stuff: expose route manager to daemon

hulthe · hulthe · commit 5e22b9c38ffc · 2024-12-16T17:26:51.000+01:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/mullvad-daemon/Cargo.toml b/mullvad-daemon/Cargo.toml
@@ -42,6 +42,7 @@ talpid-future = { path = "../talpid-future" }
 talpid-platform-metadata = { path = "../talpid-platform-metadata" }
 talpid-time = { path = "../talpid-time" }
 talpid-types = { path = "../talpid-types" }
+talpid-routing = { path = "../talpid-routing" }
 
 leak-checker = { path = "../leak-checker" }
 
diff --git a/mullvad-daemon/src/leak_checker/mod.rs b/mullvad-daemon/src/leak_checker/mod.rs
@@ -2,8 +2,10 @@ use anyhow::anyhow;
 use futures::{select, FutureExt};
 use leak_checker::traceroute::TracerouteOpt;
 pub use leak_checker::LeakInfo;
+use mullvad_types::TUNNEL_FWMARK;
 use std::net::IpAddr;
 use std::time::Duration;
+use talpid_routing::RouteManagerHandle;
 use talpid_types::tunnel::TunnelStateTransition;
 use tokio::sync::mpsc;
 
@@ -15,6 +17,7 @@ pub struct LeakChecker {
 /// [LeakChecker] internal task state.
 struct Task {
     events_rx: mpsc::UnboundedReceiver<TaskEvent>,
+    route_manager: RouteManagerHandle,
     callbacks: Vec<Box<dyn LeakCheckerCallback>>,
 }
 
@@ -36,11 +39,12 @@ pub trait LeakCheckerCallback: Send + 'static {
 }
 
 impl LeakChecker {
-    pub fn new() -> Self {
+    pub fn new(route_manager: RouteManagerHandle) -> Self {
         let (task_event_tx, events_rx) = mpsc::unbounded_channel();
 
         let task = Task {
             events_rx,
+            route_manager,
             callbacks: vec![],
         };
 
@@ -56,10 +60,12 @@ impl LeakChecker {
         self.send(TaskEvent::NewTunnelState(tunnel_state))
     }
 
+    /// Call `callback` if a leak is detected.
     pub fn add_leak_callback(&mut self, callback: impl LeakCheckerCallback) {
         self.send(TaskEvent::AddCallback(Box::new(callback)))
     }
 
+    /// Send a [TaskEvent] to the running [Task];
     fn send(&mut self, event: TaskEvent) {
         if self.task_event_tx.send(event).is_err() {
             panic!("LeakChecker unexpectedly closed");
@@ -92,25 +98,15 @@ impl Task {
             };
 
             let ping_destination = tunnel.endpoint.address.ip();
+            let route_manager = self.route_manager.clone();
+            let leak_test = async {
+                // Give the connection a little time to settle before starting the test.
+                // TODO: is this necessary? is there some better way?
+                // TODO: ether remove this or add some concrete motivation.
+                tokio::time::sleep(Duration::from_millis(500)).await;
 
-            // TODO (linux):
-            // Use get_destination_route(ip, Some(fwmark)) to figure out default interface.
-            // where ip is some unused example public ip, or maybe the relay ip
-
-            // TODO (android):
-            // Maybe connectivity monitor?
-            // It should be possible somehow. `ifconfig` can print interfaces.
-            // needs further investigation
-
-            // TODO (macos):
-            // get_default_route in route manager
-
-            // TODO (windows):
-            // Use default route monitor thingy. It should contain interfaces.
-            // Can maybe use callback to subscribe for updates
-            // get_best_route
-
-            let interface = "wlan0"; // TODO
+                check_for_leaks(&route_manager, ping_destination).await
+            };
 
             // Make sure the tunnel state doesn't change while we're doing the leak test.
             // If that happens, then our results might be invalid.
@@ -134,15 +130,6 @@ impl Task {
                 }
             };
 
