Skip to content

Commit

Permalink
Move ownership of tun config to tun provider
Browse files Browse the repository at this point in the history
  • Loading branch information
dlon committed Aug 10, 2024
1 parent f69125b commit b3d2932
Show file tree
Hide file tree
Showing 10 changed files with 273 additions and 296 deletions.
85 changes: 51 additions & 34 deletions talpid-core/src/tunnel_state_machine/connected_state.rs
Original file line number Diff line number Diff line change
Expand Up @@ -228,23 +228,34 @@ impl ConnectedState {

match command {
Some(TunnelCommand::AllowLan(allow_lan, complete_tx)) => {
let consequence = if let Err(error_cause) = shared_values.set_allow_lan(allow_lan) {
self.disconnect(shared_values, AfterDisconnect::Block(error_cause))
} else {
match self.set_firewall_policy(shared_values) {
Ok(()) => {
if cfg!(target_os = "android") {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
} else {
SameState(self)
}
let consequence = if shared_values.set_allow_lan(allow_lan) {
#[cfg(target_os = "android")]
{
if let Err(_err) = shared_values.restart_tunnel(false) {
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::StartTunnelError),
)
} else {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
}
#[cfg(not(target_os = "android"))]
{
match self.set_firewall_policy(shared_values) {
Ok(()) => SameState(self),
Err(error) => self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::SetFirewallPolicyError(
error,
)),
),
}
Err(error) => self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::SetFirewallPolicyError(error)),
),
}
} else {
SameState(self)
};

let _ = complete_tx.send(());
consequence
}
Expand All @@ -254,8 +265,20 @@ impl ConnectedState {
SameState(self)
}
Some(TunnelCommand::Dns(servers, complete_tx)) => {
let consequence = match shared_values.set_dns_servers(servers) {
Ok(true) => {
let consequence = if shared_values.set_dns_servers(servers) {
#[cfg(target_os = "android")]
{
if let Err(_err) = shared_values.restart_tunnel(false) {
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::StartTunnelError),
)
} else {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
}
#[cfg(not(target_os = "android"))]
{
if let Err(error) = self.set_firewall_policy(shared_values) {
return self.disconnect(
shared_values,
Expand All @@ -266,9 +289,6 @@ impl ConnectedState {
}

match self.set_dns(shared_values) {
#[cfg(target_os = "android")]
Ok(()) => self.disconnect(shared_values, AfterDisconnect::Reconnect(0)),
#[cfg(not(target_os = "android"))]
Ok(()) => SameState(self),
Err(error) => {
log::error!(
Expand All @@ -282,10 +302,8 @@ impl ConnectedState {
}
}
}
Ok(false) => SameState(self),
Err(error_cause) => {
self.disconnect(shared_values, AfterDisconnect::Block(error_cause))
}
} else {
SameState(self)
};
let _ = complete_tx.send(());
consequence
Expand Down Expand Up @@ -327,22 +345,21 @@ impl ConnectedState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
match shared_values.exclude_paths(paths) {
Ok(changed) => {
let _ = result_tx.send(Ok(()));
if changed {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
} else {
SameState(self)
}
}
Err(err) => {
let _ = result_tx.send(Err(err));
if shared_values.set_excluded_paths(paths) {
if let Err(err) = shared_values.restart_tunnel(false) {
let _ =
result_tx.send(Err(crate::split_tunnel::Error::SetExcludedApps(err)));
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::SplitTunnelError),
)
} else {
let _ = result_tx.send(Ok(()));
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
} else {
let _ = result_tx.send(Ok(()));
SameState(self)
}
}
#[cfg(target_os = "macos")]
Expand Down
67 changes: 46 additions & 21 deletions talpid-core/src/tunnel_state_machine/connecting_state.rs
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,9 @@ impl ConnectingState {
ErrorStateCause::SetFirewallPolicyError(error),
)
} else {
#[cfg(target_os = "android")]
shared_values.prepare_tun_config(false);

let connecting_state = Self::start_tunnel(
shared_values.runtime.clone(),
tunnel_parameters,
Expand Down Expand Up @@ -354,6 +357,7 @@ impl ConnectingState {
))
}

#[cfg(not(target_os = "android"))]
fn reset_firewall(
self: Box<Self>,
shared_values: &mut SharedTunnelStateValues,
Expand All @@ -364,13 +368,7 @@ impl ConnectingState {
&self.tunnel_metadata,
self.allowed_tunnel_traffic.clone(),
) {
Ok(()) => {
if cfg!(target_os = "android") {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
} else {
EventConsequence::SameState(self)
}
}
Ok(()) => EventConsequence::SameState(self),
Err(error) => self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::SetFirewallPolicyError(error)),
Expand All @@ -387,10 +385,22 @@ impl ConnectingState {

