[PATCH] Restore iOS-like NWPath handling on MacOS app

[Kajetan Staszkiewicz]

Sometimes after a network path change, especially when only "unsatisfied"
network path is available, for example when a laptop is loses all LAN
and WiFi networks, further network path changes are ignored. When "satisfied"
networks disappear the cloned route for the bound socket is removed by the
system and WireGuard packets are routed through the tunnel. This will result
in an non-operational tunnel.

The iOS code does not manifest this behaviour, as it properly disables
the tunnel when no "satisfied" networks are available. Remove the special
MacOS case, use the iOS code on MacOS app.
---
 Sources/WireGuardKit/WireGuardAdapter.swift | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/Sources/WireGuardKit/WireGuardAdapter.swift b/Sources/WireGuardKit/WireGuardAdapter.swift
index f7be19b..f5bf115 100644
--- a/Sources/WireGuardKit/WireGuardAdapter.swift
+++ b/Sources/WireGuardKit/WireGuardAdapter.swift
@@ -409,25 +409,20 @@ public class WireGuardAdapter {
                 self.logHandler(.error, "Failed to resolve endpoint \(resolutionError.address): \(resolutionError.errorDescription ?? "(nil)")")
             }
         }
     }
 
     /// Helper method used by network path monitor.
     /// - Parameter path: new network path
     private func didReceivePathUpdate(path: Network.NWPath) {
         self.logHandler(.verbose, "Network change detected with \(path.status) route and interface order \(path.availableInterfaces)")
 
-        #if os(macOS)
-        if case .started(let handle, _) = self.state {
-            wgBumpSockets(handle)
-        }
-        #elseif os(iOS)
         switch self.state {
         case .started(let handle, let settingsGenerator):
             if path.status.isSatisfiable {
                 let (wgConfig, resolutionResults) = settingsGenerator.endpointUapiConfiguration()
                 self.logEndpointResolutionResults(resolutionResults)
 
                 wgSetConfig(handle, wgConfig)
                 wgDisableSomeRoamingForBrokenMobileSemantics(handle)
                 wgBumpSockets(handle)
             } else {
@@ -453,23 +448,20 @@ public class WireGuardAdapter {
                     settingsGenerator
                 )
             } catch {
                 self.logHandler(.error, "Failed to restart backend: \(error.localizedDescription)")
             }
 
         case .stopped:
             // no-op
             break
         }
-        #else
-        #error("Unsupported")
-        #endif
     }
 }
 
 /// A enum describing WireGuard log levels defined in `api-apple.go`.
 public enum WireGuardLogLevel: Int32 {
     case verbose = 0
     case error = 1
 }
 
 private extension Network.NWPath.Status {
-- 
2.47.0



-- 
| pozdrawiam / regards | Powered by macOS, Debian and FreeBSD |
| Kajetan Staszkiewicz |  www: http://vegeta.tuxpowered.net   |
`----------------------^--------------------------------------'

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20250304/2f6aad1a/attachment.sig>