Restrict trusted networks in ConnectionService

2021-02-02 17:56:04 +01:00 · 2021-02-02 17:56:04 +01:00 · d613c17ac9
parent 280ce70965
commit d613c17ac9
1 changed files with 23 additions and 19 deletions
--- a/Passepartout/Core/Sources/Model/ConnectionService.swift
+++ b/Passepartout/Core/Sources/Model/ConnectionService.swift
@ -553,25 +553,29 @@ public class ConnectionService: Codable {
        log.verbose(protocolConfiguration)
        
        var rules: [NEOnDemandRule] = []
-        #if os(iOS)
-        if profile.trustedNetworks.includesMobile {
-            let rule = policyRule(for: profile)
-            rule.interfaceTypeMatch = .cellular
-            rules.append(rule)
-        }
-        #else
-        if profile.trustedNetworks.includesEthernet {
-            let rule = policyRule(for: profile)
-            rule.interfaceTypeMatch = .ethernet
-            rules.append(rule)
-        }
-        #endif
-        let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys)
-        if !reallyTrustedWifis.isEmpty {
-            let rule = policyRule(for: profile)
-            rule.interfaceTypeMatch = .wiFi
-            rule.ssidMatch = reallyTrustedWifis
-            rules.append(rule)
+        do {
+            try ProductManager.shared.verifyEligibleForTrustedNetworks()
+            #if os(iOS)
+            if profile.trustedNetworks.includesMobile {
+                let rule = policyRule(for: profile)
+                rule.interfaceTypeMatch = .cellular
+                rules.append(rule)
+            }
+            #else
+            if profile.trustedNetworks.includesEthernet {
+                let rule = policyRule(for: profile)
+                rule.interfaceTypeMatch = .ethernet
+                rules.append(rule)
+            }
+            #endif
+            let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys)
+            if !reallyTrustedWifis.isEmpty {
+                let rule = policyRule(for: profile)
+                rule.interfaceTypeMatch = .wiFi
+                rule.ssidMatch = reallyTrustedWifis
+                rules.append(rule)
+            }
+        } catch {
        }
        let connection = NEOnDemandRuleConnect()
        connection.interfaceTypeMatch = .any