passepartout-apple/Passepartout/Sources/Services/InfrastructurePreset.swift

//
//  InfrastructurePreset.swift
//  Passepartout
//
//  Created by Davide De Rosa on 8/30/18.
//  Copyright (c) 2019 Davide De Rosa. All rights reserved.
//
//  https://github.com/passepartoutvpn
//
//  This file is part of Passepartout.
//
//  Passepartout is free software: you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  (at your option) any later version.
//
//  Passepartout is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with Passepartout.  If not, see <http://www.gnu.org/licenses/>.
//

import Foundation
import TunnelKit

// supports a subset of TunnelKitProvider.Configuration
// ignores new JSON keys

public struct InfrastructurePreset: Codable {
    public enum ExternalKey: String, Codable {
        case ca
        
        case client
        
        case key
        
        case wrapKeyData = "wrap.key.data"
    }
    
    public enum PresetKeys: String, CodingKey {
        case id

        case name

        case comment
        
        case configuration = "cfg"
        
        case external
    }

    public enum ConfigurationKeys: String, CodingKey {
        case endpointProtocols = "ep"

        case cipher

        case digest = "auth"

        case ca

        case clientCertificate = "client"

        case clientKey = "key"

        case compressionFraming = "frame"
        
        case compressionAlgorithm = "compression"
        
        case keepAliveSeconds = "ping"

        case renegotiatesAfterSeconds = "reneg"

        case tlsWrap = "wrap"

        case checksEKU = "eku"

        case randomizeEndpoint = "random"

        case usesPIAPatches = "pia"
    }
    
    public let id: String
    
    public let name: String
    
    public let comment: String

    public let configuration: TunnelKitProvider.Configuration
    
    public let external: [ExternalKey: String]?
    
    public func hasProtocol(_ proto: EndpointProtocol) -> Bool {
        return configuration.sessionConfiguration.endpointProtocols?.firstIndex(of: proto) != nil
    }

    public func injectExternalConfiguration(_ configuration: inout TunnelKitProvider.ConfigurationBuilder, with name: Infrastructure.Name, pool: Pool) throws {
        guard let external = external, !external.isEmpty else {
            return
        }
        
        let baseURL = name.externalURL

        var sessionBuilder = configuration.sessionConfiguration.builder()
        if let pattern = external[.ca] {
            let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)
            let caURL = baseURL.appendingPathComponent(filename)
            sessionBuilder.ca = CryptoContainer(pem: try String(contentsOf: caURL))
        }
        if let pattern = external[.wrapKeyData] {
            let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)
            let tlsKeyURL = baseURL.appendingPathComponent(filename)
            if let dummyWrap = sessionBuilder.tlsWrap {
                let file = try String(contentsOf: tlsKeyURL)
                if let staticKey = StaticKey(file: file, direction: .client) {
                    sessionBuilder.tlsWrap = SessionProxy.TLSWrap(strategy: dummyWrap.strategy, key: staticKey)
                }
            }
        }
        configuration.sessionConfiguration = sessionBuilder.build()
    }
    
    // MARK: Codable
    
    public init(from decoder: Decoder) throws {
        let container = try decoder.container(keyedBy: PresetKeys.self)
        id = try container.decode(String.self, forKey: .id)
        name = try container.decode(String.self, forKey: .name)
        comment = try container.decode(String.self, forKey: .comment)
        if let rawExternal = try container.decodeIfPresent([String: String].self, forKey: .external) {
            var remapped: [ExternalKey: String] = [:]
            for entry in rawExternal {
                guard let key = ExternalKey(rawValue: entry.key) else {
                    continue
                }
                remapped[key] = entry.value
            }
            external = remapped
        } else {
            external = nil
        }

        let cfgContainer = try container.nestedContainer(keyedBy: ConfigurationKeys.self, forKey: .configuration)

        var sessionBuilder = SessionProxy.ConfigurationBuilder()
        sessionBuilder.cipher = try cfgContainer.decode(SessionProxy.Cipher.self, forKey: .cipher)
        if let digest = try cfgContainer.decodeIfPresent(SessionProxy.Digest.self, forKey: .digest) {
            sessionBuilder.digest = digest
        }
        sessionBuilder.compressionFraming = try cfgContainer.decode(SessionProxy.CompressionFraming.self, forKey: .compressionFraming)
        sessionBuilder.compressionAlgorithm = try cfgContainer.decodeIfPresent(SessionProxy.CompressionAlgorithm.self, forKey: .compressionAlgorithm) ?? .disabled
        sessionBuilder.ca = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .ca)
        sessionBuilder.clientCertificate = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .clientCertificate)
        sessionBuilder.clientKey = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .clientKey)
        sessionBuilder.tlsWrap = try cfgContainer.decodeIfPresent(SessionProxy.TLSWrap.self, forKey: .tlsWrap)
        sessionBuilder.keepAliveInterval = try cfgContainer.decodeIfPresent(TimeInterval.self, forKey: .keepAliveSeconds)
        sessionBuilder.renegotiatesAfter = try cfgContainer.decodeIfPresent(TimeInterval.self, forKey: .renegotiatesAfterSeconds)
        sessionBuilder.endpointProtocols = try cfgContainer.decode([EndpointProtocol].self, forKey: .endpointProtocols)
        sessionBuilder.checksEKU = try cfgContainer.decodeIfPresent(Bool.self, forKey: .checksEKU) ?? false
        sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false
        sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false

