version: bump snapshot

Interestingly, ksh(1) on OpenBSD does not export PWD by default, and it
also has a notion of the "logical cwd" vs the "physical cwd", with the
latter being passed to chdir, but the former being stored in the
non-exported PWD and displayed to the user. This means that if you `cd`
into a directory that's comprised of symlinks, exec'd processes will see
the physical path. Observe:

  # ksh
  # mkdir a
  # ln -s a b
  # cd b
  # pwd
  /root/b
  # ksh -c pwd
  /root/a

The fact of separating physical and logical paths is not too uncommon
for shells (bash does it too), but not exporting PWD is very odd.

Since this is common behavior for many shells, libraries that return the
working directory will do something strange: they `stat(".")` and then
`stat(getenv("PWD"))`, and if these point to the same inode, they roll
with the value of `getenv("PWD")`, or otherwise fallback to asking the
kernel for the cwd.

Since PWD was not exported by ksh(1), Go's dep utility did not understand
it was operating inside of our faked GOPATH and became upset.

This patch works around the whole situation by simply exporting PWD
before executing dep.

Gopkg.lock

@@ -11,7 +11,7 @@
     "internal/chacha20",
     "poly1305"
   ]
-  revision = "1a580b3eff7814fc9b40602fd35256c63b50f491"
+  revision = "ab813273cd59e1333f7ae7bff5d027d4aadf528c"
 
 [[projects]]
   branch = "master"
@@ -23,7 +23,7 @@
     "ipv4",
     "ipv6"
   ]
-  revision = "9ef9f5bb98a1fdc41f8cf6c250a4404b4085e389"
+  revision = "dfa909b99c79129e1100513e5cd36307665e5723"
 
 [[projects]]
   branch = "master"
@@ -32,7 +32,7 @@
     "cpu",
     "unix"
   ]
-  revision = "88eb85aaee56831ad49eaf7aa80d73de9814cde2"
+  revision = "c11f84a56e43e20a78cee75a7c034031ecf57d1f"
 
 [solve-meta]
   analyzer-name = "dep"

Makefile

@@ -32,11 +32,11 @@ version.go:
 
 vendor/.created: Gopkg.toml Gopkg.lock | .gopath/.created
 	command -v dep >/dev/null || go get -v github.com/golang/dep/cmd/dep
-	cd .gopath/src/$(GO_IMPORT_PATH) && dep ensure -vendor-only -v
+	export PWD; cd .gopath/src/$(GO_IMPORT_PATH) && dep ensure -vendor-only -v
 	touch $@
 
 wireguard-go: $(wildcard *.go) $(wildcard */*.go) .gopath/.created vendor/.created version.go
-	go build $(GO_BUILD_EXTRA_ARGS) -v $(GO_IMPORT_PATH)
+	go build -v $(GO_IMPORT_PATH)
 
 install: wireguard-go
 	@install -v -d "$(DESTDIR)$(BINDIR)" && install -v -m 0755 wireguard-go "$(DESTDIR)$(BINDIR)/wireguard-go"

README.md

@@ -76,9 +76,9 @@ $ make
     are otherwise in compliance with the GPLv2 for each covered work you convey
     (including without limitation making the Corresponding Source available in
     compliance with Section 3 of the GPLv2), you are granted the additional
-    the additional permission to convey through the Apple App Store
+    permission to convey through the Apple App Store non-source executable
-    non-source executable versions of the Program as incorporated into each
+    versions of the Program as incorporated into each applicable covered work
-    applicable covered work as Executable Versions only under the Mozilla
+    as Executable Versions only under the Mozilla Public License version 2.0
-    Public License version 2.0 (https://www.mozilla.org/en-US/MPL/2.0/).
+    (https://www.mozilla.org/en-US/MPL/2.0/).
     
