fix(nordvpn-client): validate live utun persistence before dns pinning
This commit is contained in:
@@ -781,6 +781,7 @@ function parseMacWireguardHelperStatus(output) {
|
||||
return {
|
||||
active: ["1", "true", "yes", "on"].includes(`${parsed.active || ""}`.toLowerCase()),
|
||||
interfaceName: parsed.interfaceName || MAC_WG_INTERFACE,
|
||||
wireguardInterface: parsed.wireguardInterface || null,
|
||||
configPath: parsed.configPath || null,
|
||||
raw: `${output || ""}`.trim(),
|
||||
};
|
||||
@@ -788,7 +789,7 @@ function parseMacWireguardHelperStatus(output) {
|
||||
|
||||
async function getMacWireguardHelperStatus(installProbe, options = {}) {
|
||||
const runSudoWireguardFn = options.runSudoWireguard || runSudoWireguard;
|
||||
const result = await runSudoWireguardFn(installProbe, "status");
|
||||
const result = await runSudoWireguardFn(installProbe, "probe");
|
||||
const parsed = parseMacWireguardHelperStatus(result.stdout || result.stderr || "");
|
||||
return {
|
||||
...parsed,
|
||||
@@ -1012,8 +1013,7 @@ async function probeMacWireguard() {
|
||||
const helperPath = fileExists(MAC_WG_HELPER_PATH) ? MAC_WG_HELPER_PATH : null;
|
||||
const helperSecurity = inspectMacWireguardHelperSecurity(helperPath);
|
||||
const sudoProbe = helperPath ? await runExec("sudo", ["-n", helperPath, "probe"]) : { ok: false };
|
||||
const helperStatus =
|
||||
helperPath && sudoProbe.ok ? parseMacWireguardHelperStatus((await runExec("sudo", ["-n", helperPath, "status"])).stdout) : null;
|
||||
const helperStatus = helperPath && sudoProbe.ok ? parseMacWireguardHelperStatus(sudoProbe.stdout || sudoProbe.stderr || "") : null;
|
||||
let active = false;
|
||||
let showRaw = "";
|
||||
let endpoint = "";
|
||||
@@ -1668,7 +1668,6 @@ async function disconnectNordvpn(installProbe) {
|
||||
if (!down.ok) {
|
||||
const message = (down.stderr || down.stdout || down.error).trim();
|
||||
if (isBenignMacWireguardAbsentError(message)) {
|
||||
await runSudoWireguard(installProbe, "cleanup");
|
||||
const dnsState = await restoreMacDnsIfNeeded();
|
||||
const cleaned = cleanupMacWireguardAndDnsState();
|
||||
const tailscale = await resumeMacTailscaleIfNeeded();
|
||||
@@ -1683,7 +1682,6 @@ async function disconnectNordvpn(installProbe) {
|
||||
}
|
||||
throw new Error(message || "wg-quick down failed");
|
||||
}
|
||||
await runSudoWireguard(installProbe, "cleanup");
|
||||
const dnsState = await restoreMacDnsIfNeeded();
|
||||
const cleaned = cleanupMacWireguardAndDnsState();
|
||||
const tailscale = await resumeMacTailscaleIfNeeded();
|
||||
|
||||
@@ -18,21 +18,30 @@ WG_INTERFACE="nordvpnctl"
|
||||
PATH="/opt/homebrew/bin:/usr/bin:/bin:/usr/sbin:/sbin"
|
||||
export PATH
|
||||
|
||||
if [ "$ACTION" = "probe" ]; then
|
||||
if [ "$ACTION" = "probe" ] || [ "$ACTION" = "status" ]; then
|
||||
test -x "$WG_QUICK"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "$ACTION" = "status" ]; then
|
||||
ACTIVE=0
|
||||
if [ -x "$WG" ] && "$WG" show "$WG_INTERFACE" >/dev/null 2>&1; then
|
||||
RUNTIME_INTERFACE=""
|
||||
if [ -x "$WG" ]; then
|
||||
RUNTIME_INTERFACE=$("$WG" show interfaces 2>/dev/null | awk 'NF { print $1; exit }')
|
||||
fi
|
||||
if [ -n "$RUNTIME_INTERFACE" ]; then
|
||||
ACTIVE=1
|
||||
elif [ -x "$WG" ] && "$WG" show "$WG_INTERFACE" >/dev/null 2>&1; then
|
||||
ACTIVE=1
|
||||
elif /sbin/ifconfig "$WG_INTERFACE" >/dev/null 2>&1; then
|
||||
ACTIVE=1
|
||||
elif pgrep -f "wg-quick up $WG_CONFIG" >/dev/null 2>&1; then
|
||||
ACTIVE=1
|
||||
elif pgrep -f "wireguard-go utun" >/dev/null 2>&1; then
|
||||
ACTIVE=1
|
||||
fi
|
||||
|
||||
echo "active=$ACTIVE"
|
||||
echo "interfaceName=$WG_INTERFACE"
|
||||
if [ -n "$RUNTIME_INTERFACE" ]; then
|
||||
echo "wireguardInterface=$RUNTIME_INTERFACE"
|
||||
fi
|
||||
if [ -f "$WG_CONFIG" ]; then
|
||||
echo "configPath=$WG_CONFIG"
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user