diff options
| author | Linus Färnstrand <faern@faern.net> | 2023-02-06 15:44:56 +0100 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2023-10-05 10:36:54 +0200 |
| commit | 2d7ff6c16e3022d125f7dec77e915dde30d47350 (patch) | |
| tree | 87796776b29a7d1cbeb8007a673a874bd01a9c0e | |
| parent | ae5887982d8878d9850a14d04a5edec3f0ab844e (diff) | |
| download | mullvadvpn-2d7ff6c16e3022d125f7dec77e915dde30d47350.tar.xz mullvadvpn-2d7ff6c16e3022d125f7dec77e915dde30d47350.zip | |
Log if Same IP is being used or not
| -rw-r--r-- | mullvad-daemon/src/tunnel.rs | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/mullvad-daemon/src/tunnel.rs b/mullvad-daemon/src/tunnel.rs index 8ee0f1e6d7..7af7adc4d0 100644 --- a/mullvad-daemon/src/tunnel.rs +++ b/mullvad-daemon/src/tunnel.rs @@ -1,4 +1,10 @@ -use std::{future::Future, pin::Pin, sync::Arc}; +use std::{ + future::Future, + net::{IpAddr, Ipv4Addr, Ipv6Addr}, + pin::Pin, + str::FromStr, + sync::Arc, +}; use tokio::sync::Mutex; @@ -6,6 +12,7 @@ use mullvad_relay_selector::{RelaySelector, SelectedBridge, SelectedObfuscator, use mullvad_types::{ endpoint::MullvadEndpoint, location::GeoIpLocation, relay_list::Relay, settings::TunnelOptions, }; +use once_cell::sync::Lazy; use talpid_core::tunnel_state_machine::TunnelParametersGenerator; use talpid_types::{ net::{wireguard, TunnelParameters}, @@ -18,6 +25,18 @@ use talpid_types::net::openvpn; use crate::device::{AccountManagerHandle, PrivateAccountAndDevice}; +/// The IP-addresses that the client uses when it connects to a server that supports the +/// "Same IP" functionality. This means all clients have the same in-tunnel IP on these +/// servers. This improves anonymity since the in-tunnel IP will not be unique to a specific +/// peer. +static SAME_IP_V4: Lazy<IpAddr> = + Lazy::new(|| Ipv4Addr::from_str("10.127.255.254").unwrap().into()); +static SAME_IP_V6: Lazy<IpAddr> = Lazy::new(|| { + Ipv6Addr::from_str("fc00:bbbb:bbbb:bb01:ffff:ffff:ffff:ffff") + .unwrap() + .into() +}); + #[derive(err_derive::Error, Debug)] pub enum Error { #[error(display = "Not logged in on a valid device")] @@ -192,13 +211,18 @@ impl InnerParametersGenerator { unreachable!("OpenVPN is not supported on Android"); } MullvadEndpoint::Wireguard(endpoint) => { + let tunnel_ipv4 = data.device.wg_data.addresses.ipv4_address.ip(); + let tunnel_ipv6 = data.device.wg_data.addresses.ipv6_address.ip(); let tunnel = wireguard::TunnelConfig { private_key: data.device.wg_data.private_key, - addresses: vec![ - data.device.wg_data.addresses.ipv4_address.ip().into(), - data.device.wg_data.addresses.ipv6_address.ip().into(), - ], + addresses: vec![IpAddr::from(tunnel_ipv4), IpAddr::from(tunnel_ipv6)], }; + // FIXME: Used for debugging purposes during the migration to same IP. Remove when the migration is over. + if tunnel_ipv4 == *SAME_IP_V4 || tunnel_ipv6 == *SAME_IP_V6 { + log::debug!("Same IP is being used"); + } else { + log::debug!("Same IP is NOT being used"); + } let (obfuscator_relay, obfuscator_config) = match obfuscator { Some(obfuscator) => (Some(obfuscator.relay), Some(obfuscator.config)), |