 

conn_default.go

@@ -11,7 +11,9 @@ package main
 import (
 	"golang.org/x/sys/unix"
 	"net"
+	"os"
 	"runtime"
+	"syscall"
 )
 
 /* This code is meant to be a temporary solution
@@ -87,6 +89,18 @@ func listenNet(network string, port int) (*net.UDPConn, int, error) {
 	return conn, uaddr.Port, nil
 }
 
+func extractErrno(err error) error {
+	opErr, ok := err.(*net.OpError)
+	if !ok {
+		return nil
+	}
+	syscallErr, ok := opErr.Err.(*os.SyscallError)
+	if !ok {
+		return nil
+	}
+	return syscallErr.Err
+}
+
 func CreateBind(uport uint16, device *Device) (Bind, uint16, error) {
 	var err error
 	var bind NativeBind
@@ -94,13 +108,15 @@ func CreateBind(uport uint16, device *Device) (Bind, uint16, error) {
 	port := int(uport)
 
 	bind.ipv4, port, err = listenNet("udp4", port)
-	if err != nil {
+	if err != nil && extractErrno(err) != syscall.EAFNOSUPPORT {
 		return nil, 0, err
 	}
 
 	bind.ipv6, port, err = listenNet("udp6", port)
-	if err != nil {
+	if err != nil && extractErrno(err) != syscall.EAFNOSUPPORT {
+		return nil, 0, err
 		bind.ipv4.Close()
+		bind.ipv4 = nil
 		return nil, 0, err
 	}
 
@@ -108,8 +124,13 @@ func CreateBind(uport uint16, device *Device) (Bind, uint16, error) {
 }
 
 func (bind *NativeBind) Close() error {
-	err1 := bind.ipv4.Close()
+	var err1, err2 error
-	err2 := bind.ipv6.Close()
+	if bind.ipv4 != nil {
+		err1 = bind.ipv4.Close()
+	}
+	if bind.ipv6 != nil {
+		err2 = bind.ipv6.Close()
+	}
 	if err1 != nil {
 		return err1
 	}
@@ -117,6 +138,9 @@ func (bind *NativeBind) Close() error {
 }
 
 func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
+	if bind.ipv4 == nil {
+		return 0, nil, syscall.EAFNOSUPPORT
+	}
 	n, endpoint, err := bind.ipv4.ReadFromUDP(buff)
 	if endpoint != nil {
 		endpoint.IP = endpoint.IP.To4()
@@ -125,6 +149,9 @@ func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 }
 
 func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
+	if bind.ipv6 == nil {
+		return 0, nil, syscall.EAFNOSUPPORT
+	}
 	n, endpoint, err := bind.ipv6.ReadFromUDP(buff)
 	return n, (*NativeEndpoint)(endpoint), err
 }
@@ -133,8 +160,14 @@ func (bind *NativeBind) Send(buff []byte, endpoint Endpoint) error {
 	var err error
 	nend := endpoint.(*NativeEndpoint)
 	if nend.IP.To4() != nil {
+		if bind.ipv4 == nil {
+			return syscall.EAFNOSUPPORT
+		}
 		_, err = bind.ipv4.WriteToUDP(buff, (*net.UDPAddr)(nend))
 	} else {
+		if bind.ipv6 == nil {
+			return syscall.EAFNOSUPPORT
+		}
 		_, err = bind.ipv6.WriteToUDP(buff, (*net.UDPAddr)(nend))
 	}
 	return err
@@ -157,31 +190,29 @@ func (bind *NativeBind) SetMark(mark uint32) error {
 	if fwmarkIoctl == 0 {
 		return nil
 	}
-	fd4, err1 := bind.ipv4.SyscallConn()
+	if bind.ipv4 != nil {
-	fd6, err2 := bind.ipv6.SyscallConn()
+		fd, err := bind.ipv4.SyscallConn()
-	if err1 != nil {
+		if err != nil {
-		return err1
+			return err
 		}
-	if err2 != nil {
+		err = fd.Control(func(fd uintptr) {
-		return err2
+			err = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
-	}
-	err3 := fd4.Control(func(fd uintptr) {
-		err1 = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
 		})
-	err4 := fd6.Control(func(fd uintptr) {
+		if err != nil {
-		err2 = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
+			return err
+		}
+	}
+	if bind.ipv6 != nil {
+		fd, err := bind.ipv6.SyscallConn()
+		if err != nil {
+			return err
+		}
+		err = fd.Control(func(fd uintptr) {
+			err = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, fwmarkIoctl, int(mark))
 		})
-	if err1 != nil {
+		if err != nil {
-		return err1
+			return err
 		}
-	if err2 != nil {
-		return err2
-	}
-	if err3 != nil {
-		return err3
-	}
-	if err4 != nil {
-		return err4
 	}
 	return nil
 }

conn_linux.go

@@ -18,12 +18,13 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"errors"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/sys/unix"
 	"net"
 	"strconv"
 	"sync"
+	"syscall"
 	"unsafe"
 )
 
