interfaces: small audit of get_failover_interface()

src/etc/inc/plugins.inc.d/ipsec.inc

@@ -307,15 +307,11 @@ function ipsec_get_phase1_src(&$ph1ent)
             return '%any';
         } elseif (!is_ipaddr($ph1ent['interface'])) {
             if (strpos($ph1ent['interface'], '_vip') !== false) {
-                // if this is a vip, set the interface to $ph1ent['interface']
+                // if this is a vip, use literal interface
                 $if = $ph1ent['interface'];
             } else {
                 // not a vip, check failover interface
-                if ($ph1ent['protocol'] == "inet6") {
-                    $if = get_failover_interface($ph1ent['interface'], "inet6");
-                } else {
-                    $if = get_failover_interface($ph1ent['interface']);
-                }
+                $if = get_failover_interface($ph1ent['interface'], $ph1ent['protocol'] == 'inet6' ? 'inet6' : 'all');
             }
         } else {
             // interface is an ip address, return

src/etc/inc/plugins.inc.d/openvpn.inc

@@ -565,6 +565,7 @@ function openvpn_reconfigure($mode, $settings, $device_only = false)
     // OpenVPN defaults to SHA1, so use it when unset to maintain compatibility.
     $digest = !empty($settings['digest']) ? $settings['digest'] : "SHA1";
 
+    /* XXX does not support IPv6: missing 'inet6' */
     $interface = get_failover_interface($settings['interface']);
     $ipaddr = $settings['ipaddr'];
 
@@ -1685,6 +1686,7 @@ function openvpn_resync_if_needed($mode, $ovpn_settings, $interface)
             if (file_exists($fpath)) {
                 $current_device = file_get_contents($fpath);
                 $current_device = trim($current_device, " \t\n");
+                /* XXX does not support IPv6: missing 'inet6' */
                 $new_device = get_failover_interface($ovpn_settings['interface']);
                 if (isset($config['interfaces'][$interface])) {
                     $this_device = $config['interfaces'][$interface]['if'];