Merge branch 'win-remove-1-prefix-routes'

author: David Lönnhager <david.l@mullvad.net> 2025-03-21 13:08:48 +0100
committer: David Lönnhager <david.l@mullvad.net> 2025-03-21 13:08:48 +0100
commit: cb13f3a9e30bc3c321b2710ebe5299723c51cea6 (patch)
tree: 125b3f18e3de9e2bbf90cedce6f95594408537c6
parent: 8da59e1d8c4fbfb8ed95fe7bb1fcdfc67e3d1ad7 (diff)
parent: 4234fb32e58ba6f8479b6f9f732f638a128116a5 (diff)
download: mullvadvpn-cb13f3a9e30bc3c321b2710ebe5299723c51cea6.tar.xz
mullvadvpn-cb13f3a9e30bc3c321b2710ebe5299723c51cea6.zip
2 files changed, 2 insertions, 22 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 086235e648..f65b23b300 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,6 +35,7 @@ Line wrap the file at 100 chars.                                              Th
 #### Windows
 - Fix error setting up tunnel when MTU was incorrectly set to a value below 1280 for IPv6.
 - Fix node native module being unpacked to a temporary folder.
+- Mitigate potential routing loop for the tunnel interface.
 
 
 ## [2025.5-beta1] - 2025-03-11
diff --git a/talpid-wireguard/src/lib.rs b/talpid-wireguard/src/lib.rs
index 96efed3431..6144e78a0d 100644
--- a/talpid-wireguard/src/lib.rs
+++ b/talpid-wireguard/src/lib.rs
@@ -746,9 +746,7 @@ impl WireguardMonitor {
         #[cfg(target_os = "android")] cancel_receiver: connectivity::CancelReceiver,
     ) -> Result<WgGoTunnel> {
         #[cfg(all(unix, not(target_os = "android")))]
-        let routes = config
-            .get_tunnel_destinations()
-            .flat_map(Self::replace_default_prefixes);
+        let routes = config.get_tunnel_destinations();
 
         #[cfg(all(unix, not(target_os = "android")))]
         let tunnel = WgGoTunnel::start_tunnel(config, log_path, tun_provider, routes)
@@ -925,7 +923,6 @@ impl WireguardMonitor {
         let iter = config
             .get_tunnel_destinations()
             .filter(|allowed_ip| allowed_ip.prefix() == 0)
-            .flat_map(Self::replace_default_prefixes)
             .map(move |allowed_ip| {
                 if allowed_ip.is_ipv4() {
                     RequiredRoute::new(allowed_ip, node_v4.clone())
@@ -965,24 +962,6 @@ impl WireguardMonitor {
         }
     }
 
-    /// Replace default (0-prefix) routes with more specific routes.
-    #[cfg(not(target_os = "android"))]
-    fn replace_default_prefixes(network: ipnetwork::IpNetwork) -> Vec<ipnetwork::IpNetwork> {
-        #[cfg(windows)]
-        if network.prefix() == 0 {
-            if network.is_ipv4() {
-                vec!["0.0.0.0/1".parse().unwrap(), "128.0.0.0/1".parse().unwrap()]
-            } else {
-                vec!["8000::/1".parse().unwrap(), "::/1".parse().unwrap()]
-            }
-        } else {
-            vec![network]
-        }
-
-        #[cfg(not(windows))]
-        vec![network]
-    }
-
     fn tunnel_metadata(interface_name: &str, config: &Config) -> TunnelMetadata {
         TunnelMetadata {
             interface: interface_name.to_string(),
author	David Lönnhager <david.l@mullvad.net>	2025-03-21 13:08:48 +0100
committer	David Lönnhager <david.l@mullvad.net>	2025-03-21 13:08:48 +0100
commit	cb13f3a9e30bc3c321b2710ebe5299723c51cea6 (patch)
tree	125b3f18e3de9e2bbf90cedce6f95594408537c6
parent	8da59e1d8c4fbfb8ed95fe7bb1fcdfc67e3d1ad7 (diff)
parent	4234fb32e58ba6f8479b6f9f732f638a128116a5 (diff)
download	mullvadvpn-cb13f3a9e30bc3c321b2710ebe5299723c51cea6.tar.xz mullvadvpn-cb13f3a9e30bc3c321b2710ebe5299723c51cea6.zip