From c9c343cde21eab0b776c97e7017e7fd515b4ac4d Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Tue, 25 Dec 2018 22:38:32 +0100 Subject: NetworkExtension: rescope socket instead of tearing down socket Signed-off-by: Jason A. Donenfeld --- wireguard-go-bridge/src/api-ios.go | 44 ++++++++++++++++++++++++++++++++++---- wireguard-go-bridge/wireguard.h | 2 +- 2 files changed, 41 insertions(+), 5 deletions(-) (limited to 'wireguard-go-bridge') diff --git a/wireguard-go-bridge/src/api-ios.go b/wireguard-go-bridge/src/api-ios.go index 902cfac..5221bb2 100644 --- a/wireguard-go-bridge/src/api-ios.go +++ b/wireguard-go-bridge/src/api-ios.go @@ -137,13 +137,49 @@ func wgSetConfig(tunnelHandle int32, settings string) int64 { return 0 } -//export wgGetListenPort -func wgGetListenPort(tunnelHandle int32) uint16 { +//export wgBindInterfaceScope +func wgBindInterfaceScope(tunnelHandle int32, ifscope int32) { + var operr error device, ok := tunnelHandles[tunnelHandle] if !ok { - return 0 + return + } + device.log.Info.Printf("Binding sockets to interface %d\n", ifscope) + bind := device.net.bind.(*NativeBind) + for bind.ipv4 != nil { + fd, err := bind.ipv4.SyscallConn() + if err != nil { + device.log.Error.Printf("Unable to bind v4 socket to interface:", err) + break + } + err = fd.Control(func(fd uintptr) { + operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_BOUND_IF, int(ifscope)) + }) + if err == nil { + err = operr + } + if err != nil { + device.log.Error.Printf("Unable to bind v4 socket to interface:", err) + } + break + } + for bind.ipv6 != nil { + fd, err := bind.ipv6.SyscallConn() + if err != nil { + device.log.Error.Printf("Unable to bind v6 socket to interface:", err) + break + } + err = fd.Control(func(fd uintptr) { + operr = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_BOUND_IF, int(ifscope)) + }) + if err == nil { + err = operr + } + if err != nil { + device.log.Error.Printf("Unable to bind v6 socket to interface:", err) + } + break } - return device.net.port } //export wgVersion diff --git a/wireguard-go-bridge/wireguard.h b/wireguard-go-bridge/wireguard.h index d7183c9..71b4c83 100644 --- a/wireguard-go-bridge/wireguard.h +++ b/wireguard-go-bridge/wireguard.h @@ -15,7 +15,7 @@ extern void wgSetLogger(logger_fn_t logger_fn); extern int wgTurnOn(gostring_t settings, int32_t tun_fd); extern void wgTurnOff(int handle); extern int64_t wgSetConfig(int handle, gostring_t settings); -extern uint16_t wgGetListenPort(int handle); +extern void wgBindInterfaceScope(int handle, int32_t ifscope); extern char *wgVersion(); #endif -- cgit v1.2.3-59-g8ed1b