Restrict trusted networks in ConnectionService

This commit is contained in:
Davide De Rosa 2021-02-02 17:56:04 +01:00
parent 280ce70965
commit d613c17ac9
1 changed files with 23 additions and 19 deletions

View File

@ -553,25 +553,29 @@ public class ConnectionService: Codable {
log.verbose(protocolConfiguration)
var rules: [NEOnDemandRule] = []
#if os(iOS)
if profile.trustedNetworks.includesMobile {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .cellular
rules.append(rule)
}
#else
if profile.trustedNetworks.includesEthernet {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .ethernet
rules.append(rule)
}
#endif
let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys)
if !reallyTrustedWifis.isEmpty {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .wiFi
rule.ssidMatch = reallyTrustedWifis
rules.append(rule)
do {
try ProductManager.shared.verifyEligibleForTrustedNetworks()
#if os(iOS)
if profile.trustedNetworks.includesMobile {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .cellular
rules.append(rule)
}
#else
if profile.trustedNetworks.includesEthernet {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .ethernet
rules.append(rule)
}
#endif
let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys)
if !reallyTrustedWifis.isEmpty {
let rule = policyRule(for: profile)
rule.interfaceTypeMatch = .wiFi
rule.ssidMatch = reallyTrustedWifis
rules.append(rule)
}
} catch {
}
let connection = NEOnDemandRuleConnect()
connection.interfaceTypeMatch = .any