aboutsummaryrefslogtreecommitdiffstats
path: root/wireguard-go-bridge
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-12-25 22:38:32 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2018-12-26 01:17:55 +0100
commitc9c343cde21eab0b776c97e7017e7fd515b4ac4d (patch)
tree3e2efb04d430b2ee3d4407b33ef50b3327356c60 /wireguard-go-bridge
parentminizip: Remove zip encryption code (diff)
downloadwireguard-apple-c9c343cde21eab0b776c97e7017e7fd515b4ac4d.tar.xz
wireguard-apple-c9c343cde21eab0b776c97e7017e7fd515b4ac4d.zip
NetworkExtension: rescope socket instead of tearing down socket
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'wireguard-go-bridge')
-rw-r--r--wireguard-go-bridge/src/api-ios.go44
-rw-r--r--wireguard-go-bridge/wireguard.h2
2 files changed, 41 insertions, 5 deletions
diff --git a/wireguard-go-bridge/src/api-ios.go b/wireguard-go-bridge/src/api-ios.go
index 902cfac9..5221bb2f 100644
--- a/wireguard-go-bridge/src/api-ios.go
+++ b/wireguard-go-bridge/src/api-ios.go
@@ -137,13 +137,49 @@ func wgSetConfig(tunnelHandle int32, settings string) int64 {
return 0
}
-//export wgGetListenPort
-func wgGetListenPort(tunnelHandle int32) uint16 {
+//export wgBindInterfaceScope
+func wgBindInterfaceScope(tunnelHandle int32, ifscope int32) {
+ var operr error
device, ok := tunnelHandles[tunnelHandle]
if !ok {
- return 0
+ return
+ }
+ device.log.Info.Printf("Binding sockets to interface %d\n", ifscope)
+ bind := device.net.bind.(*NativeBind)
+ for bind.ipv4 != nil {
+ fd, err := bind.ipv4.SyscallConn()
+ if err != nil {
+ device.log.Error.Printf("Unable to bind v4 socket to interface:", err)
+ break
+ }
+ err = fd.Control(func(fd uintptr) {
+ operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_BOUND_IF, int(ifscope))
+ })
+ if err == nil {
+ err = operr
+ }
+ if err != nil {
+ device.log.Error.Printf("Unable to bind v4 socket to interface:", err)
+ }
+ break
+ }
+ for bind.ipv6 != nil {
+ fd, err := bind.ipv6.SyscallConn()
+ if err != nil {
+ device.log.Error.Printf("Unable to bind v6 socket to interface:", err)
+ break
+ }
+ err = fd.Control(func(fd uintptr) {
+ operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_BOUND_IF, int(ifscope))
+ })
+ if err == nil {
+ err = operr
+ }
+ if err != nil {
+ device.log.Error.Printf("Unable to bind v6 socket to interface:", err)
+ }
+ break
}
- return device.net.port
}
//export wgVersion
diff --git a/wireguard-go-bridge/wireguard.h b/wireguard-go-bridge/wireguard.h
index d7183c97..71b4c832 100644
--- a/wireguard-go-bridge/wireguard.h
+++ b/wireguard-go-bridge/wireguard.h
@@ -15,7 +15,7 @@ extern void wgSetLogger(logger_fn_t logger_fn);
extern int wgTurnOn(gostring_t settings, int32_t tun_fd);
extern void wgTurnOff(int handle);
extern int64_t wgSetConfig(int handle, gostring_t settings);
-extern uint16_t wgGetListenPort(int handle);
+extern void wgBindInterfaceScope(int handle, int32_t ifscope);
extern char *wgVersion();
#endif