Inject external resources into configuration

This commit is contained in:
Davide De Rosa 2019-04-09 22:45:39 +02:00
parent 8373fc3975
commit 922a715bfd
4 changed files with 39 additions and 1 deletions

View File

@ -73,6 +73,8 @@ public class GroupConstants {
try? FileManager.default.createDirectory(at: url, withIntermediateDirectories: true, attributes: nil)
return url
}()
public static let externalURL = cachesURL.appendingPathComponent("External")
}
public class VPN {

View File

@ -120,6 +120,12 @@ public class ProviderConnectionProfile: ConnectionProfile, Codable, Equatable {
builder.shouldDebug = configuration.shouldDebug
builder.debugLogFormat = configuration.debugLogFormat
builder.masksPrivateData = configuration.masksPrivateData
do {
try preset.injectExternalConfiguration(&builder, with: name, pool: pool)
} catch {
fatalError("Could not find external preset resources")
}
if let address = manualAddress {
builder.prefersResolvedAddresses = true
@ -137,7 +143,7 @@ public class ProviderConnectionProfile: ConnectionProfile, Codable, Equatable {
} else {
// restrict "Any" protocol to UDP, unless there are no UDP endpoints
let allEndpoints = preset.configuration.sessionConfiguration.endpointProtocols
let allEndpoints = builder.sessionConfiguration.endpointProtocols
var endpoints = allEndpoints?.filter { $0.socketType == .udp }
if endpoints?.isEmpty ?? true {
endpoints = allEndpoints

View File

@ -42,6 +42,10 @@ public struct Infrastructure: Codable {
return rawValue.lowercased()
}
public var externalURL: URL {
return GroupConstants.App.externalURL.appendingPathComponent(webName)
}
public static func <(lhs: Name, rhs: Name) -> Bool {
return lhs.webName < rhs.webName
}

View File

@ -96,6 +96,32 @@ public struct InfrastructurePreset: Codable {
return configuration.sessionConfiguration.endpointProtocols?.firstIndex(of: proto) != nil
}
public func injectExternalConfiguration(_ configuration: inout TunnelKitProvider.ConfigurationBuilder, with name: Infrastructure.Name, pool: Pool) throws {
guard let external = external, !external.isEmpty else {
return
}
let baseURL = name.externalURL
var sessionBuilder = configuration.sessionConfiguration.builder()
if let pattern = external[.ca] {
let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)
let caURL = baseURL.appendingPathComponent(filename)
sessionBuilder.ca = CryptoContainer(pem: try String(contentsOf: caURL))
}
if let pattern = external[.wrapKeyData] {
let filename = pattern.replacingOccurrences(of: "${id}", with: pool.id)
let tlsKeyURL = baseURL.appendingPathComponent(filename)
if let dummyWrap = sessionBuilder.tlsWrap {
let file = try String(contentsOf: tlsKeyURL)
if let staticKey = StaticKey(file: file, direction: .client) {
sessionBuilder.tlsWrap = SessionProxy.TLSWrap(strategy: dummyWrap.strategy, key: staticKey)
}
}
}
configuration.sessionConfiguration = sessionBuilder.build()
}
// MARK: Codable
public init(from decoder: Decoder) throws {