VPN now recovers from WireGuard closing utun (#3084)

Task/Issue URL: https://app.asana.com/0/0/1208000338328853/f iOS: duckduckgo/iOS#3204 BSK: duckduckgo/BrowserServicesKit#931 ## Description If we detect an error while updating the tunnel configuration we now cancel the tunnel so Apple recreates the virtual interface. I believe the underlying issue is WireGuard should not "touch" the virtual interface at all, as that responsibility is owned by Apple.
duckduckgo · Aug 13, 2024 · 3ed23a5 · 3ed23a5
1 parent 6001f25
commit 3ed23a5
Show file tree

Hide file tree

Showing 9 changed files with 32 additions and 16 deletions.
diff --git a/DuckDuckGo.xcodeproj/project.pbxproj b/DuckDuckGo.xcodeproj/project.pbxproj
@@ -13465,7 +13465,7 @@
 			repositoryURL = "https://github.com/duckduckgo/BrowserServicesKit";
 			requirement = {
 				kind = exactVersion;
-				version = 183.0.1;
+				version = 184.0.0;
 			};
 		};
 		9FF521422BAA8FF300B9819B /* XCRemoteSwiftPackageReference "lottie-spm" */ = {

diff --git a/DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved b/DuckDuckGo.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved
@@ -32,8 +32,8 @@
       "kind" : "remoteSourceControl",
       "location" : "https://github.com/duckduckgo/BrowserServicesKit",
       "state" : {
-        "revision" : "f0220c164618c7ca1cbf276db644d71711b0c76a",
-        "version" : "183.0.1"
+        "revision" : "c6ce430371032930d770b0388cbe44a2d40ad729",
+        "version" : "184.0.0"
       }
     },
     {

diff --git a/...DuckGo/NetworkProtection/AppAndExtensionAndAgentTargets/NetworkProtectionPixelEvent.swift b/...DuckGo/NetworkProtection/AppAndExtensionAndAgentTargets/NetworkProtectionPixelEvent.swift
@@ -98,7 +98,8 @@ enum NetworkProtectionPixelEvent: PixelKitEventV2 {
     case networkProtectionWireguardErrorInvalidState(reason: String)
     case networkProtectionWireguardErrorFailedDNSResolution
     case networkProtectionWireguardErrorCannotSetNetworkSettings(_ error: Error)
-    case networkProtectionWireguardErrorCannotStartWireguardBackend(code: Int32)
+    case networkProtectionWireguardErrorCannotStartWireguardBackend(_ error: Error)
+    case networkProtectionWireguardErrorCannotSetWireguardConfig(_ error: Error)
 
     case networkProtectionNoAuthTokenFoundError
 
@@ -290,6 +291,9 @@ enum NetworkProtectionPixelEvent: PixelKitEventV2 {
         case .networkProtectionWireguardErrorCannotStartWireguardBackend:
             return "netp_wireguard_error_cannot_start_wireguard_backend"
 
+        case .networkProtectionWireguardErrorCannotSetWireguardConfig:
+            return "netp_wireguard_error_cannot_set_wireguard_config"
+
         case .networkProtectionNoAuthTokenFoundError:
             return "netp_no_auth_token_found_error"
 
@@ -378,8 +382,10 @@ enum NetworkProtectionPixelEvent: PixelKitEventV2 {
             return parameters
         case .networkProtectionWireguardErrorCannotSetNetworkSettings(let error):
             return error.pixelParameters
-        case .networkProtectionWireguardErrorCannotStartWireguardBackend(code: let code):
-            return [PixelKit.Parameters.errorCode: String(code)]
+        case .networkProtectionWireguardErrorCannotStartWireguardBackend(let error):
+            return error.pixelParameters
+        case .networkProtectionWireguardErrorCannotSetWireguardConfig(let error):
+            return error.pixelParameters
         case .networkProtectionClientFailedToFetchServerStatus(let error):
             return error?.pixelParameters
         case .networkProtectionClientFailedToParseServerStatusResponse(let error):
@@ -458,6 +464,8 @@ enum NetworkProtectionPixelEvent: PixelKitEventV2 {
                 .networkProtectionTunnelWakeFailure(let error),
                 .networkProtectionClientFailedToParseRedeemResponse(let error),
                 .networkProtectionWireguardErrorCannotSetNetworkSettings(let error),
+                .networkProtectionWireguardErrorCannotStartWireguardBackend(let error),
+                .networkProtectionWireguardErrorCannotSetWireguardConfig(let error),
                 .networkProtectionRekeyFailure(let error),
                 .networkProtectionUnhandledError(_, _, let error),
                 .networkProtectionSystemExtensionActivationFailure(let error),
@@ -507,7 +515,6 @@ enum NetworkProtectionPixelEvent: PixelKitEventV2 {
                 .networkProtectionWireguardErrorCannotLocateTunnelFileDescriptor,
                 .networkProtectionWireguardErrorInvalidState,
                 .networkProtectionWireguardErrorFailedDNSResolution,
-                .networkProtectionWireguardErrorCannotStartWireguardBackend,
                 .networkProtectionNoAuthTokenFoundError,
                 .networkProtectionRekeyAttempt,
                 .networkProtectionRekeyCompleted,

