Merge pull request #71 from passepartoutvpn/default-gateway
Do not imply default gateway
This commit is contained in:
commit
990014ddc2
|
@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
|
||||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
||||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
|
## Unreleased
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
- Do not redirect all traffic to VPN unless `--redirect-gateway` specified. [#71](https://github.com/passepartoutvpn/passepartout-ios/pull/71)
|
||||||
|
|
||||||
## 1.6.0 Beta 1750 (2019-04-23)
|
## 1.6.0 Beta 1750 (2019-04-23)
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -87,6 +87,7 @@ class ConfigurationViewController: UIViewController, TableModelHost {
|
||||||
} else {
|
} else {
|
||||||
networkRows = []
|
networkRows = []
|
||||||
}
|
}
|
||||||
|
networkRows.insert(.defaultGateway, at: 0)
|
||||||
networkRows.append(.dnsDomain)
|
networkRows.append(.dnsDomain)
|
||||||
networkRows.append(.httpProxy)
|
networkRows.append(.httpProxy)
|
||||||
networkRows.append(.httpsProxy)
|
networkRows.append(.httpsProxy)
|
||||||
|
@ -197,6 +198,8 @@ extension ConfigurationViewController: UITableViewDataSource, UITableViewDelegat
|
||||||
|
|
||||||
case compressionAlgorithm
|
case compressionAlgorithm
|
||||||
|
|
||||||
|
case defaultGateway
|
||||||
|
|
||||||
case dnsServer
|
case dnsServer
|
||||||
|
|
||||||
case dnsDomain
|
case dnsDomain
|
||||||
|
@ -304,12 +307,22 @@ extension ConfigurationViewController: UITableViewDataSource, UITableViewDelegat
|
||||||
cell.accessoryType = .none
|
cell.accessoryType = .none
|
||||||
cell.isTappable = false
|
cell.isTappable = false
|
||||||
|
|
||||||
|
case .defaultGateway:
|
||||||
|
cell.leftText = L10n.Configuration.Cells.DefaultGateway.caption
|
||||||
|
if let policies = configuration.routingPolicies {
|
||||||
|
cell.rightText = policies.map { $0.rawValue }.joined(separator: " / ")
|
||||||
|
} else {
|
||||||
|
cell.rightText = V.All.Value.none
|
||||||
|
}
|
||||||
|
cell.accessoryType = .none
|
||||||
|
cell.isTappable = false
|
||||||
|
|
||||||
case .dnsServer:
|
case .dnsServer:
|
||||||
guard let dnsServers = configuration.dnsServers else {
|
guard let dnsServers = configuration.dnsServers else {
|
||||||
fatalError("Showing DNS section without any custom server")
|
fatalError("Showing DNS section without any custom server")
|
||||||
}
|
}
|
||||||
cell.leftText = L10n.Configuration.Cells.DnsServer.caption
|
cell.leftText = L10n.Configuration.Cells.DnsServer.caption
|
||||||
cell.rightText = dnsServers[indexPath.row]
|
cell.rightText = dnsServers[indexPath.row - 1]
|
||||||
cell.accessoryType = .none
|
cell.accessoryType = .none
|
||||||
cell.isTappable = false
|
cell.isTappable = false
|
||||||
|
|
||||||
|
|
|
@ -181,6 +181,7 @@
|
||||||
"configuration.cells.tls_wrapping.value.auth" = "Authentication";
|
"configuration.cells.tls_wrapping.value.auth" = "Authentication";
|
||||||
"configuration.cells.tls_wrapping.value.crypt" = "Encryption";
|
"configuration.cells.tls_wrapping.value.crypt" = "Encryption";
|
||||||
"configuration.cells.eku.caption" = "Extended verification";
|
"configuration.cells.eku.caption" = "Extended verification";
|
||||||
|
"configuration.cells.default_gateway.caption" = "Default gateway";
|
||||||
