From c9c343cde21eab0b776c97e7017e7fd515b4ac4d Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Tue, 25 Dec 2018 22:38:32 +0100 Subject: NetworkExtension: rescope socket instead of tearing down socket Signed-off-by: Jason A. Donenfeld --- wireguard-go-bridge/src/api-ios.go | 44 ++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) (limited to 'wireguard-go-bridge/src') diff --git a/wireguard-go-bridge/src/api-ios.go b/wireguard-go-bridge/src/api-ios.go index 902cfac..5221bb2 100644 --- a/wireguard-go-bridge/src/api-ios.go +++ b/wireguard-go-bridge/src/api-ios.go @@ -137,13 +137,49 @@ func wgSetConfig(tunnelHandle int32, settings string) int64 { return 0 } -//export wgGetListenPort -func wgGetListenPort(tunnelHandle int32) uint16 { +//export wgBindInterfaceScope +func wgBindInterfaceScope(tunnelHandle int32, ifscope int32) { + var operr error device, ok := tunnelHandles[tunnelHandle] if !ok { - return 0 + return + } + device.log.Info.Printf("Binding sockets to interface %d\n", ifscope) + bind := device.net.bind.(*NativeBind) + for bind.ipv4 != nil { + fd, err := bind.ipv4.SyscallConn() + if err != nil { + device.log.Error.Printf("Unable to bind v4 socket to interface:", err) + break + } + err = fd.Control(func(fd uintptr) { + operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_BOUND_IF, int(ifscope)) + }) + if err == nil { + err = operr + } + if err != nil { + device.log.Error.Printf("Unable to bind v4 socket to interface:", err) + } + break + } + for bind.ipv6 != nil { + fd, err := bind.ipv6.SyscallConn() + if err != nil { + device.log.Error.Printf("Unable to bind v6 socket to interface:", err) + break + } + err = fd.Control(func(fd uintptr) { + operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_BOUND_IF, int(ifscope)) + }) + if err == nil { + err = operr + } + if err != nil { + device.log.Error.Printf("Unable to bind v6 socket to interface:", err) + } + break } - return device.net.port } //export wgVersion -- cgit v1.2.3-59-g8ed1b