From 41f9a64d9fc052551c182a9b0f2ea7b4a6aad531 Mon Sep 17 00:00:00 2001 From: Jeroen Leenarts Date: Sun, 12 Aug 2018 21:44:53 +0200 Subject: [PATCH] Config tweaking. Signed-off-by: Jason A. Donenfeld --- WireGuard/Coordinators/AppCoordinator.swift | 4 --- WireGuard/Models/Tunnel+Extension.swift | 2 +- .../PacketTunnelProvider.swift | 33 +++++++++++-------- 3 files changed, 21 insertions(+), 18 deletions(-) diff --git a/WireGuard/Coordinators/AppCoordinator.swift b/WireGuard/Coordinators/AppCoordinator.swift index 73ab2ec..2477353 100644 --- a/WireGuard/Coordinators/AppCoordinator.swift +++ b/WireGuard/Coordinators/AppCoordinator.swift @@ -233,10 +233,6 @@ extension AppCoordinator: TunnelConfigurationTableViewControllerDelegate { let protocolConfiguration = NETunnelProviderProtocol() protocolConfiguration.providerBundleIdentifier = VPNBUNDLE protocolConfiguration.serverAddress = (tunnel.peers?.array as? [Peer])?.compactMap { $0.endpoint}.joined(separator: ", ") - //TODO obtain endpoint username - // protocolConfiguration.username = endpoint.username - //TODO: how to obtain this? - // protocolConfiguration.passwordReference = try? keychain.passwordReference(for: endpoint.username) protocolConfiguration.providerConfiguration = tunnel.generateProviderConfiguration() manager.protocolConfiguration = protocolConfiguration diff --git a/WireGuard/Models/Tunnel+Extension.swift b/WireGuard/Models/Tunnel+Extension.swift index 6d50fb2..4ef7948 100644 --- a/WireGuard/Models/Tunnel+Extension.swift +++ b/WireGuard/Models/Tunnel+Extension.swift @@ -17,7 +17,7 @@ extension Tunnel { providerConfiguration[PCKeys.endpoints.rawValue] = peers?.array.compactMap {($0 as? Peer)?.endpoint}.joined(separator: ", ") providerConfiguration[PCKeys.dns.rawValue] = interface?.dns providerConfiguration[PCKeys.addresses.rawValue] = interface?.addresses - if let mtu = interface?.mtu { + if let mtu = interface?.mtu, mtu > 0 { providerConfiguration[PCKeys.mtu.rawValue] = NSNumber(value: mtu) } diff --git a/WireGuardNetworkExtension/PacketTunnelProvider.swift b/WireGuardNetworkExtension/PacketTunnelProvider.swift index 3443e98..ffb7c2c 100644 --- a/WireGuardNetworkExtension/PacketTunnelProvider.swift +++ b/WireGuardNetworkExtension/PacketTunnelProvider.swift @@ -38,26 +38,33 @@ class PacketTunnelProvider: NEPacketTunnelProvider { if wireGuardWrapper.turnOn(withInterfaceName: interfaceName, settingsString: settings) { // Success - //TODO obtain network config from WireGuard config or remote. - // route all traffic to VPN - let defaultRoute = NEIPv4Route.default() -// defaultRoute.gatewayAddress = gateway - - let ipv4Settings = NEIPv4Settings(addresses: ["149.248.160.60"], subnetMasks: ["255.255.255.255"]) - ipv4Settings.includedRoutes = [defaultRoute] - ipv4Settings.excludedRoutes = [] - -// let dnsSettings = NEDNSSettings(servers: dnsServers) + //TODO: Hardcoded values for addresses + let ipv4Settings = NEIPv4Settings(addresses: ["10.50.10.171"], subnetMasks: ["255.255.224.0"]) + //TODO: Hardcoded values for allowed ips + ipv4Settings.includedRoutes = [NEIPv4Route(destinationAddress: "0.0.0.0", subnetMask: "0.0.0.0")] + ipv4Settings.excludedRoutes = endpoints.split(separator: ",").compactMap { $0.split(separator: ":").first}.map {NEIPv4Route(destinationAddress: String($0), subnetMask: "255.255.255.255")} + //TODO IPv6 settings let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "149.248.160.60") newSettings.ipv4Settings = ipv4Settings -// newSettings.dnsSettings = dnsSettings -// newSettings.mtu = cfg.mtu + newSettings.tunnelOverheadBytes = 80 + if let dns = config.providerConfiguration?["dns"] as? String { + var splitDnsEntries = dns.split(separator: ",").map {String($0)} + let dnsSettings = NEDNSSettings(servers: splitDnsEntries) + newSettings.dnsSettings = dnsSettings + } + if let mtu = mtu { + newSettings.mtu = mtu + } - setTunnelNetworkSettings(newSettings, completionHandler: completionHandler) + setTunnelNetworkSettings(newSettings) { [weak self](error) in + completionHandler(error) + self?.wireGuardWrapper.configured = true + } } else { completionHandler(PacketTunnelProviderError.tunnelSetupFailed) + wireGuardWrapper.configured = false } }