-            let leak_test = async {
-                // Give the connection a little time to settle before starting the test.
-                // TODO: is this necessary? is there some better way?
-                // TODO: ether remove this or add some concrete motivation.
-                tokio::time::sleep(Duration::from_millis(500)).await;
-
-                check_for_leaks(interface, ping_destination).await
-            };
-
             let leak_result = select! {
                 // If tunnel state changes, restart the test.
                 _ = another_tunnel_state.fuse() => continue 'leak_test,
@@ -173,7 +160,51 @@ impl Task {
     }
 }
 
-async fn check_for_leaks(interface: &str, destination: IpAddr) -> anyhow::Result<Option<LeakInfo>> {
+async fn check_for_leaks(
+    route_manager: &RouteManagerHandle,
+    destination: IpAddr,
+) -> anyhow::Result<Option<LeakInfo>> {
+    // TODO (linux):
+    // Use get_destination_route(ip, Some(fwmark)) to figure out default interface.
+    // where ip is some unused example public ip, or maybe the relay ip
+    #[cfg(target_os = "linux")]
+    let interface = {
+        let Ok(Some(route)) = route_manager
+            .get_destination_route(destination, Some(TUNNEL_FWMARK))
+            .await
+        else {
+            todo!("no route to relay?");
+        };
+
+        route
+            .get_node()
+            .get_device()
+            .expect("no device for default route??")
+            .to_string()
+    };
+
+    // TODO (android):
+    // Maybe connectivity monitor?
+    // It should be possible somehow. `ifconfig` can print interfaces.
+    // needs further investigation
+    #[cfg(target_os = "android")]
+    let interface = todo!("get default interface");
+
+    // TODO (macos):
+    // get_default_route in route manager
+    #[cfg(target_os = "macos")]
+    let interface = todo!("get default interface");
+
+    // TODO (windows):
+    // Use default route monitor thingy. It should contain interfaces.
+    // Can maybe use callback to subscribe for updates
+    // get_best_route
+    #[cfg(target_os = "macos")]
+    let interface = todo!("get default interface");
+
+    log::debug!("attempting to leak traffic on interface {interface:?} to {destination}");
+
+    // TODO: use UDP on windows
     leak_checker::traceroute::try_run_leak_test(&TracerouteOpt {
         interface: interface.to_string(),
         destination,
diff --git a/mullvad-daemon/src/lib.rs b/mullvad-daemon/src/lib.rs
@@ -83,6 +83,7 @@ use talpid_core::{
     split_tunnel,
     tunnel_state_machine::{self, TunnelCommand, TunnelStateMachineHandle},
 };
+use talpid_routing::RouteManagerHandle;
 #[cfg(target_os = "android")]
 use talpid_types::android::AndroidContext;
 #[cfg(target_os = "windows")]
@@ -182,6 +183,10 @@ pub enum Error {
     #[error("Tunnel state machine error")]
     TunnelError(#[source] tunnel_state_machine::Error),
 
+    /// Errors from [talpid_routing::RouteManagerHandle].
+    #[error("Route manager error")]
+    RouteManager(#[source] talpid_routing::Error),
+
     /// Custom list already exists
     #[error("Custom list error: {0}")]
     CustomListError(#[source] mullvad_types::custom_list::Error),
@@ -769,6 +774,15 @@ impl Daemon {
             let _ = settings_changed_event_sender.send(InternalDaemonEvent::SettingsChanged);
         });
 
+        let route_manager = RouteManagerHandle::spawn(
+            #[cfg(target_os = "linux")]
+            mullvad_types::TUNNEL_FWMARK,
+            #[cfg(target_os = "linux")]
+            mullvad_types::TUNNEL_TABLE_ID,
+        )
+        .await
+        .map_err(Error::RouteManager)?;
+
         let (offline_state_tx, offline_state_rx) = mpsc::unbounded();
         #[cfg(target_os = "windows")]
         let (volume_update_tx, volume_update_rx) = mpsc::unbounded();
@@ -792,6 +806,7 @@ impl Daemon {
             resource_dir.clone(),
             internal_event_tx.to_specialized_sender(),
             offline_state_tx,
+            route_manager.clone(),
             #[cfg(target_os = "windows")]
             volume_update_rx,
             #[cfg(target_os = "android")]
@@ -844,7 +859,7 @@ impl Daemon {
         );
 
