Implement DnsMonitor for macOS

author: Linus Färnstrand <linus@mullvad.net> 2018-11-14 13:22:36 +0100
committer: Linus Färnstrand <linus@mullvad.net> 2018-11-14 17:20:48 +0100
commit: af0032177f0f828e5fed3f2cf2449732718b1f33 (patch)
tree: dcf004096f3d5c5e1a4d3eed64bfab743c584dc9
parent: 702b9e7311584ef9c8888c6eaa18809f9e3d5956 (diff)
download: mullvadvpn-af0032177f0f828e5fed3f2cf2449732718b1f33.tar.xz
mullvadvpn-af0032177f0f828e5fed3f2cf2449732718b1f33.zip
3 files changed, 31 insertions, 39 deletions
diff --git a/talpid-core/src/security/macos/dns.rs b/talpid-core/src/security/macos/dns.rs
index 7bb59e522d..56126fb20f 100644
--- a/talpid-core/src/security/macos/dns.rs
+++ b/talpid-core/src/security/macos/dns.rs
@@ -19,6 +19,8 @@ use std::{
     fmt,
     sync::{mpsc, Arc, Mutex},
     thread,
+    path::Path,
+    net::IpAddr,
 };
 
 error_chain! {
@@ -126,12 +128,14 @@ pub struct DnsMonitor {
     state: Arc<Mutex<Option<State>>>,
 }
 
-impl DnsMonitor {
+impl super::super::DnsMonitorT for DnsMonitor {
+    type Error = Error;
+
     /// Creates and returns a new `DnsMonitor`. This spawns a background thread that will monitor
     /// DNS settings for all network interfaces. If any changes occur it will instantly reset
     /// the DNS settings for that interface back to the last server list set to this instance
     /// with `set_dns`.
-    pub fn new() -> Result<Self> {
+    fn new(_cache_dir: impl AsRef<Path>) -> Result<Self> {
         let state = Arc::new(Mutex::new(None));
         Self::spawn(state.clone())?;
         Ok(DnsMonitor {
@@ -140,23 +144,8 @@ impl DnsMonitor {
         })
     }
 
-    /// Spawns the background thread running the CoreFoundation main loop and monitors the system
-    /// for DNS changes.
-    fn spawn(state: Arc<Mutex<Option<State>>>) -> Result<()> {
-        let (result_tx, result_rx) = mpsc::channel();
-        thread::spawn(move || match create_dynamic_store(state) {
-            Ok(store) => {
-                result_tx.send(Ok(())).unwrap();
-                run_dynamic_store_runloop(store);
-                // TODO(linus): This is critical. Improve later by sending error signal to Daemon
-                log::error!("Core Foundation main loop exited! It should run forever");
-            }
-            Err(e) => result_tx.send(Err(e)).unwrap(),
-        });
-        result_rx.recv().unwrap()
-    }
-
-    pub fn set_dns(&self, servers: Vec<DnsServer>) -> Result<()> {
+    fn set(&mut self, _interface: &str, servers: &[IpAddr]) -> Result<()> {
+        let servers: Vec<DnsServer> = servers.iter().map(|ip| ip.to_string()).collect();
         let settings = DnsSettings::from_server_addresses(&servers);
         let mut state_lock = self.state.lock().unwrap();
         *state_lock = Some(match state_lock.take() {
@@ -189,8 +178,7 @@ impl DnsMonitor {
         Ok(())
     }
 
-    /// Reset all DNS settings to the latest backed up values.
-    pub fn reset(&self) -> Result<()> {
+    fn reset(&mut self) -> Result<()> {
         let mut state_lock = self.state.lock().unwrap();
         if let Some(state) = state_lock.take() {
             trace!("Restoring DNS settings to: {:#?}", state.backup);
@@ -209,6 +197,24 @@ impl DnsMonitor {
     }
 }
 
