From 4774c2705f897c0dd7fae8a31ea2d55ee45f013c Mon Sep 17 00:00:00 2001 From: Davide De Rosa Date: Thu, 18 Oct 2018 10:23:46 +0200 Subject: [PATCH] Raise exception on unrecognized option values Do not fall back when an unhandled value is found in: - cipher - auth - proto Falling back to a default value here would break the data connection most of the time. --- .../VPN/TunnelKitProvider+FileConfiguration.swift | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Passepartout/Sources/VPN/TunnelKitProvider+FileConfiguration.swift b/Passepartout/Sources/VPN/TunnelKitProvider+FileConfiguration.swift index 68624189..d93bbe5d 100644 --- a/Passepartout/Sources/VPN/TunnelKitProvider+FileConfiguration.swift +++ b/Passepartout/Sources/VPN/TunnelKitProvider+FileConfiguration.swift @@ -132,6 +132,9 @@ extension TunnelKitProvider.Configuration { return } defaultProto = TunnelKitProvider.SocketType(protoString: str) + if defaultProto == nil { + unsupportedError = ApplicationError.unsupportedConfiguration(option: "proto \(str)") + } } Regex.port.enumerateArguments(in: line) { guard let str = $0.first else { @@ -158,12 +161,18 @@ extension TunnelKitProvider.Configuration { return } cipher = SessionProxy.Cipher(rawValue: rawValue.uppercased()) + if cipher == nil { + unsupportedError = ApplicationError.unsupportedConfiguration(option: "cipher \(rawValue)") + } } Regex.auth.enumerateArguments(in: line) { guard let rawValue = $0.first else { return } digest = SessionProxy.Digest(rawValue: rawValue.uppercased()) + if digest == nil { + unsupportedError = ApplicationError.unsupportedConfiguration(option: "auth \(rawValue)") + } } Regex.compLZO.enumerateComponents(in: line) { _ in compressionFraming = .compLZO