Commit Graph

118 Commits

Author SHA1 Message Date
Andrej Mihajlov 2329f712cf WireGuardKit: Pass logHandler via constructor
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-03 13:22:52 +01:00
Andrej Mihajlov d2c38702c8 Packet tunnel: Remove last error in the completion handler given to adapter.stop
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-03 13:22:52 +01:00
Andrej Mihajlov def921801f WireGuardKit: Rename cannotLocateSocketDescriptor -> cannotLocateTunnelFileDescriptor in WireGuardAdapterError
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-03 13:22:52 +01:00
Andrej Mihajlov 6099975b71 Packet tunnel: Implement packet tunnel provider using WireGuardAdapter
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-02 11:08:09 +01:00
Andrej Mihajlov 95b833c754 iOS/macOS: Integrate WireGuardKit
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-02 11:08:08 +01:00
Andrej Mihajlov a03df7d8cc WireGuardKit: Move shared structs to WireGuardKit
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-02 11:08:08 +01:00
Andrej Mihajlov 671a594945 Change QoS to .utility
As per comment by eskimo:
https://developer.apple.com/forums/thread/107904?answerId=328525022#328525022

Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-06-25 17:50:15 -06:00
Andrej Mihajlov 3646430528 Make sure that the tunnel and path monitor run on the same serial queue
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-06-25 17:50:15 -06:00
Andrej Mihajlov e9bd6e576f Fix retain cycle between NWPathMonitor and PacketTunnelProvider
See: https://www.marisibrothers.com/2017/04/memory-leak-in-swift-assigning-function.html

Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-06-25 17:50:15 -06:00
Andrej Mihajlov 35300d1c5f Refactor interface name query
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-06-25 17:50:03 -06:00
Andrej Mihajlov 30406dec6d wireguard-go-bridge: use C string instead of gostring_t
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-02-07 22:35:57 +01:00
Jason A. Donenfeld 437f0dc46d Revert "NetworkExtension: don't use exit(0) hack on Catalina"
This reverts commit 3619279a65d9a506fb13d7f24909b38a5202fa8f.

Still broken!

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-10-15 16:51:50 +02:00
Jason A. Donenfeld 1b6170cbc9 NetworkExtension: don't use exit(0) hack on Catalina
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-10-15 11:44:13 +02:00
Jason A. Donenfeld e70c397e54 TunnelProvider: remove all cleverness
This will cause more socket flaps than necessary but hopefully will fix
some bugs.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-10 18:47:39 +02:00
Jason A. Donenfeld c7b7b1247b TunnelProvider: store the entire NWPath
Otherwise [utun0, en0] == [en0, utun0] before WiFi has connected, and we
wind up not rebinding after WiFi does successfully connect, which means
people have trouble when resuming from sleep.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-06-09 11:39:06 +02:00
Jason A. Donenfeld 168ba2da8a NetworkExtension: bump sockets on path change
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-05-31 17:29:29 +02:00
Jason A. Donenfeld 0340641c4c NetworkExtension: apparently the extension process is scoped properly anyway
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-05-26 00:12:47 +05:30
Jason A. Donenfeld 813dea6902 NetworkExtension: use excludedRoutes instead of binding on iOS
The networking stack there is to flaky and the notifier doesn't always
fire correctly. Hopefully excludedRoutes works well with XLAT; otherwise
we're in trouble.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-05-26 00:12:47 +05:30
Roopesh Chander d9e88c51bd Swift 5 migration: Fix switch warnings
We now get a warning when switching over enums from system
frameworks even when we handle all public cases because
there can be future cases that aren't handled.

When such a future case is introduced, we'll get a warning.

Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-04-09 11:25:04 +05:30
Jason A. Donenfeld a6f80135ef ringlogger: support mpsc for singlefile
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-03-17 08:51:27 +01:00
Jason A. Donenfeld 0e2556544e Global: fix swiftlint issues
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-08 17:07:28 +01:00
Jason A. Donenfeld a231410c52 Info.plist: Add missing key types
I worry that LSMinimumSystemVersion in the extension's plist might be
problematic, since that same plist runs on macOS and iOS. We _might_
need to bifurcate.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-08 03:47:36 +01:00
Jason A. Donenfeld 0539929d0c Key: Use C implementation instead
Swift compiles so slowly and it's unclear all of the insane type punning
was even correct.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-08 03:23:15 +01:00
Jason A. Donenfeld 05547861b6 Key: Constant time encoding
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-08 03:23:15 +01:00
Jason A. Donenfeld 394a0cbeb0 PacketTunnelProvider: proper fix for 32073323
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-07 15:01:37 +01:00
Jason A. Donenfeld 8c3557a907 Keychain: store configurations in keychain instead of providerConfig
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-02-06 06:20:23 +01:00
Jason A. Donenfeld 22625e8cc4 Tunnel: support getting runtime configuration
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-24 01:37:57 +01:00
Jason A. Donenfeld 668c4a475c macOS: remove mobile network tweeks
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-22 13:11:28 +01:00
Roopesh Chander 273ee04450 Better os() directives
Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-22 04:06:37 +05:30
Roopesh Chander f63c9fd598 macOS: Use tunnelOverheadBytes for automatic MTU in macOS
Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-16 01:51:56 +05:30
Roopesh Chander 629009d3be macOS: NE: Add entitlements for making network connections
Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-14 14:52:28 +05:30
Roopesh Chander d7d4355f5e Make app groups work on both iOS and macOS
Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-14 14:52:28 +05:30
Roopesh Chander c8cd663a05 iOS: Fix WireGuardNetworkExtensioniOS target
- Rename WireGuardNetworkExtension.entitlements to WireGuardNetworkExtension_iOS.entitlements

Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-14 14:52:28 +05:30
Roopesh Chander b32b897181 macOS: Fix WireGuardNetworkExtensionmacOS target
- Build using common network extension code
- Add run scripts
- Set Info.plist to common network extension's Info.plist
- Move entitlements to common network extension folder
- Remove Xcode-generated macOS network extension code
- Set Swift-Obj-C bridging header

Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-14 14:52:27 +05:30
Roopesh Chander d02b0fd10e xcconfig: Make app id platform-specific
Signed-off-by: Roopesh Chander <roop@roopc.net>
2019-01-14 14:52:26 +05:30
Jason A. Donenfeld 49f287439e PacketTunnelSettingsGenerator: use 127.0.0.1 as dummy address
It turns out that using 0.0.0.0 somehow conflicts with DNS lookups when
CLAT is in use.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-08 01:51:12 +01:00
Jason A. Donenfeld 150cd119c7 Avoid dynamic MTU calculations for now
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-07 19:23:39 -05:00
Jason A. Donenfeld e2384e143c Update copyright
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-07 19:23:39 -05:00
Jason A. Donenfeld 0b828f9b96 Rework DNS and routes in network extension
The DNS resolver prior had useless comments, awful nesting, converted
bytes into strings and back into bytes, and generally made no sense.
That's been rewritten now.

But more fundumentally, this commit made the DNS resolver actually
accomplish its objective, by passing AI_ALL to it. It turns out, though,
that the Go library isn't actually using GAI in the way we need for
parsing IP addresses, so we actually need to do another round, this time
with hints flag as zero, so that we get the DNS64 address.

Additionally, since we're now binding sockets to interfaces, we can
entirely remove the excludedRoutes logic.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-28 19:38:03 +01:00
Jason A. Donenfeld c9c343cde2 NetworkExtension: rescope socket instead of tearing down socket
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-26 01:17:55 +01:00
Jason A. Donenfeld 129f94dccd Rely on availability of fd only after setting network settings
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 18:29:54 +01:00
Jason A. Donenfeld dddbf3b370 Retain aggressive socket reestablishment for now
This can be reverted once we've done more testing.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 15:45:09 +01:00
Eric Kuck 0bec5b04b0 All models now Equatable
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
2018-12-21 22:57:17 -06:00
Jason A. Donenfeld b0b6866c51 Do not crash if we can't get socket.fileDescriptor
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 05:13:04 +01:00
Eric Kuck 9098cd1161 Removing a tunnel from iOS's settings is now immediately reflected in app
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
2018-12-21 21:59:43 -06:00
Jason A. Donenfeld 8365adf435 Localize remaining strings in network extension
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 03:42:01 +01:00
Jason A. Donenfeld f2000aa1da Combine double log invocations
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 02:21:07 +01:00
Jason A. Donenfeld 4ed646973e Move name from interface to tunnel
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-22 00:28:18 +01:00
Jason A. Donenfeld 7b9d4cb9e3 Nuke trailing spaces
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-12-21 23:34:56 +01:00
Eric Kuck 1fecd8eb6c providerConfiguration is now a WgQuickConfig
Signed-off-by: Eric Kuck <eric@bluelinelabs.com>
2018-12-21 16:32:08 -06:00