela ukushintsha ikheli le-IP leseva le-VPN (ukuzula) ngaphandle kokwephula ukuxhumana nokuhlelwa kabusha kwamakhasimende okuzenzakalelayo.
Ukubethela isebenzisa ukubethela kokusakaza kweChaCha20 nePoly1305 algorithm (MAC). I-ChaCha20 ne-Poly1305 zibekwe njengabalingani abasheshayo nabaphephe kakhudlwana kuma-AES-256-CTR ne-HMAC, ukuqaliswa kwesoftware okukuvumela ukuthi uzuze isikhathi sokusebenza esinqunyiwe ngaphandle kokusebenzisa ukwesekwa okukhethekile kwehadiwe.
Futhi manje iphrojekthi ifika njengetheku leWindows lokho yakhela esisekelweni sekhodi esivivinyiwe wokuqaliswa kwe-WireGuard okuyisisekelo kwe- i-linux kernel, ehunyushelwe ukusebenzisa izinhlaka ze-Windows kernel kanye nesitaki senethiwekhi se-NDIS.
Ngemuva kwezinyanga eziningi zokusebenza, mina noSimon siyajabula ukumemezela iphrojekthi ye-WireGuardNT, itheku lomdabu le-WireGuard le-Windows kernel.
I-WireGuardNT, iqale njengechweba lesisekelo sekhodi yeLinux… Ngemuva kwemizamo yokuqala yokuphatheka kube yimpumelelo, isisekelo sekhodi se-NT saphambukiswa ngokushesha ukuze sivumelane kahle nama-NTisms endabuko ne-NDIS (Windows networking stack) APIs. Umphumela wokugcina ukufakwa okuhlanganiswe ngokujulile, kokusebenza okuphezulu kwe-WireGuard, esebenzisa uhla oluphelele lwamakhono we-NT kernel ne-NDIS.
Uma kuqhathaniswa nokusetshenziswa kwe-wireguard-go okugijima esikhaleni somsebenzisi futhi kusebenzisa i-Wintun interface interface, i-WireGuardNT inokuthuthuka okuphawulekayo kokusebenza ngokususa ukusebenza kokushintsha kokuqukethwe bese ukopisha okuqukethwe kwephakeji kusuka ku-kernel uye esikhaleni somsebenzisi.
Ngokufana nokusetshenziswa kwe-WireGuardNT kweLinux, OpenBSD, neFreeBSD, yonke imiqondo yokucubungula umthetho olandelwayo isebenza ngqo ezingeni lesitaki senethiwekhi.
Yize kungekho ukwenziwa okulungiselelwe okwenziwe okwamanje, i-WireGuardNT isivele izuze ukudluliswa kwedatha okuphezulu kwe-7,5 Gbps endaweni yethu yokuhlola nge-Ethernet.
Kuzinhlelo zomsebenzisi zangempela ezine-Wi-Fi, ukusebenza kwehla ngokubonakalayo, kepha ayihlukile kakhulu ekudlulisweni kwedatha okuqondile. Isibonelo, ohlelweni olunekhadi elingenantambo le-Intel AC9560, ukusebenza ngaphandle kwe-WireGuard kwakungu-600 Mbps futhi nge-WireGuardNT kwakungu-600 Mbps, ngenkathi usebenzisa i-wireguard-go / Wintun kwakungu-95 Mbps.
Umthombo: https://lists.zx2c4.com/