Skip to content

Commit

Permalink
kill switch
Browse files Browse the repository at this point in the history
  • Loading branch information
@mallexxx
mallexxx committed Jul 28, 2023
1 parent 157b5e5 commit 04727ff
Show file tree
Hide file tree
Showing 26 changed files with 595 additions and 504 deletions.
80 changes: 38 additions & 42 deletions DuckDuckGo.xcodeproj/project.pbxproj
View file

Large diffs are not rendered by default.

5 changes: 2 additions & 3 deletions DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,7 @@
"kind" : "remoteSourceControl",
"location" : "https://github.com/duckduckgo/BrowserServicesKit",
"state" : {
"revision" : "214db1a9aceb643cbb5bf070b61d8f65ec196e1c",
"version" : "70.0.0"
"revision" : "091de77bb40701c566b57e55c42f47a8b2a9cd78"
}
},
{
Expand Down Expand Up @@ -129,7 +128,7 @@
{
"identity" : "trackerradarkit",
"kind" : "remoteSourceControl",
"location" : "https://github.com/duckduckgo/TrackerRadarKit",
"location" : "https://github.com/duckduckgo/TrackerRadarKit.git",
"state" : {
"revision" : "4684440d03304e7638a2c8086895367e90987463",
"version" : "1.2.1"
Expand Down
7 changes: 6 additions & 1 deletion DuckDuckGo/AppDelegate/AppDelegate.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,8 @@ final class AppDelegate: NSObject, NSApplicationDelegate, FileDownloadManagerDel
#if NETWORK_PROTECTION

private func startupNetworkProtection() {
guard #available(macOS 11.0, *) else { return }

let loginItemsManager = NetworkProtectionLoginItemsManager()
let networkProtectionFeatureVisibility = NetworkProtectionKeychainTokenStore()

Expand All @@ -319,6 +321,7 @@ final class AppDelegate: NSObject, NSApplicationDelegate, FileDownloadManagerDel
refreshNetworkProtectionServers()
}

@available(macOS 11.0, *)
private func restartNetworkProtectionIfVersionChanged(using loginItemsManager: NetworkProtectionLoginItemsManager) {
let currentVersion = AppVersion.shared.versionNumber
let versionStore = NetworkProtectionLastVersionRunStore()
Expand All @@ -341,21 +344,23 @@ final class AppDelegate: NSObject, NSApplicationDelegate, FileDownloadManagerDel
}
}

@available(macOS 11.0, *)
private func restartNetworkProtectionTunnelAndMenu(using loginItemsManager: NetworkProtectionLoginItemsManager) {
loginItemsManager.restartLoginItems()

Task {
let provider = NetworkProtectionTunnelController()

// Restart NetP SysEx on app update
if await provider.isConnected() {
if await provider.isConnected {
await provider.stop()
await provider.start()
}
}
}

/// Fetches a new list of Network Protection servers, and updates the existing set.
@available(macOS 11.0, *)
private func refreshNetworkProtectionServers() {
Task {
let serverCount: Int
Expand Down
7 changes: 4 additions & 3 deletions DuckDuckGo/Common/Extensions/NSApplicationExtension.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,15 +40,16 @@ extension NSApplication {
}
}
}
@objc dynamic var runType: RunType { .normal }
@objc dynamic class var runType: RunType { .normal }
var runType: RunType { Self.runType }

var isRunningUnitTests: Bool {
if case .unitTests = runType { return true }
if case .unitTests = Self.runType { return true }
return false
}

var isRunningIntegrationTests: Bool {
if case .integrationTests = runType { return true }
if case .integrationTests = Self.runType { return true }
return false
}

Expand Down
25 changes: 23 additions & 2 deletions DuckDuckGo/Common/Utilities/UserDefaultsWrapper.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,15 @@ public struct UserDefaultsWrapper<T> {
// Temporary for activetion pixel
case firstLaunchDate = "first.app.launch.date"

// Network Protection
case networkProtectionOnDemandActivation = "netp.ondemand"
case networkProtectionShouldEnforceRoutes = "netp.enforce-routes"

case networkProtectionShouldExcludeDDGRoute = "netp.exclude-ddg-route"
case networkProtectionShouldExcludeLocalRoutes = "netp.exclude-local-routes"

case networkProtectionConnectOnLogIn = "netp.connect-on-login"

case networkProtectionRegistrationKeyValidity = "com.duckduckgo.network-protection.NetworkProtectionTunnelController.registrationKeyValidityKey"
}

