Disable on-demand when the user initiates shutdown. (#790)

Required: Task/Issue URL: https://app.asana.com/0/414235014887631/1206396485779556/f iOS PR: duckduckgo/iOS#2771 macOS PR: duckduckgo/macos-browser#2668 What kind of version bump will this require?: Patch Description: This PR toggles Connect on Demand when the user initiates a startup or shutdown event. This is so that users can toggle the VPN from Settings.app and it doesn't immediately re-enable itself due to on-demand.
duckduckgo · Apr 26, 2024 · f8c7329 · f8c7329
1 parent 9ebcfd1
commit f8c7329
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/Sources/NetworkProtection/PacketTunnelProvider.swift b/Sources/NetworkProtection/PacketTunnelProvider.swift
@@ -659,6 +659,12 @@ open class PacketTunnelProvider: NEPacketTunnelProvider {
                 do {
                     let startReason: AdapterStartReason = onDemand ? .onDemand : .manual
                     try await self.handleAdapterStarted(startReason: startReason)
+
+                    // Enable Connect on Demand when manually enabling the tunnel on iOS 17.0+.
+                    if #available(iOS 17.0, *), startReason == .manual {
+                        try? await updateConnectOnDemand(enabled: true)
+                        os_log("Enabled Connect on Demand due to user-initiated startup", log: .networkProtection, type: .info)
+                    }
                 } catch {
                     self.cancelTunnelWithError(error)
                     return
@@ -678,6 +684,12 @@ open class PacketTunnelProvider: NEPacketTunnelProvider {
         do {
             try await stopTunnel()
             providerEvents.fire(.tunnelStopAttempt(.success))
+
+            // Disable Connect on Demand when disabling the tunnel from iOS settings on iOS 17.0+.
+            if #available(iOS 17.0, *), case .userInitiated = reason {
+                try? await updateConnectOnDemand(enabled: false)
+                os_log("Disabled Connect on Demand due to user-initiated shutdown", log: .networkProtection, type: .info)
+            }
         } catch {
             providerEvents.fire(.tunnelStopAttempt(.failure(error)))
         }
@@ -864,6 +876,15 @@ open class PacketTunnelProvider: NEPacketTunnelProvider {
         return configurationResult.0
     }
 
+    @available(iOS 17.0, *)
+    private func updateConnectOnDemand(enabled: Bool) async throws {
+        let managers = try await NETunnelProviderManager.loadAllFromPreferences()
+        if let manager = managers.first {
+            manager.isOnDemandEnabled = enabled
+            try await manager.saveToPreferences()
+        }
+    }
+
     // MARK: - App Messages
 
     // swiftlint:disable:next cyclomatic_complexity