match command {
Some(TunnelCommand::AllowLan(allow_lan, complete_tx)) => {
let consequence = if let Err(error_cause) = shared_values.set_allow_lan(allow_lan) {
self.disconnect(shared_values, AfterDisconnect::Block(error_cause))
} else {
let consequence = if shared_values.set_allow_lan(allow_lan) {
#[cfg(target_os = "android")]
{
if let Err(_err) = shared_values.restart_tunnel(false) {
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::StartTunnelError),
)
} else {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
}
#[cfg(not(target_os = "android"))]
self.reset_firewall(shared_values)
} else {
SameState(self)
};
let _ = complete_tx.send(());
consequence
Expand All @@ -415,12 +425,24 @@ impl ConnectingState {
SameState(self)
}
Some(TunnelCommand::Dns(servers, complete_tx)) => {
let consequence = match shared_values.set_dns_servers(servers) {
let consequence = if shared_values.set_dns_servers(servers) {
#[cfg(target_os = "android")]
Ok(true) => self.disconnect(shared_values, AfterDisconnect::Reconnect(0)),
Ok(_) => SameState(self),
Err(cause) => self.disconnect(shared_values, AfterDisconnect::Block(cause)),
{
if let Err(_err) = shared_values.restart_tunnel(false) {
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::StartTunnelError),
)
} else {
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
}
#[cfg(not(target_os = "android"))]
SameState(self)
} else {
SameState(self)
};

let _ = complete_tx.send(());
consequence
}
Expand Down Expand Up @@ -461,18 +483,21 @@ impl ConnectingState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
match shared_values.exclude_paths(paths) {
Ok(_changed) => {
let _ = result_tx.send(Ok(()));
SameState(self)
}
Err(error) => {
let _ = result_tx.send(Err(error));
if shared_values.set_excluded_paths(paths) {
if let Err(err) = shared_values.restart_tunnel(false) {
let _ =
result_tx.send(Err(crate::split_tunnel::Error::SetExcludedApps(err)));
self.disconnect(
shared_values,
AfterDisconnect::Block(ErrorStateCause::SplitTunnelError),
)
} else {
let _ = result_tx.send(Ok(()));
self.disconnect(shared_values, AfterDisconnect::Reconnect(0))
}
} else {
let _ = result_tx.send(Ok(()));
SameState(self)
}
}
#[cfg(target_os = "macos")]
Expand Down
15 changes: 4 additions & 11 deletions talpid-core/src/tunnel_state_machine/disconnected_state.rs
Original file line number Diff line number Diff line change
Expand Up @@ -138,13 +138,7 @@ impl TunnelState for DisconnectedState {

match runtime.block_on(commands.next()) {
Some(TunnelCommand::AllowLan(allow_lan, complete_tx)) => {
if shared_values.allow_lan != allow_lan {
// The only platform that can fail is Android, but Android doesn't support the
// "block when disconnected" option, so the following call never fails.
shared_values
.set_allow_lan(allow_lan)
.expect("Failed to set allow LAN parameter");

if shared_values.set_allow_lan(allow_lan) {
Self::set_firewall_policy(shared_values, false);
}
let _ = complete_tx.send(());
Expand All @@ -160,9 +154,7 @@ impl TunnelState for DisconnectedState {
}
Some(TunnelCommand::Dns(servers, complete_tx)) => {
// Same situation as allow LAN above.
shared_values
.set_dns_servers(servers)
.expect("Failed to reconnect after changing custom DNS servers");
shared_values.set_dns_servers(servers);
let _ = complete_tx.send(());
SameState(self)
}
Expand Down Expand Up @@ -218,7 +210,8 @@ impl TunnelState for DisconnectedState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
let _ = result_tx.send(shared_values.exclude_paths(paths).map(|_| ()));
shared_values.set_excluded_paths(paths);
let _ = result_tx.send(Ok(()));
SameState(self)
}
#[cfg(target_os = "macos")]
Expand Down
9 changes: 6 additions & 3 deletions talpid-core/src/tunnel_state_machine/disconnecting_state.rs
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,8 @@ impl DisconnectingState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
let _ = result_tx.send(shared_values.exclude_paths(paths).map(|_| ()));
shared_values.set_excluded_paths(paths);
let _ = result_tx.send(Ok(()));
AfterDisconnect::Nothing
}
#[cfg(target_os = "macos")]
Expand Down Expand Up @@ -139,7 +140,8 @@ impl DisconnectingState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
let _ = result_tx.send(shared_values.exclude_paths(paths).map(|_| ()));
shared_values.set_excluded_paths(paths);
let _ = result_tx.send(Ok(()));
AfterDisconnect::Block(reason)
}
#[cfg(target_os = "macos")]
Expand Down Expand Up @@ -196,7 +198,8 @@ impl DisconnectingState {
}
#[cfg(target_os = "android")]
Some(TunnelCommand::SetExcludedApps(result_tx, paths)) => {
let _ = result_tx.send(shared_values.exclude_paths(paths).map(|_| ()));
shared_values.set_excluded_paths(paths);
let _ = result_tx.send(Ok(()));
AfterDisconnect::Reconnect(retry_attempt)
}
#[cfg(target_os = "macos")]
Expand Down
Loading

0 comments on commit b3d2932

Please sign in to comment.