"configuration.cells.dns_server.caption" = "DNS";
|
"configuration.cells.dns_server.caption" = "DNS";
|
||||||
"configuration.cells.dns_domain.caption" = "Domain";
|
"configuration.cells.dns_domain.caption" = "Domain";
|
||||||
"configuration.cells.proxy_http.caption" = "Proxy";
|
"configuration.cells.proxy_http.caption" = "Proxy";
|
||||||
|
|
|
@ -265,12 +265,12 @@ public class ConnectionService: Codable {
|
||||||
case .provider:
|
case .provider:
|
||||||
let providerProfile = try decoder.decode(ProviderConnectionProfile.self, from: data)
|
let providerProfile = try decoder.decode(ProviderConnectionProfile.self, from: data)
|
||||||
|
|
||||||
// fix renamed presets, fall back to default
|
// XXX: fix renamed presets, fall back to default
|
||||||
if providerProfile.preset == nil {
|
if providerProfile.preset == nil {
|
||||||
providerProfile.presetId = providerProfile.infrastructure.defaults.preset
|
providerProfile.presetId = providerProfile.infrastructure.defaults.preset
|
||||||
}
|
}
|
||||||
|
|
||||||
// fix renamed pool, fall back to default
|
// XXX: fix renamed pool, fall back to default
|
||||||
if providerProfile.pool == nil, let fallbackPool = providerProfile.infrastructure.defaultPool() {
|
if providerProfile.pool == nil, let fallbackPool = providerProfile.infrastructure.defaultPool() {
|
||||||
providerProfile.poolId = fallbackPool.id
|
providerProfile.poolId = fallbackPool.id
|
||||||
}
|
}
|
||||||
|
@ -280,7 +280,7 @@ public class ConnectionService: Codable {
|
||||||
case .host:
|
case .host:
|
||||||
let hostProfile = try decoder.decode(HostConnectionProfile.self, from: data)
|
let hostProfile = try decoder.decode(HostConnectionProfile.self, from: data)
|
||||||
|
|
||||||
// migrate old endpointProtocols
|
// XXX: migrate old endpointProtocols
|
||||||
if hostProfile.parameters.sessionConfiguration.endpointProtocols == nil {
|
if hostProfile.parameters.sessionConfiguration.endpointProtocols == nil {
|
||||||
var sessionBuilder = hostProfile.parameters.sessionConfiguration.builder()
|
var sessionBuilder = hostProfile.parameters.sessionConfiguration.builder()
|
||||||
sessionBuilder.endpointProtocols = hostProfile.parameters.endpointProtocols
|
sessionBuilder.endpointProtocols = hostProfile.parameters.endpointProtocols
|
||||||
|
@ -289,6 +289,8 @@ public class ConnectionService: Codable {
|
||||||
hostProfile.parameters = parametersBuilder.build()
|
hostProfile.parameters = parametersBuilder.build()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// XXX: re-read routing policies for
|
||||||
|
|
||||||
profile = hostProfile
|
profile = hostProfile
|
||||||
}
|
}
|
||||||
cache[key] = profile
|
cache[key] = profile
|
||||||
|
@ -329,6 +331,37 @@ public class ConnectionService: Codable {
|
||||||
return url.deletingPathExtension().lastPathComponent
|
return url.deletingPathExtension().lastPathComponent
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func reloadHostProfilesFromConfigurationFiles() -> Bool {
|
||||||
|
var anyReloaded = false
|
||||||
|
for entry in cache {
|
||||||
|
guard entry.value.context == .host else {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
guard let host = profile(withKey: entry.key) as? HostConnectionProfile else {
|
||||||
|
log.warning("Host context but not a HostConnectionProfile?")
