1 files changed, 40 insertions, 17 deletions

diff --git a/src/wg-quick/darwin.bash b/src/wg-quick/darwin.bash
index d9d07cf..1b7fe5e 100755
--- a/src/wg-quick/darwin.bash
+++ b/src/wg-quick/darwin.bash
@@ -18,6 +18,7 @@ INTERFACE=""
 ADDRESSES=( )
 MTU=""
 DNS=( )
+DNS_SEARCH=( )
 TABLE=""
 PRE_UP=( )
 POST_UP=( )
@@ -43,7 +44,7 @@ die() {
 CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard )
 
 parse_options() {
-	local interface_section=0 line key value stripped path
+	local interface_section=0 line key value stripped path v
 	CONFIG_FILE="$1"
 	if [[ $CONFIG_FILE =~ ^[a-zA-Z0-9_=+.-]{1,15}$ ]]; then
 		for path in "${CONFIG_SEARCH_PATHS[@]}"; do
@@ -61,18 +62,21 @@ parse_options() {
 		stripped="${line%%\#*}"
 		key="${stripped%%=*}"; key="${key##*([[:space:]])}"; key="${key%%*([[:space:]])}"
 		value="${stripped#*=}"; value="${value##*([[:space:]])}"; value="${value%%*([[:space:]])}"
+		unstripped_value="${line#*=}"; unstripped_value="${unstripped_value##*([[:space:]])}"; unstripped_value="${unstripped_value%%*([[:space:]])}"
 		[[ $key == "["* ]] && interface_section=0
 		[[ $key == "[Interface]" ]] && interface_section=1
 		if [[ $interface_section -eq 1 ]]; then
 			case "$key" in
 			Address) ADDRESSES+=( ${value//,/ } ); continue ;;
 			MTU) MTU="$value"; continue ;;
-			DNS) DNS+=( ${value//,/ } ); continue ;;
+			DNS) for v in ${value//,/ }; do
+				[[ $v =~ (^[0-9.]+$)|(^.*:.*$) ]] && DNS+=( $v ) || DNS_SEARCH+=( $v )
+			done; continue ;;
 			Table) TABLE="$value"; continue ;;
-			PreUp) PRE_UP+=( "$value" ); continue ;;
-			PreDown) PRE_DOWN+=( "$value" ); continue ;;
-			PostUp) POST_UP+=( "$value" ); continue ;;
-			PostDown) POST_DOWN+=( "$value" ); continue ;;
+			PreUp) PRE_UP+=( "$unstripped_value" ); continue ;;
+			PreDown) PRE_DOWN+=( "$unstripped_value" ); continue ;;
+			PostUp) POST_UP+=( "$unstripped_value" ); continue ;;
+			PostDown) POST_DOWN+=( "$unstripped_value" ); continue ;;
 			SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;;
 			esac
 		fi
@@ -191,14 +195,14 @@ collect_gateways() {
 
 	GATEWAY4=""
 	while read -r destination gateway _; do
-		[[ $destination == default ]] || continue
+		[[ $destination == default && $gateway != "link#"* ]] || continue
 		GATEWAY4="$gateway"
 		break
 	done < <(netstat -nr -f inet)
 
 	GATEWAY6=""
 	while read -r destination gateway _; do
-		[[ $destination == default ]] || continue
+		[[ $destination == default && $gateway != "link#"* ]] || continue
 		GATEWAY6="$gateway"
 		break
 	done < <(netstat -nr -f inet6)
@@ -213,6 +217,7 @@ collect_endpoints() {
 }
 
 declare -A SERVICE_DNS
+declare -A SERVICE_DNS_SEARCH
 collect_new_service_dns() {
 	local service get_response
 	local -A found_services
@@ -223,10 +228,16 @@ collect_new_service_dns() {
 		get_response="$(cmd networksetup -getdnsservers "$service")"
 		[[ $get_response == *" "* ]] && get_response="Empty"
 		[[ -n $get_response ]] && SERVICE_DNS["$service"]="$get_response"
+		get_response="$(cmd networksetup -getsearchdomains "$service")"
+		[[ $get_response == *" "* ]] && get_response="Empty"
+		[[ -n $get_response ]] && SERVICE_DNS_SEARCH["$service"]="$get_response"
 	done; } < <(networksetup -listallnetworkservices)
 
 	for service in "${!SERVICE_DNS[@]}"; do
-		[[ -n ${found_services["$service"]} ]] || unset SERVICE_DNS["$service"]
+		if ! [[ -n ${found_services["$service"]} ]]; then
+			unset SERVICE_DNS["$service"]
+			unset SERVICE_DNS_SEARCH["$service"]
+		fi
 	done
 }
 
