Mac DNS : tweak redirect DNS logic to follow iOS.

We redirect DNS if either of the following is true: 1. redirect-gateway (IPv4) is pushed, or 2. DNS servers are pushed but no search domains are pushed.
2024-09-20 20:13:05 +02:00 · 2016-04-02 00:59:15 -06:00 · 2016-04-02 00:59:15 -06:00 · 3e6081e1f2
commit 3e6081e1f2
parent 86d7729794
1 changed files with 12 additions and 48 deletions
--- a/openvpn/tun/mac/macdns.hpp
+++ b/openvpn/tun/mac/macdns.hpp
@ -53,63 +53,31 @@ namespace openvpn {
      typedef RCPtr<Config> Ptr;

      Config()
-	: redirect_gateway(false),
-	  reroute_dns_partial(false),
-	  search_order(0)
      {
      }

      Config(const TunBuilderCapture& settings)
-	: redirect_gateway(settings.reroute_gw.ipv4),
-	  reroute_dns_partial(false),
-	  search_order(0),
-	  dns_servers(get_dns_servers(settings)),
+	: dns_servers(get_dns_servers(settings)),
 	  search_domains(get_search_domains(settings))
      {
-      }
-
-      static Config::Ptr block(const Config* orig)
-      {
-	Config::Ptr ret;
-	if (orig && orig->redirect_gateway_setting())
-	  {
-	    ret.reset(new Config);
-
-	    ret->redirect_gateway = orig->redirect_gateway;
-	    ret->reroute_dns_partial = orig->reroute_dns_partial;
-	    ret->search_order = orig->search_order;
-
-	    {
-	      CF::MutableArray a(CF::mutable_array());
-	      CF::array_append_str(a, "127.0.0.1");
-	      ret->dns_servers = CF::const_array(a);
-	    }
-	  }
-	return ret;
-      }
-
-      bool redirect_gateway_setting() const
-      {
-	bool rg = redirect_gateway;
-	if (reroute_dns_partial && rg && search_domains.defined())
-	  rg = false;
-	return rg;
+	// We redirect DNS if either of the following is true:
+	// 1. redirect-gateway (IPv4) is pushed, or
+	// 2. DNS servers are pushed but no search domains are pushed
+	redirect_dns = settings.reroute_gw.ipv4 || (CF::array_len(dns_servers) && !CF::array_len(search_domains));
      }

      std::string to_string() const
      {
 	std::ostringstream os;
-	os << "RG=" << redirect_gateway;
-	os << " RDP=" << reroute_dns_partial;
+	os << "RD=" << redirect_dns;
 	os << " SO=" << search_order;
 	os << " DNS=" << CF::array_to_string(dns_servers);
 	os << " DOM=" << CF::array_to_string(search_domains);
 	return os.str();
      }

-      bool redirect_gateway;
-      bool reroute_dns_partial;
-      int search_order;
+      bool redirect_dns = false;
+      int search_order = 5000;
      CF::Array dns_servers;
      CF::Array search_domains;

@ -182,20 +150,15 @@ namespace openvpn {
      bool mod = false;

      try {
-	const bool redirect_gateway = config.redirect_gateway_setting();
-
-	int search_order = config.search_order;
-	if (!search_order)
-	  search_order = 5000;
-
 	CF::DynamicStore sc = ds_create();
 	Info::Ptr info(new Info(sc, sname));

 	// cleanup settings applied to previous interface
 	interface_change_cleanup(info.get());

-	if (redirect_gateway)
+	if (config.redirect_dns)
 	  {
+	    // redirect all DNS
 	    info->dns.will_modify();

 	    // set DNS servers
@ -212,13 +175,14 @@ namespace openvpn {

 	    // set search order
 	    info->dns.backup_orig("SearchOrder");
-	    CF::dict_set_int(info->dns.mod, "SearchOrder", search_order);
+	    CF::dict_set_int(info->dns.mod, "SearchOrder", config.search_order);

 	    // push it
 	    mod |= info->dns.push_to_store();
 	  }
 	else
 	  {
+	    // redirect specific domains
 	    info->ovpn.mod_reset();
 	    if (CF::array_len(config.dns_servers) && CF::array_len(config.search_domains))
 	      {