z2574 - fix OSX vpn DNS setup

CHANGELOG.md

@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v0.12.15] - 2022-11-01
+
+### Fixed
+- fix OSX vpn DNS setup
+
 ## [v0.12.14] - 2022-10-12
 
 ### Fixed

src/daemonServer/handler.go

@@ -7,6 +7,7 @@ import (
 	"net"
 	"net/url"
 	"os"
+	"path/filepath"
 	"time"
 
 	"github.com/zeropsio/zcli/src/proto/daemon"
@@ -83,6 +84,16 @@ func (h *Handler) Run(ctx context.Context) error {
 }
 
 func removeUnusedServerSocket(address *url.URL) error {
+
+	socketDir := filepath.Dir(address.Path)
+	if err := os.MkdirAll(socketDir, 0755); err != nil {
+		return fmt.Errorf("unable to create socket directory (%s)", socketDir)
+	}
+
+	if err := os.Chmod(socketDir, 0755); err != nil {
+		return fmt.Errorf("unable to change socket directory (%s) permissions", socketDir)
+	}
+
 	if _, errFound := os.Stat(address.Path); errFound != nil {
 		return nil
 	}

src/daemonStorage/handler.go

@@ -39,6 +39,7 @@ type Data struct {
 	Mtu           uint32
 	DnsManagement LocalDnsManagement
 	DhcpEnabled   bool
+	IPv6Enabled   bool
 
 	Expiry time.Time
 }

src/dns/handler_isAlive.go

@@ -16,7 +16,7 @@ func IsAlive() (bool, error) {
 	if !nettools.HasIPv6PingCommand() {
 		return false, errors.New(i18n.VpnStatusDnsNoCheckFunction)
 	}
-	err := nettools.Ping(ctx, "core-master")
+	err := nettools.Ping(ctx, "node1.master.core.zerops")
 	if err != nil {
 		return false, nil
 	}

src/dns/setDnsNetworksetup.go

@@ -4,6 +4,7 @@ import (
 	"bufio"
 	"bytes"
 	"errors"
+	"fmt"
 	"net"
 	"os/exec"
 	"regexp"
@@ -15,17 +16,18 @@ import (
 	"github.com/zeropsio/zcli/src/dnsServer"
 )
 
-var serviceOrderNameRegExp = regexp.MustCompile("^\\(([0-9]+)\\) (.*)$")
+var serviceOrderNameRegExp = regexp.MustCompile("^\\(([0-9*]+)\\) (.*)$")
 var serviceOrderPortRegExp = regexp.MustCompile("^\\(Hardware Port: ([^,]+), Device: ([^)]+)\\)$")
 
 type service struct {
-	Name          string
-	InterfaceName string
-	Active        bool
+	Index           int
+	Name            string
+	InterfaceName   string
+	InterfaceActive bool
+	Disabled        bool
 }
 
 func getServiceOrder() (result []service, _ error) {
-	resultMap := make(map[string]int)
 	output, err := exec.Command("networksetup", "-listnetworkserviceorder").Output()
 	if err != nil {
 		return nil, err
@@ -34,42 +36,37 @@ func getServiceOrder() (result []service, _ error) {
 	for dnsScan.Scan() {
 		line := dnsScan.Text()
 		if match := serviceOrderNameRegExp.FindStringSubmatch(line); len(match) > 0 {
-			index, err := strconv.Atoi(match[1])
-			if err != nil {
-				continue
+			index := 99
+			disabled := true
+			if match[1] != "*" {
+				index, err = strconv.Atoi(match[1])
+				if err != nil {
+					continue
+				}
+				disabled = false
 			}
-			resultMap[match[2]] = index
-			result = append(result, service{
-				Name: match[2],
-			})
-		}
-		if match := serviceOrderPortRegExp.FindStringSubmatch(line); len(match) > 0 {
-			for index, ser := range result {
-				if ser.Name == match[1] {
-					result[index].InterfaceName = match[2]
+			ser := service{
+				Index:    index,
+				Name:     match[2],
+				Disabled: disabled,
+			}
+			if dnsScan.Scan() {
+				line := dnsScan.Text()
+				if match := serviceOrderPortRegExp.FindStringSubmatch(line); len(match) > 0 {
+					ser.InterfaceName = match[2]
 					in, err := net.InterfaceByName(match[2])
 					if err != nil {
 						continue
 					}
-					if !strings.HasPrefix(in.Name, "en") {
-						continue
-					}
-					result[index].Active = (in.Flags & net.FlagUp) > 0
+					ser.InterfaceActive = (in.Flags & net.FlagUp) > 0
+					result = append(result, ser)
 				}
 			}
 		}
 	}
 
 	sort.Slice(result, func(i, j int) bool {
-		iIndex, exists := resultMap[result[i].Name]
-		if !exists {
-			return false
-		}
-		jIndex, exists := resultMap[result[j].Name]
-		if !exists {
-			return false
-		}
-		return iIndex < jIndex
+		return result[i].Index > result[j].Index
 	})
 	return result, nil
 }
@@ -89,16 +86,64 @@ func setDnsByNetworksetup(data daemonStorage.Data, dns *dnsServer.Handler, addZe
 
 	var ser service
 	for _, s := range serviceOrder {
-		if s.Active {
+		if s.InterfaceActive {
 			ser = s
-			break
 		}
 	}
 
