go-bridge: dup tunFd so as to not confuse NetworkExtension

The extension isn't banking on tunFd being closed ever, so dup it before handing it to the rest of wireguard-go. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-09-02 17:21:37 +02:00 · 2020-09-02 17:21:37 +02:00 · 737f847c0d
parent 671a594945
commit 737f847c0d
1 changed files with 12 additions and 3 deletions
--- a/wireguard-go-bridge/api-ios.go
+++ b/wireguard-go-bridge/api-ios.go
@ -90,15 +90,22 @@ func wgTurnOn(settings *C.char, tunFd int32) int32 {
 		Info:  log.New(&CLogger{level: 1}, "", 0),
 		Error: log.New(&CLogger{level: 2}, "", 0),
 	}
-
-	err := unix.SetNonblock(int(tunFd), true)
+	dupTunFd, err := unix.Dup(int(tunFd))
 	if err != nil {
 		logger.Error.Println(err)
 		return -1
 	}
-	tun, err := tun.CreateTUNFromFile(os.NewFile(uintptr(tunFd), "/dev/tun"), 0)
+
+	err = unix.SetNonblock(dupTunFd, true)
 	if err != nil {
 		logger.Error.Println(err)
+		unix.Close(dupTunFd)
+		return -1
+	}
+	tun, err := tun.CreateTUNFromFile(os.NewFile(uintptr(dupTunFd), "/dev/tun"), 0)
+	if err != nil {
+		logger.Error.Println(err)
+		unix.Close(dupTunFd)
 		return -1
 	}
 	logger.Info.Println("Attaching to interface")
@ -107,6 +114,7 @@ func wgTurnOn(settings *C.char, tunFd int32) int32 {
 	setError := device.IpcSetOperation(bufio.NewReader(strings.NewReader(C.GoString(settings))))
 	if setError != nil {
 		logger.Error.Println(setError)
+		unix.Close(dupTunFd)
 		return -1
 	}

@ -120,6 +128,7 @@ func wgTurnOn(settings *C.char, tunFd int32) int32 {
 		}
 	}
 	if i == math.MaxInt32 {
+		unix.Close(dupTunFd)
 		return -1
 	}
 	tunnelHandles[i] = tunnelHandle{device, logger}