PIA-1263 Remove unnecessary SessionConfig.interface field

We only care about the bindIp
mortinger91 · Feb 18, 2024 · 942be44 · 942be44
1 parent 4eea6fd
commit 942be44
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 18 deletions.
diff --git a/ProxyExtension/IO/FlowHandler.swift b/ProxyExtension/IO/FlowHandler.swift
@@ -6,8 +6,7 @@ import NIO
 // * The bindIp - which we use to bind ipv4 sockets to change default routing behaviour
 // * The eventLoopGroup - required to setup the NIO Inbound Handlers
 struct SessionConfig {
- var bindIp: String { interface.ip4()! }
- let interface: NetworkInterfaceProtocol
+ let bindIp: String
  // We need to make this optional so that we can
  // leave it nil in tests - tests do not use an EventLoopGroup
  let eventLoopGroup: MultiThreadedEventLoopGroup!
@@ -36,13 +35,9 @@ final class FlowHandler: FlowHandlerProtocol {
  }
 
  public func handleNewFlow(_ flow: Flow, vpnState: VpnState) -> Bool {
- let sessionConfig = SessionConfig(
- interface: NetworkInterface(interfaceName: vpnState.bindInterface),
- eventLoopGroup: eventLoopGroup)
-
  switch FlowPolicy.policyFor(flow: flow, vpnState: vpnState) {
  case .proxy:
- return startProxySession(flow: flow, sessionConfig: sessionConfig)
+ return startProxySession(flow: flow, vpnState: vpnState)
  case .block:
  log(.info, "blocking a vpnOnly flow from \(flow.sourceAppSigningIdentifier)")
  flow.closeReadAndWrite()
@@ -53,14 +48,19 @@ final class FlowHandler: FlowHandlerProtocol {
  }
  }
 
- private func startProxySession(flow: Flow, sessionConfig: SessionConfig) -> Bool {
- guard sessionConfig.interface.ip4() != nil else {
- log(.error, "Cannot find ipv4 ip for interface: \(sessionConfig.interface.interfaceName)" +
+ private func startProxySession(flow: Flow, vpnState: VpnState) -> Bool {
+ let interface = NetworkInterface(interfaceName: vpnState.bindInterface)
+
+ // Verify we have a valid bindIp - if not, trace it and ignore the flow
+ guard let bindIp = interface.ip4() else {
+ log(.error, "Cannot find ipv4 ip for interface: \(interface.interfaceName)" +
  " - ignoring matched flow: \(flow.sourceAppSigningIdentifier)")
  // TODO: Should block the flow instead - especially for vpnOnly flows?
  return false
  }
 
+ let sessionConfig = SessionConfig(bindIp: bindIp, eventLoopGroup: eventLoopGroup)
+
  flow.openFlow { error in
  guard error == nil else {
  log(.error, "\(flow.sourceAppSigningIdentifier) \"\(error!.localizedDescription)\" in \(String(describing: flow.self)) open()")

diff --git a/ProxyTests/ChannelCreatorTCPTest.swift b/ProxyTests/ChannelCreatorTCPTest.swift
@@ -19,7 +19,7 @@ final class ChannelCreatorTCPTest: QuickSpec {
  // Use an invalid IP. Even though it's well-formed it is
  // invalid because it won't match any
  // Ip assigned to any of the local interfaces
- interface: MockNetworkInterface(ip: "1.1.1.1"),
+ bindIp: "1.1.1.1",
  eventLoopGroup: MultiThreadedEventLoopGroup(numberOfThreads: 1))
 
  let channelCreator = ChannelCreatorTCP(id: 0, flow: mockFlow, config: config)
@@ -45,7 +45,7 @@ final class ChannelCreatorTCPTest: QuickSpec {
  let mockFlow = MockFlowTCP()
  let config = SessionConfig(
  // Garbage ip - not well-formed.
- interface: MockNetworkInterface(ip: "asdfasd"),
+ bindIp: "asdfasd",
  eventLoopGroup: MultiThreadedEventLoopGroup(numberOfThreads: 1))
 
  let channelCreator = ChannelCreatorTCP(id: 0, flow: mockFlow, config: config)

diff --git a/ProxyTests/ChannelCreatorUDPTest.swift b/ProxyTests/ChannelCreatorUDPTest.swift
@@ -13,7 +13,7 @@ final class ChannelCreatorUDPTest: QuickSpec {
  let mockFlow = MockFlowUDP()
  let config = SessionConfig(
  // Use a localhost IP - a bind is guaranteed to succeed
- interface: MockNetworkInterface(ip: "127.0.0.1"),
+ bindIp: "127.0.0.1",
  eventLoopGroup: MultiThreadedEventLoopGroup(numberOfThreads: 1))
 
  let channelCreator = ChannelCreatorUDP(id: 0, flow: mockFlow, config: config)
@@ -39,7 +39,7 @@ final class ChannelCreatorUDPTest: QuickSpec {
  // Use an invalid IP. Even though it's well-formed it is
  // invalid because it won't match any
  // Ip assigned to any of the local interfaces
- interface: MockNetworkInterface(ip: "8.8.8.8"),
+ bindIp: "8.8.8.8",
  eventLoopGroup: MultiThreadedEventLoopGroup(numberOfThreads: 1))
 
  let channelCreator = ChannelCreatorUDP(id: 0, flow: mockFlow, config: config)
@@ -65,7 +65,7 @@ final class ChannelCreatorUDPTest: QuickSpec {
  let mockFlow = MockFlowUDP()
  let config = SessionConfig(
  // Use an invalid IP - garbage, not even an ip
- interface: MockNetworkInterface(ip: "asdfasd"),
+ bindIp: "asdfasd",
  eventLoopGroup: MultiThreadedEventLoopGroup(numberOfThreads: 1))
 
  let channelCreator = ChannelCreatorUDP(id: 0, flow: mockFlow, config: config)

diff --git a/ProxyTests/DefaultProxySessionFactoryTest.swift b/ProxyTests/DefaultProxySessionFactoryTest.swift
@@ -17,7 +17,7 @@ import NIO
 class DefaultProxySessionFactoryTest: QuickSpec {
  override class func spec() {
  let sessionConfig = SessionConfig(
- interface: MockNetworkInterface(),
+ bindIp: "", // Not used
  // We don't need this in tests, and it's not used anyway
  // since we set an explicit channel (using the session.channel setter)
  eventLoopGroup: nil)

diff --git a/ProxyTests/ProxySessionTCPTest.swift b/ProxyTests/ProxySessionTCPTest.swift
@@ -15,7 +15,7 @@ import NIO
 class ProxySessionTCPTest: QuickSpec {
  override class func spec() {
  let sessionConfig = SessionConfig(
- interface: MockNetworkInterface(),
+ bindIp: "", // Not used
  // We don't need this in tests, and it's not used anyway
  // since we set an explicit channel (using the session.channel setter)
  eventLoopGroup: nil)

diff --git a/ProxyTests/ProxySessionUDPTest.swift b/ProxyTests/ProxySessionUDPTest.swift
@@ -17,7 +17,7 @@ import NIO
 class ProxySessionUDPTest: QuickSpec {
  override class func spec() {
  let sessionConfig = SessionConfig(
- interface: MockNetworkInterface(),
+ bindIp: "", // Not used,
  // We don't need this in tests, and it's not used anyway
  // since we set an explicit channel (using the session.channel setter)
  eventLoopGroup: nil)