Implement support for DNS search domains in the native apps for Apple platforms (Mac and iOS), matching the search domain support already implemented for other platforms.
Rather than unconditionally routing all DNS queries through the associated tunnel's DNS, only route queries when no search domains have been specified. When search domains _have_ been specified, route those domains to the tunnel's DNS but let other domains continue to be routed to other network interfaces. Signed-off-by: Ken Case <[email protected]> --- Sources/WireGuardKit/PacketTunnelSettingsGenerator.swift | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Sources/WireGuardKit/PacketTunnelSettingsGenerator.swift b/Sources/WireGuardKit/PacketTunnelSettingsGenerator.swift index c53a82c..5b7f63c 100644 --- a/Sources/WireGuardKit/PacketTunnelSettingsGenerator.swift +++ b/Sources/WireGuardKit/PacketTunnelSettingsGenerator.swift @@ -88,7 +88,13 @@ class PacketTunnelSettingsGenerator { let dnsSettings = NEDNSSettings(servers: dnsServerStrings) dnsSettings.searchDomains = tunnelConfiguration.interface.dnsSearch if !tunnelConfiguration.interface.dns.isEmpty { - dnsSettings.matchDomains = [""] // All DNS queries must first go through the tunnel's DNS + if tunnelConfiguration.interface.dnsSearch.isEmpty { + // Since no search domains were listed, use this tunnel's DNS for all queries + dnsSettings.matchDomains = [""] + } else { + // Only use this tunnel for the listed search domains + dnsSettings.matchDomains = tunnelConfiguration.interface.dnsSearch + } } networkSettings.dnsSettings = dnsSettings } -- 2.41.0
