iOS: PacketTunnelProvider: Make use of WireGuardAdapter

roop · Dec 29, 2021 · bbe787b · bbe787b
1 parent 5054b32
commit bbe787b
Showing 1 changed file with 57 additions and 11 deletions.
diff --git a/iOS/UsingWireGuardKit/TunnelExtension/PacketTunnelProvider.swift b/iOS/UsingWireGuardKit/TunnelExtension/PacketTunnelProvider.swift
@@ -6,35 +6,81 @@
 //
 
 import NetworkExtension
+import WireGuardKit
+
+enum PacketTunnelProviderError: String, Error {
+    case invalidProtocolConfiguration
+    case cantParseWgQuickConfig
+}
 
 class PacketTunnelProvider: NEPacketTunnelProvider {
 
+    private lazy var adapter: WireGuardAdapter = {
+        return WireGuardAdapter(with: self) { [weak self] _, message in
+            self?.log(message)
+        }
+    }()
+
+    func log(_ message: String) {
+        NSLog("WireGuard Tunnel: %@\n", message)
+    }
+
     override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) {
-        // Add code here to start the process of connecting the tunnel.
+        log("Starting tunnel")
+        guard let protocolConfiguration = self.protocolConfiguration as? NETunnelProviderProtocol,
+              let providerConfiguration = protocolConfiguration.providerConfiguration,
+              let wgQuickConfig = providerConfiguration["wgQuickConfig"] as? String else {
+            log("Invalid provider configuration")
+            completionHandler(PacketTunnelProviderError.invalidProtocolConfiguration)
+            return
+        }
+
+        guard let tunnelConfiguration = try? TunnelConfiguration(fromWgQuickConfig: wgQuickConfig) else {
+            log("wg-quick config not parseable")
+            completionHandler(PacketTunnelProviderError.cantParseWgQuickConfig)
+            return
+        }
 
-        // Tell the OS that the tunnel is ready
-        NSLog("PacketTunnelProvider: Starting tunnel")
-        completionHandler(nil)
+        adapter.start(tunnelConfiguration: tunnelConfiguration) { [weak self] adapterError in
+            guard let self = self else { return }
+            if let adapterError = adapterError {
+                self.log("WireGuard adapter error: \(adapterError.localizedDescription)")
+            } else {
+                let interfaceName = self.adapter.interfaceName ?? "unknown"
+                self.log("Tunnel interface is \(interfaceName)")
+            }
+            completionHandler(adapterError)
+        }
     }
-    
+
     override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) {
-        // Add code here to start the process of stopping the tunnel.
-        NSLog("PacketTunnelProvider: Stopping tunnel")
-        completionHandler()
+        log("Stopping tunnel")
+        adapter.stop { [weak self] error in
+            guard let self = self else { return }
+            if let error = error {
+                self.log("Failed to stop WireGuard adapter: \(error.localizedDescription)")
+            }
+            completionHandler()
+
+            #if os(macOS)
+            // HACK: We have to kill the tunnel process ourselves because of a macOS bug
+            exit(0)
+            #endif
+        }
     }
-    
+
     override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)?) {
         // Add code here to handle the message.
         if let handler = completionHandler {
             handler(messageData)
         }
     }
-    
+
     override func sleep(completionHandler: @escaping () -> Void) {
         // Add code here to get ready to sleep.
         completionHandler()
     }
-    
+
     override func wake() {
         // Add code here to wake up.
     }