From 41bdc1f0f939ddabc16fe2545af1327f625ca476 Mon Sep 17 00:00:00 2001 From: Jamil Date: Tue, 16 Jan 2024 23:01:50 -0800 Subject: [PATCH] fix(apple): Reset cached system resolvers while tunnel is reasserting (#3274) Fixes an issue where the DNS resolvers returned could be Connlib's if the network connectivity changed while Firezone was connected. --- .../apple/FirezoneNetworkExtension/Adapter.swift | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/swift/apple/FirezoneNetworkExtension/Adapter.swift b/swift/apple/FirezoneNetworkExtension/Adapter.swift index c8e277e67..3c7b4b1ae 100644 --- a/swift/apple/FirezoneNetworkExtension/Adapter.swift +++ b/swift/apple/FirezoneNetworkExtension/Adapter.swift @@ -294,8 +294,14 @@ extension Adapter { self.networkSettings?.apply( on: self.packetTunnelProvider, logger: self.logger, - completionHandler: nil - ) + completionHandler: { _ in + // We can only get the system's default resolvers before connlib starts, and then they'll + // be overwritten by the ones from connlib. So cache them here for getSystemDefaultResolvers + // to retrieve them later. + self.callbackHandler.setSystemDefaultResolvers( + resolvers: Resolv().getservers().map(Resolv.getnameinfo) + ) + }) } private func beginPathMonitoring() { @@ -339,12 +345,6 @@ extension Adapter { self.logger.log("Adapter.didReceivePathUpdate: Back online. Starting connlib.") do { - // We can only get the system's default resolvers before connlib starts, and then they'll - // be overwritten by the ones from connlib. So cache them here for getSystemDefaultResolvers - // to retrieve them later. - self.callbackHandler.setSystemDefaultResolvers( - resolvers: Resolv().getservers().map(Resolv.getnameinfo) - ) self.state = .startingTunnel( session: try WrappedSession.connect( controlPlaneURLString,