+impl DnsMonitor {
+    /// Spawns the background thread running the CoreFoundation main loop and monitors the system
+    /// for DNS changes.
+    fn spawn(state: Arc<Mutex<Option<State>>>) -> Result<()> {
+        let (result_tx, result_rx) = mpsc::channel();
+        thread::spawn(move || match create_dynamic_store(state) {
+            Ok(store) => {
+                result_tx.send(Ok(())).unwrap();
+                run_dynamic_store_runloop(store);
+                // TODO(linus): This is critical. Improve later by sending error signal to Daemon
+                log::error!("Core Foundation main loop exited! It should run forever");
+            }
+            Err(e) => result_tx.send(Err(e)).unwrap(),
+        });
+        result_rx.recv().unwrap()
+    }
+}
+
 /// Creates a `SCDynamicStore` that watches all network interfaces for changes to the DNS settings.
 fn create_dynamic_store(state: Arc<Mutex<Option<State>>>) -> Result<SCDynamicStore> {
     let callback_context = SCDynamicStoreCallBackContext {
diff --git a/talpid-core/src/security/macos/mod.rs b/talpid-core/src/security/macos/mod.rs
index 4fae5368ec..1fdb0c49b3 100644
--- a/talpid-core/src/security/macos/mod.rs
+++ b/talpid-core/src/security/macos/mod.rs
@@ -4,19 +4,14 @@ extern crate tokio_core;
 use super::{NetworkSecurityT, SecurityPolicy};
 use std::net::Ipv4Addr;
 use std::path::Path;
-
 use talpid_types::net;
 
 mod dns;
+pub use self::dns::{DnsMonitor, Error as DnsError};
 
-use self::dns::DnsMonitor;
+pub use self::pfctl::Error;
 
-error_chain! {
-    links {
-        PfCtl(self::pfctl::Error, self::pfctl::ErrorKind) #[doc = "PF error"];
-        DnsMonitor(self::dns::Error, self::dns::ErrorKind) #[doc = "DNS error"];
-    }
-}
+type Result<T> = ::std::result::Result<T, Error>;
 
 /// TODO(linus): This crate is not supposed to be Mullvad-aware. So at some point this should be
 /// replaced by allowing the anchor name to be configured from the public API of this crate.
@@ -26,7 +21,6 @@ const ANCHOR_NAME: &'static str = "mullvad";
 pub struct NetworkSecurity {
     pf: pfctl::PfCtl,
     pf_was_enabled: Option<bool>,
-    dns_monitor: DnsMonitor,
 }
 
 impl NetworkSecurityT for NetworkSecurity {
@@ -36,7 +30,6 @@ impl NetworkSecurityT for NetworkSecurity {
         Ok(NetworkSecurity {
             pf: pfctl::PfCtl::new()?,
             pf_was_enabled: None,
-            dns_monitor: DnsMonitor::new()?,
         })
     }
 
@@ -51,7 +44,6 @@ impl NetworkSecurityT for NetworkSecurity {
             self.remove_rules(),
             self.remove_anchor(),
             self.restore_state(),
-            self.restore_dns(),
         ]
         .into_iter()
         .collect::<Result<Vec<_>>>()
@@ -98,8 +90,6 @@ impl NetworkSecurity {
                 tunnel,
                 allow_lan,
             } => {
-                self.dns_monitor.set_dns(vec![tunnel.gateway.to_string()])?;
-
                 let allow_tcp_dns_to_relay_rule = pfctl::FilterRuleBuilder::default()
                     .action(pfctl::FilterRuleAction::Pass)
                     .direction(pfctl::Direction::Out)
@@ -311,10 +301,6 @@ impl NetworkSecurity {
         }
     }
 
-    fn restore_dns(&self) -> Result<()> {
-        Ok(self.dns_monitor.reset()?)
-    }
-
     fn add_anchor(&mut self) -> Result<()> {
         self.pf
             .try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Filter)?;
diff --git a/talpid-core/src/security/mod.rs b/talpid-core/src/security/mod.rs
index 0d3186d939..82d331227a 100644
--- a/talpid-core/src/security/mod.rs
+++ b/talpid-core/src/security/mod.rs
@@ -21,7 +21,7 @@ mod imp;
 #[path = "windows/mod.rs"]
 mod imp;
 
-pub use self::imp::{DnsError, Error, ErrorKind};
+pub use self::imp::{DnsError, Error};
 
 
 #[cfg(unix)]
author	Linus Färnstrand <linus@mullvad.net>	2018-11-14 13:22:36 +0100
committer	Linus Färnstrand <linus@mullvad.net>	2018-11-14 17:20:48 +0100
commit	af0032177f0f828e5fed3f2cf2449732718b1f33 (patch)
tree	dcf004096f3d5c5e1a4d3eed64bfab743c584dc9
parent	702b9e7311584ef9c8888c6eaa18809f9e3d5956 (diff)
download	mullvadvpn-af0032177f0f828e5fed3f2cf2449732718b1f33.tar.xz mullvadvpn-af0032177f0f828e5fed3f2cf2449732718b1f33.zip