From 22fb7db3d90fa1e7effe3518bf8196434d27e4b9 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Thu, 12 Jul 2018 01:58:23 +0200 Subject: TunnelEditorFragment: add DNSes to allowedIPs when excluding rfc1918 --- .../android/fragment/TunnelEditorFragment.java | 45 ++++++++++++++++ app/src/main/java/com/wireguard/config/Peer.java | 62 ++++++++++++++++------ app/src/main/res/layout/tunnel_editor_peer.xml | 4 +- 3 files changed, 93 insertions(+), 18 deletions(-) diff --git a/app/src/main/java/com/wireguard/android/fragment/TunnelEditorFragment.java b/app/src/main/java/com/wireguard/android/fragment/TunnelEditorFragment.java index 45e08ee9..f6f1483a 100644 --- a/app/src/main/java/com/wireguard/android/fragment/TunnelEditorFragment.java +++ b/app/src/main/java/com/wireguard/android/fragment/TunnelEditorFragment.java @@ -8,6 +8,8 @@ package com.wireguard.android.fragment; import android.app.Activity; import android.content.Context; +import android.databinding.Observable; +import android.databinding.ObservableList; import android.os.Bundle; import android.support.annotation.NonNull; import android.support.design.widget.Snackbar; @@ -23,6 +25,7 @@ import android.view.inputmethod.InputMethodManager; import android.widget.Toast; import com.wireguard.android.Application; +import com.wireguard.android.BR; import com.wireguard.android.R; import com.wireguard.android.databinding.TunnelEditorFragmentBinding; import com.wireguard.android.fragment.AppListDialogFragment.AppExclusionListener; @@ -31,6 +34,7 @@ import com.wireguard.android.model.TunnelManager; import com.wireguard.android.util.ExceptionLoggers; import com.wireguard.config.Attribute; import com.wireguard.config.Config; +import com.wireguard.config.Peer; import java.util.List; @@ -79,11 +83,52 @@ public class TunnelEditorFragment extends BaseFragment implements AppExclusionLi inflater.inflate(R.menu.config_editor, menu); } + private final ObservableList.OnListChangedCallback> breakObjectListOrientedLayeringHandler = new ObservableList.OnListChangedCallback>() { + @Override + public void onChanged(final ObservableList sender) { } + @Override + public void onItemRangeChanged(final ObservableList sender, final int positionStart, final int itemCount) { } + @Override + public void onItemRangeMoved(final ObservableList sender, final int fromPosition, final int toPosition, final int itemCount) { } + + @Override + public void onItemRangeInserted(final ObservableList sender, final int positionStart, final int itemCount) { + breakObjectOrientedLayeringHandler.onPropertyChanged(binding.getConfig(), BR.peers); + } + @Override + public void onItemRangeRemoved(final ObservableList sender, final int positionStart, final int itemCount) { + breakObjectOrientedLayeringHandler.onPropertyChanged(binding.getConfig(), BR.peers); + } + }; + + private final Observable.OnPropertyChangedCallback breakObjectOrientedLayeringHandler = new Observable.OnPropertyChangedCallback() { + @Override + public void onPropertyChanged(final Observable sender, final int propertyId) { + final Config.Observable config = binding.getConfig(); + if (config == null) + return; + if (propertyId == BR.config) { + config.addOnPropertyChangedCallback(breakObjectOrientedLayeringHandler); + config.getInterfaceSection().addOnPropertyChangedCallback(breakObjectOrientedLayeringHandler); + config.getPeers().addOnListChangedCallback(breakObjectListOrientedLayeringHandler); + } else