@@ -140,20 +141,22 @@ func CreateBind(port uint16, device *Device) (*NativeBind, uint16, error) {
 	go bind.routineRouteListener(device)
 
 	bind.sock6, port, err = create6(port)
-	if err != nil {
+	if err != nil && err != syscall.EAFNOSUPPORT {
 		bind.netlinkCancel.Cancel()
-		return nil, port, err
+		return nil, 0, err
 	}
 
 	bind.sock4, port, err = create4(port)
-	if err != nil {
+	if err != nil && err != syscall.EAFNOSUPPORT {
 		bind.netlinkCancel.Cancel()
 		unix.Close(bind.sock6)
+		return nil, 0, err
 	}
-	return &bind, port, err
+	return &bind, port, nil
 }
 
 func (bind *NativeBind) SetMark(value uint32) error {
+	if bind.sock6 != -1 {
 		err := unix.SetsockoptInt(
 			bind.sock6,
 			unix.SOL_SOCKET,
@@ -164,8 +167,10 @@ func (bind *NativeBind) SetMark(value uint32) error {
 		if err != nil {
 			return err
 		}
+	}
 
-	err = unix.SetsockoptInt(
+	if bind.sock4 != -1 {
+		err := unix.SetsockoptInt(
 			bind.sock4,
 			unix.SOL_SOCKET,
 			unix.SO_MARK,
@@ -175,6 +180,7 @@ func (bind *NativeBind) SetMark(value uint32) error {
 		if err != nil {
 			return err
 		}
+	}
 
 	bind.lastMark = value
 	return nil
@@ -187,9 +193,14 @@ func closeUnblock(fd int) error {
 }
 
 func (bind *NativeBind) Close() error {
-	err1 := closeUnblock(bind.sock6)
+	var err1, err2, err3 error
-	err2 := closeUnblock(bind.sock4)
+	if bind.sock6 != -1 {
-	err3 := bind.netlinkCancel.Cancel()
+		err1 = closeUnblock(bind.sock6)
+	}
+	if bind.sock4 != -1 {
+		err2 = closeUnblock(bind.sock4)
+	}
+	err3 = bind.netlinkCancel.Cancel()
 
 	if err1 != nil {
 		return err1
@@ -202,6 +213,9 @@ func (bind *NativeBind) Close() error {
 
 func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 	var end NativeEndpoint
+	if bind.sock6 == -1 {
+		return 0, nil, syscall.EAFNOSUPPORT
+	}
 	n, err := receive6(
 		bind.sock6,
 		buff,
@@ -212,6 +226,9 @@ func (bind *NativeBind) ReceiveIPv6(buff []byte) (int, Endpoint, error) {
 
 func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 	var end NativeEndpoint
+	if bind.sock4 == -1 {
+		return 0, nil, syscall.EAFNOSUPPORT
+	}
 	n, err := receive4(
 		bind.sock4,
 		buff,
@@ -223,8 +240,14 @@ func (bind *NativeBind) ReceiveIPv4(buff []byte) (int, Endpoint, error) {
 func (bind *NativeBind) Send(buff []byte, end Endpoint) error {
 	nend := end.(*NativeEndpoint)
 	if !nend.isV6 {
+		if bind.sock4 == -1 {
+			return syscall.EAFNOSUPPORT
+		}
 		return send4(bind.sock4, nend, buff)
 	} else {
+		if bind.sock6 == -1 {
+			return syscall.EAFNOSUPPORT
+		}
 		return send6(bind.sock6, nend, buff)
 	}
 }
@@ -563,7 +586,7 @@ func (bind *NativeBind) routineRouteListener(device *Device) {
 		var msgn int
 		for {
 			msgn, _, _, _, err = unix.Recvmsg(bind.netlinkSock, msg[:], nil, 0)
-			if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+			if err == nil || !rwcancel.RetryAfterError(err) {
 				break
 			}
 			if !bind.netlinkCancel.ReadyRead() {