        let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())
        configuration = builder.build()
    }
    
    public func encode(to encoder: Encoder) throws {
        guard let ca = configuration.sessionConfiguration.ca else {
            fatalError("Could not encode nil ca")
        }
        guard let endpointProtocols = configuration.sessionConfiguration.endpointProtocols else {
            fatalError("Could not encode nil endpointProtocols")
        }

        var container = encoder.container(keyedBy: PresetKeys.self)
        try container.encode(id, forKey: .id)
        try container.encode(name, forKey: .name)
        try container.encode(comment, forKey: .comment)
        try container.encodeIfPresent(external, forKey: .external)

        var cfgContainer = container.nestedContainer(keyedBy: ConfigurationKeys.self, forKey: .configuration)
        try cfgContainer.encode(configuration.sessionConfiguration.cipher, forKey: .cipher)
        try cfgContainer.encode(configuration.sessionConfiguration.digest, forKey: .digest)
        try cfgContainer.encode(configuration.sessionConfiguration.compressionFraming, forKey: .compressionFraming)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.compressionAlgorithm, forKey: .compressionAlgorithm)
        try cfgContainer.encodeIfPresent(ca, forKey: .ca)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.clientCertificate, forKey: .clientCertificate)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.clientKey, forKey: .clientKey)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.tlsWrap, forKey: .tlsWrap)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.keepAliveInterval, forKey: .keepAliveSeconds)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.renegotiatesAfter, forKey: .renegotiatesAfterSeconds)
        try cfgContainer.encode(endpointProtocols, forKey: .endpointProtocols)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.checksEKU, forKey: .checksEKU)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.randomizeEndpoint, forKey: .randomizeEndpoint)
        try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.usesPIAPatches, forKey: .usesPIAPatches)
    }
}
Initial commit 2018-10-11 07:13:19 +00:00			`//`
			`// InfrastructurePreset.swift`
			`// Passepartout`
			`//`
			`// Created by Davide De Rosa on 8/30/18.`
Update copyright 2019-03-09 10:44:44 +00:00			`// Copyright (c) 2019 Davide De Rosa. All rights reserved.`
Initial commit 2018-10-11 07:13:19 +00:00			`//`
Update GitHub URL in license preamble 2018-11-03 21:33:30 +00:00			`// https://github.com/passepartoutvpn`
Initial commit 2018-10-11 07:13:19 +00:00			`//`
			`// This file is part of Passepartout.`
			`//`
			`// Passepartout is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// Passepartout is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with Passepartout. If not, see <http://www.gnu.org/licenses/>.`
			`//`

			`import Foundation`
			`import TunnelKit`

			`// supports a subset of TunnelKitProvider.Configuration`
			`// ignores new JSON keys`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public struct InfrastructurePreset: Codable {`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`public enum ExternalKey: String, Codable {`
			`case ca`

			`case client`

			`case key`

			`case wrapKeyData = "wrap.key.data"`
			`}`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public enum PresetKeys: String, CodingKey {`
Initial commit 2018-10-11 07:13:19 +00:00			`case id`

			`case name`

			`case comment`

			`case configuration = "cfg"`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00
			`case external`
Initial commit 2018-10-11 07:13:19 +00:00			`}`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public enum ConfigurationKeys: String, CodingKey {`
Initial commit 2018-10-11 07:13:19 +00:00			`case endpointProtocols = "ep"`

			`case cipher`

			`case digest = "auth"`

			`case ca`

			`case clientCertificate = "client"`

			`case clientKey = "key"`

			`case compressionFraming = "frame"`

Parse compression from infra preset 2019-03-25 22:39:23 +00:00			`case compressionAlgorithm = "compression"`

Initial commit 2018-10-11 07:13:19 +00:00			`case keepAliveSeconds = "ping"`

			`case renegotiatesAfterSeconds = "reneg"`
Add PIA patches support 2018-10-18 11:00:58 +00:00
Parse TLSWrap from infra preset "wrap" 2019-03-23 15:15:22 +00:00			`case tlsWrap = "wrap"`

