quincy 2.1.1

QUIC-based VPN - Core library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152

use crate::Result;
use crate::error::DnsError;
use crate::utils::command::run_command;
use dashmap::DashMap;
use std::net::IpAddr;
use std::str::FromStr;
use std::sync::LazyLock;

/// Command name for the macOS `networksetup` utility.
const NETWORK_SETUP_COMMAND: &str = "networksetup";
const DNS_GET_ARG: &str = "-getdnsservers";
const DNS_SET_ARG: &str = "-setdnsservers";
const SERVICES_GET_ARG: &str = "-listallnetworkservices";

static SERVICE_DNS_SERVERS: LazyLock<DashMap<String, Vec<IpAddr>>> = LazyLock::new(DashMap::new);

/// Gets the names of all network services on the endpoint.
///
/// ### Returns
/// A vector of network service names.
fn get_service_names() -> Result<Vec<String>> {
    // networksetup -listallnetworkservices
    let output = run_command(NETWORK_SETUP_COMMAND, [SERVICES_GET_ARG])
        .map_err(|e| DnsError::PlatformError {
            message: format!("failed to execute command: {e}"),
        })?
        .wait_with_output()
        .map_err(|e| DnsError::PlatformError {
            message: format!("failed to wait for command: {e}"),
        })?;

    if !output.status.success() {
        return Err(DnsError::PlatformError {
            message: format!(
                "failed to get network services: {}",
                String::from_utf8_lossy(&output.stdout)
            ),
        }
        .into());
    }

    let output_str = String::from_utf8_lossy(&output.stdout);
    let service_names = output_str
        .lines()
        .skip(1) // the first line is "An asterisk (*) denotes that a network service is disabled."
        .map(|line| line.trim().to_string())
        .collect();

    Ok(service_names)
}

/// Adds a list of DNS servers to all network services on the endpoint.
///
/// ### Arguments
/// - `dns_servers` - the DNS servers to be added
/// - `interface_name` - the name of the interface to add the DNS servers to (unused)
pub fn add_dns_servers(dns_servers: &[IpAddr], _interface_name: &str) -> Result<()> {
    let service_names = get_service_names()?;
    let dns_servers_args = dns_servers
        .iter()
        .map(|ip| ip.to_string())
        .collect::<Vec<_>>();

    for service_name in service_names {
        // networksetup -getdnsservers <service_name>
        let get_args = [DNS_GET_ARG, &service_name];
        let get_output = run_command(NETWORK_SETUP_COMMAND, get_args)
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to execute command: {e}"),
            })?
            .wait_with_output()
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to wait for command: {e}"),
            })?;

        if !get_output.status.success() {
            return Err(DnsError::ConfigurationFailed.into());
        }

        let original_dns_servers = String::from_utf8(get_output.stdout)
            .map_err(|e| DnsError::PlatformError {
                message: format!("Failed to parse DNS servers output: {e}"),
            })?
            .lines()
            .filter_map(|dns_str| IpAddr::from_str(dns_str).ok())
            .collect();

        SERVICE_DNS_SERVERS.insert(service_name.clone(), original_dns_servers);

        // networksetup -setdnsservers <service_name> <dns_servers...>
        let set_args = [DNS_SET_ARG, &service_name].into_iter().chain(
            dns_servers_args
                .iter()
                .map(|addr_string| addr_string.as_str()),
        );

        let set_output = run_command(NETWORK_SETUP_COMMAND, set_args)
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to execute command: {e}"),
            })?
            .wait_with_output()
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to wait for command: {e}"),
            })?;

        if !set_output.status.success() {
            return Err(DnsError::ConfigurationFailed.into());
        }
    }

    Ok(())
}

/// Deletes all DNS servers from all network services on the endpoint.
pub fn delete_dns_servers() -> Result<()> {
    for service_entry in SERVICE_DNS_SERVERS.iter() {
        let service_name = service_entry.key();
        let original_dns_servers = service_entry.value();

        // If the original DNS servers are empty (set by the DHCP, ...), we need to pass "Empty"
        let dns_servers_args = if original_dns_servers.is_empty() {
            vec!["Empty".to_owned()]
        } else {
            original_dns_servers
                .iter()
                .map(|ip| ip.to_string())
                .collect::<Vec<_>>()
        };

        // networksetup -setdnsservers <service_name> <original_dns_servers...>
        let set_args = [DNS_SET_ARG, service_name].into_iter().chain(
            dns_servers_args
                .iter()
                .map(|addr_string| addr_string.as_str()),
        );

        let set_output = run_command(NETWORK_SETUP_COMMAND, set_args)
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to execute command: {e}"),
            })?
            .wait_with_output()
            .map_err(|e| DnsError::PlatformError {
                message: format!("failed to wait for command: {e}"),
            })?;

        if !set_output.status.success() {
            return Err(DnsError::RestoreFailed.into());
        }
    }

    Ok(())
}