From 4a3a3f9b6363b6da16e6f0375a36556f1a255a18 Mon Sep 17 00:00:00 2001 From: Jonathan de Jong Date: Thu, 3 Apr 2025 13:33:55 +0200 Subject: [PATCH 1/4] usrwg: Add possibility to use custom File Descriptor Closes #142 --- usrwg/tun_darwin.go | 10 +++++++++- usrwg/tun_linux.go | 10 +++++++++- usrwg/tun_windows.go | 4 ++++ usrwg/wgusp.go | 28 +++++++++++++++++++++++++--- 4 files changed, 47 insertions(+), 5 deletions(-) diff --git a/usrwg/tun_darwin.go b/usrwg/tun_darwin.go index a9701b3..9271edd 100644 --- a/usrwg/tun_darwin.go +++ b/usrwg/tun_darwin.go @@ -1,7 +1,15 @@ package usrwg -import "golang.zx2c4.com/wireguard/tun" +import ( + "os" + + "golang.zx2c4.com/wireguard/tun" +) func createTUN(mtu int) (tun.Device, error) { return tun.CreateTUN("utun", mtu) } + +func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { + return tun.CreateTUNFromFile(file, mtu) +} diff --git a/usrwg/tun_linux.go b/usrwg/tun_linux.go index b056a1a..23f3f1a 100644 --- a/usrwg/tun_linux.go +++ b/usrwg/tun_linux.go @@ -1,7 +1,15 @@ package usrwg -import "golang.zx2c4.com/wireguard/tun" +import ( + "os" + + "golang.zx2c4.com/wireguard/tun" +) func createTUN(mtu int) (tun.Device, error) { return tun.CreateTUN("ts0", mtu) } + +func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { + return tun.CreateTUNFromFile(file, mtu) +} diff --git a/usrwg/tun_windows.go b/usrwg/tun_windows.go index 1d09998..0d6b940 100644 --- a/usrwg/tun_windows.go +++ b/usrwg/tun_windows.go @@ -9,6 +9,10 @@ func createTUN(mtu int) (tun.Device, error) { return tun.CreateTUN("toversok", mtu) } +func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { + return nil, errors.New("not implemented on windows") +} + func init() { tun.WintunTunnelType = "ToverSok" guid, err := windows.GUIDFromString("{37217669-42da-4657-a55b-13375d328250}") diff --git a/usrwg/wgusp.go b/usrwg/wgusp.go index d062e35..42177ad 100644 --- a/usrwg/wgusp.go +++ b/usrwg/wgusp.go @@ -5,6 +5,7 @@ import ( "log/slog" "net" "net/netip" + "os" "slices" "syscall" @@ -27,6 +28,15 @@ func NewUsrWGHost() *UserSpaceWireGuardHost { type UserSpaceWireGuardHost struct { running *UserSpaceWireGuardController + tunFile *os.File +} + +func (u *UserSpaceWireGuardHost) SetTUNFile(f *os.File) { + u.tunFile = f +} + +func (u *UserSpaceWireGuardHost) SetTUNFD(fd uintptr) { + u.tunFile = os.NewFile(fd, "tun") } func (u *UserSpaceWireGuardHost) Reset() error { @@ -47,9 +57,7 @@ func (u *UserSpaceWireGuardHost) Controller(privateKey key.NodePrivate, addr4, a } } - // TODO set this to 1392 per https://docs.eduvpn.org/server/v3/wireguard.html - // and make adjustable by environment variable - tunDev, err := createTUN(1280) + tunDev, err := u.createTUN() if err != nil { return nil, fmt.Errorf("failed to create TUN device: %w", err) } @@ -111,6 +119,20 @@ func (u *UserSpaceWireGuardHost) Controller(privateKey key.NodePrivate, addr4, a return usrwgc, nil } +// TODO set this to 1392 per https://docs.eduvpn.org/server/v3/wireguard.html +// and make adjustable by environment variable + +const tunMtu = 1280 + +func (u *UserSpaceWireGuardHost) createTUN() (tun.Device, error) { + + if u.tunFile != nil { + return createTUNFromFile(u.tunFile, tunMtu) + } else { + return createTUN(tunMtu) + } +} + type UserSpaceWireGuardController struct { wgDev *device.Device bind *ToverSokBind From 436006458a2cfcc4475bf57173a9feb5896c5683 Mon Sep 17 00:00:00 2001 From: Jonathan de Jong Date: Thu, 3 Apr 2025 13:34:34 +0200 Subject: [PATCH 2/4] Please linter --- usrwg/wgusp.