diff options
| author | Janito Vaqueiro Ferreira Filho <janito@mullvad.net> | 2019-05-29 10:23:37 +0000 |
|---|---|---|
| committer | Janito Vaqueiro Ferreira Filho <janito@mullvad.net> | 2019-05-29 11:46:18 +0000 |
| commit | 846a6ed7991a588c8762ae24657e21eafe630a02 (patch) | |
| tree | 03737f7a875bf3b373e26b7a120dc4b0410f4e8b | |
| parent | d6eaaf29093b1891a2714b1d84958ce81d62c627 (diff) | |
| download | mullvadvpn-846a6ed7991a588c8762ae24657e21eafe630a02.tar.xz mullvadvpn-846a6ed7991a588c8762ae24657e21eafe630a02.zip | |
Include tunnel routes in `TunConfig`
| -rw-r--r-- | talpid-core/Cargo.toml | 2 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/tun_provider/mod.rs | 4 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/wireguard/mod.rs | 36 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/wireguard/wireguard_go.rs | 7 |
4 files changed, 30 insertions, 19 deletions
diff --git a/talpid-core/Cargo.toml b/talpid-core/Cargo.toml index 2402bd2e52..5152de73e1 100644 --- a/talpid-core/Cargo.toml +++ b/talpid-core/Cargo.toml @@ -13,6 +13,7 @@ derive_more = "0.14" duct = "0.12" err-derive = "0.1.5" futures = "0.1" +ipnetwork = "0.14" jsonrpc-core = { git = "https://github.com/mullvad/jsonrpc", branch = "mullvad-fork" } jsonrpc-macros = { git = "https://github.com/mullvad/jsonrpc", branch = "mullvad-fork" } libc = "0.2.20" @@ -30,7 +31,6 @@ uuid = { version = "0.7", features = ["v4"] } [target.'cfg(unix)'.dependencies] hex = "0.3" -ipnetwork = "0.14" lazy_static = "1.0" nix = "0.13" tokio-process = "0.2" diff --git a/talpid-core/src/tunnel/tun_provider/mod.rs b/talpid-core/src/tunnel/tun_provider/mod.rs index d2806c10fb..69ff7d8b62 100644 --- a/talpid-core/src/tunnel/tun_provider/mod.rs +++ b/talpid-core/src/tunnel/tun_provider/mod.rs @@ -1,4 +1,5 @@ use cfg_if::cfg_if; +use ipnetwork::IpNetwork; use std::net::IpAddr; #[cfg(unix)] use std::os::unix::io::AsRawFd; @@ -55,6 +56,9 @@ pub struct TunConfig { /// IP addresses for the DNS servers to use. pub dns_servers: Vec<IpAddr>, + /// Routes to configure for the tunnel. + pub routes: Vec<IpNetwork>, + /// Maximum Transmission Unit in the tunnel. pub mtu: u16, } diff --git a/talpid-core/src/tunnel/wireguard/mod.rs b/talpid-core/src/tunnel/wireguard/mod.rs index 05fecdb29f..36d0f9d61b 100644 --- a/talpid-core/src/tunnel/wireguard/mod.rs +++ b/talpid-core/src/tunnel/wireguard/mod.rs @@ -68,7 +68,12 @@ impl WireguardMonitor { on_event: F, tun_provider: &dyn TunProvider, ) -> Result<WireguardMonitor> { - let tunnel = Box::new(WgGoTunnel::start_tunnel(&config, log_path, tun_provider)?); + let tunnel = Box::new(WgGoTunnel::start_tunnel( + &config, + log_path, + tun_provider, + Self::get_tunnel_routes(config), + )?); let iface_name = tunnel.get_interface_name(); let route_handle = routing::RouteManager::new( Self::get_routes(iface_name, &config), @@ -135,12 +140,8 @@ impl WireguardMonitor { wait_result } - fn get_routes( - iface_name: &str, - config: &Config, - ) -> HashMap<ipnetwork::IpNetwork, crate::routing::NetNode> { - let node = routing::Node::device(iface_name.to_string()); - let mut routes: HashMap<_, _> = config + fn get_tunnel_routes(config: &Config) -> impl Iterator<Item = ipnetwork::IpNetwork> + '_ { + config .peers .iter() .flat_map(|peer| peer.allowed_ips.iter()) @@ -148,20 +149,23 @@ impl WireguardMonitor { .flat_map(|allowed_ip| { if allowed_ip.prefix() == 0 { if allowed_ip.is_ipv4() { - vec![ - ("0.0.0.0/1".parse().unwrap(), node.clone().into()), - ("128.0.0.0/1".parse().unwrap(), node.clone().into()), - ] + vec!["0.0.0.0/1".parse().unwrap(), "128.0.0.0/1".parse().unwrap()] } else { - vec![ - ("8000::/1".parse().unwrap(), node.clone().into()), - ("::/1".parse().unwrap(), node.clone().into()), - ] + vec!["8000::/1".parse().unwrap(), "::/1".parse().unwrap()] } } else { - vec![(allowed_ip, node.clone().into())] + vec![allowed_ip] } }) + } + + fn get_routes( + iface_name: &str, + config: &Config, + ) -> HashMap<ipnetwork::IpNetwork, crate::routing::NetNode> { + let node = routing::Node::device(iface_name.to_string()); + let mut routes: HashMap<_, _> = Self::get_tunnel_routes(config) + .map(|network| (network, node.clone().into())) .collect(); // route endpoints with specific routes diff --git a/talpid-core/src/tunnel/wireguard/wireguard_go.rs b/talpid-core/src/tunnel/wireguard/wireguard_go.rs index 4ccad6f945..eca00b76bc 100644 --- a/talpid-core/src/tunnel/wireguard/wireguard_go.rs +++ b/talpid-core/src/tunnel/wireguard/wireguard_go.rs @@ -1,5 +1,6 @@ use super::{Config, Error, Result, Tunnel}; use crate::tunnel::tun_provider::{Tun, TunConfig, TunProvider}; +use ipnetwork::IpNetwork; use std::{ffi::CString, fs, net::IpAddr, os::unix::io::AsRawFd, path::Path}; pub struct WgGoTunnel { @@ -16,9 +17,10 @@ impl WgGoTunnel { config: &Config, log_path: Option<&Path>, tun_provider: &dyn TunProvider, + routes: impl Iterator<Item = IpNetwork>, ) -> Result<Self> { let tunnel_device = tun_provider - .create_tun(Self::create_tunnel_config(config)) + .create_tun(Self::create_tunnel_config(config, routes)) .map_err(Error::SetupTunnelDeviceError)?; let interface_name: String = tunnel_device.interface_name().to_string(); @@ -51,13 +53,14 @@ impl WgGoTunnel { }) } - fn create_tunnel_config(config: &Config) -> TunConfig { + fn create_tunnel_config(config: &Config, routes: impl Iterator<Item = IpNetwork>) -> TunConfig { let mut dns_servers = vec![IpAddr::V4(config.ipv4_gateway)]; dns_servers.extend(config.ipv6_gateway.clone().map(IpAddr::V6)); TunConfig { addresses: config.tunnel.addresses.clone(), dns_servers, + routes: routes.collect(), mtu: config.mtu, } } |