aboutsummaryrefslogtreecommitdiffstats
path: root/WireGuard/WireGuardNetworkExtension
diff options
context:
space:
mode:
Diffstat (limited to 'WireGuard/WireGuardNetworkExtension')
-rw-r--r--WireGuard/WireGuardNetworkExtension/DNSResolver.swift28
-rw-r--r--WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift2
-rw-r--r--WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift15
-rw-r--r--WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift22
4 files changed, 32 insertions, 35 deletions
diff --git a/WireGuard/WireGuardNetworkExtension/DNSResolver.swift b/WireGuard/WireGuardNetworkExtension/DNSResolver.swift
index 8a9873f..4ce89b2 100644
--- a/WireGuard/WireGuardNetworkExtension/DNSResolver.swift
+++ b/WireGuard/WireGuardNetworkExtension/DNSResolver.swift
@@ -13,7 +13,7 @@ class DNSResolver {
static func isAllEndpointsAlreadyResolved(endpoints: [Endpoint?]) -> Bool {
for endpoint in endpoints {
guard let endpoint = endpoint else { continue }
- if (!endpoint.hasHostAsIPAddress()) {
+ if !endpoint.hasHostAsIPAddress() {
return false
}
}
@@ -23,14 +23,14 @@ class DNSResolver {
static func resolveSync(endpoints: [Endpoint?]) throws -> [Endpoint?] {
let dispatchGroup: DispatchGroup = DispatchGroup()
- if (isAllEndpointsAlreadyResolved(endpoints: endpoints)) {
+ if isAllEndpointsAlreadyResolved(endpoints: endpoints) {
return endpoints
}
- var resolvedEndpoints: [Endpoint?] = Array<Endpoint?>(repeating: nil, count: endpoints.count)
+ var resolvedEndpoints: [Endpoint?] = Array(repeating: nil, count: endpoints.count)
for (index, endpoint) in endpoints.enumerated() {
guard let endpoint = endpoint else { continue }
- if (endpoint.hasHostAsIPAddress()) {
+ if endpoint.hasHostAsIPAddress() {
resolvedEndpoints[index] = endpoint
} else {
let workItem = DispatchWorkItem {
@@ -48,14 +48,14 @@ class DNSResolver {
let endpoint = tuple.0
let resolvedEndpoint = tuple.1
if let endpoint = endpoint {
- if (resolvedEndpoint == nil) {
+ if resolvedEndpoint == nil {
// DNS resolution failed
guard let hostname = endpoint.hostname() else { fatalError() }
hostnamesWithDnsResolutionFailure.append(hostname)
}
}
}
- if (!hostnamesWithDnsResolutionFailure.isEmpty) {
+ if !hostnamesWithDnsResolutionFailure.isEmpty {
throw DNSResolverError.dnsResolutionFailed(hostnames: hostnamesWithDnsResolutionFailure)
}
return resolvedEndpoints
@@ -76,7 +76,7 @@ extension DNSResolver {
ai_addr: nil,
ai_next: nil)
var resultPointer = UnsafeMutablePointer<addrinfo>(OpaquePointer(bitPattern: 0))
- switch (endpoint.host) {
+ switch endpoint.host {
case .name(let name, _):
// The endpoint is a hostname and needs DNS resolution
let returnValue = getaddrinfo(
@@ -84,29 +84,29 @@ extension DNSResolver {
"\(endpoint.port)".cString(using: .utf8), // Port
&hints,
&resultPointer)
- if (returnValue == 0) {
+ if returnValue == 0 {
// getaddrinfo succeeded
let ipv4Buffer = UnsafeMutablePointer<Int8>.allocate(capacity: Int(INET_ADDRSTRLEN))
let ipv6Buffer = UnsafeMutablePointer<Int8>.allocate(capacity: Int(INET6_ADDRSTRLEN))
var ipv4AddressString: String?
var ipv6AddressString: String?
