diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2017-12-19 14:21:17 +0100 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2017-12-20 15:19:24 +0100 |
| commit | 489920527290fbc716f5d1818edbb433db93c85e (patch) | |
| tree | 4f11f46f5f058bb9681be9c4c61dd4ffb0473f3c | |
| parent | 56eb76284126ea6e058c944cff84fee41cf099d1 (diff) | |
| download | mullvadvpn-489920527290fbc716f5d1818edbb433db93c85e.tar.xz mullvadvpn-489920527290fbc716f5d1818edbb433db93c85e.zip | |
Add allow_lan support to daemon and expose on mgmt interface
| -rw-r--r-- | mullvad-daemon/src/main.rs | 17 | ||||
| -rw-r--r-- | mullvad-daemon/src/management_interface.rs | 15 |
2 files changed, 32 insertions, 0 deletions
diff --git a/mullvad-daemon/src/main.rs b/mullvad-daemon/src/main.rs index ac580cb31c..0279c232be 100644 --- a/mullvad-daemon/src/main.rs +++ b/mullvad-daemon/src/main.rs @@ -356,6 +356,7 @@ impl Daemon { SetAccount(tx, account_token) => self.on_set_account(tx, account_token), GetAccount(tx) => Ok(self.on_get_account(tx)), UpdateRelaySettings(tx, update) => self.on_update_relay_settings(tx, update), + SetAllowLan(tx, allow_lan) => self.on_set_allow_lan(tx, allow_lan), GetRelaySettings(tx) => Ok(self.on_get_relay_settings(tx)), Shutdown => self.handle_trigger_shutdown_event(), } @@ -473,6 +474,20 @@ impl Daemon { Self::oneshot_send(tx, self.settings.get_relay_settings(), "relay settings") } + fn on_set_allow_lan(&mut self, tx: OneshotSender<()>, allow_lan: bool) -> Result<()> { + let save_result = self.settings.set_allow_lan(allow_lan); + match save_result.chain_err(|| "Unable to save settings") { + Ok(settings_changed) => { + if settings_changed && self.target_state == TargetState::Secured { + self.set_security_policy()?; + } + Self::oneshot_send(tx, (), "set_allow_lan response"); + } + Err(e) => error!("{}", e.display_chain()), + } + Ok(()) + } + fn oneshot_send<T>(tx: OneshotSender<T>, t: T, msg: &'static str) { if let Err(_) = tx.send(t) { warn!("Unable to send {} to management interface client", msg); @@ -671,10 +686,12 @@ impl Daemon { let policy = match (self.tunnel_endpoint, self.tunnel_metadata.as_ref()) { (Some(relay), None) => SecurityPolicy::Connecting { relay_endpoint: relay.to_endpoint(), + allow_lan: self.settings.get_allow_lan(), }, (Some(relay), Some(tunnel_metadata)) => SecurityPolicy::Connected { relay_endpoint: relay.to_endpoint(), tunnel: tunnel_metadata.clone(), + allow_lan: self.settings.get_allow_lan(), }, _ => bail!(ErrorKind::InvalidState), }; diff --git a/mullvad-daemon/src/management_interface.rs b/mullvad-daemon/src/management_interface.rs index 58f62b1ede..a9905eb091 100644 --- a/mullvad-daemon/src/management_interface.rs +++ b/mullvad-daemon/src/management_interface.rs @@ -73,6 +73,10 @@ build_rpc_trait! { Self::Metadata ) -> BoxFuture<RelaySettings, Error>; + /// Set if the client should allow communication with the LAN while in secured state. + #[rpc(meta, name = "set_allow_lan")] + fn set_allow_lan(&self, Self::Metadata, bool) -> BoxFuture<(), Error>; + /// Set if the client should automatically establish a tunnel on start or not. #[rpc(meta, name = "set_autoconnect")] fn set_autoconnect(&self, Self::Metadata, bool) -> BoxFuture<(), Error>; @@ -160,6 +164,8 @@ pub enum TunnelCommand { UpdateRelaySettings(OneshotSender<()>, RelaySettingsUpdate), /// Read the constraints put on the tunnel and relay GetRelaySettings(OneshotSender<RelaySettings>), + /// Setting if communication with LAN networks should be possible. + SetAllowLan(OneshotSender<()>, bool), /// Makes the daemon exit the main loop and quit. Shutdown, } @@ -448,6 +454,15 @@ impl<T: From<TunnelCommand> + 'static + Send> ManagementInterfaceApi for Managem Box::new(future) } + fn set_allow_lan(&self, meta: Self::Metadata, allow_lan: bool) -> BoxFuture<(), Error> { + trace!("allow_lan"); + try_future!(self.check_auth(&meta)); + let (tx, rx) = sync::oneshot::channel(); + let future = self.send_command_to_daemon(TunnelCommand::SetAllowLan(tx, allow_lan)) + .and_then(|_| rx.map_err(|_| Error::internal_error())); + Box::new(future) + } + fn set_autoconnect(&self, meta: Self::Metadata, _autoconnect: bool) -> BoxFuture<(), Error> { trace!("set_autoconnect"); try_future!(self.check_auth(&meta)); |