passepartout-apple/Passepartout/Tunnel/PacketTunnelProvider.swift

//
//  PacketTunnelProvider.swift
//  Passepartout
//
//  Created by Davide De Rosa on 2/24/24.
//  Copyright (c) 2024 Davide De Rosa. All rights reserved.
//
//  https://github.com/passepartoutvpn
//
//  This file is part of Passepartout.
//
//  Passepartout is free software: you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  (at your option) any later version.
//
//  Passepartout is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with Passepartout.  If not, see <http://www.gnu.org/licenses/>.
//

import CommonLibrary
@preconcurrency import NetworkExtension
import PassepartoutKit

final class PacketTunnelProvider: NEPacketTunnelProvider, @unchecked Sendable {
    private var fwd: NEPTPForwarder?

    override func startTunnel(options: [String: NSObject]? = nil) async throws {
        PassepartoutConfiguration.shared.configureLogging(
            to: BundleConfiguration.urlForTunnelLog,
            parameters: Constants.shared.log,
            logsPrivateData: UserDefaults.appGroup.bool(forKey: AppPreference.logsPrivateData.key)
        )
        do {
            fwd = try await NEPTPForwarder(
                provider: self,
                decoder: Registry.sharedProtocolCoder,
                registry: .shared,
                environment: .shared
            )
            if let expirationDate = fwd?.profile.attributes.expirationDate {
                try checkExpirationDate(expirationDate, environment: .shared)
            }
            try await fwd?.startTunnel(options: options)
        } catch {
            pp_log(.app, .fault, "Unable to start tunnel: \(error)")
            PassepartoutConfiguration.shared.flushLog()
            throw error
        }
    }

    override func stopTunnel(with reason: NEProviderStopReason) async {
        await fwd?.stopTunnel(with: reason)
        fwd = nil
        PassepartoutConfiguration.shared.flushLog()
    }

    override func cancelTunnelWithError(_ error: (any Error)?) {
        PassepartoutConfiguration.shared.flushLog()
        super.cancelTunnelWithError(error)
    }

    override func handleAppMessage(_ messageData: Data) async -> Data? {
        await fwd?.handleAppMessage(messageData)
    }

    override func wake() {
        fwd?.wake()
    }

    override func sleep() async {
        await fwd?.sleep()
    }
}

private extension PacketTunnelProvider {
    func checkExpirationDate(_ expirationDate: Date, environment: TunnelEnvironment) throws {
        let error = PassepartoutError(.App.expiredProfile)

        // already expired?
        let delay = Int(expirationDate.timeIntervalSinceNow)
        if delay < .zero {
            pp_log(.app, .error, "Tunnel expired on \(expirationDate)")
            environment.setEnvironmentValue(error.code, forKey: TunnelEnvironmentKeys.lastErrorCode)
            throw error
        }

        // schedule connection expiration
        Task { [weak self] in
            pp_log(.app, .notice, "Schedule tunnel expiration on \(expirationDate) (\(delay) seconds from now)")
            try? await Task.sleep(for: .seconds(delay))
            pp_log(.app, .error, "Tunnel expired on \(expirationDate)")
            environment.setEnvironmentValue(error.code, forKey: TunnelEnvironmentKeys.lastErrorCode)
            self?.cancelTunnelWithError(error)
        }
    }
}
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`//`
			`// PacketTunnelProvider.swift`
			`// Passepartout`
			`//`
			`// Created by Davide De Rosa on 2/24/24.`
			`// Copyright (c) 2024 Davide De Rosa. All rights reserved.`
			`//`
			`// https://github.com/passepartoutvpn`
			`//`
			`// This file is part of Passepartout.`
			`//`
			`// Passepartout is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// Passepartout is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with Passepartout. If not, see <http://www.gnu.org/licenses/>.`
			`//`

			`import CommonLibrary`
			`@preconcurrency import NetworkExtension`
			`import PassepartoutKit`

			`final class PacketTunnelProvider: NEPacketTunnelProvider, @unchecked Sendable {`
			`private var fwd: NEPTPForwarder?`