         let leak_checker = {
-            let mut leak_checker = LeakChecker::new();
+            let mut leak_checker = LeakChecker::new(route_manager);
             let internal_event_tx = internal_event_tx.clone();
             leak_checker.add_leak_callback(move |info| {
                 internal_event_tx
diff --git a/talpid-core/src/tunnel_state_machine/mod.rs b/talpid-core/src/tunnel_state_machine/mod.rs
@@ -130,6 +130,7 @@ pub async fn spawn(
     resource_dir: PathBuf,
     state_change_listener: impl Sender<TunnelStateTransition> + Send + 'static,
     offline_state_listener: mpsc::UnboundedSender<Connectivity>,
+    route_manager: RouteManagerHandle,
     #[cfg(target_os = "windows")] volume_update_rx: mpsc::UnboundedReceiver<()>,
     #[cfg(target_os = "android")] android_context: AndroidContext,
     #[cfg(target_os = "android")] connectivity_listener: ConnectivityListener,
@@ -157,6 +158,7 @@ pub async fn spawn(
         log_dir,
         resource_dir,
         commands_rx: command_rx,
+        route_manager,
         #[cfg(target_os = "windows")]
         volume_update_rx,
         #[cfg(target_os = "android")]
@@ -254,6 +256,7 @@ struct TunnelStateMachineInitArgs<G: TunnelParametersGenerator> {
     log_dir: Option<PathBuf>,
     resource_dir: PathBuf,
     commands_rx: mpsc::UnboundedReceiver<TunnelCommand>,
+    route_manager: RouteManagerHandle,
     #[cfg(target_os = "windows")]
     volume_update_rx: mpsc::UnboundedReceiver<()>,
     #[cfg(target_os = "android")]
@@ -276,15 +279,6 @@ impl TunnelStateMachine {
         #[cfg(target_os = "macos")]
         let filtering_resolver = crate::resolver::start_resolver().await?;
 
-        let route_manager = RouteManagerHandle::spawn(
-            #[cfg(target_os = "linux")]
-            args.linux_ids.fwmark,
-            #[cfg(target_os = "linux")]
-            args.linux_ids.table_id,
-        )
-        .await
-        .map_err(Error::InitRouteManagerError)?;
-
         #[cfg(windows)]
         let split_tunnel = split_tunnel::SplitTunnel::new(
             runtime.clone(),
@@ -322,7 +316,7 @@ impl TunnelStateMachine {
             #[cfg(target_os = "linux")]
             runtime.clone(),
             #[cfg(target_os = "linux")]
-            route_manager.clone(),
+            args.route_manager.clone(),
         )
         .map_err(Error::InitDnsMonitorError)?;
 
@@ -341,7 +335,7 @@ impl TunnelStateMachine {
         let offline_monitor = offline::spawn_monitor(
             offline_tx,
             #[cfg(not(target_os = "android"))]
-            route_manager.clone(),
+            args.route_manager.clone(),
             #[cfg(target_os = "linux")]
             Some(args.linux_ids.fwmark),
             #[cfg(target_os = "android")]
@@ -381,7 +375,7 @@ impl TunnelStateMachine {
             runtime,
             firewall,
             dns_monitor,
-            route_manager,
+            route_manager: args.route_manager,
             _offline_monitor: offline_monitor,
             allow_lan: args.settings.allow_lan,
             #[cfg(not(target_os = "android"))]
diff --git a/talpid-routing/src/unix/mod.rs b/talpid-routing/src/unix/mod.rs
@@ -34,7 +34,7 @@ mod imp;
 
 pub use imp::Error as PlatformError;
 
-/// Errors that can be encountered whilst initializing route manager
+/// Errors that can be encountered whilst interacting with a [RouteManagerHandle].
 #[derive(thiserror::Error, Debug)]
 pub enum Error {
     /// Route manager thread may have panicked
