diff --git a/rust/connlib/clients/apple/src/lib.rs b/rust/connlib/clients/apple/src/lib.rs index 0b9e8f86a..76918430b 100644 --- a/rust/connlib/clients/apple/src/lib.rs +++ b/rust/connlib/clients/apple/src/lib.rs @@ -88,6 +88,7 @@ mod ffi { &self, tunnelAddressIPv4: String, tunnelAddressIPv6: String, + searchDomain: Option, dnsAddresses: String, routeListv4: String, routeListv6: String, @@ -128,7 +129,7 @@ impl Callbacks for CallbackHandler { tunnel_address_v4: Ipv4Addr, tunnel_address_v6: Ipv6Addr, dns_addresses: Vec, - _search_domain: Option, + search_domain: Option, route_list_v4: Vec, route_list_v6: Vec, ) { @@ -141,6 +142,7 @@ impl Callbacks for CallbackHandler { self.inner.on_set_interface_config( tunnel_address_v4.to_string(), tunnel_address_v6.to_string(), + search_domain.map(|s| s.to_string()), dns_addresses, route_list_4, route_list_6, diff --git a/swift/apple/FirezoneNetworkExtension/Adapter.swift b/swift/apple/FirezoneNetworkExtension/Adapter.swift index 1d34f638e..1320fd8ea 100644 --- a/swift/apple/FirezoneNetworkExtension/Adapter.swift +++ b/swift/apple/FirezoneNetworkExtension/Adapter.swift @@ -363,6 +363,7 @@ extension Adapter: CallbackHandlerDelegate { public func onSetInterfaceConfig( tunnelAddressIPv4: String, tunnelAddressIPv6: String, + searchDomain: String?, dnsAddresses: [String], routeListv4: String, routeListv6: String @@ -393,6 +394,7 @@ extension Adapter: CallbackHandlerDelegate { networkSettings.dnsAddresses = dnsAddresses networkSettings.routes4 = routes4 networkSettings.routes6 = routes6 + networkSettings.setSearchDomain(domain: searchDomain) networkSettings.apply() } @@ -474,7 +476,7 @@ extension Adapter { let semaphore = DispatchSemaphore(value: 0) // Set tunnel's matchDomains to a dummy string that will never match any name - networkSettings.matchDomains = ["firezone-fd0020211111"] + networkSettings.setDummyMatchDomain() // Call apply to populate /etc/resolv.conf with the system's default resolvers networkSettings.apply { @@ -484,7 +486,7 @@ extension Adapter { resolvers = BindResolvers().getservers().map(BindResolvers.getnameinfo) // Restore connlib's DNS resolvers - networkSettings.matchDomains = [""] + networkSettings.clearDummyMatchDomain() networkSettings.apply { semaphore.signal() } } diff --git a/swift/apple/FirezoneNetworkExtension/CallbackHandler.swift b/swift/apple/FirezoneNetworkExtension/CallbackHandler.swift index 5ba9f458e..431720583 100644 --- a/swift/apple/FirezoneNetworkExtension/CallbackHandler.swift +++ b/swift/apple/FirezoneNetworkExtension/CallbackHandler.swift @@ -20,6 +20,7 @@ public protocol CallbackHandlerDelegate: AnyObject { func onSetInterfaceConfig( tunnelAddressIPv4: String, tunnelAddressIPv6: String, + searchDomain: String?, dnsAddresses: [String], routeListv4: String, routeListv6: String @@ -34,6 +35,7 @@ public class CallbackHandler { func onSetInterfaceConfig( tunnelAddressIPv4: RustString, tunnelAddressIPv6: RustString, + searchDomain: RustString?, dnsAddresses: RustString, routeListv4: RustString, routeListv6: RustString @@ -43,6 +45,7 @@ public class CallbackHandler { CallbackHandler.onSetInterfaceConfig: IPv4: \(tunnelAddressIPv4.toString()) IPv6: \(tunnelAddressIPv6.toString()) + SearchDomain: \(String(describing: (searchDomain?.toString()))) DNS: \(dnsAddresses.toString()) IPv4 routes: \(routeListv4.toString()) IPv6 routes: \(routeListv6.toString()) @@ -57,6 +60,7 @@ public class CallbackHandler { delegate?.onSetInterfaceConfig( tunnelAddressIPv4: tunnelAddressIPv4.toString(), tunnelAddressIPv6: tunnelAddressIPv6.toString(), + searchDomain: searchDomain?.toString(), dnsAddresses: dnsArray, routeListv4: routeListv4.toString(), routeListv6: routeListv6.toString() diff --git a/swift/apple/FirezoneNetworkExtension/Connlib/Generated/connlib-client-apple/connlib-client-apple.swift