-	if !ser.Active {
+	if !ser.InterfaceActive {
 		return nil, errors.New("unable to find active network service")
 	}
 
+	var ipv6Enabled bool
+	if addZerops {
+		infoOutput, err := exec.Command("networksetup", "-getinfo", ser.Name).Output()
+		if err != nil {
+			return nil, err
+		}
+		{
+			infoScan := bufio.NewScanner(bytes.NewReader(infoOutput))
+			for infoScan.Scan() {
+				infoText := infoScan.Text()
+
+				if strings.HasPrefix(infoText, "IPv6:") {
+					if strings.TrimSpace(strings.TrimPrefix(infoText, "IPv6:")) != "Off" {
+						ipv6Enabled = true
+					}
+				}
+			}
+			dataUpdate = func(data daemonStorage.Data) daemonStorage.Data {
+				data.IPv6Enabled = ipv6Enabled
+				return data
+			}
+		}
+	} else {
+		ipv6Enabled = data.IPv6Enabled
+	}
+	if !ipv6Enabled {
+		if addZerops {
+			size, _ := data.VpnNetwork.Mask.Size()
+			args := []string{
+				"-setv6manual",
+				ser.Name,
+				data.ClientIp.String(),
+				strconv.Itoa(size),
+				data.ServerIp.String(),
+			}
+			if output, err := exec.Command("networksetup", args...).CombinedOutput(); err != nil {
+				return nil, fmt.Errorf("unable to set ipv6 routing %v: %s\n\n %s", args, err.Error(), string(output))
+			}
+		} else {
+			args := []string{
+				"-setv6off",
+				ser.Name,
+			}
+			if output, err := exec.Command("networksetup", args...).CombinedOutput(); err != nil {
+				return nil, fmt.Errorf("unable to unset ipv6 routing %v: %s\n\n %s", args, err.Error(), string(output))
+			}
+
+		}
+	}
 	{
 		dnsOutput, err := exec.Command("networksetup", "-getdnsservers", ser.Name).Output()
 		if err != nil {
@@ -169,9 +214,8 @@ func setDnsByNetworksetup(data daemonStorage.Data, dns *dnsServer.Handler, addZe
 
 				}
 			}
-			_, err := exec.Command("networksetup", args...).Output()
-			if err != nil {
-				return nil, err
+			if output, err := exec.Command("networksetup", args...).CombinedOutput(); err != nil {
+				return nil, fmt.Errorf("unable to set dnsservers %v: %s\n\n %s", args, err.Error(), string(output))
 			}
 		}
 	}
@@ -213,14 +257,13 @@ func setDnsByNetworksetup(data daemonStorage.Data, dns *dnsServer.Handler, addZe
 				args = append(args, searchDomains...)
 			} else {
 				if data.DhcpEnabled || len(searchDomains) == 0 {
-					args = append(args, "empty")
+					args = append(args, "Empty")
 				} else {
 					args = append(args, searchDomains...)
 				}
 			}
-			_, err := exec.Command("networksetup", args...).Output()
-			if err != nil {
-				return dataUpdate, err
+			if output, err := exec.Command("networksetup", args...).CombinedOutput(); err != nil {
+				return dataUpdate, fmt.Errorf("unable to set searchdomain %v: %s\n\n %s", args, err.Error(), string(output))
 			}
 		}
 	}

src/dnsServer/handler_darwin.go

@@ -159,9 +159,12 @@ func (h *Handler) serveForward(ctx context.Context, m *dns.Msg) (*dns.Msg, error
 }
 
 func (h *Handler) serveVpnForward(ctx context.Context, m *dns.Msg) (*dns.Msg, error) {
+	if h.vpnForwardAddress == nil {
+		return nil, errors.New("vpn not started")
+	}
 	in, _, err := h.dnsClient.ExchangeContext(ctx, m, h.vpnForwardAddress.String())
 	if err != nil {
-		h.logger.Error("vpn forward", err, "|", h.vpnForwardAddress.String())
+		h.logger.Error("vpn forward ", err, "|", h.vpnForwardAddress.String())
 		return nil, err
 	}
 	return in, err