Parse EKU validation from preset 2019-03-25 23:11:11 +00:00			`case checksEKU = "eku"`

Update TunnelKit for --remote-random 2019-03-25 09:34:57 +00:00			`case randomizeEndpoint = "random"`
Present DNS domain in configuration UI Fixes #48 2019-04-03 12:08:22 +00:00
			`case usesPIAPatches = "pia"`
Initial commit 2018-10-11 07:13:19 +00:00			`}`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public let id: String`
Initial commit 2018-10-11 07:13:19 +00:00
Make framework internal components public 2019-03-18 10:29:28 +00:00			`public let name: String`
Initial commit 2018-10-11 07:13:19 +00:00
Make framework internal components public 2019-03-18 10:29:28 +00:00			`public let comment: String`
Initial commit 2018-10-11 07:13:19 +00:00
Make framework internal components public 2019-03-18 10:29:28 +00:00			`public let configuration: TunnelKitProvider.Configuration`
Initial commit 2018-10-11 07:13:19 +00:00
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`public let external: [ExternalKey: String]?`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public func hasProtocol(_ proto: EndpointProtocol) -> Bool {`
Migrate to Swift 5 Last time was probably incomplete. 2019-04-11 14:51:03 +00:00			`return configuration.sessionConfiguration.endpointProtocols?.firstIndex(of: proto) != nil`
Initial commit 2018-10-11 07:13:19 +00:00			`}`

Inject external resources into configuration 2019-04-09 20:45:39 +00:00			`public func injectExternalConfiguration(_ configuration: inout TunnelKitProvider.ConfigurationBuilder, with name: Infrastructure.Name, pool: Pool) throws {`
			`guard let external = external, !external.isEmpty else {`
			`return`
			`}`

			`let baseURL = name.externalURL`

			`var sessionBuilder = configuration.sessionConfiguration.builder()`
			`if let pattern = external[.ca] {`
			`let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)`
			`let caURL = baseURL.appendingPathComponent(filename)`
			`sessionBuilder.ca = CryptoContainer(pem: try String(contentsOf: caURL))`
			`}`
			`if let pattern = external[.wrapKeyData] {`
			`let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)`
			`let tlsKeyURL = baseURL.appendingPathComponent(filename)`
			`if let dummyWrap = sessionBuilder.tlsWrap {`
			`let file = try String(contentsOf: tlsKeyURL)`
			`if let staticKey = StaticKey(file: file, direction: .client) {`
			`sessionBuilder.tlsWrap = SessionProxy.TLSWrap(strategy: dummyWrap.strategy, key: staticKey)`
			`}`
			`}`
			`}`
			`configuration.sessionConfiguration = sessionBuilder.build()`
			`}`

Initial commit 2018-10-11 07:13:19 +00:00			`// MARK: Codable`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public init(from decoder: Decoder) throws {`
Initial commit 2018-10-11 07:13:19 +00:00			`let container = try decoder.container(keyedBy: PresetKeys.self)`
			`id = try container.decode(String.self, forKey: .id)`
			`name = try container.decode(String.self, forKey: .name)`
			`comment = try container.decode(String.self, forKey: .comment)`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`if let rawExternal = try container.decodeIfPresent([String: String].self, forKey: .external) {`
			`var remapped: [ExternalKey: String] = [:]`
			`for entry in rawExternal {`
			`guard let key = ExternalKey(rawValue: entry.key) else {`
			`continue`
			`}`
			`remapped[key] = entry.value`
			`}`
			`external = remapped`
			`} else {`
			`external = nil`
			`}`
Initial commit 2018-10-11 07:13:19 +00:00
			`let cfgContainer = try container.nestedContainer(keyedBy: ConfigurationKeys.self, forKey: .configuration)`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`var sessionBuilder = SessionProxy.ConfigurationBuilder()`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`sessionBuilder.cipher = try cfgContainer.decode(SessionProxy.Cipher.self, forKey: .cipher)`
Initial commit 2018-10-11 07:13:19 +00:00			`if let digest = try cfgContainer.decodeIfPresent(SessionProxy.Digest.self, forKey: .digest) {`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`sessionBuilder.digest = digest`
Initial commit 2018-10-11 07:13:19 +00:00			`}`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`sessionBuilder.compressionFraming = try cfgContainer.decode(SessionProxy.CompressionFraming.self, forKey: .compressionFraming)`
Parse compression from infra preset 2019-03-25 22:39:23 +00:00			`sessionBuilder.compressionAlgorithm = try cfgContainer.decodeIfPresent(SessionProxy.CompressionAlgorithm.self, forKey: .compressionAlgorithm) ?? .disabled`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`sessionBuilder.ca = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .ca)`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`sessionBuilder.clientCertificate = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .clientCertificate)`
			`sessionBuilder.clientKey = try cfgContainer.decodeIfPresent(CryptoContainer.self, forKey: .clientKey)`
Parse TLSWrap from infra preset "wrap" 2019-03-23 15:15:22 +00:00			`sessionBuilder.tlsWrap = try cfgContainer.decodeIfPresent(SessionProxy.TLSWrap.self, forKey: .tlsWrap)`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`sessionBuilder.keepAliveInterval = try cfgContainer.decodeIfPresent(TimeInterval.self, forKey: .keepAliveSeconds)`
			`sessionBuilder.renegotiatesAfter = try cfgContainer.decodeIfPresent(TimeInterval.self, forKey: .renegotiatesAfterSeconds)`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`sessionBuilder.endpointProtocols = try cfgContainer.decode([EndpointProtocol].self, forKey: .endpointProtocols)`
Parse EKU validation from preset 2019-03-25 23:11:11 +00:00			`sessionBuilder.checksEKU = try cfgContainer.decodeIfPresent(Bool.self, forKey: .checksEKU) ?? false`
Update TunnelKit for --remote-random 2019-03-25 09:34:57 +00:00			`sessionBuilder.randomizeEndpoint = try cfgContainer.decodeIfPresent(Bool.self, forKey: .randomizeEndpoint) ?? false`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`sessionBuilder.usesPIAPatches = try cfgContainer.decodeIfPresent(Bool.self, forKey: .usesPIAPatches) ?? false`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`let builder = TunnelKitProvider.ConfigurationBuilder(sessionConfiguration: sessionBuilder.build())`
Initial commit 2018-10-11 07:13:19 +00:00			`configuration = builder.build()`
			`}`

