Merge branch 'simplify-wireguard-configuration'

2 files changed, 17 insertions, 49 deletions

diff --git a/ios/PacketTunnel/WireguardConfiguration.swift b/ios/PacketTunnel/WireguardConfiguration.swift
index 2652a3145e..a6a6aae08c 100644
--- a/ios/PacketTunnel/WireguardConfiguration.swift
+++ b/ios/PacketTunnel/WireguardConfiguration.swift
@@ -17,18 +17,19 @@ struct WireguardConfiguration {
 
 extension WireguardConfiguration {
 
-    /// Returns a baseline configuration for WireGuard
-    func baseline() -> [WireguardCommand] {
+    /// Returns commands suitable for configuring WireGuard
+    func uapiConfiguration() -> [WireguardCommand] {
         var commands: [WireguardCommand] = [
             .privateKey(privateKey),
-            .listenPort(0),
-            .replacePeers
+            .listenPort(0)
         ]
 
+        commands.append(.replacePeers)
         peers.forEach { (peer) in
             commands.append(.peer(peer))
         }
 
+        commands.append(.replaceAllowedIPs)
         allowedIPs.forEach { (ipAddressRange) in
             commands.append(.allowedIP(ipAddressRange))
         }
@@ -36,41 +37,13 @@ extension WireguardConfiguration {
         return commands
     }
 
-    /// Returns a WireGuard configuration for transition to the given configuration
-    func transition(to newConfig: WireguardConfiguration) -> [WireguardCommand] {
-        var commands = [WireguardCommand]()
+    /// Returns commands suitable for updating existing endpoints when roaming between networks
+    /// (i.e Wi-Fi, cellular)
+    func endpointUapiConfiguration() -> [WireguardCommand] {
+        var commands: [WireguardCommand] = []
 
-        if self.privateKey != newConfig.privateKey {
-            commands.append(.privateKey(newConfig.privateKey))
-        }
-
-        let oldPeers = Set(self.peers)
-        let newPeers = Set(newConfig.peers)
-        let oldPublicKeys = Set(oldPeers.map { $0.publicKey })
-        let newPublicKeys = Set(newPeers.map { $0.publicKey })
-        let shouldReplacePeers = oldPublicKeys != newPublicKeys
-
-        if oldPeers != newPeers {
-            // Avoid using `replace_peers` when updating the existing peers.
-            if shouldReplacePeers {
-                commands.append(.replacePeers)
-            }
-
-            newPeers.forEach { (peer) in
-                commands.append(.peer(peer))
-            }
-        }
-
-        let oldAllowedIPs = Set(self.allowedIPs)
-        let newAllowedIPs = Set(newConfig.allowedIPs)
-
-        // It looks like the `allowed_ip` table is being flushed when `replace_peers=true` is passed
-        if oldAllowedIPs != newAllowedIPs || shouldReplacePeers {
-            commands.append(.replaceAllowedIPs)
-
-            newAllowedIPs.forEach { (allowedIP) in
-                commands.append(.allowedIP(allowedIP))
-            }
+        peers.forEach { (peer) in
+            commands.append(.peer(peer))
         }
 
         return commands
diff --git a/ios/PacketTunnel/WireguardDevice.swift b/ios/PacketTunnel/WireguardDevice.swift
index 9dc8fe4dbb..f0c3dd033e 100644
--- a/ios/PacketTunnel/WireguardDevice.swift
+++ b/ios/PacketTunnel/WireguardDevice.swift
@@ -190,7 +190,7 @@ class WireguardDevice {
 
         let resolvedConfiguration = Self.resolveConfiguration(configuration)
         let handle = resolvedConfiguration
-            .baseline()
+            .uapiConfiguration()
             .toRawWireguardConfigString()
             .withCString { wgTurnOn($0, self.tunFd) }
 
@@ -222,13 +222,11 @@ class WireguardDevice {
     }
 
     private func _setConfig(configuration newConfiguration: WireguardConfiguration) -> Result<(), Error> {
-        if let handle = wireguardHandle,
-            let oldResolvedConfigration = self.resolvedConfiguration
-        {
+        if let handle = wireguardHandle {
             let newResolvedConfiguration = Self.resolveConfiguration(newConfiguration)
-            let wireguardCommands = oldResolvedConfigration.transition(to: newResolvedConfiguration)
+            let commands = newResolvedConfiguration.uapiConfiguration()
 
-            Self.setWireguardConfig(handle: handle, commands: wireguardCommands)
+            Self.setWireguardConfig(handle: handle, commands: commands)
 
             self.configuration = newConfiguration
             self.resolvedConfiguration = newResolvedConfiguration
@@ -319,14 +317,11 @@ class WireguardDevice {
                    String(describing: path.availableInterfaces))
 
             // Re-resolve endpoints on network changes
-            if let currentConfiguration = self.configuration,
-                let oldResolvedConfigration = self.resolvedConfiguration
-            {
+            if let currentConfiguration = self.configuration {
                 let newResolvedConfiguration = Self.resolveConfiguration(currentConfiguration)
-                let commands = oldResolvedConfigration.transition(to: newResolvedConfiguration)
+                let commands = newResolvedConfiguration.endpointUapiConfiguration()
 
                 Self.setWireguardConfig(handle: handle, commands: commands)
-
                 self.resolvedConfiguration = newResolvedConfiguration
             }