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
guard let url = configurationURL(for: entry.key) else {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
// can fail due to passphrase (migration is non-interactive)
|
||||||
|
if let result = try? ConfigurationParser.parsed(fromURL: url) {
|
||||||
|
host.parameters = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: result.configuration).build()
|
||||||
|
} else {
|
||||||
|
|
||||||
|
// fall back to the safer option
|
||||||
|
var builder = host.parameters.builder()
|
||||||
|
builder.sessionConfiguration.routingPolicies = [.IPv4, .IPv6]
|
||||||
|
host.parameters = builder.build()
|
||||||
|
}
|
||||||
|
cache[entry.key] = host
|
||||||
|
|
||||||
|
anyReloaded = true
|
||||||
|
}
|
||||||
|
return anyReloaded
|
||||||
|
}
|
||||||
|
|
||||||
// MARK: Profiles
|
// MARK: Profiles
|
||||||
|
|
||||||
public func hasProfiles() -> Bool {
|
public func hasProfiles() -> Bool {
|
||||||
|
|
|
@ -34,6 +34,10 @@ public class TransientStore {
|
||||||
static let didHandleSubreddit = "DidHandleSubreddit"
|
static let didHandleSubreddit = "DidHandleSubreddit"
|
||||||
|
|
||||||
static let masksPrivateData = "MasksPrivateData"
|
static let masksPrivateData = "MasksPrivateData"
|
||||||
|
|
||||||
|
// migrations
|
||||||
|
|
||||||
|
static let didMigrateHostsRoutingPolicies = "DidMigrateHostsRoutingPolicies"
|
||||||
}
|
}
|
||||||
|
|
||||||
public static let shared = TransientStore()
|
public static let shared = TransientStore()
|
||||||
|
@ -62,6 +66,15 @@ public class TransientStore {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static var didMigrateHostsRoutingPolicies: Bool {
|
||||||
|
get {
|
||||||
|
return UserDefaults.standard.bool(forKey: Keys.didMigrateHostsRoutingPolicies)
|
||||||
|
}
|
||||||
|
set {
|
||||||
|
UserDefaults.standard.set(newValue, forKey: Keys.didMigrateHostsRoutingPolicies)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public static var baseVPNConfiguration: TunnelKitProvider.ConfigurationBuilder {
|
public static var baseVPNConfiguration: TunnelKitProvider.ConfigurationBuilder {
|
||||||
let sessionBuilder = SessionProxy.ConfigurationBuilder()
|
let sessionBuilder = SessionProxy.ConfigurationBuilder()
|
||||||
var builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
|
var builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
|
||||||
|
@ -95,6 +108,14 @@ public class TransientStore {
|
||||||
service = try JSONDecoder().decode(ConnectionService.self, from: data)
|
service = try JSONDecoder().decode(ConnectionService.self, from: data)
|
||||||
service.baseConfiguration = cfg
|
service.baseConfiguration = cfg
|
||||||
service.loadProfiles()
|
service.loadProfiles()
|
||||||
|
|
||||||
|
// do migrations
|
||||||
|
if !TransientStore.didMigrateHostsRoutingPolicies {
|
||||||
|
if service.reloadHostProfilesFromConfigurationFiles() {
|
||||||
|
service.saveProfiles()
|
||||||
|
}
|
||||||
|
TransientStore.didMigrateHostsRoutingPolicies = true
|
||||||
|
}
|
||||||
} catch let e {
|
} catch let e {
|
||||||
log.error("Could not decode service: \(e)")
|
log.error("Could not decode service: \(e)")
|
||||||
service = ConnectionService(
|
service = ConnectionService(
|
||||||
|
|
|
@ -162,6 +162,9 @@ public struct InfrastructurePreset: Codable {
|
||||||
sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false
|
sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false
|
||||||
sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false
|
sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false
|
||||||
|
|
||||||
|
// XXX: redirect everything through the VPN for providers
|
||||||
|
sessionBuilder.routingPolicies = [.IPv4, .IPv6]
|
||||||
|
|
||||||
let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
|
let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
|
||||||
configuration = builder.build()
|
configuration = builder.build()
|
||||||
}
|
}
|
||||||
|
|
|
@ -168,6 +168,10 @@ public enum L10n {
|
||||||
public static let lzo = L10n.tr("Localizable", "configuration.cells.compression_framing.value.lzo")
|
public static let lzo = L10n.tr("Localizable", "configuration.cells.compression_framing.value.lzo")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
public enum DefaultGateway {
|
||||||
|
/// Default gateway
|
||||||
|
public static let caption = L10n.tr("Localizable", "configuration.cells.default_gateway.caption")
|
||||||
|
}
|
||||||
public enum Digest {
|
public enum Digest {
|
||||||
/// Authentication
|
/// Authentication
|
||||||
public static let caption = L10n.tr("Localizable", "configuration.cells.digest.caption")
|
public static let caption = L10n.tr("Localizable", "configuration.cells.digest.caption")
|
||||||
|
|
4
Podfile
4
Podfile
|
@ -5,8 +5,8 @@ use_frameworks!
