Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

internal/freebsd: add initial version of FreeBSD support #126

Closed
wants to merge 7 commits into from
Closed

internal/freebsd: add initial version of FreeBSD support #126

wants to merge 7 commits into from

Conversation

stv0g
Copy link
Contributor

@stv0g stv0g commented Oct 9, 2022

Signed-off-by: Steffen Vogel post@steffenvogel.de

Closes #91

@stv0g stv0g force-pushed the freebsd branch 2 times, most recently from 3cc7f80 to 41ffc7e Compare October 10, 2022 21:24
@stv0g stv0g marked this pull request as ready for review October 10, 2022 21:24
@stv0g stv0g mentioned this pull request Oct 10, 2022
Closed
@stv0g stv0g force-pushed the freebsd branch 2 times, most recently from 49e5de5 to 0f75615 Compare October 10, 2022 21:40
@stv0g
Copy link
Contributor Author

stv0g commented Oct 10, 2022

The second commit just slipped into this PR to make the CI pass

@mdlayher
Copy link
Member

Thanks for your work on this. I will try to spin up a VM to test amd64 in the next couple of days.

Would it be possible to set up a FreeBSD case in https://github.com/WireGuard/wgctrl-go/blob/master/.cibuild.sh to configure a kernel device for use in CI?

stv0g added 6 commits October 11, 2022 22:08
@stv0g
internal/freebsd: add initial version of FreeBSD support
b76f2e2 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
internal/wguser: Replace deprecated io/ioutil package with io
f83f648 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
internal/freebsd: prepare CI to run tests on FreeBSD
cb9dd8d 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
test: sort AllowedIPs before diffing them
83aad26 
At least the FreeBSD kernel seems to return the AllowedIPs
in a different order than the others.

Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
test: skip integration test configure_peers_update_only on FreeBSD
846054f 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
test: increase test timeout for slow FreeBSD tests
86b20a7 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@stv0g
Copy link
Contributor Author

stv0g commented Oct 12, 2022

Would it be possible to set up a FreeBSD case in https://github.com/WireGuard/wgctrl-go/blob/master/.cibuild.sh to configure a kernel device for use in CI?

Yes, thats done in my latest commit. We are currently missing only some Go unit tests as I couldnt take those from the OpenBSD client.

@stv0g
Copy link
Contributor Author

stv0g commented Oct 12, 2022

Oh no, the CI fails with:

ifconfig: SIOCIFCREATE2: Invalid argument

However, the same command succeeds on my VM.
I dont know, maybe its due to a BSD jail? Or a kernel without WireGuard support compiled in?

@stv0g stv0g force-pushed the freebsd branch 3 times, most recently from b7fad18 to d1f3cd0 Compare October 16, 2022 09:23
@stv0g
Copy link
Contributor Author

stv0g commented Oct 16, 2022

@mdlayher Please ignore my previous comment. I jsut forgot to install the wireguard-kmod package from the FreeBSD ports.

Now most of the tests pass. I just got stuck with the following, which I believe is a bug in the FreeBSD kernel implementation:

=== RUN   TestIntegrationClient/configure_many_IPs/wg0
    client_integration_test.go:268: unexpected number of configured peer IPs (-want +got):
          int(
        - 	1022,
        + 	511,
          )

@stv0g stv0g force-pushed the freebsd branch 5 times, most recently from c4d0d56 to 86b20a7 Compare October 16, 2022 11:25
@stv0g
Copy link
Contributor Author

stv0g commented Oct 16, 2022

Okay, all issues fixed. Test succeed in the CI and on my VM.

Currently, the FreeBSD kernel implementation does not support the PeerConfig UpdateOnly flag.
I am now throwing an error if a user attempts to use it.
I think this is a cleaner solution than trying to emulate it in userspace as this can be racy.
We should wait for the kernel module to add this missing feature.

@mdlayher Feel free to merge it once you are happy. I am considering the PR complete.

@stv0g
add FreeBSD support to README
aff2a3d 
Signed-off-by: Steffen Vogel <post@steffenvogel.de>
@mdlayher
Copy link
Member

Thanks so much. I'm a bit busy at the moment but will try to verify all of this in the next few days and get it merged.

@mdlayher
Copy link
Member

mdlayher commented Nov 4, 2022

Sorry for the delay, I have been focused on work but haven't forgotten about this! I am spinning up a VM this morning to give it a test run and will merge if all seems good. Thank you for your contribution.

@mdlayher
Copy link
Member

mdlayher commented Nov 4, 2022
edited
Loading

I downloaded a FreeBSD 14.0-CURRENT image and spun it up in a VM.

EDIT: it seems like the full test suite does pass, but the "configure many peers" case seems to take a very long time in userspace. There is probably something fishy going on there.

