passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add OpenVPN dataCiphers field

This commit is contained in:
Davide De Rosa 2021-01-03 00:44:42 +01:00
parent e6a0622cc2
commit 119d2f02e4
2 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
TunnelKit/Sources/Protocols/OpenVPN/Configuration.swift
View File

@ -178,6 +178,9 @@ extension OpenVPN {
/// The cipher algorithm for data encryption. /// The cipher algorithm for data encryption.
public var cipher: Cipher? public var cipher: Cipher?
/// The set of supported cipher algorithms for data encryption (2.5.).
public var dataCiphers: [Cipher]?
/// The digest algorithm for HMAC. /// The digest algorithm for HMAC.
public var digest: Digest? public var digest: Digest?
@ -298,6 +301,7 @@ extension OpenVPN {
public func build() -> Configuration { public func build() -> Configuration {
return Configuration( return Configuration(
cipher: cipher, cipher: cipher,
dataCiphers: dataCiphers,
digest: digest, digest: digest,
compressionFraming: compressionFraming, compressionFraming: compressionFraming,
compressionAlgorithm: compressionAlgorithm, compressionAlgorithm: compressionAlgorithm,
@ -355,6 +359,9 @@ extension OpenVPN {
/// - Seealso: `ConfigurationBuilder.cipher` /// - Seealso: `ConfigurationBuilder.cipher`
public let cipher: Cipher? public let cipher: Cipher?
/// - Seealso: `ConfigurationBuilder.dataCiphers`
public let dataCiphers: [Cipher]?
/// - Seealso: `ConfigurationBuilder.digest` /// - Seealso: `ConfigurationBuilder.digest`
public let digest: Digest? public let digest: Digest?
@ -476,6 +483,7 @@ extension OpenVPN.Configuration {
public func builder() -> OpenVPN.ConfigurationBuilder { public func builder() -> OpenVPN.ConfigurationBuilder {
var builder = OpenVPN.ConfigurationBuilder() var builder = OpenVPN.ConfigurationBuilder()
builder.cipher = cipher builder.cipher = cipher
builder.dataCiphers = dataCiphers
builder.digest = digest builder.digest = digest
builder.compressionFraming = compressionFraming builder.compressionFraming = compressionFraming
builder.compressionAlgorithm = compressionAlgorithm builder.compressionAlgorithm = compressionAlgorithm

23
TunnelKit/Sources/Protocols/OpenVPN/ConfigurationParser.swift
View File

@ -42,6 +42,8 @@ extension OpenVPN {
static let cipher = NSRegularExpression("^cipher +[^,\\s]+") static let cipher = NSRegularExpression("^cipher +[^,\\s]+")
static let dataCiphers = NSRegularExpression("^(data-ciphers|ncp-ciphers) +[^,\\s]+(:[^,\\s]+)*")
static let auth = NSRegularExpression("^auth +[\\w\\-]+") static let auth = NSRegularExpression("^auth +[\\w\\-]+")
static let compLZO = NSRegularExpression("^comp-lzo.*") static let compLZO = NSRegularExpression("^comp-lzo.*")
@ -199,6 +201,7 @@ extension OpenVPN {
var currentBlockName: String? var currentBlockName: String?
var currentBlock: [String] = [] var currentBlock: [String] = []
var optDataCiphers: [Cipher]?
var optCipher: Cipher? var optCipher: Cipher?
var optDigest: Digest? var optDigest: Digest?
var optCompressionFraming: CompressionFraming? var optCompressionFraming: CompressionFraming?
@ -345,8 +348,19 @@ extension OpenVPN {
return return
} }
optCipher = Cipher(rawValue: rawValue.uppercased()) optCipher = Cipher(rawValue: rawValue.uppercased())
if optCipher == nil { }
unsupportedError = ConfigurationError.unsupportedConfiguration(option: "cipher \(rawValue)") Regex.dataCiphers.enumerateArguments(in: line) {
isHandled = true
guard let rawValue = $0.first else {
return
}
let rawCiphers = rawValue.components(separatedBy: ":")
optDataCiphers = []
rawCiphers.forEach {
guard let cipher = Cipher(rawValue: $0.uppercased()) else {
return
}
optDataCiphers?.append(cipher)
} }
} }
Regex.auth.enumerateArguments(in: line) { Regex.auth.enumerateArguments(in: line) {
@ -610,8 +624,8 @@ extension OpenVPN {
guard let _ = optCA else { guard let _ = optCA else {
throw ConfigurationError.missingConfiguration(option: "ca") throw ConfigurationError.missingConfiguration(option: "ca")
} }
guard let _ = optCipher else { guard optCipher != nil || !(optDataCiphers?.isEmpty ?? false) else {
throw ConfigurationError.missingConfiguration(option: "cipher") throw ConfigurationError.missingConfiguration(option: "cipher or data-ciphers")
} }
} }
@ -622,6 +636,7 @@ extension OpenVPN {
// MARK: General // MARK: General
sessionBuilder.cipher = optCipher sessionBuilder.cipher = optCipher
sessionBuilder.dataCiphers = optDataCiphers
sessionBuilder.digest = optDigest sessionBuilder.digest = optDigest
sessionBuilder.compressionFraming = optCompressionFraming sessionBuilder.compressionFraming = optCompressionFraming
sessionBuilder.compressionAlgorithm = optCompressionAlgorithm sessionBuilder.compressionAlgorithm = optCompressionAlgorithm