if (propertyId == BR.dnses || propertyId == BR.peers) + ; + else + return; + final int numSiblings = config.getPeers().size() - 1; + for (final Peer.Observable peer : config.getPeers()) { + peer.setInterfaceDNSRoutes(config.getInterfaceSection().getDnses()); + peer.setNumSiblings(numSiblings); + } + } + }; + @Override public View onCreateView(@NonNull final LayoutInflater inflater, final ViewGroup container, final Bundle savedInstanceState) { super.onCreateView(inflater, container, savedInstanceState); binding = TunnelEditorFragmentBinding.inflate(inflater, container, false); + binding.addOnPropertyChangedCallback(breakObjectOrientedLayeringHandler); binding.executePendingBindings(); return binding.getRoot(); } diff --git a/app/src/main/java/com/wireguard/config/Peer.java b/app/src/main/java/com/wireguard/config/Peer.java index 755e81f0..6e8d5a89 100644 --- a/app/src/main/java/com/wireguard/config/Peer.java +++ b/app/src/main/java/com/wireguard/config/Peer.java @@ -21,6 +21,7 @@ import java.net.URISyntaxException; import java.net.UnknownHostException; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.HashSet; import java.util.List; import java.util.Locale; @@ -213,6 +214,8 @@ public class Peer { private String persistentKeepalive; private String preSharedKey; private String publicKey; + private List interfaceDNSRoutes; + private int numSiblings; public Observable(final Peer parent) { loadData(parent); @@ -224,6 +227,9 @@ public class Peer { persistentKeepalive = in.readString(); preSharedKey = in.readString(); publicKey = in.readString(); + numSiblings = in.readInt(); + interfaceDNSRoutes = new ArrayList<>(); + in.readStringList(interfaceDNSRoutes); } public static Observable newInstance() { @@ -251,34 +257,34 @@ public class Peer { private static final List DEFAULT_ROUTE_MOD_RFC1918_V4 = Arrays.asList("0.0.0.0/5", "8.0.0.0/7", "11.0.0.0/8", "12.0.0.0/6", "16.0.0.0/4", "32.0.0.0/3", "64.0.0.0/2", "128.0.0.0/3", "160.0.0.0/5", "168.0.0.0/6", "172.0.0.0/12", "172.32.0.0/11", "172.64.0.0/10", "172.128.0.0/9", "173.0.0.0/8", "174.0.0.0/7", "176.0.0.0/4", "192.0.0.0/9", "192.128.0.0/11", "192.160.0.0/13", "192.169.0.0/16", "192.170.0.0/15", "192.172.0.0/14", "192.176.0.0/12", "192.192.0.0/10", "193.0.0.0/8", "194.0.0.0/7", "196.0.0.0/6", "200.0.0.0/5", "208.0.0.0/4"); public void toggleExcludePrivateIPs() { - final HashSet ips = new HashSet<>(Arrays.asList(Attribute.stringToList(allowedIPs))); + final Collection ips = new HashSet<>(Arrays.asList(Attribute.stringToList(allowedIPs))); final boolean hasDefaultRoute = ips.contains(DEFAULT_ROUTE_V4); final boolean hasDefaultRouteModRFC1918 = ips.containsAll(DEFAULT_ROUTE_MOD_RFC1918_V4); - if (hasDefaultRoute && hasDefaultRouteModRFC1918) - ips.removeAll(DEFAULT_ROUTE_MOD_RFC1918_V4); - else if (hasDefaultRoute) { - ips.remove(DEFAULT_ROUTE_V4); + if ((!hasDefaultRoute && !hasDefaultRouteModRFC1918) || numSiblings > 0) + return; + ips.clear(); + if (hasDefaultRoute) { ips.addAll(DEFAULT_ROUTE_MOD_RFC1918_V4); - } else if (hasDefaultRouteModRFC1918) { - ips.removeAll(DEFAULT_ROUTE_MOD_RFC1918_V4); + ips.addAll(interfaceDNSRoutes); + } else if (hasDefaultRouteModRFC1918) ips.add(DEFAULT_ROUTE_V4); - } setAllowedIPs(Attribute.iterableToString(ips)); } @Bindable - public String getAllowedIPs() { - return allowedIPs; + public boolean getCanToggleExcludePrivateIPs() { + final