passepartout-apple/PassepartoutLibrary/Sources/PassepartoutVPN/Managers/VPNManager+Configuration.swift

//
//  VPNManager+Configuration.swift
//  Passepartout
//
//  Created by Davide De Rosa on 3/12/22.
//  Copyright (c) 2022 Davide De Rosa. All rights reserved.
//
//  https://github.com/passepartoutvpn
//
//  This file is part of Passepartout.
//
//  Passepartout is free software: you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  (at your option) any later version.
//
//  Passepartout is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with Passepartout.  If not, see <http://www.gnu.org/licenses/>.
//

import Foundation
import PassepartoutCore
import PassepartoutUtils

extension VPNManager {
    var vpnPreferences: VPNPreferences {
        DefaultVPNPreferences(
            tunnelLogPath: tunnelLogPath,
            tunnelLogFormat: tunnelLogFormat,
            masksPrivateData: masksPrivateData
        )
    }
    
    func vpnConfigurationWithCurrentProfile() -> VPNConfiguration? {
        do {
            guard profileManager.isCurrentProfileActive() else {
                pp_log.info("Skipping VPN configuration, current profile is not active")
                return nil
            }
            return try vpnConfiguration(withProfile: profileManager.currentProfile.value)
        } catch {
            return nil
        }
    }

    func vpnConfiguration(withProfile profile: Profile) throws -> VPNConfiguration {
        do {
            if profile.requiresCredentials {
                guard !profile.account.isEmpty else {
                    throw PassepartoutError.missingAccount
                }
            }
            
            // specific provider customizations
            var newPassword: String?
            if let providerName = profile.providerName {
                switch providerName {
                case .mullvad:
                    newPassword = "m"
                    
                default:
                    break
                }
            }
            
            // IMPORTANT: must commit password to keychain (tunnel needs a password reference)
            profileManager.savePassword(forProfile: profile, newPassword: newPassword)

            let parameters = VPNConfigurationParameters(
                profile,
                appGroup: appGroup,
                preferences: vpnPreferences,
                passwordReference: profileManager.passwordReference(forProfile: profile),
                withNetworkSettings: isNetworkSettingsSupported(),
                withCustomRules: isOnDemandRulesSupported()
            )

            switch profile.currentVPNProtocol {
            case .openVPN:
                let settings: Profile.OpenVPNSettings
                if profile.isProvider {
                    settings = try profile.providerOpenVPNSettings(withManager: providerManager)
                } else {
                    guard let hostSettings = profile.hostOpenVPNSettings else {
                        fatalError("Profile currentVPNProtocol is OpenVPN, but host has no OpenVPN settings")
                    }
                    settings = hostSettings
                }
                return try settings.vpnConfiguration(parameters)

            case .wireGuard:
                let settings: Profile.WireGuardSettings
                if profile.isProvider {
                    settings = try profile.providerWireGuardSettings(withManager: providerManager)
                } else {
                    guard let hostSettings = profile.hostWireGuardSettings else {
                        fatalError("Profile currentVPNProtocol is WireGuard, but host has no WireGuard settings")
                    }
                    settings = hostSettings
                }
                return try settings.vpnConfiguration(parameters)
            }
        } catch {
            pp_log.error("Unable to build VPNConfiguration: \(error)")

            // UI is certainly interested in configuration errors
            configurationError.send((profile, error))

            throw error
        }
    }
}
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`//`
Revert to concrete-only managers Abstraction was overcomplicated. Strategy pattern is enough. 2022-08-28 07:19:15 +00:00			`// VPNManager+Configuration.swift`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`// Passepartout`
			`//`
			`// Created by Davide De Rosa on 3/12/22.`
			`// Copyright (c) 2022 Davide De Rosa. All rights reserved.`
			`//`
			`// https://github.com/passepartoutvpn`
			`//`
			`// This file is part of Passepartout.`
			`//`
			`// Passepartout is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// Passepartout is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with Passepartout. If not, see <http://www.gnu.org/licenses/>.`
			`//`

			`import Foundation`
Refactor library into domain + impl 2022-06-23 21:31:01 +00:00			`import PassepartoutCore`
			`import PassepartoutUtils`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
Revert to concrete-only managers Abstraction was overcomplicated. Strategy pattern is enough. 2022-08-28 07:19:15 +00:00			`extension VPNManager {`
Decouple VPNManager from TunnelKit (#248) * Drop VPNManager dependency on TunnelKit * Hook .masksPrivateData to preferences updates 2022-11-10 06:42:08 +00:00			`var vpnPreferences: VPNPreferences {`
Persist managers state to generic key-value store Move all persisted state out of AppManager to where it really belongs. To do that, inject a shared KeyValueStore object into managers that need to persist part of their state in a strongly typed manner. Below are persisted states: - PersistenceManager - persistenceAuthor - ProfileManager - activeProfileId - UpgradeManager (formerly AppManager) - didMigrateToV2 (migrate former value) - VPNManager - tunnelLogFormat - masksPrivateData A similar approach is used for app-specific preferences, by using a strongly typed enum (AppPreference) together with SwiftUI @AppStorage property wrapper. Worth moving logging logic into a specific LogManager. Finally, drop any former view dependency on AppManager, as states are now accessed through specific managers. 2022-06-15 18:53:37 +00:00			`DefaultVPNPreferences(`
Update TunnelKit - Set explicit tunnel log path - OpenSSL 1.1.1o 2022-06-17 06:27:56 +00:00			`tunnelLogPath: tunnelLogPath,`
Persist managers state to generic key-value store Move all persisted state out of AppManager to where it really belongs. To do that, inject a shared KeyValueStore object into managers that need to persist part of their state in a strongly typed manner. Below are persisted states: - PersistenceManager - persistenceAuthor - ProfileManager - activeProfileId - UpgradeManager (formerly AppManager) - didMigrateToV2 (migrate former value) - VPNManager - tunnelLogFormat - masksPrivateData A similar approach is used for app-specific preferences, by using a strongly typed enum (AppPreference) together with SwiftUI @AppStorage property wrapper. Worth moving logging logic into a specific LogManager. Finally, drop any former view dependency on AppManager, as states are now accessed through specific managers. 2022-06-15 18:53:37 +00:00			`tunnelLogFormat: tunnelLogFormat,`
			`masksPrivateData: masksPrivateData`
			`)`
			`}`

Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`func vpnConfigurationWithCurrentProfile() -> VPNConfiguration? {`
			`do {`
			`guard profileManager.isCurrentProfileActive() else {`
			`pp_log.info("Skipping VPN configuration, current profile is not active")`
			`return nil`
			`}`
			`return try vpnConfiguration(withProfile: profileManager.currentProfile.value)`
			`} catch {`
			`return nil`
			`}`
			`}`

			`func vpnConfiguration(withProfile profile: Profile) throws -> VPNConfiguration {`
			`do {`
			`if profile.requiresCredentials {`
			`guard !profile.account.isEmpty else {`
			`throw PassepartoutError.missingAccount`
			`}`
			`}`

Override Mullvad password (#233) Set "m" as per official documentation: https://mullvad.net/en/help/installing-mullvad-iphone-and-ipad/ 2022-10-15 14:44:48 +00:00			`// specific provider customizations`
			`var newPassword: String?`
			`if let providerName = profile.providerName {`
			`switch providerName {`
			`case .mullvad:`
			`newPassword = "m"`

			`default:`
			`break`
			`}`
			`}`

Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`// IMPORTANT: must commit password to keychain (tunnel needs a password reference)`
Override Mullvad password (#233) Set "m" as per official documentation: https://mullvad.net/en/help/installing-mullvad-iphone-and-ipad/ 2022-10-15 14:44:48 +00:00			`profileManager.savePassword(forProfile: profile, newPassword: newPassword)`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
			`let parameters = VPNConfigurationParameters(`
			`profile,`
Refactor library into domain + impl 2022-06-23 21:31:01 +00:00			`appGroup: appGroup,`
Persist managers state to generic key-value store Move all persisted state out of AppManager to where it really belongs. To do that, inject a shared KeyValueStore object into managers that need to persist part of their state in a strongly typed manner. Below are persisted states: - PersistenceManager - persistenceAuthor - ProfileManager - activeProfileId - UpgradeManager (formerly AppManager) - didMigrateToV2 (migrate former value) - VPNManager - tunnelLogFormat - masksPrivateData A similar approach is used for app-specific preferences, by using a strongly typed enum (AppPreference) together with SwiftUI @AppStorage property wrapper. Worth moving logging logic into a specific LogManager. Finally, drop any former view dependency on AppManager, as states are now accessed through specific managers. 2022-06-15 18:53:37 +00:00			`preferences: vpnPreferences,`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`passwordReference: profileManager.passwordReference(forProfile: profile),`
Lock network settings for builds >= 3000 2022-04-13 18:12:25 +00:00			`withNetworkSettings: isNetworkSettingsSupported(),`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`withCustomRules: isOnDemandRulesSupported()`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`)`

			`switch profile.currentVPNProtocol {`
			`case .openVPN:`
			`let settings: Profile.OpenVPNSettings`
			`if profile.isProvider {`
			`settings = try profile.providerOpenVPNSettings(withManager: providerManager)`
			`} else {`
			`guard let hostSettings = profile.hostOpenVPNSettings else {`
Mitigate fatalError() in properties, fail gracefully Do not trigger fatalError() on properties too much because SwiftUI may read them at any unpredictable time. 2022-07-07 14:43:40 +00:00			`fatalError("Profile currentVPNProtocol is OpenVPN, but host has no OpenVPN settings")`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`}`
			`settings = hostSettings`
			`}`
Make network settings consistent - Group DNS "Enabled" and protocol into configuration - Make DNS servers / search domains optional - Make proxy bypass domains optional Also refine a comment about future on-demand. 2022-04-14 05:24:03 +00:00			`return try settings.vpnConfiguration(parameters)`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
			`case .wireGuard:`
			`let settings: Profile.WireGuardSettings`
			`if profile.isProvider {`
			`settings = try profile.providerWireGuardSettings(withManager: providerManager)`
			`} else {`
			`guard let hostSettings = profile.hostWireGuardSettings else {`
Mitigate fatalError() in properties, fail gracefully Do not trigger fatalError() on properties too much because SwiftUI may read them at any unpredictable time. 2022-07-07 14:43:40 +00:00			`fatalError("Profile currentVPNProtocol is WireGuard, but host has no WireGuard settings")`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`}`
			`settings = hostSettings`
			`}`
Make network settings consistent - Group DNS "Enabled" and protocol into configuration - Make DNS servers / search domains optional - Make proxy bypass domains optional Also refine a comment about future on-demand. 2022-04-14 05:24:03 +00:00			`return try settings.vpnConfiguration(parameters)`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`}`
			`} catch {`
			`pp_log.error("Unable to build VPNConfiguration: \(error)")`

			`// UI is certainly interested in configuration errors`
Handle configuration errors out of VPN status On configuration error, retain information about the profile that triggered the error. For now, present an alert, but with this information the UI can be easily changed later. 2022-05-20 06:29:14 +00:00			`configurationError.send((profile, error))`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
			`throw error`
			`}`
			`}`
			`}`