Make framework internal components public 2019-03-18 10:29:28 +00:00			`public func encode(to encoder: Encoder) throws {`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`guard let ca = configuration.sessionConfiguration.ca else {`
			`fatalError("Could not encode nil ca")`
			`}`
			`guard let endpointProtocols = configuration.sessionConfiguration.endpointProtocols else {`
			`fatalError("Could not encode nil endpointProtocols")`
			`}`

Initial commit 2018-10-11 07:13:19 +00:00			`var container = encoder.container(keyedBy: PresetKeys.self)`
			`try container.encode(id, forKey: .id)`
			`try container.encode(name, forKey: .name)`
			`try container.encode(comment, forKey: .comment)`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`try container.encodeIfPresent(external, forKey: .external)`
Initial commit 2018-10-11 07:13:19 +00:00
			`var cfgContainer = container.nestedContainer(keyedBy: ConfigurationKeys.self, forKey: .configuration)`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`try cfgContainer.encode(configuration.sessionConfiguration.cipher, forKey: .cipher)`
			`try cfgContainer.encode(configuration.sessionConfiguration.digest, forKey: .digest)`
			`try cfgContainer.encode(configuration.sessionConfiguration.compressionFraming, forKey: .compressionFraming)`
Parse compression from infra preset 2019-03-25 22:39:23 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.compressionAlgorithm, forKey: .compressionAlgorithm)`
Signal externally loaded preset resources Via "external" array. The following fields can be external: - CA - Client certificate/key - TLS key Make CA therefore optional in preset. 2019-04-09 20:44:28 +00:00			`try cfgContainer.encodeIfPresent(ca, forKey: .ca)`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.clientCertificate, forKey: .clientCertificate)`
			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.clientKey, forKey: .clientKey)`
Parse TLSWrap from infra preset "wrap" 2019-03-23 15:15:22 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.tlsWrap, forKey: .tlsWrap)`
Upgrade TunnelKit with configuration refactoring 2018-10-25 18:08:22 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.keepAliveInterval, forKey: .keepAliveSeconds)`
			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.renegotiatesAfter, forKey: .renegotiatesAfterSeconds)`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`try cfgContainer.encode(endpointProtocols, forKey: .endpointProtocols)`
Parse EKU validation from preset 2019-03-25 23:11:11 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.checksEKU, forKey: .checksEKU)`
Update TunnelKit for --remote-random 2019-03-25 09:34:57 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.randomizeEndpoint, forKey: .randomizeEndpoint)`
Upgrade to TunnelKit 1.6.0 - Make cipher/digest/compressionFraming optional - Move endpointProtocols inside SessionProxy.Configuration - Rename OptionsError to ConfigurationError 2019-04-04 09:21:51 +00:00			`try cfgContainer.encodeIfPresent(configuration.sessionConfiguration.usesPIAPatches, forKey: .usesPIAPatches)`
Initial commit 2018-10-11 07:13:19 +00:00			`}`
			`}`