|
||||||
def shared_pods
|
def shared_pods
|
||||||
#pod 'TunnelKit', '~> 1.6.2'
|
#pod 'TunnelKit', '~> 1.6.2'
|
||||||
#pod 'TunnelKit/LZO', '~> 1.6.2'
|
#pod 'TunnelKit/LZO', '~> 1.6.2'
|
||||||
pod 'TunnelKit', :git => 'https://github.com/keeshux/tunnelkit', :commit => 'ef5180a'
|
pod 'TunnelKit', :git => 'https://github.com/keeshux/tunnelkit', :commit => '7382616'
|
||||||
pod 'TunnelKit/LZO', :git => 'https://github.com/keeshux/tunnelkit', :commit => 'ef5180a'
|
pod 'TunnelKit/LZO', :git => 'https://github.com/keeshux/tunnelkit', :commit => '7382616'
|
||||||
#pod 'TunnelKit', :path => '../../personal/tunnelkit'
|
#pod 'TunnelKit', :path => '../../personal/tunnelkit'
|
||||||
#pod 'TunnelKit/LZO', :path => '../../personal/tunnelkit'
|
#pod 'TunnelKit/LZO', :path => '../../personal/tunnelkit'
|
||||||
pod 'SSZipArchive'
|
pod 'SSZipArchive'
|
||||||
|
|
10
Podfile.lock
10
Podfile.lock
|
@ -17,8 +17,8 @@ PODS:
|
||||||
DEPENDENCIES:
|
DEPENDENCIES:
|
||||||
- MBProgressHUD
|
- MBProgressHUD
|
||||||
- SSZipArchive
|
- SSZipArchive
|
||||||
- TunnelKit (from `https://github.com/keeshux/tunnelkit`, commit `ef5180a`)
|
- TunnelKit (from `https://github.com/keeshux/tunnelkit`, commit `7382616`)
|
||||||
- TunnelKit/LZO (from `https://github.com/keeshux/tunnelkit`, commit `ef5180a`)
|
- TunnelKit/LZO (from `https://github.com/keeshux/tunnelkit`, commit `7382616`)
|
||||||
|
|
||||||
SPEC REPOS:
|
SPEC REPOS:
|
||||||
https://github.com/cocoapods/specs.git:
|
https://github.com/cocoapods/specs.git:
|
||||||
|
@ -29,12 +29,12 @@ SPEC REPOS:
|
||||||
|
|
||||||
EXTERNAL SOURCES:
|
EXTERNAL SOURCES:
|
||||||
TunnelKit:
|
TunnelKit:
|
||||||
:commit: ef5180a
|
:commit: '7382616'
|
||||||
:git: https://github.com/keeshux/tunnelkit
|
:git: https://github.com/keeshux/tunnelkit
|
||||||
|
|
||||||
CHECKOUT OPTIONS:
|
CHECKOUT OPTIONS:
|
||||||
TunnelKit:
|
TunnelKit:
|
||||||
:commit: ef5180a
|
:commit: '7382616'
|
||||||
:git: https://github.com/keeshux/tunnelkit
|
:git: https://github.com/keeshux/tunnelkit
|
||||||
|
|
||||||
SPEC CHECKSUMS:
|
SPEC CHECKSUMS:
|
||||||
|
@ -44,6 +44,6 @@ SPEC CHECKSUMS:
|
||||||
SwiftyBeaver: 4cc0080d2e23f980652e28978db11a5c9da39165
|
SwiftyBeaver: 4cc0080d2e23f980652e28978db11a5c9da39165
|
||||||
TunnelKit: a0b7eb151ae6d30788623df94d682ed90706940a
|
TunnelKit: a0b7eb151ae6d30788623df94d682ed90706940a
|
||||||
|
|
||||||
PODFILE CHECKSUM: 15e1a3ee168932349294032eeddea0f0713873a4
|
PODFILE CHECKSUM: 15a7ba649b5eafa958016880cee196b53e08bf1f
|
||||||
|
|
||||||
COCOAPODS: 1.6.1
|
COCOAPODS: 1.6.1
|
||||||
|
|
Loading…
Reference in New Issue