Update automatic port selection algorithm

author: Bug Magnet <marco.nikic@mullvad.net> 2024-11-20 11:58:09 +0100
committer: Bug Magnet <marco.nikic@mullvad.net> 2024-11-27 10:45:06 +0100
commit: 5a335d860c5be4901915a452aec9e6a25fa09309 (patch)
tree: ae2c84c0496625dcd4372ce0ec6c63cf3c56f266
parent: 2e6db6717c7b5374a88e7fe9c4de7eecb3648d79 (diff)
download: mullvadvpn-5a335d860c5be4901915a452aec9e6a25fa09309.tar.xz
mullvadvpn-5a335d860c5be4901915a452aec9e6a25fa09309.zip
4 files changed, 11 insertions, 28 deletions
diff --git a/ios/MullvadREST/Relay/ObfuscatorPortSelector.swift b/ios/MullvadREST/Relay/ObfuscatorPortSelector.swift
index 597a8fdc96..8cb2776d9b 100644
--- a/ios/MullvadREST/Relay/ObfuscatorPortSelector.swift
+++ b/ios/MullvadREST/Relay/ObfuscatorPortSelector.swift
@@ -93,7 +93,7 @@ struct ObfuscatorPortSelector {
     ) -> RelayConstraint<UInt16> {
         switch tunnelSettings.wireGuardObfuscation.udpOverTcpPort {
         case .automatic:
-            return (connectionAttemptCount % 2 == 0) ? .only(80) : .only(5001)
+            return [.only(80), .only(5001)].randomElement()!
         case .port5001:
             return .only(5001)
         case .port80:
diff --git a/ios/MullvadREST/Relay/RelaySelector.swift b/ios/MullvadREST/Relay/RelaySelector.swift
index 20e6153532..96118e6ae5 100644
--- a/ios/MullvadREST/Relay/RelaySelector.swift
+++ b/ios/MullvadREST/Relay/RelaySelector.swift
@@ -9,7 +9,7 @@
 import MullvadSettings
 import MullvadTypes
 
-private let defaultPort: UInt16 = 53
+private let defaultPort: UInt16 = 443
 
 public enum RelaySelector {
     // MARK: - public
@@ -98,10 +98,10 @@ public enum RelaySelector {
             return port
 
         case .any:
-            // 1. First two attempts should pick a random port.
-            // 2. The next two should pick port 53.
+            // 1. First attempt should pick a random port.
+            // 2. The second should pick port 443.
             // 3. Repeat steps 1 and 2.
-            let useDefaultPort = (numberOfFailedAttempts % 4 == 2) || (numberOfFailedAttempts % 4 == 3)
+            let useDefaultPort = numberOfFailedAttempts.isOrdered(nth: 2, forEverySetOf: 2)
 
             return useDefaultPort ? defaultPort : pickRandomPort(rawPortRanges: rawPortRanges)
         }
diff --git a/ios/MullvadVPNTests/MullvadREST/Relay/ObfuscatorPortSelectorTests.swift b/ios/MullvadVPNTests/MullvadREST/Relay/ObfuscatorPortSelectorTests.swift
index 32d0eeade2..f26bb149ae 100644
--- a/ios/MullvadVPNTests/MullvadREST/Relay/ObfuscatorPortSelectorTests.swift
+++ b/ios/MullvadVPNTests/MullvadREST/Relay/ObfuscatorPortSelectorTests.swift
@@ -68,7 +68,7 @@ final class ObfuscatorPortSelectorTests: XCTestCase {
         XCTAssertEqual(obfuscationResult.port, .only(5001))
     }
 
-    func testObfuscateUpdOverTcpPortAutomaticIsPort80OnEvenRetryAttempts() throws {
+    func testObfuscateUpdOverTcpPortAutomaticIsRandomPort() throws {
         tunnelSettings.wireGuardObfuscation = WireGuardObfuscationSettings(
             state: .udpOverTcp,
             udpOverTcpPort: .automatic
@@ -82,25 +82,8 @@ final class ObfuscatorPortSelectorTests: XCTestCase {
                 connectionAttemptCount: UInt(attempt)
             )
 
-            XCTAssertEqual(obfuscationResult.port, .only(80))
-        }
-    }
-
-    func testObfuscateUpdOverTcpPortAutomaticIsPort5001OnOddRetryAttempts() throws {
-        tunnelSettings.wireGuardObfuscation = WireGuardObfuscationSettings(
-            state: .udpOverTcp,
-            udpOverTcpPort: .automatic
-        )
-
-        try (0 ... 10).filter { !$0.isMultiple(of: 2) }.forEach { attempt in
-            let obfuscationResult = try ObfuscatorPortSelector(
-                relays: sampleRelays
-            ).obfuscate(
-                tunnelSettings: tunnelSettings,
-                connectionAttemptCount: UInt(attempt)
-            )
-
-            XCTAssertEqual(obfuscationResult.port, .only(5001))
+            let validPorts: [RelayConstraint<UInt16>] = [.only(80), .only(5001)]
+            XCTAssertTrue(validPorts.contains(obfuscationResult.port))
         }
     }
 
diff --git a/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift b/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift
index 7a3f6a7d73..af14199e3b 100644
--- a/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift
+++ b/ios/MullvadVPNTests/MullvadREST/Relay/RelaySelectorTests.swift
@@ -14,7 +14,7 @@ import Network
 import XCTest
 
 private let portRanges: [[UInt16]] = [[4000, 4001], [5000, 5001]]
-private let defaultPort: UInt16 = 53
+private let defaultPort: UInt16 = 443
 
 class RelaySelectorTests: XCTestCase {
     let sampleRelays = ServerRelaysResponseStubs.sampleRelays
@@ -124,10 +124,10 @@ class RelaySelectorTests: XCTestCase {
         XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port))
 
         result = try pickRelay(by: constraints, in: sampleRelays, failedAttemptCount: 1)
-        XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port))
+        XCTAssertEqual(result.endpoint.ipv4Relay.port, defaultPort)
 
         result = try pickRelay(by: constraints, in: sampleRelays, failedAttemptCount: 2)
-        XCTAssertEqual(result.endpoint.ipv4Relay.port, defaultPort)
+        XCTAssertTrue(allPorts.contains(result.endpoint.ipv4Relay.port))
 
         result = try pickRelay(by: constraints, in: sampleRelays, failedAttemptCount: 3)
         XCTAssertEqual(result.endpoint.ipv4Relay.port, defaultPort)
author	Bug Magnet <marco.nikic@mullvad.net>	2024-11-20 11:58:09 +0100
committer	Bug Magnet <marco.nikic@mullvad.net>	2024-11-27 10:45:06 +0100
commit	5a335d860c5be4901915a452aec9e6a25fa09309 (patch)
tree	ae2c84c0496625dcd4372ce0ec6c63cf3c56f266
parent	2e6db6717c7b5374a88e7fe9c4de7eecb3648d79 (diff)
download	mullvadvpn-5a335d860c5be4901915a452aec9e6a25fa09309.tar.xz mullvadvpn-5a335d860c5be4901915a452aec9e6a25fa09309.zip