cookie.go

@@ -7,9 +7,9 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/xchacha20poly1305"
 	"crypto/hmac"
 	"crypto/rand"
+	"git.zx2c4.com/wireguard-go/xchacha20poly1305"
 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/chacha20poly1305"
 	"sync"

helper_test.go

@@ -9,6 +9,7 @@ package main
 import (
 	"bytes"
 	"errors"
+	"git.zx2c4.com/wireguard-go/tun"
 	"os"
 	"testing"
 )
@@ -20,7 +21,7 @@ type DummyTUN struct {
 	name    string
 	mtu     int
 	packets chan []byte
-	events  chan TUNEvent
+	events  chan tun.TUNEvent
 }
 
 func (tun *DummyTUN) File() *os.File {
@@ -46,7 +47,7 @@ func (tun *DummyTUN) Close() error {
 	return nil
 }
 
-func (tun *DummyTUN) Events() chan TUNEvent {
+func (tun *DummyTUN) Events() chan tun.TUNEvent {
 	return tun.events
 }
 
@@ -59,11 +60,11 @@ func (tun *DummyTUN) Read(d []byte, offset int) (int, error) {
 	return len(t), nil
 }
 
-func CreateDummyTUN(name string) (TUNDevice, error) {
+func CreateDummyTUN(name string) (tun.TUNDevice, error) {
 	var dummy DummyTUN
 	dummy.mtu = 0
 	dummy.packets = make(chan []byte, 100)
-	dummy.events = make(chan TUNEvent, 10)
+	dummy.events = make(chan tun.TUNEvent, 10)
 	return &dummy, nil
 }
 

keypair.go

@@ -7,8 +7,8 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/replay"
 	"crypto/cipher"
+	"git.zx2c4.com/wireguard-go/replay"
 	"sync"
 	"time"
 )

main.go

@@ -7,8 +7,8 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/tun"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/tun"
 	"os"
 	"os/signal"
 	"runtime"
@@ -160,6 +160,8 @@ func main() {
 		fmt.Sprintf("(%s) ", interfaceName),
 	)
 
+	logger.Info.Println("Starting wireguard-go version", WireGuardGoVersion)
+
 	logger.Debug.Println("Debug log enabled")
 
 	if err != nil {

noise-protocol.go

@@ -7,8 +7,8 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/tai64n"
 	"errors"
+	"git.zx2c4.com/wireguard-go/tai64n"
 	"golang.org/x/crypto/blake2s"
 	"golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/poly1305"

peer.go

@@ -258,3 +258,14 @@ func (peer *Peer) Stop() {
 
 	peer.ZeroAndFlushAll()
 }
+
+var roamingDisabled bool
+
+func (peer *Peer) SetEndpointFromPacket(endpoint Endpoint) {
+	if roamingDisabled {
+		return
+	}
+	peer.mutex.Lock()
+	peer.endpoint = endpoint
+	peer.mutex.Unlock()
+}

receive.go

@@ -440,10 +440,7 @@ func (device *Device) RoutineHandshake() {
 			peer.timersAnyAuthenticatedPacketReceived()
 
 			// update endpoint
-
+			peer.SetEndpointFromPacket(elem.endpoint)
-			peer.mutex.Lock()
-			peer.endpoint = elem.endpoint
-			peer.mutex.Unlock()
 
 			logDebug.Println(peer, "- Received handshake initiation")
 
@@ -473,10 +470,7 @@ func (device *Device) RoutineHandshake() {
 			}
 
 			// update endpoint
-
+			peer.SetEndpointFromPacket(elem.endpoint)
-			peer.mutex.Lock()
-			peer.endpoint = elem.endpoint
-			peer.mutex.Unlock()
 
 			logDebug.Println(peer, "- Received handshake response")
 
@@ -549,10 +543,7 @@ func (peer *Peer) RoutineSequentialReceiver() {
 			}
 
 			// update endpoint
-
+			peer.SetEndpointFromPacket(elem.endpoint)
-			peer.mutex.Lock()
-			peer.endpoint = elem.endpoint
-			peer.mutex.Unlock()
 