- while (resultPointer != nil) {
+ while resultPointer != nil {
let result = resultPointer!.pointee
resultPointer = result.ai_next
- if (result.ai_family == AF_INET && result.ai_addrlen == MemoryLayout<sockaddr_in>.size) {
+ if result.ai_family == AF_INET && result.ai_addrlen == MemoryLayout<sockaddr_in>.size {
var sa4 = UnsafeRawPointer(result.ai_addr)!.assumingMemoryBound(to: sockaddr_in.self).pointee
- if (inet_ntop(result.ai_family, &sa4.sin_addr, ipv4Buffer, socklen_t(INET_ADDRSTRLEN)) != nil) {
+ if inet_ntop(result.ai_family, &sa4.sin_addr, ipv4Buffer, socklen_t(INET_ADDRSTRLEN)) != nil {
ipv4AddressString = String(cString: ipv4Buffer)
// If we found an IPv4 address, we can stop
break
}
- } else if (result.ai_family == AF_INET6 && result.ai_addrlen == MemoryLayout<sockaddr_in6>.size) {
- if (ipv6AddressString != nil) {
+ } else if result.ai_family == AF_INET6 && result.ai_addrlen == MemoryLayout<sockaddr_in6>.size {
+ if ipv6AddressString != nil {
// If we already have an IPv6 address, we can skip this one
continue
}
var sa6 = UnsafeRawPointer(result.ai_addr)!.assumingMemoryBound(to: sockaddr_in6.self).pointee
- if (inet_ntop(result.ai_family, &sa6.sin6_addr, ipv6Buffer, socklen_t(INET6_ADDRSTRLEN)) != nil) {
+ if inet_ntop(result.ai_family, &sa6.sin6_addr, ipv6Buffer, socklen_t(INET6_ADDRSTRLEN)) != nil {
ipv6AddressString = String(cString: ipv6Buffer)
}
}
diff --git a/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift b/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
index 4723e79..f06860a 100644
--- a/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
+++ b/WireGuard/WireGuardNetworkExtension/ErrorNotifier.swift
@@ -5,7 +5,7 @@ import NetworkExtension
class ErrorNotifier {
static func errorMessage(for error: PacketTunnelProviderError) -> (String, String)? {
- switch (error) {
+ switch error {
case .savedProtocolConfigurationIsInvalid:
return ("Activation failure", "Could not retrieve tunnel information from the saved configuration")
case .dnsResolutionFailure:
diff --git a/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift b/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
index 81a9520..029d74b 100644
--- a/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
+++ b/WireGuard/WireGuardNetworkExtension/PacketTunnelProvider.swift
@@ -75,13 +75,12 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
// Setup packetTunnelSettingsGenerator
- let packetTunnelSettingsGenerator = PacketTunnelSettingsGenerator(tunnelConfiguration: tunnelConfiguration,
- resolvedEndpoints: resolvedEndpoints)
+ let packetTunnelSettingsGenerator = PacketTunnelSettingsGenerator(tunnelConfiguration: tunnelConfiguration, resolvedEndpoints: resolvedEndpoints)
// Bring up wireguard-go backend
- let fd = packetFlow.value(forKeyPath: "socket.fileDescriptor") as! Int32
- if fd < 0 {
+ let fileDescriptor = packetFlow.value(forKeyPath: "socket.fileDescriptor") as! Int32
+ if fileDescriptor < 0 {
wg_log(.error, staticMessage: "Starting tunnel failed: Could not determine file descriptor")
ErrorNotifier.notify(PacketTunnelProviderError.couldNotStartWireGuard, from: self)
startTunnelCompletionHandler(PacketTunnelProviderError.couldNotStartWireGuard)
@@ -111,7 +110,7 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
}
networkMonitor?.start(queue: DispatchQueue(label: "NetworkMonitor"))
- handle = connect(interfaceName: tunnelConfiguration.interface.name, settings: wireguardSettings, fd: fd)
+ handle = connect(interfaceName: tunnelConfiguration.interface.name, settings: wireguardSettings, fileDescriptor: fileDescriptor)
if handle < 0 {
wg_log(.error, staticMessage: "Starting tunnel failed: Could not start WireGuard")
@@ -187,9 +186,9 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
}
}
- private func connect(interfaceName: String, settings: String, fd: Int32) -> Int32 { // swiftlint:disable:this cyclomatic_complexity
+ private func connect(interfaceName: String, settings: String, fileDescriptor: Int32) -> Int32 {
