passepartoutvpn/tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fall back to configurable preset DNS servers

Browse Source 
Default to CloudFlare 1.1.1.1

Hard time making it work with system DNS servers. Retry later.
This commit is contained in:
Davide De Rosa 2019-04-25 16:32:22 +02:00
parent 31d9019f1a
commit b8cd969a1a
2 changed files with 30 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -15,6 +15,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- SoftEther sends an incomplete PUSH_REPLY. [#86](https://github.com/keeshux/tunnelkit/issues/86) - SoftEther sends an incomplete PUSH_REPLY. [#86](https://github.com/keeshux/tunnelkit/issues/86)
- Authentication/Decrypt errors with TLS wrapping. [#88](https://github.com/keeshux/tunnelkit/issues/88), [#61](https://github.com/keeshux/tunnelkit/issues/61) - Authentication/Decrypt errors with TLS wrapping. [#88](https://github.com/keeshux/tunnelkit/issues/88), [#61](https://github.com/keeshux/tunnelkit/issues/61)
- Broken DNS when no servers provided. [#84](https://github.com/keeshux/tunnelkit/issues/84)
## 1.6.2 (2019-04-17) ## 1.6.2 (2019-04-17)

36
TunnelKit/Sources/AppExtension/TunnelKitProvider.swift
View File

@ -37,6 +37,7 @@
import NetworkExtension import NetworkExtension
import SwiftyBeaver import SwiftyBeaver
import __TunnelKitNative
private let log = SwiftyBeaver.self private let log = SwiftyBeaver.self
@ -75,6 +76,9 @@ open class TunnelKitProvider: NEPacketTunnelProvider {
/// The number of milliseconds between data count updates. Set to 0 to disable updates (default). /// The number of milliseconds between data count updates. Set to 0 to disable updates (default).
public var dataCountInterval = 0 public var dataCountInterval = 0
/// A list of fallback DNS servers when none provided (defaults to "1.1.1.1").
public var fallbackDNSServers = ["1.1.1.1"]
// MARK: Constants // MARK: Constants
private let memoryLog = MemoryDestination() private let memoryLog = MemoryDestination()
@ -577,13 +581,31 @@ extension TunnelKitProvider: SessionProxyDelegate {
if let replyDNSServers = reply.options.dnsServers { if let replyDNSServers = reply.options.dnsServers {
dnsServers.append(contentsOf: replyDNSServers) dnsServers.append(contentsOf: replyDNSServers)
} }
// FIXME: default to DNS servers from current network instead
if !dnsServers.isEmpty { // fall back to system-wide DNS servers
dnsSettings = NEDNSSettings(servers: dnsServers) if dnsServers.isEmpty {
if let searchDomain = cfg.sessionConfiguration.searchDomain ?? reply.options.searchDomain { log.warning("DNS: No servers provided, falling back to \(fallbackDNSServers)")
dnsSettings?.domainName = searchDomain dnsServers = fallbackDNSServers
dnsSettings?.searchDomains = [searchDomain]
} // XXX: no quick way to make this work on Safari, even if ping and lookup work in iNetTools
// let systemServers = DNS().systemServers()
// log.warning("DNS: No servers provided, falling back to system settings: \(systemServers)")
// dnsServers = systemServers
//
// // make DNS reachable outside VPN (yes, a controlled leak to keep things operational)
// for address in dnsServers {
// if address.contains(":") {
// ipv6Settings?.excludedRoutes?.append(NEIPv6Route(destinationAddress: address, networkPrefixLength: 128))
// } else {
// ipv4Settings?.excludedRoutes?.append(NEIPv4Route(destinationAddress: address, subnetMask: "255.255.255.255"))
// }
// }
}
dnsSettings = NEDNSSettings(servers: dnsServers)
if let searchDomain = cfg.sessionConfiguration.searchDomain ?? reply.options.searchDomain {
dnsSettings?.domainName = searchDomain
dnsSettings?.searchDomains = [searchDomain]
} }
var proxySettings: NEProxySettings? var proxySettings: NEProxySettings?