Extend WireGuard with DoH/DoT options (#314)

This commit is contained in:
Davide De Rosa 2023-03-19 08:22:30 +01:00 committed by GitHub
parent e0c0cc137f
commit 7ce254be02
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 52 additions and 7 deletions

View File

@ -9,13 +9,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
- OpenVPN: Full implementation of Tunnelblick XOR patch (tmthecoder). [#255][https://github.com/passepartoutvpn/tunnelkit/pull/255]
- WireGuard: DoH/DoT options. [#314](https://github.com/passepartoutvpn/tunnelkit/pull/314)
- OpenVPN: Full implementation of Tunnelblick XOR patch (tmthecoder). [#255](https://github.com/passepartoutvpn/tunnelkit/pull/255)
- OpenVPN: Support for `--route-nopull`. [#280](https://github.com/passepartoutvpn/tunnelkit/pull/280)
- OpenVPN: Support for `--remote-random-hostname`. [#286](https://github.com/passepartoutvpn/tunnelkit/pull/286)
- Use .includeAllNetworks for best-effort kill switch. [#300](https://github.com/passepartoutvpn/tunnelkit/pull/300)
### Changed
- Bump targets to iOS 15 / macOS 12.
- Upgrade OpenSSL to 1.1.1q.
- Use natively async methods from NetworkExtension. [#284](https://github.com/passepartoutvpn/tunnelkit/pull/284)
- OpenVPN: Unmask PUSH_REPLY and network settings in logs.

View File

@ -24,8 +24,8 @@
"repositoryURL": "https://github.com/passepartoutvpn/wireguard-apple",
"state": {
"branch": null,
"revision": "d3b8f1ac6f3361d69bd3daf8aee3c43012c6ec0b",
"version": "1.0.16"
"revision": "cbcbf4369e1852fdf3398f9fbb49a26cfff4c97f",
"version": null
}
}
]

View File

@ -1,4 +1,4 @@
// swift-tools-version:5.3
// swift-tools-version:5.5
// The swift-tools-version declares the minimum version of Swift required to build this package.
import PackageDescription
@ -6,7 +6,7 @@ import PackageDescription
let package = Package(
name: "TunnelKit",
platforms: [
.iOS(.v13), .macOS(.v10_15)
.iOS(.v15), .macOS(.v12)
],
products: [
// Products define the executables and libraries a package produces, and make them visible to other packages.
@ -41,7 +41,8 @@ let package = Package(
.package(url: "https://github.com/SwiftyBeaver/SwiftyBeaver", from: "1.9.0"),
.package(url: "https://github.com/passepartoutvpn/openssl-apple", from: "1.1.11700"),
// .package(name: "WireGuardKit", url: "https://git.zx2c4.com/wireguard-apple", .exact("1.0.15-26"))
.package(name: "WireGuardKit", url: "https://github.com/passepartoutvpn/wireguard-apple", from: "1.0.16")
.package(name: "WireGuardKit", url: "https://github.com/passepartoutvpn/wireguard-apple", .revision("73d9152fa0cb661db0348a1ac11dbbf998422a50"))
// .package(name: "WireGuardKit", path: "../wireguard-apple")
],
targets: [
// Targets are the basic building blocks of a package. A target can define a module or a test suite.

View File

@ -42,6 +42,10 @@ public protocol WireGuardConfigurationProviding {
var dnsSearchDomains: [String] { get }
var dnsHTTPSURL: URL? { get }
var dnsTLSServerName: String? { get }
var mtu: UInt16? { get }
var peersCount: Int { get }
@ -129,6 +133,24 @@ extension WireGuard {
}
}
public var dnsHTTPSURL: URL? {
get {
interface.dnsHTTPSURL
}
set {
interface.dnsHTTPSURL = newValue
}
}
public var dnsTLSServerName: String? {
get {
interface.dnsTLSServerName
}
set {
interface.dnsTLSServerName = newValue
}
}
public var mtu: UInt16? {
get {
interface.mtu
@ -256,6 +278,14 @@ extension WireGuard {
interface.dnsSearch
}
public var dnsHTTPSURL: URL? {
interface.dnsHTTPSURL
}
public var dnsTLSServerName: String? {
interface.dnsTLSServerName
}
public var mtu: UInt16? {
interface.mtu
}

View File

@ -73,7 +73,7 @@ extension TunnelConfiguration {
} else {
attributes[key] = value
}
let interfaceSectionKeys: Set<String> = ["privatekey", "listenport", "address", "dns", "mtu"]
let interfaceSectionKeys: Set<String> = ["privatekey", "listenport", "address", "dns", "dnsoverhttpsurl", "dnsovertlsservername", "mtu"]
let peerSectionKeys: Set<String> = ["publickey", "presharedkey", "allowedips", "endpoint", "persistentkeepalive"]
if parserState == .inInterfaceSection {
guard interfaceSectionKeys.contains(key) else {
@ -141,6 +141,12 @@ extension TunnelConfiguration {
let dnsString = dnsLine.joined(separator: ", ")
output.append("DNS = \(dnsString)\n")
}
if let dnsHTTPSURL = interface.dnsHTTPSURL {
output.append("DNSOverHTTPSURL = \(dnsHTTPSURL)\n")
}
if let dnsTLSServerName = interface.dnsTLSServerName {
output.append("DNSOverTLSServerName = \(dnsTLSServerName)\n")
}
if let mtu = interface.mtu {
output.append("MTU = \(mtu)\n")
}
@ -203,6 +209,12 @@ extension TunnelConfiguration {
interface.dns = dnsServers
interface.dnsSearch = dnsSearch
}
if let dnsHTTPSURL = attributes["dnsoverhttpsurl"] {
interface.dnsHTTPSURL = URL(string: dnsHTTPSURL)
}
if let dnsTLSServerName = attributes["dnsovertlsservername"] {
interface.dnsTLSServerName = dnsTLSServerName
}
if let mtuString = attributes["mtu"] {
guard let mtu = UInt16(mtuString) else {
throw ParseError.interfaceHasInvalidMTU(mtuString)