diff options
| author | Markus Pettersson <markus.pettersson@mullvad.net> | 2024-12-20 13:01:43 +0100 |
|---|---|---|
| committer | Markus Pettersson <markus.pettersson@mullvad.net> | 2024-12-20 15:38:58 +0100 |
| commit | ee78a49a6b5fc941182188c5d37161a4dc8b08c8 (patch) | |
| tree | 7994a4fa4625c87b51ca64c52988993ddf07bcde | |
| parent | 73011232b651a05e9a5af6d4f3c6184d0faddaf5 (diff) | |
| download | mullvadvpn-ee78a49a6b5fc941182188c5d37161a4dc8b08c8.tar.xz mullvadvpn-ee78a49a6b5fc941182188c5d37161a4dc8b08c8.zip | |
Remove `duct` as a macOS dependency in `talpid-core`
| -rw-r--r-- | Cargo.lock | 10 | ||||
| -rw-r--r-- | talpid-core/Cargo.toml | 2 | ||||
| -rw-r--r-- | talpid-core/src/firewall/macos.rs | 23 |
3 files changed, 7 insertions, 28 deletions
diff --git a/Cargo.lock b/Cargo.lock index ef4e8d2746..90e8b3e0ba 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4187,15 +4187,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" [[package]] -name = "subslice" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0a8e4809a3bb02de01f1f7faf1ba01a83af9e8eabcd4d31dd6e413d14d56aae" -dependencies = [ - "memchr", -] - -[[package]] name = "subtle" version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -4324,7 +4315,6 @@ dependencies = [ "resolv-conf", "serde", "serde_json", - "subslice", "system-configuration", "talpid-dbus", "talpid-macos", diff --git a/talpid-core/Cargo.toml b/talpid-core/Cargo.toml index 0cc71a4399..620e4a6964 100644 --- a/talpid-core/Cargo.toml +++ b/talpid-core/Cargo.toml @@ -46,9 +46,7 @@ duct = "0.13" [target.'cfg(target_os = "macos")'.dependencies] async-trait = "0.1" -duct = "0.13" pfctl = "0.6.1" -subslice = "0.2" system-configuration = "0.5.1" hickory-proto = { workspace = true } hickory-server = { workspace = true, features = ["resolver"] } diff --git a/talpid-core/src/firewall/macos.rs b/talpid-core/src/firewall/macos.rs index a45186fa23..953c4abfe0 100644 --- a/talpid-core/src/firewall/macos.rs +++ b/talpid-core/src/firewall/macos.rs @@ -7,7 +7,6 @@ use std::sync::LazyLock; use ipnetwork::IpNetwork; use libc::{c_int, sysctlbyname}; use pfctl::{DropAction, FilterRuleAction, Ip, RedirectRule, Uid}; -use subslice::SubsliceExt; use talpid_types::net::{ AllowedEndpoint, AllowedTunnelTraffic, TransportProtocol, ALLOWED_LAN_MULTICAST_NETS, ALLOWED_LAN_NETS, @@ -936,21 +935,13 @@ impl Firewall { self.pf.try_enable() } - fn is_enabled(&self) -> bool { - let cmd = duct::cmd!("/sbin/pfctl", "-s", "info") - .stderr_null() - .stdout_capture(); - const EXPECTED_OUTPUT: &[u8] = b"Status: Enabled"; - match cmd.run() { - Ok(output) => output.stdout.as_slice().find(EXPECTED_OUTPUT).is_some(), - Err(err) => { - log::error!( - "Failed to execute pfctl, assuming pf is not enabled: {}", - err - ); - false - } - } + fn is_enabled(&mut self) -> bool { + // If we can't know for sure whether pf is enabled or not, err on the side of caution and + // return false. + self.pf + .is_enabled() + .inspect_err(|err| log::error!("Unable to determine if pf is enabled: {err}")) + .unwrap_or(false) } fn restore_state(&mut self) -> Result<()> { |