Merge pull request #8 from keeshux/ipv6-support

IPv6 support
passepartoutvpn · Sep 2, 2018 · 0360a32 · 0360a32
2 parents 97866e6 + 474e633
commit 0360a32
Show file tree

Hide file tree

Showing 5 changed files with 297 additions and 150 deletions.
diff --git a/TunnelKit/Sources/AppExtension/Transport/NETunnelInterface.swift b/TunnelKit/Sources/AppExtension/Transport/NETunnelInterface.swift
@@ -41,13 +41,20 @@ import NetworkExtension
 class NETunnelInterface: TunnelInterface {
     private weak var impl: NEPacketTunnelFlow?
 
+    private let protocolNumber: NSNumber
+
+    init(impl: NEPacketTunnelFlow, isIPv6: Bool) {
+        self.impl = impl
+        protocolNumber = (isIPv6 ? AF_INET6 : AF_INET) as NSNumber
+    }
+
+    // MARK: TunnelInterface
+
     var isPersistent: Bool {
         return false
     }
 
-    init(impl: NEPacketTunnelFlow) {
-        self.impl = impl
-    }
+    // MARK: IOInterface
 
     func setReadHandler(queue: DispatchQueue, _ handler: @escaping ([Data]?, Error?) -> Void) {
         loopReadPackets(queue, handler)
@@ -65,12 +72,12 @@ class NETunnelInterface: TunnelInterface {
     }
 
     func writePacket(_ packet: Data, completionHandler: ((Error?) -> Void)?) {
-        impl?.writePackets([packet], withProtocols: [AF_INET] as [NSNumber])
+        impl?.writePackets([packet], withProtocols: [protocolNumber])
         completionHandler?(nil)
     }
 
     func writePackets(_ packets: [Data], completionHandler: ((Error?) -> Void)?) {
-        let protocols = [Int32](repeating: AF_INET, count: packets.count) as [NSNumber]
+        let protocols = [NSNumber](repeating: protocolNumber, count: packets.count)
         impl?.writePackets(packets, withProtocols: protocols)
         completionHandler?(nil)
     }

diff --git a/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift b/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift
@@ -458,8 +458,8 @@ extension TunnelKitProvider: SessionProxyDelegate {
 
         log.info("Returned ifconfig parameters:")
         log.info("\tRemote: \(remoteAddress)")
-        log.info("\tLocal: \(reply.address)/\(reply.addressMask)")
-        log.info("\tGateway: \(reply.defaultGateway)")
+        log.info("\tIPv4: \(reply.ipv4?.description ?? "not configured")")
+        log.info("\tIPv6: \(reply.ipv6?.description ?? "not configured")")
         log.info("\tDNS: \(reply.dnsServers)")
 
         bringNetworkUp(remoteAddress: remoteAddress, reply: reply) { (error) in
@@ -472,7 +472,7 @@ extension TunnelKitProvider: SessionProxyDelegate {
 
             log.info("Tunnel interface is now UP")
 
-            proxy.setTunnel(tunnel: NETunnelInterface(impl: self.packetFlow))
+            proxy.setTunnel(tunnel: NETunnelInterface(impl: self.packetFlow, isIPv6: reply.ipv6 != nil))
 
             self.pendingStartHandler?(nil)
             self.pendingStartHandler = nil
@@ -492,24 +492,48 @@ extension TunnelKitProvider: SessionProxyDelegate {
     private func bringNetworkUp(remoteAddress: String, reply: SessionReply, completionHandler: @escaping (Error?) -> Void) {
 