@@ -287,7 +298,14 @@ set_dns() {
 	for service in "${!SERVICE_DNS[@]}"; do
 		while read -r response; do
 			[[ $response == *Error* ]] && echo "$response" >&2
-		done < <(cmd networksetup -setdnsservers "$service" "${DNS[@]}")
+		done < <(
+			cmd networksetup -setdnsservers "$service" "${DNS[@]}"
+			if [[ ${#DNS_SEARCH[@]} -eq 0 ]]; then
+				cmd networksetup -setsearchdomains "$service" Empty
+			else
+				cmd networksetup -setsearchdomains "$service" "${DNS_SEARCH[@]}"
+			fi
+		)
 	done
 }
 
@@ -296,7 +314,10 @@ del_dns() {
 	for service in "${!SERVICE_DNS[@]}"; do
 		while read -r response; do
 			[[ $response == *Error* ]] && echo "$response" >&2
-		done < <(cmd networksetup -setdnsservers "$service" ${SERVICE_DNS["$service"]} || true)
+		done < <(
+			cmd networksetup -setdnsservers "$service" ${SERVICE_DNS["$service"]} || true
+			cmd networksetup -setsearchdomains "$service" ${SERVICE_DNS_SEARCH["$service"]} || true
+		)
 	done
 }
 
@@ -304,22 +325,24 @@ monitor_daemon() {
 	echo "[+] Backgrounding route monitor" >&2
 	(trap 'del_routes; del_dns; exit 0' INT TERM EXIT
 	exec >/dev/null 2>&1
-	local event pid=$BASHPID
+	exec 19< <(exec route -n monitor)
+	local event bpid=$BASHPID mpid=$!
 	[[ ${#DNS[@]} -gt 0 ]] && trap set_dns ALRM
 	# TODO: this should also check to see if the endpoint actually changes
 	# in response to incoming packets, and then call set_endpoint_direct_route
 	# then too. That function should be able to gracefully cleanup if the
 	# endpoints change.
-	while read -r event; do
+	while read -u 19 -r event; do
 		[[ $event == RTM_* ]] || continue
 		ifconfig "$REAL_INTERFACE" >/dev/null 2>&1 || break
 		[[ $AUTO_ROUTE4 -eq 1 || $AUTO_ROUTE6 -eq 1 ]] && set_endpoint_direct_route
 		[[ -z $MTU ]] && set_mtu
 		if [[ ${#DNS[@]} -gt 0 ]]; then
 			set_dns
-			sleep 2 && kill -ALRM $pid 2>/dev/null &
+			sleep 2 && kill -ALRM $bpid 2>/dev/null &
 		fi
-	done < <(route -n monitor)) &
+	done
+	kill $mpid) &
 	[[ -n $LAUNCHED_BY_LAUNCHD ]] || disown
 }
 
@@ -347,7 +370,7 @@ add_route() {
 }
 
 set_config() {
-	cmd wg setconf "$REAL_INTERFACE" <(echo "$WG_CONFIG")
+	cmd wg addconf "$REAL_INTERFACE" <(echo "$WG_CONFIG")
 }
 
 save_config() {
@@ -430,8 +453,8 @@ cmd_up() {
 	local i
 	get_real_interface && die "\`$INTERFACE' already exists as \`$REAL_INTERFACE'"
 	trap 'del_if; del_routes; exit' INT TERM EXIT
-	execute_hooks "${PRE_UP[@]}"
 	add_if
+	execute_hooks "${PRE_UP[@]}"
 	set_config
 	for i in "${ADDRESSES[@]}"; do
 		add_addr "$i"