aboutsummaryrefslogtreecommitdiffstats
path: root/WireGuard/WireGuardNetworkExtension
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-11-05 03:10:52 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2018-11-05 03:11:11 +0100
commita08a9ba4c4c9d578979583e8c2fe227de93ee4d1 (patch)
tree33b720d71e38d7d579d1dcc4ab93549be5a7473f /WireGuard/WireGuardNetworkExtension
parentSettings: account for bottom padding on iPhone X (diff)
downloadwireguard-apple-a08a9ba4c4c9d578979583e8c2fe227de93ee4d1.tar.xz
wireguard-apple-a08a9ba4c4c9d578979583e8c2fe227de93ee4d1.zip
PacketTunnelProvider: clamp v6 addresses to /120
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'WireGuard/WireGuardNetworkExtension')
-rw-r--r--WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift8
1 files changed, 7 insertions, 1 deletions
diff --git a/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift b/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
index da4372e..ddd2677 100644
--- a/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
+++ b/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
@@ -92,7 +92,13 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
networkSettings.ipv4Settings = ipv4Settings
// IPv6 settings
- let ipv6Settings = NEIPv6Settings(addresses: ipv6Addresses, networkPrefixLengths: ipv6NetworkPrefixLengths)
+
+ /* Big fat ugly hack for broken iOS networking stack: the smallest prefix that will have
+ * any effect on iOS is a /120, so we clamp everything above to /120. This is potentially
+ * very bad, if various network parameters were actually relying on that subnet being
+ * intentionally small. TODO: talk about this with upstream iOS devs.
+ */
+ let ipv6Settings = NEIPv6Settings(addresses: ipv6Addresses, networkPrefixLengths: ipv6NetworkPrefixLengths.map { NSNumber(value: min(120, $0.intValue)) })
assert(ipv6IncludedRouteAddresses.count == ipv6IncludedRouteNetworkPrefixLengths.count)
ipv6Settings.includedRoutes = zip(ipv6IncludedRouteAddresses, ipv6IncludedRouteNetworkPrefixLengths).map {
NEIPv6Route(destinationAddress: $0.0, networkPrefixLength: $0.1)