b/swift/apple/FirezoneNetworkExtension/Connlib/Generated/connlib-client-apple/connlib-client-apple.swift index 39bb89c88..797a13206 100644 --- a/swift/apple/FirezoneNetworkExtension/Connlib/Generated/connlib-client-apple/connlib-client-apple.swift +++ b/swift/apple/FirezoneNetworkExtension/Connlib/Generated/connlib-client-apple/connlib-client-apple.swift @@ -1,6 +1,6 @@ @_cdecl("__swift_bridge__$CallbackHandler$on_set_interface_config") -func __swift_bridge__CallbackHandler_on_set_interface_config (_ this: UnsafeMutableRawPointer, _ tunnelAddressIPv4: UnsafeMutableRawPointer, _ tunnelAddressIPv6: UnsafeMutableRawPointer, _ dnsAddresses: UnsafeMutableRawPointer, _ routeListv4: UnsafeMutableRawPointer, _ routeListv6: UnsafeMutableRawPointer) { - Unmanaged.fromOpaque(this).takeUnretainedValue().onSetInterfaceConfig(tunnelAddressIPv4: RustString(ptr: tunnelAddressIPv4), tunnelAddressIPv6: RustString(ptr: tunnelAddressIPv6), dnsAddresses: RustString(ptr: dnsAddresses), routeListv4: RustString(ptr: routeListv4), routeListv6: RustString(ptr: routeListv6)) +func __swift_bridge__CallbackHandler_on_set_interface_config (_ this: UnsafeMutableRawPointer, _ tunnelAddressIPv4: UnsafeMutableRawPointer, _ tunnelAddressIPv6: UnsafeMutableRawPointer, _ searchDomain: UnsafeMutableRawPointer?, _ dnsAddresses: UnsafeMutableRawPointer, _ routeListv4: UnsafeMutableRawPointer, _ routeListv6: UnsafeMutableRawPointer) { + Unmanaged.fromOpaque(this).takeUnretainedValue().onSetInterfaceConfig(tunnelAddressIPv4: RustString(ptr: tunnelAddressIPv4), tunnelAddressIPv6: RustString(ptr: tunnelAddressIPv6), searchDomain: { let val = searchDomain; if val != nil { return RustString(ptr: val!) } else { return nil } }(), dnsAddresses: RustString(ptr: dnsAddresses), routeListv4: RustString(ptr: routeListv4), routeListv6: RustString(ptr: routeListv6)) } @_cdecl("__swift_bridge__$CallbackHandler$on_update_resources") diff --git a/swift/apple/FirezoneNetworkExtension/NetworkSettings.swift b/swift/apple/FirezoneNetworkExtension/NetworkSettings.swift index 51e5e0b4d..00174ee8c 100644 --- a/swift/apple/FirezoneNetworkExtension/NetworkSettings.swift +++ b/swift/apple/FirezoneNetworkExtension/NetworkSettings.swift @@ -23,12 +23,36 @@ class NetworkSettings { public var dnsAddresses: [String] = [] public var routes4: [NEIPv4Route] = [] public var routes6: [NEIPv6Route] = [] - public var matchDomains: [String] = [""] + + // Private to ensure we append the search domain if we set it. + private var matchDomains: [String] = [""] + private var searchDomains: [String] = [""] init(packetTunnelProvider: PacketTunnelProvider?) { self.packetTunnelProvider = packetTunnelProvider } + func setSearchDomain(domain: String?) { + guard let domain = domain else { + self.matchDomains = [""] + self.searchDomains = [""] + return; + } + + self.matchDomains = ["", domain] + self.searchDomains = [domain] + } + + func setDummyMatchDomain() { + self.matchDomains = ["firezone-fd0020211111"] + } + + func clearDummyMatchDomain() { + self.matchDomains = [""] + + self.matchDomains.append(contentsOf: self.searchDomains) + } + func apply(completionHandler: (() -> Void)? = nil) { // We don't really know the connlib gateway IP address at this point, but just using 127.0.0.1 is okay // because the OS doesn't really need this IP address. @@ -46,7 +70,8 @@ class NetworkSettings { ipv4Settings.includedRoutes = routes4 ipv6Settings.includedRoutes = routes6 dnsSettings.matchDomains = matchDomains - dnsSettings.matchDomainsNoSearch = true + dnsSettings.searchDomains = searchDomains + dnsSettings.matchDomainsNoSearch = false tunnelNetworkSettings.ipv4Settings = ipv4Settings tunnelNetworkSettings.ipv6Settings = ipv6Settings tunnelNetworkSettings.dnsSettings = dnsSettings