Commit Graph

1277 Commits

Author SHA1 Message Date
Jason A. Donenfeld
d882a486a9 Keychain: remove class constraint when copying
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 16:51:25 +02:00
Jason A. Donenfeld
adcbd17ebe WireGuardApp: do not delete unverifying profiles ever
The Keychain code is much too fragile, and it's better to err on the
safe side. Instead just log an error when this happens.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 07:13:48 +02:00
Jason A. Donenfeld
3d8de22b96 WireGuardKitGo: bump wireguard-go version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 06:58:14 +02:00
Roopesh Chander
ba4d1e7b21 MacAppStoreUpdateDetector: Detect StoreAEService correctly
In macOS 10.15 and macOS 11, the quit Apple event is sent by:
  com.apple.AppStoreDaemon.StoreAEService

In some earlier macOS release, the quit Apple event was sent by:
  com.apple.CommerceKit.StoreAEService

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-09-22 06:58:14 +02:00
Roopesh Chander
f5a14b8434 MacAppStoreUpdateDetector: Add pid to the log
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-09-22 06:58:14 +02:00
Jason A. Donenfeld
b74eb7239a WireGuardKitGo: include new homebrew location in PATH
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 06:58:14 +02:00
Roopesh Chander
a8226b35d2 build: Fix swiftlint warnings
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-09-22 06:58:14 +02:00
Roopesh Chander
73c708d902 build: Fix swift warnings
Use 'AnyObject' instead of 'class' to restrict protocol inheritance

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-09-22 06:58:14 +02:00
Roopesh Chander
3668f3af9f build: Include 'swiftlint' location in the PATH before invoking it
In macOS 11, HomeBrew installs swiftlint under /opt/homebrew, which is not
in the default path that Xcode seems to use. So we include the PATH
to contain:

  - /usr/local/bin:

    Where HomeBrew installs 'swiftlint' in macOS 10.15 and earlier

  - /opt/homebrew/bin:

    Where HomeBrew installs 'swiftlint' in macOS 11

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-09-22 06:58:14 +02:00
Jason A. Donenfeld
54697a3240 UI: Use 'On-Demand', with hyphen, consistently
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 06:58:14 +02:00
Jason A. Donenfeld
3428bfbc9e UI: macOS: do on-demand ritual for clicking list item too
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-09-22 02:40:49 +02:00
Roopesh Chander
cfd1b16801 UI: Consider on-demand to be enabled iff the tunnel provider is enabled
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-08-03 16:35:18 +05:30
Roopesh Chander
ca70fe9ddc UI: When setting on-demand, avoid a second saveToPreferences() call
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-08-03 16:34:57 +05:30
Roopesh Chander
55c587b443 UI: When saving on-demand rules, don't set isOnDemandEnabled
When adding or modifying a config, when on-demand options are set by a
user, the rules are saved, but isOnDemandEnabled is left unset (and can
be set by the appropriate control in the detail view (switch in iOS /
button in macOS)).

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-08-02 23:25:53 +05:30
Roopesh Chander
b6831c1aca UI: macOS: Incorporate on-demand-ness in status menu
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-30 13:29:38 +05:30
Roopesh Chander
2ac17da7cb UI: macOS: Tunnel detail: Incorporate on-demand-ness in toggle button
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-30 13:29:33 +05:30
Roopesh Chander
274c4cd092 UI: macOS: Tunnel detail: Incorporate on-demand-ness in the status row
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-30 13:29:28 +05:30
Roopesh Chander
95e1409bfb UI: macOS: Tunnel list: Incorporate on-demand-ness in the status circle
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-30 13:29:25 +05:30
Roopesh Chander
2c2c53b1f8 UI: macOS: Add yellow circle image
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-30 13:29:09 +05:30
Roopesh Chander
9cbfec99df UI: Localizations: Remove alertTunnelActivationFailureOnDemandAddendum
It's not used anymore.

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 15:55:17 +05:30
Roopesh Chander
1bd6dcb7e7 UI: Remove addendum on on-demand from error on tunnel activation
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 11:52:54 +05:30
Roopesh Chander
c1fe8b0162 UI: When setting on-demand, enable the tunnel if required
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 11:52:54 +05:30
Roopesh Chander
64c2fb337d UI: iOS: Tunnels list: Move the "On Demand" label to the right
Having that at the bottom makes it harder for iOS to get
the row height correctly.

Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:35:05 +05:30
Roopesh Chander
147ac02f0d UI: iOS: Show on-demand state in 'Status' if there are on-demand rules
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:35:05 +05:30
Roopesh Chander
03ef79c0fd UI: When reloading tunnels, preserve '.waiting' state
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:35:05 +05:30
Roopesh Chander
a261d84fc6 UI: When deactivating for activating another tunnel, disable on-demand
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:35:05 +05:30
Roopesh Chander
abaf1f1454 UI: Keep on-demand rules even if on-demand is disabled
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:34:36 +05:30
Roopesh Chander
1e9e21bacf UI: iOS: Tunnel detail: Incorporate on-demand-ness in 'Status'
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:18:02 +05:30
Andrej Mihajlov
ac9f7b9f5e UI: iOS: Show "on-demand is active" for tunnels with the active on-demand
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:18:02 +05:30
Roopesh Chander
a115dd3bd9 UI: iOS: Tunnels list: Incorporate on-demand-ness in the switch
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:18:01 +05:30
Roopesh Chander
df9934a4b8 UI: TunnelsManager: Add setOnDemandEnabled() instance method
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:18:01 +05:30
Roopesh Chander
40f18de4d2 UI: TunnelsManager: Add TunnelContainer.hasOnDemandRules
Signed-off-by: Roopesh Chander <roop@roopc.net>
2021-07-28 03:18:01 +05:30
Jason A. Donenfeld
13b720442d Global: bump copyright year
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-17 16:56:46 +02:00
Andrej Mihajlov
c1f509d65b Kit: add missing import for WireGuardKitC
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2021-06-17 15:15:41 +02:00
Jason A. Donenfeld
87f0526f09 App: version bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-16 18:34:54 +02:00
Jason A. Donenfeld
060c027325 Kit: Go: mod bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-16 18:03:28 +02:00
Jason A. Donenfeld
23bf3cfccb Kit: Adapter: use more reliable utun detection technique
Rather than hoping that the AF_SYSTEM fd is of type utun, and then
calling "2" on it to get the name -- which could be defined as something
else for a different AF_SYSTEM socket type -- instead simply query the
AF_SYSTEM control socket ID with getpeername. This has one catch, which
is that the ID is dynamically allocated, so we resolve it using the
qualified name. Normally we'd make a new AF_SYSTEM socket for this, but
since that's not allowed in the sandbox, we reuse the AF_SYSTEM socket
that we're checking. At this point in the flow, we know that it's a
proper AF_SYSTEM one, based on the first sockaddr member; we just don't
know that it's a utun variety.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-16 17:40:12 +02:00
Jason A. Donenfeld
7f5ad3e503 Kit: Adapter: iterate through all FDs to find UTUN
This is a bit of a kludge, until I find something better. We simply
iterate through all FDs, and call getsockopt on each one until we find
the utun FD. This works, and completes rather quickly (fd is usually 6
or 7). Rather than maintain the old path for older kernels, just use
this for all versions, to get more coverage. Other techniques involve
undocumented APIs; this one has the advantage of using nothing
undocumented.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-06-16 15:56:21 +02:00
Andrej Mihajlov
820fa55380 SPM: update exclude rules
Fixes missing excluded file warning in Xcode. api-ios.go was renamed to api-apple.go.

Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2021-06-16 15:23:11 +02:00
Jason A. Donenfeld
eb528c766b UI: iOS: asynchronously load from NEHotspotNetwork on iOS 14
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-03-09 09:10:07 -07:00
Jason A. Donenfeld
53235eb38f UI: iOS: clean up visuals in SSID editor
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-03-09 09:10:07 -07:00
Jason A. Donenfeld
b9ff5c2e94 README: account for funky xcode paths
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-03-09 09:10:07 -07:00
Jason A. Donenfeld
b7f69d20b6 Kit: Go: bump to latest API
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-03-09 09:10:04 -07:00
Andrej Mihajlov
6c4f4109eb UI: iOS: Disable "copy" action on on-demand cells
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2021-01-11 13:09:41 +01:00
Jason A. Donenfeld
7b5b564a6e Kit: netcfg: add explicit IP mask routes
macOS will use the wrong source address unless we add explicit routes
that mention the self-pointing gateway. Actually, it won't add any
implicit routes on its own, so in order to route the masks of the
addresses, we have to add our own routes explicitly.

However, this still doesn't fix the problem while inside of the network
extension, even though it works outside it.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-01-01 18:28:14 +01:00
Jason A. Donenfeld
695f868b1f Kit: Go: mod bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-12-23 22:54:47 +01:00
Andrej Mihajlov
e724c043d9 UI: iOS: Remove duplicate call to addSubview
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-23 16:14:03 +01:00
Andrej Mihajlov
491301f58b UI: iOS: Fix placeholder label alignment in text fields.
Signed-off-by: Andrej Mihajlov <and@mullvad.net>
2020-12-23 16:14:03 +01:00
Jason A. Donenfeld
c4f79beb8d App: version bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-12-23 15:05:56 +01:00
Jason A. Donenfeld
a613fec2ff project: sync translations and improve id generation again
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-12-23 14:55:29 +01:00