[matt@freebsd ~/src/wgctrl-go]$ sudo WGCTRL_INTEGRATION=yesreallydoit time ./wgctrl.test -test.v                                                                                                   [4/3144]
=== RUN   TestClientClose                
--- PASS: TestClientClose (0.00s)                
=== RUN   TestClientDevices
--- PASS: TestClientDevices (0.00s)                                                                  
=== RUN   TestClientDevice      
=== RUN   TestClientDevice/first_error
=== RUN   TestClientDevice/not_found
=== RUN   TestClientDevice/first_not_found
=== RUN   TestClientDevice/first_ok
--- PASS: TestClientDevice (0.00s)
    --- PASS: TestClientDevice/first_error (0.00s) 
    --- PASS: TestClientDevice/not_found (0.00s)
    --- PASS: TestClientDevice/first_not_found (0.00s)
    --- PASS: TestClientDevice/first_ok (0.00s)
=== RUN   TestClientConfigureDevice
=== RUN   TestClientConfigureDevice/first_error
=== RUN   TestClientConfigureDevice/not_found
=== RUN   TestClientConfigureDevice/first_not_found
=== RUN   TestClientConfigureDevice/first_ok
--- PASS: TestClientConfigureDevice (0.00s)
    --- PASS: TestClientConfigureDevice/first_error (0.00s)
    --- PASS: TestClientConfigureDevice/not_found (0.00s)
    --- PASS: TestClientConfigureDevice/first_not_found (0.00s)
    --- PASS: TestClientConfigureDevice/first_ok (0.00s)
=== RUN   TestIntegrationClient
=== RUN   TestIntegrationClient/get
=== RUN   TestIntegrationClient/get/wg0
    client_integration_test.go:132: device: wg0: L+V9o0fNYkMVKNqsX7spBzD/9oSvxM/C7ZCZX1jLO3Q=
=== RUN   TestIntegrationClient/configure
=== RUN   TestIntegrationClient/configure/wg0
    client_integration_test.go:156: before: wg0: L+V9o0fNYkMVKNqsX7spBzD/9oSvxM/C7ZCZX1jLO3Q=
    client_integration_test.go:211:  after: wg0: 7zuWtTgd8PwBGD442Qq/cMtUUJBg4vzfl5o48H54Xi0=
        - peer: HKmIdsm4ppG8Oq9uUvrO3Qhqr6m9g3G8CEeDP2tciRI=, IPs: 192.0.2.0/32, 2001:db8::/128
         
=== RUN   TestIntegrationClient/configure_many_IPs 
=== RUN   TestIntegrationClient/configure_many_IPs/wg0
    client_integration_test.go:271: device: wg0: 1022 IPs
=== RUN   TestIntegrationClient/configure_many_peers
=== RUN   TestIntegrationClient/configure_many_peers/wg0
    client_integration_test.go:331: device: wg0: 256 peers, 512 IPs
=== RUN   TestIntegrationClient/configure_peers_update_only
=== RUN   TestIntegrationClient/configure_peers_update_only/wg0
    client_integration_test.go:370: FreeBSD kernel devices do not support UpdateOnly flag
=== RUN   TestIntegrationClient/reset
=== RUN   TestIntegrationClient/reset/wg0
--- PASS: TestIntegrationClient (83.07s)
    --- PASS: TestIntegrationClient/get (0.00s)
        --- PASS: TestIntegrationClient/get/wg0 (0.00s)
    --- PASS: TestIntegrationClient/configure (0.00s)
        --- PASS: TestIntegrationClient/configure/wg0 (0.00s)
    --- PASS: TestIntegrationClient/configure_many_IPs (0.03s)
        --- PASS: TestIntegrationClient/configure_many_IPs/wg0 (0.03s)
    --- PASS: TestIntegrationClient/configure_many_peers (83.03s)
        --- PASS: TestIntegrationClient/configure_many_peers/wg0 (83.03s)
    --- PASS: TestIntegrationClient/configure_peers_update_only (0.00s)
        --- SKIP: TestIntegrationClient/configure_peers_update_only/wg0 (0.00s)
    --- PASS: TestIntegrationClient/reset (0.00s)
        --- PASS: TestIntegrationClient/reset/wg0 (0.00s)
=== RUN   TestIntegrationClientIsNotExist
--- PASS: TestIntegrationClientIsNotExist (0.00s)
PASS
       83.08 real        82.59 user         0.50 sys

@mdlayher
Copy link
Member

mdlayher commented Nov 4, 2022

Either way this seems like a good starting point and I think we can iterate from here. Thank you!

@mdlayher mdlayher mentioned this pull request Nov 4, 2022
Merged
@mdlayher
Copy link
Member

mdlayher commented Nov 4, 2022

See #128.

@mdlayher mdlayher closed this Nov 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

internal/wgfreebsd: support for new FreeBSD kernel interface
2 participants
@stv0g @mdlayher