mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 20:13:05 +02:00
Mac DNS : tweak redirect DNS logic to follow iOS.
We redirect DNS if either of the following is true: 1. redirect-gateway (IPv4) is pushed, or 2. DNS servers are pushed but no search domains are pushed.
This commit is contained in:
parent
86d7729794
commit
3e6081e1f2
@ -53,63 +53,31 @@ namespace openvpn {
|
||||
typedef RCPtr<Config> Ptr;
|
||||
|
||||
Config()
|
||||
: redirect_gateway(false),
|
||||
reroute_dns_partial(false),
|
||||
search_order(0)
|
||||
{
|
||||
}
|
||||
|
||||
Config(const TunBuilderCapture& settings)
|
||||
: redirect_gateway(settings.reroute_gw.ipv4),
|
||||
reroute_dns_partial(false),
|
||||
search_order(0),
|
||||
dns_servers(get_dns_servers(settings)),
|
||||
: dns_servers(get_dns_servers(settings)),
|
||||
search_domains(get_search_domains(settings))
|
||||
{
|
||||
}
|
||||
|
||||
static Config::Ptr block(const Config* orig)
|
||||
{
|
||||
Config::Ptr ret;
|
||||
if (orig && orig->redirect_gateway_setting())
|
||||
{
|
||||
ret.reset(new Config);
|
||||
|
||||
ret->redirect_gateway = orig->redirect_gateway;
|
||||
ret->reroute_dns_partial = orig->reroute_dns_partial;
|
||||
ret->search_order = orig->search_order;
|
||||
|
||||
{
|
||||
CF::MutableArray a(CF::mutable_array());
|
||||
CF::array_append_str(a, "127.0.0.1");
|
||||
ret->dns_servers = CF::const_array(a);
|
||||
}
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
bool redirect_gateway_setting() const
|
||||
{
|
||||
bool rg = redirect_gateway;
|
||||
if (reroute_dns_partial && rg && search_domains.defined())
|
||||
rg = false;
|
||||
return rg;
|
||||
// We redirect DNS if either of the following is true:
|
||||
// 1. redirect-gateway (IPv4) is pushed, or
|
||||
// 2. DNS servers are pushed but no search domains are pushed
|
||||
redirect_dns = settings.reroute_gw.ipv4 || (CF::array_len(dns_servers) && !CF::array_len(search_domains));
|
||||
}
|
||||
|
||||
std::string to_string() const
|
||||
{
|
||||
std::ostringstream os;
|
||||
os << "RG=" << redirect_gateway;
|
||||
os << " RDP=" << reroute_dns_partial;
|
||||
os << "RD=" << redirect_dns;
|
||||
os << " SO=" << search_order;
|
||||
os << " DNS=" << CF::array_to_string(dns_servers);
|
||||
os << " DOM=" << CF::array_to_string(search_domains);
|
||||
return os.str();
|
||||
}
|
||||
|
||||
bool redirect_gateway;
|
||||
bool reroute_dns_partial;
|
||||
int search_order;
|
||||
bool redirect_dns = false;
|
||||
int search_order = 5000;
|
||||
CF::Array dns_servers;
|
||||
CF::Array search_domains;
|
||||
|
||||
@ -182,20 +150,15 @@ namespace openvpn {
|
||||
bool mod = false;
|
||||
|
||||
try {
|
||||
const bool redirect_gateway = config.redirect_gateway_setting();
|
||||
|
||||
int search_order = config.search_order;
|
||||
if (!search_order)
|
||||
search_order = 5000;
|
||||
|
||||
CF::DynamicStore sc = ds_create();
|
||||
Info::Ptr info(new Info(sc, sname));
|
||||
|
||||
// cleanup settings applied to previous interface
|
||||
interface_change_cleanup(info.get());
|
||||
|
||||
if (redirect_gateway)
|
||||
if (config.redirect_dns)
|
||||
{
|
||||
// redirect all DNS
|
||||
info->dns.will_modify();
|
||||
|
||||
// set DNS servers
|
||||
@ -212,13 +175,14 @@ namespace openvpn {
|
||||
|
||||
// set search order
|
||||
info->dns.backup_orig("SearchOrder");
|
||||
CF::dict_set_int(info->dns.mod, "SearchOrder", search_order);
|
||||
CF::dict_set_int(info->dns.mod, "SearchOrder", config.search_order);
|
||||
|
||||
// push it
|
||||
mod |= info->dns.push_to_store();
|
||||
}
|
||||
else
|
||||
{
|
||||
// redirect specific domains
|
||||
info->ovpn.mod_reset();
|
||||
if (CF::array_len(config.dns_servers) && CF::array_len(config.search_domains))
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user