Merge pull request #71 from passepartoutvpn/default-gateway

Do not imply default gateway
This commit is contained in:
Davide De Rosa 2019-04-25 15:54:41 +02:00 committed by GitHub
commit 990014ddc2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 94 additions and 13 deletions

View File

@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## Unreleased
### Changed
- Do not redirect all traffic to VPN unless `--redirect-gateway` specified. [#71](https://github.com/passepartoutvpn/passepartout-ios/pull/71)
## 1.6.0 Beta 1750 (2019-04-23) ## 1.6.0 Beta 1750 (2019-04-23)
### Added ### Added

View File

@ -87,6 +87,7 @@ class ConfigurationViewController: UIViewController, TableModelHost {
} else { } else {
networkRows = [] networkRows = []
} }
networkRows.insert(.defaultGateway, at: 0)
networkRows.append(.dnsDomain) networkRows.append(.dnsDomain)
networkRows.append(.httpProxy) networkRows.append(.httpProxy)
networkRows.append(.httpsProxy) networkRows.append(.httpsProxy)
@ -197,6 +198,8 @@ extension ConfigurationViewController: UITableViewDataSource, UITableViewDelegat
case compressionAlgorithm case compressionAlgorithm
case defaultGateway
case dnsServer case dnsServer
case dnsDomain case dnsDomain
@ -304,12 +307,22 @@ extension ConfigurationViewController: UITableViewDataSource, UITableViewDelegat
cell.accessoryType = .none cell.accessoryType = .none
cell.isTappable = false cell.isTappable = false
case .defaultGateway:
cell.leftText = L10n.Configuration.Cells.DefaultGateway.caption
if let policies = configuration.routingPolicies {
cell.rightText = policies.map { $0.rawValue }.joined(separator: " / ")
} else {
cell.rightText = V.All.Value.none
}
cell.accessoryType = .none
cell.isTappable = false
case .dnsServer: case .dnsServer:
guard let dnsServers = configuration.dnsServers else { guard let dnsServers = configuration.dnsServers else {
fatalError("Showing DNS section without any custom server") fatalError("Showing DNS section without any custom server")
} }
cell.leftText = L10n.Configuration.Cells.DnsServer.caption cell.leftText = L10n.Configuration.Cells.DnsServer.caption
cell.rightText = dnsServers[indexPath.row] cell.rightText = dnsServers[indexPath.row - 1]
cell.accessoryType = .none cell.accessoryType = .none
cell.isTappable = false cell.isTappable = false

View File

@ -181,6 +181,7 @@
"configuration.cells.tls_wrapping.value.auth" = "Authentication"; "configuration.cells.tls_wrapping.value.auth" = "Authentication";
"configuration.cells.tls_wrapping.value.crypt" = "Encryption"; "configuration.cells.tls_wrapping.value.crypt" = "Encryption";
"configuration.cells.eku.caption" = "Extended verification"; "configuration.cells.eku.caption" = "Extended verification";
"configuration.cells.default_gateway.caption" = "Default gateway";
"configuration.cells.dns_server.caption" = "DNS"; "configuration.cells.dns_server.caption" = "DNS";
"configuration.cells.dns_domain.caption" = "Domain"; "configuration.cells.dns_domain.caption" = "Domain";
"configuration.cells.proxy_http.caption" = "Proxy"; "configuration.cells.proxy_http.caption" = "Proxy";