Expand All @@ -138,10 +147,10 @@ public struct UserDefaultsWrapper<T> {

static var sharedDefaults: UserDefaults {
#if DEBUG && !(NETP_SYSTEM_EXTENSION && NETWORK_EXTENSION) // Avoid looking up special user defaults when running inside the system extension
if case .normal = NSApp.runType {
if case .normal = NSApplication.runType {
return .standard
} else {
return UserDefaults(suiteName: Bundle.main.bundleIdentifier! + "." + NSApp.runType.description)!
return UserDefaults(suiteName: Bundle.main.bundleIdentifier! + "." + NSApplication.runType.description)!
}
#else
return .standard
Expand Down Expand Up @@ -195,4 +204,16 @@ public struct UserDefaultsWrapper<T> {
sharedDefaults.removeObject(forKey: key.rawValue)
}

func clear() {
defaults.removeObject(forKey: key.rawValue)
}

}

extension UserDefaultsWrapper where T: OptionalProtocol {

init(key: Key, defaults: UserDefaults? = nil) {
self.init(key: key, defaultValue: .none, defaults: defaults)
}

}
9 changes: 8 additions & 1 deletion DuckDuckGo/Main/Main.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,10 @@ final class AppMain {

static func main() {
#if NETWORK_PROTECTION
guard #available(macOS 11, *) else {
_=NSApplicationMain(CommandLine.argc, CommandLine.unsafeArgv)
return
}
switch (CommandLine.arguments.first! as NSString).lastPathComponent {
case "startVPN":
swizzleMainBundle()
Expand All @@ -63,7 +67,7 @@ final class AppMain {

Task {
do {
try await NetworkProtectionTunnelController().enableOnDemand()
try await NetworkProtectionTunnelController().enableOnDemandRequestedByExtension()
exit(0)
} catch {
fatalError("Could not enable on demand due to error: \(String(describing: error))")
Expand All @@ -85,5 +89,8 @@ final class AppMain {
let m1 = class_getClassMethod(Bundle.self, #selector(getter: Bundle.main))!
let m2 = class_getClassMethod(Bundle.self, #selector(Bundle.nonMain))!
method_exchangeImplementations(m1, m2)

