From a3b3df069bbaa06149e43ca26e5df219ee61aa15 Mon Sep 17 00:00:00 2001 From: Diego Rey Mendez Date: Mon, 5 Aug 2024 22:01:40 +0200 Subject: [PATCH] VPN Domain exclusions (internal release) (#918) Task/Issue URL: https://app.asana.com/0/0/1207936340790549/f iOS PR: https://github.com/duckduckgo/iOS/pull/3164 macOS PR: https://github.com/duckduckgo/macos-browser/pull/3045 What kind of version bump will this require?: Patch ## Description Adds BSK support for implements domain exclusions in macOS for internal users only. --- .../ExtensionMessage/ExtensionRequest.swift | 1 + .../PacketTunnelProvider.swift | 23 +++++++++++++++++++ .../WireGuardKit/WireGuardAdapter.swift | 3 --- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/Sources/NetworkProtection/ExtensionMessage/ExtensionRequest.swift b/Sources/NetworkProtection/ExtensionMessage/ExtensionRequest.swift index 693cde61a..9f2c50f14 100644 --- a/Sources/NetworkProtection/ExtensionMessage/ExtensionRequest.swift +++ b/Sources/NetworkProtection/ExtensionMessage/ExtensionRequest.swift @@ -23,6 +23,7 @@ public enum VPNCommand: Codable { case removeSystemExtension case removeVPNConfiguration case sendTestNotification + case restartAdapter case uninstallVPN case disableConnectOnDemandAndShutDown case quitAgent diff --git a/Sources/NetworkProtection/PacketTunnelProvider.swift b/Sources/NetworkProtection/PacketTunnelProvider.swift index d1126a44d..3b442e179 100644 --- a/Sources/NetworkProtection/PacketTunnelProvider.swift +++ b/Sources/NetworkProtection/PacketTunnelProvider.swift @@ -907,6 +907,7 @@ open class PacketTunnelProvider: NEPacketTunnelProvider { excludedRoutes: settings.excludedRanges, dnsSettings: settings.dnsSettings, regenerateKey: regenerateKey) + case .useConfiguration(let newTunnelConfiguration): tunnelConfiguration = newTunnelConfiguration } @@ -1139,6 +1140,8 @@ open class PacketTunnelProvider: NEPacketTunnelProvider { case .removeVPNConfiguration: // Since the VPN configuration is being removed we may as well reset all state handleResetAllState(completionHandler: completionHandler) + case .restartAdapter: + handleRestartAdapter(completionHandler: completionHandler) case .uninstallVPN: // Since the VPN configuration is being removed we may as well reset all state handleResetAllState(completionHandler: completionHandler) @@ -1170,6 +1173,26 @@ open class PacketTunnelProvider: NEPacketTunnelProvider { } } + private func handleRestartAdapter(completionHandler: ((Data?) -> Void)? = nil) { + Task { + do { + let tunnelConfiguration = try await generateTunnelConfiguration(serverSelectionMethod: currentServerSelectionMethod, + includedRoutes: includedRoutes ?? [], + excludedRoutes: settings.excludedRanges, + dnsSettings: settings.dnsSettings, + regenerateKey: false) + + try await updateTunnelConfiguration(updateMethod: .useConfiguration(tunnelConfiguration), + reassert: false, + regenerateKey: false) + + completionHandler?(nil) + } catch { + completionHandler?(nil) + } + } + } + private func handleGetLastErrorMessage(completionHandler: ((Data?) -> Void)? = nil) { let response = controllerErrorStore.lastErrorMessage.map(ExtensionMessageString.init) completionHandler?(response?.rawValue) diff --git a/Sources/NetworkProtection/WireGuardKit/WireGuardAdapter.swift b/Sources/NetworkProtection/WireGuardKit/WireGuardAdapter.swift index c430673b7..bd9f304f9 100644 --- a/Sources/NetworkProtection/WireGuardKit/WireGuardAdapter.swift +++ b/Sources/NetworkProtection/WireGuardKit/WireGuardAdapter.swift @@ -370,9 +370,6 @@ public class WireGuardAdapter { } if reassert { - // Tell the system that the tunnel is going to reconnect using new WireGuard - // configuration. - // This will broadcast the `NEVPNStatusDidChange` notification to the GUI process. self.packetTunnelProvider?.reasserting = true }