wg-quick: openbsd: no use for userspace support

With alignment between the kernel and userspace, along with userspace packages, we can now rely on the kernel in the future always having wg(4). This also simplifies the interface selection logic, and stores the wg-quick interface name as the description. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-10-18 22:27:22 +02:00 · 2020-10-18 22:27:22 +02:00 · c3f26340e6
parent 265e81a344
commit c3f26340e6
1 changed files with 23 additions and 41 deletions
--- a/src/wg-quick/openbsd.bash
+++ b/src/wg-quick/openbsd.bash
@ -88,42 +88,33 @@ auto_su() {
 get_real_interface() {
-	local interface diff
+	local interface line
-	wg show interfaces >/dev/null
+	while IFS= read -r line; do
-	[[ -f "/var/run/wireguard/$INTERFACE.name" ]] || return 1
+		if [[ $line =~ ^([a-z]+[0-9]+):\ .+ ]]; then
-	interface="$(< "/var/run/wireguard/$INTERFACE.name")"
+			interface="${BASH_REMATCH[1]}"
-	if [[ $interface != wg* ]]; then
+			continue
-		[[ -n $interface && -S "/var/run/wireguard/$interface.sock" ]] || return 1
+		fi
-		diff=$(( $(stat -f %m "/var/run/wireguard/$interface.sock" 2>/dev/null || echo 200) - $(stat -f %m "/var/run/wireguard/$INTERFACE.name" 2>/dev/null || echo 100) ))
+		if [[ $interface == wg* && $line =~ ^\	description:\ wg-quick:\ (.+) && ${BASH_REMATCH[1]} == "$INTERFACE" ]]; then
-		[[ $diff -ge 2 || $diff -le -2 ]] && return 1
+			REAL_INTERFACE="$interface"
-		echo "[+] Tun interface for $INTERFACE is $interface" >&2
+			return 0
-	else
+		fi
-		[[ " $(wg show interfaces) " == *" $interface "* ]] || return 1
+	done < <(ifconfig)
-	fi
+	return 1
 	REAL_INTERFACE="$interface"
 	return 0
 }
 add_if() {
 	local index=0 ret
 	while true; do
-		if ret="$(cmd ifconfig wg$index create 2>&1)"; then
+		local -A existing_ifs="( $(wg show interfaces | sed 's/\([^ ]*\)/[\1]=1/g') )"
-			mkdir -p "/var/run/wireguard/"
+		local index ret
-			echo wg$index > /var/run/wireguard/$INTERFACE.name
+		for ((index=0; index <= 2147483647; ++index)); do [[ -v existing_ifs[wg$index] ]] || break; done
-			get_real_interface
+		if ret="$(cmd ifconfig wg$index create description "wg-quick: $INTERFACE" 2>&1)"; then
 			REAL_INTERFACE="wg$index"
 			return 0
 		fi
-		if [[ $ret != *"ifconfig: SIOCIFCREATE: File exists"* ]]; then
+		[[ $ret == *"ifconfig: SIOCIFCREATE: File exists"* ]] && continue
-			echo "[!] Missing WireGuard kernel support ($ret). Falling back to slow userspace implementation." >&3
+		echo "$ret" >&3
-			break
+		return 1
 		fi
 		echo "[+] wg$index in use, trying next"
 		((++index))
 	done
 	export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name"
 	mkdir -p "/var/run/wireguard/"
 	cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" tun
 	get_real_interface
 }
 del_routes() {
@ -153,12 +144,7 @@ del_routes() {
 del_if() {
 	unset_dns
-	if [[ -n $REAL_INTERFACE && $REAL_INTERFACE != wg* ]]; then
+	[[ -n $REAL_INTERFACE ]] && cmd ifconfig $REAL_INTERFACE destroy
 		cmd rm -f "/var/run/wireguard/$REAL_INTERFACE.sock"
 	else
 		cmd ifconfig $REAL_INTERFACE destroy
 	fi
 	cmd rm -f "/var/run/wireguard/$INTERFACE.name"
 }
 up_if() {
@ -438,9 +424,7 @@ cmd_up() {
 }
 cmd_down() {
-	if ! get_real_interface || [[ " $(wg show interfaces) " != *" $REAL_INTERFACE "* ]]; then
+	get_real_interface || die "\`$INTERFACE' is not a WireGuard interface"
 		die "\`$INTERFACE' is not a WireGuard interface"
 	fi
 	execute_hooks "${PRE_DOWN[@]}"
 	[[ $SAVE_CONFIG -eq 0 ]] || save_config
 	del_if
@ -449,9 +433,7 @@ cmd_down() {
 }
 cmd_save() {
-	if ! get_real_interface || [[ " $(wg show interfaces) " != *" $REAL_INTERFACE "* ]]; then
+	get_real_interface || die "\`$INTERFACE' is not a WireGuard interface"
 		die "\`$INTERFACE' is not a WireGuard interface"
 	fi
 	save_config
 }