// since initially our bundle id doesn‘t match the main app, UserDefaults won‘t be loaded by default
UserDefaults.standard.addSuite(named: Bundle.main.bundleIdentifier!)
}
}
57 changes: 42 additions & 15 deletions DuckDuckGo/Menus/MainMenu.storyboard
View file
Original file line number Diff line number Diff line change
Expand Up @@ -826,6 +826,41 @@ CQ
</connections>
</menuItem>
<menuItem isSeparatorItem="YES" id="FSc-gX-vGh"/>
<menuItem title="Enable On-Demand (required for Kill Switch)" id="u0h-YJ-J4H" userLabel="Connect On Demand">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="toggleConnectOnDemandAction:" target="Rah-lS-gno" id="beL-Aq-2Xu"/>
</connections>
</menuItem>
<menuItem title="Connect on Log In" id="fSA-hH-Vum" userLabel="Connect On Log In">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="toggleConnectOnLogInAction:" target="Rah-lS-gno" id="ZCH-Qd-oYZ"/>
</connections>
</menuItem>
<menuItem isSeparatorItem="YES" id="kCo-m1-HGV"/>
<menuItem title="Kill Switch:" enabled="NO" id="Gdx-Ng-vit">
<modifierMask key="keyEquivalentModifierMask"/>
</menuItem>
<menuItem title="enforceRoutes (Kill Switch)" id="9HJ-tK-AOs" userLabel="Enforce Routes">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="toggleEnforceRoutesAction:" target="Rah-lS-gno" id="B4i-GF-9nw"/>
</connections>
</menuItem>
<menuItem title="exclude Local Networks" id="Zak-JJ-7hc" userLabel="Exclude Local Networks">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="toggleShouldExcludeLocalRoutes:" target="Rah-lS-gno" id="Wdd-D6-yWy"/>
</connections>
</menuItem>
<menuItem title="exclude duckduckgo.com IPs" id="DIg-On-jg2" userLabel="Exclude DuckDuckGo route">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="toggleExcludeDDGAction:" target="Rah-lS-gno" id="N69-sN-yoO"/>
</connections>
</menuItem>
<menuItem isSeparatorItem="YES" id="Rgl-Eu-PPS"/>
<menuItem title="Send Test Notification" id="3rB-n0-ZjS">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
Expand Down Expand Up @@ -876,13 +911,13 @@ CQ
<modifierMask key="keyEquivalentModifierMask"/>
<menu key="submenu" title="Simulate Failure" id="iLs-sj-2Gd" customClass="NetworkProtectionSimulateFailureMenu" customModule="DuckDuckGo_Privacy_Browser" customModuleProvider="target">
<items>
<menuItem title="Enable NetP &gt; Controller Failure" id="xyA-ob-gEy">
<menuItem title="Enable NetP &gt; Controller Failure" id="xyA-ob-gEy" userLabel="Controller Failure">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="simulateControllerFailure:" target="iLs-sj-2Gd" id="qO6-8J-ER0"/>
</connections>
</menuItem>
<menuItem title="Enable NetP &gt; Tunnel Failure" id="kVa-n8-UNx">
<menuItem title="Enable NetP &gt; Tunnel Failure" id="kVa-n8-UNx" userLabel="Tunnel Failure">
<modifierMask key="keyEquivalentModifierMask"/>
<connections>
<action selector="simulateTunnelFailure:" target="iLs-sj-2Gd" id="tZL-Vl-6mu"/>
Expand All @@ -893,13 +928,18 @@ CQ
</menuItem>
</items>
<connections>
<outlet property="connectOnLogInMenuItem" destination="fSA-hH-Vum" id="HSf-v8-MYh"/>
<outlet property="enableConnectOnDemandMenuItem" destination="u0h-YJ-J4H" id="Ufg-Pq-PYy"/>
<outlet property="excludeDDGRouteMenuItem" destination="DIg-On-jg2" id="xeM-gn-WdU"/>
<outlet property="excludeLocalNetworksMenuItem" destination="Zak-JJ-7hc" id="vYu-wC-dTl"/>
<outlet property="mainMenuItem" destination="Dt6-sj-4hn" id="vwa-T8-0ak"/>
<outlet property="preferredServerAutomaticItem" destination="0j8-SE-pRP" id="APF-zT-6Qd"/>
<outlet property="preferredServerMenu" destination="jbT-17-qgW" id="6qH-9G-SrT"/>
<outlet property="registrationKeyValidityAutomaticItem" destination="Hsh-im-6Cc" id="k4w-9T-ny9"/>
<outlet property="registrationKeyValidityMenu" destination="HwX-wm-4zf" id="Dpg-p8-nQ0"/>
<outlet property="registrationKeyValidityMenuItem" destination="iPz-EO-Nv6" id="XbK-zy-EGv"/>
<outlet property="registrationKeyValidityMenuSeparatorItem" destination="MEg-4g-gji" id="Pos-zQ-wJJ"/>
<outlet property="shouldEnforceRoutesMenuItem" destination="9HJ-tK-AOs" id="kjL-wl-sji"/>
</connections>
</menu>
</menuItem>
Expand Down Expand Up @@ -982,19 +1022,6 @@ CQ
<outlet property="delegate" destination="Voe-Tx-rLC" id="PrD-fu-P6m"/>
</connections>
</application>
<menu id="013-wG-YGZ">
<items>
<menuItem title="Item 1" id="m8E-kO-TwB">
<modifierMask key="keyEquivalentModifierMask"/>
</menuItem>
<menuItem title="Item 2" id="gKX-rb-enP">
<modifierMask key="keyEquivalentModifierMask"/>
</menuItem>
<menuItem title="Item 3" id="MNz-ve-jnh">
<modifierMask key="keyEquivalentModifierMask"/>
</menuItem>
</items>
</menu>
</objects>
<point key="canvasLocation" x="-222" y="-258"/>
</scene>
Expand Down
4 changes: 3 additions & 1 deletion DuckDuckGo/Menus/MainMenu.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,18 @@
// limitations under the License.
//

import BrowserServicesKit
import Cocoa
import Common
import Combine
import OSLog // swiftlint:disable:this enforce_os_log_wrapper
import WebKit
import BrowserServicesKit

