Add options to explicitly enable/disable DNS/proxy
DNS/proxy settings, when missing from configuration, fall back to whatever the server pushes. With isDNSEnabled/isProxyEnabled it's now possible to override this behavior.
This commit is contained in:
parent
4bfa0b4e74
commit
f046bcd629
|
@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||
|
||||
- OpenVPN: Parse authentication requirement from `--auth-user-pass`.
|
||||
- OpenVPN: Handle multiple `--remote` options correctly.
|
||||
- OpenVPN: Explicitly enable/disable DNS/proxy settings.
|
||||
|
||||
### Changed
|
||||
|
||||
|
|
|
@ -644,8 +644,9 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
|
|||
return
|
||||
}
|
||||
|
||||
var dnsServers: [String] = []
|
||||
var dnsSettings: NEDNSSettings?
|
||||
if cfg.configuration.isDNSEnabled ?? true {
|
||||
var dnsServers: [String] = []
|
||||
if #available(iOS 14, macOS 11, *) {
|
||||
switch cfg.configuration.dnsProtocol {
|
||||
case .https:
|
||||
|
@ -691,8 +692,8 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
|
|||
log.info("DNS: Using servers \(dnsServers.maskedDescription)")
|
||||
dnsSettings = NEDNSSettings(servers: dnsServers)
|
||||
} else {
|
||||
// log.warning("DNS: No servers provided, using fall-back servers: \(fallbackDNSServers.maskedDescription)")
|
||||
// dnsSettings = NEDNSSettings(servers: fallbackDNSServers)
|
||||
// log.warning("DNS: No servers provided, using fall-back servers: \(fallbackDNSServers.maskedDescription)")
|
||||
// dnsSettings = NEDNSSettings(servers: fallbackDNSServers)
|
||||
log.warning("DNS: No settings provided, using current network settings")
|
||||
}
|
||||
}
|
||||
|
@ -721,8 +722,10 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
var proxySettings: NEProxySettings?
|
||||
if cfg.configuration.isProxyEnabled ?? true {
|
||||
if let httpsProxy = cfg.configuration.httpsProxy ?? options.httpsProxy {
|
||||
proxySettings = NEProxySettings()
|
||||
proxySettings?.httpsServer = httpsProxy.neProxy()
|
||||
|
@ -751,6 +754,7 @@ extension OpenVPNTunnelProvider: OpenVPNSessionDelegate {
|
|||
proxySettings?.exceptionList = bypass
|
||||
log.info("Routing: Setting proxy by-pass list: \(bypass.maskedDescription)")
|
||||
}
|
||||
}
|
||||
|
||||
// block LAN if desired
|
||||
if routingPolicies?.contains(.blockLocal) ?? false {
|
||||
|
|
|
@ -252,6 +252,9 @@ extension OpenVPN {
|
|||
/// The settings for IPv6. `OpenVPNSession` only evaluates this server-side.
|
||||
public var ipv6: IPv6Settings?
|
||||
|
||||
/// Set false to ignore DNS settings, even when pushed.
|
||||
public var isDNSEnabled: Bool?
|
||||
|
||||
/// The DNS protocol, defaults to `.plain` (iOS 14+ / macOS 11+).
|
||||
public var dnsProtocol: DNSProtocol?
|
||||
|
||||
|
@ -282,6 +285,9 @@ extension OpenVPN {
|
|||
/// The Proxy Auto-Configuration (PAC) url.
|
||||
public var proxyAutoConfigurationURL: URL?
|
||||
|
||||
/// Set false to ignore proxy settings, even when pushed.
|
||||
public var isProxyEnabled: Bool?
|
||||
|
||||
/// The HTTP proxy.
|
||||
public var httpProxy: Proxy?
|
||||
|
||||
|
@ -341,11 +347,13 @@ extension OpenVPN {
|
|||
peerId: peerId,
|
||||
ipv4: ipv4,
|
||||
ipv6: ipv6,
|
||||
isDNSEnabled: isDNSEnabled,
|
||||
dnsProtocol: dnsProtocol,
|
||||
dnsServers: dnsServers,
|
||||
dnsHTTPSURL: dnsHTTPSURL,
|
||||
dnsTLSServerName: dnsTLSServerName,
|
||||
searchDomains: searchDomains,
|
||||
isProxyEnabled: isProxyEnabled,
|
||||
httpProxy: httpProxy,
|
||||
httpsProxy: httpsProxy,
|
||||
proxyAutoConfigurationURL: proxyAutoConfigurationURL,
|
||||
|
@ -436,6 +444,9 @@ extension OpenVPN {
|
|||
/// - Seealso: `ConfigurationBuilder.ipv6`
|
||||
public let ipv6: IPv6Settings?
|
||||
|
||||
/// - Seealso: `ConfigurationBuilder.isDNSEnabled`
|
||||
public let isDNSEnabled: Bool?
|
||||
|
||||
/// - Seealso: `ConfigurationBuilder.dnsProtocol`
|
||||
public let dnsProtocol: DNSProtocol?
|
||||
|
||||
|
@ -451,6 +462,9 @@ extension OpenVPN {
|
|||
/// - Seealso: `ConfigurationBuilder.searchDomains`
|
||||
public let searchDomains: [String]?
|
||||
|
||||
/// - Seealso: `ConfigurationBuilder.isProxyEnabled`
|
||||
public let isProxyEnabled: Bool?
|
||||
|
||||
/// - Seealso: `ConfigurationBuilder.httpProxy`
|
||||
public let httpProxy: Proxy?
|
||||
|
||||
|
@ -519,11 +533,13 @@ extension OpenVPN.Configuration {
|
|||
builder.peerId = peerId
|
||||
builder.ipv4 = ipv4
|
||||
builder.ipv6 = ipv6
|
||||
builder.isDNSEnabled = isDNSEnabled
|
||||
builder.dnsProtocol = dnsProtocol
|
||||
builder.dnsServers = dnsServers
|
||||
builder.dnsHTTPSURL = dnsHTTPSURL
|
||||
builder.dnsTLSServerName = dnsTLSServerName
|
||||
builder.searchDomains = searchDomains
|
||||
builder.isProxyEnabled = isProxyEnabled
|
||||
builder.httpProxy = httpProxy
|
||||
builder.httpsProxy = httpsProxy
|
||||
builder.proxyAutoConfigurationURL = proxyAutoConfigurationURL
|
||||
|
|
Loading…
Reference in New Issue