From 5546eba36a430f77dcd77b946b26b7fdd4772dff Mon Sep 17 00:00:00 2001
From: Maycon Santos <mlsmaycon@gmail.com>
Date: Sun, 20 Feb 2022 19:03:16 +0100
Subject: [PATCH] Write to temp file before saving data (#238)

* Create temp file before saving data

On the event of full disk, we may encounter the case where the
destination file get replaced by an empty file as the
ioutil.WriteFile truncates the destination before write.

* Close the tempFile instance before moving it

* Blacklist Wireguard interfaces for ICE checks
---
 client/internal/peer/conn.go | 18 ++++++++++++++----
 go.sum                       |  2 --
 util/file.go                 | 28 ++++++++++++++++++++++++++--
 3 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/client/internal/peer/conn.go b/client/internal/peer/conn.go
index 6749bbdb6..6fed5b0ae 100644
--- a/client/internal/peer/conn.go
+++ b/client/internal/peer/conn.go
@@ -2,6 +2,7 @@ package peer
 
 import (
 	"context"
+	"golang.zx2c4.com/wireguard/wgctrl"
 	"net"
 	"sync"
 	"time"
@@ -87,11 +88,20 @@ func interfaceFilter(blackList []string) func(string) bool {
 		}
 	}
 	return func(iFace string) bool {
-		if len(blackListMap) == 0 {
-			return true
-		}
+
 		_, ok := blackListMap[iFace]
-		return !ok
+		if ok {
+			return false
+		}
+		// look for unlisted Wireguard interfaces
+		wg, err := wgctrl.New()
+		if err != nil {
+			log.Debugf("trying to create a wgctrl client failed with: %v", err)
+		}
+		defer wg.Close()
+
+		_, err = wg.Device(iFace)
+		return err != nil
 	}
 }
 
diff --git a/go.sum b/go.sum
index 90c4244af..37181556e 100644
--- a/go.sum
+++ b/go.sum
@@ -433,8 +433,6 @@ github.com/vishvananda/netlink v1.1.0 h1:1iyaYNBLmP6L0220aDnYQpo1QEV4t4hJ+xEEhhJ
 github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
 github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df h1:OviZH7qLw/7ZovXvuNyL3XQl8UFofeikI1NW1Gypu7k=
 github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
-github.com/wiretrustee/ice/v2 v2.1.21-0.20220216144753-138db20d36ad h1:S61dy7FWFITWs/WHk2JJvJd600rWyT8Qsm9ct9nUpOQ=
-github.com/wiretrustee/ice/v2 v2.1.21-0.20220216144753-138db20d36ad/go.mod h1:XT1Nrb4OxbVFPffbQMbq4PaeEkpRLVzdphh3fjrw7DY=
 github.com/wiretrustee/ice/v2 v2.1.21-0.20220218121004-dc81faead4bb h1:CU1/+CEeCPvYXgfAyqTJXSQSf6hW3wsWM6Dfz6HkHEQ=
 github.com/wiretrustee/ice/v2 v2.1.21-0.20220218121004-dc81faead4bb/go.mod h1:XT1Nrb4OxbVFPffbQMbq4PaeEkpRLVzdphh3fjrw7DY=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
diff --git a/util/file.go b/util/file.go
index 78080eda9..0d5461f4f 100644
--- a/util/file.go
+++ b/util/file.go
@@ -12,7 +12,7 @@ import (
 // The output JSON is pretty-formatted
 func WriteJson(file string, obj interface{}) error {
 
-	configDir := filepath.Dir(file)
+	configDir, configFileName := filepath.Split(file)
 	err := os.MkdirAll(configDir, 0750)
 	if err != nil {
 		return err
@@ -24,7 +24,31 @@ func WriteJson(file string, obj interface{}) error {
 		return err
 	}
 
-	err = ioutil.WriteFile(file, bs, 0600)
+	tempFile, err := ioutil.TempFile(configDir, ".*"+configFileName)
+	if err != nil {
+		return err
+	}
+
+	tempFileName := tempFile.Name()
+	// closing file ops as windows doesn't allow to move it
+	err = tempFile.Close()
+	if err != nil {
+		return err
+	}
+
+	defer func() {
+		_, err = os.Stat(tempFileName)
+		if err == nil {
+			os.Remove(tempFileName)
+		}
+	}()
+
+	err = ioutil.WriteFile(tempFileName, bs, 0600)
+	if err != nil {
+		return err
+	}
+
+	err = os.Rename(tempFileName, file)
 	if err != nil {
 		return err
 	}