Collection ips = Arrays.asList(Attribute.stringToList(allowedIPs)); + return numSiblings == 0 && (ips.contains(DEFAULT_ROUTE_V4) || ips.containsAll(DEFAULT_ROUTE_MOD_RFC1918_V4)); } @Bindable - public boolean getAllowedIPsContainsDefaultRoute() { - return Arrays.asList(Attribute.stringToList(allowedIPs)).contains(DEFAULT_ROUTE_V4); + public boolean getIsExcludePrivateIPsOn() { + return numSiblings == 0 && Arrays.asList(Attribute.stringToList(allowedIPs)).containsAll(DEFAULT_ROUTE_MOD_RFC1918_V4); } @Bindable - public boolean getAllowedIPsContainsDefaultRouteModRFC1918() { - return Arrays.asList(Attribute.stringToList(allowedIPs)).containsAll(DEFAULT_ROUTE_MOD_RFC1918_V4); + public String getAllowedIPs() { + return allowedIPs; } @Bindable @@ -307,13 +313,14 @@ public class Peer { persistentKeepalive = parent.getPersistentKeepaliveString(); preSharedKey = parent.getPreSharedKey(); publicKey = parent.getPublicKey(); + interfaceDNSRoutes = new ArrayList<>(); } public void setAllowedIPs(final String allowedIPs) { this.allowedIPs = allowedIPs; notifyPropertyChanged(BR.allowedIPs); - notifyPropertyChanged(BR.allowedIPsContainsDefaultRoute); - notifyPropertyChanged(BR.allowedIPsContainsDefaultRouteModRFC1918); + notifyPropertyChanged(BR.canToggleExcludePrivateIPs); + notifyPropertyChanged(BR.isExcludePrivateIPsOn); } public void setEndpoint(final String endpoint) { @@ -336,6 +343,27 @@ public class Peer { notifyPropertyChanged(BR.publicKey); } + public void setInterfaceDNSRoutes(final String dnsServers) { + final Collection ips = new HashSet<>(Arrays.asList(Attribute.stringToList(allowedIPs))); + final boolean modifyAllowedIPs = ips.containsAll(DEFAULT_ROUTE_MOD_RFC1918_V4); + + ips.removeAll(interfaceDNSRoutes); + interfaceDNSRoutes.clear(); + for (final String dnsServer : Attribute.stringToList(dnsServers)) { + if (!dnsServer.contains(":")) + interfaceDNSRoutes.add(dnsServer + "/32"); + } + ips.addAll(interfaceDNSRoutes); + if (modifyAllowedIPs) + setAllowedIPs(Attribute.iterableToString(ips)); + } + + public void setNumSiblings(final int num) { + numSiblings = num; + notifyPropertyChanged(BR.canToggleExcludePrivateIPs); + notifyPropertyChanged(BR.isExcludePrivateIPsOn); + } + @Override public void writeToParcel(final Parcel dest, final int flags) { dest.writeString(allowedIPs); @@ -343,6 +371,8 @@ public class Peer { dest.writeString(persistentKeepalive); dest.writeString(preSharedKey); dest.writeString(publicKey); + dest.writeInt(numSiblings); + dest.writeStringList(interfaceDNSRoutes); } } } diff --git a/app/src/main/res/layout/tunnel_editor_peer.xml b/app/src/main/res/layout/tunnel_editor_peer.xml index 8afc5006..472b4cac 100644 --- a/app/src/main/res/layout/tunnel_editor_peer.xml +++ b/app/src/main/res/layout/tunnel_editor_peer.xml @@ -103,10 +103,10 @@ android:layout_height="wrap_content" android:layout_alignBaseline="@+id/allowed_ips_label" android:layout_alignParentEnd="true" - android:checked="@{item.allowedIPsContainsDefaultRouteModRFC1918}" + android:checked="@{item.isExcludePrivateIPsOn}" android:onClick="@{() -> item.toggleExcludePrivateIPs()}" android:text="@string/exclude_private_ips" - android:visibility="@{(item.allowedIPsContainsDefaultRoute || item.allowedIPsContainsDefaultRouteModRFC1918) ? View.VISIBLE : View.GONE}" /> + android:visibility="@{item.canToggleExcludePrivateIPs ? View.VISIBLE : View.GONE}" />