- includes are now sorted in consistent, logical order; first step in an attempt to fix the tomfoolery (no relation to Tom) brought in by include-what-you-use
- shuffled around some cmake linking to simplify dependency graph
- superfluous files removed
Adds support for building Lokinet as a system extension, and fixes
various problems in the macos implementation found during development of
the system extension support.
When we enable/disable exit mode on this restarts the unbound DNS
responder with the DNS trampoline (or restores upstream, when disabling)
to properly route DNS requests through the tunnel (because libunbound's
direct requests don't get tunneled because unbound is inside the network
extension).
This runs a DNS listener on localhost:1053 that bounces requests to the
upstream DNS through the tunnel. The idea here is that, when we turn on
exit mode, we start libunbound bouncing the requests through the
trampoline (since if it makes direct requests they won't go through the
tunnel).
(The actual libunbound configuration is still to follow).
- Add a C callback interface (context_wrapper.h) between lokinet and the
objective-C code so that:
- we can use objective-C (rather than objective-C++), which seems more
likely to be supported by Apple into the future;
- we minimize the amount of code that needs to be aware of the Apple
APIs.
- this replaces apple logger objective c++ implementation with a plain
c++ implementation that takes a very simple C callback (provided
from the obj-c code) to actually make the call to NSLog.
- Add various documentation to the code of what is going on.
- Send all DNS traffic to the primary IP on the tun interface. The
match prefixes simply don't work as advertised, and have weird shit
(like even if you get it working for some domains, "instagram.com"
still doesn't because of god-knows-what Apple internal politics).
- Drop the dns proxy code as we don't need it anymore.
- Don't use 9.9.9.9 for default DNS. (We might consider the unfiltered
9.9.9.10 as an alternative default, but if we do it should be a global
lokinet change rather than a Mac-specific change).
- Parse a lokinet.ini in the data directory, if it exists. (Since we
are sandboxed, it is an app-specific "home" directory so is probably
buried god knows where, but at least the GUI ought to be able to get
it to let users add things to it).
- This commit also adds a swift version of the PacketTunnelProvider
glue, which ought to work in theory, but the *tooling* for cmake is so
underdeveloped that I couldn't find any way to actually get the damn
thing working. So I'm committing it here anyway (and will revert it
away in the next commit) in case we someday want to switch to it.
-