Restrict trusted networks in ConnectionService

This commit is contained in:
Davide De Rosa 2021-02-02 17:56:04 +01:00
parent 280ce70965
commit d613c17ac9
1 changed files with 23 additions and 19 deletions

View File

@ -553,25 +553,29 @@ public class ConnectionService: Codable {
log.verbose(protocolConfiguration) log.verbose(protocolConfiguration)
var rules: [NEOnDemandRule] = [] var rules: [NEOnDemandRule] = []
#if os(iOS) do {
if profile.trustedNetworks.includesMobile { try ProductManager.shared.verifyEligibleForTrustedNetworks()
let rule = policyRule(for: profile) #if os(iOS)
rule.interfaceTypeMatch = .cellular if profile.trustedNetworks.includesMobile {
rules.append(rule) let rule = policyRule(for: profile)
} rule.interfaceTypeMatch = .cellular
#else rules.append(rule)
if profile.trustedNetworks.includesEthernet { }
let rule = policyRule(for: profile) #else
rule.interfaceTypeMatch = .ethernet if profile.trustedNetworks.includesEthernet {
rules.append(rule) let rule = policyRule(for: profile)
} rule.interfaceTypeMatch = .ethernet
#endif rules.append(rule)
let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys) }
if !reallyTrustedWifis.isEmpty { #endif
let rule = policyRule(for: profile) let reallyTrustedWifis = Array(profile.trustedNetworks.includedWiFis.filter { $1 }.keys)
rule.interfaceTypeMatch = .wiFi if !reallyTrustedWifis.isEmpty {
rule.ssidMatch = reallyTrustedWifis let rule = policyRule(for: profile)
rules.append(rule) rule.interfaceTypeMatch = .wiFi
rule.ssidMatch = reallyTrustedWifis
rules.append(rule)
}
} catch {
} }
let connection = NEOnDemandRuleConnect() let connection = NEOnDemandRuleConnect()
connection.interfaceTypeMatch = .any connection.interfaceTypeMatch = .any