diff options
| author | Emīls <emils@mullvad.net> | 2021-10-14 13:06:26 +0100 |
|---|---|---|
| committer | Emīls <emils@mullvad.net> | 2021-10-19 10:21:49 +0100 |
| commit | ef32a262ca615f102fbfeaf3bba334371b3e6494 (patch) | |
| tree | 6f2edde0f0236313ec1df3cd0d7c79a3a3ac29f6 | |
| parent | 11266744db4438adfded94b951ffcf2f42539f52 (diff) | |
| download | mullvadvpn-ef32a262ca615f102fbfeaf3bba334371b3e6494.tar.xz mullvadvpn-ef32a262ca615f102fbfeaf3bba334371b3e6494.zip | |
Try fixing firewall issue for macOS
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | Cargo.lock | 10 | ||||
| -rw-r--r-- | talpid-core/Cargo.toml | 1 | ||||
| -rw-r--r-- | talpid-core/src/firewall/macos.rs | 18 |
4 files changed, 29 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index e62c7fb2bf..ffa3bd3a7e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,7 @@ Line wrap the file at 100 chars. Th #### macOS - Prevent app from showing when dragging tray icon on macOS. +- Fix issue with getting PF status due to an ABI change on macOS 12 Beta 9. ## [2021.5-beta1] - 2021-10-12 diff --git a/Cargo.lock b/Cargo.lock index e5bbf2dfb5..11b0c72c4f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2397,6 +2397,15 @@ dependencies = [ ] [[package]] +name = "subslice" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0a8e4809a3bb02de01f1f7faf1ba01a83af9e8eabcd4d31dd6e413d14d56aae" +dependencies = [ + "memchr", +] + +[[package]] name = "subtle" version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2489,6 +2498,7 @@ dependencies = [ "rtnetlink", "shell-escape", "socket2", + "subslice", "system-configuration", "talpid-dbus", "talpid-platform-metadata", diff --git a/talpid-core/Cargo.toml b/talpid-core/Cargo.toml index e13c4bc6a6..6ca225ec91 100644 --- a/talpid-core/Cargo.toml +++ b/talpid-core/Cargo.toml @@ -71,6 +71,7 @@ internet-checksum = "0.2" pfctl = "0.4.4" system-configuration = "0.4" tun = "0.5.1" +subslice = "0.2" [target.'cfg(windows)'.dependencies] diff --git a/talpid-core/src/firewall/macos.rs b/talpid-core/src/firewall/macos.rs index 4057d03a05..d657c75328 100644 --- a/talpid-core/src/firewall/macos.rs +++ b/talpid-core/src/firewall/macos.rs @@ -5,6 +5,7 @@ use std::{ env, net::{IpAddr, Ipv4Addr}, }; +use subslice::SubsliceExt; use talpid_types::net; pub use pfctl::Error; @@ -551,11 +552,26 @@ impl Firewall { fn enable(&mut self) -> Result<()> { if self.pf_was_enabled.is_none() { - self.pf_was_enabled = Some(self.pf.is_enabled()?); + self.pf_was_enabled = Some(self.is_enabled()); } Ok(self.pf.try_enable()?) } + fn is_enabled(&self) -> bool { + let cmd = duct::cmd!("/sbin/pfctl", "-s", "info"); + const EXPECTED_OUTPUT: &'static [u8] = b"Status: Enabled"; + match cmd.run() { + Ok(output) => output.stdout.as_slice().find(&EXPECTED_OUTPUT).is_some(), + Err(err) => { + log::error!( + "Failed to execute pfctl, assuming pf is not enabled: {}", + err + ); + false + } + } + } + fn restore_state(&mut self) -> Result<()> { match self.pf_was_enabled.take() { Some(true) => Ok(self.pf.try_enable()?), |