         // route all traffic to VPN
-        let defaultRoute = NEIPv4Route.default()
-        defaultRoute.gatewayAddress = reply.defaultGateway
-
-        var routes: [NEIPv4Route] = [defaultRoute]
-        for r in reply.routes {
-            let ipv4Route = NEIPv4Route(destinationAddress: r.destination, subnetMask: r.mask)
-            ipv4Route.gatewayAddress = r.gateway ?? reply.defaultGateway
-            routes.append(ipv4Route)
+        var ipv4Settings: NEIPv4Settings?
+        if let ipv4 = reply.ipv4 {
+            let defaultRoute = NEIPv4Route.default()
+            defaultRoute.gatewayAddress = ipv4.defaultGateway
+
+            var routes: [NEIPv4Route] = [defaultRoute]
+            for r in ipv4.routes {
+                let ipv4Route = NEIPv4Route(destinationAddress: r.destination, subnetMask: r.mask)
+                ipv4Route.gatewayAddress = r.gateway ?? ipv4.defaultGateway
+                routes.append(ipv4Route)
+            }
+
+            ipv4Settings = NEIPv4Settings(addresses: [ipv4.address], subnetMasks: [ipv4.addressMask])
+            ipv4Settings?.includedRoutes = routes
+            ipv4Settings?.excludedRoutes = []
+        }
+
+        var ipv6Settings: NEIPv6Settings?
+        if let ipv6 = reply.ipv6 {
+            let defaultRoute = NEIPv6Route.default()
+            defaultRoute.gatewayAddress = ipv6.defaultGateway
+
+            var routes: [NEIPv6Route] = [defaultRoute]
+            for r in ipv6.routes {
+                let ipv6Route = NEIPv6Route(destinationAddress: r.destination, networkPrefixLength: r.prefixLength as NSNumber)
+                ipv6Route.gatewayAddress = r.gateway ?? ipv6.defaultGateway
+                routes.append(ipv6Route)
+            }
+
+            ipv6Settings = NEIPv6Settings(addresses: [ipv6.address], networkPrefixLengths: [ipv6.addressPrefixLength as NSNumber])
+            ipv6Settings?.includedRoutes = [defaultRoute]
+            ipv6Settings?.excludedRoutes = []
         }
-
-        let ipv4Settings = NEIPv4Settings(addresses: [reply.address], subnetMasks: [reply.addressMask])
-        ipv4Settings.includedRoutes = routes
-        ipv4Settings.excludedRoutes = []
 
         let dnsSettings = NEDNSSettings(servers: reply.dnsServers)
 
         let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: remoteAddress)
-        newSettings.ipv4Settings = ipv4Settings
+        if let _ = ipv6Settings {
+            newSettings.ipv6Settings = ipv6Settings
+        } else {
+            newSettings.ipv4Settings = ipv4Settings
+        }
         newSettings.dnsSettings = dnsSettings
 
         setTunnelNetworkSettings(newSettings, completionHandler: completionHandler)

diff --git a/TunnelKit/Sources/Core/DataPath.m b/TunnelKit/Sources/Core/DataPath.m
@@ -59,7 +59,6 @@ @interface DataPath ()
 
 // inbound -> TUN
 @property (nonatomic, strong) NSMutableArray *inPackets;
-@property (nonatomic, strong) NSArray *inProtocols;
 @property (nonatomic, unsafe_unretained) uint8_t *decBuffer;
 @property (nonatomic, assign) int decBufferCapacity;
 @property (nonatomic, strong) ReplayProtector *inReplay;
@@ -98,11 +97,6 @@ - (instancetype)initWithEncrypter:(id<DataPathEncrypter>)encrypter decrypter:(id
         self.encBuffer = allocate_safely(self.encBufferCapacity);
 
         self.inPackets = [[NSMutableArray alloc] initWithCapacity:maxPackets];
-        NSMutableArray *protocols = [[NSMutableArray alloc] initWithCapacity:maxPackets];
-        for (NSUInteger i = 0; i < maxPackets; ++i) {
-            [protocols addObject:@(AF_INET)];
-        }
-        self.inProtocols = protocols;
         self.decBufferCapacity = 65000;
         self.decBuffer = allocate_safely(self.decBufferCapacity);
         if (usesReplayProtection) {