NE: Change handling of bad domain names and Activate On Demand

The solution implemented in commit b8c331c causes the tunnel to remain in 'Activating' state, without the ability to cancel that. So, in this commit, instead of retrying DNS silently on Activated-On-Demand tunnels, we fail the startTunnel() silently. To summarize, if activate-on-demand is on: - If started from the WireGuard app, show error using lastErrorFile mechanism, suggesting a way to turn off Activate On Demand - If not started from WireGuard app, don't call displayMessage() (don't show error to user) and silently fail starting the tunnel Signed-off-by: Roopesh Chander <roop@roopc.net>
author: Roopesh Chander <roop@roopc.net> 2018-12-21 15:40:04 +0530
committer: Roopesh Chander <roop@roopc.net> 2018-12-21 15:52:47 +0530
commit: 28ce4d516435306b929aba4a7ccbed00bf16e309 (patch)
tree: 3361c59eae9724a48efc506ad2ad92f569606ba8 /WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
parent: Added missing param in MockTunnels (diff)
download: wireguard-apple-28ce4d516435306b929aba4a7ccbed00bf16e309.tar.xz
wireguard-apple-28ce4d516435306b929aba4a7ccbed00bf16e309.zip
1 files changed, 14 insertions, 12 deletions
diff --git a/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift b/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
index 02fbd4c..1b74d5d 100644
--- a/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
+++ b/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
@@ -8,6 +8,9 @@ class ErrorNotifier {
     let activationAttemptId: String?
     weak var tunnelProvider: NEPacketTunnelProvider?
 
+    var tunnelName: String?
+    var isActivateOnDemandEnabled = false
+
     init(activationAttemptId: String?, tunnelProvider: NEPacketTunnelProvider) {
         self.activationAttemptId = activationAttemptId
         self.tunnelProvider = tunnelProvider
@@ -17,17 +20,13 @@ class ErrorNotifier {
     func errorMessage(for error: PacketTunnelProviderError) -> (String, String)? {
         switch error {
         case .savedProtocolConfigurationIsInvalid:
-            return ("Activation failure", "Could not retrieve tunnel information from the saved configuration")
-        case .dnsResolutionFailure(let tunnelName, let isActivateOnDemandEnabled):
-            if isActivateOnDemandEnabled {
-                return ("DNS resolution failure", "This tunnel has Activate On Demand enabled, so activation might be retried. You may turn off Activate On Demand in the WireGuard app by navigating to: '\(tunnelName)' > Edit")
-            } else {
-                return ("DNS resolution failure", "One or more endpoint domains could not be resolved")
-            }
+            return ("Activation failure", "Could not retrieve tunnel information from the saved configuration.")
+        case .dnsResolutionFailure:
+            return ("DNS resolution failure", "One or more endpoint domains could not be resolved.")
         case .couldNotStartWireGuard:
-            return ("Activation failure", "WireGuard backend could not be started")
+            return ("Activation failure", "WireGuard backend could not be started.")
         case .coultNotSetNetworkSettings:
-            return ("Activation failure", "Error applying network settings on the tunnel")
+            return ("Activation failure", "Error applying network settings on the tunnel.")
         }
     }
 
@@ -35,13 +34,16 @@ class ErrorNotifier {
         guard let (title, message) = errorMessage(for: error) else { return }
         if let activationAttemptId = activationAttemptId, let lastErrorFilePath = FileManager.networkExtensionLastErrorFileURL?.path {
             // The tunnel was started from the app
-            let errorMessageData = "\(activationAttemptId)\n\(title)\n\(message)".data(using: .utf8)
+            let onDemandMessage = isActivateOnDemandEnabled ? " This tunnel has Activate On Demand enabled, so this tunnel might be activated automatically. You may turn off Activate On Demand in the WireGuard app by navigating to: '\(tunnelName ?? "tunnel")' > Edit." : ""
+            let errorMessageData = "\(activationAttemptId)\n\(title)\n\(message)\(onDemandMessage)".data(using: .utf8)
             FileManager.default.createFile(atPath: lastErrorFilePath, contents: errorMessageData, attributes: nil)
         } else {
-            // The tunnel was probably started from iOS Settings app
+            // The tunnel was probably started from iOS Settings app or activated on-demand
             if let tunnelProvider = self.tunnelProvider {
                 // displayMessage() is deprecated, but there's no better alternative if invoked from iOS Settings
-                tunnelProvider.displayMessage("\(title): \(message)") { _ in }
+                if !isActivateOnDemandEnabled { // If using activate-on-demand, don't use displayMessage
+                    tunnelProvider.displayMessage("\(title): \(message)") { _ in }
+                }
             }
         }
     }
author	Roopesh Chander <roop@roopc.net>	2018-12-21 15:40:04 +0530
committer	Roopesh Chander <roop@roopc.net>	2018-12-21 15:52:47 +0530
commit	28ce4d516435306b929aba4a7ccbed00bf16e309 (patch)
tree	3361c59eae9724a48efc506ad2ad92f569606ba8 /WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
parent	Added missing param in MockTunnels (diff)
download	wireguard-apple-28ce4d516435306b929aba4a7ccbed00bf16e309.tar.xz wireguard-apple-28ce4d516435306b929aba4a7ccbed00bf16e309.zip