passepartoutvpn
/
wireguard-apple
mirror of https://github.com/passepartoutvpn/wireguard-apple.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move logic to extension: DNS resolution no longer happens in the app 

Signed-off-by: Roopesh Chander <roop@roopc.net>
This commit is contained in:
Roopesh Chander 2018-11-08 15:04:12 +05:30
parent 7827147bc8
commit a5f9dc4821
1 changed files with 4 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
WireGuard/WireGuard/VPN/TunnelsManager.swift
View File

@ -248,8 +248,6 @@ class TunnelContainer: NSObject {
fileprivate let tunnelProvider: NETunnelProviderManager fileprivate let tunnelProvider: NETunnelProviderManager
private var statusObservationToken: AnyObject? private var statusObservationToken: AnyObject?
private var dnsResolver: DNSResolver?
init(tunnel: NETunnelProviderManager) { init(tunnel: NETunnelProviderManager) {
self.name = tunnel.localizedDescription ?? "Unnamed" self.name = tunnel.localizedDescription ?? "Unnamed"
let status = TunnelStatus(from: tunnel.connection.status) let status = TunnelStatus(from: tunnel.connection.status)
@ -267,43 +265,16 @@ class TunnelContainer: NSObject {
fileprivate func startActivation(completionHandler: @escaping (Error?) -> Void) { fileprivate func startActivation(completionHandler: @escaping (Error?) -> Void) {
assert(status == .inactive || status == .restarting) assert(status == .inactive || status == .restarting)
assert(self.dnsResolver == nil)
guard let tunnelConfiguration = tunnelConfiguration() else { fatalError() } guard let tunnelConfiguration = tunnelConfiguration() else { fatalError() }
let endpoints = tunnelConfiguration.peers.map { $0.endpoint }
// Resolve DNS and start the tunnel startActivation(tunnelConfiguration: tunnelConfiguration,
let dnsResolver = DNSResolver(endpoints: endpoints) completionHandler: completionHandler)
let resolvedEndpoints = dnsResolver.resolveWithoutNetworkRequests()
if let resolvedEndpoints = resolvedEndpoints {
// If we don't have to make a DNS network request, we never
// change the status to .resolvingEndpointDomains
startActivation(tunnelConfiguration: tunnelConfiguration,
resolvedEndpoints: resolvedEndpoints,
completionHandler: completionHandler)
} else {
status = .resolvingEndpointDomains
self.dnsResolver = dnsResolver
dnsResolver.resolve { [weak self] resolvedEndpoints in
guard let s = self else { return }
assert(s.status == .resolvingEndpointDomains)
s.dnsResolver = nil
guard let resolvedEndpoints = resolvedEndpoints else {
s.status = .inactive
completionHandler(TunnelActivationError.dnsResolutionFailed)
return
}
s.startActivation(tunnelConfiguration: tunnelConfiguration,
resolvedEndpoints: resolvedEndpoints,
completionHandler: completionHandler)
}
}
} }
fileprivate func startActivation(recursionCount: UInt = 0, fileprivate func startActivation(recursionCount: UInt = 0,
lastError: Error? = nil, lastError: Error? = nil,
tunnelConfiguration: TunnelConfiguration, tunnelConfiguration: TunnelConfiguration,
resolvedEndpoints: [Endpoint?],
completionHandler: @escaping (Error?) -> Void) { completionHandler: @escaping (Error?) -> Void) {
if (recursionCount >= 8) { if (recursionCount >= 8) {
os_log("startActivation: Failed after 8 attempts. Giving up with %{public}@", log: OSLog.default, type: .error, "\(lastError!)") os_log("startActivation: Failed after 8 attempts. Giving up with %{public}@", log: OSLog.default, type: .error, "\(lastError!)")
@ -311,16 +282,6 @@ class TunnelContainer: NSObject {
return return
} }
// resolvedEndpoints should contain only IP addresses, not any named endpoints
assert(resolvedEndpoints.allSatisfy { (resolvedEndpoint) in
guard let resolvedEndpoint = resolvedEndpoint else { return true }
switch (resolvedEndpoint.host) {
case .ipv4: return true
case .ipv6: return true
case .name: return false
}
})
os_log("startActivation: Entering", log: OSLog.default, type: .debug) os_log("startActivation: Entering", log: OSLog.default, type: .debug)
guard (tunnelProvider.isEnabled) else { guard (tunnelProvider.isEnabled) else {
@ -336,7 +297,7 @@ class TunnelContainer: NSObject {
} }
os_log("startActivation: Tunnel saved after re-enabling", log: OSLog.default, type: .info) os_log("startActivation: Tunnel saved after re-enabling", log: OSLog.default, type: .info)
os_log("startActivation: Invoking startActivation", log: OSLog.default, type: .debug) os_log("startActivation: Invoking startActivation", log: OSLog.default, type: .debug)
self?.startActivation(recursionCount: recursionCount + 1, lastError: NEVPNError(NEVPNError.configurationUnknown), tunnelConfiguration: tunnelConfiguration, resolvedEndpoints: resolvedEndpoints, completionHandler: completionHandler) self?.startActivation(recursionCount: recursionCount + 1, lastError: NEVPNError(NEVPNError.configurationUnknown), tunnelConfiguration: tunnelConfiguration, completionHandler: completionHandler)
} }
return return
} }
@ -376,7 +337,7 @@ class TunnelContainer: NSObject {
} }
os_log("startActivation: Tunnel reloaded", log: OSLog.default, type: .info) os_log("startActivation: Tunnel reloaded", log: OSLog.default, type: .info)
os_log("startActivation: Invoking startActivation", log: OSLog.default, type: .debug) os_log("startActivation: Invoking startActivation", log: OSLog.default, type: .debug)
self?.startActivation(recursionCount: recursionCount + 1, lastError: vpnError, tunnelConfiguration: tunnelConfiguration, resolvedEndpoints: resolvedEndpoints, completionHandler: completionHandler) self?.startActivation(recursionCount: recursionCount + 1, lastError: vpnError, tunnelConfiguration: tunnelConfiguration, completionHandler: completionHandler)
} }
} }
} }