diff options
| author | David Lönnhager <david.l@mullvad.net> | 2021-01-05 17:01:33 +0100 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2021-01-08 12:33:55 +0100 |
| commit | a4b53d8f23095ab0ca5e8730a06ddb5db056e5e7 (patch) | |
| tree | 9fb7626150d42cde12a6fe3a2a02b4200c0f5f96 | |
| parent | 65a71cb252f988badc810cb4317b962ce32e4e16 (diff) | |
| download | mullvadvpn-a4b53d8f23095ab0ca5e8730a06ddb5db056e5e7.tar.xz mullvadvpn-a4b53d8f23095ab0ca5e8730a06ddb5db056e5e7.zip | |
Add environment variable for disabling dnscache settings
| -rw-r--r-- | README.md | 6 | ||||
| -rw-r--r-- | talpid-core/src/dns/windows/mod.rs | 33 |
2 files changed, 25 insertions, 14 deletions
@@ -369,6 +369,12 @@ echo "org.gradle.jvmargs=-Xmx4608M" >> ~/.gradle/gradle.properties * `TALPID_FORCE_USERSPACE_WIREGUARD` - Forces the daemon to use the userspace implementation of WireGuard on Linux. +* `TALPID_DNS_CACHE_POLICY` - On Windows, this changes how DNS is configured: + * `1`: The default. This sets a global list of DNS servers that `dnscache` will use instead of + the servers specified on each interface. + * `0`: Only set DNS servers on the tunnel interface. This will misbehave if local custom DNS + servers are used. + ## Building and running the desktop Electron GUI app diff --git a/talpid-core/src/dns/windows/mod.rs b/talpid-core/src/dns/windows/mod.rs index d8bd326786..17165c2364 100644 --- a/talpid-core/src/dns/windows/mod.rs +++ b/talpid-core/src/dns/windows/mod.rs @@ -1,7 +1,10 @@ use crate::logging::windows::{log_sink, LogSink}; +use lazy_static::lazy_static; use log::{error, trace, warn}; -use std::{ffi::OsString, io, iter, mem, net::IpAddr, os::windows::ffi::OsStrExt, path::Path, ptr}; +use std::{ + env, ffi::OsString, io, iter, mem, net::IpAddr, os::windows::ffi::OsStrExt, path::Path, ptr, +}; use talpid_types::ErrorExt; use widestring::WideCString; use winapi::um::{ @@ -21,6 +24,13 @@ use self::system_state::SystemStateWriter; const DNS_STATE_FILENAME: &'static str = "dns-state-backup"; const DNS_CACHE_POLICY_GUID: &str = "{d57d2750-f971-408e-8e55-cfddb37e60ae}"; +lazy_static! { + /// Specifies whether to override per-interface DNS resolvers with a global DNS policy. + static ref GLOBAL_DNS_CACHE_POLICY: bool = env::var("TALPID_DNS_CACHE_POLICY") + .map(|v| v != "0") + .unwrap_or(true); +} + /// Errors that can happen when configuring DNS on Windows. #[derive(err_derive::Error, Debug)] pub enum Error { @@ -49,15 +59,6 @@ impl super::DnsMonitorT for DnsMonitor { fn new(cache_dir: impl AsRef<Path>) -> Result<Self, Error> { unsafe { WinDns_Initialize(Some(log_sink), b"WinDns\0".as_ptr()).into_result()? }; - if is_minimum_windows10() { - if let Err(error) = reset_dns_cache_policy() { - error!( - "{}", - error.display_chain_with_msg("Failed to reset DNS cache policy") - ); - } - } - let backup_writer = SystemStateWriter::new( cache_dir .as_ref() @@ -65,7 +66,11 @@ impl super::DnsMonitorT for DnsMonitor { .into_boxed_path(), ); let _ = backup_writer.remove_backup(); - Ok(DnsMonitor {}) + + let mut monitor = DnsMonitor {}; + monitor.reset()?; + + Ok(monitor) } fn set(&mut self, interface: &str, servers: &[IpAddr]) -> Result<(), Error> { @@ -103,7 +108,7 @@ impl super::DnsMonitorT for DnsMonitor { .into_result() }?; - if is_minimum_windows10() { + if *GLOBAL_DNS_CACHE_POLICY && is_minimum_windows10() { if let Err(error) = set_dns_cache_policy(servers) { error!("{}", error.display_chain()); warn!("DNS resolution may be slowed down"); @@ -114,7 +119,7 @@ impl super::DnsMonitorT for DnsMonitor { } fn reset(&mut self) -> Result<(), Error> { - if is_minimum_windows10() { + if *GLOBAL_DNS_CACHE_POLICY && is_minimum_windows10() { reset_dns_cache_policy() } else { Ok(()) @@ -128,7 +133,7 @@ fn ip_to_widestring(ip: &IpAddr) -> WideCString { impl Drop for DnsMonitor { fn drop(&mut self) { - if is_minimum_windows10() { + if *GLOBAL_DNS_CACHE_POLICY && is_minimum_windows10() { if let Err(error) = reset_dns_cache_policy() { warn!( "{}", |