return withStringsAsGoStrings(interfaceName, settings) { (nameGoStr, settingsGoStr) -> Int32 in
- return wgTurnOn(nameGoStr, settingsGoStr, fd)
+ return wgTurnOn(nameGoStr, settingsGoStr, fileDescriptor)
}
}
@@ -237,7 +236,7 @@ private func file_log(type: OSLogType, message: String) {
let formatter = DateFormatter()
formatter.dateFormat = "yyyy-MM-dd HH:mm:ss.SSS: "
var msgLine = formatter.string(from: Date()) + message
- if (msgLine.last! != "\n") {
+ if msgLine.last! != "\n" {
msgLine.append("\n")
}
let data = msgLine.data(using: .utf8)
diff --git a/WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift b/WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift
index f6bcdba..b9562a0 100644
--- a/WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift
+++ b/WireGuard/WireGuardNetworkExtension/PacketTunnelSettingsGenerator.swift
@@ -36,7 +36,7 @@ class PacketTunnelSettingsGenerator {
if let listenPort = tunnelConfiguration.interface.listenPort {
wgSettings.append("listen_port=\(listenPort)\n")
}
- if (tunnelConfiguration.peers.count > 0) {
+ if tunnelConfiguration.peers.count > 0 {
wgSettings.append("replace_peers=true\n")
}
assert(tunnelConfiguration.peers.count == resolvedEndpoints.count)
@@ -51,11 +51,9 @@ class PacketTunnelSettingsGenerator {
}
let persistentKeepAlive = peer.persistentKeepAlive ?? 0
wgSettings.append("persistent_keepalive_interval=\(persistentKeepAlive)\n")
- if (!peer.allowedIPs.isEmpty) {
+ if !peer.allowedIPs.isEmpty {
wgSettings.append("replace_allowed_ips=true\n")
- for ip in peer.allowedIPs {
- wgSettings.append("allowed_ip=\(ip.stringRepresentation())\n")
- }
+ peer.allowedIPs.forEach { wgSettings.append("allowed_ip=\($0.stringRepresentation())\n") }
}
}
return wgSettings
@@ -74,7 +72,7 @@ class PacketTunnelSettingsGenerator {
var remoteAddress: String = "0.0.0.0"
let endpointsCompact = resolvedEndpoints.compactMap({ $0 })
if endpointsCompact.count == 1 {
- switch (endpointsCompact.first!.host) {
+ switch endpointsCompact.first!.host {
case .ipv4(let address):
remoteAddress = "\(address)"
case .ipv6(let address):
@@ -96,7 +94,7 @@ class PacketTunnelSettingsGenerator {
// MTU
let mtu = tunnelConfiguration.interface.mtu ?? 0
- if (mtu == 0) {
+ if mtu == 0 {
// 0 imples automatic MTU, where we set overhead as 80 bytes, which is the worst case for WireGuard
networkSettings.tunnelOverheadBytes = 80
} else {
@@ -112,10 +110,10 @@ class PacketTunnelSettingsGenerator {
var ipv6NetworkPrefixLengths: [NSNumber] = []
for addressRange in tunnelConfiguration.interface.addresses {
- if (addressRange.address is IPv4Address) {
+ if addressRange.address is IPv4Address {
ipv4Addresses.append("\(addressRange.address)")
ipv4SubnetMasks.append(PacketTunnelSettingsGenerator.ipv4SubnetMaskString(of: addressRange))
- } else if (addressRange.address is IPv6Address) {
+ } else if addressRange.address is IPv6Address {
ipv6Addresses.append("\(addressRange.address)")
ipv6NetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength))
}
@@ -131,10 +129,10 @@ class PacketTunnelSettingsGenerator {
for peer in tunnelConfiguration.peers {
for addressRange in peer.allowedIPs {
- if (addressRange.address is IPv4Address) {
+ if addressRange.address is IPv4Address {
ipv4IncludedRouteAddresses.append("\(addressRange.address)")
ipv4IncludedRouteSubnetMasks.append(PacketTunnelSettingsGenerator.ipv4SubnetMaskString(of: addressRange))
- } else if (addressRange.address is IPv6Address) {
+ } else if addressRange.address is IPv6Address {
ipv6IncludedRouteAddresses.append("\(addressRange.address)")
ipv6IncludedRouteNetworkPrefixLengths.append(NSNumber(value: addressRange.networkPrefixLength))
}
@@ -151,7 +149,7 @@ class PacketTunnelSettingsGenerator {
for endpoint in resolvedEndpoints {
guard let endpoint = endpoint else { continue }
- switch (endpoint.host) {
+ switch endpoint.host {
case .ipv4(let address):
ipv4ExcludedRouteAddresses.append("\(address)")
ipv4ExcludedRouteSubnetMasks.append("255.255.255.255") // A single IPv4 address
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.