			`override func startTunnel(options: [String: NSObject]? = nil) async throws {`
Refactor static functions/entities in Library (#679) Reduce the impact of hidden dependencies on BundleConfiguration and Constants.shared Fixes #656 2024-10-04 07:58:42 +00:00			`PassepartoutConfiguration.shared.configureLogging(`
Decouple Constants from BundleConfiguration (#635) Fixes #619 2024-09-28 17:05:47 +00:00			`to: BundleConfiguration.urlForTunnelLog,`
Refactor static functions/entities in Library (#679) Reduce the impact of hidden dependencies on BundleConfiguration and Constants.shared Fixes #656 2024-10-04 07:58:42 +00:00			`parameters: Constants.shared.log,`
			`logsPrivateData: UserDefaults.appGroup.bool(forKey: AppPreference.logsPrivateData.key)`
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`)`
			`do {`
Provider configuration is persisted into module (#730) When e.g. a OpenVPNModule is created without a configuration and a provider/server is then selected, the ProfileProcessor class serializes the profile with the provider configuration injected. When the module is re-edited, we can see the provider server configuration in the module after selecting "None" as provider. Instead, validate the provider modules in ProfileProcessor, but generate the provider configuration on the fly in the tunnel. 2024-10-12 11:19:46 +00:00			`fwd = try await NEPTPForwarder(`
			`provider: self,`
			`decoder: Registry.sharedProtocolCoder,`
			`registry: .shared,`
			`environment: .shared`
			`)`
Implement TV profile expiration (#811) Based on in-app eligibility, expire TV profiles after 10 minutes. Refactor/redesign general sections and offer .sharing feature for free, it makes it simpler to focus on Apple TV product. 2024-11-05 09:03:54 +00:00			`if let expirationDate = fwd?.profile.attributes.expirationDate {`
			`try checkExpirationDate(expirationDate, environment: .shared)`
			`}`
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`try await fwd?.startTunnel(options: options)`
			`} catch {`
Provider configuration is persisted into module (#730) When e.g. a OpenVPNModule is created without a configuration and a provider/server is then selected, the ProfileProcessor class serializes the profile with the provider configuration injected. When the module is re-edited, we can see the provider server configuration in the module after selecting "None" as provider. Instead, validate the provider modules in ProfileProcessor, but generate the provider configuration on the fly in the tunnel. 2024-10-12 11:19:46 +00:00			`pp_log(.app, .fault, "Unable to start tunnel: \(error)")`
Refactor static functions/entities in Library (#679) Reduce the impact of hidden dependencies on BundleConfiguration and Constants.shared Fixes #656 2024-10-04 07:58:42 +00:00			`PassepartoutConfiguration.shared.flushLog()`
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`throw error`
			`}`
			`}`

			`override func stopTunnel(with reason: NEProviderStopReason) async {`
			`await fwd?.stopTunnel(with: reason)`
			`fwd = nil`
Refactor static functions/entities in Library (#679) Reduce the impact of hidden dependencies on BundleConfiguration and Constants.shared Fixes #656 2024-10-04 07:58:42 +00:00			`PassepartoutConfiguration.shared.flushLog()`
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`}`

			`override func cancelTunnelWithError(_ error: (any Error)?) {`
Refactor static functions/entities in Library (#679) Reduce the impact of hidden dependencies on BundleConfiguration and Constants.shared Fixes #656 2024-10-04 07:58:42 +00:00			`PassepartoutConfiguration.shared.flushLog()`
Import v3 code (#597) Closes #565 2024-09-23 13:02:26 +00:00			`super.cancelTunnelWithError(error)`
			`}`

			`override func handleAppMessage(_ messageData: Data) async -> Data? {`
			`await fwd?.handleAppMessage(messageData)`
			`}`

			`override func wake() {`
			`fwd?.wake()`
			`}`

			`override func sleep() async {`
			`await fwd?.sleep()`
			`}`
			`}`
Implement TV profile expiration (#811) Based on in-app eligibility, expire TV profiles after 10 minutes. Refactor/redesign general sections and offer .sharing feature for free, it makes it simpler to focus on Apple TV product. 2024-11-05 09:03:54 +00:00
			`private extension PacketTunnelProvider {`
			`func checkExpirationDate(_ expirationDate: Date, environment: TunnelEnvironment) throws {`
			`let error = PassepartoutError(.App.expiredProfile)`

			`// already expired?`
			`let delay = Int(expirationDate.timeIntervalSinceNow)`
			`if delay < .zero {`
			`pp_log(.app, .error, "Tunnel expired on \(expirationDate)")`
			`environment.setEnvironmentValue(error.code, forKey: TunnelEnvironmentKeys.lastErrorCode)`
			`throw error`
			`}`

			`// schedule connection expiration`
			`Task { [weak self] in`
			`pp_log(.app, .notice, "Schedule tunnel expiration on \(expirationDate) (\(delay) seconds from now)")`
			`try? await Task.sleep(for: .seconds(delay))`
			`pp_log(.app, .error, "Tunnel expired on \(expirationDate)")`
			`environment.setEnvironmentValue(error.code, forKey: TunnelEnvironmentKeys.lastErrorCode)`
			`self?.cancelTunnelWithError(error)`
			`}`
			`}`
			`}`