#if NETWORK_PROTECTION
import NetworkProtection
#endif

@MainActor
final class MainMenu: NSMenu {

enum Constants {
Expand Down
3 changes: 2 additions & 1 deletion DuckDuckGo/Menus/MainMenuActions.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,10 @@
// limitations under the License.
//

import Cocoa
import BrowserServicesKit
import Cocoa
import Common
import WebKit

// Actions are sent to objects of responder chain

Expand Down
1 change: 1 addition & 0 deletions DuckDuckGo/NavigationBar/View/MoreOptionsMenu.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,7 @@ final class EmailOptionsButtonSubMenu: NSMenu {
}
}

@MainActor
final class ZoomSubMenu: NSMenu {

init(targetting target: AnyObject, tabCollectionViewModel: TabCollectionViewModel) {
Expand Down
2 changes: 2 additions & 0 deletions DuckDuckGo/NavigationBar/View/NavigationBarPopovers.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ final class NavigationBarPopovers {
}
}

@available(macOS 11.0, *)
func toggleNetworkProtectionPopover(usingView view: NSView, withDelegate delegate: NSPopoverDelegate) {
#if NETWORK_PROTECTION
if let networkProtectionPopover = networkProtectionPopover,
Expand Down Expand Up @@ -263,6 +264,7 @@ final class NavigationBarPopovers {
// MARK: - Network Protection

#if NETWORK_PROTECTION
@available(macOS 11.0, *)
func showNetworkProtectionPopover(usingView view: NSView, withDelegate delegate: NSPopoverDelegate) {
let popover = networkProtectionPopover ?? {
let controller = NetworkProtectionTunnelController()
Expand Down
7 changes: 5 additions & 2 deletions DuckDuckGo/NavigationBar/View/NavigationBarViewController.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -268,11 +268,12 @@ final class NavigationBarViewController: NSViewController {
popovers.passwordManagementButtonPressed(usingView: passwordManagementButton, withDelegate: self)
}

@IBAction func networkProtectionButtonAction(_ sender: NSButton) {
#if NETWORK_PROTECTION
@available(macOS 11.0, *)
@IBAction func networkProtectionButtonAction(_ sender: NSButton) {
popovers.toggleNetworkProtectionPopover(usingView: networkProtectionButton, withDelegate: networkProtectionButtonModel)
#endif
}
#endif

@IBAction func downloadsButtonAction(_ sender: NSButton) {
toggleDownloadsPopover(keepButtonVisible: false)
Expand Down Expand Up @@ -740,11 +741,13 @@ extension NavigationBarViewController: NSMenuDelegate {

#if NETWORK_PROTECTION
func showNetworkProtectionStatus() {
guard #available(macOS 11.0, *) else { return }
popovers.showNetworkProtectionPopover(usingView: networkProtectionButton,
withDelegate: networkProtectionButtonModel)
}

private func setupNetworkProtectionButton() {
guard #available(macOS 11.0, *) else { return }
networkProtectionCancellable = networkProtectionButtonModel.$showButton
.receive(on: RunLoop.main)
.sink { [weak self] show in
Expand Down
27 changes: 27 additions & 0 deletions ...orkProtection/AppAndExtensionAndAgentTargets/NetworkProtectionUserDefaultsConstants.swift
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
//
// NetworkProtectionUserDefaultsConstants.swift
//
// Copyright © 2023 DuckDuckGo. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

import Foundation

enum NetworkProtectionUserDefaultsConstants {

static let onDemandActivation = true
static let shouldConnectOnLogIn = false
static let isKillSwitchEnabled = false

}
23 changes: 23 additions & 0 deletions ...onTargets/AppAndExtensionAndNotificationTargets/NetworkProtectionOptionKeyExtension.swift
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
//
// NetworkProtectionOptionKeyExtension.swift
//
// Copyright © 2023 DuckDuckGo. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

import NetworkProtection

extension NetworkProtectionOptionKey {
public static let defaultPixelHeaders = "defaultPixelHeaders"
}
Loading

0 comments on commit 04727ff

Please sign in to comment.