 			// check if using new keypair
 			if peer.ReceivedWithKeypair(elem.keypair) {

rwcancel/rwcancel.go

@@ -40,15 +40,16 @@ func NewRWCancel(fd int) (*RWCancel, error) {
 	return &rwcancel, nil
 }
 
-/* https://golang.org/src/crypto/rand/eagain.go */
+func RetryAfterError(err error) bool {
-func ErrorIsEAGAIN(err error) bool {
 	if pe, ok := err.(*os.PathError); ok {
-		if errno, ok := pe.Err.(syscall.Errno); ok && errno == syscall.EAGAIN {
+		err = pe.Err
+	}
+	if errno, ok := err.(syscall.Errno); ok {
+		switch errno {
+		case syscall.EAGAIN, syscall.EINTR:
 			return true
 		}
-	}
+
-	if errno, ok := err.(syscall.Errno); ok && errno == syscall.EAGAIN {
-		return true
 	}
 	return false
 }
@@ -86,7 +87,7 @@ func (rw *RWCancel) ReadyWrite() bool {
 func (rw *RWCancel) Read(p []byte) (n int, err error) {
 	for {
 		n, err := unix.Read(rw.fd, p)
-		if err == nil || !ErrorIsEAGAIN(err) {
+		if err == nil || !RetryAfterError(err) {
 			return n, err
 		}
 		if !rw.ReadyRead() {
@@ -98,7 +99,7 @@ func (rw *RWCancel) Read(p []byte) (n int, err error) {
 func (rw *RWCancel) Write(p []byte) (n int, err error) {
 	for {
 		n, err := unix.Write(rw.fd, p)
-		if err == nil || !ErrorIsEAGAIN(err) {
+		if err == nil || !RetryAfterError(err) {
 			return n, err
 		}
 		if !rw.ReadyWrite() {

timers.go

@@ -134,7 +134,7 @@ func expiredNewHandshake(peer *Peer) {
 }
 
 func expiredZeroKeyMaterial(peer *Peer) {
-	peer.device.log.Debug.Printf(":%s Removing all keys, since we haven't received a new one in %d seconds\n", peer, int((RejectAfterTime * 3).Seconds()))
+	peer.device.log.Debug.Printf("%s: Removing all keys, since we haven't received a new one in %d seconds\n", peer, int((RejectAfterTime * 3).Seconds()))
 	peer.ZeroAndFlushAll()
 }
 

tun/tun_darwin.go

@@ -1,3 +1,5 @@
+// +build !ios
+
 /* SPDX-License-Identifier: GPL-2.0
  *
  * Copyright (C) 2017-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
@@ -7,14 +9,15 @@
 package tun
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"errors"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/net/ipv6"
 	"golang.org/x/sys/unix"
 	"io/ioutil"
 	"net"
 	"os"
+	"syscall"
 	"unsafe"
 )
 
@@ -54,8 +57,12 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 
 	data := make([]byte, os.Getpagesize())
 	for {
+	retry:
 		n, err := unix.Read(tun.routeSocket, data)
 		if err != nil {
+			if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINTR {
+				goto retry
+			}
 			tun.errors <- err
 			return
 		}
@@ -259,7 +266,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
 	for {
 		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+		if err == nil || !rwcancel.RetryAfterError(err) {
 			return n, err
 		}
 		if !tun.rwcancel.ReadyRead() {

tun/tun_freebsd.go

@@ -6,14 +6,15 @@
 package tun
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"bytes"
 	"errors"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/net/ipv6"
 	"golang.org/x/sys/unix"
 	"net"
 	"os"
+	"syscall"
 	"unsafe"
 )
 
@@ -67,8 +68,12 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 
 	data := make([]byte, os.Getpagesize())
 	for {
+	retry:
 		n, err := unix.Read(tun.routeSocket, data)
 		if err != nil {
+			if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINTR {
+				goto retry
+			}
 			tun.errors <- err
 			return
 		}
@@ -257,19 +262,6 @@ func CreateTUN(name string, mtu int) (TUNDevice, error) {
 		return nil, fmt.Errorf("error %s", errno.Error())
 	}
 