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/usrwg/wgusp.go b/usrwg/wgusp.go index 42177ad..d8ca419 100644 --- a/usrwg/wgusp.go +++ b/usrwg/wgusp.go @@ -125,12 +125,11 @@ func (u *UserSpaceWireGuardHost) Controller(privateKey key.NodePrivate, addr4, a const tunMtu = 1280 func (u *UserSpaceWireGuardHost) createTUN() (tun.Device, error) { - if u.tunFile != nil { return createTUNFromFile(u.tunFile, tunMtu) - } else { - return createTUN(tunMtu) } + + return createTUN(tunMtu) } type UserSpaceWireGuardController struct { From 7af66a9321968ff72934d667d17fd454992e8a9f Mon Sep 17 00:00:00 2001 From: Jonathan de Jong Date: Wed, 16 Apr 2025 14:16:09 +0200 Subject: [PATCH 3/4] Add method to create TUN from unmonitored FD on linux --- usrwg/tun_darwin.go | 4 ++++ usrwg/tun_linux.go | 5 +++++ usrwg/tun_windows.go | 4 ++++ usrwg/wgusp.go | 15 ++++++++++++++- 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/usrwg/tun_darwin.go b/usrwg/tun_darwin.go index 9271edd..6f09f5a 100644 --- a/usrwg/tun_darwin.go +++ b/usrwg/tun_darwin.go @@ -13,3 +13,7 @@ func createTUN(mtu int) (tun.Device, error) { func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { return tun.CreateTUNFromFile(file, mtu) } + +func createTUNFromFD(fd uintptr, mtu int) (tun.Device, error) { + return createTUNFromFile(os.NewFile(fd, "tun"), mtu) +} diff --git a/usrwg/tun_linux.go b/usrwg/tun_linux.go index 23f3f1a..4303778 100644 --- a/usrwg/tun_linux.go +++ b/usrwg/tun_linux.go @@ -13,3 +13,8 @@ func createTUN(mtu int) (tun.Device, error) { func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { return tun.CreateTUNFromFile(file, mtu) } + +func createTUNFromFD(fd uintptr, _ int) (tun.Device, error) { + dev, _, err := tun.CreateUnmonitoredTUNFromFD(fd) + return dev, err +} diff --git a/usrwg/tun_windows.go b/usrwg/tun_windows.go index 0d6b940..c22e0e3 100644 --- a/usrwg/tun_windows.go +++ b/usrwg/tun_windows.go @@ -13,6 +13,10 @@ func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { return nil, errors.New("not implemented on windows") } +func createTUNFromFD(_ uintptr, _ int) (tun.Device, error) { + return nil, errors.New("not implemented on windows") +} + func init() { tun.WintunTunnelType = "ToverSok" guid, err := windows.GUIDFromString("{37217669-42da-4657-a55b-13375d328250}") diff --git a/usrwg/wgusp.go b/usrwg/wgusp.go index d8ca419..5f60524 100644 --- a/usrwg/wgusp.go +++ b/usrwg/wgusp.go @@ -29,14 +29,25 @@ func NewUsrWGHost() *UserSpaceWireGuardHost { type UserSpaceWireGuardHost struct { running *UserSpaceWireGuardController tunFile *os.File + tunFD uintptr } func (u *UserSpaceWireGuardHost) SetTUNFile(f *os.File) { u.tunFile = f + if f == nil { + u.tunFD = 0 + } else { + u.tunFD = f.Fd() + } } func (u *UserSpaceWireGuardHost) SetTUNFD(fd uintptr) { - u.tunFile = os.NewFile(fd, "tun") + // TODO: this has the side-effect on linux to use the "unmonitored" creation step, + // instead of a monitored creation step, needs to be made explicit + u.tunFD = fd + if u.tunFile != nil { + u.tunFD = 0 + } } func (u *UserSpaceWireGuardHost) Reset() error { @@ -127,6 +138,8 @@ const tunMtu = 1280 func (u *UserSpaceWireGuardHost) createTUN() (tun.Device, error) { if u.tunFile != nil { return createTUNFromFile(u.tunFile, tunMtu) + } else if u.tunFD != 0 { + return createTUNFromFD(u.tunFD, tunMtu) } return createTUN(tunMtu) From 6e10cac038f3abb8d5e6123b4a3bdf15e1a2f9ce Mon Sep 17 00:00:00 2001 From: Jonathan de Jong Date: Wed, 16 Apr 2025 14:25:44 +0200 Subject: [PATCH 4/4] add int() --- usrwg/tun_linux.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usrwg/tun_linux.go b/usrwg/tun_linux.go index 4303778..53dffa5 100644 --- a/usrwg/tun_linux.go +++ b/usrwg/tun_linux.go @@ -15,6 +15,6 @@ func createTUNFromFile(file *os.File, mtu int) (tun.Device, error) { } func createTUNFromFD(fd uintptr, _ int) (tun.Device, error) { - dev, _, err := tun.CreateUnmonitoredTUNFromFD(fd) + dev, _, err := tun.CreateUnmonitoredTUNFromFD(int(fd)) return dev, err }