View File

@ -265,12 +265,12 @@ public class ConnectionService: Codable {
case .provider: case .provider:
let providerProfile = try decoder.decode(ProviderConnectionProfile.self, from: data) let providerProfile = try decoder.decode(ProviderConnectionProfile.self, from: data)
// fix renamed presets, fall back to default // XXX: fix renamed presets, fall back to default
if providerProfile.preset == nil { if providerProfile.preset == nil {
providerProfile.presetId = providerProfile.infrastructure.defaults.preset providerProfile.presetId = providerProfile.infrastructure.defaults.preset
} }
// fix renamed pool, fall back to default // XXX: fix renamed pool, fall back to default
if providerProfile.pool == nil, let fallbackPool = providerProfile.infrastructure.defaultPool() { if providerProfile.pool == nil, let fallbackPool = providerProfile.infrastructure.defaultPool() {
providerProfile.poolId = fallbackPool.id providerProfile.poolId = fallbackPool.id
} }
@ -280,7 +280,7 @@ public class ConnectionService: Codable {
case .host: case .host:
let hostProfile = try decoder.decode(HostConnectionProfile.self, from: data) let hostProfile = try decoder.decode(HostConnectionProfile.self, from: data)
// migrate old endpointProtocols // XXX: migrate old endpointProtocols
if hostProfile.parameters.sessionConfiguration.endpointProtocols == nil { if hostProfile.parameters.sessionConfiguration.endpointProtocols == nil {
var sessionBuilder = hostProfile.parameters.sessionConfiguration.builder() var sessionBuilder = hostProfile.parameters.sessionConfiguration.builder()
sessionBuilder.endpointProtocols = hostProfile.parameters.endpointProtocols sessionBuilder.endpointProtocols = hostProfile.parameters.endpointProtocols
@ -289,6 +289,8 @@ public class ConnectionService: Codable {
hostProfile.parameters = parametersBuilder.build() hostProfile.parameters = parametersBuilder.build()
} }
// XXX: re-read routing policies for
profile = hostProfile profile = hostProfile
} }
cache[key] = profile cache[key] = profile
@ -329,6 +331,37 @@ public class ConnectionService: Codable {
return url.deletingPathExtension().lastPathComponent return url.deletingPathExtension().lastPathComponent
} }
func reloadHostProfilesFromConfigurationFiles() -> Bool {
var anyReloaded = false
for entry in cache {
guard entry.value.context == .host else {
continue
}
guard let host = profile(withKey: entry.key) as? HostConnectionProfile else {
log.warning("Host context but not a HostConnectionProfile?")
continue
}
guard let url = configurationURL(for: entry.key) else {
continue
}
// can fail due to passphrase (migration is non-interactive)
if let result = try? ConfigurationParser.parsed(fromURL: url) {
host.parameters = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: result.configuration).build()
} else {
// fall back to the safer option
var builder = host.parameters.builder()
builder.sessionConfiguration.routingPolicies = [.IPv4, .IPv6]
host.parameters = builder.build()
}
cache[entry.key] = host
anyReloaded = true
}
return anyReloaded
}
// MARK: Profiles // MARK: Profiles
public func hasProfiles() -> Bool { public func hasProfiles() -> Bool {

View File

@ -34,6 +34,10 @@ public class TransientStore {
static let didHandleSubreddit = "DidHandleSubreddit" static let didHandleSubreddit = "DidHandleSubreddit"
static let masksPrivateData = "MasksPrivateData" static let masksPrivateData = "MasksPrivateData"
// migrations
static let didMigrateHostsRoutingPolicies = "DidMigrateHostsRoutingPolicies"
} }
public static let shared = TransientStore() public static let shared = TransientStore()
@ -62,6 +66,15 @@ public class TransientStore {
} }
} }
public static var didMigrateHostsRoutingPolicies: Bool {
get {
return UserDefaults.standard.bool(forKey: Keys.didMigrateHostsRoutingPolicies)
}
set {
UserDefaults.standard.set(newValue, forKey: Keys.didMigrateHostsRoutingPolicies)
}
}
public static var baseVPNConfiguration: TunnelKitProvider.ConfigurationBuilder { public static var baseVPNConfiguration: TunnelKitProvider.ConfigurationBuilder {
let sessionBuilder = SessionProxy.ConfigurationBuilder() let sessionBuilder = SessionProxy.ConfigurationBuilder()
var builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build()) var builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
@ -95,6 +108,14 @@ public class TransientStore {
service = try JSONDecoder().decode(ConnectionService.self, from: data) service = try JSONDecoder().decode(ConnectionService.self, from: data)
service.baseConfiguration = cfg service.baseConfiguration = cfg
service.loadProfiles() service.loadProfiles()
// do migrations
if !TransientStore.didMigrateHostsRoutingPolicies {
if service.reloadHostProfilesFromConfigurationFiles() {
service.saveProfiles()
}
TransientStore.didMigrateHostsRoutingPolicies = true
}
} catch let e { } catch let e {
log.error("Could not decode service: \(e)") log.error("Could not decode service: \(e)")
service = ConnectionService( service = ConnectionService(