diff --git a/...kGo/NetworkProtection/AppTargets/BothAppTargets/EventMapping+NetworkProtectionError.swift b/...kGo/NetworkProtection/AppTargets/BothAppTargets/EventMapping+NetworkProtectionError.swift
@@ -82,6 +82,7 @@ extension EventMapping where Event == NetworkProtectionError {
                 .wireGuardDnsResolution,
                 .wireGuardSetNetworkSettings,
                 .startWireGuardBackend,
+                .setWireguardConfig,
                 .failedToRetrieveAuthToken,
                 .failedToFetchServerStatus,
                 .failedToParseServerStatusResponse:

diff --git a/...kProtection/NetworkExtensionTargets/NetworkExtensionTargets/MacPacketTunnelProvider.swift b/...kProtection/NetworkExtensionTargets/NetworkExtensionTargets/MacPacketTunnelProvider.swift
@@ -110,8 +110,10 @@ final class MacPacketTunnelProvider: PacketTunnelProvider {
                 domainEvent = .networkProtectionWireguardErrorFailedDNSResolution
             case .wireGuardSetNetworkSettings(let error):
                 domainEvent = .networkProtectionWireguardErrorCannotSetNetworkSettings(error)
-            case .startWireGuardBackend(let code):
-                domainEvent = .networkProtectionWireguardErrorCannotStartWireguardBackend(code: code)
+            case .startWireGuardBackend(let error):
+                domainEvent = .networkProtectionWireguardErrorCannotStartWireguardBackend(error)
+            case .setWireguardConfig(let error):
+                domainEvent = .networkProtectionWireguardErrorCannotSetWireguardConfig(error)
             case .noAuthTokenFound:
                 domainEvent = .networkProtectionNoAuthTokenFoundError
             case .failedToFetchServerStatus(let error):

diff --git a/LocalPackages/DataBrokerProtection/Package.swift b/LocalPackages/DataBrokerProtection/Package.swift
@@ -29,7 +29,7 @@ let package = Package(
             targets: ["DataBrokerProtection"])
     ],
     dependencies: [
-        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "183.0.1"),
+        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "184.0.0"),
         .package(path: "../SwiftUIExtensions"),
         .package(path: "../XPCHelper"),
     ],

diff --git a/LocalPackages/NetworkProtectionMac/Package.swift b/LocalPackages/NetworkProtectionMac/Package.swift
@@ -32,7 +32,7 @@ let package = Package(
         .library(name: "VPNAppLauncher", targets: ["VPNAppLauncher"]),
     ],
     dependencies: [
-        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "183.0.1"),
+        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "184.0.0"),
         .package(url: "https://github.com/airbnb/lottie-spm", exact: "4.4.3"),
         .package(path: "../AppLauncher"),
         .package(path: "../UDSHelper"),

diff --git a/LocalPackages/SubscriptionUI/Package.swift b/LocalPackages/SubscriptionUI/Package.swift
@@ -12,7 +12,7 @@ let package = Package(
             targets: ["SubscriptionUI"]),
     ],
     dependencies: [
-        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "183.0.1"),
+        .package(url: "https://github.com/duckduckgo/BrowserServicesKit", exact: "184.0.0"),
         .package(path: "../SwiftUIExtensions")
     ],
     targets: [

diff --git a/UnitTests/NetworkProtection/NetworkProtectionPixelEventTests.swift b/UnitTests/NetworkProtection/NetworkProtectionPixelEventTests.swift
@@ -322,12 +322,18 @@ final class NetworkProtectionPixelEventTests: XCTestCase {
                                  underlyingErrors: [TestError.underlyingError]),
              file: #filePath,
              line: #line)
-        fire(NetworkProtectionPixelEvent.networkProtectionWireguardErrorCannotStartWireguardBackend(code: 1),
+        fire(NetworkProtectionPixelEvent.networkProtectionWireguardErrorCannotStartWireguardBackend(TestError.testError),
              frequency: .dailyAndCount,
              and: .expect(pixelName: "m_mac_netp_wireguard_error_cannot_start_wireguard_backend",
-                          customFields: [
-                            PixelKit.Parameters.errorCode: "1"
-                          ]),
+                          error: TestError.testError,
+                          underlyingErrors: [TestError.underlyingError]),
+             file: #filePath,
+             line: #line)
+        fire(NetworkProtectionPixelEvent.networkProtectionWireguardErrorCannotSetWireguardConfig(TestError.testError),
+             frequency: .dailyAndCount,
+             and: .expect(pixelName: "m_mac_netp_wireguard_error_cannot_set_wireguard_config",
+                          error: TestError.testError,
+                          underlyingErrors: [TestError.underlyingError]),
              file: #filePath,
              line: #line)
         fire(NetworkProtectionPixelEvent.networkProtectionNoAuthTokenFoundError,