diff options
| author | Emīls <emils@mullvad.net> | 2020-11-06 14:34:56 +0000 |
|---|---|---|
| committer | Emīls <emils@mullvad.net> | 2020-11-09 10:49:36 +0000 |
| commit | 98209f1669c0834fe48729f020b15646916903b8 (patch) | |
| tree | fcc94b0428ce4323c9a07c04066255595c333df7 | |
| parent | 86170137bf1bc141b7bcff5e952121ac8784fb8c (diff) | |
| download | mullvadvpn-98209f1669c0834fe48729f020b15646916903b8.tar.xz mullvadvpn-98209f1669c0834fe48729f020b15646916903b8.zip | |
Use netlink to create WireGuard device instead of NM
| -rw-r--r-- | talpid-core/src/dns/linux/mod.rs | 18 | ||||
| -rw-r--r-- | talpid-core/src/dns/linux/systemd_resolved.rs | 34 | ||||
| -rw-r--r-- | talpid-core/src/dns/mod.rs | 3 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/wireguard/mod.rs | 51 | ||||
| -rw-r--r-- | talpid-core/src/tunnel/wireguard/wireguard_kernel/mod.rs | 10 |
5 files changed, 46 insertions, 70 deletions
diff --git a/talpid-core/src/dns/linux/mod.rs b/talpid-core/src/dns/linux/mod.rs index b0293590bc..37fcb06cd9 100644 --- a/talpid-core/src/dns/linux/mod.rs +++ b/talpid-core/src/dns/linux/mod.rs @@ -104,7 +104,15 @@ impl DnsMonitorHolder { fn with_detected_dns_manager() -> Result<Self> { SystemdResolved::new() .map(DnsMonitorHolder::SystemdResolved) - .or_else(|_| NetworkManager::new().map(DnsMonitorHolder::NetworkManager)) + .or_else(|err| { + match err { + systemd_resolved::Error::NoSystemdResolved(_) => (), + other_error => { + log::debug!("systemd-resolved is not being used because {}", other_error) + } + } + NetworkManager::new().map(DnsMonitorHolder::NetworkManager) + }) .or_else(|_| Resolvconf::new().map(DnsMonitorHolder::Resolvconf)) .or_else(|_| StaticResolvConf::new().map(DnsMonitorHolder::StaticResolvConf)) .map_err(|_| Error::NoDnsMonitor) @@ -138,3 +146,11 @@ impl DnsMonitorHolder { Ok(()) } } + +/// Returns true if DnsMonitor will use NetworkManager to manage DNS. +pub fn will_use_nm() -> bool { + crate::dns::imp::SystemdResolved::new().is_err() + && crate::dns::imp::NetworkManager::new().is_ok() +} + + diff --git a/talpid-core/src/dns/linux/systemd_resolved.rs b/talpid-core/src/dns/linux/systemd_resolved.rs index 6abdd4990e..4150bb8a6a 100644 --- a/talpid-core/src/dns/linux/systemd_resolved.rs +++ b/talpid-core/src/dns/linux/systemd_resolved.rs @@ -85,32 +85,18 @@ pub struct SystemdResolved { impl SystemdResolved { pub fn new() -> Result<Self> { - let result = (|| { - let dbus_connection = - Connection::get_private(BusType::System).map_err(Error::ConnectDBus)?; - let systemd_resolved = SystemdResolved { - dbus_connection, - interface_link: None, - }; + let dbus_connection = + Connection::get_private(BusType::System).map_err(Error::ConnectDBus)?; + let systemd_resolved = SystemdResolved { + dbus_connection, + interface_link: None, + }; - systemd_resolved.ensure_resolved_exists()?; - if !super::network_manager::is_nm_managing_via_resolved( - &systemd_resolved.dbus_connection, - ) { - Self::ensure_resolv_conf_is_resolved_symlink()?; - } - Ok(systemd_resolved) - })(); - - match &result { - Ok(_) | Err(Error::NoSystemdResolved(_)) => (), - Err(error) => { - log::error!("systemd-resolved is not being used because: {}", error); - } + systemd_resolved.ensure_resolved_exists()?; + if !super::network_manager::is_nm_managing_via_resolved(&systemd_resolved.dbus_connection) { + Self::ensure_resolv_conf_is_resolved_symlink()?; } - - - result + Ok(systemd_resolved) } fn ensure_resolved_exists(&self) -> Result<()> { diff --git a/talpid-core/src/dns/mod.rs b/talpid-core/src/dns/mod.rs index 60d4a3d571..57872f9818 100644 --- a/talpid-core/src/dns/mod.rs +++ b/talpid-core/src/dns/mod.rs @@ -8,6 +8,9 @@ mod imp; #[path = "linux/mod.rs"] mod imp; +#[cfg(target_os = "linux")] +pub use imp::will_use_nm; + #[cfg(windows)] #[path = "windows/mod.rs"] mod imp; diff --git a/talpid-core/src/tunnel/wireguard/mod.rs b/talpid-core/src/tunnel/wireguard/mod.rs index 30919c1b39..45d5f1329d 100644 --- a/talpid-core/src/tunnel/wireguard/mod.rs +++ b/talpid-core/src/tunnel/wireguard/mod.rs @@ -149,42 +149,23 @@ impl WireguardMonitor { ) -> Result<Box<dyn Tunnel>> { #[cfg(target_os = "linux")] if !*FORCE_USERSPACE_WIREGUARD { - match wireguard_kernel::NetworkManagerTunnel::new( - route_manager.runtime_handle(), - config, - ) { - Ok(tunnel) => { - log::debug!("Using NetworkManager to use kernel WireGuard implementation"); - return Ok(Box::new(tunnel)); - } - Err(err) => { - if !err.should_use_userspace() { - match wireguard_kernel::NetlinkTunnel::new( - route_manager.runtime_handle(), - config, - ) { - Ok(tunnel) => { - log::debug!("Using kernel WireGuard implementation"); - return Ok(Box::new(tunnel)); - } - Err(error) => { - log::error!( - "{}", - error.display_chain_with_msg( - "Failed to setup kernel WireGuard device, falling back to userspace" - ) - ); - } - }; + if !crate::dns::will_use_nm() { + match wireguard_kernel::NetlinkTunnel::new(route_manager.runtime_handle(), config) { + Ok(tunnel) => { + log::debug!("Using kernel WireGuard implementation"); + return Ok(Box::new(tunnel)); } - log::debug!( - "{}", - err.display_chain_with_msg( - "Failed to create a WireGuard device via NetworkManager" - ) - ); - } - }; + Err(error) => { + log::error!( + "{}", + error.display_chain_with_msg( + "Failed to setup kernel WireGuard device, falling back to userspace" + ) + ); + } + }; + } + } else { log::debug!("Using userspace WireGuard implementation"); } diff --git a/talpid-core/src/tunnel/wireguard/wireguard_kernel/mod.rs b/talpid-core/src/tunnel/wireguard/wireguard_kernel/mod.rs index 284c93be13..6c3b86ee65 100644 --- a/talpid-core/src/tunnel/wireguard/wireguard_kernel/mod.rs +++ b/talpid-core/src/tunnel/wireguard/wireguard_kernel/mod.rs @@ -87,16 +87,6 @@ pub enum Error { const MULLVAD_INTERFACE_NAME: &str = "wg-mullvad"; - -impl Error { - pub fn should_use_userspace(&self) -> bool { - match self { - Error::NetworkManager(nm_tunnel::Error::NMTooOld(_)) => true, - _ => false, - } - } -} - #[derive(Debug)] pub struct Handle { pub wg_handle: WireguardConnection, |