View File

@ -162,6 +162,9 @@ public struct InfrastructurePreset: Codable {
sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false
sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false
// XXX: redirect everything through the VPN for providers
sessionBuilder.routingPolicies = [.IPv4, .IPv6]
let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build()) let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
configuration = builder.build() configuration = builder.build()
} }

View File

@ -168,6 +168,10 @@ public enum L10n {
public static let lzo = L10n.tr("Localizable", "configuration.cells.compression_framing.value.lzo") public static let lzo = L10n.tr("Localizable", "configuration.cells.compression_framing.value.lzo")
} }
} }
public enum DefaultGateway {
/// Default gateway
public static let caption = L10n.tr("Localizable", "configuration.cells.default_gateway.caption")
}
public enum Digest { public enum Digest {
/// Authentication /// Authentication
public static let caption = L10n.tr("Localizable", "configuration.cells.digest.caption") public static let caption = L10n.tr("Localizable", "configuration.cells.digest.caption")

View File

@ -5,8 +5,8 @@ use_frameworks!
def shared_pods def shared_pods
#pod 'TunnelKit', '~> 1.6.2' #pod 'TunnelKit', '~> 1.6.2'
#pod 'TunnelKit/LZO', '~> 1.6.2' #pod 'TunnelKit/LZO', '~> 1.6.2'
pod 'TunnelKit', :git => 'https://github.com/keeshux/tunnelkit', :commit => 'ef5180a' pod 'TunnelKit', :git => 'https://github.com/keeshux/tunnelkit', :commit => '7382616'
pod 'TunnelKit/LZO', :git => 'https://github.com/keeshux/tunnelkit', :commit => 'ef5180a' pod 'TunnelKit/LZO', :git => 'https://github.com/keeshux/tunnelkit', :commit => '7382616'
#pod 'TunnelKit', :path => '../../personal/tunnelkit' #pod 'TunnelKit', :path => '../../personal/tunnelkit'
#pod 'TunnelKit/LZO', :path => '../../personal/tunnelkit' #pod 'TunnelKit/LZO', :path => '../../personal/tunnelkit'
pod 'SSZipArchive' pod 'SSZipArchive'

View File

@ -17,8 +17,8 @@ PODS:
DEPENDENCIES: DEPENDENCIES:
- MBProgressHUD - MBProgressHUD
- SSZipArchive - SSZipArchive
- TunnelKit (from `https://github.com/keeshux/tunnelkit`, commit `ef5180a`) - TunnelKit (from `https://github.com/keeshux/tunnelkit`, commit `7382616`)
- TunnelKit/LZO (from `https://github.com/keeshux/tunnelkit`, commit `ef5180a`) - TunnelKit/LZO (from `https://github.com/keeshux/tunnelkit`, commit `7382616`)
SPEC REPOS: SPEC REPOS:
https://github.com/cocoapods/specs.git: https://github.com/cocoapods/specs.git:
@ -29,12 +29,12 @@ SPEC REPOS:
EXTERNAL SOURCES: EXTERNAL SOURCES:
TunnelKit: TunnelKit:
:commit: ef5180a :commit: '7382616'
:git: https://github.com/keeshux/tunnelkit :git: https://github.com/keeshux/tunnelkit
CHECKOUT OPTIONS: CHECKOUT OPTIONS:
TunnelKit: TunnelKit:
:commit: ef5180a :commit: '7382616'
:git: https://github.com/keeshux/tunnelkit :git: https://github.com/keeshux/tunnelkit
SPEC CHECKSUMS: SPEC CHECKSUMS:
@ -44,6 +44,6 @@ SPEC CHECKSUMS:
SwiftyBeaver: 4cc0080d2e23f980652e28978db11a5c9da39165 SwiftyBeaver: 4cc0080d2e23f980652e28978db11a5c9da39165
TunnelKit: a0b7eb151ae6d30788623df94d682ed90706940a TunnelKit: a0b7eb151ae6d30788623df94d682ed90706940a
PODFILE CHECKSUM: 15e1a3ee168932349294032eeddea0f0713873a4 PODFILE CHECKSUM: 15a7ba649b5eafa958016880cee196b53e08bf1f
COCOAPODS: 1.6.1 COCOAPODS: 1.6.1