-	// Set TUN iface to broadcast mode. TUN inferfaces on freebsd come up in point to point by default
-	ifmodemode := unix.IFF_BROADCAST
-	_, _, errno = unix.Syscall(
-		unix.SYS_IOCTL,
-		uintptr(tunfd),
-		uintptr(_TUNSIFMODE),
-		uintptr(unsafe.Pointer(&ifmodemode)),
-	)
-
-	if errno != 0 {
-		return nil, fmt.Errorf("error %s", errno.Error())
-	}
-
 	// Rename tun interface
 
 	// Open control socket
@@ -392,7 +384,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
 	for {
 		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+		if err == nil || !rwcancel.RetryAfterError(err) {
 			return n, err
 		}
 		if !tun.rwcancel.ReadyRead() {

tun/tun_linux.go

@@ -12,10 +12,10 @@ package tun
  */
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"bytes"
 	"errors"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/net/ipv6"
 	"golang.org/x/sys/unix"
 	"net"
@@ -102,7 +102,7 @@ func (tun *nativeTun) routineNetlinkListener() {
 		var msgn int
 		for {
 			msgn, _, _, _, err = unix.Recvmsg(tun.netlinkSock, msg[:], nil, 0)
-			if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+			if err == nil || !rwcancel.RetryAfterError(err) {
 				break
 			}
 			if !tun.netlinkCancel.ReadyRead() {
@@ -334,7 +334,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
 	for {
 		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+		if err == nil || !rwcancel.RetryAfterError(err) {
 			return n, err
 		}
 		if !tun.fdCancel.ReadyRead() {

tun/tun_openbsd.go

@@ -6,9 +6,9 @@
 package tun
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"errors"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/net/ipv6"
 	"golang.org/x/sys/unix"
 	"io/ioutil"
@@ -46,8 +46,12 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 
 	data := make([]byte, os.Getpagesize())
 	for {
+	retry:
 		n, err := unix.Read(tun.routeSocket, data)
 		if err != nil {
+			if errno, ok := err.(syscall.Errno); ok && errno == syscall.EINTR {
+				goto retry
+			}
 			tun.errors <- err
 			return
 		}
@@ -90,9 +94,7 @@ func (tun *nativeTun) routineRouteListener(tunIfindex int) {
 
 func errorIsEBUSY(err error) bool {
 	if pe, ok := err.(*os.PathError); ok {
-		if errno, ok := pe.Err.(syscall.Errno); ok && errno == syscall.EBUSY {
+		err = pe.Err
-			return true
-		}
 	}
 	if errno, ok := err.(syscall.Errno); ok && errno == syscall.EBUSY {
 		return true
@@ -127,19 +129,6 @@ func CreateTUN(name string, mtu int) (TUNDevice, error) {
 		return nil, err
 	}
 
-	// Set TUN iface to broadcast mode
-	ifmodemode := unix.IFF_BROADCAST
-	_, _, errno := unix.Syscall(
-		unix.SYS_IOCTL,
-		uintptr(tunfile.Fd()),
-		uintptr(_TUNSIFMODE),
-		uintptr(unsafe.Pointer(&ifmodemode)),
-	)
-
-	if errno != 0 {
-		return nil, fmt.Errorf("error %s", errno.Error())
-	}
-
 	tun, err := CreateTUNFromFile(tunfile, mtu)
 
 	if err == nil && name == "tun" {
@@ -237,7 +226,7 @@ func (tun *nativeTun) doRead(buff []byte, offset int) (int, error) {
 func (tun *nativeTun) Read(buff []byte, offset int) (int, error) {
 	for {
 		n, err := tun.doRead(buff, offset)
-		if err == nil || !rwcancel.ErrorIsEAGAIN(err) {
+		if err == nil || !rwcancel.RetryAfterError(err) {
 			return n, err
 		}
 		if !tun.rwcancel.ReadyRead() {

uapi_linux.go

@@ -7,9 +7,9 @@
 package main
 
 import (
-	"git.zx2c4.com/wireguard-go/rwcancel"
 	"errors"
 	"fmt"
+	"git.zx2c4.com/wireguard-go/rwcancel"
 	"golang.org/x/sys/unix"
 	"net"
 	"os"

version.go

@@ -1,2 +1,2 @@
 package main
-const WireGuardGoVersion = "0.0.20180524"
+const WireGuardGoVersion = "0.0.20180613"